What are most used tools/utilities for Windows Server domains?

I was just wondering what most people here use as their go to tools/software in their business networks, regarding security, maintenance etc and of it’s value, whether it’s unmissable or just an extra.

I’m thinking about things like:

  • Ccleaner
  • Wireshark
  • Umbrella
  • Treesize
  • Clonezilla
    Or even things like OSSIM just to name a few things.

If you maintain fileservers, this is a must for me. Just to find out which user stored his 50G outlook profile on the terminalserver (again).

None of the others you mentioned see any use for me. I’d add a managable Antivirus, as Defender is still laking in that regard. We mostly use Sophos for that.

If you maintain a lot of servers, some kind of management for RDP Sessions is great to have. We use devolutions RDM for that with a central Database to update all Admins with new IP’s or logins. If you’re fewer people we had mremoteNG for several years without Problems.

Some kind of monitoring would be a good idea. We have a Nagios setup for that, but there are many options here. If you’re fancy, you can do some centralized Log file collection with an ELK stack or such.

Other than that, we basically use the tools every server has build in. MMC and that’s about it.

We are now testing batchpatch to automate Update installation. The jury is still out if it sees adoption, but it looks promising.

Edit: And a Backup solution. Depending on Virtual or Physical Infrastructure it’s typically Veeam or Veritas for us, but there are plenty of options out there.

FSRM can do that - automatically. Can also stop it happening in the first place :smiley: .

Set up file screens / scheduled reports for large files or “barred” files.

Nope to all of that outside of wireshark for very specific niches.

Relying on malware cleaning utilities indicates you’re failing at security. You should very rarely ever get malware on your client machines if they are kept updated, etc.

And if you do… nuke machine from orbit and re-image it (I don’t trust any malware removal tool to do a proper job - once a machine is compromised it is to never be trusted again IMHO).

Spending more and more time with powershell. PowerCLI for VMware admin as well.

tools i do actually use:

  • teamviewer
  • Skype for Business (can do remote assistance, etc. with it)
  • KeePass (cross platform password management)
  • Putty
  • Notepad++ (or Visual Studio Code, or Atom - anything other than notepad - it’s crap)

The Problem is, it often fails “ungracefully” for the user. Yes, it can stop that outlook archive from being created, but it can cause outlook to crash if that file can’t be written.
We do have quotas in place where usefull, but again, it’s often not the goal to have an error message apear for the user when there is no “error”. We mostly allow users to store what they want (as that’s what the server is for). Some users don’t use it at all and other extensively. And that’s fine.

We also preconfigure outlook to not use offline mode. But every now and then, someone slips through. Since we’re maintaining Servers for customers, it’s often in our interest for them to actually use the storage, as we can then sell them more :wink:

In that case, just set it up to report, rather than block.

You’ll get an email message that derp-user just saved a file there that they shouldn’t have, and can fix it in real time, rather than running out of space then running a scan :slight_smile:

1 Like

We do reporting with Nagios. In most cases it warns at 10% left. In 90% of cases it’s the customers obligation to clean up, so we don’t invest too much time into that.
It’s often just hard to distinguish. In general, storing your 50G outlook profile on the server is fine. We just need to know the biggest “problems” if we run out of space. Yes, that can be solved automatically, but maintaining that system and a ruleset that doesn’t produce to many false positives is more work than quickly looking at a server when it get’s full. Happens maybe once or twice a month with over 900 Servers we work with…

Yes!

Threw that out when Powershell and CMD started using proper openSSH.

100% agree

Really nice. I wrote some “Snapshot monitoring” scripts with that.

1 Like

Does included windows ssh support keys properly (e.g., ssh-keygen, keypair auth, etc.?). If so, one less thing to worry about…

edit:
just checked, looks like yes it does. or at least ssh-keygen.exe exists. Might need to take a proper look :+1:

Actually what i’m working on right now is a script to help automate cluster startup/shutdown a bit more intelligently than dumb re-start priorities in vSphere. I’m going to write it to be compatible with powershell core so it works on mac and linux too.

I’m going to use tags in vcenter, and then have the script reference a CSV file with the following fields:

Tag, Order, PerVMDelay

algorithm being:
look in CSV file for all the tags. sort them by order. then get list of VMs from VMware by each tag and start them with “PerVMDelay” seconds between each one.

e.g., re-start all DCs first, then DHCP servers, then SQL servers, then front end web servers, etc. etc.

I can just add tags to VMs as they are created or role changes, and then just update the CSV file with new tags as required.

Powershell really is getting to be a lot better now with the psgallery and powershell core being cross platform.

1 Like

Microsoft Assessment and Deployment Kit (ADK) and Microsoft Deployment Toolkit are invaluable if you are provisioning on-prem. Don’t be a point-and-click admin, automate your installation process and then use PowerShell DSC or Chef (or Ansible or Puppet…) to configure your servers.

https://docs.microsoft.com/en-us/windows-hardware/get-started/adk-install

https://www.microsoft.com/en-us/download/details.aspx?id=54259

https://docs.microsoft.com/en-us/powershell/scripting/dsc/getting-started/wingettingstarted?view=powershell-6

https://learn.chef.io/modules/learn-the-basics/windows#/

PowerShell is an awesome tool that is native to Windows. Learn to do basic cmdlets and then start writing scripts to automate your tasks. Don’t worry about being out of your league, start small and work your way up.

Everything done in the GUI on modern Windows is PowerShell on the backend. Don’t forget that. It will save your life one day™.

Windows Server Backup is a role/feature that is vital as well. I’ve restored Hyper-V and Active Directory using that tool.

If you work with SQL Server at all:

1 Like