June 26, 2009

Ten Coolest Features of Windows Server 2008

1. Virtualization
Although it will not be available with the initial launch of Server 2008, Microsoft's Hyper-V hypervisor-based virtualization technology promises to be a star attraction of Server 2008 for many organisations.
Although some 75 percent of large businesses have started using virtualization, only an estimated 10 percent of servers out are running virtual machines. This means the market is still immature. For Windows shops, virtualization using Server 2008 will be a relatively low-cost and low-risk way to dip a toe in the water.
At the moment, Hyper-V lacks the virtualized infrastructure support virtualization market leader VMware can provide. Roy Illsley, senior research analyst at U.K.-based Butler Group, noted that Microsoft is not as far behind as many people seem to think, however. "Don't forget Microsoft's System Center, which is a fully integrated management suite and which includes VM Manager. Obviously it only works in a Wintel environment, but if you have Server 2008 and System Center, you have a pretty compelling proposition.
"What Microsoft is doing by embedding virtualization technology in Server 2008 is a bit like embedding Internet Explorer into Windows," said Illsley. "This is an obvious attempt to get a foothold into the virtualization market."
At launch, Microsoft is unlikely to have a similar product to VMware's highly popular VMotion (which enables administrators to move virtual machines from one physical server to another while they are running), but such a product is bound to available soon after.
2. Server Core
Many server administrators, especially those used to working in a Linux environment, instinctively dislike having to install a large, feature-packed operating system to run a particular specialized server. Server 2008 offers a Server Core installation, which provides the minimum installation required to carry out a specific server role, such as for a DHCP, DNS or print server. From a security standpoint, this is attractive. Fewer applications and services on the sever make for a smaller attack surface. In theory, there should also be less maintenance and management with fewer patches to install, and the whole server could take up as little as 3Gb of disk space according to Microsoft. This comes at a price — there's no upgrade path back to a "normal" version of Server 2008 short of a reinstall. In fact there is no GUI at all — everything is done from the command line.
3. IIS
IIS 7, the Web server bundled with Server 2008, is a big upgrade from the previous version. "There are significant changes in terms of security and the overall implementation which make this version very attractive," said Barb Goldworm, president and chief analyst at Boulder, Colorado-based Focus Consulting. One new feature getting a lot of attention is the ability to delegate administration of servers (and sites) to site admins while restricting their privileges.
4. Role-based installation Role-based installation is a less extreme version of Server Core. Although it was included in 2003, it is far more comprehensive in this version. The concept is that rather than configuring a full server install for a particular role by uninstalling unnecessary components (and installing needed extras), you simply specify the role the server is to play, and Windows will install what's necessary — nothing more. This makes it easy for anyone to provision a particular server without increasing the attack surface by including unwanted components that will not do anything except present a security risk.
5. Read Only Domain Controllers (RODC)
It's hardly news that branch offices often lack skilled IT staff to administer their servers, but they also face another, less talked about problem. While corporate data centers are often physically secured, servers at branch offices rarely have the same physical security protecting them. This makes them a convenient launch pad for attacks back to the main corporate servers. RODC provides a way to make an Active Directory database read-only. Thus, any mischief carried out at the branch office cannot propagate its way back to poison the Active Directory system as a whole. It also reduces traffic on WAN links.
6. Enhanced terminal services
Terminal services has been beefed up in Server 2008 in a number of ways. TS RemoteApp enables remote users to access a centralized application (rather than an entire desktop) that appears to be running on the local computer's hard drive. These apps can be accessed via a Web portal or directly by double-clicking on a correctly configured icon on the local machine. TS Gateway secures sessions, which are then tunnelled over https, so users don't need to use a VPN to use RemoteApps securely over the Internet. Local printing has also been made significantly easier.
7. Network Access Protection
Microsoft's system for ensuring that clients connecting to Server 2008 are patched, running a firewall and in compliance with corporate security policies — and that those that are not can be remediated — is useful. However, similar functionality has been and remains available from third parties.
8. Bitlocker
System drive encryption can be a sensible security measure for servers located in remote branch offices or anywhere where the physical security of the server is sub-optimal. Bitlocker encryption protects data if the server is physically removed or booted from removable media into a different operating system that might otherwise give an intruder access to data which is protected in a Windows environment. Again, similar functionality is available from third-party vendors.
9. Windows PowerShell

Microsoft's new(ish) command line shell and scripting language has proved popular with some server administrators, especially those used to working in Linux environments. Included in Server 2008, PowerShell can make some jobs quicker and easier to perform than going through the GUI. Although it might seem like a step backward in terms of user friendly operation, it's one of those features that once you've gotten used to it, you'll never want to give up.
10. Better security

We've already mentioned various security features built into Server 2008, such as the ability to reduce attack surfaces by running minimal installations, and specific features like BitLocker and NAP. Numerous other little touches make Server 2008 more secure than its predecessors. An example is Address Space Load Randomization — a feature also present in Vista — which makes it more difficult for attackers to carry out buffer overflow attacks on a system by changing the location of various system services each time a system is run. Since many attacks rely on the ability to call particular services by jumping to particular locations, address space randomization can make these attacks much less likely to succeed.
It's clear that with Server 2008 Microsoft is treading the familiar path of adding features to the operating system that third parties have previously been providing as separate products. As far as the core server product is concerned, much is new. Just because some technologies have been available elsewhere doesn't mean they've actually been implemented. Having them as part of the operating system can be very convenient, indeed.
If you're running Server 2003 then, now is the time to start making plans to test Server 2008 — you're almost bound to find something you like. Whether you decide to implement it, and when, is up to you.

June 17, 2009

My Reports: SMS & SCOM

No of Additional customized reports = 277 (SMS) still in progress...
SCOM reports - 14 (pulling the ways to record all the data and manipulating as SCOM report.. )

Regards,
Atul

Error message when you try to generate a report in System Center Operations Manager 2007: Cannot initialize report

SYMPTOMS

When you run Microsoft System Center Operations Manager 2007, you experience the following symptoms:
When you try to generate a report by using a link in a view in the Operations Manager 2007 Operations Console, you receive the following error message:
Application: System Center Operations Manager 2007
Application Version: 6.0.5000.0
Severity: Error
Message: Cannot initialize report.

Microsoft.Reporting.WinForms.ReportServerException: The item
'/Microsoft.SystemCenter.DataWarehouse.Report.Library/Microsoft.SystemCenter.DataWar
ehouse.Report.Alert' cannot be found. (rsItemNotFound)
at Microsoft.Reporting.WinForms.ServerReport.GetExecutionInfo()
at Microsoft.Reporting.WinForms.ServerReport.GetParameters()
at
Microsoft.EnterpriseManagement.Mom.Internal.UI.Reporting.Parameters.ReportParameterB lock.Initialize(ServerReport serverReport) at Microsoft.EnterpriseManagement.Mom.Internal.UI.Console.ReportForm.SetReportJob(Objec t sender, ConsoleJobEventArgs args)
When you try to view a report by using the Reporting node in the Operations Manager 2007 Operations Console, no unpublished reports appear.
The following events may be logged in the Operations Manager log on the management server.
Event Type: Warning
Event Source: HealthService
Event Category: None
Event ID: 2115
Date: date
Time: time
User: N/A
Computer: ComputerName
Description: A Bind Data Source in Management Group ManagementGroupName has posted items to the workflow, but has not received a response in NNNN seconds. This indicates a performance or functional problem with the workflow. Workflow Id : Microsoft.SystemCenter.DataWarehouse.CollectEntityHealthStateChange Instance : FQDN Instance Id : GUID

Event Type: Warning
Event Source: Health Service Modules
Event Category: None
Event ID: 11411
Date: date
Time: time
User: N/A
Computer: ComputerName
Description: Alert subscription data source module encountered alert subscriptions that were waiting for a long time to receive an acknowledgement. Alert subscription ruleid, Alert subscription query low watermark, Alert subscription query high watermark:

Note Event ID 11411 is logged every 10 minutes.

CAUSE
This problem occurs if the data warehouse database was created by using the DBCreateWizard tool. The DBCreateWizard tool is located on the Microsoft System Center Operations Manager 2007 media.

To determine whether you experience the problem that is described in the "Symptoms" section, follow these steps:
On the data warehouse database server, start the Microsoft SQL Server Management Studio program.
Click New Query, and then click OperationsManagerDW in the list that appears in the standard toolbar.

Note If the database that houses the data warehouse is not OperationsManagerDW, click the appropriate database.
Type the following query, and then press F5 to run the query:
Select * from MemberDatabase
Note This query is used to determine whether required information is missing from the database.
Examine the results that are returned.

If this query returns no rows in the query results, you are experiencing the problem that is described in this article. In this scenario, continue to the "Resolution" section.

If this query returns rows in the query results, and if the server name is returned in the query results, you are not experiencing the problem that is described in this article. Instead, you may be experiencing a SQL Server permissions-related issue. In this scenario, do not follow the steps in the "Resolution" section.

RESOLUTION
To resolve this problem, follow these steps:
On the data warehouse database server, start the Microsoft SQL Server Management Studio program.
Click New Query, and then click OperationsManagerDW in the list that appears in the standard toolbar.

Note If the database that houses the data warehouse is not OperationsManagerDW, click the appropriate database.
Type the following query, and then press F5 to run the query:
EXEC MemberDatabaseAttach 'dbserver\instanceName', 'datawarehouseDBname', 1, 1, 1


Note In this query, replace dbserver\instancename with one of the following:
If you do not use the default instance of SQL Server, replace dbserver\instancename with the NetBIOS name of the computer that is running SQL Server together with the name of the instance of SQL Server. For example, replace dbserver\instancename with DWServer\Instance-1.
If you use a default instance of SQL Server, replace dbserver\instancename with only the NetBIOS name of the computer. For example, replace dbserver\instancename with DWServer.
To verify that the table has been updated successfully, delete the contents of the query window, type the following query, and then press F5 to run the query:
Select * from MemberDatabase
If the table is updated successfully, one row is returned in the query results. For example, the query results may resemble the following.
Collapse this tableExpand this table
MemberDatabaseRowId ServerName DatabaseName MasterDatabaseInd DefaultDatabaseInd ComponentAutoDeploymentAllowedInd MasterDatabaseReferenceServerName MasterDatabaseReferenceDatabaseName
DWServer OperationsManagerDW 1 1 1 NULL NULL

Note After you follow these steps, several Event ID 31554 events may be logged in the Operations Manager log on the management server. These events have the following Description information:

Workflow succeeded storing data in the Data Warehouse.

June 16, 2009

SQL Server Best Practices

Pls refer to the below link:

http://technet.microsoft.com/en-us/sqlserver/bb671430.aspx

Thanks.
Atul

SMS 2003 Advanced Client takes lots of time to download many policies

Symptoms:

Microsoft Systems Management Server (SMS) 2003 Advanced Client takes lots of time to download many policies.

Cause:

This issue occurs because Background Intelligent Transfer Service (BITS) cannot handle more than about 500 simultaneous jobs. When more than 500 simultaneous jobs are submitted, many I/O operations must occur, and many BITS state files must be maintained. Therefore, a decrease in performance occurs.

In large SMS 2003 hierarchies that have many sites, site-to-site replication slows down

Symptoms -

In large Microsoft Systems Management Server (SMS) 2003 hierarchies that have many sites, site-to-site replication slows down.

The volume of files may be larger than you expect in the following folders on a site server:
Sms\Inboxes\Schedule.box
Sms\Inboxes\Schedule.box\tosend
Sms\Inboxes\Replmgr.box\ready
These files represent site-to-site replication data that has been queued for processing by several components of the SMS_EXECUTIVE service. A baseline for the site is required to determine whether the counts are larger than expected. Large queues of replication information are occasionally expected. These large queues are typical when specific conditions exist.

Note The baseline is defined here as some historical measure of the volume of files in the Inboxes folder structure.

The following conditions can cause backlog scenarios:
Network or other infrastructure issues prevent the sender component from completing pending replication work.
Poor disk performance or slow I/O occurs because of a contention for disk resources.
SMS bandwidth restrictions limit the throughput of the sender component. This behavior keeps more send requests and jobs around for longer periods.
When addresses are unavailable, the SMS Scheduler component cannot schedule send requests by using the sender for the given address. This issue delays the part of the work that is associated with scheduling the send request until the address is available.
Distributing many or large packages in a short time creates a high load on the components that are involved in site-to-site replication.
Overly aggressive schedules exist for discovery data generation, inventory collection, collection evaluation, and so on.
In a hierarchy that has three or more tiers, middle-tier sites that have many child sites handle larger volumes of jobs and replication objects. This behavior occurs because of site-to-site replication routing. The load of a middle-tier site is increased for each child site that is attached. Therefore, reducing the number of attached sites can, in some cases, reduce this load.
Sites are removed from the hierarchy incorrectly.
In most cases, when the conditions that cause significant replication queuing have been corrected or when these conditions have subsided, the queued replication data is processed and then cleared.

Cause:

When the SMS Scheduler component is processing large quantities of active jobs and send requests, the throughput of the Scheduler component begins to slow. This behavior occurs because of a corresponding increase in processing overhead for the increased quantities of objects.

In some instances, if a large enough queue of data is formed, it can take days or even weeks to be completely processed. The time that is required to process the queued data depends on the many variables that affect replication performance in the hierarchy and in the environment. These variables include disk I/O performance, network speeds, bandwidth restrictions, size of queued data, and object count. When a large queue of backlogged replication data has been formed, adding additional loads increases the time that is required for all data to be processed.

In most cases, the appropriate action for a large backlog of replication data is to first correct any issue that may be preventing processing of replication data. Next, you may have to reduce the quantity of site-to-site replication traffic. Finally, make sure that the SMS_EXECUTIVE service can run uninterrupted to complete processing in a timely manner. Service restarts can add significant overhead. Limiting SMS_EXECUTIVE service restarts is important because the initialization work for the SMS Scheduler component is proportional to the number of jobs, send requests, and routing requests that are currently queued for processing.

Note The SMS_EXECUTIVE service hosts the SMS Replication Manager, SMS Scheduler, and SMS Sender components.

How to change the credentials for the OpsMgr SDK Service and for the OpsMgr Config Service in Microsoft System Center Operations Manager 2007

Reference:

http://support.microsoft.com/kb/936220

Regards,
Atul

June 5, 2009

Antivirus software blocks script execution in System Center Operations Manager 2007

SYMPTOMS
In Microsoft System Center Operations Manager 2007, you may receive alerts that have a warning severity that resembles the following:

Script or Executable Failed to run

The process started at 10:41:22 AM failed to create System.PropertyBagData, no errors detected in the output. The process exited with 1

Command executed: "C:\WINDOWS\system32\cscript.exe" //nologo "C:\Program Files\System Center Operations Manager 2007\Health Service State\Monitoring Host Temporary Files 73\3456\ScriptName.vbs"

Working Directory: C:\Program Files\System Center Operations Manager 2007\Health Service State\Monitoring Host Temporary Files 73\3456\

One or more workflows were affected by this.

CAUSE
This problem occurs because some antivirus software blocks Visual Basic scripts or Java scripts.

RESOLUTION
To resolve this problem, verify that your antivirus software is not blocking scripts from running.

OpsMgr 2007: Files and Folders starting with "Program" causing unmonitored Agent

Symptom

The Operations Manager Service Pack 1 (SP1)Â Agent or Management Server may be shown as greyed out in the Operations Manager console and the following events may be logged in the event log:

Event ID: 10000
Source: DCOM
Description: Unable to start a Dcom Server: {}. The error: description> Happened while starting this command: -Embedding
regarding monitoring host

-and-

Event Type: Error
Event Source: HealthService
Event Category: Health Service
Event ID: 1102
Description: Rule/Monitor
"Microsoft.SystemCenter.DiscoveryHealthServiceCommunication" running for instance
"" with id:"{38696FAA-2A83-6068-B008-DB43D49FB879}" cannot be
initialized and will not be loaded. Management group ""

Cause
Computers having files or folder that start with "Program" on the root drive may not be monitored. All workflows fail when file "c:\Program" is present on the machine. This happens because HealthService.exe is unable to start MonitoringHost.exe.

Workaround Information
To resolve this issue, delete or rename the file or folder named Program on the affected computer.

The W3WP.exe process crashes when the Anonymous authentication is disabled on the IISADMPWD virtual directory

SYMPTOMS
When a user's password is expired, you can use the Anonymous user account to change the expired password through the achg.asp file even when the Anonymous authentication is disabled on the IISADMPWD virtual directory.In this situation, if the AnonymousUserName and the AnonymousUserPass metabese properties are inconsistent or the "denied access this computer from the network" policy is applied for the Anonymous user, the Anonymous user cannot log on the server and an access violation occurs. In addition, the W3WP.exe process crashes.

RESOLUTION
To avoid this effect, use one of the following methods:
Set correct AnonymousUserName and AnonymousUserPass metabese properties or disable the "denied access this computer from the network" policy for anonymous user.
Separate the Application pool for the IISADMPWD virtual directory. Note A user may receive the 403.18 error when the request is redirected to the IISADMPWD password change pages, and the password cannot be changed through IISADMPWD. However, the W3WP.exe process does not crash.Note These settings violate the Internet Information Services (IIS) requirements that are described in the following Microsoft Knowledge Base:
812614Â (http://kbalertz.com/Feedback.aspx?kbNumber=812614/ ) Default permissions and user rights for IIS 6.0

Steps to reproduce this problemTo reproduce the problem, follow these steps:
On the IISADMPWD virtual directory, set an incorrect password in the AnonymousUserPass metabase for the IUSR account, or apply the "denied access this computer from the network" policy for the IUSR account.
Create a new local or domain user and enable "change their password the next time that the user logs on." This means the user's password is expired.
Disable Anonymous authentication for IISADMPWD.
Enable Basic authentication or Integrated Windows authentication for IISADMPWD.
Create a new TEST virtual directory that is enabled Basic or Integrated Windows authentication. When you access the TEST virtual directory, you will be redirected to the aexp3.asp Web page because the password is expired. If you enter an old password and a new password, and then click OK, the dialog box for Basic authentication appears. If you enter the old password, you will experience the symptoms that are described in the "Symptoms" section.

June 1, 2009

Operations Manager 2007 Design Tips

The following are some tips to consider when designing your Operations Manager 2007 infrastructure.

1. Always setup a minimum of 1 RMS and 1 MS. Do not have agents report directly to the RMS. remember that the RMS functions to distribute configuration information to all MS. Having additional load on to this process is not recommended. Besides, with this, you'll have a failover scenario in place.
2. 3-node clusters for RMS is not supported
3. To have a affordable failover strategy for your Operations DB, use SQL Log shipping. Unfortunately, DB Mirroring is an unsupported method.
4. When dealing with multi-site monitoring (branches), use a Gateway Server instead of a MS. Have MS in close proximity with your SQL Server. Why? Cause whenever MS needs to write data, it establishes a SQL ODBC connectivity. This takes up resources and the data is uncompressed. By using a GWS, data is compressed and the connection to a MS is always connected.
5. Have a dedicated MS for reporting from a GWS. Do not have other agents reporting to the same MS as a GWS. Reason is that Management Servers divide their processes by number of connections. Let's say that you have 10 servers reporting to the GWS. When the MS receives that connection, it is treated as 1. If you had an additional of 10 servers reporting to that MS, the MS will divide its performance 11 ways. You would then see a significant performance drop for the servers handled by the GWS. If GWS is the only one connected to the MS, it will be given the full 100%.
6. The RMS consumes CPU and RAM as its core process. So bulk up on these
7. Use 64-bit for the RMS so that there are opportunities to scale beyond 4GB of RAM
8. There is a Datawarehouse Grooming tool found in the Resource Kit that will help trim down the size of the Operations DW
9. Support for SQL 2008 will be around the August 2008 timeframe or SP2. This will be cool cause there will be no dependency on IIS
10. Each GWS can support up to 800 Agents with the SP1