Embed Size (px)
Citation preview
Major Differences between windows 2000 & 2003
OS Related Windows 2003 supports 64 bit version OS Windows 2003 supports SharePoint services Windows 2003 supports Volume Shadow Copies Windows 2003 supports increased security for Internet connections Windows 2003 has Automated System Recovery (ASR) feature Windows 2003 has Inbuilt firewall. Windows Server 2003 introduces the concept of a Majority Node Set. This allows server clusters
to be built without using the shared disk for the quorum. This enables you to build and configure geographically dispersed clusters.
Windows 2000 supports IPV4 whereas 2003 supports both IPV4 & IPV6 Windows 2000 supports only 8 processors and 64 GB RAM whereas 2003 supports up to 64
processors and max of 512GB RAM. Windows 2000 supports 4-node clustering and 2003 supports 8-node clustering Windows 2000 - IIS 5 and windows 2003 – IIS 6 Windows 2000 doesn't support Dot net whereas 2003 Supports Microsoft .NET 1.1(2.0 in R2) Windows 2000 has Server and Advance Server editions whereas 2003 has Standard, Enterprise,
Datacenter and Web server Editions. Windows 2000 server gives only 90 days trial version of Terminal server. But windows server
2003 gives 120 days trial version. Windows 2000 server has 10 user limit when accessing the shared folder at the same time,
whereas there is no limit in windows 2003 server The default permission for a shared folder in Windows Server 2003 is the now only READ
permission granted to the ‘everyone’ group. Introduction of DNS Stub zones in windows 2003.
NOTE: 64-bit systems offer direct access to more virtual and physical memory than 32-bit systems and process more data per clock cycle, enabling more scalable, higher performing computing solutions.
Active Directory related Domain Rename in Windows 2003 Universal group caching supported in Win2003 (DC's can cache the Global Catalogue thus
preventing user logon problems if no Global Catalogue server is available.. This feature allows users to log on to a domain at a remote site without having a global catalog server present in that site)
Drag-and-drop functionality for moving AD objects in windows 2003 domain Command line tools like DSMOD, DSQUERY, DSADD group and DSGET for modifying/querying
domain objects/ managing group memberships In 2000 we don't have end user policy management, whereas in 2003 we have a End user policy
management which is done in GPMC (Group policy management console). GPUPDATE & GPRESULT In windows 2003 server, AD partition is 5 where as in 2k that is 3 the added partition is: 1) Global
catalog 2) Application partition. In 2000 we have cross domain trust relation ship and 2003 we have Cross forest trust
relationship. Between parent and child, there is built in trust .It is called as transitive trust. In 2k the Domain operation Roles and only two mode of operation and in Win2k3 there are 4
modes of Domain operation [2000 native mode, 2000 mixed mode, Windows 2003 interim mode and windows 2003 mode]
In 2000 we can create 1 million users and in 2003 we can create 1 billion users Win 2003 has service called ADFS (Active Directory Federation Services) which is used to
communicate between branches with safe authentication.
Windows 2003 R2 new featuresR2 is not a service pack, but rather a re-release of the Windows Server 2003 operating system. R2 is a roll up of the original Windows Server 2003 code, Service Pack 1, and the various feature packs that have been released for Windows Server 2003. Well, there are actually quite a few new features that we will see for the first time in R2
Active Directory Federation Service - Active Directory Federation Service extends the Active Directory to the Web.
Quota management - In R2, quotas can be applied at the folder level, not just at the volume level. Furthermore, you can do things like apply a quota across a set of folders. You can even structure the quota so that Windows does not allow a folder to grow beyond a certain size, regardless of who owns the files within the folder. You can now restrict folder content by file type. For example, imagine that in the past you have had problems with users storing their collection of MP3 files on your servers.
Hardware Management - You can use Windows Remote Management (WinRM) to manage server hardware remotely across firewalls and monitor conditions on servers that are offline.
MMC 3.0 – SharePoint Central Administration – Web browser interface for managing your server Storage Management for SANs - Storage Manager for SANs is a new Microsoft Management
Console (MMC) snap-in that helps you create and manage logical unit numbers (LUNs) on fibre channel and iSCSI disk drive subsystems in your storage area network (SAN). Storage Manager for SANs can be used on storage subsystems that support Virtual Disk Server (VDS).
What is Windows Server 2008 RC?"RC" refers to "Release Candidate." This means that it is a pre-release version, released a few weeks or months before the RTM release. Release candidates usually have all the features of the final product, but may still have some minor bugs that will be fixed by the RTM release.
Windows 2008 Features
Support for up to 2TB Memory (on 64bit) OS installation is completely GUI and requires less User intervention Combined Search/Run command BCD (Boot configuration data) – replaces Boot.ini. BCD editor is BCDEDIT Firewall enabled by default Quota Management – Volume level as well as Folder level quotas Windows Server Backup – replaces NTBACKUP and not backward compatible with NTBACKUP Windows Deployment Services - replaces Automated Deployment Services and RIS Fine Grained Password and account lockout policies – ability to have multiple password and
account policies in a single domain. Network Access Protection (NAP) – NAP is a quarantine technology which identifying machines
that doesn’t have the latest virus signatures, service packs or security patches. Uses SHV (System Health Validator), SHA (System Health Agent) & a SoH (Statement of Health) to validate the health of client before granting access to Network Resources.
Network Policy Server (NPS) – DNS - Full support for IPv6. Recognition and support for RODC (Read-only Domain Controllers).
Creation of a new DNS zone called GlobalNames Zone (GNZ) a way of incorporating WINS resolution within DNS
DHCP – Full support for IPv6 Re-startable AD - is implemented as a normal Windows service that can be stopped and started
as required. Not only will this reduces the need for reboots, but it also it simplifies offline actions such as defragging the AD database.
AD DS (Active Directory Domain Services) – replaces ADS (Active Directory Services) with more features. Remember DCPROMO can be run only after installing AD DS Role to create a DC.
AD LDS (Active Directory® Lightweight Directory Services) - provides directory services for directory-enabled application (functionality that was provided by Active Directory Application Mode (ADAM), does not require DNS. An instance of AD LDS is a single running copy of AD LDS. Multiple copies of AD LDS can run simultaneously on the same computer. This is not true for
AD DS, the full service. No Kerberos, no Group policies, required. This is more of particular interest to Application Development not Server Administrators.
AD FS (Active Directory® Federation Services) - ADFS is a single-sign-on technology that uses claims-based authentication to validate a user's identity across domains. Normally when the user's account is in one domain and the resource is in another, the resource will prompt the user for local credentials. ADFS eliminates the secondary credential request; the user's identity is validated, and access provided, based on information in the user's home directory.
AD RMS (Active Directory Rights Management Services) - used for restricting access to rights-protected content to authorized users only. Companies can use this technology to encrypt information stored in such document formats, and through policies embedded in the documents, prevent the protected content from being decrypted except by specified people or groups, in certain environments, under certain conditions, and for certain periods of time
AD CS (Active Directory Certificate Services Role) - is a low cost method of issuing digital certificates internally and maintaining a Certificate Authority (CA) infrastructure.
FSRM (File Server Resource Manager) - Quota management, File screening management & Storage reports management
Failover Clusters - x64-based failover clusters support up to 16 nodes in a single cluster & Clusters nodes can have their IP addresses assigned by DHCP.
Read-Only Domain Controllers - these domain controllers will be used in environments where you need a domain controller but you cannot guarantee the physical security of the server.
Server Core Installation - a new type of install of Windows Server 2008 that will allow you to only install the typical Windows network infrastructure services – DHCP, DNS, file sharing, and domain controller functions. There will be no local GUI interface to the OS. Provides benefits such as Reduced maintenance, Reduced attack surface, Reduced management & Less disk space required
Windows Server Virtualization - Hyper-V virtualizes the system resources of a physical computer. Computer virtualization allows you to provide a virtualized environment for operating systems and applications. When used alone, Hyper-V™ is typically used for server computer virtualization. When Hyper-V is used in conjunction with Virtual Desktop Infrastructure (VDI), Hyper-V is used for client computer virtualization. Hyper-V supported only on 64bit OS & requires Hardware VT
Windows BitLocker Drive Encryption - allows you to encrypt all of the hard drives on a server. This will prevent the data from being viewed if a hard drive or the server is stolen.
Server Manager - new console that will put all the snap-ins you need to manage your server in a single place, making it easier and faster to for administrators to manage Windows 2008 Servers.
Microsoft .NET 3.0 IIS 7.0 - has been redesigned with new administration interface. Now IIS 7 is module based so
not necessary modules can be turned off to enhance performance and new modules can be added to extend the features.
Remote Desktop Services – replaces Terminal Services and supports Web Access Transactional NTFS file systems so it is possible to tie up Transactional file commands. For
instance in a transactional file system environment you can copy a group of file in a transaction mode so either all of the file will be copied to the destination or none of them will be copied. This kind of features you might have seen in SQL Server platforms.
Self-Repairable NTFS file system - it ensures while the server is running another service can check for disk problems and fix it automatically without interrupting the server operations.
Multiple parallel sessions - the new session model in both Vista and Windows Server 2008 can initiate at least four sessions in parallel, or even more if a server has more than four processors.
Clean Service Shutdowns - usually in windows servers or window workstations, while shutting down the system it uses a typical 20 second timer that will give 20 second time to all the services to shutdown. In this scenario, some services will exit with error because that service was working with the disk which requires a longer time to finish the work. Now in Windows 2008 Server, that 20-second countdown has been replaced with a service that will keep applications given the signal all the time they need to shut down, as long as they continually signal back that they're indeed shutting down.
Kernel Transaction Manager - This is a feature which developers can take advantage of, which could greatly reduce and might eliminate, one of the most frequent causes of System Registry and file system corruption: multiple threads seeking access to the same resource.
Address Space Load Randomization (ASLR) - Perhaps one of the most controversial added features already, especially since its debut in Vista, ASLR makes certain that no two subsequent instances of an operating system load the same system drivers in the same place in memory each time
Windows Hardware Error Architecture (WHEA) - Microsoft has actually standardized the error – more accurately, the protocol by which applications report to the system what errors they have uncovered.
Powershell - Now we know it's a part of the shipping operating system: the radically new command line tool that can either supplement or completely replace GUI-based administration.
Windows Events has been upgraded to version 6.0 with a lot of features for the developers to track their errors on windows applications.
Windows 2008 R2 Features Windows Server 2008 R2 is a pure 64-bit OS Microsoft .NET 3.5 IIS 7.5 Scalability of up to 256 logical processors (up to 64 x64/64-bit processors in 2008 R2 Datacenter) Hot Add/Replace Memory and Processors with supporting hardware (in 2008 R2 Datacenter) Support for 2 terabytes of RAM (in 2008 R2 Datacenter) Support for a 16-node failover cluster (in 2008 R2 Datacenter) Hyper-V–based unlimited virtualization (in 2008 R2 Datacenter) Unlimited virtual image use rights (in 2008 R2 Datacenter) Windows Powershell 2.0
Different editions of Windows Server 2008Standard Edition
Enterprise Edition DataCenter Edition Web Server Edition HPC Server Edition Standard, Enterprise, DataCenter Edition for Itanium systems Standard, Enterprise, DataCenter Edition for 64-bit with and without Hyper
Where is the i386 folder for Windows Server 2008 after the installation?There is no i386 folder on server 2008. It is replaced by SOURCES folder
Backup S/W's & versionsBuilt-in NTBACKUPVERITAS Netbackup 6.0 MP4/6.5.3/6.5.4
Memory DumpsTypes, configure, & troubleshoot if not created Complete memory dump(It contains all information from kernel and user mode address spaces
that was in physical memory at the time of the dump(paging file on boot volume sufficient to hold all the physical RAM plus 1 megabyte, previous file overwritten if 2nd time dump occurs))
Kernel memory dump(records only the kernel memory & must have between 150MB-2GB of PF space, previous file overwritten if 2nd time dump occurs)
Small memory dump (64 KB) - records the smallest set of useful information & requires PF size of about 2MB, new files are created each time dump occurs and are stored in %System Root%\ Minidump.
Kernel and Complete Memory Dumps are written to %SystemRoot%\Memory.dmp by default.
Complete memory dump option, can also be enabled by manually setting the registry entry under the following registry subkey to 1"HKEY_LOCAL_MACHINE\SYSTEM\Current Control Set\ Control\Crash Control\CrashDumpEnabled"
Methods to generate a manual kernel dump file or a complete memory dump file - Using Keyboard, hold right CTRL key and pressing the SCROLL LOCK key two times or Generate NMI option using ILO
NOTE: By default, ‘complete memory dump’ is disabled. You can enable the option if the computer has more than 2 GB of physical RAMNOTE: Windows 2008 has different process of enabling Complete Memory Dump. Additional MS hotfixes need to be installed to effectively enable the dump option
Windows does not save memory dump file after a crash The Memory.dmp file already exists and the option Overwrite Any Existing File (found in Control
Panel System) is not selected. The paging file on the boot drive is not large enough The paging file is not on the %systemroot% partition If you specify a non-existent path, a dump file will not be written. There is not room for the Memory.dmp file in the path specified in Control Panel for writing the
memory dump. If you have problems obtaining a manual memory dump file, you may have to update the SCSI
controller firmware and driver from the hardware vendor
Windebug - How to configure & analyze DMP file?Create folder "c:\symbols" & Open Windbg, click File/Symbol path, copy/paste the following: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Save Workspace so that you need not again enter the symbols paths from next time. Run "!analyze -v" to debug the DMP file
Client not getting DHCP IP - Why?Ensure NIC set to obtain IP automaticallytry ipconfig/release & renewCheck Drivers of NIC/speed/duplex settingsCheck DHCP scope & if it is authorized or notCheck NIC, Cable & SwitchEnsure that host is in correct VLAN of the switch
Is RDP enabled by default when Windows 2003/2008 R2 is installed?RDP is not enabled by default when 2003/2008 is installed. You need to manually enable it.
Remote means to connect to a serverRDPRDP ConsoleRADMINILO/DRAC/IBM ConsoleAVOCENTTELNET
Which default MS tool is used to connect to a server in the absence of ILO/3rd party tool?You can use Windows Remote Management (WinRM) to manage server hardware remotely across firewalls and monitor conditions on servers that are offline. This was introduced with Windows 2003 R2. WinRM provides a command-line interface for common management tasks and a scripting application programming interface (API) for writing Windows Script Host-based system administration scripts.
Using WinRM, you can write scripts to monitor and control the state of server hardware by communicating with a Baseboard Management Controller (BMC). A BMC is a separate micro-controller with its own network adapter that is connected to the processor board of a server and can monitor conditions even when the server is off or malfunctioning. A new Windows Management Interface (WMI) provider for Intelligent Platform Management Interface (IPMI) exposes six new WMI classes for accessing BMC information with scripts.
WinRM is not installed by default with Windows Server 2003 R2. To install it, open Add or Remove Programs from Control Panel, and click Add/Remove Windows Components.
POST (Power-On Self-Test)The first thing that the BIOS does when it boots the PC is to perform what is called the Power-On Self-Test, or POST for short. The POST is a built-in diagnostic program that checks your hardware to ensure that everything is present and functioning properly, before the BIOS begins the actual boot. It later continues with additional tests (such as the memory test that you see printed on the screen) as the boot process is proceeding.
Beeps MeaningSteady, short beeps Power supply may be badLong continuous beep tone
Memory failure
Steady, long beeps Power supply badNo beep Power supply bad, system not plugged in, or power not turned on
No beepIf everything seems to be functioning correctly there may be a problem with the 'beeper' itself. The system will normally beep one short beep.
One long, two short beeps
Video card failure
Boot process of Windows 2003BIOS: performs Power On Self Test (POST) BIOS: loads MBR from the boot device specified/selected by the BIOS MBR: contains a small amount of code that reads the partition table, the first partition marked as active is determined to be the system volume MBR: loads the boot sector from the system volume BOOT SECTOR: reads the root directory of the system volume at loads NTLDR NTLDR: reads BOOT.INI from the system volume to determine the boot drive (presenting a menu if more than 1 entry is defined) NTLDR: loads and executes NTDETECT.COM from the system volume to perform BIOS hardware detection NTLDR: loads NTOSKRNL.EXE, HAL.DLL, BOOTVID.DLL (and KDCOM.DLL for XP upwards) from the boot (Windows) volume NTLDR: loads \WINDOWS\SYSTEM32\CONFIG\SYSTEM which becomes the system hive HKEY_LOCAL_MACHINE\System NTLDR: loads drivers flagged as "boot" defined in the system hive, then passes control to NTOSKRNL.EXE NTOSKRNL.EXE: brings up the loading splash screen and initializes the kernel subsystem NTOSKRNL.EXE: starts the boot-start drivers and then loads & starts the system-start drivers NTOSKRNL.EXE: creates the Session Manager process (SMSS.EXE) SMSS.EXE: runs any programs specified in BootExecute (e.g. AUTOCHK, the native API version of CHKDSK) SMSS.EXE: processes any delayed move/rename operations from hotfixes/service packs replacing in-use system files SMSS.EXE: initializes the paging file(s) and the remaining registry hives ** before this step completes, bugchecks will not result in a memory dump as we need a working page file on the boot (Windows) volume **SMSS.EXE: starts the kernel-mode portion of the Win32 subsystem (WIN32K.SYS) SMSS.EXE: starts the user-mode portion of the Win32 subsystem (CSRSS.EXE) SMSS.EXE: starts WINLOGON.EXE WINLOGON.EXE: starts the Local Security Authority (LSASS.EXE) WINLOGON.EXE: loads the Graphical User Identification and Authentication DLL (MSGINA.DLL by default) WINLOGON.EXE: displays the logon window WINLOGON.EXE: starts the services controller (SERVICES.EXE) ** at this point users can logon **
SERVICES.EXE: starts all services marked as automatic
NOTES: The SYSTEM volume is the partition from which the boot process starts, containing the MBR, boot sector, NTLDR, NTDETECT.COM & BOOT.INI
The BOOT volume is the partition which contains the Windows folder - this can be a logical partition
Boot process of Windows 2008System is powered on The CMOS loads the BIOS and then runs POST Looks for the MBR on the bootable device Through the MBR the boot sector is located and the BOOTMGR is loaded BOOTMGR looks for active partition BOOTMGR reads the BCD file from the \boot directory on the active partition The BCD (boot configuration database) contains various configuration parameters( this information was previously stored in the boot.ini) BOOTMGR transfer control to the Windows Loader (winload.exe) or winresume.exe in case the system was hibernated. Winloader loads drivers that are set to start at boot and then transfers the control to the windows kernel.The Windows boot environment also includes the Windows Memory Tester (Memdiag.exe or Memdiag.efi). You can start this diagnostic tool from the boot manager to verify that RAM is working correctly.New data store that replaces Boot.iniThe Boot Configuration Data (BCD) store replaces the text-based Boot.ini file. In the BCD store, the Windows boot manager, the Windows boot loader, and other boot applications are represented as program objects (GUIDs) instead of text items. A new tool, BCDEdit.exe, enables you to use basic and extended commands to modify these objects in order to control all aspects of the boot process. Although the data store represents each object with a GUID, some objects have alias names for common use, such as {bootmgr} (which refers to boot manager) and {default} (which refers to the default Windows boot loader). Applications can modify boot configuration data by using a new BCD Windows Management Instrumentation (WMI) provider.You can use the standard system application Msconfig.exe to provide a graphical interface for viewing and modifying a subset of the boot configuration settings. You must run Msconfig.exe with administrative rights.
PoolmonMemory Pool Monitor (Poolmon.exe) displays data that the operating system collects about memory allocations from the system paged and nonpaged kernel pools and about the memory pools used for Terminal Services sessions. The data is grouped by pool allocation tag. This information can be used by Microsoft Technical Support to find kernel mode memory leaks.A memory leak is caused by an application or by a process that allocates memory for use but that does not free the memory when the application or process finishes. Therefore, available memory is completely used over time. Frequently, this condition causes the system to stop functioning correctly. Below ID’s will be logged,
Event ID: 2020 Source: Srv Description: The server was unable to allocate from the system paged pool because the pool was empty.
Event ID: 2019 Source: Srv Description: The server was unable to allocate from the system nonpaged pool because the pool was empty.
What is event ID 6008 and 1001?Event 1001 Source: Save Dump – When BSOB occurs
Event 6005 is logged at boot time noting that the Event Log service was started. Event 6006 is logged as a clean shutdown. Event 6008 is logged as a dirty shutdown (unexpected shutdown)Event 6009 is logged during every boot and indicates the operating system version, build number, service pack level, and other pertinent information about the system. Depending on your current configuration, it gives a message similar to: "Microsoft (R) Windows NT 4.0 1381 Service Pack 6 Multiprocessor free".
What's an application pool is IIS?It's an area that processes requests from website(s). If there's a crash, this area is normally "recycled" (reset) in order for it to work again. The recycle happens after a defined time - meaning your website is effectively down until the recycle occurs. When adding websites to your server, make sure to give each one its own application pool. This effectively isolates each website from an application crash. This is good for two reasons:- If one application pool crashes, it doesn't affect the others It's much easier to identify the site that is having the problem when all sites are in their own application pool - i.e. it's the ONLY site having issues
Default settings in IISWhen you add a website to your server, it's automatically added to the Default Application Pool (DefaultAppPool, found in IIS > Application Pools). This means that unless you intervene, all your sites are running in the same application pool. Not Good. Symptoms of an application pool crashWhen you get an application pool crash, your website(s) in that pool stop responding. You will see no error - just they will freeze and nothing happens when you try to load the website in a browser. This will appear to be intermittant because in reality the application pool is recycling (resetting) after a crash. If it's the first time you experience this, it can be very puzzling and ultimately frustrating because there's no apparent clue as to what is happening. What to do if your sites have these symptomsGo to IIS, then right click on DefaultAppPool (under Application Pools) and select Recycle.
What is resource kit? Name of the part of resource kit?The Microsoft Windows Server Resource Kit Tools are a set of tools to help administrators streamline management tasks such as troubleshooting operating system issues, managing Active Directory®, configuring networking and security features, and automating application deployment.
What is RIS and steps to initiate it You can use RIS (Remote Installation Services) to create installation images of operating systems or of complete computer configurations, including desktop settings and applications. You can then make these installation images available to users at client computers. You can also specify which RIS server will provide installations to a given client computer, or you can allow any RIS server to provide the installation.When you use RIS, a CD-ROM is not required for installation of an operating system on a client computer. The client computers must support remote booting with the Pre-Boot eXecution Environment (PXE) ROM, or they must be started with a remote-startup floppy disk and contain a network adapter that is supported by that disk.
RIS can be used only for clean installations and can't be used to upgrade a previous version of Windows. On Windows 2003, two services are required to provide Remote Installation Services: DHCP and Remote Installation Service. The Remote Installation Server doubles as a proxy DHCP server to provide Boot Server and Filename instructions to clients. Remote Installation Service utilizes UDP port 4011 to provide clients the contents of each page the OS Chooser displays. Additionally, this service can provide drivers to clients; it is often used to provide the workstation's network card driver, which is required to launch the OS Chooser and mount the share where images are stored.
RIS Pre-requisites and Dependencies Active Directory and DNS in particular DHCP The RIS partition on RIS server that stores the image for deployment should be on NTFS
partition. Store the image away from the system files.
Client machines with PXE network cards.
CLUSTERINGWhat is clustering and types of clustering?A cluster is a group of computers, called nodes that function as a single computer/system to provide high availability and high fault tolerance for applications or services. If one member of the cluster (the node) is unavailable, the other computers carry the load so that applications or services are always (with a small interruption) available. Typical uses for server clusters include file servers, print servers, database servers, and messaging servers.
Cluster categorizationsThere are four forms of clustering wherein each form caters to a specific need. They are; Load Balancing, High Availability, Grid Computing and Compute Clusters.
High-availability (HA) clusters (Failover Clusters)High availability focuses on the nodes ability to be fully available under any circumstances. The functions could be implemented by each node wherein each node becomes a back-up to another node in case something wrong happens. High availability is also referred to as failover clusters or clusters with high redundancy level. The advantage is, of course, on its promise of stability. However, this type of clustering might not use the full potential of nodes as some could be used only as a back-up. Both nodes should be of same HW configuration. Each component or node has the ability to provide the needed function so that it can easily take over when one of the nodes fails
HA Clustering could be differentiated based on the behavior of the nodesActive/active configuration - In this type of HA clustering the nodes are programmed to share the workload. However, when one node fails to function, the workload of the failed node will be distributed to other nodes until the failed node is fixed.Active/passive configuration - The nodes in this configuration all have redundant functions wherein they will take over the primary node in case any problem arises.
Load-balancing clustersLoad balancing allows you to combine two or more computers into a cluster. You can use NLB to distribute workloads (TCP/IP requests) across the cluster nodes in order to support a larger number of simultaneous users.Load balancing enhances the performance of the servers, leads to their optimal utilization and ensures that no single server is overwhelmed. Load balancing is particularly important for busy networks, where it is difficult to predict the number of requests that will be issued to a server. Requests initiated from the user are managed by, and distribute the load among the group of servers, which is also known as a server cluster. All the application configurations across these servers should be the same.One of the most common applications of load balancing is to provide a single Internet service from multiple servers, sometimes known as a server farm. Commonly, load-balanced systems include popular web sites, large Internet Relay Chat networks, high-bandwidth File Transfer Protocol sites, Network News Transfer Protocol (NNTP) servers and Domain Name System (DNS) servers.
Compute clustersCompute cluster is basically a type of clustering wherein the nodes are connected together or have an active relationship so that it could achieve the desired computation. The advantage of compute cluster is based on the fact that it utilizes each node to reach the right computation. Compute clusters are often used in highly complicated computations wherein a single computer will not have the ability to provide the right output. These types of computer clusters are usually used for scientific and mathematical purposes as these fields require heavy calculations.On the other hand, compute cluster might run into the problem of stability. Since each node will be required to compute separately, each node might not be working well which could jeopardize the entire operation. That means maintenance is always a priority in each node since the nodes has an important functions to do to ensure success of the computation.
Grid ComputingGrid computing is a type of computer clustering wherein the nodes have different functions but they do not communicate with each other. Compared to compute clustering, grid computing is more versatile as each node could have a completely different set of functions. Maintenance on grid
computing is relatively easy since troubleshooting is only based per node. Other functions might continue working while the failed node could be replaced or fixed.On the other hand, grid computing might not provide the speed of computing when compared to compute clusters. Since each node is independent, it will take a lot of time before the specific calculation is achieved. It might even have the same problem with compute clustering wherein one node could jeopardize the whole computation because of its inability to function on time.
In Windows we can configure two types of clusters
NLB (network load balancing) cluster for balancing load between servers. This cluster will not provide any high availability. Usually preferable at edge servers like web or proxy.Server Cluster - This provides High availability by configuring active-active or active-passive cluster. In 2 node active-passive cluster one node will be active and one node will be stand by. When active server fails the application will FAILOVER to stand by server automatically. When the original server backs we need to FAILBACK the application
Quorum: A shared storage need to provide for all servers which keeps information about clustered application and session state and is useful in FAILOVER situation. This is very important if Quorum disk fails entire cluster will fails.
Heartbeat: Heartbeat is a private connectivity between the servers in the cluster, which is used to identify the status of other servers in cluster.
Application ClusteringBefore you can install any applications into clustering, you must first install Windows Server clustering services.
Cluster configurationSteps to configure prior to actual cluster installation Double check to ensure that all the nodes are working properly and are configured identically
(hardware, software, drivers, etc.). Check to see that each node can see the data and Quorum drives on the shared array or SAN.
Remember, only one node can be on at a time until Windows 2003 clustering is installed. Verify that none of the nodes has been configured as a Domain Controller. Check to verify that all drives are NTFS and are not compressed. Ensure that the public and private networks are properly installed and configured. Ping each node in the public and private networks to ensure that you have good network
connections. Also ping the Domain Controller and DNS server to verify that they are available. Verify that you have disabled NetBIOS for all private network cards. Verify that there are no network shares on any of the shared drives. Check all of the error logs to ensure there are no nasty surprises. If there are, resolve them before
proceeding with the cluster installation. Check to verify that no antivirus software has been installed on the nodes. Antivirus software can
reduce the availability of clusters and must not be installed on them. If you want to check for possible viruses on a cluster, you can always install the software on a non-node and then run scans on the cluster nodes remotely.
Check to verify that the Windows Cryptographic Service Provider is enabled on each of the nodes.
Check to verify that the Windows Task Scheduler service is running on each of the nodes. If you intend to run SQL Server 2005 Reporting Services, you must then install IIS 6.0 and
ASP .NET 2.0 on each node of the cluster If you intend to use SQL Server encryption, install the server certificate with the fully qualified
DNS name of the virtual server on all nodes in the cluster. Add the SQL Server and Clustering service accounts to the Local Administrators group of all the
nodes in the cluster.
Installing Cluster
How to recover a crashed quorum disk?To recover from a corrupted quorum log or quorum disk
1. If the Cluster service is running, open Computer Management.2. In the console tree, double-click Services and Applications, and then click Services.
3. In the details pane, click Cluster Service.
4. On the Action menu, click Stop.
5. Repeat steps 1, 2, 3, and 4 for all nodes.6. If you have a backup of the quorum log, restore the log by following the instructions in "Backing up
and restoring server clusters" in Related Topics.7. If you do not have a backup, select any given node. Make sure that Cluster Service is highlighted in
the details pane, and then on the Action menu, click Properties.
Under Service status, in Start parameters, specify /fixquorum, and then click Start.8. Switch from the problematic quorum disk to another quorum resource.
For more information, see "To use a different disk for the quorum resource" in Related Topics.9. In Cluster Administrator, bring the new quorum resource disk online.
For information about how to do this, see "To bring a resource online" in Related Topics.10.Click Start, click Run, and type a command with the following syntax:
cluster [ClusterName] res QuorumDiskResourceName /maint:on11.Run Chkdsk, using the switches /f and /r, on the quorum resource disk to determine whether the
disk is corrupted.
For more information on running Chkdsk, see "Chkdsk" in Related Topics.12.Click Start, click Run, and type a command with the following syntax:
cluster [ClusterName] res QuorumDiskResourceName /maint:off13. If no corruption is detected by Chkdsk, it is likely that the log was corrupted. Proceed to step 15.
If corruption is detected on the disk, check the system log in Event Viewer for possible hardware errors.
Resolve any hardware errors before continuing.14. Stop the Cluster service after Chkdsk is complete, following the instructions in steps 1-4.15.Make sure that Cluster Service is highlighted in the details pane. On the Action menu, click
Properties.
Under Service status, in Start parameters, specify /resetquorumlog, and then click Start.
This restores the quorum log from the node's local database.
Important• The Cluster service must be started by clicking Start on the service control panel. You cannot
click OK or Apply to commit these changes as this does not preserve the /resetquorumlog parameter.
16. Restart the Cluster service on all other nodes.Notes
• To perform this procedure, you must be a member of the Administrators group on the local computer,
or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
• To open Computer Management, click Start, click Control Panel, double-click Administrative
Tools, and then double-click Computer Management. • The quorum disk must be formatted with the NTFS file system.
• If none of the nodes are running, or one node fails while you are changing the quorum resource, only
the running nodes are able to form the cluster, and the offline node is only able to join the cluster. After the offline node has joined the cluster, all nodes are again able to form or join the cluster. This design prevents the offline node from forming the cluster using the old quorum resource.
• Optionally, after step 13 above, you can use the ClusterRecovery tool, available in the Microsoft
Windows Server 2003 Resource Kit, to restore the registry checkpoint files.
How many servers can I load balance?WLBS and NLB support a maximum of 32 nodes.
What is the maximum number of hosts that can be included in one NLB cluster? 32 is the maximum number of supported nodes. However, studies have shown that the Ideal number of nodes is 8. This is because the network traffic is broadcasted to every node, yet only one NLB node accepts the connection, so scaling beyond 8 nodes can cause a slight performance hit.
If you need a larger cluster you can you can create multiple NLB clusters, and use round robin DNS to load balance between each cluster.
Can NLB function with a single NIC per server?Yes. Unlike previous versions, Network Load Balancing in Windows Server 2008 R2 can be configured on servers with a single network adaptor.
Can I run mixed clusters containing both physical servers and VMs as NLB nodes? Yes. However, all servers and Virtual Machines (VMs) must be on the same VLAN and IP subnet.
Patch deploymentWe use Patchlink from Lumension to deploy the patches. All the patches are first downloaded to the Patchlink server and a Patchlink client is installed on all clients so that they can communicate with the Patchlink server. We push the patches from the server to the clients.On 2nd Tuesday each month MS releases the critical patches.We first deploy the same on test servers (hosting various applications like citrix, SQL, MS-Exchange, DC etc) and monitor for few days for any issues arising from the deployment.We then schedule the same on Dev servers (after raising a change and informing the box owners)After this we target the Prod serversAfter each deployment we do a checkout from OS perspective and ask the application owners to checkout from app perspective.If any issues are observed after the deployment, further troubleshooting is done to identify the problematic patch by uninstalling them one by one.
OS is not accessible & from console we can see it is blue screened. What is the first step you take?If it is blue screened check if it is generating a memory dump and if so, allow it to finish completing the dump. Later if we are unable to get any logs for cause of BSOD, we can use this memory dump to analyze and find the root cause of the BSOD. If there is no memory dump getting generated and host stuck, power cycle it to get it back online.
3rd party tools for monitoringNetcool & MOMBMC
Where are the documents and settings for the roaming profile stored? All the documents and environmental settings for the roaming user are stored locally on the system, and, when the user logs off, all changes to the locally stored profile are copied to the shared server folder. Therefore, the first time a roaming user logs on to a new system the logon process may take some time, depending on how large his profile folder is.
Where are the settings for all the users stored on a given machine? \Document and Settings\All Users
I have a file to which the user has access, but he has no folder permission to read it. Can he access it? It is possible for a user to navigate to a file for which he does not have folder permission. This involves simply knowing the path of the file object. Even if the user can’t drill down the file/folder tree using My Computer, he can still gain access to the file using the Universal Naming Convention (UNC). The best way to start would be to type the full path of a file into Run… window.
What hidden shares exist on Windows Server 2003 installation? Admin$, Drive$, IPC$, NETLOGON, print$ and SYSVOL.
What’s the number of permitted unsuccessful logons on Administrator account? Unlimited. Remember, though, that it’s the Administrator account, not any account that’s part of the Administrators group.
You need to automatically install an app, but MSI file is not available. What do you do? A .zap text file can be used to add applications using the Software Installer, rather than the Windows Installer.
What’s the difference between Software Installer and Windows Installer? The former has fewer privileges and will probably require user intervention. Plus, it uses .zap files.
what is symbols in windbg
Identify H/W issues?
what is the trouble shooting steps for server performance.
Othersservice desk tools..
About ITIL and service desk tools...
The Information Technology Infrastructure Library (ITIL) is a set of concepts and practices for Information Technology Services Management (ITSM), Information Technology (IT) development and IT operations.
itsmServicenow
Problem management in ITILissue,inc,prb,rca,changeIncident Management is a process for managing incidents that can interrupt the functioning of IT services. These incidents can include events such as error in printing, hard disk failure, and network server failure.
Change Management is a process that helps introduce changes in the IT services provided by a company, such as changes in business needs and introduction of new technologies.
Problem Management is a process of resolving problems that can occur in IT services due to the incidents, which are not resolved by Incident Management. Problem Management is of two types,reactive and proactive. The reactive Problem Management helps resolve the problems that have occurred in an IT service. The proactive Problem Management identifies problems that are likely to occur.
Severity/SLA(service level agreements) levelsP1 – P2 – P3 – P4 –
What is the ticking system you use...
ITIL process – CR, CAB
Daily ActivitiesShift LeadQueue ManagerAlertsEscalation from shift members
Installing iis certificatyes
