Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Windows Server 2008

advertisement 
MCTS Guide to Configuring
Microsoft Windows Server 2008
Active Directory
Chapter 13: Server Management and
Monitoring
Objectives
•
•
•
•
Perform Active Directory maintenance tasks
Monitor an Active Directory environment
Manage a Server Core installation
Use several command-line tools to manage a
Windows Server 2008 environment
MCTS Windows Server 2008 Active Directory
2
Windows Server Backup and Restore
• Windows Server Backup is new in Windows Server 2008
and supersedes NTBackup.exe
• Must be installed with Server Manager
• Some features and limitations
– Backups can be run manually or scheduled with Task Scheduler
– Separate files or folders can’t be backed up; you can only choose
which volumes to back up
– Scheduled backups require a dedicated fixed or removable disk as the
backup destination when you’re using Windows Server Backup
• Select one of the following options:
– Always perform full backup
– Always perform incremental backup
– Custom
MCTS Windows Server 2008 Active Directory
3
Windows Server Backup and Restore
(cont.)
MCTS Windows Server 2008 Active Directory
4
Creating Scheduled Backups
• Scheduled backups give you the flexibility to run a
backup at a particular time of the day, once per
day, or multiple times per day
• Before using the Backup Schedule Wizard, know:
– What do you want to back up?
– When and how often should the backup occur?
– Where will backups be stored?
MCTS Windows Server 2008 Active Directory
5
Creating Scheduled Backups (cont.)
MCTS Windows Server 2008 Active Directory
6
Data Recovery
• You can recover files and folders, the system state,
Active Directory, or the entire server from a backup
• Windows Server Backup can recover only files,
folders, and volumes
• Command-line utilities used for more complete
recovery
• To start the recovery process, click recover in the
Actions pane of Windows Server Backup
MCTS Windows Server 2008 Active Directory
7
Data Recovery (cont.)
MCTS Windows Server 2008 Active Directory
8
Data Recovery (cont.)
MCTS Windows Server 2008 Active Directory
9
Backup and Restore from the Command
Line
• Windows Server Backup has less flexibility than its
command-line equivalent utilities
• Wbadmin.exe can perform all tasks available in
Windows Server Backup and more
–
–
–
–
Perform a system state backup
Recover the system state
Delete a system state backup
Restore or delete a backup catalog
• Most tasks with Wbadmin require you to be a
member of the Backup Operators or Administrators
group
MCTS Windows Server 2008 Active Directory
10
Perform a System Recovery
• If full recovery is necessary, you need the Windows
Server 2008 installation disk or access to Windows
Recovery Environment (WinRE)
• Can be installed on a server’s hard drive by
pressing F8 when the boot process starts
• Can also be accessed from the Windows Server
2008 installation DVD
• You can restore a complete backup from a local or
removable disk or a network location
MCTS Windows Server 2008 Active Directory
11
Active Directory Backup and Restoration
• Active Directory is backed up when you perform a full
backup of a domain controller or when you back up the
volumes containing system recovery information
• Restoration can be authoritative or nonauthoritative
• Nonauthoritative restore restores the Active Directory
database, or portions of it, and allows it to be updated
through replication; requires a restart into Domain Services
Restore Mode (DSRM)
• Authoritative restore ensures that restored objects aren’t
overwritten by changes from other domain controllers
through replication
MCTS Windows Server 2008 Active Directory
12
Active Directory Backup and Restoration
(cont.)
MCTS Windows Server 2008 Active Directory
13
Active Directory Defragmentation
• Active Directory database requires periodic maintenance in
the form of defragmentation and compaction
• Online defragmentation occurs when garbage collection is
performed
• Objects that have been deleted for more than 180 days are
removed by garbage collection
• Object marked for removal after a period of time has been
“tombstoned”
• Online defragmentation removes deleted objects but doesn’t
compact the database
• Offline defragmentation compacts the database
• Compaction is performed with the Ntdsutil program
MCTS Windows Server 2008 Active Directory
14
Active Directory Monitoring
• Windows Server 2008 provides tools to manage
and monitor server operation and resources,
including the following:
–
–
–
–
Event Viewer
Task Manager
Reliability and Performance Monitor
Windows Server Resource Manager
MCTS Windows Server 2008 Active Directory
15
Event Viewer
• Used to examine event log entries generated by
system services and applications
• Events categorized by levels
– Information
• Indicated by blue i inside a white circle
– Warning
• Indicated by a black ! inside a yellow triangle
– Error
• Indicated by a white ! inside a red circle
• Selecting an event shows more detailed
information
MCTS Windows Server 2008 Active Directory
16
Event Viewer (cont.)
MCTS Windows Server 2008 Active Directory
17
Task Manager
• Provides a simple interface for viewing the performance of a
Windows computer
• Started by pressing Ctrl + alt + delete and then clicking
“Task Manager,” by right-clicking the taskbar and clicking
Task manager, or by typing Taskmgr into a command
prompt
• Windows Server 2008 adds the Services and Resource
Monitor tabs
• Shows real-time graphical display of:
–
–
–
–
CPU utilization
Disk utilization
Network utilization
Memory utilization
MCTS Windows Server 2008 Active Directory
18
Task Manager (cont.)
MCTS Windows Server 2008 Active Directory
19
Reliability and Performance Monitor
• Consists of a collection of tools
• Can be opened from Administrative tools folder or
the Diagnostics node in Server Manager
• Contains the following folders:
– Monitoring Tools
– Data Collector sets
– Reports
MCTS Windows Server 2008 Active Directory
20
Performance Monitor
• Uses counters to track performance of a variety of
objects
• A counter is a value representing some aspect of
an object’s performance
• Counters exist for virtually every hardware and OS
component on a server
• Performance monitor can track counters with a line
graph, histogram, or as raw data saved to a report
• Can display counters in real time or from a saved
log file
MCTS Windows Server 2008 Active Directory
21
Performance Monitor (cont.)
MCTS Windows Server 2008 Active Directory
22
Collecting Baseline Performance Data
• Using real-time monitoring can be difficult since
there is no point of reference, or baseline, for
comparing data
• To create a baseline, you create a data collector
set that specifies the performance counters you
want to collect
• Performance monitoring uses system resources
• Monitoring remotely can reduce the strain on a
system
MCTS Windows Server 2008 Active Directory
23
Collecting Baseline Performance Data
(cont.)
MCTS Windows Server 2008 Active Directory
24
Data Collector Sets
• A data collector set can contain a variety of types
of information
–
–
–
–
Performance counters
Counter alerts
Event traces
System configuration
• Common use is to create a baseline
• Predefined data collector sets can be run as they
are or used as templates to create user-defined
data collector sets
MCTS Windows Server 2008 Active Directory
25
Reports
• Reports folder contains reports generated from
data collector sets
• User Defined subfolder contains reports generated
by user-defined data collector sets
• System subfolder contains folders for each system
data collector set
• After a data collector set runs, a report is generated
automatically and placed in a folder with the name
of the data collector set
MCTS Windows Server 2008 Active Directory
26
Reports (cont.)
MCTS Windows Server 2008 Active Directory
27
Reliability Monitor
• Tracks system changes and logs a variety of hardware and
software failures
• Changes are indicated on a timeline graph
• Can track how stable / reliable your system has been over a
period of time
• Icons that indicate failure, information, or warning are the
same as those in Event Viewer
• Reliability monitor tracks five event types
–
–
–
–
–
Software (Un)Install
Application failures
Hardware failures
Windows failures
Miscellaneous failures
MCTS Windows Server 2008 Active Directory
28
Reliability Monitor (cont.)
MCTS Windows Server 2008 Active Directory
29
Windows System Resource Manager
• Helps you manage processor and memory
resource on heavily used systems
• Can fine-tune resource use so that each process
has an equal share of resources
• WSRM includes the following features:
–
–
–
–
Preconfigured and custom policies
Policies based on calendar rules
Automatic policy application
Resource monitoring data
MCTS Windows Server 2008 Active Directory
30
Windows System Resource Manager
(cont.)
MCTS Windows Server 2008 Active Directory
31
WSRM Management Policies
• WSRM is designed to be used on multipurpose
servers with high CPU utilization
• WSRM doesn’t apply CPU use policies until total
utilization reaches 70%
• Preconfigured WSRM policies
–
–
–
–
Equal_Per_Process
Equal_Per_User
Equal_Per_IISAppPool
Equal_Per_Session
• Can use custom policies as well
MCTS Windows Server 2008 Active Directory
32
Analyzing Active Directory Performance
• To ensure AD performance, monitor performance
indicators such as:
–
–
–
–
AD DS
DNS
Replication
Active Directory Storage
MCTS Windows Server 2008 Active Directory
33
Monitoring Active Directory Replication
• Replication of Active Directory is critical to the
operation of a Windows Server 2008 domain
• Three tools can be used to monitor aspects of
Active Directory replication
– Repadmin
– Replmon
– Dcdiag
• Replication and AD health should be verified
proactively
MCTS Windows Server 2008 Active Directory
34
Managing Server Core
• Administration of a Server Core installation is done
primarily from the command line
• Server Core is ideal for virtualized installs
• Some aspects of Server Core can be managed
remotely (usually MMC)
MCTS Windows Server 2008 Active Directory
35
Common Server Core Configuration Tasks
• Tasks that might need to be performed
– Activating Windows Server 2008
• Slmgr.vbs –ato
– Changing the administrator password
• “net user administrator *”
– List installed features and roles
• Oclist
– Install new server roles and features
• Ocsetup
– Join a domain
• Netdom join computername /domain:domainname
• Installation of AD DS requires dcpromo to be run in
unattended mode
MCTS Windows Server 2008 Active Directory
36
Common Server Core Configuration Tasks
(cont.)
• Dcpromo switches
–
–
–
–
–
–
–
–
/replicaOrNewDomain
/replicaDomainDNSName
/ConfirmGC
/InstallDNS
/UserName
/Password
/RebootOnSuccess
/SafeModeAdminPassword
MCTS Windows Server 2008 Active Directory
37
Managing Server Core Remotely
• Some snap-ins require no additional configuration
• Other snap-ins require reconfiguration of various
firewall settings before you can connect
• To allow remote management of Server Core from
any MMC, type the following:
– Netsh advfirewall firewall set rule group=“Remote
Administration” new enable=yes
• Snap-ins that may require additional configuration
–
–
–
–
Disk management
Device manager
IPSec Management
Windows Firewall with Advanced Security
MCTS Windows Server 2008 Active Directory
38
Additional Server and Active Directory
Tools
• Additional tools for managing a Windows Server 2008
environment
–
–
–
–
–
–
–
–
–
Bcdedit
Dsacls
Dsdbutil
Dsmgmt
Dfsutil
Dnscmd
Icacls
Servermanagercmd
Winrs
• Many more additional commands exist; for a more complete
reference, visit the Microsoft Download Web site
(www.microsoft.com/downloads) and search on “Windows
Command Reference”
MCTS Windows Server 2008 Active Directory
39
Chapter Summary
• Active Directory maintenance involves backup and restore of
the server and the Active Directory database as well as
offline maintenance tasks
• Windows Server Backup enables you to back up entire
servers, volumes, and the system state
• The Active Directory database becomes fragmented over
time; to ensure performance, use online defragmentation
and offline defragmentation
• Four tools are commonly used to monitor and fine-tune the
performance and reliability of Active Directory and the
server: Event Viewer, Task Manager, Reliability and
Performance Monitor, and Windows Server Resource
Manager
MCTS Windows Server 2008 Active Directory
40
Chapter Summary (cont.)
• Task Manager and Resource Monitor provide a real-time
look at key performance indicators, such as CPU, disk,
network, and memory utilization
• Reliability Monitor tracks several different system failures
and includes a numeric indicator of your server’s reliability
• Server Core has a minimal user interface and is ideal for
branch office servers and for virtualizing servers performing
particular roles
• Hundreds of command-line tools are available to manage all
aspects of a Windows Server 2008 environment
MCTS Windows Server 2008 Active Directory
41
Related documents
reading
reading
Construction Check List for The Preserve, Delwood Point, and
Construction Check List for The Preserve, Delwood Point, and
Faculty Directory Information Form
Faculty Directory Information Form
Data Classification Examples
Data Classification Examples
Membership Enrollment Form
Membership Enrollment Form
Download
advertisement