410 likes | 431 Views
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory . Chapter 13: Server Management and Monitoring. Perform Active Directory maintenance tasks Monitor an Active Directory environment Manage a Server Core installation
E N D
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 13: Server Management and Monitoring
Perform Active Directory maintenance tasks Monitor an Active Directory environment Manage a Server Core installation Use several command-line tools to manage a Windows Server 2008 environment Objectives MCTS Windows Server 2008 Active Directory 2
Windows Server Backup and Restore Windows Server Backup is new in Windows Server 2008 and supersedes NTBackup.exe Must be installed with Server Manager Some features and limitations Backups can be run manually or scheduled with Task Scheduler Separate files or folders can’t be backed up, you can only choose which volumes to backup Scheduled backups require a dedicated fixed or removable disk as the backup destination when you’re using Windows Server Backup Select one of the following options: Always perform full backup Always perform incremental backup Custom MCTS Windows Server 2008 Active Directory
Windows Server Backup and Restore (cont.) MCTS Windows Server 2008 Active Directory
Creating Scheduled Backups Scheduled backups give you the flexibility to run a backup at a particular time of the day, once per day, or multiple times per day Before using the Backup Schedule Wizard, know: What do you want to backup? When and how often should the backup occur? Where will backups be stored? MCTS Windows Server 2008 Active Directory
Creating Scheduled Backups (cont.) MCTS Windows Server 2008 Active Directory
Data Recovery You can recover files and folders, the system state, Active Directory, or the entire server from a backup Windows Server Backup can recover only files, folders, and volumes Command-line utilities used for more complete recovery To start the recovery process, click recover in the Actions pane of Windows Server Backup MCTS Windows Server 2008 Active Directory
Data Recovery (cont.) MCTS Windows Server 2008 Active Directory
Data Recovery (cont.) MCTS Windows Server 2008 Active Directory
Backup and Restore from the Command Line Windows Server Backup has less flexibility than its command line equivalent utilities Wbadmin.exe can perform all tasks available in Windows Server Backup, and more: Perform a system state backup Recover the system state Delete a system state backup Restore or delete a backup catalog Most tasks with Wbadmin require you to be a member of the Backup Operators or Administrators group MCTS Windows Server 2008 Active Directory
Perform a System Recovery If full recovery is necessary, you need the Windows Server 2008 installation disk or access to Windows Recovery Environment (WinRE) Can be installed on a server’s hard drive by pressing F8 when the boot process starts Can also be accessed from the Windows Server 2008 installation DVD You can restore a complete backup from a local or removable disk or a network location MCTS Windows Server 2008 Active Directory
Active Directory Backup and Restoration Active Directory is backed up when you perform a full backup of a domain controller or when you back up the volumes containing system recovery information Restoration can be authoritative or nonauthoritative Nonauthoritative restore restores the Active Directory database, or portions of it, and allows it to be updated through replication. Requires a restart into Domain Services Restore Mode (DSRM) Authoritative restore ensures that restored objects aren’t overwritten by changes from other domain controllers through replication MCTS Windows Server 2008 Active Directory
Active Directory Backup and Restoration MCTS Windows Server 2008 Active Directory
Active Directory Defragmentation Active Directory database requires periodic maintenance in the form of defragmentation and compaction Online defragmenation occurs when garbage collection is performed Objects that have been deleted for more than 180 days are removed by garbage collection Object marked for removal after a period of time has been “tombstoned” Online defragmentation removes deleted objects but doesn’t compact the database Offline defragmentation compacts the database Compaction is performed with the Ntdsutil program MCTS Windows Server 2008 Active Directory
Active Directory Monitoring Windows Server 2008 provides tools to manage and monitor server operation and resources, including the following: Event Viewer Task Manager Reliability and Performance Monitor Windows Server Resource Manager MCTS Windows Server 2008 Active Directory
Event Viewer Used to examine event log entries generated by system services and applications Events categorized by levels: Information Indicated by blue i in a white circle Warning Indicated by a black ! inside a yellow triangle Error Indicated by a white ! inside a red circle Selecting an event shows more detailed information MCTS Windows Server 2008 Active Directory
Event Viewer (cont.) MCTS Windows Server 2008 Active Directory
Task Manager Provides a simple interface for viewing the performance of a Windows computer Started by pressing Ctrl + alt + delete and then clicking “Task Manager”, by right-clicking the taskbar and clicking Task manager, or by typing Taskmgr into a command prompt Windows Server 2008 adds the Services and Resource Monitor tabs Shows real-time graphical display of: CPU utilization Disk utilization Network utilization Memory utilization MCTS Windows Server 2008 Active Directory
Task Manager (cont.) MCTS Windows Server 2008 Active Directory
Reliability and Performance Monitor Consists of a collection of tools Can be opened from Administrative tools folder or the Diagnostics node in Server Manager Contains the following folders: Monitoring Tools Data Collector sets Reports MCTS Windows Server 2008 Active Directory
Performance Monitor Uses counters to track performance of a variety of objects A counter is a value representing some aspect of an object’s performance Counters exist for virtually every hardware and OS component on a server Performance monitor can track counters with a line graph, histogram, or as raw data saved to a report Can display counters in real time or from a saved log file MCTS Windows Server 2008 Active Directory
Performance Monitor (cont.) MCTS Windows Server 2008 Active Directory
Collecting Baseline Performance Data Using real-time monitoring can be difficult since there is no point of reference, or baseline, for comparing data To create a baseline, you create a data collector set that specifies the performance counters you want to collect Performance monitoring uses system resources Monitoring remotely can reduce the strain on a system MCTS Windows Server 2008 Active Directory
Collecting Baseline Performance Data (cont.) MCTS Windows Server 2008 Active Directory
Data Collector Sets A data collector set can contain a variety of types of information: Performance counters Counter alerts Event traces System configuration Common use is to create a baseline Predefined data collector sets can be run as they are or used as templates to create user-defined data collector sets MCTS Windows Server 2008 Active Directory
Reports Reports folder contains reports generated from data collector sets User Defined subfolder contains reports generated by user-defined data collector sets System subfolder contains folders for each system data collector set After a data collector set runs, a report is generated automatically and placed in a folder with the name of the data collector set MCTS Windows Server 2008 Active Directory
Reports (cont.) MCTS Windows Server 2008 Active Directory
Reliability Monitor Tracks system changes and logs a variety of hardware and software failures Changes are indicated on a timeline graph Can track how stable / reliable your system has been over a period of time Icons that indicate failure, information, or warning are the same as those in Event Viewer Reliability monitor tracks five event types: Software (Un)Install Application failures Hardware failures Windows failures Miscellaneous failures MCTS Windows Server 2008 Active Directory
Reliability Monitor (cont.) MCTS Windows Server 2008 Active Directory
Windows System Resource Manager Helps you manage processor and memory resource on heavily used systems Can fine tune resource use so that each process has an equal share of resources WSRM includes the following features: Preconfigured and custom policies Policies based on calendar rules Automatic policy application Resource monitoring data MCTS Windows Server 2008 Active Directory
Windows System Resource Manager (cont.) MCTS Windows Server 2008 Active Directory
WSRM Management Policies WSRM is designed to be used on multipurpose servers with high CPU utilization WSRM doesn’t apply CPU use policies until total utilization reaches 70% Preconfigured WSRM policies: Equal_Per_Process Equal_Per_User Equal_Per_IISAppPool Equal_Per_Session Can use custom policies as well MCTS Windows Server 2008 Active Directory
Analyzing Active Directory Performance To ensure AD performance, monitor performance indicators such as: AD DS DNS Replication Active Directory Storage MCTS Windows Server 2008 Active Directory
Monitoring Active Directory Replication Replication of Active Directory is critical to the operation of a Windows Server 2008 domain Three tools can be used to monitor aspects of Active Directory replication: Repadmin Replmon Dcdiag Replication and AD health should be verified proactively MCTS Windows Server 2008 Active Directory
Managing Server Core Administration of a Server Core installation is done primarily from the command line Server Core is ideal for virtualized installs Some aspects of Server Core can be managed remotely (usually MMC) MCTS Windows Server 2008 Active Directory
Common Server Core Configuration Tasks Tasks that might need to be performed: Activating Windows Server 2008 Slmgr.vbs –ato Changing the administrator password “net user administrator *” List installed features and roles Oclist Install new server roles and features Ocsetup Join a domain Netdom join computername /domain:domainname Installation of AD DS requires dcpromo to be run in unattended mode MCTS Windows Server 2008 Active Directory
Common Server Core Configuration Tasks (cont.) Dcpromo switches: /replicaOrNewDomain /replicaDomainDNSName /ConfirmGC /InstallDNS /UserName /Password /RebootOnSuccess /SafeModeAdminPassword MCTS Windows Server 2008 Active Directory
Managing Server Core Remotely Some snap-ins require no additional configuration Other snap-ins require reconfiguration of various firewall settings before you can connect To allow remote management of Server Core from any MMC, type the following: Netsh advfirewall firewall set rule group=“Remote Administration” new enable=yes Snap-ins that may require additional configuration: Disk management Device manager IPSec Management Windows Firewall with Advanced Security MCTS Windows Server 2008 Active Directory
Additional Server and Active Directory Tools Additional tools for managing a Windows Server 2008 environment: Bcdedit Dsacls Dsdbutil Dsmgmt Dfsutil Dnscmd Icacls Servermanagercmd Winrs Many more additional commands exist, for a more complete reference, visit the Microsoft Download Web site (www.microsoft.com/downloads) and search on “Windows Command Reference” MCTS Windows Server 2008 Active Directory
Chapter Summary Active Directory maintenance involves backup and restore of the server and the Active Directory database as well as offline maintenance tasks Windows Server Backup enables you to back up entire servers, volumes, and the system state The Active Directory database becomes fragmented over time. To ensure performance, use online defragmentation and offline defragmentation Four tools are commonly used to monitor and fine-tune the performance and reliability of Active Directory and the server: Event Viewer, Task Manager, Reliability and Performance Monitor, and Windows Server Resource Manager MCTS Windows Server 2008 Active Directory
Chapter Summary (cont.) Task Manager and Resource Monitor provide a real-time look at key performance indicators, such as CPU, disk, network, and memory utilization Reliability Monitor tracks several different system failures and includes a numeric indicator of your server’s reliability Server Core has a minimal user interface and is ideal for branch office servers and for virtualizing servers performing particular roles Hundreds of command-line tools are available to manage all aspects of a Windows Server 2008 environment MCTS Windows Server 2008 Active Directory