Help
Would you like to know more about the Windows 7 boot environment or its diagnostics and troubleshooting infrastructure? This excerpt from William R. Stanek's Windows® 7 Administrator's Pocket Consultant will deliver the basics.
If you want to truly know how Windows 7 works and what makes it tick, you need to dig under the hood. Windows 7 doesn't boot from an initialization file. Instead, the operating system uses the Windows boot manager to initialize and start the operating system.
The boot environment dramatically changes the way the operating system starts. The boot environment was created by Microsoft to resolve several prickly problems related to boot integrity, operating system integrity, and firmware abstraction. The boot environment is loaded prior to the operating system, making it a preoperating system environment. As such, the boot environment can be used to validate the integrity of the startup process and the operating system itself before actually starting the operating system.
The boot environment is an extensible abstraction layer that allows the operating system to work with multiple types of firmware interfaces without requiring the operating system to be specifically written to work with these firmware interfaces. Rather than updating the operating system each time a new firmware interface is developed, firmware interface developers can use the standard programming interfaces of the boot environment to allow the operating system to communicate as necessary through the firmware interfaces.
Firmware interface abstraction is the first secret ingredient that makes it possible for Windows 7 to work with BIOS-based and EFI-based computers in exactly the same way, and this is one of the primary reasons Windows 7 achieves hardware independence. You'll learn more about the boot environment in Chapter 2, Deploying Windows 7 and in Chapter 10, Managing Firmware, Boot Configuration, and Startup.
The next secret ingredient for Windows 7 hardware independence is Windows Imaging Format (WIM). Microsoft distributes Windows 7 on media using WIM disk images. WIM uses compression and single-instance storage to dramatically reduce the size of image files. Using compression reduces the size of the image in much the same way that Zip compression reduces the size of files. Using single-instance storage reduces the size of the image because only one physical copy of a file is stored for each instance of that file in the disk image.
Because WIM is hardware independent, Microsoft can use a single binary for each supported architecture:
One binary for 32-bit architectures
One binary for 64-bit architectures
One binary for Itanium architectures
The final secret ingredient for Windows 7 hardware independence is modularization. Windows 7 uses modular component design so that each component of the operating system is defined as a separate independent unit or module. Because modules can contain other modules, various major features of the operating system can be grouped together and described independently of other major features. Because modules are independent from each other, modules can be swapped in or out to customize the operating system environment.
Windows 7 includes extensive support architecture. At the heart of this architecture is built-in diagnostics and troubleshooting. Microsoft designed built-in diagnostics and troubleshooting to be self-correcting and self-diagnosing, and failing that, to provide guidance while you are diagnosing problems.
Windows 7 includes network awareness and network discovery features. Network awareness tracks changes in network configuration and connectivity. Network discovery controls a computer's ability to detect other computers and devices on a network.
Network awareness allows Windows 7 to detect the current network configuration and connectivity status, which is important because many networking and security settings depend on the type of network to which a computer running Windows 7 is connected. Windows 7 has separate network configurations for domain networks, private networks, and public networks and is able to detect:
When you change a network connection
Whether the computer has a connection to the Internet
Whether the computer can connect to the corporate network over the Internet
Unlike all earlier versions of Windows, Windows Firewall in Windows 7 supports connectivity to multiple networks simultaneously and multiple active firewall profiles. Because of this, the active firewall profile for a connection depends on the type of connection.
If you disconnect a computer from one network switch or hub and plug it into a new network switch or hub, you might inadvertently cause the computer to think it is on a different network, and depending on Group Policy configuration, this could cause the computer to enter a lockdown state in which additional network security settings are applied. As shown in Figure 1.7, you can view the network connection status in the Network And Sharing Center. In Control Panel, under Network And Internet, click Network And Sharing Center to access this management console.
Tip
Through the DirectAccess feature, computers running Windows 7 can now directly access corporate networks wherever they are as long as they have access to the Internet, and best of all users don't need to initiate VPN connections. The feature relies on DirectAccess servers being configured on the corporate network and DirectAccess being enabled in Group Policy. For more information, see Chapter 16, Managing Mobile Networking and Remote Access.
Windows 7 tracks the identification status of all networks to which the computer has been connected. When Windows 7 is in the process of identifying a network, the Network And Sharing Center shows the Identifying Networks state. This is a temporary state for a network that is being identified. After Windows 7 identifies a network, the network becomes an Identified Network and is listed by its network or domain name in the Network And Sharing Center.
If Windows 7 is unable to identify the network, the network is listed with the Unidentified Network status in the Network And Sharing Center. In Group Policy, you can set default location types and user permissions for each network state, as well as for all networks, by using the policies for Computer Configuration under Windows Settings\Security Settings\Network List Manager Policies.
When you are working with the Network And Sharing Center, you can attempt to diagnose a warning status by using Windows Network Diagnostics—another key component of the diagnostics and troubleshooting framework. To start diagnostics, click the warning icon in the network map or click Troubleshoot Problems, and then click Internet Connections. Windows Network Diagnostics then attempts to identify the network problem and provide a possible solution.
The Windows diagnostics and troubleshooting infrastructure offers improved diagnostics guidance, additional error reporting details, expanded event logging, and extensive recovery policies. Although Windows XP and earlier versions of Windows include some help and diagnostics features, those features are, for the most part, not self-correcting or self-diagnosing. Windows 7, on the other hand, can detect many types of hardware, memory, and performance issues and resolve them automatically or help users through the process of resolving them.
As shown in Table 1.4, Windows diagnostics and troubleshooting features are divided into 15 broad diagnostics areas. In Group Policy, you can configure how these features work by using the Administrative Templates policies for Computer Configuration under System\Troubleshooting And Diagnostics.
Table 1.4. Key Diagnostics Areas in Windows 7
Other diagnostics features of Windows 7 include:
In Windows XP and earlier versions of Windows, an application crash or hang is marked as Not Responding, and it is up to the user to exit and then restart the application. Windows 7 attempts to automatically resolve the issues related to unresponsive applications by using Restart Manager. Restart Manager can shut down and restart unresponsive applications automatically. In many cases, this means that you may not have to intervene to try to resolve issues with frozen applications.
A failed installation and nonresponsive conditions of applications and drivers are also tracked through Action Center. Should such an event occur, the Action Center notification icon will show a red circle with an X through it. If you click the notification icon, Windows 7 displays a summary report of current issues. As discussed previously, you can click the link provided to open a possible solution or to get more information. If these processes fail, access the Action Center main window and then scroll down to display the Troubleshooting and Recovery links.
Clicking Troubleshooting opens the Troubleshooting window. As shown in Figure 1.8, several troubleshooters are provided. These troubleshooters can help users quickly resolve common problems without requiring administrator support. The troubleshooters include:
Programs for compatibility issues with applications designed for earlier versions of Windows.
Hardware And Sound for issues with hardware devices, audio recording, and audio playback.
Network And Internet for issues with connecting to networks and accessing shared folders on other computers.
Appearance And Personalization for issues with the display appearance and personalization settings. To quickly resolve display issues with Aero, click Display Aero Desktop Effects.
System And Security for issues with Windows Update, power usage, and performance. Click Run Maintenance Tasks to clean up unused files and shortcuts and perform other routine maintenance tasks.
To resolve startup problems, Windows 7 uses the Startup Repair tool (StR), which is installed automatically and started when a system fails to boot. After it is started, StR attempts to determine the cause of the startup failure by analyzing startup logs and error reports. Then StR attempts to fix the problem automatically. If StR is unable to resolve the problem, it restores the system to the last known working state and then provides diagnostic information and support options for further troubleshooting.
Startup Repair performs many tests during diagnostics and troubleshooting. These tests can take anywhere from 5 to 30 minutes or more depending on the configured hardware, and they include these specific tests:
Check for updates Determines whether newly applied updates are affecting startup.
System disk test Determines whether there is a problem with the system disk that is preventing startup. If so, StR can attempt to repair any missing or corrupt files.
Disk failure diagnosis Determines whether any of the configured disks have failed.
Disk metadata test Determines whether any of the available disks have a problem with their metadata that is preventing startup. The metadata associated with a disk depends on how a disk is partitioned and the file system format of disk partitions.
Target OS test Determines whether the operating system you are attempting to start has a specific issue that is preventing startup.
Volume content check Examines the content of disk volumes to ensure that volumes are accessible.
Boot manager diagnosis Determines whether there is a problem with the boot manager or boot manager entries that are preventing startup.
System boot log diagnosis Examines system boot log entries from previous startups to see if there are specific errors that might be related to the startup issue.
Event log diagnosis Examines event log entries to see if there are specific errors that might be related to the startup issue.
Internal state check Checks the current internal state of the preboot environment.
Boot status test Checks the current boot status in the preboot environment.
Setup state check Determines whether the computer is in a setup state.
Windows boot log diagnosis Examines the Windows boot log entries to see if there are specific errors that might be related to the startup issue.
Bug check analysis Performs a basic bug check analysis of the operating system.
Access control test Determines whether access controls in the preboot environment are preventing startup of the operating system.
File system test (chkdsk) Performs a basic file system test using Chkdsk.
Software install log diagnosis Examines software installation log entries to see if there are specific errors that might be related to the startup issue.
Fallback diagnosis Determines whether any flags have been set that indicate the computer should fall back to a previous state to correct the startup issue. If so, StR will attempt to restore the previous state.
Error detection for devices and failure detection for disk drives also is automated. If a device is having problems, hardware diagnostics can detect error conditions and either repair the problem automatically or guide the user through a recovery process. With disk drives, hardware diagnostics can use fault reports provided by disk drives to detect potential failure and alert you before this happens. Hardware diagnostics can also help guide you through the backup process after alerting you that a disk might be failing.
Windows 7 can automatically detect performance issues, which include slow application startup, slow boot, slow standby/resume, and slow shutdown. If a computer is experiencing degraded performance, Windows diagnostics can detect the problem and provide possible solutions. For advanced performance issues, you can track related performance and reliability data in the Performance Monitor console, which can be opened from the Administrative Tools menu.
Windows 7 can also detect issues related to memory leaks and failing memory. If you suspect that a computer has a memory problem that is not being automatically detected, you can run Windows Memory Diagnostics manually by completing the following steps:
Click Start, type mdsched.exe in the Search box, and then press Enter.
Choose whether to restart the computer and run the tool immediately or schedule the tool to run at the next restart.
Windows Memory Diagnostics runs automatically after the computer restarts and performs a standard memory test. If you want to perform fewer or more tests, press F1, use the Up and Down Arrow keys to set the Test Mix as Basic, Standard, or Extended, and then press F10 to apply the desired settings and resume testing.
When testing is completed, the computer restarts. You'll see the test results when you log on.
If a computer crashes because of failing memory and Memory Diagnostics detects this, you are prompted to schedule a memory test the next time the computer is started.
Here’s the ideal, on-the-go reference that desktop administrators and support professionals can carry with them as they support and manage Windows 7.
