Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.

Similar presentations


Presentation on theme: "Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8."— Presentation transcript:

1 Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8

2 Why Evaluate and Monitor Performance? Active Directory Performance-Monitoring Tools Different Types of Logs Creating Performance Logs and Alerts Replication errors Content

3 Periodically monitoring Active Directory (AD) performance –To anticipate problems –To take preventive measures –To maintain efficient functioning of the NW Why Evaluate and Monitor Performance? (1)

4 Performance monitoring tools –Statistics of the load placed on NW resources over time –Diagnose/solve performance bottlenecks –Understand effects of AD (SW) performance on the HW resources of computer Why Evaluate and Monitor Performance? (2)

5 Performance Console –System Monitor View graphical real-time representation of resource performance with Perfmon Performance data displayed as a chart/histogram/report –Performance Logs and Alerts tools Performance of resources in logs as mmc snap-ins Used to configure alerts –To perform specific actions –To notify a specific status has been reached (Threshold) Active Directory Performance-Monitoring Tools (1) (Skill 1)

6 The System Monitor (Skill 1)

7 The System Monitor

8 The Performance Logs and Alerts (Skill 1)

9 Event Viewer (EV) –Mainly a passive tool that tracks system errors and events of interest. Track problems relating to applications, services and OS: about hardware, software, and system problems –Events can be created by users with the appropriate authority (administrative privileges) –Messages generated by applications and OS in logs: applications and services can generate custom errors –Different sections (at least 6: see next slide) At least, Application, Security, and Systems logs since NT Directory Services: Windows 2000 and WS2008 which monitor NTDS (NT Directory Services) events in member servers and XP systems or Active Directory events in DCs; DNS logs; and Replication logs –New with WS 2008: automatic search the Microsoft Technet Web site for meaning of a particular event message Active Directory Performance - Monitoring Tools (2) (Skill 1)

10 Directory Service Event log with Event Viewer

11 Application log –Information/errors/warnings by the applications on a computer –For example, file error of a DB program might record a file error –Program owner decide which events to monitor Security log –Valid and invalid logon attempts, and resource usage: events related to creating, opening, or deleting files or other objects –Specify by administrator –For example, if logon auditing attempts enabled  auditing entries –After auditing configuration, use log to track unauthorized access to objects System log –Information/errors/warnings by Win XP OS –Example: if trouble to start a service, look at these logs or if driver failures Different Types of Logs (1) (Skill 1)

12 The System Event log (Skill 1)

13 Directory Service log –Information/errors/warnings by AD –Only on DCs DNS Server log –Information/errors/ warnings by the DNS server File Replication Service (FRS) log –Information/errors/warnings by FRS –FRS used to replicate the shared system volume (Sysvol) folder Different Types of Logs (2) (Skill 1)

14 Information (see [4]) –Successful operation of a task: driver loaded Warning –May indicate a future problem: low disk space Error –Indicate significant problem: failure to load a service Failure (Security log) –Failure of an audited security event: user cannot access NW drive Success (Security log) –Success of an audited security event: user logs on computer Type of Messages Logged (Skill 1)

15 Performance console metrics –Performance objects: system resource = memory, disk, processor, a network interface –Performance counters = object performance measures calculated as numeric value Type of Metrics Used (Skill 2)

16 Performance Logs and Alerts snap-in –To collect and record data specific to hardware resources and services –To create Counter logs Trace logs Alerts Creating Performance Logs and Alerts (1) (Skill 3)

17 Counter logs –Use performance objects and performance counters to record data About hardware resources About Active Directory Creating Performance Logs and Alerts (2) (Skill 3)

18 The Performance Logs and Alerts Adding Counters

19 Trace logs –Record data only if OS or application events occur – Establish effects of HW resources on AD performance Creating Performance Logs and Alerts (3)

20 Alerts –If resource/service performance counter is above/below a specified threshold → Alert –Based on reference data previously collected –Compute deviations from reference data → high deviation indicates problems Creating Performance Logs and Alerts (4) (Skill 3)

21 Types of Logs (Skill 2)

22 Slow replication is the most common problem –Causes of replication latency Link speed Available bandwidth Replication topology Replication timers Disabled Web sites Overloaded DCs … Replication Errors (1) (Skill 6)

23 Event ID 1311 shown in the Directory Service Log (see [3]) –In AD domain, a schema, a configuration, an application partition, or the global catalog naming contexts cannot be replicated between DCs or sites Event ID 1265 and the error “RPC Server is Unavailable” shown in the Directory Service Log (see [4]) –Often the result of DNS problems “Access is denied” message when attempting to force replication (see [4]) –Local DC failed to authenticate against its replication partner when creating the replication link or when trying to replicate over an existing link: DC has been disconnected from the rest of the network for long time and its computer account password is not synchronized with its computer account password stored in the directory of its replication partner (see [4]) Replication Errors – Common Examples (2) (Skill 6)

24 References (click on references) 1.http://technet2.microsoft.com/windowsserver/en/library/ 22764cb5-9860-4f8f-95e7- 337df24edf741033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/ 22764cb5-9860-4f8f-95e7- 337df24edf741033.mspx?mfr=true 2.http://support.microsoft.com/kb/308427http://support.microsoft.com/kb/308427 3.http://support.microsoft.com/kb/325375http://support.microsoft.com/kb/325375 4.http://support.microsoft.com/kb/307593http://support.microsoft.com/kb/307593


Download ppt "Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8."

Similar presentations


Ads by Google