Main Contents
August 18, 2008
We are all aware how helpful the repadmin tool has become (available thru Windows Support Tools in Windows Server 2003 and earlier) for troubleshooting the replication issues. In Windows Server 2008, this tool along with others come pre-packaged within the OS. You no longer have to install the Support Tools to rein in the benefits of handy command line tools such as, dcdiag, netdiag, rendom and many others.
Here is one repadmin syntax I have become used to as it gives me a snapshot of source DCs and the Destination DCs and their replication status. The command is repadmin /replsum
In above scenario there are two DCs (both Windows Server 2008) showing their latest largest delta times. The Source DC is one that changes have gone out from, where as Destination DC is one who adopted changes from other DC, hence replicated.
What needs to be noticed here is under normal circumstances both DCs would show up under Source and Destination, but since the VM08-02 is a read-only domain controller it can only grab changes from other DC and can’t replicate changes out from it. It only shows up under Destination DC and shows that it was at the receiving end of applying changes to it in terms of Active Directory replication. While read-write domain controller (RWDC) shows changes replicated out from it i.e VM08-01.
The fail/total %% and error column comes very handy when somewhere out there one of your DC has stopped talking to others or hasn’t been talked to due to an issues such is incorrect firewall settings.
Repadmin is one handy tool that all AD Admins should invest a little time learning. For more information on repadmin /showrepl command, click here.
Filed under: Active Directory, Windows Server 2008 |
Comments (0)
August 1, 2008
So its no news that this past Monday VMware released VMware ESXi for FREE, previously sold for $495. As witnessed by many, this is a right move in the right direction in terms of competing with Microsoft, with its free offering of Hyper-V - their flavor or native virtualization product.
However, there are things to keep in mind. While ESXi and ESX (most renowned in the market) match in the core functionality, VMware does not make the VirtuaCenter Server piece free. You would still need a licensed VMware Infrastructure 3 Suite in order to use VirtualCenter to manage multiple hosts, provision VMs easily and most importantly to take advantage of powerful tools such as HA, DRS and consolidated backup for VMs.
Nonetheless, I am excited at this prospect as many SMBs will now really be able to get the true taste of VMware ESX for their virtualization needs. I myself have run my home lab environment previously on VMware Server 1.0 and now on Virtual Server 2005 R2 (both non-native virtualization, running on top of other OS) as the news broke of FREE ESXi, I immediately wanted to know if this will run on my Dell PowerEdge 1800, a dual core Xeon processor machine. As I searched I didn’t find a definitive answer and found the provided HCL list of ESXi of no help.
I decided to give it a try and moved my Virtual Server 2005 VMs over to another storage. Got the ISO for VMware ESXi and ran the installation. It installed painlessly (following the Install Guide that comes in an email when you register for your free copy and includes the license key) and I now had a much better hypervisor performance VMware ESXi machine ready to go. I plan on migrating my Virtual Server 2005 VMs using VM converter which is available in the install when you download the eval. copy of VirtualCenter Server 2.5, and it gives you all previously mentioned features for 60 days. After the trial is over you can continue to use your Virtual Infrastructure Client to manage VMware ESXi and the VMs. I am looking forward to revamping my lab VMs and using the VirtualCenter features. Note, I installed VIC and VirtualCenter Server 2.5 on an XP machine and it works great. In future, I plan on installing the VirtualCenter Server piece on a Vista machine.
Lastly, most companies who have paid thousands of dollars for ESX and VI3 Suite should perhaps look into creating their Dev and QA environment using ESXi while utilizing their already paid license for VirtualCenter to manage multiple ESXi hosts. There is potential cost savings there.
Grab your free copy of VMware ESXi from here.
P.S - After you have installed it, don’t forget to license it with the key received in email from the Configuration tab and License option in VIC.
Filed under: VMware |
Comments (0)
June 27, 2008
What is it ?
Windows Server 2003 includes support for a startup switch that lets you tune the allocation of use of memory and memory address space. Regardless of the amount of physical memory in your system, Windows uses a virtual address space of 4 GB, with 2 GB allocated to user-mode processes (for example, applications) and 2 GB allocated to kernel-mode processes (for example, the operating system and kernel-mode drivers). On systems that have 1 GB or more of physical memory, the startup switche can be used to allocate more memory to applications (3 GB) and less memory to the operating system (1 GB). This additional virtual address space helps reduce the amount of memory fragmentation.
How beneficial is it ?
You may have read many articles on this subject before. This discussion has been going on for many years now and at times has almost reached epic proportions due to the conflicting information available from Microsoft. Long story short is that by and large, you should NOT use the /3GB switch unless you meet specific criteria, please read the following article as it demystifies the whole theory. Or read the excerpt below.
http://blogs.technet.com/askperf/archive/2007/03/23/memory-management-demystifying-3gb.aspx
The /3GB option was intended as a short term solution to allow applications such as database servers to maintain more data in memory than a 2GB address space allowed. However, using the /3GB method to increase the user-mode memory space comes at a cost. If we have to allocate an additional 1GB of this address space to the user-mode space, then the System space is cut in half. Drivers, Heap, Paged & NonPaged Memory all have only half the resources to work with now. However, because of the way memory mapping works, cutting the kernel space in half does a lot more than just reducing the address space. Many of the structures within the kernel virtual memory space are cut back by far more than 50%.
For a process to access the full 3GB address space, the image file (application process) must have the IMAGE_FILE_LARGE_ADDRESS_AWARE flag set in the image header.
If the flag is not set in the image header, then the OS reserves the third gigabyte so that the application won’t see virtual addresses greater than 0×7FFFFFFF. You set this flag by specifying the linker flag /LARGEADDRESSAWARE when building the executable. This flag has no effect when running the application on a system with a 2-GB user address space. Therefore if you enable the /3GB switch, then applications that do not have this flag set can only use the standard 2GB of User mode memory, and the Kernel is still limited to the 1GB space - which means that 1GB of virtual memory is basically wasted !
All that is required to make it happen is a switch in the boot.ini file. The switch, /3GB, is placed
at the end of the line that executes the WinNT loading process.
Example:
[operating systems] multi(0)disk(0)rdisk(0)partition(2)\WINNT=”Windows NT
Server Version 4.00″ /3GB
Or you may add an additional line in your boot.ini as above to have the option to boot into either environment, with or without the switch.
What to keep in mind ?
This topic deals with the the virtual memory address space and has no relevance with the physical memory, it is however a limitation of a 32bit OS if you are running 64bit OS this not applicable. At the end of the day you must decide if your application is capable of handling this switch as an added benefit. Often times, if you are having to up the threshold of your OS handling of things and or things such as over-clocking your processor to keep up, one might worry about the logic behind it. Perhaps go for 64bit OS to begin with.
Filed under: General, Windows |
Comments (0)
June 8, 2008
Sounds like a no-brainer, but there is catch. I installed DHCP role on my Server Core that I had previously set up as Read-only Domain Controller, using this command.
start /w ocsetup DHCPServerCore
And then I went ahead and set the service configuration to “auto” with this command,
sc config dhcpserver start= auto (note the space between the equal sign and auto
And then finally when I tried to start the DHCP service with the following command, it failed with these errors.
net start dhcpserver
A system error has occured
System error 50 has occured
The request is not supported
So the catch was, that since RODC can’t write back to the AD to create the needed DHCP security groups i.e DHCP Administrators and DHCP Users, the service would fail.
After creating those domain local security groups on another Windows Server 2008 RWDC, the service does run successfully and you can manage the DHCP Server (that is running on Server Core) from another server using RSAT.
Filed under: Server Core, Windows Server 2008 |
Comments (0)
June 6, 2008
Yes there is. Inevitable as it was, we the System Admins like to accomplish easy tasks from the tip of our fingers, and do things in a graphical click-ing environment. You might have heard of this utility, which came out few months back called ‘Server Core Configurator’ by Guy Teverovsky. I had been reading about the bugs and fixed at Guy’s site and hadn’t given a try. I have now downloaded a copy thats has been fixed up and fine tuned per the request of other readers and users who tried out this utility. I installed it on my Server Core copy and I haven’t been disappointed, it lets you do a lot of common tasks such as adding the machine to the domain, running DCPROMO on it, changing NIC settings, changing display and time zone etc. which would otherwise require you know the command line or registry edit.
While this utility will comes in very handy (until Microsoft perhaps comes out of their own), remember its Microsoft’s attempt to offer a small footprint OS of Core features with the likes of Linux based DHCP, and DNS system such Infoblox, and they have tried to persuade the System Admins to learn the powerful capabilities of Cscripts, WMI and Netsh. This does take us the other way a little bit. But I sure am happy to see an option that allows to me do all those initial configuration tasks GUI-ily.
You be the judge and give it a try, download it from here,
http://blogs.microsoft.co.il/files/folders/guyt/entry68860.aspx
P.S You can only launch the application from the folder where it was installed, i.e change the directory to the C:\Program Files\Server Core Configurator where it installs by default.
Filed under: Server Core, Windows Server 2008 |
Comments (0)
May 2, 2008
Its pretty simple to turn the automatic updates in Server Core by using scregedit to modify the registry, simply type in this command :
cscript c:\Windows\system32\scregedit.wsf /au 4
After that, you do have to stop and start the Windows Update service
net stop wuauserv
net start wuauserv
The swtich /au 4 sets the time for checking the updates at 3am. It also sets the server to reboot if the updates require it to. You can disable automatic updates by using /au 1 switch or /v to view the current settings. To force an immediate check for updates, run the following command:
wuauclt /detectnow
Filed under: Server Core, Windows Server 2008 |
Comments (0)
May 2, 2008
You can use Windows Remote Shell (WinRS) in Vista and Windows Server 2008 to remotely manage and administer Server Core. The WinRS client passes the commands to a WinRS listener on Server Core, which passes the commands to a prompt, captures the output and returns it to the WinRS client. To do this, you have to enable Windows Remote Managment (WinRM) on Server Core, you will run the following command :
winrm quickconfig
You can then run for example this command to see the license status on the Server Core remotely from Vista or the full installation on Windows Server 2008
winrs -r:NameofServerCore “cscript c:\Windows\System32\slmgr.vbs -dli”
Note that you can also use tools such as Windows Management Instrumentation command line (WMIC) and PowerShell thru WMI calls to manager Server Core. At this time Server Core does not support PowerShell directly since it relies on .NET Framework which is not there in Windows Server without Windows
Filed under: Server Core, Windows Server 2008 |
Comments (0)
May 2, 2008
So In Windows Server 2008, there are roles such as AD Domain Services, DHCP, DNS, the roles services pertaining to roles such as AD Certificate Services, DFS, and finally there are optional features such as .NET Framework Services, Network Load Balancine (NLB), etc. With the exception of the Active Directory Domain Services role, you install server roles and features by using the ocsetup command. The syntax for ocsetup is the same for roles and features. The command is case sensitive, and you need to know the correct capitalization for a server role or feature, you can get that by running oclist command.
For instance, the following command installs Windows Server Backup, which is a feature
start /w ocsetup WindowsServerBackup
Using the /w switch indicates when ocsetup has finished installing the new role of feature. It also stops user from initiating another command while it’s running.
You can also find out what is already installed by running following oclist syntax
oclist | find "installed"
Filed under: Server Core, Windows Server 2008 |
Comments (0)
April 19, 2008
The Windows Server 2008 Server Core installation does support Read Only Domain Controllers (RODC). This support makes Server Core ideal for brance office scenarios. To make a Server Core part of your domain as RODC, you use the unattended answer file with the following text with your settings and passwords
[DCInstall]
InstallDNS=Yes
ConfirmGC=Yes
RebootOnCompletion=Yes
ReplicaDomainDNSName=2008.lab
ReplicaOrNewDomain=readonlyreplica
ReplicationSourceDC=dc3.2008.lab
SafeModeAdminPassword=
SiteName=Default-First-Site-name
UserDomain=2008.lab
UserName=admin08
Password=
CreateDNSDelegation=No
You can place the text file on the root of your C drive on the server core and run the following command
dcpromo /unattend:unattend.txt where unattend.txt is the text file you created above
Later on we will discuss other embedded command line structures and built-in programs such as OCSETUP which will allow you to add roles and features to your server core. Keep in mind that making the domain controller is the only setup you must not use OCSETUP for, and you must utilize DCPROMO for it, otherwise your server may not function properly.
After running the above process, you will notice that from a Windows Server 2008 full installation, using ADUC we can readily confirm that our DC is RODC.
Filed under: Active Directory, Server Core, Windows Server 2008 |
Comments (0)
April 14, 2008
In order to add your Server Core to a domain you must assign an IP and DNS server to the current IP Configuration and you do that using NETSH tool, otherwise using the answer file your setup will fail complaining about its inability to contact the source DC.
Netsh.exe is a tool an administrator can use to configure and monitor Windows-based computers at a command prompt. With the Netsh.exe tool, you can direct the context commands you enter to the appropriate helper, and the helper then carries out the command. A helper is a Dynamic Link Library (.dll) file that extends the functionality of the Netsh.exe tool by providing configuration, monitoring, and support for one or more services, utilities, or protocols. The helper may also be used to extend other helpers.
You will first check the index assigned to your NIC by running this at command line,
netsh interface ipv4 show interfaces
You can then using this syntax to assign your server an IP address. Note that my NIC index ID is 2.
netsh interface ipv4 set address name="2" source=static address=192.168.100.202 mask=255.255.255.0 gateway=192.168.100.1
And then you can use the following NETSH command to add your primary DNS server, in my case also the source DC.
netsh interface ipv4 add dnsserver name="2" address=192.168.100.201 index=1
Run Ipconfig /all to verify your configuration.
In a future post, I will show you how to setup Server Core to be a Read-Only Domain Controller in a Windows Server 2008 domain.
More on NETSH can be found on http://support.microsoft.com/kb/242468
Filed under: Server Core, Windows Server 2008 |
Comments (0)
