Remote Administration: The Basics

Article
02/20/2014

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

This chapter describes the Windows 95 management features that allow you to manage network computers from your own computer. This chapter also includes information about system management applications and agents, plus network backup agents from other vendors.

The remote management tools provided with Windows 95 are designed to make it easier for you to identify and solve problems encountered by users without dispatching support personnel to make changes at the users' work site. The following list describes the benefits of using these remote administration tools.

System Policy Editor.

You can use System Policy Editor to edit Registry entries in real time for remote computers. You can also create, edit, and manage system policies to control system settings for multiple computers on the network. For information, see Chapter 15, "User Profiles and System Policies."

Registry Editor.

You can use Registry Editor to read and write values directly in the Registry. You can read settings, create new keys and entries, or delete existing keys. Registry Editor should be used only by those who have appropriate access rights to identify and correct problems.

System Monitor.

You can use System Monitor to troubleshoot performance problems by monitoring virtual device drivers across the network. System Monitor can provide you with performance information from many system components, including the file system and network clients.

Net Watcher.

If you use File and Printer Sharing services, you can use Net Watcher to create, add, and delete shared resources on remote computers, and to monitor and manage connections to shared resources. This is especially useful when you need to know who is connected to a computer and which files are open.

You can manage file systems remotely by browsing specific computers in Network Neighborhood, as described in "Using Network Neighborhood for Remote Administration" later in this chapter.

Windows 95 also provides agents for remote administration, including an agent for Microsoft Network Monitor and an SNMP agent for administration with Simple Network Management Protocol (SNMP) system management products, as described in "Using Remote Administration Tools from Other Vendors" later in this chapter.

Remote Administration: The Issues
Setting Up for Remote Administration
Accessing Remote Registries by Using System Policy Editor
Accessing Remote Registries by Using Registry Editor
Viewing a Remote Computer by Using System Monitor
Using Net Watcher for Remote Administration
Using Network Neighborhood for Remote Administration
Using Network Backup Agents
Preparing for Microsoft Network Monitor
Using Remote Administration Tools from Other Vendors
Removing Remote Agents and Services

Remote Administration: The Issues

Before you use the remote administration features, you should understand the following aspects of your networking and administrative needs.

To take advantage of the remote administration capabilities of Windows 95, you should do the following:

Enable remote administration and user-level security on every computer that you will administer remotely. If you want to administer a remote computer using Registry Editor, System Monitor, or System Policy Editor, then the Microsoft Remote Registry service must be installed on your computer and the remote computer. Notice, however, that although the remote computer requires user-level security, it does not also require File and Printer Sharing services.

Optionally, the SNMP agent or the Microsoft Network Monitor agent should be installed if required for your administrative tools. For information, see "Setting Up for Remote Administration" later in this chapter.
Run a common network protocol, such as the Microsoft versions of the IPX/SPX-compatible protocol, TCP/IP, or NetBEUI.
Train help desk personnel on System Monitor if they will use it. They should understand what each measurement provided by System Monitor means and what course of action is required in response to these measurements. For information, see Chapter 17, "Performance Tuning."
Train help desk personnel on what problems can be identified and repaired by using System Policy Editor or Registry Editor.

Both Registry Editor and System Policy Editor allow you to access a remote computer's Registry. However, System Policy Editor allows you to access only a subset of keys, while Registry Editor allows you to access the entire Registry. As a result, Registry Editor requires significantly more training. Also, it's important to remember that some changes made to the Registry on a remote computer require the user to shut down and restart the computer, while other changes take effect immediately. As a rule, if you must restart the computer when changing a setting by using Control Panel or other tools, then you must restart it when changing that setting in the Registry directly.

You can enable remote administration capabilities on a computer as part of the process for installing Windows 95 from custom scripts. For more information, see Appendix D, "MSBATCH.INF Parameters."

Setting Up for Remote Administration

This section provides details about how to set up remote administration after Windows 95 is installed.

The following table describes what you need to set up on the remote computer to complete an administrative task.

Remote administration task	Requirement on the remote computer
Browse and manage shared resources on a remote computer by using Net Watcher	Enable user-level security, remote administration, and File and Printer Sharing services; grant remote administration privilege to the network administrator
Manage the file system of a remote computer by using Net Watcher	Enable user-level security and remote administration; grant remote administration privilege to the network administrator
Edit a remote computer's Registry by using Registry Editor or System Policy Editor	Enable user-level security and remote administration, and install Microsoft Remote Registry services
Monitor performance of a remote computer by using System Monitor	Enable user-level security and remote administration, and install Microsoft Remote Registry services

Granting remote administration privilege gives that person full access to all shared resources on the system (including the ability to add and remove other remote administrators). Granting or removing access to remote administration capabilities for a user does not take effect until the next time the user connects to the computer running Windows 95.

When remote administration is enabled on a computer, two special shared directories are created:

ADMIN$ gives administrators access to the file system on the remote computer.
IPC$ provides an interprocess communication (IPC) channel between the two computers.

Important: If you enable user-level security by using the Network option in Control Panel or in a setup script, remote administration is enabled automatically for the Domain Administrator group on a Windows NT domain. On a Novell® NetWare® network, the Supervisor account (for version 3.x) or the Admin account (for version 4.0) is enabled automatically. For more information, see Chapter 14, "Security."

If you want to enable user-level security without automatically enabling remote administration, you can use system policies to enable the User-Level Access Control option. In this case, you must enable remote administration manually by using the Password option in Control Panel on each individual computer.

To enable remote administration manually

In the Passwords option in Control Panel, click the Remote Administration tab.
Make sure Enable Remote Administration Of This Server is checked.
If the computer is configured for share-level access control, specify the password for remote administration.

This dialog box is available only when share-level security is enabled.

If the computer is configured for user-level access control, click the Add button, and add the appropriate administrators. Click OK.

This dialog box is available only when user-level security is enabled.

To install Microsoft Remote Registry services

In the Network option in Control Panel, click Add.
In the Select Network Component Type dialog box, double-click Service.
In the Select Network Service dialog box, click the Have Disk button.
In the Install From Disk dialog box, type the path to the ADMIN\NETTOOLS\REMOTREG directory on the Windows 95 compact disc, and then click OK.
In the Install From Disk dialog box, click OK.
In the Select Network Service dialog box, click Microsoft Remote Registry, and then click OK.

If you are prompted to specify the location of additional files, specify the path to the Windows 95 source files on a shared network directory or on the Windows 95 compact disc.

For information about installing the Microsoft Remote Registry service and enabling remote administration by using setup scripts, see Appendix D, "MSBATCH.INF Parameters."

Technical Notes on the Microsoft Remote Registry Service

You must also install the Remote Registry service on the administrator's computer to ensure that the WINREG.DLL file is in the Windows SYSTEM directory on that computer.
Make sure that both the administrator's and user's computers have at least one protocol in common. That can be either Microsoft NetBEUI, Microsoft TCP/IP, or the IPX/SPX-compatible protocol (with or without NetBIOS).

Accessing Remote Registries by Using System Policy Editor

When you run System Policy Editor in Registry mode, you have direct access to the Registry for a local or remote computer. This section discusses how to access the Registry on a remote computer by using System Policy Editor. For information about installing and using System Policy Editor, see Chapter 15, "User Profiles and System Policies."

As with Registry Editor, most of the changes you make with System Policy Editor in Registry mode modify the remote Registry as soon as you save the changes. These Registry changes apply to the user or to the computer. Some of these changes require the user to log off and then log back on.

To edit a remote computer's Registry by using System Policy Editor

In System Policy Editor, click the File menu, and then click Connect.
In the Connect dialog box, type the name of the computer you want to remotely administer, using the computer name for that computer as it appears in the Network option in Control Panel. Windows 95 connects to the Registry on the computer specified (assuming you have appropriate permissions).

The title bar of System Policy Editor shows whether you are viewing a local or a remote Registry.
Make changes by using the methods described in Chapter 15, "User Profiles and System Policies."

After you have made a connection to the remote computer, you can use System Policy Editor for modifying user and computer properties just as you would on a local computer.

Accessing Remote Registries by Using Registry Editor

To solve a problem on a remote computer running Windows 95, you might need to access the entire Registry for the computer. In this case, you should use Registry Editor because System Policy Editor allows access to only a subset of Registry settings.

Note: To use Registry Editor to edit the Registry on a remote computer, the Microsoft Remote Registry service must be installed on the remote computer, as described in "Setting Up for Remote Administration" earlier in this chapter.

To edit the Registry on a remote computer by using Registry Editor

In Registry Editor, click the Registry menu, and then click Connect Network Registry.
In the Connect Network Registry dialog box, type the name of the computer you want to remotely administer.

Windows 95 adds the contents of the remote Registry below the contents of the local Registry.
Makes changes by using the methods described in Chapter 33, "Windows 95 Registry."

Viewing a Remote Computer by Using System Monitor

System Monitor is a tracking tool that monitors the real-time performance of various computer components, functions, and behaviors and displays the results in graphs or charts. This information is useful in locating bottlenecks and solving other performance problems.

With the appropriate administrative privileges, you can use System Monitor over the network to track the performance of remote computers. To monitor more than one computer simultaneously, you can start multiple instances of System Monitor and connect to the appropriate computers.

For more information about installing and using System Monitor, see Chapter 17, "Performance Tuning."

Note: To use System Monitor to connect to a remote computer, the Microsoft Remote Registry service must be installed on the remote computer.

To view performance data on a remote computer by using System Monitor

In System Monitor, click the File menu, and then click Connect.
Type the name of the computer, and click OK.

Using Net Watcher for Remote Administration

Net Watcher is a Windows 95 tool for creating, controlling, and monitoring remote shared resources. This is a useful way to manage peer sharing services in Windows 95.

Note: If you are not using File and Printer Sharing services, you can skip this section.

Net Watcher includes a set of icons that make it easy to do the following:

Add a shared resource or stop sharing a resource
Show all shared resources, connected users, and open files
Close files users have opened
Disconnect a user

To connect to a remote computer by using Net Watcher

From the Start button, click Run, and then type netwatch
From the Administer menu, click Select Server, and then type the name of the computer you want to connect to.
Type the password for remote administration on the computer you are connecting to.

The password depends on the type of security used on the remote computer:
- For share-level security, the password is the Remote Administration password specified in the Passwords option in Control Panel.
- For user-level security, the password is the one for an Administrator account specified in the Passwords option in Control Panel.

When using Net Watcher to view a remote computer, you should understand the following constraints:

The remote computer must be running File and Printer Sharing services.
If your computer uses share-level security, you can use Net Watcher to connect only to other computers that use share-level security. However, if the computer uses user-level security, you can use Net Watcher to connect to any other remote computers running File and Printer Sharing services. The pass-through server or domain does not have to be the same for the two computers.
For computers running File and Printer Sharing for NetWare Networks, you can use Net Watcher to connect only to other computers running File and Printer Sharing for NetWare Networks. The pass-through server does not have to be the same for the two computers.
On a NetWare network, you cannot use Net Watcher to close documents on remote computers. You can, however, use Net Watcher to disconnect users.

Tip You can prevent a user from sharing files although the user must have File and Printer Sharing services running to allow remote administration. To do this, set the system policies named Disable File Sharing Controls and Disable Print Sharing Controls. Disabling these options by using system policies does not remove the File and Printer Sharing services, while using the Network option in Control Panel does disable the service.

The following examples show how to create a shared resource on a remote computer by using Net Watcher.

To share a resource on a remote computer by using Net Watcher

To connect to a remote computer, follow the procedure named "To connect to a remote computer by using Net Watcher" earlier in this section.
Click the View menu, and then click By Shared Folders.
Click the Administer menu, and then Click Add Shared Folder.
In the Enter Path dialog box, type the drive and complete path of the resource that you want to share, and then click OK.

This example shows the shared directories on a remote computer running File and Printer Sharing for Microsoft Networks.

Using Network Neighborhood for Remote Administration

Another way to use System Policy Editor, Registry Editor, Net Watcher, or System Monitor remotely is to right-click the remote computer from within Network Neighborhood.

To manage remote computers in the local workgroup by using Network Neighborhood

In Network Neighborhood, right-click the icon of the computer you want to administer, and then click Properties.
In the computer's Properties dialog box, click the Tools tab.

Click the button for the remote management task you want to perform, as described in the following list.

Option	Description
Net Watcher	Runs the Net Watcher tool and automatically connects to the specified computer.
System Monitor	Runs the System Monitor tool and automatically connects to the specified computer.
Administrate	Opens a folder on the desktop for the specified remote computer and allows you to access to the remote computer's hard disk drive.

Using Network Backup Agents

You can back up user data remotely by using either of the two network-based backup agents included with Windows 95. The Arcada® (Backup Exec Agent) and Cheyenne® backup agents, allows you to back up computers to a tape drive on a network server. You must have the corresponding server-based network backup software from either Arcada or Cheyenne.

The following sections describe how to install these backup agents on an individual computer, with a summary of the steps for running network-based backup when the agent is installed.

Setting Up Network-Based Backup with the Arcada Agent

To use the Arcada agent, you must have the following components:

Arcada Backup Exec Agent (included with Windows 95). The agent includes the following files: BKUPAGNT.EXE, BKUPNET.DLL, and BKUPPROP.DLL.
Arcada Backup Exec for NetWare, Enterprise Edition or Single Server Edition, version 5.01. To obtain this software, please contact Arcada directly at (800) 327-2232.

To back up a computer running Windows 95 with the Arcada agent, you must first install and enable the Arcada agent. If you didn't already do this during Setup, you can install and enable the Arcada agent by using the Network option in Control Panel. After you install the backup agent, the computer will run the agent automatically in the background when you start Windows 95.

To install and enable the Arcada Backup Exec Agent

In the Network option in Control Panel, click Add.
In the Select Network Component Type dialog box, double-click Service.
In the Select Network Service dialog box, click Arcada Software in the Manufacturers list, click Backup Exec Agent in the Network Services list, and then click OK.

To run Arcada network-based backup on a computer running Windows 95, run Arcada Backup Exec Agent (NetWare Enterprise Edition or Single Server Edition). See the product documentation for more information and instructions.

For information about installing the Arcada Backup Exec Agent by using custom setup scripts, see Chapter 5, "Custom, Automated, and Push Installations."

To configure the Arcada Backup Exec Agent

In the Network option in Control Panel, double-click Backup Exec Agent in the list of network components.
Click the General tab, and then click Enable Network Backup.
If you want to specify a password to allow backup, make sure Password is checked, and then type the password.
If you do not want Registry files to be restored when other files are restored, make sure Allow Registry To Be Restored is not checked.
In the Published Folder area, use the Add and Remove buttons to define the list of folders and drives to be backed up.
If you want to define access control for selected folders based on password or real-only access, click the Details button.
Click the Protocol tab, and then click an option to specify the protocol that Backup Exec Agent should use (SPX/IPX or TCP/IP). For TCP/IP, you must also specify either the host name or IP address for the backup server.

For more information about configuring and using this agent, refer to the documentation provided with your Arcada Backup Exec software.

Setting Up Network-Based Backup with the Cheyenne Agent

To use the Cheyenne agent, you must have the following components:

Cheyenne ARCserve Agent (included with Windows 95). The agent includes the following files: ARCSRV32.EXE and CHEYPROP.DLL.
Cheyenne ARCserve for NetWare (version 5.01).
New versions of Cheyenne network loadable modules (NLMs), which have been updated specifically for Windows 95. These include the APROCESS.NLM, ARCOPY.NLM, and WSTAPE.NLM files. To obtain these files, contact Cheyenne directly at (800) 243-9832.

To back up a computer running Windows 95 with the Cheyenne agent, you must first install and enable the Cheyenne agent. If you did not already do this during Setup, you can install and enable the Cheyenne agent by using the Network option in Control Panel. After you install the backup agent, the computer will run the agent automatically in the background when you start Windows 95.

To install and enable the Cheyenne ARCserve Agent

In the Network option in Control Panel, click Add.
In the Select Network Component Type dialog box, double-click Service.
In the Select Network Service dialog box, click Cheyenne Software in the Manufacturers list, click ARCserve Agent in the Network Services list, and then click OK.

To run Cheyenne network-based backup on a computer running Windows 95, run Cheyenne ARCserve for NetWare. See the product documentation for more information and instructions.

For information about installing the Cheyenne ARCserve Agent by using custom setup scripts, see Chapter 5, "Custom, Automated, and Push Installations."

To configure the ARCserve agent

In the Network option in Control Panel, double-click ARCserve Agent in the list of network components.
Click Enable Network Backup.
If you want to specify a password to allow backup, type the password in the Password box, and then type it again in the Confirm Password box.
If you do not want Registry to be restored when other files are restored, make sure Do Not Restore Registry is checked.
Use the Add and Remove buttons to define the list of folders and drives that should not be backed up.

For more information about configuring and using this agent, see the documentation provided with your Cheyenne ARCserve software.

Preparing for Microsoft Network Monitor

The Windows 95 compact disc includes a protocol driver and agent for Microsoft Network Monitor. The protocol driver provides performance counters that can be viewed by using System Monitor if you want to assess certain network traffic statistics for NDIS 3.1 protected-mode network adapters. The Network Monitor agent, which runs as a Windows 95 service, works with the protocol driver for use with the Microsoft Network Monitor application. You can use this application to detect and troubleshoot problems on LANs, WANs, and Microsoft Remote Access Service (RAS) connections.

Note: The Network Monitor application is provided with Microsoft Systems Management Server, which is a client-server system that allows administrators to perform key management functions for distributed computers from a central location. For more information, see Appendix E, "Microsoft Systems Management Server."

Installing the Network Monitor Agent and Driver

When you install the Network Monitor agent, the protocol driver is also installed automatically. You must have both the agent and the driver installed if you want to use the agent with Network Monitor to conduct remote captures of network traffic to and from a computer running Windows 95.

However, if you want only to view the performance counters in System Monitor and you want to prevent anyone from accessing the local computer by way of the Network Monitor agent, you can choose to install only the protocol driver.

Note: The Network Monitor application uses NetBIOS to control the remote-capture computer. If you are using the IPX/SPX-compatible protocol to connect the agent and manager computers, you must enable NetBIOS support for IPX/SPX, as described in Chapter 12, "Network Technical Discussion."

To install the Network Monitor agent on a single computer

In the Network option in Control Panel, click Add.
In the Select Network Component Type dialog box, double-click Service.
In the Select Network Service dialog box, click the Have Disk button.
In the Install From Disk dialog box, type the path to the ADMIN\NETTOOLS\NETMON directory on the Windows 95 compact disc, and then click OK.
In the Select Network Service dialog box, click Microsoft Network Monitor Agent in the Models list, and then click OK.

To install only the Microsoft Network Monitor protocol driver

In the Network option in Control Panel, click Add.
In the Select Network Component Type dialog box, double-click Protocol.
In the Select Network Protocol dialog box, click the Have Disk button.
In the Install From Disk dialog box, type the path to the ADMIN\NETTOOLS\NETMON directory on the Windows 95 compact disk, and then click OK.
In the Select Network Protocol dialog box, click Microsoft Network Monitor Driver in the Models list, and then click OK.

For information about installing the Microsoft Network Monitor agent and protocol driver by using custom setup scripts, see Chapter 5, "Custom, Automated, and Push Installations." For information about using Network Monitor for performance analysis, see Chapter 17, "Performance Tuning"; for information about using Network Monitor for network protocol analysis, see Appendix E, "Microsoft Systems Management Server."

Running Network Monitor Agent

You can run the Network Monitor agent as a service, or you can start and stop the agent as an executable application.

To start Microsoft Network Monitor agent

Click the Start button, click Run, and then type nmagent

The Network Monitor agent is removed from the system each time you log off, and must be restarted for each user that logs on if the agent is not scheduled to run as a service.

To run Network Monitor agent as a service

In Registry Editor, select the following Registry key:

Hkey_Local_Machine \Software \Microsoft \Windows \CurrentVersion \RunServicesOnce

Click the Edit menu, point to New, and then click String Value.
Type a label for the value name, such as nm agent, and then press ENTER.
Click the Edit menu, and then click Modify.
In the Value Data box, type:

nmagent.exe
Click OK.

The Network Monitor agent will continue to run after a user logs off if it is started as a service. You can, however, type a command to stop running the agent, whether the agent was started as a service or run from the command prompt.

To stop the Network Monitor agent

Click the Start button, and then click Run.
Type:

nmagent -close

Configuring Network Monitor Driver

You can configure options for Network Monitor by defining properties for the Network Monitor protocol driver. For information about using the Network Monitor driver to display system performance statistics, see Chapter 17, "Performance Tuning."

To configure the Microsoft Network Monitor protocol driver

Make sure that the Network Monitor agent is not running and that System Monitor is not monitoring the performance statistics provided by the Network Monitor driver.
In the Network option in Control Panel, double-click Microsoft Network Monitor Driver.

In the Microsoft Network Monitor Driver Properties dialog box, click the Password tab. You can define the password that users must specify to capture data, view capture files, or access the computer remotely. The following options are available:
- If you want to change any password that has been previously defined, type a password in the Old Capture Password area.
- If you want to define a password to restrict users to viewing only previously saved capture files by using the Network Monitor application, type a password in the Display Password area.
- If you want to define a password to authorize users to connect to the computer and capture files by using the Microsoft Network Monitor application, type a password in the Capture Password area. You can define only one password for all network adapters on a computer with multiple adapters.
- If you want to allow free access to the computer by anyone running the Network Monitor application, then make sure No Password is checked.
If the computer has more than one network adapter, click the Describe tab, and then click the network adapter you want to monitor.

You can also define a description for each network adapter in this dialog box, so that administrator running the Network Monitor application can determine which adapter to select.
Click the Advanced tab. In the Value box, type the user name that will be shown when an administrator running the Network Monitor application selects the Identify Network Monitor Users command.

This additional information, which is similar to a comment, does not get updated or changed if another user logs on to this computer.

Note: The settings on the Bindings tab have no effect.

Using Remote Administration Tools from Other Vendors

You can also remotely administer computers running Windows 95 by using other system management tools provided by Microsoft or by other vendors. The following list shows some of the system management tools that you can use to manage computers running Windows 95:

Microsoft Systems Management Server
Microsoft Windows NT Server
Novell NMS
HP® Open View for Windows
Intel® LANDesk™
IBM® LAN NetView®
Sun® NetManager

For networks that use SNMP for system management, Windows 95 includes an SNMP agent which conforms to the SNMP version 1 specification. This agent allows you to monitor, from an SNMP console, remote connections to computers running Windows 95. After this agent is installed, you do not need to make any other modifications to client computers to use SNMP.

The SNMP agent is implemented as a Win32-based service and works using Windows Sockets over both TCP/IP and IPX/SPX. The extension agents are implemented as Win32 DLLs. (For more information about writing SNMP MIBs under Windows 95, see the Microsoft Win32 Software Development Kit.)

The configuration information for the RFC 1156 extension agent is placed in the Registry under the following key:

Hkey_Local_Machine \System \CurrentControlSet \Services \SNMP \Parameters

To install the Microsoft SNMP agent

In the Network option in Control Panel, click Add.
In the Select Network Component Type dialog box, double-click Service.
In the Select Network Service dialog box, click the Have Disk button.
In the Install From Disk dialog box, type the path to the ADMIN\NETTOOLS\SNMP directory on the Windows 95 compact disc, and then click OK.
In the Select Network Service dialog box, click Microsoft SNMP Agent in the Models list, and then click OK.

If you are prompted to specify the location of additional files, specify the path to the Windows 95 source files on a shared network directory or on the Windows 95 compact disc.

For information about installing the Microsoft SNMP agent by using custom setup scripts, see Chapter 5, "Custom, Automated, and Push Installations."

When the computer is restarted after the SNMP agent is installed, SNMP automatically starts in an MS-DOS window. You can minimize this window to keep it out of the way while working.

To configure the SNMP agent

Use System Policy Editor to set the following policies for the computer:

Policy	Description
Communities	Specifies one or more groups of hosts to which this computer belongs for purposes of administration using the SNMP service. These are the communities that are allowed to query the SNMP agent.
Permitted Managers	Specifies IP or IPX addresses allowed to obtain information from an SNMP agent. If this policy is not checked, any SNMP console can query the agent.
Traps for Public Community	Specifies trap destinations, or IP or IPX addresses of hosts in the public community to which you want the SNMP service to send traps.
Internet MIB (RFC 1156)	Allows you to specify the contact name and location if you are using Internet MIB.

If you want to configure the Windows 95 SNMP agent to send traps to a community other than the public community, you must either edit the Registry directly or add a new system policy.

To add SNMP communities by editing the Registry

In Registry Editor, select the following key:

Hkey_Local_Machine \System \CurrentControlSet \Services \SNMP\Parameters\TrapConfiguration

Click the Edit menu, point to New, and then click Key.
Type the name that you want to specify for a new community, and press ENTER.

Create a new string value for each console to which the SNMP should send traps:
- The first value name should be 1, the second value name should be 2, and so on.
- The value data must be the IP or IPX address of the SNMP console to which traps will be sent.
To create a string value, click the new key, click the Edit menu, point to New, and then click New String. Type the value name, and then press ENTER.

To specify the value data, click the value name, click the Edit menu, and then click Modify. In the Value Data box, type the value data, and then click OK.

The following illustration shows an example of what the Registry should look like after adding a new community named Prv1.

To add SNMP communities by using system policies

Start a text editor, and open the ADMIN.ADM file in the INF subdirectory of the Windows directory.

Add an entry in the section named CATEGORY !!SNMP, specifying the following new values:
- Name Of New Policy, which defines the text that you want to appear in System Policy Editor for this policy. You do not need to include "!!" if you use quotation marks around the name. The "!!" string is used only for Windows 95 localization, and the strings are defined at the bottom of ADMIN.ADM.
- Name Of New Community, which defines the name of the community for which you are adding support.
The following shows the complete syntax for this entry:

POLICY "Name Of New Policy" KEYNAME System\CurrentControlSet\Services\SNMP\Parameters \TrapConfiguration\Name Of New Community PART !!Traps_PublicListbox LISTBOX VALUEPREFIX "" END PART END POLICY

Note: The Registry key and value names are case-sensitive. Also, the Registry key name (System\...Name Of New Community) must be one continuous line in the ADMIN.ADM file.

For example, the following adds a policy for a community named Prv1:

POLICY "Traps for Prv1 Community"
   KEYNAME
System\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration\Prv1
   PART !!Traps_PublicListbox LISTBOX
   VALUEPREFIX ""
   END PART
END POLICY

After editing and saving ADMIN.ADM, you can see this new policy by running System Policy Editor and selecting the Computer policy under Network named SNMP. You can use this policy exactly as you would use the policy named Traps For Public Community.

Removing Remote Agents and Services

Any agent that runs as a network service and that appears in the Network option in Control Panel can be removed by selecting it and clicking the Remove button.

You can use System Policy Editor to turn off services by setting system policies, or by using Registry mode to modify a computer's Registry. To do this, in the computer properties, click System. Then delete the services that you no longer want under the Run and Run Services policies.

Some agents, such as the SNMP agent, can be removed only by modifying the Registry. For a single computer, you can do this by using either Registry Editor or System Policy Editor. The following Registry keys list the services running on the computer:

Hkey_Local_Machine \Software \Microsoft \Windows \CurrentVersion \RunServices
Hkey_Local_Machine \Software \Microsoft \Windows \CurrentVersion \Run