Showing posts with label Win2003. Show all posts
Showing posts with label Win2003. Show all posts
Wednesday, November 23, 2016
Windows 7 - drag and drop / copy and past don't/doesn't work
1) Find an affected icon.(any in explorer or even in desktop)
2) Click and HOLD the icon with the Left mouse button.
3) Press Esc while holding the Left mouse button.
Friday, May 30, 2014
Winsock Event viewer tracing
Using Event Viewer to Start Winsock Network Event Tracing
When you open Event Viewer, the left pane contains the list of events. Open Applications and Services Logs and navigate to Microsoft\Windows\Winsock Network Event as the source and select Operational.
In the Action pane, select Log Properties and check the Enable Logging check box. Once logging is enabled, you can also change the size of the log file if this is needed.
Winsock network event tracing is now enabled and all you need to do is hit the Refresh action to update the list of events that have been logged. To stop logging, simply uncheck the same radio button.
You may need to increase the log size depending on how many events you want to see. One drawback to using the Event Viewer for Winsock tracing is that it does not load all the string resources so the messages displayed in the Description field (once you select an event) is sometimes hard to read (an argument that should be formatted as hex will be displayed in decimal, for example). However, you can select the Details tab in the event description which shows the raw XML log entry which usually has easier to understand arguments.
Using Event Viewer to Start Winsock Catalog Change Tracing
When you open Event Viewer, the left pane contains the list of events. Open Applications and Services Logs and navigate to Microsoft\Windows\Winsock Catalog Change as the source and select Operational.
In the Action pane, select Log Properties and check the Enable Logging check box. Once logging is enabled, you can also change the size of the log file if this is needed.
Winsock catalog change tracing is now enabled and all you need to do is hit the Refresh action to update the list of events that have been logged. To stop logging, simply uncheck the same radio button.
You may need to increase the log size depending on how many events you want to see. One drawback to using the Event Viewer for Winsock tracing is that it does not load all the string resources so the messages displayed in the Description field (once you select an event) is sometimes hard to read (an argument that should be formatted as hex will be displayed in decimal, for example). However, you can select the Details tab in the event description which shows the raw XML log entry which usually has easier to understand arguments.
Audit service start and stop
Like files and folders, services are access-controlled objects, and
every access-controlled object has a security descriptor.
Part of a service's security descriptor is the system ACL (SACL), which you can use to track access to that object.
The only way to view or change a service's current SACL is through security templates.
To reach the security templates, log on to the server and open the Microsoft Management Console (MMC) Security Templates snap-in.
To create a new template, right-click on the security templates path.
Select New Template, click System Services, then double-click the appropriate service (i.e., Telnet). Select the Define this policy setting in the template check box, then click Edit Security to open the Security for Telnet dialog box.
This dialog box contains the service's ACL, which you can use to fine-tune who has start and stop authority.
Click Advanced, then select the Auditing tab in the Access Control Settings for Telnet dialog box.
As you can see, no auditing is currently enabled on the Telnet service because auditing isn't enabled by default.
Click Add, then add an entry to track successful start and stop events that members of Everyone initiate.
Close all the dialog boxes, then save the template.
Import the template into the MMC Security Configuration and Analysis snap-in, then apply the template.
Now, you can check the Security log for event ID 560 (success audit: object open), where Object Type is SERVICE OBJECT, the Object Name is the short name of the service you're monitoring (in the case of the Telnet Service, TlntSvr), and the logged accesses include Start the service and Stop the service.
Source:
http://windowsitpro.com/systems-management/access-denied-auditing-users-who-might-be-starting-and-stopping-services
Part of a service's security descriptor is the system ACL (SACL), which you can use to track access to that object.
The only way to view or change a service's current SACL is through security templates.
To reach the security templates, log on to the server and open the Microsoft Management Console (MMC) Security Templates snap-in.
To create a new template, right-click on the security templates path.
Select New Template, click System Services, then double-click the appropriate service (i.e., Telnet). Select the Define this policy setting in the template check box, then click Edit Security to open the Security for Telnet dialog box.
This dialog box contains the service's ACL, which you can use to fine-tune who has start and stop authority.
Click Advanced, then select the Auditing tab in the Access Control Settings for Telnet dialog box.
As you can see, no auditing is currently enabled on the Telnet service because auditing isn't enabled by default.
Click Add, then add an entry to track successful start and stop events that members of Everyone initiate.
Close all the dialog boxes, then save the template.
Import the template into the MMC Security Configuration and Analysis snap-in, then apply the template.
Now, you can check the Security log for event ID 560 (success audit: object open), where Object Type is SERVICE OBJECT, the Object Name is the short name of the service you're monitoring (in the case of the Telnet Service, TlntSvr), and the logged accesses include Start the service and Stop the service.
Source:
http://windowsitpro.com/systems-management/access-denied-auditing-users-who-might-be-starting-and-stopping-services
TCP retransmission
You can increase this value with registry key TcpMaxDataRetransmissions
“This entry appears as MSS:
(TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted
(3 recommended, 5 is default) in
the Local Group Policy Editor. This entry sets the maximum number of
retransmissions of a TCP segment containing data before the connection is
abandoned. The retransmission timeout is doubled with each successive
retransmission on a connection. It is reset when responses resume. The base
timeout value is dynamically determined by the measured round-trip time on the
connection.”
You need to
add this registry key
You can check
more details in Microsoft online documentation:
Friday, February 22, 2013
The specified server cannot perform the requested operation
When trying to access from a machine to other is giving the error:
The specified server cannot perform the requested operation
Go to destination machine > start > run > services.msc > restart the "server" service
Friday, November 9, 2012
MS-Dos - Internal commands/Batch file commands
Internal commands
All commands are run only after the Enter key is pressed at the end of the line. COMMAND.COM is not case-sensitive, meaning commands can be typed in either case and are all equivalent.
- BREAK
- Controls the handling of program interruption with Ctrl+C or Ctrl+Break.
- CHCP
- Displays or changes the current system code page.
- CHDIR, CD
- Changes the current working directory or displays the current directory.
- CLS
- Clears the screen.
- COPY
- Copies one file to another (if the destination file already exists, MS-DOS asks whether to replace it). (See also XCOPY, an external command that could also copy directory trees).
- CTTY
- Defines the device to use for input and output.
- DATE
- Display and set the date of the system.
- DEL, ERASE
- Deletes a file. When used on a directory, deletes all files.
- DIR
- Lists the files in the specified directory.
- ECHO
- Toggles whether text is displayed (ECHO ON) or not (ECHO OFF). Also displays text on the screen (ECHO text).
- EXIT
- Exits from COMMAND.COM and returns to the program which launched it.
- LFNFOR
- Enables or disables the return of long filenames by the FOR command. (Windows 95/98/Me only).
- LOADHIGH, LH
- Loads a program into upper memory (HILOAD in DR DOS).
- LOCK
- Enables external programs to perform low-level disk access to a volume. (Windows 95/98/Me only).
- MKDIR, MD
- Creates a new directory.
- PATH
- Displays or changes the value of the PATH environment variable which controls the places where COMMAND.COM will search for executable files.
- PROMPT
- Displays or change the value of the PROMPT environment variable which controls the appearance of the prompt.
- REN, RENAME
- Renames a file or directory.
- RMDIR, RD
- Removes an empty directory.
- SET
- Sets the value of an environment variable ; Without arguments, shows all defined environment variables.
- TIME
- Display and set the time of the system.
- TRUENAME
- Display the fully expanded physical name of a file, resolving ASSIGN, JOIN and SUBST logical filesystem mappings.
- TYPE
- Display the content of a file on the console.
- UNLOCK
- Disables low-level disk access. (Windows 95/98/Me only)
- VER
- Displays the version of the operating system.
- VERIFY
- Enable or disable verification of writing for files.
- VOL
- Shows information about a volume.
[edit]Batch file commands
Control structures are mostly used inside batch files, although they can also be used interactively.
- :label
- Defines a target for GOTO.
- CALL
- Executes another batch file and returns to the old one and continues.
- FOR
- Iteration: repeats a command for each out of a specified set of files.
- GOTO
- Moves execution to a specified label. Labels are specified at the beginning of a line, with a colon (:likethis).
- IF
- Conditional statement, allows to branch the program execution.
- PAUSE
- Halts execution of the program and displays a message asking the user to press any key to continue.
- REM
- comment: any text following this command is ignored.
- SHIFT
- Replaces each of the command-line variables with the subsequent one (e.g. %0 with %1, %1 with %2 etc.).
Ms-Dos parameters/arguments - Batch files
In addition, expansion of batch script argument references (%0, %1, etc.) have been changed as follows:
%* in a batch script refers to all the arguments (e.g. %1 %2 %3 %4 %5 ...)
Substitution of batch parameters (%n) has been enhanced. You can now use the below optional syntax:
| %~1 | - | expands %1 removing any surrounding quotes (") |
| %~f1 | - | expands %1 to a fully qualified path name |
| %~d1 | - | expands %1 to a drive letter only |
| %~p1 | - | expands %1 to a path only |
| %~n1 | - | expands %1 to a file name only |
| %~x1 | - | expands %1 to a file extension only |
| %~s1 | - | expanded path contains short names only |
| %~a1 | - | expands %1 to file attributes |
| %~t1 | - | expands %1 to date/time of file |
| %~z1 | - | expands %1 to size of file |
| %~$PATH:1 | - | searches the directories listed in the PATH environment variable and expands %1 to the fully qualified name of the first one found. If the environment variable name is not defined or the file is not found by the search, then this modifier expands to the empty string |
The modifiers can be combined to get compound results:
| %~dp1 | - | expands %1 to a drive letter and path only |
| %~nx1 | - | expands %1 to a file name and extension only |
| %~dp$PATH:1 | - | searches the directories listed in the PATH environment variable for %1 and expands to the drive letter and path of the first one found. |
| %~ftza1 | - | expands %1 to a DIR-like output line |
In the above examples, %1 and PATH can be replaced by other valid values. The %~ syntax is terminated by a valid argument number. The %~ modifiers may not be used with %*
Friday, October 26, 2012
How to read windows dump file
Install .net framework 4.5
http://msdn.microsoft.com/en-us/library/5a4x27ek.aspx
Install Windows Software Development Kit (SDK) for Windows 8
http://msdn.microsoft.com/en-US/windows/hardware/hh852363
Details:
http://support.microsoft.com/kb/315263/en-us?wa=wsignin1.0
symbol search path > http://msdl.microsoft.com/download/symbols
image source path > z:
my z: is the windows folder of a windows 2003 server installation because my dump is from windows 2003 server.
Using command-line
Example
After the first info you can go deep writing:
To exit
Using win app:
Start > all programs > windows kits > debugging tools for windows > windbg
File > symbol search path > http://msdl.microsoft.com/download/symbols
File > image source path > z:
click !analyze -v for deep analysis
http://msdn.microsoft.com/en-us/library/5a4x27ek.aspx
Install Windows Software Development Kit (SDK) for Windows 8
http://msdn.microsoft.com/en-US/windows/hardware/hh852363
Details:
http://support.microsoft.com/kb/315263/en-us?wa=wsignin1.0
symbol search path > http://msdl.microsoft.com/download/symbols
image source path > z:
my z: is the windows folder of a windows 2003 server installation because my dump is from windows 2003 server.
| Placeholder | Explanation |
|---|---|
| SymbolPath | Either the local path where the symbol files have been downloaded or the symbol server path, including a cache folder. Because a small memory dump file contains limited information, the actual binary files must be loaded together with the symbols for the dump file to be correctly read. |
| ImagePath | The path of these files. The files are contained in the I386 folder on the Windows XP CD-ROM. For example, the path may be C:\Windows\I386. |
| DumpFilePath | The path and file name for the dump file that you are examining. |
Using command-line
- Go to C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x86 directory (in 32bits machine)
Example
- C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x86> kd -y srv*c:\symbols*http://msdl.microsoft.com/download/symbols -i z:\ -z E:\my_dump_files\MEMORY.DMP
After the first info you can go deep writing:
- !analyze -v
To exit
- q
Using win app:
Start > all programs > windows kits > debugging tools for windows > windbg
File > symbol search path > http://msdl.microsoft.com/download/symbols
File > image source path > z:
click !analyze -v for deep analysis
Monday, October 15, 2012
RAID 10 Vs RAID 01 (RAID 1+0 Vs RAID 0+1)
RAID 10 is not the same as RAID 01.
This article explains the difference between the two with a simple diagram.
I’m going to keep this explanation very simple for you to understand the basic concepts well. In the following diagrams A, B, C, D, E and F represents blocks.
RAID 10
- RAID 10 is also called as RAID 1+0
- It is also called as “stripe of mirrors”
- It requires minimum of 4 disks
- To understand this better, group the disks in pair of two (for mirror). For example, if you have a total of 6 disks in RAID 10, there will be three groups–Group 1, Group 2, Group 3 as shown in the above diagram.
- Within the group, the data is mirrored. In the above example, Disk 1 and Disk 2 belongs to Group 1. The data on Disk 1 will be exactly same as the data on Disk 2. So, block A written on Disk 1 will be mirroed on Disk 2. Block B written on Disk 3 will be mirrored on Disk 4.
- Across the group, the data is striped. i.e Block A is written to Group 1, Block B is written to Group 2, Block C is written to Group 3.
- This is why it is called “stripe of mirrors”. i.e the disks within the group are mirrored. But, the groups themselves are striped.
RAID 01
- RAID 01 is also called as RAID 0+1
- It is also called as “mirror of stripes”
- It requires minimum of 3 disks. But in most cases this will be implemented as minimum of 4 disks.
- To understand this better, create two groups. For example, if you have total of 6 disks, create two groups with 3 disks each as shown below. In the above example, Group 1 has 3 disks and Group 2 has 3 disks.
- Within the group, the data is striped. i.e In the Group 1 which contains three disks, the 1st block will be written to 1st disk, 2nd block to 2nd disk, and the 3rd block to 3rd disk. So, block A is written to Disk 1, block B to Disk 2, block C to Disk 3.
- Across the group, the data is mirrored. i.e The Group 1 and Group 2 will look exactly the same. i.e Disk 1 is mirrored to Disk 4, Disk 2 to Disk 5, Disk 3 to Disk 6.
- This is why it is called “mirror of stripes”. i.e the disks within the groups are striped. But, the groups are mirrored.
Main difference between RAID 10 vs RAID 01
- Performance on both RAID 10 and RAID 01 will be the same.
- The storage capacity on these will be the same.
- The main difference is the fault tolerance level. On most implememntations of RAID controllers, RAID 01 fault tolerance is less. On RAID 01, since we have only two groups of RAID 0, if two drives (one in each group) fails, the entire RAID 01 will fail. In the above RAID 01 diagram, if Disk 1 and Disk 4 fails, both the groups will be down. So, the whole RAID 01 will fail.
- RAID 10 fault tolerance is more. On RAID 10, since there are many groups (as the individual group is only two disks), even if three disks fails (one in each group), the RAID 10 is still functional. In the above RAID 10 example, even if Disk 1, Disk 3, Disk 5 fails, the RAID 10 will still be functional.
- So, given a choice between RAID 10 and RAID 01, always choose RAID 10.
Notes:
- ‘f’ is the failure probability of one single disk.
- Gx is the name of the groups
- Dx is the name of the disks
- Gx is the name of the groups
- Dx is the name of the disks
RAID 10 :
For loosing your file, you need to loose G1 OR G2 OR G3. To loose G1, you need to loose D1 AND D2, to loose G2 you need to loose D3 AND D4 and to loose G3 you need to loose D5 AND D6.
=> probability of loosing your file : (f*f)+(f*f)+(f*f) = f²+f²+f² = 3f²
For loosing your file, you need to loose G1 OR G2 OR G3. To loose G1, you need to loose D1 AND D2, to loose G2 you need to loose D3 AND D4 and to loose G3 you need to loose D5 AND D6.
=> probability of loosing your file : (f*f)+(f*f)+(f*f) = f²+f²+f² = 3f²
RAID 01 :
For loosing your file, you need to loose G1 AND G2. To loose G1 you need to loose D1 OR D2 OR D3, and to loose G2 you need to loose D4 OR D5 OR D6.
=> probability of loosing your file : (f+f+f)*(f+f+f)=3f*3f=9f²
For loosing your file, you need to loose G1 AND G2. To loose G1 you need to loose D1 OR D2 OR D3, and to loose G2 you need to loose D4 OR D5 OR D6.
=> probability of loosing your file : (f+f+f)*(f+f+f)=3f*3f=9f²
In this particular case (6 blocks, 6 disks), you have 3 times more chances to loose your file on RAID01 than on RAID10.
More basically, you can think like that :
- on RAID 10, if one disk fails, when the second failure appears, I have 1 possibility between 5 that this makes my entire system fail (the other disk in the group)
- on RAID 01, if one disk fails, when the second failure appears, I have 3 possibilities between 5 that this makes my entire system fail (any disk in the other group)
- on RAID 10, if one disk fails, when the second failure appears, I have 1 possibility between 5 that this makes my entire system fail (the other disk in the group)
- on RAID 01, if one disk fails, when the second failure appears, I have 3 possibilities between 5 that this makes my entire system fail (any disk in the other group)
Example for 2 drives failure:
Drive R 0+1 R 1+0
1,2 Up Down
1,3 Up Up
1,4 Down Up
1,5 Down Up
1,6 Down Up
2,3 Up Up
2,4 Down Up
2,5 Down Up
2,6 Down Up
3,4 Down Down
3,5 Down Up
3,6 Down Up
4,5 Up Up
4,6 Up Up
5,6 Up Down
Some performance tests:
http://www.zdnet.com/blog/ou/comprehensive-raid-performance-report/484
1,3 Up Up
1,4 Down Up
1,5 Down Up
1,6 Down Up
2,3 Up Up
2,4 Down Up
2,5 Down Up
2,6 Down Up
3,4 Down Down
3,5 Down Up
3,6 Down Up
4,5 Up Up
4,6 Up Up
5,6 Up Down
Some performance tests:
http://www.zdnet.com/blog/ou/comprehensive-raid-performance-report/484
Thursday, October 27, 2011
Environment variables / Variáveis de sistema
Environment variables
An environment variable is a dynamic value loaded into the memory that can be used by several processes operating simultaneously. On most operating systems, the location of some libraries or of the main system executables may be different depending on the installation.
It is therefore possible, from a given programme, to refer to a location based on the environment variables that define these data.
In Windows, the environment variables are placed between the "%" character. Thus to display the value of an environment variable, simply type following type of command:
echo %NAME_OF_THE_VARIABLE%Here is a non-exhaustive list of the main environment variables on Windows systems:
Environment variable Description
%APPDATA% Returns an access path to the default directory containing the user programmes (by default: C:\Program Files\.
%CMDCMDLINE% Returns the exact command used to access the command interpreter (cmd.exe).
%COMPUTERNAME% Returns the name attributed to the computer.
%DATE% Returns the day's date.
%ERRORLEVEL% Contains the error code of the latest command used.
%HOMEDRIVE% Contains the letter of the drive on which the current user's directory is located.
%HOMEDRIVE% Contains the letter of the drive on which the current user's directory is located.
%HOMEPATH% Contains the full access path to the current user's directory.
%NUMBER_OF_PROCESSOR% Contains the number of processors present on the system.
%OS% Contains a chain of characters describing the operating system installed. Note that Windows 2000 is identified as WINDOWS_NT.
%PATH% Specifies the access path to the system's main executables.
%PATHEXT% Describes the extensions that the system considers to be executable.
%PROCESSOR_ARCHITECTURE% Describes the architecture of the processor (x86 for Intel machines, IA64 for RISC architectures).
%RANDOM% Returns an integer between 0 and 32167 chosen at random by the system.
%SYSTEMDRIVE% Contains the letter of the drive on which the system is located (generally C:).
%SYSTEMROOT% Contains the access path to the system's root directory.
%TEMP% Contains the temporary directory access path for the applications.
%TMP% Contains the temporary directory access path for the applications.
%TIME% Returns the day's date.
%USERDOMAIN% Contains the domain to which the current account belongs.
%USERNAME% Contains the user name corresponding to the current account.
%USERPROFILE% Contains the location of the current account user profile.
%WINDIR% Contains the access path to the system's directory (generally C:\WINDOWS or C:\WINNT).
In Windows, the set command allows creation, modification and display of the environment variables. However, changes are made only in the session in progress.
To display a variable, the following command is used:
set VariableName To create a variable, the following command is used:
set VariableName=valueTo delete a variable, the following command is used:
set VariableName=It is possible to use any character as a value, including spaces. However, to be able to use special characters (<, >, , & or ^), simply place the (^) escape character in front of them or quotation marks around them, which will then be part of the value since all characters following the = sign are taken into account. For example, to define "black&white" as the value:
set colour=black^&white
or
set varname="new&name"
An environment variable is a dynamic value loaded into the memory that can be used by several processes operating simultaneously. On most operating systems, the location of some libraries or of the main system executables may be different depending on the installation.
It is therefore possible, from a given programme, to refer to a location based on the environment variables that define these data.
In Windows, the environment variables are placed between the "%" character. Thus to display the value of an environment variable, simply type following type of command:
echo %NAME_OF_THE_VARIABLE%Here is a non-exhaustive list of the main environment variables on Windows systems:
Environment variable Description
%APPDATA% Returns an access path to the default directory containing the user programmes (by default: C:\Program Files\.
%CMDCMDLINE% Returns the exact command used to access the command interpreter (cmd.exe).
%COMPUTERNAME% Returns the name attributed to the computer.
%DATE% Returns the day's date.
%ERRORLEVEL% Contains the error code of the latest command used.
%HOMEDRIVE% Contains the letter of the drive on which the current user's directory is located.
%HOMEDRIVE% Contains the letter of the drive on which the current user's directory is located.
%HOMEPATH% Contains the full access path to the current user's directory.
%NUMBER_OF_PROCESSOR% Contains the number of processors present on the system.
%OS% Contains a chain of characters describing the operating system installed. Note that Windows 2000 is identified as WINDOWS_NT.
%PATH% Specifies the access path to the system's main executables.
%PATHEXT% Describes the extensions that the system considers to be executable.
%PROCESSOR_ARCHITECTURE% Describes the architecture of the processor (x86 for Intel machines, IA64 for RISC architectures).
%RANDOM% Returns an integer between 0 and 32167 chosen at random by the system.
%SYSTEMDRIVE% Contains the letter of the drive on which the system is located (generally C:).
%SYSTEMROOT% Contains the access path to the system's root directory.
%TEMP% Contains the temporary directory access path for the applications.
%TMP% Contains the temporary directory access path for the applications.
%TIME% Returns the day's date.
%USERDOMAIN% Contains the domain to which the current account belongs.
%USERNAME% Contains the user name corresponding to the current account.
%USERPROFILE% Contains the location of the current account user profile.
%WINDIR% Contains the access path to the system's directory (generally C:\WINDOWS or C:\WINNT).
In Windows, the set command allows creation, modification and display of the environment variables. However, changes are made only in the session in progress.
To display a variable, the following command is used:
set VariableName To create a variable, the following command is used:
set VariableName=valueTo delete a variable, the following command is used:
set VariableName=It is possible to use any character as a value, including spaces. However, to be able to use special characters (<, >, , & or ^), simply place the (^) escape character in front of them or quotation marks around them, which will then be part of the value since all characters following the = sign are taken into account. For example, to define "black&white" as the value:
set colour=black^&white
or
set varname="new&name"
Wednesday, April 28, 2010
sockets out of resources (windows)
you can have you pc out off resources (sockets)
you may need to decrease the timeout for watting to permanently close the sockets.
To do that you can use the parameter in registry TcpTimedWaitDelay.
See the following:
http://msdn.microsoft.com/en-us/library/ms819739.aspx
you may need to decrease the timeout for watting to permanently close the sockets.
To do that you can use the parameter in registry TcpTimedWaitDelay.
See the following:
http://msdn.microsoft.com/en-us/library/ms819739.aspx
Monday, March 8, 2010
You may not have permission to use this network resource.
Method 1: Enable NetBIOS over TCP/IP and start the Computer Browser service
To resolve this issue, make sure that NetBIOS over TCP/IP is turned on and that the Computer Browser service is running on each computer in the workgroup. To do this, follow these steps.
Step 1: Enable NetBIOS over TCP/IP
1. Click Start, click Control Panel, and then click Network and Internet Connections.
2. Click Network Connections.
3. Right-click Local Area Connection, and then click Properties.
4. Click Internet Protocol (TCP/IP), and then click Properties.
5. Click the General tab, and then click Advanced.
6. Click the WINS tab.
7. Under NetBIOS setting, click Enable NetBIOS over TCP/IP, and then click OK two times.
8. Click Close to close the Local Area Connection Properties dialog box.
9. Close the Network Connections window.
Step 2: Start the Computer Browser service
1. Click Start, right-click My Computer, and then click Manage.
2. Double-click Services and Applications.
3. Double-click Services.
4. On the right side, right-click Computer Browser, and then click Start.
5. Close the Computer Management window.
Method 2: Install File and Print Sharing and make sure that it is not blocked by Windows Firewall
Step 1: Install File and Print Sharing for Microsoft Networks
1. Click Start, click Run, type ncpa.cpl, and then click OK.
2. Right-click Local Area Connection, and then click Properties.
3. Click the General tab, and then click Install.
4. Click Service, and then click Add.
5. In the Network Service list, click File and Print Sharing for Microsoft Networks, and then click OK.
6. Click Close.
Step 2: Make sure that File and Printer Sharing is not blocked by Windows Firewall
1. Click Start, click Run, type firewall.cpl, and then click OK.
2. On the General tab, make sure that the Don't allow exceptions check box is not selected.
3. Click the Exceptions tab.
4. On the Exceptions tab, make sure that the File and Printer Sharing check box is selected, and then click OK.
To resolve this issue, make sure that NetBIOS over TCP/IP is turned on and that the Computer Browser service is running on each computer in the workgroup. To do this, follow these steps.
Step 1: Enable NetBIOS over TCP/IP
1. Click Start, click Control Panel, and then click Network and Internet Connections.
2. Click Network Connections.
3. Right-click Local Area Connection, and then click Properties.
4. Click Internet Protocol (TCP/IP), and then click Properties.
5. Click the General tab, and then click Advanced.
6. Click the WINS tab.
7. Under NetBIOS setting, click Enable NetBIOS over TCP/IP, and then click OK two times.
8. Click Close to close the Local Area Connection Properties dialog box.
9. Close the Network Connections window.
Step 2: Start the Computer Browser service
1. Click Start, right-click My Computer, and then click Manage.
2. Double-click Services and Applications.
3. Double-click Services.
4. On the right side, right-click Computer Browser, and then click Start.
5. Close the Computer Management window.
Method 2: Install File and Print Sharing and make sure that it is not blocked by Windows Firewall
Step 1: Install File and Print Sharing for Microsoft Networks
1. Click Start, click Run, type ncpa.cpl, and then click OK.
2. Right-click Local Area Connection, and then click Properties.
3. Click the General tab, and then click Install.
4. Click Service, and then click Add.
5. In the Network Service list, click File and Print Sharing for Microsoft Networks, and then click OK.
6. Click Close.
Step 2: Make sure that File and Printer Sharing is not blocked by Windows Firewall
1. Click Start, click Run, type firewall.cpl, and then click OK.
2. On the General tab, make sure that the Don't allow exceptions check box is not selected.
3. Click the Exceptions tab.
4. On the Exceptions tab, make sure that the File and Printer Sharing check box is selected, and then click OK.
Monday, December 7, 2009
Event Viewer - vc80.mfcloc could not be found
When you start Microsoft Dynamics CRM 3.0 Mobile Deployment Manager on a Microsoft Dynamics CRM server, the following event IDs are logged in the event log.
Event ID: 32
Source: SideBySideEvent ID: 32 Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found.
Event ID: 59
Source: SideBySideEvent ID: 59 Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system.
Event ID: 59
Source: SideBySideEvent ID: 59 Generate Activation Context failed for C:\WINDOWS\system32\MFC80U.DLL. The referenced assembly is not installed on your system.
Please check:
http://support.microsoft.com/kb/923014/en-us
Event ID: 32
Source: SideBySideEvent ID: 32 Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found.
Event ID: 59
Source: SideBySideEvent ID: 59 Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system.
Event ID: 59
Source: SideBySideEvent ID: 59 Generate Activation Context failed for C:\WINDOWS\system32\MFC80U.DLL. The referenced assembly is not installed on your system.
Please check:
http://support.microsoft.com/kb/923014/en-us
Wednesday, November 4, 2009
Using Group Policy to Deploy Applications
Before We Begin
The technique that I’m about to show you will allow you to deploy applications through the Active Directory. One of the major limitations behind this type of application deployment is that you can only use this technique to deploy certain types of applications. Specifically, you can install Windows Installer packages (.MSI files), Transform Files (.MST files), and patch files (.MSP files).
Creating MSI Files
Windows does not natively contain the necessary tools for you to create your own MSI files. Instead, you will have to rely on a third party MSI creation tool. There are several good tools available for free. Two of the more popular choices are MAKEMSI (http://dennisbareis.com/makemsi.htm) and WinInstall LE 2003 (http://www.ondemandsoftware.com/freele.asp).
Being that I’ve never been a big fan of script writing, I prefer to use the WinInstall LE tool to create MSI files. It doesn’t require any scripting, but it is a little time consuming to use. WinInstall LE requires you to have a machine with a clean Windows installation and network connectivity. The software then takes a snapshot of this machine and saves the configuration image. You would then install the application that you want to create the MSI file for and take another snap shot. WinInstall would then compare the snapshots and use the differences between the two images to create an MSI file and the corresponding installation package.
This method is a little time consuming, but is far less tedious than writing scripts. Another advantage to using this method is that it is possible to install multiple applications on to the clean machine prior to taking the second snap shot. This means that you can create a single MSI file and installation package that deploys multiple applications.
Publishing and Assigning Applications
Now that you know how to create an MSI file, there is one last concept that I need to talk about before I show you how to deploy an application thorough the Active Directory.
As you may already know, in an Active Directory environment, group policies are the main component of network security. Group policy objects can be applied either to users or to computers. Deploying applications through the Active Directory is also done through the use of group policies, and therefore applications are deployed either on a per user basis or on a per computer basis.
There are two different ways that you can deploy an application through the Active Directory. You can either publish the application or you can assign the application. You can only publish applications to users, but you can assign applications to either users or to computers. The application is deployed in a different manner depending on which of these methods you use.
Publishing an application doesn’t actually install the application, but rather makes it available to users. For example, suppose that you were to publish Microsoft Office. Publishing is a group policy setting, so it would not take effect until the next time that the user logs in. When the user does log in though, they will not initially notice anything different. However, if the user were to open the Control Panel and click on the Add / Remove Programs option, they will find that Microsoft Office is now on the list. A user can then choose to install Microsoft office on their machine.
One thing to keep in mind is that regardless of which deployment method you use, Windows does not perform any sort of software metering. Therefore, it will be up to you to make sure that you have enough licenses for the software that you are installing.
Assigning an application to a user works differently than publishing an application. Again, assigning an application is a group policy action, so the assignment won’t take effect until the next time that the user logs in. When the user does log in, they will see that the new application has been added to the Start menu and / or to the desktop.
Although a menu option or an icon for the application exists, the software hasn’t actually been installed though. To avoid overwhelming the server containing the installation package, the software is not actually installed until the user attempts to use it for the first time.
This is also where the self healing feature comes in. When ever a user attempts to use the application, Windows always does a quick check to make sure that the application hasn’t been damaged. If files or registry settings are missing, they are automatically replaced.
Assigning an application to a computer works similarly to assigning an application to a user. The main difference is that the assignment is linked to the computer rather than to the user, so it takes effect the next time that the computer is rebooted. Assigning an application to a computer also differs from user assignments in that the deployment process actually installs the application rather than just the application’s icon.
Deploying Applications
Setting up the actual deployment is simple. The biggest thing that you must remember is that the MSI file and the corresponding package must exist within a network share, and everyone must have read permissions for that share.
To perform the deployment, open the Group Policy Editor. To publish or assign an application to a user, navigate through the group policy console to User Configuration Software Settings Software Installation. Now, right click on the Software Installation container and select the New Package commands from the shortcut menu. Select the appropriate MSI file and click Open. You are now asked whether you want to publish or assign the application. Make your selection and click OK.
The process for assigning an application to a computer is almost identical. The only real difference is that you would use the Software Settings Software Installation container beneath the Computer Configuration container rather than beneath the User Configuration container.
See also (for unatended installation):
http://unattended.sourceforge.net/installers.php
The technique that I’m about to show you will allow you to deploy applications through the Active Directory. One of the major limitations behind this type of application deployment is that you can only use this technique to deploy certain types of applications. Specifically, you can install Windows Installer packages (.MSI files), Transform Files (.MST files), and patch files (.MSP files).
Creating MSI Files
Windows does not natively contain the necessary tools for you to create your own MSI files. Instead, you will have to rely on a third party MSI creation tool. There are several good tools available for free. Two of the more popular choices are MAKEMSI (http://dennisbareis.com/makemsi.htm) and WinInstall LE 2003 (http://www.ondemandsoftware.com/freele.asp).
Being that I’ve never been a big fan of script writing, I prefer to use the WinInstall LE tool to create MSI files. It doesn’t require any scripting, but it is a little time consuming to use. WinInstall LE requires you to have a machine with a clean Windows installation and network connectivity. The software then takes a snapshot of this machine and saves the configuration image. You would then install the application that you want to create the MSI file for and take another snap shot. WinInstall would then compare the snapshots and use the differences between the two images to create an MSI file and the corresponding installation package.
This method is a little time consuming, but is far less tedious than writing scripts. Another advantage to using this method is that it is possible to install multiple applications on to the clean machine prior to taking the second snap shot. This means that you can create a single MSI file and installation package that deploys multiple applications.
Publishing and Assigning Applications
Now that you know how to create an MSI file, there is one last concept that I need to talk about before I show you how to deploy an application thorough the Active Directory.
As you may already know, in an Active Directory environment, group policies are the main component of network security. Group policy objects can be applied either to users or to computers. Deploying applications through the Active Directory is also done through the use of group policies, and therefore applications are deployed either on a per user basis or on a per computer basis.
There are two different ways that you can deploy an application through the Active Directory. You can either publish the application or you can assign the application. You can only publish applications to users, but you can assign applications to either users or to computers. The application is deployed in a different manner depending on which of these methods you use.
Publishing an application doesn’t actually install the application, but rather makes it available to users. For example, suppose that you were to publish Microsoft Office. Publishing is a group policy setting, so it would not take effect until the next time that the user logs in. When the user does log in though, they will not initially notice anything different. However, if the user were to open the Control Panel and click on the Add / Remove Programs option, they will find that Microsoft Office is now on the list. A user can then choose to install Microsoft office on their machine.
One thing to keep in mind is that regardless of which deployment method you use, Windows does not perform any sort of software metering. Therefore, it will be up to you to make sure that you have enough licenses for the software that you are installing.
Assigning an application to a user works differently than publishing an application. Again, assigning an application is a group policy action, so the assignment won’t take effect until the next time that the user logs in. When the user does log in, they will see that the new application has been added to the Start menu and / or to the desktop.
Although a menu option or an icon for the application exists, the software hasn’t actually been installed though. To avoid overwhelming the server containing the installation package, the software is not actually installed until the user attempts to use it for the first time.
This is also where the self healing feature comes in. When ever a user attempts to use the application, Windows always does a quick check to make sure that the application hasn’t been damaged. If files or registry settings are missing, they are automatically replaced.
Assigning an application to a computer works similarly to assigning an application to a user. The main difference is that the assignment is linked to the computer rather than to the user, so it takes effect the next time that the computer is rebooted. Assigning an application to a computer also differs from user assignments in that the deployment process actually installs the application rather than just the application’s icon.
Deploying Applications
Setting up the actual deployment is simple. The biggest thing that you must remember is that the MSI file and the corresponding package must exist within a network share, and everyone must have read permissions for that share.
To perform the deployment, open the Group Policy Editor. To publish or assign an application to a user, navigate through the group policy console to User Configuration Software Settings Software Installation. Now, right click on the Software Installation container and select the New Package commands from the shortcut menu. Select the appropriate MSI file and click Open. You are now asked whether you want to publish or assign the application. Make your selection and click OK.
The process for assigning an application to a computer is almost identical. The only real difference is that you would use the Software Settings Software Installation container beneath the Computer Configuration container rather than beneath the User Configuration container.
See also (for unatended installation):
http://unattended.sourceforge.net/installers.php
Tuesday, November 3, 2009
Performance Counters - Open a saved log (blg file)
1. Open Performance mmc from administrative tools.
2. Click the icon on the System Monitor that has the database symbol (a cylinder) and browse to the location where you saved the log file (BLG).
3. Click Add (a plus) to add the objects you monitored.
2. Click the icon on the System Monitor that has the database symbol (a cylinder) and browse to the location where you saved the log file (BLG).
3. Click Add (a plus) to add the objects you monitored.
Performance Counters - Disks Fast Enough?
Let's look at a couple of indicators of well-functioning hard disks in your system. Watch the Physical Disk (instance)\Disk Transfers/sec counter for each physical disk and if it goes above 25 disk I/Os per second then you've got poor response time for your disk. A bottleneck from a disk can significantly impact response time for applications running on your system, so you should investigate this further by tracking Physical Disk(instance)\% Idle Time, which measures the percent time that your hard disk is idle during the measurement interval, and if you see this counter fall below 20% then you've likely got read/write requests queuing up for your disk which is unable to service these requests in a timely fashion. In this case it's time to upgrade your hardware to use faster disks or scale out your application to better handle the load.
Performance Counter - Got Enough RAM?
The Memory\Pages/sec counter indicates the number of paging operations to disk during the measuring interval, and this is the primary counter to watch for indication of possible insufficient RAM to meet your server's needs. A good idea here is to configure a perfmon alert that triggers when the number of pages per second exceeds 50 per paging disk on your system. Another key counter to watch here is Memory\Available Bytes, and if this counter is greater than 10% of the actual RAM in your machine then you probably have more than enough RAM and don't need to worry.
You should do two things with the Memory\Available Bytes counter: create a performance log for this counter and monitor it regularly to see if any downward trend develops, and set an alert to trigger if it drops below 2% of the installed RAM. If a downward trend does develop, you can monitor Process(instance)\Working Set for each process instance to determine which process is consuming larger and larger amounts of RAM. Process(instance)\Working Set measures the size of the working set for each process, which indicates the number of allocated pages the process can address without generating a page fault. A related counter is Memory\Cache Bytes, which measures the working set for the system i.e. the number of allocated pages kernel threads can address without generating a page fault.
Finally, another corroborating indicator of insufficient RAM is Memory\Transition Faults/sec, which measures how often recently trimmed page on the standby list are re-referenced. If this counter slowly starts to rise over time then it could also indicating you're reaching a point where you no longer have enough RAM for your server to function well
You should do two things with the Memory\Available Bytes counter: create a performance log for this counter and monitor it regularly to see if any downward trend develops, and set an alert to trigger if it drops below 2% of the installed RAM. If a downward trend does develop, you can monitor Process(instance)\Working Set for each process instance to determine which process is consuming larger and larger amounts of RAM. Process(instance)\Working Set measures the size of the working set for each process, which indicates the number of allocated pages the process can address without generating a page fault. A related counter is Memory\Cache Bytes, which measures the working set for the system i.e. the number of allocated pages kernel threads can address without generating a page fault.
Finally, another corroborating indicator of insufficient RAM is Memory\Transition Faults/sec, which measures how often recently trimmed page on the standby list are re-referenced. If this counter slowly starts to rise over time then it could also indicating you're reaching a point where you no longer have enough RAM for your server to function well
Performance Counters - Is Hardware Functioning Properly
There are a couple of perfmon counters you can track to monitor for signs that your machine's hardware devices are functioning properly. One of these is System\Context Switches/sec, which measures how frequently the processor has to switch from user- to kernel-mode to handle a request from a thread running in user mode. The heavier the workload running on your machine, the higher this counter will generally be, but over long term the value of this counter should remain fairly constant. If this counter suddenly starts increasing however, it may be an indicating of a malfunctioning device, especially if you are seeing a similar jump in the Processor(_Total)\Interrupts/sec counter on your machine. You may also want to check Processor(_Total)\% Privileged Time Counter and see if this counter shows a similar unexplained increase, as this may indicate problems with a device driver that is causing an additional hit on kernel mode processor utilization. In this case you can drill down and maybe find the culprit by examining the Process(instance)\% Processor Time counter for each process instances running on your machine. This won't directly tell you which driver is utilizing processor time, but it may indicate which calling application is indirectly causing the problem and may help you troubleshoot the issue further.
If Processor(_Total)\Interrupts/sec does not correlate well with System\Context Switches/sec however, your sudden jump in context switches may instead mean that your application is hitting its scalability limit on your particular machine and you may need to scale out your application (for example by clustering) or possibly redesign how it handles user mode requests. In any case, it's a good idea to monitor System\Context Switches/sec over a period of time to establish a baseline for this counter, and once you've done this then create a perfmon alert that will trigger when this counter deviates significantly from its observed mean value.
If Processor(_Total)\Interrupts/sec does not correlate well with System\Context Switches/sec however, your sudden jump in context switches may instead mean that your application is hitting its scalability limit on your particular machine and you may need to scale out your application (for example by clustering) or possibly redesign how it handles user mode requests. In any case, it's a good idea to monitor System\Context Switches/sec over a period of time to establish a baseline for this counter, and once you've done this then create a perfmon alert that will trigger when this counter deviates significantly from its observed mean value.
Subscribe to:
Posts (Atom)