After a long time I was actually doing some hands-on and damn the first problem that I encounter is a Microsoft  Windows 2008 Server R2 design constraint for DNS Service.

Issue:

When you try to install Active Directory (AD) with integrated DNS on a high-end server (64 Cores, 500 GB+ RAM etc.). After installing the AD and when you reboot the server the DNS service doesn’t start automatically. You keep on getting the following errors when you try to start the service manually it just wont START

Note: Active Directory works like a charm. However, the DNS service doesn’t start and we all know AD without DNS is like a big Disaster!

System Event Log: (Event id 7023)

Log Name:      System
Source:        Service Control Manager
Event ID:      7023
Level:         Error
Description:
The DNS Server service terminated with the following error:
A thread could not be created for the service.

DNS Server Log: (Event id 3 and 708)

Log Name:      DNS Server
Source:        Microsoft-Windows-DNS-Server-Service
Event ID:      3
Level:         Information
Description:
The DNS server has shut down.

Log Name:      DNS Server
Source:        Microsoft-Windows-DNS-Server-Service
Event ID:      708
Level:         Information
Description:
The DNS server did not detect any zones of either primary or secondary type during initialization. It will not be authoritative for any zones, and it will run as a caching-only server until a zone is loaded manually or by Active Directory replication. For more information, see the online Help.

Resolution:

After a lot of troubleshooting and researching on the web finally I figure out that its is a design constraint with DNS. The service doesn’t work on servers that have more than 32 cores on it. Being a lab environment my thoughts were to install the AD, DNS, SQL 2008, SCVMM and Hyper-V on the same host. But all my plans are shattered now!!

I know Microsoft Support will argue why do you have to install all the server roles onto the physical host? My answer would be being a lab environment and the only available server why not? (I am going to create a lot of VM’s on the host) Secondly to get maximum performance of the services. Last to avoid domain controller issues inside the VM and having the physical host joined to the same domain running inside a VM.

Statement from the Microsoft Support:

This is a by-design problem in DNS.exe in this scenario with a very large amount of CPU resources available. Inside the DNS Server service, there is a thread count limitation (maximal 120 threads). However, it does not limit processors (or cores).

On 64 cores server, DNS Dynamic update routines will create 64 Update threads, and UDP I/O and dispatch routine will create 64 UDP Listen threads. Besides that, the following threads will also be created for DNS operation,

“Recursion Timeout” thread
“Secondary Control” thread
“DsLoad_Thread” thread
“Timeout_Thread” thread

Therefore, the thread limitation will be reached: 64 *2 + 4 = 132 > 120, and ERROR_SERVICE_NO_THREAD error would occur.

On 32 cores server, the DNS service would be running fine as it only creates 32 * 2 + 4 = 68 threads.

This is a by-design behavior and it will not be fixed until Windows 8. Currently, the only solution is to use less than 32 cores.

If you like this post leave your comments

Best Regards,
Aresh

Source

I found this TechNet link that talks about all the latest Improvements in Windows Server 2012.

Link: http://technet.microsoft.com/library/hh831769

Short Summary of things that I like personally: (Direct Hyperlinks)

What’s new in Active Directory Domain Services (AD DS)
Active Directory Domain Services (AD DS) in Windows Server 2012 includes new features that make it simpler and faster to deploy domain controllers (both on-premises and in the cloud), more flexible and easier to both audit and authorize access to files, and easier to perform administrative tasks at scale, either locally or remotely, through consistent graphical and scripted management experiences.

What’s New in Failover Clustering
Failover clusters provide high availability and scalability to many server workloads. These include file share storage for server applications such as Hyper-V and Microsoft SQL Server, and server applications that run on physical servers or virtual machines.

What’s New in Remote Desktop Services
The Remote Desktop Services server role in Windows Server 2012 provides technologies that enable users to connect to virtual desktops, RemoteApp programs, and session-based desktops. With Remote Desktop Services, users can access remote connections from within a corporate network or from the Internet.

What’s New in Hyper-V
The Hyper-V role enables you to create and manage a virtualized computing environment by using virtualization technology that is built in to Windows Server 2012. Hyper-V virtualizes hardware to provide an environment in which you can run multiple operating systems at the same time on one physical computer, by running each operating system in its own virtual machine.

I am sure this will come handy in making decisions moving forward to Win 2012

Best Regards,
Aresh Sarkari

Microsoft & BangaloreITPro jointly have come up with this initiative where group leader veterans would be delivering sessions on Microsoft Hyper-V which will help the community members to prepare themselves to take up the Microsoft Virtualization exam 70-659.

15 members would be selected during the session and will be given free examination vouchers for 70-659 Windows 2008 R2 Server Virtualization

Date: 2^nd June 2012

Time: 9.30AM to 6.00PMVenue: Microsoft MTC, Signature Building, Bangalore

Be there as I will be taking up the stage for the Hyper-V Planning, Configuration & Management Topics + Live Demo

Best Regards,
Aresh Sarkari

Did you every imagine!! what if you could get the best of both the worlds Windows 7 Desktop and Android Apps & Games?? Yes guys its possible!! I know it’s a late discovery however, I got excited the moment I installed the app on my Windows 7 PC and the very first app I downloaded was “Angry Birds Space” works like a charm.

Big thanks to BlueStack App: www.bluestacks.com Simply Download the package and it will install the bits onto your computer.

You need to enter the following details:

– Language
– Cloud Connect Sync option if you have a Android based phone – (I don’t have one )
– Enter your email address for all the correspondence

Screen Shot: (Downloading Angry Bird on my desktop )

Beauty of the App:

Suppose if you have a Android based phone you can download the applications onto your desktop under the BlueStacks App Player for Windows (Beta-1). The Cloud Connect Sync options will automatically sync all the Apps & Games with your phone.

Memory Usage:

When I was playing games in the BlueStacks App I noticed the memory utilization is approx. 270 – 500 MB depending on the Game/App you are playing inside.

Alternates:

I know people will say we can install the Android Operating System into a Virtual Machine and then download the apps & games from the application store. However, I have noticed that doing so involves technical expertise & even after managing to run the Android OS into the VM’s still there are issues related to Sound and Mouse movement within the VM.

I bet this is the best application cum player I have ever seen for running the Android Apps & Games for Windows 7. I hope you will enjoy this post as much as I did after exploring this software.

Best Regards,
Aresh Sarkari

• Note the error message (Sometime the error message is very specific )
• Login to the machine using local admin account
• Check the system Date and time / Time zone – Make sure they are similar to authenticating DC
• Check DNS – Make Sure they are pointing to Right DNS (DNS which is alive and doing the name resolution)
• Check DNS records with the help of NSLOOKUP
• Ping the DC – IP, Netbios Name and FQDn
• Ping the DC to DC with 1500 MTU
• Run Netdiag and check DNS and Trust and Kerberos test
• Make sure NIC card is enabled of “register me in DNS”
• Check event viewer for any know errors like Userenv, Kerberos, netlogon
• Enable netlogon log and do the further troubleshooting  

Don’t forget to post your comments 🙂

Thanks,
Anang Kumar

This is very funny XP machine as a domain controller

1) Create a share called SYSVOL on an XP machine

2) Try to unshare the directory you shared as SYSVOL.

3) You will get a nice warning stating:

“This share is required for the machine to act properly as a domain controller. Removing it will cause a loss of functionality on all clients that this domain controller serves. Are you sure you wish to stop sharing SYSVOL?”

Screenshot:

But do not worry – unsharing SYSVOL on XP will not break your AD. This is just an example of code reuse that Microsoft does.

Don’t forget to post your comments 🙂

Thanks,
Aresh

Useful Blog:
Guy Teverovsky: http://blogs.microsoft.co.il/blogs/guyt/archive/2007/09/06/XP-as-Domain-Controller-_3F00_.aspx

Accidentally deleted user, computer account or OU’s from Active Directory. Don’t worry, now you can get them back using ADRestore tool using GUI interface.

Though there is a command line version of tombstone reanimation tool called adrestore – sysinternals, many people are not CLI savvies and having a GUI version of this functionality could really help them out.

Insight on tombstone: Reanimating Active Directory Tombstone Objects – By Gil Kirkpatrick
Gil Kirkpatrick’s article at Technet

Main features:

• Browsing the tombstones
• Domain Controller targeting
• Can be used with alternative credentials (convenient if you do not logon to your desktop as Domain Admin, which you should never do anyway)
• User/Computer/OU/Container reanimation
• Preview of tombstone attributes

Here are some sceenshots:

Enumerating tombstones

Previewing the tombstone attributes

Restoring a deleted user account

Notice that if you delete an OU with accounts in it, you will have to restore first the OUs the accounts were in, otherwise the reanimation of the child object will fail. It is not enough to create an OU with the same name as this will be a totally new object in AD and child object’s lastKnowParent attribute will still reference the deleted OU. Here is a walthrough:

Initial state:

TestOU organizational unit is deleted:

State of tombstones (notice that lastKnownParent attribute of user and computer accounts reference the deleted OU):

OU is restored (lastKnowParent points to the restored OU’s distinguished name):

Both computer and user accounts that resided in TestOU are reanimated:

Download ADRestore.NET

Don’t forget to post your comments 🙂

Thanks,
Aresh

Useful Blogs:

ADRestore Rewrite: http://blogs.microsoft.co.il/blogs/guyt/ 
Reanimating Active Directory Tombstone Objects: http://technet.microsoft.com/en-us/magazine/cc137800.aspx

Windows 32-bit Operating Systems implement a virtual memory system based on a flat 32-bit address space.  32-bits of address space translates into 4GB of virtual memory.  A process can access up to 4GB of memory address space (using the /3GB switch changes this behavior – and we’ll cover that in a later post).

You can’t have a discussion of Memory Management basics, without distinguishing between Kernel-mode and User-mode memory.  The system space (aka Kernel space) is the portion of the address space in which the OS and kernel-mode drivers reside.  Only kernel-mode code can access this space.  User-mode threads can access data only in the context of their own process.  User-mode threads cannot access data within another processes space directly, nor can it access the system address space directly.  Kernel-mode drivers are trusted by the OS and can access both kernel and user space.  When a driver routine is called from a user thread, the thread’s data remains in the user-mode space.  However, the kernel-mode driver can access the user-mode data for the thread and access the kernel-mode space.

OK – so looking at the diagram above, we can see how the 4GB memory address space is divided.  Windows allocates the lower half of the 4GB address space (from 0x00000000 to 0x7FFFFFFF) to processes for their own unique private storage, and reserves the other half (from 0x80000000 to 0xFFFFFFFF) for the Operating System’s use.  Virtual memory provides a view of memory that does not necessarily correspond to the physical layout of memory.

Kernel memory chart for Windows 2003 Server:

What is /3GB?:

/3GB is a switch used within the Boot.ini to Increase the size of a user process address space from 2 GB to 3G B. This in-turn reduces the Kernel space from 2 GB to 1 GB. This is a positive aspect for virtual-memory-intensive applications such as database servers a larger address space can improve their performance. For an application to take advantage of this feature, however, two additional conditions must be met: the system must be running Windows 2000 Advanced Server or Datacenter Server or Windows 2003 (All Editions) and the application .exe must be flagged as a 3-GB-aware application

With the /3GB switch we enable 3 GB area of  user-mode memory for programs to use. This feature can expand the virtual address range for user-mode memory from 0x0000000 through 0xBFFFFFF (the user-mode address range is typically from 0x00000000 through 0x7FFFFFFF). The range of memory that is available for kernel-mode components shrinks from 0x80000000-0xFFFFFFFF to 0xC0000000-0xFFFFFFFF.

What is /USERVA?:

Windows 2003 Servers and Windows XP SP1 incorporate a new /USERVA switch to work in conjunction with /3GB switch. You can use the /userva= switch for more precise tuning of user and kernel virtual memory space in the Windows Server 2003 family. Use this new switch with the /3GB switch in the Boot.ini file to tune the User-mode space to a value between 2 and 3 gigabytes (GB), with the difference being given back to Kernel mode.

Thanks,
Aresh

Useful Blogs:

Windows Internals Mark Russinovich’s: http://blogs.technet.com/markrussinovich/archive/2008/07/21/3092070.aspx 
Memory Management – Demystifying /3GB : http://blogs.technet.com/askperf/archive/2007/03/23/memory-management-demystifying-3gb.aspx
Memory Management: http://blogs.technet.com/askperf/archive/2007/02/23/memory-management-101.aspx

Tired of parsing the Perfmon (*.blg) manually. Let PAL make your job easier, give you html output and highlight high thresholds.

Website: http://www.codeplex.com/PAL

Project Description
Ever have a performance problem, but don’t know what performance counters to collect or how to analyze them? The PAL (Performance Analysis of Logs) tool is a new and powerful tool that reads in a performance monitor counter log (any known format) and analyzes it using complex, but known thresholds (provided). The tool generates an HTML based report which graphically charts important performance counters and throws alerts when thresholds are exceeded. The thresholds are originally based on thresholds defined by the Microsoft product teams and members of Microsoft support, but continue to be expanded by this ongoing project. This tool is not a replacement of traditional performance analysis, but it automates the analysis of performance counter logs enough to save you time. This is a VBScript and requires Microsoft LogParser (free download).

Features

• Thresholds files for most of the major Microsoft products such as IIS, MOSS, SQL Server, BizTalk, Exchange, and Active Directory.
• An easy to use GUI interface which makes creating batch files for the PAL.vbs script.
• A GUI editor for creating or editing your own threshold files.
• Creates an HTML based report for ease of copy/pasting into other applications.
• Analyzes performance counter logs for thresholds using thresholds that change their critieria based on the computer’s role or hardware specs.

Download Link: http://www.codeplex.com/PAL/Release/ProjectReleases.aspx?ReleaseId=16807  

To use PAL

The PAL tool is primarily a VBScript that requires arguments/parameters passed to it in order to properly analyze performance monitor logs. In v1.1 and later of PAL, a GUI interface has been added to help with this process.

Requirements

Operating Systems
PAL runs successfully on all of the following operating systems: Windows XP SP2, Windows Vista, and Windows 2003 Server. 32-bit only due to OWC11 requirements.
Note: The optional GUI (windows form) portion of PAL requires the Microsoft .NET Framework v2.0.

Log Parser 2.2
Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows® operating system such as the Event Log, the Registry, the file system, and Active Directory®. PAL uses the Log Parser tool to query perform logs and to create charts and graphs for the PAL report.
http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&DisplayLang=en

Microsoft Office Web Components 2003
Log Parser requires the Office Web Components 2003 in order to create charts.
http://www.microsoft.com/downloads/details.aspx?FamilyID=7287252c-402e-4f72-97a5-e0fd290d4b76

Training
Watch online at: http://www.livemeeting.com/cc/microsoft/view?id=JKGT3N
or
Download it (20071005IntrotoPALwmv.zip) from:
https://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=PAL&ReleaseId=6759

Related Blogs and Reviews
Clint Huffman’s Windows Performance Analysis Blog
http://blogs.technet.com/clint_huffman
Mike Lagase’s Exchange Performance Analysis Blog
http://blogs.technet.com/mikelag/archive/2008/08/20/performance-troubleshooting-using-the-pal-tool.aspx
Two Exchange Server Tools You Should Know About
http://windowsitpro.com/article/articleid/100132/two-exchange-server-tools-you-should-know-about.html

Thanks,
Aresh

One of the most useful videos I have found on the internet, for failover clustering. Thanks to John Savill for his efforts and time.

• Creating Windows Server 2008 Failover Clusters:
  http://www.savilltech.com/Videos/clustercreate/ClusterCreate.wmv
• Configuring a Windows Server 2008 Failover Cluster from the command line: http://www.savilltech.com/Videos/clustercmd/clustercmd.wmv
• Understanding Failover Cluster Quorum:
  http://www.savilltech.com/Videos/ClusterQuorum/ClusterQuorum.wmv
• Hyper-V Quick Migration:
  http://www.savilltech.com/Videos/QuickMigration/QuickMigration.wmv
• Configuring iSCSI connections from the command line:
  http://www.savilltech.com/Videos/iscsicli/iscsicli.wmv
• Failover Clustering with MELIO File System:
  http://www.savilltech.com/Videos/meliofs/meliofs.wmv

Don’t forget to post your comments 🙂

Thanks,
Aresh