Saturday, October 10, 2015

Highly Available 2008 R2 RDS Infrastructure


SCENARIO: Deploy highly available 2008 R2 Connection Broker. There are different ways to do this, but in our scenario, we will cluster the connection broker server, create a shared cluster service, and use NLB to balance the initial connection load on the session hosts.

PREREQUISITES:

SESSION HOSTS
2 Server 2008 R2 Servers with Session Host Roll installed
Session Host servers should have two NIC's (One for RDP and the other for NLB)

CONNECTION BROKERS
2 Server 2008 R2 servers with Connection Broker Roll installed.

Ensure that all servers are members of the same domain.
Ensure that all servers are able to communicate with each other (work out subnet / VLAN issues if any exist)

STEPS OVERVIEW
1. Install Failover Cluster feature on Connection Brokers
2. Create drive / folder for quorum drive (this is for failover clustering and in this example we will use a folder)
3. Create share cluster service.
4. Install NLB on Session Hosts.
5. Configure NLB on Session Hosts.
6. Create Session Host Farm.
7. Create appropriate DNS entries.

Saturday, June 27, 2015

Using Perfmon to Analyze High CPU Usage.


Scenario

Your CPU utilization is maxing out and you want to find how what is responsible for the high CPU.  Sometimes the process is obvious in that you can look at task manager to see who is using the most CPU, but that alone doesn't give you a snapshot of what is happening on your server over a period of time.

To begin, use the instructions from this article to capture perfmon data while you are experiencing the high CPU state.  Let it capture a decent amount of time so that you can see trends.

After you capture the perfmon data, open it up by double clicking on the appropriate .blg file in the C:\Perflogs folder.  You should see something like the above image.  Unfortunately, this image isn't terribly helpful.  So we will need to remove all the counters and then start by adding counters systematically.

Friday, June 26, 2015

Creating Secure Personal Drive Space

Scenario

Your job has given you a "work laptop" that you also use (legitimately, of course) for your own occasional personal computing, so you've amassed some personal files over the course of your employment. Now suppose that computer got taken away from you before you had a chance to get those files off? Perhaps one day you walk into your office and find a brand new laptop waiting for you. Cool! Except - where is your old one? "Don't worry!" says Helpful I.T. Guy, "All your work files are on the network, just log in to this new one and you'll have them." Yes, but were your personal files deleted? And if not, does the person who now has your old computer have access to those files?

That's not an unlikely scenario - and worse ones can be imagined. What if one day your HR rep walks in with a security guard to announce that you've been downsized - "Stop what you're doing on that computer, gather your personal belongings, and come with us." Now what?

In this article I will explain my setup for avoiding issues like this. In reality the entire setup is fairly straightforward and not very time consuming, it actually took me several times longer to write the article than to do the setup! So don't be afraid to jump in.

Wednesday, April 29, 2015

Memory Leaks in Nonpaged Pool

Found this video on Youtube.  It's a good introduction to finding nonpaged pool memory leaks. This really isn't as much of a problem in Windows Server 2008 R2 and above, but good information here.


https://support.microsoft.com/en-us/kb/177415

Thursday, April 16, 2015

How to Enable Procmon Boot Logging with Script


Scenario:

In order to use Procmon to log operations on boot up, you have to go to Options and then select Enable Boot Logging. Once you have done that, you can reboot your computer, logon to your computer, launch Procmon again, and then you can save the boot log.  There may be an occasion when you want to enable it on multiple machines using a script.  This is not something that you can do given the current command line arguments.

Wednesday, April 15, 2015

Using Analytic and Debug Logs


It's common for IT administrators to use the native Windows logs to search for problems.  Two of the most commonly used logs are the "System" and the "Application" logs.  However, not everyone takes advantage of the the other built in operational logs.  When you go to event viewer, you can expand "Applications and Services Logs" to reveal a vast array of logs. Many of them are empty, but many of them are capturing useful data that can help you discover what is going on with your computer.

For more information on what each of these logs and log types are visit this link https://technet.microsoft.com/en-us/library/cc722404.aspx

In this post, I want to talk about the analytic and debug logs.  The Windows Logs give you information across your system.  It will show you hardware events, system events, security events, application events, etc.  It will do this for all sorts of components and application.  The Applications and Services Logs will drill into individual components and report only on those.

Friday, February 6, 2015

Using NetSh to Capture Network Traces



Scenario


You have a client / server application that appears is running slowly and you suspect the issue is network related.  You want to capture a network trace from the client and the server at the same time, but you don't want to install Wireshark or Network Monitor on either machine.

Netsh Trace


In the above scenario, it is important to get a simultaneous network trace from the client and the server while the problem is occurring. Open an administrative command prompt on both the client and on the server.  Enter the following command into both prompts:

netsh trace start capture=yes

Then launch the application to reproduce the slowness,  If it takes a long time for the application to launch, then continue to capture until the application is fully launched.  If some functionality within the application is slow, then be sure to capture the entire period of slowness in your trace.

Once you have gathered the data you need, use the following command to stop the trace:

netsh trace stop

Your command line should look like the above command line.  Notice that, by default, the max size of the trace file will be 250MB, that it is a circular (will overwrite the oldest data once the file size reaches 250MB), and you can see that it will show you the path were the .etl trace will be stored.