Sunteți pe pagina 1din 8

Lesson 4

Lesson 4
Monitoring and Troubleshooting Servers
Learning Objectives
Students will learn about:
Performance
How to Use the Event Viewer
How to Boot the System
Business Continuity
Troubleshooting Methodology

ODN Skills

Understand performance monitoring


Understand logs and alerts
Identify steps in the startup process
Understand business continuity
Understand troubleshooting methodology

5.2
5.3
6.1
6.2
6.4

Lesson Summary Lecture Notes


This lesson begins with a discussion of the Information Technology Infrastructure Library
(ITIL). ITIL is not a well-known set of standards and few students will have heard of it.
However, since it is listed in the course objectives, it is worth covering. As you discuss
ITIL, dont focus on the ITIL standard itself but focus on what each of these standards
represent because these standards can help any organization establish process and
procedures.
The next section deals with troubleshooting server problems, including a common
troubleshooting methodology. Emphasize that while working on a server, an
administrator will, of course, check what you have recently dealt with. After you check
the obvious items, you need to follow a methodology to systematically fix the problem
efficiently.
Next, the lesson covers the numerous tools available with Microsoft Windows server.
While going over the troubleshooting methodology and the tools, you also need to
emphasize that even if you have several years of experience, you will not have all of the
answers. Therefore, students will need to know when to get help and where to get that
help. That includes going to the Internet to find the answers or contacting the vendor
(including Microsoft).

4-1

Lesson 4

Boot problems are common problems which are discussed in this lesson. Keep in mind
that while Windows Server 2008 and Windows Server 2008 R2 are Microsofts newest
server operating systems, there are still lots of Windows Server 2003 machines out there.
Therefore, students will need to know how to fix both types of machines. Nonetheless,
with the exception of the BCD replacing the boot.ini file, many of the troubleshooting
boot problems are the same, including using the Advanced Boot menu and the System
Configuration Tool.
Next, performance is discussed. Therefore, students will need to know what can cause
slow performance on a system and how they can isolate the cause of the slow
performance. You can also demonstrate some of the common tools, including Task
Manager, Performance Monitor, and Resource Monitor.
Next, the lesson discusses Business Continuity and how you can make your server and
services fault-tolerant. While discussing the different technologies available, remind the
students that fault tolerance can be costly and there is no such thing as 100% up time
(although this is a goal that we strive for). You will also discuss clustering, including failover clustering and network load-balancing clustering.
Since we cannot always get 100% up time and we are going to eventually deal with some
kind of failure, students need to understand how to recover from these failures (including
how to use backups). Remember, the best method of data recovery is backup, backup,
backup. Of course, backups must be built into the planning and implementation of a
server or service. Also, you need to emphasize that whatever method or technology
selected for backups must be maintained. To complete the backup discussions, shadow
copies are also discussed.

Key Terms
active-passive cluster A cluster where both servers are configured to work as one, but
only one at a time.
Advanced Boot Options Options that allows for advanced troubleshooting, usually
used to overcome problems during boot up of Windows.
backup The process of making copies of data so that these additional copies may be
used to restore the original after a data-loss event.
Boot Configuration Data (BCD) The Windows XP and Windows Server 2003
NTLDR will read the boot.ini file to determine which operating system to load even if
your system only has one operating system.
boot.ini file A file that Windows XP and Windows Server 2003 NTLDR will read to
determine which operating system to load even if your system only has one operating
system.
Cluster A group of linked computers that work together as one computer.
differential backup A backup used with full backups, backing up only those files that
have changed or are new since the last full backup.

4-2

Lesson 4

Event Viewer A Microsoft Management Console (MMC) snap-in that enables you to
browse and manage event logs.
failover cluster A set of independent computers that work together to increase the
availability of services and applications.
full backup A backup that backs up all designated files and data. For files, it can shut
off an archive attribute to indicate that the file has been backed up.
grandfather-father-son (GFS) A common backup rotation scheme that uses three
levels of backups.
incremental backup A backup used with full backups, backing up only those files that
have changed or are new since the last full or incremental backup.
Information Technology Infrastructure Library (ITIL) A set of concepts and
practices for managing Information Technology (IT) systems, IT Service Management
(ITSM), IT development, and IT operations. ITIL gives detailed descriptions of a number
of important IT practices and provides comprehensive checklists, tasks, and procedures
that any IT organization can tailor to its needs.
Knowledge Base The Microsoft repository of thousands of articles made available to
the public by Microsoft Corporation that contains information on problems encountered
by users of Microsoft products.
last known good configuration A mode that starts Windows with the last registry and
driver configuration that worked successfully, usually marked as the last successful login.
master boot record (MBR) The first 512-byte boot sector of a partitioned data storage
device such as a hard disk. It is used to hold the disks primary partition table and
contains the code to bootstrap an operating system, which usually passes control to the
volume boot record and uniquely identifies the disk media.
Microsoft TechNet A Microsoft Web site that includes information on designing,
planning, implementing, managing, and monitoring Microsoft products.
network load balancing (NLB) A cluster used when multiple computers are
configured as one virtual server to share the workload among multiple computers.
paging file A file found on a Windows system disk that is used as temporary space on
your hard disk in lieu of RAM.
Performance Monitor A Microsoft Management Console (MMC) snap-in that
provides tools for analyzing system performance
Power-On Self Test (POST) A series of tests and initialization processes that occurs
every time you turn on a computer so that hardware initializes and finds an operating
system to load.
Recovery console A command-line tool found with Windows Server 2003 that you can
use to repair Windows if the computer does not start correctly.
Resource Monitor A powerful tool for understanding how your system resources are
used by processes and services.

4-3

Lesson 4

safe mode A tool useful for troubleshooting problems with programs and drivers which
might not start correctly or that might prevent Windows from starting correctly.
shadow copies A technology that allow users to retrieve previous versions of files and
folders on their own, without requiring IT personnel to restore files or folders from
backup media.
System Information A tool that shows details about your computers hardware
configuration, components, and software (including drivers).
Task Manager One of the handiest programs you can use to take a quick glance at
performance to see which programs are using the most system resources on your
computer.
Teaming The process of grouping together two or more physical NICs into a single
logical NIC, which can be used for network fault tolerance and increased bandwidth
through load balancing.
uninterruptible power supply (UPS) An electrical device consisting of one or more
batteries to provide backup power when a power outage occurs.
virtual memory memory space that combines your computers RAM with temporary
space on your hard disk. When RAM runs low, virtual memory moves data from RAM to
a space called a paging file.
volume boot record (VBR) A type of boot sector, stored in a disk volume on a hard
disk, floppy disk, or similar data storage device that contains code for booting an
operating system such as NTLDR and BOOTMGR.
Windows Preinstallation Environment (Windows PE) A minimal Win32 operating
system with limited services, built on the Windows 7 kernel. It is used to prepare a
computer for Windows installation, to copy disk images from a network file server, and
to initiate Windows Setup.

4-4

Lesson 4

Lesson 4
Monitoring and Troubleshooting
Servers
Knowledge Assessment
Complete the following sentences by writing the correct word or words in
the blanks provided.
1.

The MBR is the first 512-byte boot sector of a partitioned data storage
device such as a hard disk.

2.

The BOOT.INI is a simple text file that defines which operating system to
load on Windows XP and Windows Server 2003 systems.

3.

The safe mode starts Windows with a minimal set of drivers and servers.

4.

The System Configuration tool can be used to easily disable individual


startup programs.

5.

In Windows, virtual memory uses a paging file.

6.

teaming is the combining of network cards to provide fault tolerance.

7.

A cluster is a group of computers that work together as one virtual


computer to provide fault tolerance or increased performance.

8.

The most common failover cluster is the active-passive cluster in which


only one server is active at a time.

9.

In a cluster, an individual computer is known as a node.

10. A uninterruptable power supply (UPS) is an electrical device to provide


temporary power during power outages.

Multiple Choice
Circle the letter that corresponds to the best answer.
1.

2.

What publications include a set of concepts and practices for managing


IT services, development, and operations?
a.

Red book

b.

IT Development Guide

c.

ITIL core books

d.

IT Transition Guidebook

What tool is used to view the hardware and software loaded on a


Windows server?
a.

System Information

b.

System Configuration

c.

KB tool

d.

POST

4-5

Lesson 4
3.

Where would you find NTLDR or BOOTMGR on a hard drive?


a.

MBR

b. VBR

4.

c.

boot.ini

d.

WINNT folder

What determines which operating system should be loaded when


running Windows Vista, Windows 7, or Windows Server 2008?
a.

RAID

b.

GUID

c.

boot.ini

d. BCD
5.

You loaded a program and rebooted Windows. Unfortunately, Windows


no longer boots. What should you try first?
a.

Enable boot logging.

b. Load Last Known Good Configuration

6.

c.

Disable the boot.ini file.

d.

Reinstall Windows.

What program gives you a quick look at system performance and the
processes that are running?
a.

Task Manager

b.

Performance Monitor

c.

Resource Monitor

d.

System Information

7. __________ is multiple computers configured as one virtual server to


share the workload.

8.

9.

a.

Network load balancing

b.

Active-passive cluster

c.

SAN cluster

d.

Terminal server

___________ is making copies of data so that these additional copies


may be used to restore the original after a data-loss event.
a.

DFS

b.

RAID

c.

Backup

d.

EMS

Which type of backup backs up all designated files and turns off the
archive attribute?
a.

Full

b.

Differential

c.

Incremental

d.

Copy

4-6

Lesson 4
10. Which type of backup takes the longest to restore?
a.

Full

b.

Differential

c.

Incremental

d.

Copy

True / False
Circle T if the statement is true or F if the statement is false.
T

1.

The best method for data recovery is backup.

2.

Shadow copies are only available under older file systems.

3.

To view Windows log, use the Log Viewer application.

4.

99.9999 availability means that a system can be down for 4.32


minutes a year.

5.

Clusters nodes will protect against faulty power supplies, faulty


processors, and faulty RAM.

Competency Assessment
Scenario 4-1: Using a Troubleshooting Methodology
Your computer does not boot. The computer has no lights and you hear no beeps. What
would the steps be in troubleshooting this problem?
First you need to identify and document the problem symptoms, which are pretty obvious since you
turned the power button on and nothing happens. You would next evaluate system configuration, and
you should likely find that nothing changed. Next, you would list or track possible solutions. This
could be caused by the system not being plugged in, no power to the AC outlet where the server
connects, faulty power supply, faulty motherboard or memory, or a short or power overload. You
would check each component one by one, usually from easiest to hardest. After you try isolating or
replacing each component, you then move on to the next one. After you find and fix the problem,
document the changes and notify the customer or client of the problem and its fix.

Scenario 4-2: Planning a Backup Strategy


You have several servers that all include important data that changes often. Unfortunately,
when you try to back up these servers, it takes about 30 hours to complete. What would
you recommend as a backup strategy?
It is obvious that you should back up daily since the data is important and changes
often. You should perform a full back up on the weekends and differential back ups
or incremental back ups daily. You could also isolate the programs and data and
back up the data each night while backing up everything on the weekends.

4-7

Lesson 4

Proficiency Assessment
Scenario 4-3: Looking at Backups
You have setup backups and you perform full backups once a week and incremental
backups Monday through Thursday. So what should you do next?
You will need to test those backups to make sure you are getting what you needed
backed up and to make sure the backups are good. Therefore, you will need to delete
a non-essential file and try to do a restore. You should also do a planned recovery of
an entire system from time to time.
Scenario 4-4: Looking at Event Viewer
You are experiencing some problems on a server running Windows Server 2008 R2.You
log in and open the Server Management console and decide to look at the System logs in
the Event Viewer. Unfortunately, you see many errors and warnings. What should you
have done before you had problems to get the most of the Event Viewer.
You will need to weed through the Event Viewers many messages so that you can
focus on those messages that are relevant or possibly relevant. Therefore, you need
to set up a filter based on errors and possible warnings. You can then sort by date
and time so that you can focus on those messages that appear at the time the
problem occurred and right before that time.

4-8