philipnet

Our network administrator sticks with NTBackup for all his backups. He routinely checks Event Viewer on all the servers to ensure that the backup started, went smoothly and finished OK.

Except on Friday when one of our remote servers failed to finish although it didn’t log a reason why. Our network manager rebooted the server twice, each time trying to get the backup to start running. On examining Event Viewer he noticed that Microsoft Operations Manager had suffered a Critical Error trying to monitor the IIS logs folder. Of course he had no idea what this Operations Manager piece of software was and so quizzed me about it when arrived.

To get him off my back I uninstalled the MOM agent on that remote server whilst checking the Operations Console. I remarked that MOM had registered an event saying that drive E was low on space. Drive E is a large USB drive where all the backups are stored.

It doesn’t take too much thought to realise that the backups failed because there was no space on the drive. Yet the network administrator had blindly tried to get them to run without checking nor finding what the problem really was – as well as blaming the MOM agent for something totally unrelated. If it wasn’t for me, I wonder just how long it would have taken him to figure out what wrong  ?

When setting up a guest machine under VS, “Virtual Machine Additions” is a recommended addition. Simply put, installing VMAdditions will give you greater integration between the guest OS and the host you are running on as well as provide monitoring information to the host OS. To install VMAdditions, log on to the Virtual Server administration website, pull up the configuration page for the particular guest OS and click on “install Virtual Machine Additions”. You’ll be taken to a new page and check the check box for “Install Virtual Machine Additions” and click on OK. As long as the Guest OS is running, then the system will think that the Virtual Machine Additions CD Rom has just been inserted and will automatically run the install .

If, like some people, you want to run a Domain Controller under VS, then take heed of this point: http://www.mcse.ms/message1187251.html . In the General Properties of the server, you need to specify a user account for the guest OS to run under and then check “Automatically turn on virtual machine if it was running when Virtual Server was stopped”. However, you can only make these changes if the guest OS has been turned off.

Hmm, it seems that permission issues rear their ugly head here. If you have, like I have, created a domain account for VS to run under, you want it to have the least permissions possible -i.e. for it just to be a member of Domain Users. For that to work, navigate your way to
  C:\Documents and Settings\All Users\Documents
(or wherever you have Virtual Server store it’s settings) and give that user modify permissions on the Shared Virtual Machines folder.

And I do like the integrated mouse – Oh yes, I won’t forget to install VMAdditions that from now on!

I’m in the process of migrating a test server on to two test servers. I want to have SQL, SMS and MOM running on one box, and another justing being a DC (the main MOM application won’t run on a DC you see). I’m also making use of Windows 2003 Server, which I am slowly tweaking.

I want to run my DC headless (i.e. with no keyboard, mouse or monitor attached), but yet I need an easy way to turn it off. The ACPI Power button is, oddly enough, ideal for this, but by default on Windows 2003 Server and 2000 a single press doesn’t have any effect when the machine is at the logon screen.

As detailed here you have to go into Group Policy and enable “Computer Configuration” —> “Windows Settings” —> “Security Settings” —> “Local Policies” —> “Security Options” —> “Shutdown: Allow system to be shut down without having to log on”. You also have to disable the Shutdown Tracker by going into “Computer Configuration” —> “Administrative Templates” —> “System” —> “Display Shutdown Event Tracker”. And then a reboot or group policy refresh later the machine is quite happy to shut itself down with a single press of the power button  . 

I also came across this neat site http://www.msfn.org/win2k3/ which gives instructions on how to setup Windows 2003 Server to act more like a workstation.

Firstly, a big thank you to Adam, at Microsoft, whom I spent nearly two and a half hours on the phone to.

Today started at about 8:30 am, when I walked into the office. It ended at 18:30, with me feeling totally exhausted and knowing that whilst today was full of mind extending information, tomorrow would be mind numbing tedium being relegated from my position of the guy-they-call-upon-when-it-all-falls-to-pieces-who-is-also-an-I.T.-Technician to being a plain old I.T. Technician.

It began by being told that the majority of the staff couldn’t log on whilst those that had stayed logged from yesterday were OK - although they couldn’t then get their email. There were numerous errors in Active Directory about the Domain Controller and Operations Manager of a sub-domain being unable to replicate information to and from the parent domain; the other DC in the sub-domain also wasn’t happy. The DNS servers contained corrupt information and the time on my computer was out by about 5 or 6 minutes.

OK, so I know that the last item seems inconsequential but, if you have ever troubleshooted NDS and AD, you know that the having the same time on all the servers is very important when it comes to ensuring that information is being replicated.

As it stands all workstations are joined to the child where as most of our servers, and some older workstations, reside in the parent domain. There is a Transitive/two-way trust between the domains but, as it was broken, staff users of newer machines couldn’t log on. Using Active Director Domains and Trusts I verified on both sides of it that the trust was up and fully functional, so that wasn’t the issue. However, when forcibly trying to replicate the NTDS from within Active Directory Sites and Services, from the parent to the child domains, it failed saying that the DSA operation failed and claiming that it was a DNS problem. I thought that just adding the entry for the child DC into the DNS would solve it, but that wasn’t to be.

The morning was dragging on by this point, and now most of the staff were able to login and get their email – the system almost seemed to be auto-magically fixing itself. Additionally, a colleague had remembered that on a previous occasion when they had Active Directory problems, the time on the client had been important. Armed with that knowledge, and that moving a workstation to the parent domain could fix the problem, he tried to correct some of the remaining non-functional PCs. This was met with limited success, but at least it got a few more users on. (Incidentally, temporarily disconnecting the workstation from the network would allow the rest of the staff to login; although never heard back on just how far they could get into the system).

It’s now after lunch and ex-student, Adam, has been contacted by one of his old tutors and wants us to run MPSRPT_DirSvc/DirSvc from http://www.microsoft.com/downloads/details.aspx?FamilyID=cebf3c7c-7ca5-408f-88b7-f9c79b7306c0b on a DC in the parent domain. The report from that gets sent off, and then reply comes back that he wants the DirSvc output from the child domain and that there’s crud in the DNS servers/services and that we need to rebuild them. That process won’t take long, but I decided to wait until classes had started and had been running for 5-10 minutes.

Then a reply comes back that things are much more serious than that and that we need to transfer domain operations to a new machines, dc-un-promo the two child domain DCs and then re-add them. We start the process, only to get a call from Adam to say that we might not need to do that. Over the course of the following two and a half hours, Adam talks me through troubleshooting AD, rebuilding the DNS services, improving their configuration and that of all the DCs, whilst at the same time moaning about the idiot who set it up in the first place – that would be my colleagues then  .

It finally comes to half six and we have a properly configured DNS and DC servers with suitable entries in the DNS for the DCs, and that replication is proceeding smoothly between the parent and child domain. Tomorrow begins the process of documenting the changes I made (change control), which will almost be the first pieces of documentation made on our servers(!) and instigating some fine tuning and performance enhancing features. As well as ensuring that the DCs don’t get out of time sync!

Whilst I was downloading several MOM management packs, I came across a link which said “Sign up for Download Notifications” and pointed me to: http://go.microsoft.com/fwlink/?LinkId=39737 .

After following a few links I managed to sign up for a shed load of emails from Microsoft. Time will tell just how many of them are useful/of any use.

One mildly amusing thing (from my point of view) is that I can sign up for different language versions of their main emails  . One annoying thing (from my point of view) is they don't provide English/UK versions of all of their English/US mailings  .

All,

Hot on the news that Microsoft have re-released the MS04–028 scanner (that scans for the GDI+ vulnerability): http://www.microsoft.com/downloads/details.aspx?familyid=c4745685-9521-4b63-a338-0b3e2dcbf2bb , I want to know how people keep up to date with these developments (and other announcements) from Microsoft?

And a sort of answer I hope!

First thing today, the network administrator asked me if I had been downloading anything. It seems that since midday yesterday through to midnight, our internet utilisation was at or near 100%! He then says to me that there's this Network Monitor program that comes with SMS, have you looked at it?

I was puzzled. I didn't know anything about this Network Monitor program, I hadn’t seen anything to do with this during the installation of SMS nor was then a mention of this in Start —> Programs —> SMS . Well it turns out that there's this NetMon folder on the SMS CD and inside the SP1 upgrade which houses the Network Monitor installer.

First it looks like a good idea to go into Tools —> Find Routers and let it take as long as it wants to find all the routers in an organisation - It found our three this way. Or you could start capturing data (try the Play button at the top ). Once stopped, you can look at the captured data and/or perform analysis on it. And then, and only then, can you easily get it to resolve host names and store the results.

Except that it was querying our DNS server which was replying with stale information. So I instigated scavenging of our DNS data, with a configuration that works well with our DHCP settings. However time will tell (i.e. next month!) just how well it all works.

Back to Net Mon, and with the captured data you can then run an Expert over the data to get it to report on (say) the “Top Users” to find out who's hogging all the bandwidth. The only problem with it is that it won't give you real time statistics which is what our network administrator is after. Oh well.

No, nothing to do with how much bandwidth the remote client takes - but a warning instead.

It seems that copying data from the host machine to the guest OS - via the ‘external’ network adaptor, kills the machine. The whole machine. Including the host. Yes, our SMS server experienced it's first (and second) “System was unresponsive” shutdown state! .
And the second time - well I had to make sure that it wasn't just some fluke and that copying the data really did kill the machine .

Virtual Server 2005

We've installed MS's Virtual Server at work which I'm using a build up a small virtual SMS test lab. It's not too bad, and I only have two issues with it:

1. If a virtual host POSTS but doesn't find and then load an OS, it won't idle on the processor time and MSVS will let it use a good proportion of the whole systems CPU time just sitting there, waiting.
2. MSVS will kick off my remote connections to the virtual hosts if the host is doing a fair bit of network activity. It did this whilst installing AdminStudio (SMS Edition) and it was so bad during the installation of WUS that I copied it to the local HDD of the virtual host.

We are going to have to see how it plays during normal use.

A handy hint for those using Window 2000 and Virtual Server 2005

If you try to install MSVS on Windows 2000 it will complain and fail to install stating that the OS is not supported. But if you just want the remote connection software then the program you need is
  C:\Program Files\Microsoft Virtual Server\VMRC Client\vmrc.exe
just run it or copy it to your local PC from an XP or 2003 Server machine and create a desktop shortcut Easy as pie.

Windows Update Services

I'm also exploring WUS on this test virtual lab. It's main advantage over SMS is the supposedly easy deployment of driver updates. Whether this is as easy as it seems remains to be determined. Either way, I think that there is scope for both SMS and WUS in a production environment - whenever WUS is deemed stable enough.