Windows Server 2022 & Powershell All-in-One For Dummies. Sara Perrott
Чтение книги онлайн.

Читать онлайн книгу Windows Server 2022 & Powershell All-in-One For Dummies - Sara Perrott страница 22

СКАЧАТЬ and to investigate and remove malware from a potentially infected machine.

      To enter into the Advanced Boot Options menu, follow these steps:

      1 Click the Start menu and then click the Settings icon.

      2 Click Update & Security and then click Recovery.

      3 Under Advanced startup, click the Restart Now button, shown in Figure 2-3.

      4 Click the Continue button.

      5 Click the Troubleshoot button.

      6 Choose Startup Settings.

      7 Click Restart.

      Safe Mode

      Safe Mode is almost always my go-to when there are boot issues with a system. Whenever new hardware or software has been installed, or if I suspect that a system may be having issues because of a malware infection, I turn to Safe Mode.

Snapshot of journey into the Advanced Boot Options menu starts with the Restart Now button.

      FIGURE 2-3: Your journey into the Advanced Boot Options menu starts with the Restart Now button.

Snapshot of the Advanced Boot Options menu, choosing what you want Windows Server to do.

      FIGURE 2-4: In the Advanced Boot Options menu, you can choose what you want Windows Server to do.

      The type of Safe Mode I use depends on what I need to accomplish. For instance, if I’m just troubleshooting an issue that I suspect may be related to drivers, most of the time I use regular old Safe Mode. In the following sections, I walk you through the different forms of Safe Mode and why you may want to use each of them.

      Safe Mode

      This is just regular old Safe Mode. It loads only the basic services and drivers needed for Windows to function and for you to interact with it. Nothing more, nothing less.

      In most cases, this regular form of Safe Mode is all you need to troubleshoot and resolve the issue at hand. It has a graphical interface like you’re used to seeing in Windows Server, but it has no access to the Internet or other network resources. In essence, it’s a stand-alone machine.

      Safe Mode with Networking

      Safe Mode with Networking is similar to regular Safe Mode, except the system will also load the drivers needed for the network interface card (NIC) to function properly. This is useful if you need to download software from the Internet (for example, drivers or diagnostic software) or over a network share.

      Safe Mode with Networking is most useful when you’re trying to resolve a software or driver issue. It allows you to download replacement software or replacement drivers while still in Safe Mode. Then you can replace the misbehaving driver or incompatible software with a known good version and then boot successfully.

      Safe Mode with Command Prompt

      In Safe Mode with Command Prompt, you bypass the Explorer desktop environment. This can be especially useful if the desktop is not displaying properly for whatever reason.

      If you like Server Core, you’ll like this version of Safe Mode. If you aren’t as comfortable with the command window as you would like to be, having a cheat sheet available may help you.

      Enable Boot Logging

      If you need to see which drivers were installed as the system started up, you should choose Enable Boot Logging. This will create a file called ntbtlog.txt, which lists all the drivers that were installed when the operating system started. The file is stored in your Windows system directory; typically, this will be C:\WINDOWS. Incidentally, this is the same list you see flash by on the screen when you boot into Safe Mode.

      Enable Low-Resolution Video

      This setting is very useful if you're having display issues, most commonly after changing display settings to something your monitor doesn’t support. It uses the currently installed video driver but starts with lower resolution (typically 640 x 480) and refresh settings.

      Last Known Good Configuration

      Last Known Good Configuration is helpful in fixing issues with booting that occur because the Windows Registry has been damaged. Most commonly, this occurs due to user misconfiguration or from updates or patches. When you choose Last Known Good Configuration, the Registry is reverted so that it matches the settings it had the last time the system booted successfully.

      

Any time you use something that modifies the Registry in any way, be extra cautious. There’s no way to undo using Last Known Good Configuration. If it doesn’t fix the issue, or it makes matters worse, you’ll need to restore from a backup.

      Directory Services Restore Mode

      This option only appears on a server that is a domain controller (and, therefore, it isn’t shown in Figure 2-4). Directory Services Restore Mode (DSRM) is a special form of Safe Mode made for domain controllers that allows you to repair or recover an Active Directory database.

To use this utility you need to know the DSRM password that was set when the domain controller was initially created. If you don’t know the password, you can use the ntdsutil tool to change the password. You need to have access to the Command Prompt on the system in question to run it.

      If all of this is Greek to you, don’t worry! I cover Active Directory in depth in Book 2, Chapter 5. For now, think of Active Directory like a special database that stores СКАЧАТЬ