• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL

Chapter 4. Windows XP Applications and Tools > Microsoft Management Console

Microsoft Management Console\windows\system32\mmc.exe

A single interface for dozens of administrative tools in Windows XP.

To Open

Start Programs Administrative Tools Computer Management

Command Prompt mmc


mmc filename [/a] [/64] [/32]


The Microsoft Management Console (MMC) is a host for most of the administrative tools that come with Windows XP (see Figure 4-51). Each of the tools that works with MMC is called a Snap-in; Several Snap-ins can be shown in MMC at any given time and appear as entries in the Explorer-style tree in the left pane.

Figure 4-51. The Microsoft Management Console houses many important troubleshooting and system-maintenance tools

A collection of one or more Snap-ins can be saved into a Console (.msc) file, which is a small file that simply lists Snap-ins to display in the Console window. Double-click any .msc file to open it in MMC. Windows XP ships with more than a dozen predefined Console files, and you can modify them (or even create your own) by adding or removing snap-ins or creating custom Taskpad Views — pages with lists of shortcuts to programs or other snap-ins.

There are about two dozen Snap-ins included in Windows XP. To add a Snap-in to the current Console file (select File New to start a new Console), go to File Add/Remove Snap-in, and click Add (see Figure 4-52). Then, choose one of the available Snap-ins (note that not all Snap-ins described here are available in all versions of Windows XP), and click Add to add it to the list in the previous Window. A wizard or other dialog may appear when certain items are added, used to configure this instance of the Snap-in being added; any preferences set here are saved into the Console file. You can continue to add additional items as needed; when you're done, click Close. Note that it's possible to add the same Snap-in more than once, so you may want to position the Windows side-by-side so you can see what has been installed.

Figure 4-52. Add tools to the current view by installing Snap-ins

Here are the Snap-ins included with Windows XP; most of the following are documented further in the Microsoft Management Console online help. Note that all Console (.msc) files mentioned are in the \windows\system32 folder unless otherwise mentioned.

ActiveX Control

Use this Snap-in to add an ActiveX control to your console file. Although Windows XP ships with many ActiveX controls, most of them aren't appropriate for MMC. More advanced users may wish to use this feature to create custom Snap-ins. Most users are likely to find the System Monitor Control to be the only useful ActiveX Snap-in included with Windows XP.


Installed by default in certmgr.msc.

Browse all the security certificates used by Internet Explorer and IIS, the web server included with Windows XP (Professional only).

Component Services

Installed by default in \windows\system32\com\comexp.msc.

Manage installed component object model (COM) components.

Computer Management

Installed by default in compmgmt.msc.

Computer Management doesn't have any functionality by itself; rather, it is a collection of the following thirteen Snap-ins: Event Viewer, Shared Folders, Local Users and Groups, Performance Logs and Alerts, Device Manager, Removable Storage, Disk Defragmenter, Disk Management, Services, WMI Control, Indexing Service, Message Queuing, and Internet Information Services.

Device Manager

Installed by default in devmgmt.msc and compmgmt.msc. See Device Manager, earlier in this chapter.

Disk Defragmenter

Installed by default in drfg.msc and compmgmt.msc. See Disk Defragmenter, earlier in this chapter.

Disk Management

Installed by default in diskmgmt.msc and compmgmt.msc.

The Disk Management Snap-in lists all the installed drives, including hard disks, CD drives, and other removable storage devices (floppies are not included). Right-click on any drive (except the one on which Windows is installed) to change its drive letter. Go to View Top and View Bottom to choose whether drives are viewed as disks (physical devices), volumes (local drives, including partitions), and disks using a graphical view. Disk Management also has the ability to create and delete partitions (see also DiskPart, earlier in this chapter), but cannot make any modifications that affect the volume on which Windows is installed. PartitionMagic (http://www.powerquest.com/) allows more complete control over the creation and modification of partitions.

Among the features of the Disk Management console is the ability to change drive letters of your CD or DVD drive, removable cartridge drive, and even hard disk partitions. Just right-click a volume in the upper pane (for hard disk partitions) or one of the large buttons on the left side of the lower pane (for CD drives and the like) and select Change Drive Letter and Paths. Then, click Change to choose a new drive letter. If there's a drive letter conflict, you may have to click Remove first, resolve the conflict, and then return to the Change Drive Letter and Paths dialog and click Add to choose a drive letter.

Event Viewer

Installed by default in eventvwr.msc and compmgmt.msc.

Views the three system event logs: Application, Security, and System. The Application log lists every application crash, status reports and warnings generated by services (see Services below), and other events logged by some applications. The Security log records events such as valid and invalid logon attempts, as well as events related to the use of shared resources. The system log contains events logged by Windows XP system components, such as driver failures and system startup errors.

A computer running Windows configured as a domain controller records events in two additional logs, Directory service and File Replication service. A computer running Windows configured as a Domain Name System (DNS) server records events in an additional log, DNS server.

Event Viewer logs contain five types of events: Errors (driver and service failures), Warnings (indications of possible future problems), Information entries (the successful operation of an application, driver, or service), and Success Audits and Failure Audits (audited security access attempts that succeed and fail, respectively).


A folder is used to organize Snap-ins in the tree display. To use a folder, first add it using the procedure explained above. Then, close the Add Standalone Snap-in dialog, select the new folder from the "Snap-ins added to" list, and click Add again; this time, added items will appear in the new folder. Unfortunately, you can't drag-drop items from one folder to another, so the only way to move an item is to remove it from one folder and then add it to another. Folders can be renamed only from the main MMC window.

FrontPage Server Extensions

This Snap-in is used to manage the various FrontPage Server extensions and their settings.

Group Policy (also known as Local Computer Policy)

Installed by default in gpedit.msc.

A collection of policy settings, controlling startup and shutdown scripts, security settings for Internet Explorer, and user account policies. Group Policy replaces the System Policy Editor found in earlier versions of Windows. See Chapter 3 for documentation on the settings in this Snap-in.

Indexing Service

Installed by default in ciadv.msc and compmgmt.msc.

The Indexing Service collects information from the documents on your hard disk and compiles a database used to enhance searches. The Indexing Service indexes .html files, .txt files, Microsoft Office documents, Internet mail and news, and any other document for which a document filter is available. The Indexing Service Snap-in allows you to manage the directories that are routinely scanned and query the database catalog.

Internet Information Services

Installed by default in compmgmt.msc and \windows\system32\inetsrv\iis.msc.

IIS is the Web/FTP/SMTP server built into Windows XP, and the Internet Information Services Snap-in allows you to administer the various functions associated with the server service. For example, you can configure how CGI scripts are running from web pages posted on the server.

IP Security Monitor

Monitor the IP Security status; see IP Security Policy Management, below, for more information.

IP Security Policy Management

Manage Internet Protocol Security (IPSec) policies for secure communication with other computers. IPSec can be thought of as a minimalistic firewall, allowing and disallowing certain communication over an Internet connection.

Link to Web Address

The Link to Web Address Snap-in allows you to insert, not surprisingly, the web site as an entry in the tree. For example, you may wish to include a link to a software downloads site, an HTTP-based administration page for a web site, or another troubleshooting web site, such as http://www.annoyances.org/.

Local Computer Policy

See "Group Policy (also known as Local Computer Policy)", above.

Local Users and Groups

Installed by default in lusrmgr.msc and compmgmt.msc.

This plug-in provides more advanced settings, using a simpler and more direct interface, than Control Panel User Accounts. Here, you can set preferences relating to the expiration of passwords, the assignment of certain users to groups, logon scripts, location of a user's home folder, and other advanced options.

Performance Logs and Alerts

Installed by default in perfmon.msc and compmgmt.msc.

Performance Logs and Alerts allow you to collect performance data automatically from certain applications, and then create logs that can be exported then analyzed. The applications, designed to generate performance logs, are typically associated with web servers when an administrator would need to know exactly how the system resources are being utilized at any given time. See Help for more information on setting up performance data.

Removable Storage Management

Installed by default in ntmsmgr.msc and compmgmt.msc.

The Removable Storage Management Snap-in enables you to the view all the devices that support removable media, such as CD and DVD drives, CD and DVD writers, tape drives, Zip drives, flash memory readers, and other similar devices. Removable Storage labels, catalogs, and tracks media and stores this information into libraries. Media Pools, collections of removable media to have the same management policies, are used to organize these libraries. For example, the catalogs in the Backup component rely on Removable Storage Management.

Resultant Set of Policy

Installed by default in rsop.msc.

This Snap-in allows you to view and change the policy settings for a particular user. See "Group Policy (also known as Local Computer Policy)", above, for more information.

Security Configuration and Analysis

This Snap-in is used to view and manage security databases for computers using Security Templates (see below) and is especially helpful for tracking changes to security.

Security Templates

Installed by default in secpol.msc.

Security Templates are used to create a security policy for computers. They are used mostly by administrators for Windows XP-based servers. See Help for detailed information.


Installed by default in services.msc and compmgmt.msc.

A service is a program that runs invisibly in the background, usually started when Windows starts. You can set up any program to run automatically when Windows starts by placing a shortcut in your Startup folder, but such a program would only be run when you log in. A service is run when Windows starts and is already running when the login prompt is shown. Windows XP comes with nearly 80 preinstalled services, some of which are active by default (called "Started" in the Services window), and some of which are not.

Double-click any service in the list to view its properties, such as its status (Started or Stopped), whether or not it's started automatically, under which user accounts it is enabled, what actions to take if the service encounters a problem, and which other components the service depends on (if any). Common services include the plug-and-play manager, the task scheduler, the print spooler, automatic updates, an FTP server, a web server, a mail server, and many other programs responsible for keeping Windows XP running. You can start or stop any service by right-clicking on it and selecting Start or Stop, respectively. Stopping unnecessary services will not only increase system performance, but will close potential security "backdoors" that could be used to break into a computer. Naturally, you should use caution when disabling any enabled service, but most home users won't need the "mail server" service to be running all the time.

See Appendix G for a list of the default services in Windows XP, their corresponding filenames, and their descriptions.

Shared Folders

Installed by default in fsmmgmt.msc and compmgmt.msc.

As described in Chapter 7, any folder or drive can be shared, allowing access to it from another computer on the network. The Shared Folders Snap-in lists all of the shared resources in one place, as well as any open connections to those resources from other computers. Rather than "sharing and forgetting," this tool allows you to keep a more active watch on how shared resources are being used.

One thing to note is the existence of administrative shares, those items listed in the Shares portion of the Shared Folders Snap-in, denoted by a dollar sign ($) at the end of the share name. Administrator shares cannot be disabled, and when used in conjunction with Create Shared Folder (discussed earlier in this chapter), can even be a security risk, in which someone else with your username and password can access to any file or folder on your computer without ever sitting in front of it. Suffice it to say, if you're on a network, or even an Internet connection, you should investigate the security settings in your computer and try to close as many back doors as you can without disabling functions that you still need. If you're concerned about security, you may wish to use Windows XP's built-in firewall (see Chapter 7) or invest in third-party firewall software (such as Norton Personal Firewall (http://www.symantec.com/), each of which actively helps prevent unauthorized access your computer.

WMI Control

Installed by default in wmimgmt.msc and compmgmt.msc.

WMI (Windows Management Instrumentation) is set of standards for accessing and sharing management information over an enterprise network. WMI will be of little use to most users; for more information, see Help.

One of the most interesting features of the Microsoft Management Console is its ability to access most of these tools remotely. For example, you can use it to run Device Manager on a machine other than the one you're using. Naturally, this would be most useful to an administrator, who can now configure and maintain a whole group of computers from a single machine. However, as home networks become more common, ordinary users are being turned into administrators. For instance, if you were responsible for setting up a network between the two or three computers used by the members of your family, you'd be able to run Disk Defragmenter on all the machines without having to jump around between them. Nevertheless, it provides more power than is normally available via My Network Places.

Connecting to another computer with MMC depends on the particular Snap-in you're using. Most Snap-ins that support remote administration will prompt you when you first add them, asking whether the Snap-in should be used with the current computer or with another on the network. In the case of Computer Management (compmgmt.msc), just right-click on the Computer Management root entry of the tree, select "Connect to another computer," and type the name of the computer in the box that appears. When connected to another computer, the root entry will be named Computer Management (computername).

The Microsoft Management Console also has a few command-line options:


Some Console (.msc) files have been configured so that the Snap-in tree normally shown is not only hidden, but inaccessible. Furthermore, you may not have access to the standard MMC menus, meaning that you will not be able to add or remove Snap-ins as desired. The /a option opens MMC in "author" mode, allowing you to treat any saved Console file as though you created it, giving you power to modify the Console by adding or removing Snap-ins.


The /s parameter is included with some shortcuts to .msc files in the Start menu, but it does not appear to have any effect.

/32 or /64

Run MMC in 32-bit or 64-bit mode, respectively; it is only available on 64-bit systems.


  • Eventually, you'll probably want to create your own Console file with the Snap-ins you use most. While it can create a new Console file from scratch, it may be easier to modify one of the supplied .msc files and then save it with a new name. To modify a saved Console file, start MMC with the /a switch, as described above.

  • Programmers who wish to learn how to create custom Snap-ins can find more information at http://msdn.microsoft.com/.

  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint