MCTS Guide to Configuring
Microsoft Windows Server 2008
Active Directory
Chapter 13: Server Management and
Monitoring
Objectives
• Perform Active Directory maintenance tasks • Monitor an Active Directory environment
• Manage a Server Core installation
• Use several command-line tools to manage a Windows Server 2008 environment
Windows Server Backup and Restore
• Windows Server Backup is new in Windows Server 2008 and supersedes NTBackup.exe
• Must be installed with Server Manager • Some features and limitations
– Backups can be run manually or scheduled with Task Scheduler – Separate files or folders can’t be backed up; you can only choose
which volumes to back up
– Scheduled backups require a dedicated fixed or removable disk as the backup destination when you’re using Windows Server Backup
• Select one of the following options:
Windows Server Backup and Restore
(cont.)
Creating Scheduled Backups
• Scheduled backups give you the flexibility to run a backup at a particular time of the day, once per day, or multiple times per day
• Before using the Backup Schedule Wizard, know:
– What do you want to back up?
– When and how often should the backup occur? – Where will backups be stored?
Data Recovery
• You can recover files and folders, the system state, Active Directory, or the entire server from a backup • Windows Server Backup can recover only files,
folders, and volumes
• Command-line utilities used for more complete recovery
• To start the recovery process, click recover in the Actions pane of Windows Server Backup
Backup and Restore from the Command
Line
• Windows Server Backup has less flexibility than its command-line equivalent utilities
• Wbadmin.exe can perform all tasks available in Windows Server Backup and more
– Perform a system state backup – Recover the system state
– Delete a system state backup
– Restore or delete a backup catalog
• Most tasks with Wbadmin require you to be a
member of the Backup Operators or Administrators group
Perform a System Recovery
• If full recovery is necessary, you need the Windows Server 2008 installation disk or access to Windows Recovery Environment (WinRE)
• Can be installed on a server’s hard drive by pressing F8 when the boot process starts
• Can also be accessed from the Windows Server 2008 installation DVD
• You can restore a complete backup from a local or removable disk or a network location
Active Directory Backup and Restoration
• Active Directory is backed up when you perform a fullbackup of a domain controller or when you back up the volumes containing system recovery information
• Restoration can be authoritative or nonauthoritative • Nonauthoritative restore restores the Active Directory
database, or portions of it, and allows it to be updated
through replication; requires a restart into Domain Services Restore Mode (DSRM)
• Authoritative restore ensures that restored objects aren’t overwritten by changes from other domain controllers through replication
Active Directory Backup and Restoration
(cont.)
Active Directory Defragmentation
• Active Directory database requires periodic maintenance in the form of defragmentation and compaction
• Online defragmentation occurs when garbage collection is performed
• Objects that have been deleted for more than 180 days are removed by garbage collection
• Object marked for removal after a period of time has been “tombstoned”
• Online defragmentation removes deleted objects but doesn’t compact the database
• Offline defragmentation compacts the database • Compaction is performed with the Ntdsutil program
Active Directory Monitoring
• Windows Server 2008 provides tools to manage and monitor server operation and resources,
including the following:
– Event Viewer – Task Manager
– Reliability and Performance Monitor – Windows Server Resource Manager
Event Viewer
• Used to examine event log entries generated by system services and applications
• Events categorized by levels
– Information
• Indicated by blue i inside a white circle
– Warning
• Indicated by a black ! inside a yellow triangle
– Error
• Indicated by a white ! inside a red circle
• Selecting an event shows more detailed information
Task Manager
• Provides a simple interface for viewing the performance of a Windows computer
• Started by pressing Ctrl + alt + delete and then clicking “Task Manager,” by right-clicking the taskbar and clicking Task manager, or by typing Taskmgr into a command
prompt
• Windows Server 2008 adds the Services and Resource Monitor tabs
• Shows real-time graphical display of:
– CPU utilization – Disk utilization – Network utilization – Memory utilization
Reliability and Performance Monitor
• Consists of a collection of tools
• Can be opened from Administrative tools folder or the Diagnostics node in Server Manager
• Contains the following folders:
– Monitoring Tools – Data Collector sets – Reports
Performance Monitor
• Uses counters to track performance of a variety of objects
• A counter is a value representing some aspect of an object’s performance
• Counters exist for virtually every hardware and OS component on a server
• Performance monitor can track counters with a line graph, histogram, or as raw data saved to a report • Can display counters in real time or from a saved
Collecting Baseline Performance Data
• Using real-time monitoring can be difficult since there is no point of reference, or baseline, for comparing data
• To create a baseline, you create a data collector set that specifies the performance counters you want to collect
• Performance monitoring uses system resources • Monitoring remotely can reduce the strain on a
Collecting Baseline Performance Data
(cont.)
Data Collector Sets
• A data collector set can contain a variety of types of information
– Performance counters – Counter alerts
– Event traces
– System configuration
• Common use is to create a baseline
• Predefined data collector sets can be run as they are or used as templates to create user-defined data collector sets
Reports
• Reports folder contains reports generated from data collector sets
• User Defined subfolder contains reports generated by user-defined data collector sets
• System subfolder contains folders for each system data collector set
• After a data collector set runs, a report is generated automatically and placed in a folder with the name of the data collector set
Reliability Monitor
• Tracks system changes and logs a variety of hardware and software failures
• Changes are indicated on a timeline graph
• Can track how stable / reliable your system has been over a period of time
• Icons that indicate failure, information, or warning are the same as those in Event Viewer
• Reliability monitor tracks five event types
– Software (Un)Install – Application failures – Hardware failures – Windows failures
Windows System Resource Manager
• Helps you manage processor and memory resource on heavily used systems
• Can fine-tune resource use so that each process has an equal share of resources
• WSRM includes the following features:
– Preconfigured and custom policies – Policies based on calendar rules – Automatic policy application
Windows System Resource Manager
(cont.)
WSRM Management Policies
• WSRM is designed to be used on multipurpose servers with high CPU utilization
• WSRM doesn’t apply CPU use policies until total utilization reaches 70% • Preconfigured WSRM policies – Equal_Per_Process – Equal_Per_User – Equal_Per_IISAppPool – Equal_Per_Session
Analyzing Active Directory Performance
• To ensure AD performance, monitor performance indicators such as:
– AD DS – DNS
– Replication
Monitoring Active Directory Replication
• Replication of Active Directory is critical to the operation of a Windows Server 2008 domain • Three tools can be used to monitor aspects of
Active Directory replication
– Repadmin – Replmon – Dcdiag
• Replication and AD health should be verified proactively
Managing Server Core
• Administration of a Server Core installation is done primarily from the command line
• Server Core is ideal for virtualized installs
• Some aspects of Server Core can be managed remotely (usually MMC)
Common Server Core Configuration Tasks
• Tasks that might need to be performed
– Activating Windows Server 2008
• Slmgr.vbs –ato
– Changing the administrator password
• “net user administrator *”
– List installed features and roles
• Oclist
– Install new server roles and features
• Ocsetup
– Join a domain
• Netdom join computername /domain:domainname
• Installation of AD DS requires dcpromo to be run in unattended mode
Common Server Core Configuration Tasks
(cont.)
• Dcpromo switches – /replicaOrNewDomain – /replicaDomainDNSName – /ConfirmGC – /InstallDNS – /UserName – /Password – /RebootOnSuccess – /SafeModeAdminPasswordManaging Server Core Remotely
• Some snap-ins require no additional configuration • Other snap-ins require reconfiguration of various
firewall settings before you can connect
• To allow remote management of Server Core from any MMC, type the following:
– Netsh advfirewall firewall set rule group=“Remote Administration” new enable=yes
• Snap-ins that may require additional configuration
– Disk management – Device manager – IPSec Management
Additional Server and Active Directory
Tools
• Additional tools for managing a Windows Server 2008 environment – Bcdedit – Dsacls – Dsdbutil – Dsmgmt – Dfsutil – Dnscmd – Icacls – Servermanagercmd – Winrs
• Many more additional commands exist; for a more complete reference, visit the Microsoft Download Web site
Chapter Summary
• Active Directory maintenance involves backup and restore of the server and the Active Directory database as well as
offline maintenance tasks
• Windows Server Backup enables you to back up entire servers, volumes, and the system state
• The Active Directory database becomes fragmented over time; to ensure performance, use online defragmentation and offline defragmentation
• Four tools are commonly used to monitor and fine-tune the performance and reliability of Active Directory and the
server: Event Viewer, Task Manager, Reliability and Performance Monitor, and Windows Server Resource Manager
Chapter Summary (cont.)
• Task Manager and Resource Monitor provide a real-time look at key performance indicators, such as CPU, disk, network, and memory utilization
• Reliability Monitor tracks several different system failures and includes a numeric indicator of your server’s reliability • Server Core has a minimal user interface and is ideal for
branch office servers and for virtualizing servers performing particular roles
• Hundreds of command-line tools are available to manage all aspects of a Windows Server 2008 environment
