Tweaking Optimizing Windows.pdf - GEGeek
Tweaking Optimizing Windows.pdf - GEGeek
Tweaking Optimizing Windows.pdf - GEGeek
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Recommendation: For the most part, if you're wanting such functionality I suggest looking at NetMeeting. The bulk of you<br />
that aren't using this tool, leave the status set to manual (or disable if you're really compulsive).<br />
Computer Browser<br />
Process Name:<br />
Services.exe<br />
Default Setting: Automatic (Workstation), Automatic (Server)<br />
Description: Actively collects the names of NetBIOS resources on the network, creating a list so that it can<br />
participate as a master browser or basic browser (one that takes part in browser elections). This maintained list of NetBIOS<br />
resources (computers) is offered to and displayed in the Network Neighborhood & Server Manager.<br />
Recommendation: This decision is straightforward. If you're using Server or Workstation on a machine that is not connected<br />
to a LAN (stand-alone), or will not participate as a master browser and/or take part in elections, then feel free to change the status<br />
of this service to disabled (or manual, service will not start in manual status). Keep in mind this does not equate to disabling<br />
TCP/IP, but will kind of resemble being on a windows network without WINS (empty Network Neighborhood). This change will<br />
squeeze the services.exe process down a little more, and will have a more noticeable effect as a result of dropping those browser<br />
duties. If this doesn't sound like your type of scenario, stick with the automatic setting.<br />
Directory Replicator<br />
Process Name:<br />
Lmrepl.exe<br />
Default Setting:<br />
Manual (Server only)<br />
Description:<br />
This service simply replicates specified files & directories between computers. The host is referred to as<br />
the export server, and the target machines are called import computers. This replication is configured under Server in the Control<br />
Panel.<br />
Recommendation: By default Workstation does not install this service, so only folks with Server need worry about this. This<br />
is another easy judgment call--if your server is doing any replication you'll need to set this service to automatic. If not, keep the<br />
status set to manual. DCs are set to automatic by default, and this shouldn't be tampered with (Netlogon share).<br />
Event Log<br />
Process Name:<br />
Services.exe<br />
Default Setting:<br />
Automatic (Workstation), Automatic (Server)<br />
Description:<br />
This service supports the recording of the three categories of events: System, Security, and Application.<br />
The events recorded can be viewed under the system tool Event Viewer<br />
Recommendation: Most of you are going to want to leave this service started, whether you're using Workstation or Server.<br />
However, some of you using either edition as a personal workstation might consider disabling the service. Do this only if you're not<br />
worrying about security events, and are willing to start the service retroactively if/when you happen to have NT probs. Personally, I<br />
almost never have such problems, so this "reporter" does me little good. If you don't agree with my logic in disabling it, leave this<br />
set to automatic.<br />
License Logging Service<br />
Process Name:<br />
Llssrv.exe<br />
Default Setting:<br />
Automatic (Server only)<br />
Description:<br />
As can be derived from the name for the most part, this service provides support for license tracking on a<br />
server or DC (Domain Controller).<br />
Recommendation: Now I'd be crazy to recommend compromising any piece of the licensing model MS has. However, keep<br />
sharp you folks using Server on a stand-alone machine (for testing purposes only of course). Once upon a time there was a myth<br />
floating about that MS monitored Servers and their licensing status through this service, over the Internet. However, analysis has<br />
shown this not to be true.<br />
Messenger<br />
Process Name:<br />
Services.exe<br />
Default Setting:<br />
Automatic (Workstation), Automatic (Server)<br />
Description:<br />
Processes the delivery of pop-up messages sent by the Alerter service, or an administrator. The<br />
messages appear on the recipient's machines, and must be clicked OK to disappear. This service is also required to receive any<br />
messages sent by the Messenger service from another machine.<br />
Recommendation: Oh boy, yet another chance to squeeze down the size of the Services.exe process. For stand-alone<br />
machines running either edition of NT, go ahead and disable this service. For machines in some kind of NT environment on a<br />
network, you may want to also consider disabling this service for security. Misuse of the 'net send' command-line util has caused<br />
many admins to disable this service, in order to avoid varying forms of misuse and abuse. If these scenarios don't include you, or<br />
you dream up another, go ahead and leave this service set to automatic.<br />
Net Logon<br />
Process Name:<br />
Lsass.exe<br />
Default Setting:<br />
Automatic (Domain), Manual (Workgroup)<br />
Description:<br />
Responsible for network authentication including the following sub-components: maintains a synced<br />
domain directory database between the PDC and BDC(s), handles authentication of respective accounts on the DCs, and handles the<br />
process of authentication of domain accounts on networked machines. FYI - LSASS (Local Security Authority Subsystem), is an<br />
acronym you'll see thrown around alot in discussion of NT Security.<br />
Recommendation: By default this service is set to automatic for machines residing in domains, and manual for machines<br />
that aren't. That's about as tweak-a-rific as it gets. Sometimes I've notice that OEM machines can come with this service set to<br />
automatic, however, so you might want to check this one for sure.<br />
Network DDE<br />
Process Name:<br />
Netdde.exe<br />
Default Setting: Manual (Workstation), Manual (Server)<br />
Description:<br />
Supports network transport of DDE (Dynamic Data Exchange) connections. Such connectivity is mostly a<br />
relic from the NT 3.x days, and interaction with <strong>Windows</strong> for Workgroup clients. Some Win32 NetDDE APIs are still used, but such<br />
APIs are thunked down to 16-bit.