Windows Server 2008 R2 Unleashed (265 page)
Read Windows Server 2008 R2 Unleashed Online
Authors: Noel Morimoto
1341
information that is stored on a read-only DFS replica is read-only, users are not able to
modify/delete/create the replicated content. Therefore, information that is stored in a
read-only DFS replica is protected at branch office locations from accidental modification.
For more information on understanding and deploying DFSR, review Chapter 28, “File
System Management and Fault Tolerance.”
32
Group Policies
Windows Server 2008 R2 now uses DFSR to replicate Group Policy Objects between
domain controllers within a domain. By leveraging DFSR differential replication, changes
only occur between two domain controllers and not all of the domain controllers as in the
past. As a result, the amount of bandwidth required during Group Policy replication is
greatly reduced.
Group policies, which are the traditional Administrative Template files, are now replaced
with new XML-based files called ADMX in Windows Server 2008 R2. Moreover, the new
ADMX files are stored in a centralized store within SYSVOL. Thus, the new templates,
storage of group policies, and utilization of DFSR for replication improve branch office
solutions because less data needs to be replicated between the branch office and hub site.
For more information on understanding and implementing Group Policy Objects, see
ptg
Chapter 27, “Group Policy Management for Network Clients.”
SMB Version 2.0
Another enhancement for Windows Server 2008 R2 branch office deployments is the
server message block (SMB) protocol version 2.0. SMB, originally invented at IBM, is an
application-level network file-sharing protocol mainly applied when accessing files, print-
ers, serial ports, and miscellaneous communications between computers on a network.
The protocol hasn’t evolved much since it was originally created 15 years ago. As a result,
the protocol is considered to be overly chatty and generates unnecessary network traffic
between computers on a network. This especially hinders users at branch office implemen-
tations when accessing files over the WAN to a hub site, especially if the WAN link is slow
or already congested.
Microsoft understands the concerns and limitations with the existing version of SMB and
has completely rewritten SMB to meet the demand of today’s branch office needs. The
benefits and improvements of the new SMB version 2.0 protocol on WAN network perfor-
mance and end-user experience when transferring data between the branch office and hub
sites include the following:
. Efficiency, performance, and data streaming are improved and are four to five times
faster than the older version of SMB.
. The client can increase parallel requests.
. Offline capabilities are included, which is beneficial on slow networks and improves
the end-user experience.
. Synchronization performance for offline files is improved.
1342
CHAPTER 32
Optimizing Windows Server 2008 R2 for Branch Office
Communications
. Multiple client requests can be compounded into a single round-trip.
. Users can now work in offline mode and synchronize changes on demand.
. Server scalability has been increased by reduced per-connection resource usage.
. The amount of bandwidth required for network communications has been dramati-
cally reduced.
Windows Server 2008 R2 provides fundamental technologies that assist organizations in
implementing solutions for their branch offices. When dealing with branch offices that
lack physical security and IT personnel, it is a best practice for organizations to combine
the new Windows Server 2008 R2 technologies such as RODCs and BitLocker when
deploying domain controllers at their remote locations. These combined technologies
provide the strongest solution when security, ease of management, and prevention of data
loss are concerns or business requirements.
Finally, with Windows Server 2008 R2, organizations can maintain the performance, avail-
ptg
ability, and productivity benefits of a local branch office server while avoiding the nega-
tive issues typically associated with branch office environments, including, but not limited
to, connectivity setbacks and management overhead.
The following are best practices from this chapter:
. Utilize the latest Windows Server 2008 R2 technologies to improve support and
return on investment at the branch office.
. Leverage Read-Only Domain Controllers when there is a lack of experienced IT
support personnel supporting the domain controller at the branch office and to
reduce replication workload between the branch office and hub site.
. Use RODCs at the branch office to maintain administrator role separation and isola-
tion because the domain controller is hosting more than one application.
. Conduct a staged implementation of an RODC if there is a need to have a non–highly
privileged administrator conduct the RODC installation at the branch office.
. Exploit BitLocker to encrypt domain controller volumes at the branch office when
theft and a lack of physical security are concerns.
. When implementing BitLocker at the branch office, leverage more than one factor
for maximizing security and protection during bootup of the Windows Server 2008
R2 domain controller.
Best Practices
1343
. For maximum protection, combine all of the new Windows Server 2008 R2 branch
office technologies, such as RODCs, BitLocker, and Server Core installation, when
deploying domain controllers at branch offices.
. Employ DFSR to the branch office and replicate branch office data back to a hub site
to eliminate the need for branch office backups.
32
. Take advantage of the Next Generation TCP/IP stack, including SMB version 2, to reap
the benefits of increased WAN performance between a branch office and hub sites.
ptg
This page intentionally left blank
ptg
IN THIS CHAPTER
Logging and Debugging
. Using the Task Manager for
Logging and Debugging
. Using Event Viewer for Logging
and Debugging
. Performance and Reliability
Monitoring
. Setting Baseline Values
Up until this chapter, the book has focused on planning,
. Using the Debugging Tools
designing, implementing, and migrating to Windows Server
Available in Windows Server
2008 R2. This chapter pays attention to the built-in
2008 R2
management tools for monitoring, logging, debugging, and
. Task Scheduler
validating reliability, which help organizations identify and
isolate problems in their networking environments.
Many of the tools identified in this chapter are similar to
those used in previous versions of Windows; however, as
ptg
with most features of the Windows Server family of prod-
ucts, the features and functionality of the tools have been
improved and expanded upon in Windows Server 2008 R2.
This chapter covers the Task Manager for logging and
debugging issues, the Event Viewer for monitoring and
troubleshooting system issues, Performance Monitor, the
new Best Practices Analyzer tool, the Task Scheduler for
automation, and additional debugging tools available with
Windows Server 2008 R2.
The Task Manager is a familiar monitoring tool found in
Windows Server 2008 R2. Ultimately, the tool is very
similar to the Task Manager included with previous versions
of Windows such as Windows Server 2003. It still provides
an instant view of system resources, such as processor activ-
ity, process activity, memory usage, networking activity,
user information, and resource consumption. However,
there are some noticeable changes, including the addition
1346
CHAPTER 33
Logging and Debugging
of a Services tab and the ability to launch the Resource Monitor directly from the
Performance tab.
The Windows Server 2008 R2 Task Manager is very useful for an immediate view of key
system operations. It comes in handy when a user notes slow response time, system prob-
lems, or other nondescript problems with the network. With just a quick glance at the
Task Manager, you can see whether a server is using all available disk, processor, memory,
or networking resources.
There are three methods to launch the Task Manager:
.
Method 1—
Right-click the taskbar and select Task Manager.
.
Method 2—
Press Ctrl+Shift+Esc.
.
Method 3—
Press Ctrl+Alt+Del and select Start Task Manager.
When the Task Manager loads, you will notice six tabs, as shown in Figure 33.1.
ptg
FIGURE 33.1
The Windows Task Manager.
TIP
If you are working on other applications and want to hide the Task Manager, deselect
Always on Top in the Task Manager’s Options menu. In addition, select Hide When
Minimized to Keep the Task Manager off the taskbar when minimized.
The following sections provide a closer look at how helpful the Task Manager compo-
nents can be.
Using the Task Manager for Logging and Debugging
1347
Monitoring Applications
The first tab on the Task Manager is the Applications tab. The Applications tab provides a
list of tasks in the left column and the status of these applications in the right column.
The status information enables you to determine whether an application is running and
allows you to terminate an application that is not responding. To stop such an applica-
tion, highlight the particular application and click End Task at the bottom of the Task
Manager. You can also switch to another application if you have several applications
running. To do so, highlight the program and click Switch To at the bottom of the Task
Manager. Finally, you can create a dump file that can be used when a point-in-time snap-
33
shot of every process running is needed for advanced troubleshooting. To create a dump
file, right-click on an application and select Create Dump File.
Monitoring Processes
The second Task Manager tab is the Processes tab. It provides a list of running processes,
or Image Names, on the server. It also measures the performance in simple data format.
This information includes CPU percent used, memory allocated to each process, and user-
name used in initiating a process, which includes system, local, and network services.
ptg
You can sort the processes by clicking the CPU or Memory (Private Working Set) column
header. The processes are then sorted in order of usage. This way, you can tell which one
is using the most of these resources and is slowing down performance of your server. You
can terminate a process by selecting the process and clicking the End Process button.
Many other performance or process measures can be removed or added to the Processes
tab. They include, but are not limited to, process identifier (PID), CPU time, session ID,
and page faults. To add these measures, select View, Select Columns to open the Select
Column property page. Here, you can add process counters to the process list or remove
them from the list.
Monitoring Services
With the release of Windows Server 2008, the newest edition to the family of Task
Manager tabs was the Services tab. When selected, you can quickly assess and trou-
bleshoot a specific service by viewing whether it has stopped or is still running. The
Services tab also offers additional key details, including the service name, service descrip-
tion, and service group. In addition, it is also possible to launch the Services snap-in if
there is a need to make changes to a specific service. For example, if you know a given
service should be running and you don’t see it running on the Processes tab (a common
one is spoolsv.exe, which is the Windows Print Spooler service executable), you can just
go to the Services tab and attempt to start the service from there. It’s very rudimentary,
but in keeping with what Task Manager is typically used for—it does offer a quick
overview of system status and preliminary problem resolution.
