Chapter 10 - PowerPoint PPT Presentation

Audrey
chapter 10 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Chapter 10 PowerPoint Presentation
play fullscreen
1 / 50
Download Presentation
Chapter 10
243 Views
Download Presentation

Chapter 10

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Chapter 10 Monitoring and Troubleshooting Windows Server 2003

  2. Objectives • Monitor Windows Server 2003 health and performance • Troubleshoot Windows Server 2003 startup procedures • Use advanced startup options and other tools used in operating system recovery • Use the Windows Server 2003 backup utility

  3. Monitoring Windows Server 2003 Health and Performance • Monitoring the health of a server can help alert an administrator to problems before they occur or become more serious • Baseline performance • A performance benchmark • Used to determine • What is normal server performance under a specific workload • Whether or not the server is performing as it should

  4. Monitoring Windows Server 2003 Health and Performance (Continued) • Some Windows Server 2003 tools that can be used to monitor server health and performance • System Monitor • Performance Logs and Alerts • Event Viewer • Task Manager

  5. System Monitor • System Monitor • Allows you to gather and view real-time performance statistics of a computer • Accessed through the Performance console • Data collected using System Monitor can be used for • Server performance monitoring • Problem diagnosis • Capacity planning • Testing

  6. System Monitor (Continued) • Options for customizing the data collected • Defining the components to be monitored and the type of data to be collected • Performance objects • System components that can be monitored • Performance counters • Data associated with performance objects • Specifying the source or computer to be monitored • Use System Monitor to gather data from • The local computer • A network computer

  7. System Monitor (Continued) • System Monitor can display information in • Graph view • Histogram view • Report view • Options for viewing performance data in System Monitor include the ability to • Add additional performance counters as required • Switch between display views • Highlight a selected counter • Copy and paste selected information • Freeze the display for analysis purposes

  8. System Monitor counters in graph view

  9. System Monitor counters in histogram view

  10. System Monitor counters in report view

  11. System Monitor (Continued) • Monitoring server performance should be a regular maintenance task • Performance counters that should be included when monitoring server performance • % Processor Time • % Interrupt Time • Pages/Second • Page Faults/Second • % Disk Time • Average Disk Queue Length

  12. Performance Logs and Alerts • Performance Logs and Alerts tool • Accessed through the Performance console • Allows you to • Automatically collect data on the local computer or from another computer on the network • View the collected information using System Monitor or another program

  13. Performance Logs and Alerts (Continued) • Tasks which can be performed using the Performance Logs and Alerts tool • Collect data in a binary, comma-separated, or tab-separated format • View data both while it is being collected and after it has been collected • Configure parameters such as start and stop times for log generation, file names, and file size • Configure and manage multiple logging sessions from a single console window • Set up alerts so a message is sent, a program is run, or a log file is started when a specific counter exceeds or drops below a configured value

  14. Performance Logs and Alerts (Continued) • Options available under Performance Logs and Alerts • Counter logs • Take the information viewed using System Monitor and save it to a log file • Trace logs • Similar to counter logs but are triggered to start when an event occurs • Alerts • Can be configured to occur when a counter meets a predefined value

  15. Performance Logs and Alerts tool

  16. Performance Logs and Alerts (Continued) • Alerts • Can be set up to notify you of a potential problem • Needed because logging should not be running all the time • Logging increases the overhead on a server

  17. Event Viewer • Event Viewer can be used to • Gather information • Troubleshoot software, hardware, and system problems • Events are written to one of the following logs • Application log • Contains information, warnings, and errors generated by programs installed on the system • Security log • Contains events pertaining to the audit policy • System log • Contains information, warnings, and errors generated by Windows Server 2003 system components

  18. Event Viewer (Continued) • Types of events displayed by system and application logs • Information • When a component or application successfully performs an operation • Warning • When an event occurs that may not be a problem at the current time, but may become a problem in the future • Error • When a significant event has occurred, such as a service failing to start or a device driver failing to load

  19. Event Viewer tool

  20. Task Manager • Provides one of the fastest ways to • Check server performance • Determine what processes are running on the system

  21. Windows Task Manager tool

  22. Task Manager (Continued) • Consists of five different tabs • Applications • Displays the interactive programs that are currently running and what their status is • Processes • Displays information about the processes currently running on a Windows Server 2003 system • Performance • Provides a quick view of a system’s current performance

  23. Task Manager (Continued) • Task Manager consists of five different tabs (Continued) • Networking • Provides a graphical representation of the current network utilization for a given network connection • Users • Displays users who can access the computer, and session status and names

  24. Performance Tab

  25. Identify and Disable Unnecessary Services • To optimize and secure a server, any unnecessary components, such as services should be disabled • Running unnecessary services adds overhead to the system • Things to consider when deciding which services should be disabled • The role the server plays on the network • Service dependencies • Can be checked using the Dependencies tab of a service

  26. Viewing dependencies of DHCP Server service

  27. Identify and Disable Unnecessary Services (Continued) • Services MMC • Can be used to configure a variety of settings related to how services function and respond to potential problems • Tabs in the properties dialog box of a service • General • Displays a service’s name, description, the path to the executable file, service startup parameters, and buttons allowing you to start, stop, pause, and resume a service

  28. Identify and Disable Unnecessary Services (Continued) • Tabs in the properties dialog box of a service (Continued) • Log On • Allows you to specify the user name that a service will run as, along with the hardware profiles for which the service will be enabled • Recovery • Allows you to • Configure the computer’s response when a service fails • Specify a program that should be run when a service failure occurs

  29. Identify and Disable Unnecessary Services (Continued) • Tabs in the properties dialog box of a service (Continued) • Dependencies • Specifies the services that a service depends upon to function correctly, as well as the services that depend on this service to function

  30. Troubleshooting Windows Server 2003 Startup Procedures • System startup problems can occur for a variety of reasons, including • Missing files • Corrupt files • Configuration errors • Files required to be located on the system partition for a successful start up • Ntldr • Boot.ini • Ntdetect.com • Ntbootdd.sys

  31. Troubleshooting Windows Server 2003 Startup Procedures (Continued) • Files required to be located on the boot partition for a successful start up • Ntoskrnl.exe • System • Device drivers • Hal.dll

  32. The Windows Server 2003 Startup Process • Stages of the boot sequence • Startup phase • Load phase • Actions that occur during the startup phase • NTLDR switches from real mode to a 32-bit flat memory model and starts the mini file system drivers required to load Windows Server 2003 from different file systems • NTLDR accesses the boot.ini file to display the operating system selection menu • If Windows Server 2003 is selected, NTLDR loads NTDETECT.COM

  33. The Windows Server 2003 Startup Process (Continued) • Actions that occur during the startup phase (Continued) • NTDETECT.COM scans the system to determine installed hardware and passes this information to NTLDR to be added to the Registry • NTLDR loads both the ntoskrnl.exe and hal.dll files • NTLDR reads the registry files, selects a hardware profile, selects a control set, and then loads device drivers

  34. The Windows Server 2003 Startup Process (Continued) • Steps of the load phase • Kernel load • Kernel initialization • Services load • Win32 subsystem start • boot.ini file • Can be • Edited manually using a text editor such as Notepad • Configured with the bootcfg.exe command • Changed using the Startup and Recovery settings found in the System program in Control Panel

  35. Boot.ini file

  36. The Windows Server 2003 Startup Process (Continued) • bootcfg.exe utility • A command-line tool for configuring the boot.ini file

  37. Advanced Startup Options • Advanced startup options • Can be used to troubleshoot the problem of system start failure • Can be accessed during system startup by pressing F8 while viewing the Boot Loader Operating System Selection menu

  38. Advanced startup options

  39. Last Known Good Configuration • Last known good configuration • Allows you to recover your system from failed driver and registry changes • Useful in situations where Windows Server 2003 configuration changes have been made that negatively impact the system • The last known good configuration information • Is stored in the registry • Is updated each time the computer restarts and the user successfully logs on

  40. Recovery Console • Recovery Console • An advanced tool for experienced administrators • Allows an administrator to gain access to a hard drive on computers running Windows Server 2003 • Can be used to perform the following tasks • Start and stop services • Format drives • Read and write data on a local hard drive • Copy files from a floppy or CD to a local hard drive • Perform administrative tasks

  41. Installing the Recovery Console • Ways of starting the Recovery Console • Run the Recovery Console from the Windows Server 2003 CD once a serious error occurs by booting from the CD • Install the Recovery Console on the computer permanently before a problem occurs

  42. Installing the Recovery Console (Continued) • Some of the common commands available through the Recovery Console • Copy • Disable • Enable • Exit • Fixboot • Fixmbr • Listsvc

  43. The Automatic System Recovery Feature • Automated System Recovery (ASR) feature • Allows you to restore system configuration settings • Used when a system cannot be repaired using various safe-mode startup options or the last known good configuration feature • Does not restore user data files

  44. The Automatic System Recovery Feature (Continued) • Two elements of ASR on a Windows Server 2003 system • The ASR backup • Accessed from the Backup Utility • A floppy disk • Contains information about • The backup • Disk configuration • How the restore should be performed

  45. The Windows Server 2003 Backup Utility • Some tasks that can be performed using the Windows Server 2003 Backup Utility • Back up and restore files and folders • Schedule a backup • Back up Windows 2003 System State data • Restore all or a portion of the Active Directory database • Create an ASR backup • The Windows Server 2003 Backup Utility supports a wide variety of • Storage devices • Media

  46. Backing Up and Restoring Files and Folders • The Windows Server 2003 Backup Utility supports a number of backup types

  47. Backing Up the System State • Backing up the System State data on a Windows Server 2003 system includes • Registry (always) • COM+ Class Registration database (always) • Boot files (always) • Certificate Services database (if Certificate Services is installed) • Active Directory (only on domain controllers) • SYSVOL directory (only on domain controllers) • Cluster service (if the server is part of a cluster) • IIS Metadirectory (if IIS is installed) • System files (always)

  48. Summary • Performance console has two tools for monitoring server health and performance: • System Monitor • Performance Logs and Alerts • Alerts • Can be configured for specific objects and counters • Can send a message, start a counter log, write an event to the application log, or run a program • Event Viewer can be used to view the contents of the system logs, application logs, and security logs

  49. Summary (Continued) • Task Manager provides information on • Processes and applications running on a system • A system’s current performance • When optimizing the performance of your computer, use the Services icon to disable any unnecessary services to eliminate overhead • Windows Server 2003 startup process occurs in two phases: • Startup phase • Load phase

  50. Summary (Continued) • Advanced startup options can be used to troubleshoot and repair startup problems • The last known good configuration can be used to restart the computer if the default configuration becomes damaged • The Recovery Console allows an administrator to access the hard drive and carry out administrative tasks • If you are unable to recover a system using any of the Windows Server 2003 utilities, a backup created by the Automated System Recovery feature can be used