Management

1
Management
2
Shadow Copies
3
What problems does VSS solve?

• For Data
• An application can modify a file while it is
  being backed-up causing data corruption, or cause
  an file open error
• For Backup Applications
• No easy way for applications to describe their
  data to backup apps.
• Excessive number of APIs to deal with.
• For Data Mining or Transport
• Very expensive for SQL to calculate a
  point-in-time for analysis.

4
What are the possible solutions?

• Stop the applications for the duration of the
  backup. BAD!
• Skip opened files during the backup
• Sorry, did you want that file? BAD!
• Use Shadow Copies!
• Freeze the app
• Make a Shadow Copy of the data
• Thaw the app
• Transport it where you like
• Back it up, or
• Use it for analysis and reporting

5
Volume Shadow Copy Service

• What Is It?
• Known in the industry as Snapshots
• Infrastructure for creating a point-in-time copy
  of a single volume or multiple volumes
• Appears static, even though the original data is
  changing

Data is written to the disk
Write some data
t0
t1
t2
Backup the static shadow copy while
Create a shadow copy
6
Shadow copy architecture

• Dont copy everything
• Only copy what changes since the snapshot
• Can be done as a (volume or file) filter or in
  hardware
• Proven technology
• 30 years old on IBM mainframes
• 3rd party open file backup solutions

7
Persistent Shadow Copies

• New Feature for Windows Server 2003
• Allows users to see network folder contents at
  points-in-time in the past
• Customer Scenarios
• Accidentally Deleted - User can NOW recover
  files THEMSELVES
• Forgot to Save as - User can NOW recover files
  that were accidentally overwritten
• Allow sanity checking while working on documents
• No more restore from tape for just one file
• Not a replacement for Archive or Business Recovery

8
DEMO Shadow Copies
9
Disaster Recovery (ASR)

• Disaster
• Physical destruction of the computer system
  (fire, earthquakes, etc.)
• Catastrophic hardware failure (especially
  storage devices)
• Recovery
• Restore hardware configuration, base OS
• Restore user data as a separate process

10
(old) Manual System Recovery

• User (administrator) gets new hardware
• User installs Windows
• User configures all physical storage to their
  original settings
• User installs backup-and-restore application,
  backup media drivers
• User recovers operating system
• User reboots and adjusts services
• User restores data

11
What Is Automated System Recovery?
XP, Windows Server 2003 Bring a non-bootable
system quickly to a state from which a restore
can be performed re-configure physical storage to
its original state restore the OS, applications
and all settings
Backup App Install Media (Optional)
Data backup Media
Windows CD
On-Line
Retail Media
ASR B/U Media
Provides a mechanism for third-party vendors to
incorporate ASR-related features
ASR Floppy
ASR Floppy
12
Target System Requirements

• Hardware must be identical as original system,
  except hard disks, video cards and NICs
• Enough disks to restore all the Critical System
  Disks
• Storage capacity of each critical disk must be gt
  corresponding original disk. Disk geometries
  must be compatible
• ASR state file (asr.sif) must be accessible
  through a local floppy drive
• Copy kept in repair directory

13
Starting ASR

• Normally need a floppy drive
• ASR restore not networkable/remotable
• The ASR process can be completely automated with
  the use of a RIS server
• No floppy required
• No F2 to start ASR
• Uses PxE boot
• Whitepaper in preparation

14
ASR and Clusters

• Backup
• On each node, stores configuration info about
  local and all shared disks
• ASR each node separately
• Restore
• While restoring the first node, all shared disks
  are restored (Lone-wolf up and running)
• For other nodes, only local critical disks will
  be restored

15
Windows System Resource Manager
16
What Does WSRM Do?

• Allows an administrator to set application
  resource consumption policies (CPU and memory)
• Select processes to be managed
• Set resource consumption targets or limits
• Manage machine resources according to policies
• CPU utilization (percent CPU)
• Process working set size (physical resident
  pages)
• Committed memory (page table and page file usage)
• Apply policies based on a date/time schedule
• Generate, store, view and export accounting
  records
• Generate email notification for events

17
Consolidate with WSRM

• Single or multiple important LOB apps with other
  apps or services
• ltYour Appgt SQL 7 SQL 2000 Exchange 2000
  BizTalk Server Commerce 2000 Server
• Large Terminal Server system managing users
• Managing user or group resource usage
• Managing user or group application resource usage
  
• Multiple SQL Server instances
• Multiple departmental database server machines
  consolidated as separate SQL Server instances
  running on a single machine
• Manage resource usage of individual IIS6 App
  pools on a server
• SQL Server, IIS and Exchange running on the same
  machine
• Set separate resource policies for each

18
WSRM Feature
19
Process Matching Criteria(PMC)

• Used to identify processes for management and
  accounting
• Select processes by matching any part of the
  command used to start the process
• Path to executable (e.g. C\Program
  Files\Microsoft SQL Server\MSSQLInstance1\Binn)
• Filename of executable (sqlservr.exe)
• Command line options/parameters (e.g. -d
  mydatafile)
• Regular-expressions may be used to implement
  complex matching
• Select processes by matching the user account
  that started the process
• User name of the account
• Group name that the user is a member of
• Exclusion rules reduce the set of matches

20
Percent CPU Targets

• Allocation rules are applied to matching
  processes
• Processes are identified and grouped using
  Process Match Criteria
• CPU specifies how much CPU bandwidth is given to
  the processes
• All processes not matched by an active selection
  rule go into the default group and share the
  unallocated resources
• CPU Allocations may be divided into
  sub-allocations
• Sub-allocations (also a ) divide an allocations
  CPU
• For example allocation A might have
  sub-allocation A1 with 40 who has sub-allocation
  A11 with 40. Effectively, then A11 actually has
  16 of As allocation
• Processes in the global exclusion list are not
  managed
• Built-in system exclusion list contains processes
  that should not be managed
• User exclusion list is available (empty to start)
• WSRMs 100 means 100 of CPU not used by
  excluded processes

21
Percent CPU Targets (advanced)

• Top level allocations divide the resources of the
  whole machine
• Advanced users may assign a CPU affinity to their
  allocations
• Indiscriminate use of CPU affinity can lead to
  complex over-allocations of processors
• Default group is also managed
• Resources not consumed by a process will be
  reallocated
• Goes first to the enclosing allocation
• If the enclosing allocation is unable to consume
  it, then it goes to sibling allocations
• If sibling allocations are unable to consume it,
  the kernel scheduler will allocate to any thread
  that is able to consume it

22
Default Management

• WSRM manages processes as groups, so CPU
  bandwidth target applies to the group of
  processes
• When a group contains more than one process WSRM
  applies default management
• Default management also applies to the default
  group
• Always equal by process
• Built-in policy WSRM Default Policy places
  every process into the default group
• Provides runaway process protection out of the
  box
• Provides reasonable management even when there is
  no user policy active

23
Real Memory Management

• An advanced property of a resource allocation
• For cases where CPU bandwidth targets are not
  effective due to application memory consumption
  patterns
• Allows administrator to specify upper limit on
  the applications working set size
• Prevents working set growing beyond upper limit
• Uses kernel functions for setting limits on a
  process working set size
• Limits are automatically applied by WSRM via
  calls to Get/SetProcessWorkingSetSizeEx() function

24
Committed Memory Mgmt

• An advanced property of a resource allocation
• For cases where apps behave poorly (e.g. leak
  memory)
• Policy specifies an upper limit on the committed
  memory consumed by a process
• Committed memory cannot be taken back by the OS
• Policy also identifies an intervention action for
  processes that reach the limit
• Generate a notification (event log)
• Terminate the offending process

25
Resource Allocation Policies

• Resource Allocation Policy allocates resources to
  sets of processes
• Sub-divides all of the managed resources of the
  machine
• Order of allocation rules within the policy
  determines order of process matching
• Many policies may be defined, however only one
  can be in effect at a given time
• Resource Allocation Policies can be scheduled or
  manually activated
• Manual activation turns off calendar management

26
Scheduling Policies

• Two scheduling models supported
• Day-based schedules
• Calendar events
• All scheduled items have a priority that removes
  conflicts
• Default calendar policy applies if calendar is
  active but nothing is scheduled
• Any policy may be selected for calendar default

27
Job Accounting Records

• Process resource counters are periodically
  sampled
• Accounting records are generated and stored on a
  slower interval (10 minutes, modifiable)
• No separate database required, WSRM implements a
  database in the service
• Accounting records include
• User, domain, file name/path, Process Matching
  Criteria and Resource Allocation name
• PID, Process start time, end time
• Resource Statistics kernel time, total CPU time,
  handles, thread count, I/O bytes, etc.
• Full-featured retrieval UI
• Aggregate, sort and filter columns
• Move/hide display columns
• Save and load views
• Export formats tab-delimited, .CSV, and SMF

28
WSRM Service

• Written in C, runtime check prevents running on
  anything but WS3 Datacenter and Enterprise
  Editions
• WSRM service polls system, examines CPU usage of
  processes by Process Match Criteria
• Base priority of managed processes is dynamically
  modified
• On a busy system with CPU-bound processes,
  consumption matches allocations closely
• Allocation above what a group is able to consume
  (for any reason) will be reallocated to other
  groups in same proportion as defined in the
  policy
• CPU resource above what all groups are able to
  consume is allocated via the normal kernel
  scheduler algorithm

29
WSRM User Interfaces

• Supported on Win2K and later OSs (32-bit only,
  until Whidbey release of VS.NET)
• Both GUI and CLI written in C, managed code
• Installs .NET Framework redist on Win2K and XP
  Pro
• GUI is an MMC snap-in
• CLI supports all of the GUI functionality
• This is the current automation model
• User interfaces communicate with the WSRM service
  on managed machines via DCOM protocol
• Service implements the DCOM interface

30
Limitations

• No 64-bit client support until Whidbey (64-bit
  VS.NET, released first on Longhorn)
• Does not manage key system services (including
  itself). This is by design.
• Unable to manage processes being managed by other
  RM tools
• Proccon, ESS or other Job Object oriented tools
• Aurema, or other process-oriented tools
• Does not manage other types of memory resources
• AWE memory/Large page memory/Locked memory
• OS Pool memory (paged or non-paged)
• Does not manage I/O

31
WSRM How To
32
How To Manage Applications

• Create Process Match Criteria (PMC) to identify
  and group processes
• Create WSRM Resource Allocation Policies
• Create a policy and add allocation rules
• Assign CPU or memory to groups created by Process
  Match Criteria
• Activate a policy
• Manually select a policy to activate
• Create schedules that activate desired policies
  at the desired dates/times
• Monitor results
• Use resource monitor (or PerfMon) to view WSRM
  performance counters
• Examine event log or turn on notification for
  significant events
• Review accounting records
• WSRM stores records of process resource
  consumption
• Full-featured retrieval interface for researching
  application behavior and management

33
Process Match Criteria (PMC)

• Give it a name (e.g. SQL-Instance1)
• Match any part of the command used to start the
  process
• Match the user account that started the process
• User name of the account
• Group name that the user is a member of
• Add exclusion rules that reduce the set of
  matches
• Logical combinations of multiple criteria

34
Resource Allocation Policy

• Give it a name (e.g. SQL-Instance1-Weekday)
• Add resource allocations to the policy
• Select a PMC to manage (e.g. SQL-Instance1)
• Give it an allocation (e.g. 40 CPU, 20Mb working
  set)
• Repeat for other desired allocations within the
  policy
• Resource allocation list provides matching order
• Resource allocation policy controls the entire
  machine
• Only a single policy is in control at a time
• Processes that dont match receive remaining
  resources
• Exclusion list names processes that WSRM will not
  manage

35
Activating Policies

• Option 1 manually set the active policy through
  the UI
• Policy will stay in effect until manually changed
  via the UI
• Option 2 schedule the policy
• Outlook model schedule the periods in which to
  use each policy
• Schedule model create a 24-hour template and
  assign it to days on the calendar

36
Monitor/Manage WSRM

• Use accounting UI to examine job accounting
  history
• Aggregate, sort and filter columns in the
  accounting database
• Proper matching of processes to policies
• Allocation targets not being met
• Export accounting data into other reduction tools
• CSV, tab-delimited, SMF formats supported
• Use Resource Monitor GUI to watch WSRM counters
• View in context with other performance counters
  in the system (OS or app counters)
• Monitor managed machines event log for
  unexpected behavior
• Generate email or SMTP notifications of
  unexpected error or warning conditions

37
Release Information

• Timing
• Shipped at WS3 RC2
• Two previous alpha releases (OEM only)
• WSRM final release ships with WS3 final release
• WSRM is not built-in to Windows Server 2003
• Separate CD, separate install
• Only Enterprise and Datacenter Editions (32 and
  64 bit)
• WSRM CD will ship with OS CD in all distribution
  channels
• Correct platform is verified at install and
  startup
• Administrative UIs are supported on back level
  platforms
• W2K (all SKUs)
• XP Professional
• WS3 (all 32-bit SKUs)
• WSRM will be fully integrated into next major
  Windows release

38
For More Information

• Download WSRM collateral
• http//www.microsoft.com/windows.netserver/downloa
  ds/wsrm.mspx

39
DEMO WSRM
40
Management Tools andTroubleshooting
41
Agenda

• Management Tool Strategy
• New tools for Windows Server 2003
• What is the Support Tools folder?
• WMIC new management command line interface
• Automating management tasks
• Headless Server Management
• Troubleshooting

42
Management Tools Strategy
Manageability Methods
Out of band
Remote Console
Remote GUI
Automated/preset

• Cmd Line /
• Simple scripting
• WMIC
• Para-programming/ Complex scripting

• EMS (Remote Serial)

• Terminal Server
• MMC
• Web Admin

• Policy
• RIS
• Automated setup

Command Line Tools Program

• Programmer or sophisticated admin
• Build your own tools or complex scripts
• Win32 APIs
• COM Objects
• WMI ADSI interfaces for scripting

• Admin focused
• Pre-built .exe
• Pre-built .vbs
• Batch files
• Redirection / Piping
• WMIC adds extensibility

43
Web Interface for Remote Admin
44
Windows Command Line Program

• Command Shell Usage Scenarios  
• Manage a local computer
• Remotely manage a computer
• Telnet to a remote computer run tools
• Use scripting/batch to automate management

45
Windows Command Line Program
Goal provide tools to improve admin experience
for data center scenarios non-gui, automated,
remoteable

• Provide tools in the box for all admin tasks
• Document common admin tasks, scenarios current
  tools
• Add key Resource Kit PSS Support tools to
  product
• Build missing tools for tasks w/o command line
  capabilities
• Better online documentation and education
• Improved online help for cmd line A-Z list
  (ntcmds.chm)
• New Resource Kit scripting book show how to
  script w/ tools
• Make tools more consistent discoverable
• Provide both power and simplicity from the
  command line as an alternative to GUI management

46
Command Line Standards

• Consistent, standard syntax with /? Help
• Run under Telnet and Terminal Services
• Support Stdin, Stdout, Stderr, Error codes
• Leverage WMI providers whenever possible
• Remote machine (\\UNC) management capability
• Allow alternate credentials on remote connections
  
• 1many capable via batch or WSH programming
• Support redirection of output, automation linking

47
Telnet Services

• Built into all Windows Server products
• Command line access to remote systems
• Can manage almost any part of the OS
• Low overhead on target devices
• Good for managing individual machines
• Can execute batch files or character mode scripts
  (cscript.exe) for automation
• Uses NTLM authentication by default
• Microsoft is testing all new command line tools
  to ensure they run under Telnet

48
Top New Command Line Tools

• New Task Scheduling tool - SchTasks.exe, full
  automation of task scheduling, replaces AT.exe
• Shutdown.exe reboot reason collector version
  logs shutdown/restart data (reliability)
• SC.exe service controller tool, manage
  start/stop/diagnose all Win32 services
• 6 New print tools - Prn.vbs (WMI based)
• New get/set machine name feature added to
  NetDom.exe, renames machines in domains only
• NetSH.exe has new network diagnostics tools,
  from Windows ME product

49
Top New Command Line Tools

• GPResult - Group Policy tool, uses new WMI based
  RSOP provider to show policy status
• 4 Performance Log Tools - LogMan, ReLog,
  TypePerf, TraceRpt, manage perfmon data
• 3 Event Log Tools EventQuery, EventCreate,
  EventTriggers (execute script when triggered)
• 6 AD mgmt tools DSQuery, DSGet, DSAdd, DSMod,
  Dsmove, DSRm (delete) for Users, Computers,
  Domains objects in DCs
• 2 disk management tools Diskpart.exe (for
  partioning) and FSutil.exe for file system
  management

50
WMIC

• WMI Command Line Interface
• New tool only available on XP Pro Windows
  Server 2003 SKUs
• Access various sources of mgmt data via WMI
  without programming
• Get information from a local computer, remote
  computer and from multiple computers in a single
  command

51
Using WMIC

• Two ways of using a. C\gt wmic process
  (scripting/batch) b. wmicroot\cligt process
  (interactive)
• Examples of interactive mode gt OS get name,
  locale, bootdevice gt OS where namesun call
  shutdown gt /node_at_MyOrg os get /all
  /formathtable

52
WMIC Examples

• PRODUCTS
• path win32_ltnamespacegt
• path win32_processor get MaxClockSpeed
• process where (processIDgt300) list brief
• /node"computer1","computer2
• Process Where Description"WinLogon.exe" Get
  VirtualSize /EVERY5
• SERVICE WHERE CAPTION'TELNET' CALL STARTSERVICE
• NICCONFIG WHERE index1 CALL EnableStatic
  ("10.0.0.2"),("255.0.0.0")
• NICCONFIG WHERE index1 CALL SetGateways
  ("10.0.0.8","10.0.0.9"),(1,2)

53
WMIC Complex Example

• NTEVENT WHERE "eventtypelt3 AND logfile'Applicatio
  n'" GET Logfile, SourceName, Eventtype, Message,
  TimeGenerated /FORMAT"htable-sortby.xsl""datatyp
  enumber""sortbyEventType" gt c\applicationlogs.
  htm

54
Automating WMIC Example

• WMIC /NODE_at_"c\MyServerList.txt" SERVICE WHERE
  caption "SSDP Discovery Service"
  CALL ChangeStartMode "Disabled"
• MyServerList.txt

Server1 Server6 Server2 Server7 Server3
Server8 Server4 Server9 Server5 .
55
Automating Management Scripting, Batch and other
tools
56
Scripting Capabilities

• No major technology changes in Windows Server
  2003 ? other than WSH 5.6
• Greatly enhanced online docs with accurate
  features, definitions, etc.
• New Windows Server 2003 ResKit book will
  contain extensive chapter on batch file
  capabilities
• If you need UNIX shell type features use the
  Services For UNIX product
• Many shells (korn, etc.)
• Many utilities (awk, grep, etc)
• Allows UNIX shell scripts to run on Windows
• http//www.microsoft.com/WINDOWS2000/sfu/default.a
  sp

57
Windows Script Host (WSH)

• CSCRIPT.exe for character mode
• WSCRIPT.exe for GUI output
• Either host runs all script languages Visual
  Basic Scripting Edition, JScript, 3rd party
  tools,
• Windows 2000 Resource Kit contains many sample
  scripts see Supplement 1 version on
  www.reskit.com
• Scripts can leverage the OS management
  infrastructure (WMI, ADSI, COM objects, etc.)
• Many new tools written in VBscript

58
WSH 5.6

• Remote support (DCOM)
• FunctionName CommandLine,MachineName
• ex. Execute "c\foo.ws \\machine2
• Command line process integration
• object.Exec (strCommand, bWaitOnReturn)
• Piping to scripts - ex. dir filter.vbs
• SAFER Windows support
• Windows File Protection for OS scripts
• Digital Signature Signing
• See msdn.microsoft.com/scripting for more info

59
For More Information

• Online Help files
• A-Z cmd reference - ntcmds.chm
• Support tool help file - suptools.chm
• Use c\gtHH helpfilename.chm to launch from cmd
• WSH, VBScript JScript -
• http//msdn.microsoft.com/scripting
• Windows Resource Kit
• http//www.reskit.com
• Command Line Newsgroup
• microsoft.public.Win2000.cmdprompt.admin
• Management Infrastructure
• http//www.microsoft.com/management

60
DEMO Tool a linea di comando e WMI
61
Features Components
62
End to End Scenario
Corporate Servers, Desktops and Laptops with the
Automatic Updates Client
63
Questions ?