The Sysinternals Security Utilities were written by Mark Russinovich and Bryce Cogswell. The Sysinternals suite includes these utilities as well as numerous others. File utilities, networking utilities, tools for process management and system information are all part of the suite. If you don't hold one of the various Microsoft certifications or aren't a full-time administrator you may not be familiar with these tools. Take a look at them even if system administration isn't your vocation--you may learn something.
The Security Utilities can be grouped into two main categories: Listing tools and Execution tools. They either show, search for & list things, or they do things. Here's a breakdown:
Listing Tools
AccessChk - A handy program that lists user or group access to files, services, or the Registry.
AccessEnum - This tool shows permission to entire trees of directories or the Registry. You can also change permissions with this tool.
Autoruns - Autoruns provides complete information of which programs run during boot or on logon, and where they are run from.
LogonSessions - Use it if you need a listing of active logon sessions and the processes running under them.
Process Explorer - This utility graphically displays what process has files, directories, handles, and DLLs open.
PsLoggedOn - This tool can provide active logon information for remote computers as well as the local system.
PsLogList - A utility for dumping the Event Log, with many options for filtering and formatting. Dumps logs on the local or remote computers.
RootkitRevealer - This tool uses advanced Windows APIs to detect root kits or malware that other tools may miss.
ShareEnum - This program enumerates all shares on systems in a domain and lists their security settings.
Sigcheck - A tool to check and dump digital signature information of files.
Execution Tools
Autologon - If you have a system that needs to log in to the desktop automatically, this tool is what you need.
NewSID - Duplicate SIDs have been a problem since system cloning of Windows systems is problematic. This utility is one workaround.
PsExec - This is a lightweight remote console utility. It's interesting as it does not need to be installed on the target system.
SDelete - This is a secure file deletion utility that overwrites the deleted file's residual data on disk completely.
ShellRunas - This utility interactively launches programs under a different user account via a context-menu extension.
I've used all these at one time or another, and once you're familiar with them you may wonder how you did some Windows administration tasks without them.
I've used Sysinternals tools ever since the days of NT 4.0. I recommend them as part of every serious administrator's toolkit. These tools are educational as well as extremely useful. Simply having some of these functions available as individual programs can often make management scripts and automated operations much easier. Learn more about them and download them at: http://technet.microsoft.com/en-us/sysinternals/bb795534.aspx