DHCP

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network.

DHCP assigns an IP address when a system is started, for example:

1. A user turns on a computer with a DHCP client.
2. The client computer sends a broadcast request (called a DISCOVER or DHCPDISCOVER), looking for a DHCP server to answer.
3. The router directs the DISCOVER packet to the correct DHCP server.
4. The server receives the DISCOVER packet. Based on availability and usage policies set on the server, the server determines an appropriate address (if any) to give to the client. The server then temporarily reserves that address for the client and sends back to the client an OFFER (or DHCPOFFER) packet, with that address information. The server also configures the client's DNS servers, WINS servers, NTP servers, and sometimes other services as well.
5. The client sends a REQUEST (or DHCPREQUEST) packet, letting the server know that it intends to use the address.
6. The server sends an ACK (or DHCPACK) packet, confirming that the client has a been given a lease on the address for a server-specified period of time.

How to take IIS backup & Restore using CMD

Backups using the CMD command of the Backup object:

%systemroot%\system32\inetsrv\APPCMD.exe add backup 

Restore a backup use the RESTORE command with name of the backup:

             %systemroot%\system32\inetsrv\APPCMD restore backup "Backup folder Name"

Restored configuration from backup "Backup folder Name"

Debug Diagnostic 1.2 – Generate a manual hang dump for all processes owned by IIS

Debug Diagnostic 1.2 – Generate a manual hang dump for all processes owned by IIS

This article will detail the action plan you can implement to generate a manual hang dump using Debug Diagnostic for every processes owned by IIS.

This action plan can be applied when your W3WP.exe process or your application is hanged and that you are quickly aware of the situation to generate a dump yourself before the issue is gone. A hang of a process means the application is no longer responding with a normal execution time or is even not responding at all but the process is not crashing. This means there is no stop or restart of the process and you won't see any change to the Process ID.

Action Plan

    Debug Diagnostic 1.2 can be download at the following URL: http://www.microsoft.com/download/en/details.aspx?id=26798
    Once the tool has been installed and executed on the IIS server, the wizard "Select Rule Type" loads
    Click on "Cancel"

               

    To generate dumps :
        Click on "Tools" > "Create IIS/COM+ Hang Dump"
        Don't hesitate to access slow pages before and during the dump generation

               

    Select "Yes" in the Debug Diagnostic Tool window

               

    Once the dump is complete, click on "OK"

               

The dumps are located by default in "C:\Program Files\DebugDiag\Logs\Misc".
This location can be modified by using the "Tools > Options and Settings…" menu, via the field "Manuel Userdump Save Folder".

We hope this article will help you out.

See you soon. 

Debug Diagnostic 1.2 – Creating a rule in Performance mode

Debug Diagnostic 1.2 – Creating a rule in Performance mode

This article will detail the action plan you can implement to create a rule in Debug Diagnostic 1.2 to automate a dump generation in function of some specified performance counters for your IIS server or your application.
This action plan is applicable when your "W3WP.exe" process or your application is consuming too much CPU, consuming too much memory (for managed code), is in a deadlock situation…

Action Plan

    Debug Diagnostic 1.2 can be download at the following URL: http://www.microsoft.com/download/en/details.aspx?id=26798
    Once the tool has been installed and executed on the IIS server, the wizard "Select Rule Type" loads
    Choose "Performance", and then click on "Next >"

               

    Choose "Performance Counters", then click on "Next >"

    Click on "Add Perf Triggers…"
        Select one or several counter(s) for which you want to generate a dump if a certain value is exceeded (here we'll take the example of a high CPU consumption)
        Then click on "OK"

               

    Select the counter you just have added and click on "Edit Thresholds…"
        Here a dump will be generated if the % CPU Time is greater than 95% during 10 seconds
    Once those parameters are configured, click on "OK", and then on "Next >"

Note: Those values are only informed as an indicator. You may need to change them depending on your scenario.

    In the "Select Dump Targets" window
        Click on "Add Dump Target"
        In the "Target Type" field, choose "Web application pool" and select the Application Pool which is facing the hang issue
        Click on "OK", and then on "Next >"

               

    Set the "Configure UserDump Series" settings as followed:
        Note 1: You may need to change these values depending on your scenario.
        Note 2: Here, we'll generate a Full UserDump every 10 seconds. A maximum of 3 dumps will be generated.

    Choose a name and a location for dumps file, then click on "Next >"
        Setting those dumps on another disk than C:\ is possible
        Please check you have enough available space disk as the dump size will be equal to the memory consumed by the process you are monitoring

               

    In the window "Rule Completed", select "Activate the rule now", and then click on "Finish"
        The rule is now configured and ready to generate dumps

               

    Check the status is "Active"
        If it's not, The "DbgSvc" service is surely not started
        You can go in "Administrative Tools > Services" and start it
    When a dump will be generated, you'll see the column "UserDump Count" being incremented

The dumps are located by default in "C:\Program Files\DebugDiag\Logs\Rule_Name".



We hope this article will help you out.

See you soon. 

Debug Diagnostic 1.2 – Creating a rule in crash mode

Debug Diagnostic 1.2 – Creating a rule in crash mode

This article will detail the action plan you can implement to create a rule in Debug Diagnostic 1.2 to automate a dump generation when an IIS process is crashing (in example a "W3WP.exe" process).

This action plan can be applied when your W3WP.exe process is crashing which means, in an IIS context, the specified process has been killed or restarted for an obscure reason. This implies a stop of the process and if it has been restarted, a change in the Process ID. You really have to make the difference between a crash and a hang, as configuring a crash rule if you are facing a hang will not generate any dumps.

Action Plan

    Debug Diagnostic 1.2 can be download at the following URL: http://www.microsoft.com/download/en/details.aspx?id=26798
    Once the tool has been installed and executed on the IIS server, the wizard "Select Rule Type" loads
    Select "Crash" and then click on "Next >"

                   

    In the window "Select Target Type"
        Check "A specific IIS web application pool", then click on "Next >"

        This will have for effect to only generate a dump on the W3WP.exe process corresponding to your Application Pool
            If you want to monitor every processes owned by IIS, you can select "All IIS/COM+ related processes"
            You can also select "A specific process" to monitor every instances of a process or just a unique one (a specific process with a specific PID)

            The drawback of "A specific process" for a unique instance is you need to recreate the rule each time the process is restarted as his PID would have changed

           

               

    Select the Application Pool facing the crash issue, then click on "Next >"

    Add the breakpoint as you can see in the below screenshot
        This allows you to generate a dump as soon as the command "TerminateProcess" is sent in the process without waiting for a complete stop
        In addition, if a problem is detected by WAS in the process, it will stop it with this command, so without this breakpoint, no dump will be generated while the process is facing a crash

           

    Then click on "Next >"

   

             
    Choose a name and a location for dumps file, then click on "Next >"
        Setting those dumps on another disk than C:\ is possible
        Please check you have enough available space disk as the dump size will be equal to the memory consumed by the process you are monitoring

     

    In the window "Rule Completed", select "Activate the rule now", and then click on "Finish"
        The rule is now configured and ready to generate dumps

   


    Check the status is "Active"
        If it's not, The "DbgSvc" service is surely not started
        You can go in "Administrative Tools > Services" and start it
    When a dump will be generated, you'll see the column "UserDump Count" being incremented

The dumps are located by default in "C:\Program Files\DebugDiag\Logs\Crash rule for all IIS_COM+ related processes" or in "C:\Program Files\DebugDiag\Logs\Rule_Name".



We hope this article will help you out.

See you soon. 

RAID ( Redundant Array of Independent Disks)

RAID Defined
RAID stands for Redundant Array of Independent Disks. RAID is a method of combining several hard drives into one unit. It offers fault tolerance and higher throughput levels than a single hard drive or group of independent hard drives. RAID levels 0,1, 10 and 5 are the most popular.
The acronym RAID, originally coined at UC-Berkeley in 1987, stood for Redundant Array of Inexpensive Disks.

RAID Configurations

RAID 0 splits data across drives, resulting in higher data throughput. The performance of this configuration is extremely high, but a loss of any drive in the array will result in data loss. This level is commonly referred to as striping. Minimum number of drives required: 2 Performance: High Redundancy: Low Efficiency: High Advantages: High performance Easy to implement Highly efficient (no parity overhead) Disadvantages: No redundancy Limited business use cases due to no fault tolerance ---------------------------------------------------------- RAID 1 writes all data to two or more drives for 100% redundancy: if either drive fails, no data is lost. Compared to a single drive, RAID 1 tends to be faster on reads, slower on writes. This is a good entry-level redundant configuration. However, since an entire drive is a duplicate, the cost per megabyte is high. This is commonly referred to as mirroring. Minimum number of drives required: 2 Performance: Average Redundancy: High Efficiency: Low Advantages: Fault tolerant Easy to recover data in case of drive failure Easy to implement Disadvantages: Highly inefficient (100% parity overhead) Not scalable (becomes very costly as number of disks increase) ---------------------------------------------------------- RAID 5 stripes data at a block level across several drives, with parity equality distributed among the drives. The parity information allows recovery from the failure of any single drive. Write performance is rather quick, but because parity data must be skipped on each drive during reads, reads are slower. The low ratio of parity to data means low redundancy overhead. Minimum number of drives required: 3 Performance: Average Redundancy: High Efficiency: High Advantages: • Fault tolerant • High efficiency • Best choice in multi-user environments which are not write performance sensitive Disadvantages: • Disk failure has a medium impact on throughput • Complex controller design ------------------------------------------------------------------------------------ RAID 6 is an upgrade from RAID 5: data is striped at a block level across several drives with double parity distributed among the drives. As in RAID 5, parity information allows recovery from the failure of any single drive. The double parity gives RAID 6 additional redundancy at the cost of lower write performance (read performance is the same), and redundancy overhead remains low. Minimum number of drives required: 4 Performance: Average Redundancy: High Efficiency: High Advantages: Fault tolerant – increased redundancy over RAID 5 High efficiency Remains a great option in multi-user environments which are not write performance sensitive Disadvantages: Write performance penalty over RAID 5 More expensive than RAID 5 Disk failure has a medium impact on throughput Complex controller design --------------------------------------------------------------------------------------- RAID 0+1 is a mirror (RAID 1) array whose segments are striped (RAID 0) arrays. This configuration combines the security of RAID 1 with an extra performance boost from the RAID 0 striping. Minimum number of drives required: 4 Performance: Very High Redundancy: High Efficiency: Low Advantages: Fault tolerant Very high performance Disadvantages: Expensive High Overhead Very limited scalability ---------------------------------------------------------------------------------- RAID 10 is a striped (RAID 0) array whose segments are mirrored (RAID 1). RAID 10 is a popular configuration for environments where high performance and security are required. In terms of performance it is similar to RAID 0+1. However, it has superior fault tolerance and rebuild performance. Minimum number of drives required: 4 Performance: Very High Redundancy: Very High Efficiency: Low Advantages: Extremely high fault tolerance – cnder certain circumstances, RAID 10 array can sustain multiple simultaneous drive failures Very high performance Faster rebuild performance than 0+1 Disadvantages: Very expensive High overhead Limited scalability --------------------------------------------------------------------------------------- RAID 60 combines RAID 6 double parity and stripes it as in a RAID 0 configuration. Although high in cost and complexity, performance and fault tolerance are superior to RAID 6. Minimum number of drives required: 8 Performance: High Redundancy: High Efficiency: Average Advantages: Higher fault tolerance than RAID 6 Higher performance than RAID 6 Higher efficiency than RAID 6 Disadvantages: Very expensive Very complex / difficult to implement

FAQ

Windows Admin Question & Answer

1.In Windows Server 2012, administrators can access the Active Directory Recycle Bin only via -Option
A.PowerShell.
B.True
c.False

2.In June 2012, Microsoft revealed that one of its key products was running on Windows Server 2012. This was:
A.Bing
B.Office 365
C.Skydrive
D.Xbox

3.What is/are the drawback(s) of the new IP Address Management tool in Windows Server 2012?
A.It can only manage servers that belong to designated Windows domains.
B.It requires a centralized deployment, which induces network latency.
C.It cannot manage DHCP appliances.
D.A and C
D.All of the above

4.Windows Server 2012 includes out-of-the-box support for RemoteFX.
A.True
B.False

5) Difference between 2003 and 2008

1) 2008 is combination of vista and windows 2003r2. Some new services are introduced in it
1. RODC one new domain controller introduced in it  [Read-only Domain controllers.]
2. WDS (windows deployment services) instead of RIS in 2003 server
3. shadow copy for each and every folders
4.boot sequence is changed
5.installation is 32 bit where as 2003 it is 16 as well as 32 bit, that’s why installation of 2008 is faster
6.services are known as role in it
7. Group policy editor is a separate option in ads

6) The main difference between 2003 and 2008 is Virtualization, management.
2008 has more inbuilt components and updated third party drivers Microsoft introduces new feature with 2k8 that is Hyper-V  Windows Server 2008 introduces Hyper-V (V for Virtualization) but only on 64bit versions. More and more companies are seeing this as a way of reducing hardware costs by running several ‘virtual’ servers on one physical machine. If you like this exciting technology, make sure that you buy an edition of Windows Server 2008 that includes Hyper-V, then launch the Server Manger, add Roles.



7)Windows server 2008 new features
1. Virtualization with Hyper V
2. Server Core – provides the minimum installation required to carry out a specific server role, such as for a DHCP, DNS or print server. From a security standpoint, this is attractive. Fewer applications and services on the sever make for a smaller attack surface. In theory, there should also be less maintenance and management with fewer patches to install, and the whole server could take up as little as 3Gb of disk space according to Microsoft
3. IIS 7
4. Role based installation – rather than configuring a full server install for a particular role by uninstalling unnecessary components (and installing needed extras), you simply specify the role the server is to play, and Windows will install what’s necessary — nothing more.
5. Read Only Domain Controllers (RODC)
It’s hardly news that branch offices often lack skilled IT staff to administer their servers, but they also face another, less talked about problem. While corporate data centers are often physically secured, servers at branch offices rarely have the same physical security protecting them. This makes them a convenient launch pad for attacks back to the main corporate servers. RODC provides a way to make an Active Directory database read-only. Thus, any mischief carried out at the branch office cannot propagate its way back to poison the Active Directory system as a whole. It also reduces traffic on WAN links.
6. Enhanced terminal services
Terminal services has been beefed up in Server 2008 in a number of ways. TS RemoteApp enables remote users to access a centralized application (rather than an entire desktop) that appears to be running on the local computer’s hard drive. These apps can be accessed via a Web portal or directly by double-clicking on a correctly configured icon on the local machine. TS Gateway secures sessions, which are then tunnelled over https, so users don’t need to use a VPN to use RemoteApps securely over the Internet. Local printing has also been made significantly easier.
7. Network Access Protection
Microsoft’s system for ensuring that clients connecting to Server 2008 are patched, running a firewall and in compliance with corporate security policies — and that those that are not can be remediated — is useful. However, similar functionality has been and remains available from third parties.
8. Windows PowerShell
Microsoft’s new (ish) command line shell and scripting language has proved popular with some server administrators, especially those used to working in Linux environments. Included in Server 2008, PowerShell can make some jobs quicker and easier to perform than going through the GUI. Although it might seem like a step backward in terms of user friendly operation, it’s one of those features that once you’ve gotten used to it; you’ll never want to give up.
Restartable Active Directory Domain Services: You can now perform many actions, such as offline defragmentation of the database, simply by stopping Active Directory. This reduces the number of instances in which you must restart the server in Directory Services Restore Mode and thereby reduces the length of time the domain controller is unavailable to serve requests from
Enhancements to Group Policy: Microsoft has added many new policy settings. In particular, these settings enhance the management of Windows Vista client computers. All policy management is now handled by means of the Group Policy Management Console (GPMC), which was an optional feature first added to Windows Server 2003 R2. In addition, Microsoft has added new auditing capabilities to Group Policy and added a searchable database for locating policy settings from within GPMC. In Windows Server 2008 R2, GPMC enables you to use a series of PowerShell cmdlets to automate many of the tasks (such as maintenance and linking of GPOs) that you would otherwise perform in the GUI. In addition, R2 adds new policy settings that enhance the management of Windows 7 computers.

8)Windows Server 2008 R2 new features:
Active Directory Recycle Bin
Windows PowerShell 2.0
Active Directory Administrative Center (ADAC)
Offline domain join
Active Directory health check
Active Directory Web Services
Active Directory Management Pack
Windows Server Migration Tools
Managed Service Accounts
What is server core? How do you configure and manage a windows server 2008 core installation?
The Server Core installation option is an option that you can use for installing Windows Server 2008 or Windows Server 2008 R2. A Server Core installation provides a minimal environment for running specific server roles, which reduces the maintenance and management requirements and the attack surface for those server roles. A server running a Server Core installation of Windows Server 2008 supports the following server roles:
Active Directory Domain Services (AD DS)
Active Directory Lightweight Directory Services (AD LDS)
DHCP Server
DNS Server
File Services
Hyper-V
Print Services
Streaming Media Services
Web Server (IIS)
A server running a Server Core installation of Windows Server 2008 R2 supports the following server roles:
Active Directory Certificate Services
Active Directory Domain Services
Active Directory Lightweight Directory Services (AD LDS)
DHCP Server
DNS Server
File Services (including File Server Resource Manager)
Hyper-V
Print and Document Services
Streaming Media Services
Web Server (including a subset of ASP.NET)
A Server Core installation does not include the traditional full graphical user interface. Once you have configured the server, you can manage it locally at a command prompt or remotely using a Terminal Server connection. You can also manage the server remotely using the Microsoft Management Console (MMC) or command-line tools that support remote use.

How to manually remove McAfee ePolicy Orchestrator (ePO)

2. How to manually remove McAfee ePolicy Orchestrator (ePO)

To manually remove McAfee ePolicy Orchestrator (ePO) from your computer, follow these instructions.

Remove McAfee ePolicy Orchestrator

McAfee ePolicy Orchestrator (ePO) can be removed using  Add or Remove Programs in the Control Panel. If you are unable to remove ePO through Add or Remove Programs, you may uninstall it manually by following the directions below.

ePO for McAfee VirusScan 8.0i

1. Click Start > Run.
2. Type cmd and press Enter.
3. Type cd\ and press Enter.
4. Type cd program files and press Enter.
5. Type cd network associates and press Enter.
6. Type cd common framework and press Enter.
7. Type frminst /remove=agent and press Enter.
8. The McAfee Agent and Updater Setup window will open and begin removing ePolicy Orchestrator.
9. When it is finished, open Add or Remove Programs in the Control Panel. If McAfee ePolicy Orchestrator is still in the list of installed applications, call the Technology Support Center for advanced instructions on removing the entry.

ePO for McAfee VirusScan 8.5i

1. Click Start > Run.
2. Type cmd and press Enter.
3. Type cd\ and press Enter.
4. Type cd program files and press Enter.
5. Type cd mcafee and press Enter.
6. Type cd common framework and press Enter.
7. Type frminst /remove=agent and press Enter.
8. The McAfee Agent and Updater Setup window will open and begin removing ePolicy Orchestrator.
9. When it is finished, open Add or Remove Programs in the Control Panel. If McAfee ePolicy Orchestrator is still in the list of installed applications, call the Support Center for advanced instructions on removing the entry.

How-to-reset-iis.html

Introduction:

If sites become available you may need to restart IIS to get them working again. Restarting IIS is a last resort as any users currently connected will be disconnected and any data stored in memory by IIS applications will be lost. You can restart IIS using IIS Manager by right-clicking on the server node:

Please look at below the step by step procedures to stop, start and restart the IIS service.

There are three methods to restart IIS service but we always recommend and prefer 2^nd Method to restart the service from Command line.

To restart IIS services:

1ST METHOD:

1. In IIS Manager, right-click the local computer, point to All Tasks, and then click Restart IIS.

2. In “what do you want IIS to do” à drop-down list, click Restart Internet Services on computer name.

 3. IIS attempts to stop all services before restarting.

 4. Above screen will be disappeared in few seconds and IIS service will be restart.

5. To ensure whether all services are running after the IIS restart à Go to Command Prompt à Type Command IISRESET /STATUS. All IIS dependant service showing in below screen should be on running state.

 02ND METHOD:

Use the /noforce parameter to help prevent data loss in case the IIS services cannot be stopped within the one minute time-out period. If you are certain that it is safe to force IIS to restart, you can omit the /noforce parameter. However, be aware that you could lose data if you do not include this parameter.

IIS attempts to stop all services before restarting. The IISReset command-line utility waits up to one minute for all services to stop if you do not include the /noforce parameter. If the services cannot be stopped within one minute, all IIS services are terminated, and IIS restarts.

Restart IIS from command IISRESET

 OR Restart IIS from command IISRESET /NOFORCRE

 STOP IIS from Command IISRESET /STOP

 START IIS from Command IISRESET /START

 Check the status of IIS dependant services IISRESET /STATUS

 3RD METHOD:

1.       Click Start à RUN à type Services.msc

2.       In the below screen Right Click on “IIS Admin Service” à Click Restart

 3.       You will get the below screen.

4.       Click Yes to Restart all dependant Service.

5.       To ensure whether IIS Admin service and its dependant services are running properly after the restarts, check each service, the status of below services should be showing started.

IIS Admin Service

World Wide Web Publishing Service

Simple Mail Transfer Protocol (SMTP)

FTP Publishing Service

HTTP SSL