MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 13: Server Management and Monitoring
MCTS Windows Server 2008 Active Directory2 Objectives 2 Perform Active Directory maintenance tasks Monitor an Active Directory environment Manage a Server Core installation Use several command-line tools to manage a Windows Server 2008 environment
MCTS Windows Server 2008 Active Directory3 Windows Server Backup and Restore Windows Server Backup is new in Windows Server 2008 and supersedes NTBackup.exe Must be installed with Server Manager Some features and limitations –Backups can be run manually or scheduled with Task Scheduler –Separate files or folders can’t be backed up, you can only choose which volumes to backup –Scheduled backups require a dedicated fixed or removable disk as the backup destination when you’re using Windows Server Backup Select one of the following options: –Always perform full backup –Always perform incremental backup –Custom
MCTS Windows Server 2008 Active Directory4 Windows Server Backup and Restore (cont.)
MCTS Windows Server 2008 Active Directory5 Creating Scheduled Backups Scheduled backups give you the flexibility to run a backup at a particular time of the day, once per day, or multiple times per day Before using the Backup Schedule Wizard, know: –What do you want to backup? –When and how often should the backup occur? –Where will backups be stored?
MCTS Windows Server 2008 Active Directory6 Creating Scheduled Backups (cont.)
MCTS Windows Server 2008 Active Directory7 Data Recovery You can recover files and folders, the system state, Active Directory, or the entire server from a backup Windows Server Backup can recover only files, folders, and volumes Command-line utilities used for more complete recovery To start the recovery process, click recover in the Actions pane of Windows Server Backup
MCTS Windows Server 2008 Active Directory8 Data Recovery (cont.)
MCTS Windows Server 2008 Active Directory9 Data Recovery (cont.)
MCTS Windows Server 2008 Active Directory10 Backup and Restore from the Command Line Windows Server Backup has less flexibility than its command line equivalent utilities Wbadmin.exe can perform all tasks available in Windows Server Backup, and more: –Perform a system state backup –Recover the system state –Delete a system state backup –Restore or delete a backup catalog Most tasks with Wbadmin require you to be a member of the Backup Operators or Administrators group
MCTS Windows Server 2008 Active Directory11 Perform a System Recovery If full recovery is necessary, you need the Windows Server 2008 installation disk or access to Windows Recovery Environment (WinRE) Can be installed on a server’s hard drive by pressing F8 when the boot process starts Can also be accessed from the Windows Server 2008 installation DVD You can restore a complete backup from a local or removable disk or a network location
MCTS Windows Server 2008 Active Directory12 Active Directory Backup and Restoration Active Directory is backed up when you perform a full backup of a domain controller or when you back up the volumes containing system recovery information Restoration can be authoritative or nonauthoritative Nonauthoritative restore restores the Active Directory database, or portions of it, and allows it to be updated through replication. Requires a restart into Domain Services Restore Mode (DSRM) Authoritative restore ensures that restored objects aren’t overwritten by changes from other domain controllers through replication
MCTS Windows Server 2008 Active Directory13 Active Directory Backup and Restoration
MCTS Windows Server 2008 Active Directory14 Active Directory Defragmentation Active Directory database requires periodic maintenance in the form of defragmentation and compaction Online defragmenation occurs when garbage collection is performed Objects that have been deleted for more than 180 days are removed by garbage collection Object marked for removal after a period of time has been “tombstoned” Online defragmentation removes deleted objects but doesn’t compact the database Offline defragmentation compacts the database Compaction is performed with the Ntdsutil program
MCTS Windows Server 2008 Active Directory15 Active Directory Monitoring Windows Server 2008 provides tools to manage and monitor server operation and resources, including the following: –Event Viewer –Task Manager –Reliability and Performance Monitor –Windows Server Resource Manager
MCTS Windows Server 2008 Active Directory16 Event Viewer Used to examine event log entries generated by system services and applications Events categorized by levels: –Information Indicated by blue i in a white circle –Warning Indicated by a black ! inside a yellow triangle –Error Indicated by a white ! inside a red circle Selecting an event shows more detailed information
MCTS Windows Server 2008 Active Directory17 Event Viewer (cont.)
MCTS Windows Server 2008 Active Directory18 Task Manager Provides a simple interface for viewing the performance of a Windows computer Started by pressing Ctrl + alt + delete and then clicking “Task Manager”, by right-clicking the taskbar and clicking Task manager, or by typing Taskmgr into a command prompt Windows Server 2008 adds the Services and Resource Monitor tabs Shows real-time graphical display of: –CPU utilization –Disk utilization –Network utilization –Memory utilization
MCTS Windows Server 2008 Active Directory19 Task Manager (cont.)
MCTS Windows Server 2008 Active Directory20 Reliability and Performance Monitor Consists of a collection of tools Can be opened from Administrative tools folder or the Diagnostics node in Server Manager Contains the following folders: –Monitoring Tools –Data Collector sets –Reports
MCTS Windows Server 2008 Active Directory21 Performance Monitor Uses counters to track performance of a variety of objects A counter is a value representing some aspect of an object’s performance Counters exist for virtually every hardware and OS component on a server Performance monitor can track counters with a line graph, histogram, or as raw data saved to a report Can display counters in real time or from a saved log file
MCTS Windows Server 2008 Active Directory22 Performance Monitor (cont.)
MCTS Windows Server 2008 Active Directory23 Collecting Baseline Performance Data Using real-time monitoring can be difficult since there is no point of reference, or baseline, for comparing data To create a baseline, you create a data collector set that specifies the performance counters you want to collect Performance monitoring uses system resources Monitoring remotely can reduce the strain on a system
MCTS Windows Server 2008 Active Directory24 Collecting Baseline Performance Data (cont.)
MCTS Windows Server 2008 Active Directory25 Data Collector Sets A data collector set can contain a variety of types of information: –Performance counters –Counter alerts –Event traces –System configuration Common use is to create a baseline Predefined data collector sets can be run as they are or used as templates to create user-defined data collector sets
MCTS Windows Server 2008 Active Directory26 Reports Reports folder contains reports generated from data collector sets User Defined subfolder contains reports generated by user-defined data collector sets System subfolder contains folders for each system data collector set After a data collector set runs, a report is generated automatically and placed in a folder with the name of the data collector set
MCTS Windows Server 2008 Active Directory27 Reports (cont.)
MCTS Windows Server 2008 Active Directory28 Reliability Monitor Tracks system changes and logs a variety of hardware and software failures Changes are indicated on a timeline graph Can track how stable / reliable your system has been over a period of time Icons that indicate failure, information, or warning are the same as those in Event Viewer Reliability monitor tracks five event types: –Software (Un)Install –Application failures –Hardware failures –Windows failures –Miscellaneous failures
MCTS Windows Server 2008 Active Directory29 Reliability Monitor (cont.)
MCTS Windows Server 2008 Active Directory30 Windows System Resource Manager Helps you manage processor and memory resource on heavily used systems Can fine tune resource use so that each process has an equal share of resources WSRM includes the following features: –Preconfigured and custom policies –Policies based on calendar rules –Automatic policy application –Resource monitoring data
MCTS Windows Server 2008 Active Directory31 Windows System Resource Manager (cont.)
MCTS Windows Server 2008 Active Directory32 WSRM Management Policies WSRM is designed to be used on multipurpose servers with high CPU utilization WSRM doesn’t apply CPU use policies until total utilization reaches 70% Preconfigured WSRM policies: –Equal_Per_Process –Equal_Per_User –Equal_Per_IISAppPool –Equal_Per_Session Can use custom policies as well
MCTS Windows Server 2008 Active Directory33 Analyzing Active Directory Performance To ensure AD performance, monitor performance indicators such as: –AD DS –DNS –Replication –Active Directory Storage
MCTS Windows Server 2008 Active Directory34 Monitoring Active Directory Replication Replication of Active Directory is critical to the operation of a Windows Server 2008 domain Three tools can be used to monitor aspects of Active Directory replication: –Repadmin –Replmon –Dcdiag Replication and AD health should be verified proactively
MCTS Windows Server 2008 Active Directory35 Managing Server Core Administration of a Server Core installation is done primarily from the command line Server Core is ideal for virtualized installs Some aspects of Server Core can be managed remotely (usually MMC)
MCTS Windows Server 2008 Active Directory36 Common Server Core Configuration Tasks Tasks that might need to be performed: –Activating Windows Server 2008 Slmgr.vbs –ato –Changing the administrator password “net user administrator *” –List installed features and roles Oclist –Install new server roles and features Ocsetup –Join a domain Netdom join computername /domain:domainname Installation of AD DS requires dcpromo to be run in unattended mode
MCTS Windows Server 2008 Active Directory37 Common Server Core Configuration Tasks (cont.) Dcpromo switches: –/replicaOrNewDomain –/replicaDomainDNSName –/ConfirmGC –/InstallDNS –/UserName –/Password –/RebootOnSuccess –/SafeModeAdminPassword
MCTS Windows Server 2008 Active Directory38 Managing Server Core Remotely Some snap-ins require no additional configuration Other snap-ins require reconfiguration of various firewall settings before you can connect To allow remote management of Server Core from any MMC, type the following: –Netsh advfirewall firewall set rule group=“Remote Administration” new enable=yes Snap-ins that may require additional configuration: –Disk management –Device manager –IPSec Management –Windows Firewall with Advanced Security
MCTS Windows Server 2008 Active Directory39 Additional Server and Active Directory Tools Additional tools for managing a Windows Server 2008 environment: –Bcdedit –Dsacls –Dsdbutil –Dsmgmt –Dfsutil –Dnscmd –Icacls –Servermanagercmd –Winrs Many more additional commands exist, for a more complete reference, visit the Microsoft Download Web site ( and search on “Windows Command Reference”
MCTS Windows Server 2008 Active Directory40 Chapter Summary Active Directory maintenance involves backup and restore of the server and the Active Directory database as well as offline maintenance tasks Windows Server Backup enables you to back up entire servers, volumes, and the system state The Active Directory database becomes fragmented over time. To ensure performance, use online defragmentation and offline defragmentation Four tools are commonly used to monitor and fine-tune the performance and reliability of Active Directory and the server: Event Viewer, Task Manager, Reliability and Performance Monitor, and Windows Server Resource Manager
MCTS Windows Server 2008 Active Directory41 Chapter Summary (cont.) Task Manager and Resource Monitor provide a real-time look at key performance indicators, such as CPU, disk, network, and memory utilization Reliability Monitor tracks several different system failures and includes a numeric indicator of your server’s reliability Server Core has a minimal user interface and is ideal for branch office servers and for virtualizing servers performing particular roles Hundreds of command-line tools are available to manage all aspects of a Windows Server 2008 environment