Ask The Performance Team articles https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/bg-p/AskPerf Ask The Performance Team articles Mon, 18 Oct 2021 04:44:45 GMT AskPerf 2021-10-18T04:44:45Z Automating Data Collection for Memory, CPU, and Disk issues using CLUE https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/automating-data-collection-for-memory-cpu-and-disk-issues-using/ba-p/2843412 <P><STRONG>Automating Data Collection for Memory, CPU, </STRONG><STRONG>and </STRONG><STRONG>Disk issues</STRONG></P> <P>My name is Susan Buchanan, and I am a Support Escalation Engineer with the Windows Performance Team at Microsoft. Does Performance Data Collection got you singing the Blues? This blog addresses how to troubleshoot High CPU and unaccounted memory usage or memory leak to include identifying and data collection using the CLUE tool written by Clint Huffman. A special thank you to Ron Stock for writing me a bad driver to use in demonstration.</P> <P>&nbsp;</P> <P>I want to discuss how to perform data collection when an issue may be intermittent, troublesome to catch, ongoing, or even reproducible at will. For many years, data collection was manual, time consuming, and often labor some.</P> <UL> <LI>Can’t seem to capture the right data at the right time?</LI> <LI>Intermittent issues? Reproducible issues?</LI> <LI>Do customers leave data captures on too long, and the log sizes are not useful, or too large?</LI> <LI>Need a foolproof way for end users to capture data that isn’t too complicated?</LI> </UL> <P>It's frustrating when you obtain a set of data only to realize you needed an additional dataset and must perform the data capture again. You might start with a RAMMAP and a performance monitor on the first data collection, move to a pool monitor or WPR/Xperf on another collection, and then might realize you also needed a tasklist or to find which drivers were associated with which pool tags you need another set of data collected.</P> <P>&nbsp;</P> <P>Performance is Complicated! It really is.</P> <P>&nbsp;</P> <P>Well, those days are gone! Thanks to CLUE which runs an ETW trace in the background until a threshold found in the config.xml is hit and then automagically collects data via Tasks in Task Scheduler! This gives you a more robust view of what has occurred since the data capture shows prior to the event, and then the event in the ETW trace without manual intervention.</P> <P>&nbsp;</P> <P>CLUE was written by a Microsoft employee who has made this code open source and extensible. You can modify the config.xml to create your own scenarios, increase the data captures, and much more.</P> <P>&nbsp;</P> <P><STRONG>CLUE Scenarios/Thresholds</STRONG></P> <P>Automatically collects a counter log and ETW trace whenever the following conditions occur:</P> <UL> <LI>Single CPU over 90% for more than 3 seconds.</LI> <LI>Free System PTEs of less than 50000 (kernel address space is low)</LI> <LI>System Committed memory greater than 90% (indicates one or more memory leaks that are consuming the system resources)</LI> <LI>Kernel Pool Paged virtual address space greater than 10% of system committed memory (indicates a driver leak in pool paged)</LI> <LI>Kernel Pool NonPaged virtual address space greater than 10% of physical memory (indicates a driver leak in pool nonpaged)</LI> <LI>Disk latency of greater than 25 ms for 3 or more seconds (includes high consuming processes, disk filter drivers, page file usage, and more)</LI> <LI>High CPU by WMI (includes WMI tracing to identify the query causing it)</LI> <LI>High thermal temperatures (traces CPU and power usage)</LI> <LI>High battery drains greater than 20% of battery capacity within one hour (traces CPU, GPU, and power usage)</LI> <LI>Has a User-initiated trace start optimized for application hangs. The user can initiate a wait analysis trace to determine why Windows, or an application is hanging.</LI> </UL> <P><STRONG>&nbsp;</STRONG></P> <P><STRONG>CLUE&nbsp;Installation</STRONG></P> <P>Requires administrator rights to install. After installation, non-admin users can use the device normally and data collection will still occur even for user-initiated data collections.</P> <P>&nbsp;</P> <P><STRONG>For Windows 10, Windows Server 2016 and 2019</STRONG><BR />1. Download and setup scheduled Tasks via Microsoft Clue tool 1.1.6:&nbsp;<A href="#" target="_blank" rel="noopener">Clue/Clue_1.1.6.zip at master · Clint Huffman/Clue · GitHub</A><BR />2. Confirm you have 2-4 GB free on your c: drive<BR />3. To install CLUE run&nbsp;<STRONG>setup.bat</STRONG>&nbsp;as administrator<BR />4. Accept the defaults<BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_0-1634153488729.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317146iCD2D8126F4201F2F/image-size/medium?v=v2&amp;px=400" role="button" title="Becky_0-1634153488729.png" alt="Becky_0-1634153488729.png" /></span></P> <P>&nbsp;</P> <P><STRONG>&nbsp;</STRONG></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_1-1634153488776.png" style="width: 694px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317148i89070C162080636D/image-dimensions/694x392?v=v2" width="694" height="392" role="button" title="Becky_1-1634153488776.png" alt="Becky_1-1634153488776.png" /></span></P> <P>&nbsp;</P> <P><STRONG>Data location stored (default)</STRONG></P> <P>C:\ClueOutput</P> <P>&nbsp;</P> <P><STRONG>Extensibility</STRONG></P> <P>CLUE is also extensible allowing for more performance rules by modifying the config.xml without changing the binaries.</P> <P>&nbsp;</P> <P><STRONG>GIT: </STRONG></P> <P><A href="#" target="_blank" rel="noopener">https://aka.ms/cluetool</A></P> <P>&nbsp;</P> <H3>Following are 2 scenarios describing how CLUE can be useful in troubleshooting High CPU and High Memory.</H3> <P><STRONG>&nbsp;</STRONG></P> <H4><STRONG>What is causing high CPU on my server?</STRONG></H4> <P>&nbsp;</P> <P><STRONG><U>Scenario</U></STRONG><STRONG><U> #1</U></STRONG><STRONG>: </STRONG>Issue of intermittent high CPU on a Windows Server 2016 where it would jump to &gt; 90%.</P> <P>&nbsp;</P> <P>In task manager we can easily see that it is the <STRONG>CPU Stress</STRONG> application; but what if it wasn’t so obvious? What if we needed to drill further down by CPU, or by stack?</P> <P>&nbsp;</P> <P>Of course, the first line of defense if the issue is occurring in real time is to pop open Task Manager to see what it shows. This is not always possible which is another reason why CLUE comes in handy.</P> <P>&nbsp;</P> <P>We see from a quick look in Task Manager the CPU is over 90%<BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_2-1634153488789.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317147i46E98A2ECB2938E7/image-size/medium?v=v2&amp;px=400" role="button" title="Becky_2-1634153488789.png" alt="Becky_2-1634153488789.png" /></span></P> <P>&nbsp;</P> <P>Task Manager shows both kernel and user mode in the graph. Kernel mode is in (darker blue/grey area)&nbsp;</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_3-1634153488802.png" style="width: 624px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317150i3FF928B7CBF4DE66/image-dimensions/624x493?v=v2" width="624" height="493" role="button" title="Becky_3-1634153488802.png" alt="Becky_3-1634153488802.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>But what if the issue wasn’t in state? Or, what if Task Manager wasn’t so helpful?</P> <P>&nbsp;</P> <P>Luckily, CLUE was running, and we know from the ETW trace what CPU usage looked like prior to and during the occurrence.</P> <P>&nbsp;</P> <P>From the C:\ClueOutput folder we see the following data captured due to the ProcessorTime &gt; 90% and DiskLatency &gt; 25ms hit.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_4-1634153488804.png" style="width: 472px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317151iAA03A1F49211DBF8/image-dimensions/472x170?v=v2" width="472" height="170" role="button" title="Becky_4-1634153488804.png" alt="Becky_4-1634153488804.png" /></span></P> <P>&nbsp;</P> <P>When we expand the zipped file for Processor Time &gt; 90%, we see the following data captured:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_5-1634153488807.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317149i263A5F51708A7E79/image-size/medium?v=v2&amp;px=400" role="button" title="Becky_5-1634153488807.png" alt="Becky_5-1634153488807.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;When we are looking for high CPU, we typically want to look at the following counters:</P> <P>&nbsp;</P> <TABLE width="624"> <TBODY> <TR> <TD width="86"> <P><STRONG>Component&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </STRONG></P> </TD> <TD width="190"> <P><STRONG>Performance Aspect being Monitored&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </STRONG></P> </TD> <TD width="348"> <P><STRONG>&nbsp;Counters to Monitor </STRONG></P> </TD> </TR> <TR> <TD width="86"> <P>Processor</P> </TD> <TD width="190"> <P>Usage</P> </TD> <TD width="348"> <P>Processor\ % Processor Time (all instances)</P> <P>Processor\% DPC Time</P> <P>Processor\% Interrupt Time</P> <P>Processor\% Privileged Time</P> <P>Processor\% User Time</P> </TD> </TR> <TR> <TD width="86"> <P>Processor</P> </TD> <TD width="190"> <P>Bottlenecks</P> </TD> <TD width="348"> <P>Processor\% Processor Time (all instances)</P> <P>Processor\% DPC Time</P> <P>Processor\% Interrupt Time</P> <P>Processor\% Privileged Time</P> <P>Processor\% User Time</P> <P>Processor\Interrupts/sec</P> <P>Processor\DPC’s Queued /sec</P> <P>System\Context switches /sec</P> <P>System\System Calls/sec</P> <P>System\Processor Queue Length (all instances)</P> </TD> </TR> </TBODY> </TABLE> <P><STRONG>&nbsp;</STRONG><STRONG>&nbsp;</STRONG></P> <P><STRONG>Processor</STRONG></P> <TABLE> <TBODY> <TR> <TD width="160"> <P><STRONG>Counter Name</STRONG></P> </TD> <TD width="732"> <P><STRONG>Metric</STRONG></P> </TD> </TR> <TR> <TD width="162"> <P>Processor Queue Length (PQL)</P> </TD> <TD width="730"> <P>Divide the PQL into the number of processors</P> <P>~2+ sustained per processor and high CPU present: Check processes for high CPU consumption, also check Context Switching, % DPC Time, and % Interrupt Time</P> <P>&nbsp;</P> </TD> </TR> <TR> <TD width="160"> <P>% Processor Time</P> </TD> <TD width="732"> <P>0-50% healthy</P> <P>50-80% monitor / warning Monitor</P> <P>80-100% critical. System may appear sluggish.</P> </TD> </TR> <TR> <TD width="160"> <P>% DPC Time</P> </TD> <TD width="732"> <P>~% Processor Time &gt; 85% and % DPC Time &gt; ~15%: investigate if they are constantly above these levels, short spikes are ok.</P> <P>If only on 1 processor ~100% Processor Time and ~50%+ DPC Time:</P> </TD> </TR> <TR> <TD width="160"> <P>% Interrupt Time</P> </TD> <TD width="732"> <P>High CPU Interrupt Time – more than ~30% interrupt time (A high amount of % Interrupt Time in the processor could indicate a hardware or driver problem).</P> <P>Very high CPU Interrupt Time – more than ~50% interrupt time (A very high amount of % Interrupt Time in the processor could indicate a hardware or driver problem)</P> </TD> </TR> </TBODY> </TABLE> <P>&nbsp;</P> <P>&nbsp;</P> <P>Wow – our processor time is significantly high for much of our 6-minute performance monitor.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_6-1634153488811.png" style="width: 588px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317152i7BD8AAA8BFA8DF2E/image-dimensions/588x522?v=v2" width="588" height="522" role="button" title="Becky_6-1634153488811.png" alt="Becky_6-1634153488811.png" /></span></P> <P>&nbsp;</P> <P>Check out the Processor Queue Length which is &gt; 10 on average. That’s not looking good here. So, let’s drill down into who is using the %Processor Time.</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_13-1634154074212.png" style="width: 526px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317160i9B0FC00A698FA34A/image-dimensions/526x339?v=v2" width="526" height="339" role="button" title="Becky_13-1634154074212.png" alt="Becky_13-1634154074212.png" /></span></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_7-1634153488848.png" style="width: 593px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317154iE0AD9DAD33DF9422/image-dimensions/593x370?v=v2" width="593" height="370" role="button" title="Becky_7-1634153488848.png" alt="Becky_7-1634153488848.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Processor&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Minimum&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Maximum&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Average</P> <P>=========================================================================</P> <P>% Processor Time&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 4.688% |&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 100% |&nbsp;&nbsp;&nbsp;&nbsp; 81.605%</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>When we add counters for Processor/%ProcessorTime and look at the instances we quickly see CPUStres64.exe is the highest consumer. There are even gaps where the %ProcessorTime exceeded 100 percent and went to around 180% in the data.</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_8-1634153488902.png" style="width: 619px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317153i5461D7624FD241B2/image-dimensions/619x390?v=v2" width="619" height="390" role="button" title="Becky_8-1634153488902.png" alt="Becky_8-1634153488902.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>% Processor Time&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Minimum&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Maximum&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Average</P> <P>=========================================================================</P> <OL> <LI>&nbsp; CPUSTRES64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0% |&nbsp;&nbsp;&nbsp; 180.309% |&nbsp;&nbsp;&nbsp;&nbsp; 19.787%&nbsp;</LI> </OL> <P>&nbsp;</P> <P>&nbsp;</P> <P>From the CLUE ETL (Windows Performance Recorder trace), we see the highest CPU is 0. Ok, in my example I only have 1 CPU – but it’s good to check if the CPUs are being consumed equally.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_9-1634153488924.png" style="width: 671px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317156i0985AA1D856A287F/image-dimensions/671x161?v=v2" width="671" height="161" role="button" title="Becky_9-1634153488924.png" alt="Becky_9-1634153488924.png" /></span></P> <P>&nbsp;</P> <P>In another example, where I have multiple processors and CPUStres64.exe is the culprit we see where each processor is hit fairly, equally by the process.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_10-1634153488950.png" style="width: 792px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317157iB6D9FA9BC1B539B1/image-dimensions/792x395?v=v2" width="792" height="395" role="button" title="Becky_10-1634153488950.png" alt="Becky_10-1634153488950.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <H4><STRONG>Where did all my Memory Go? And why did my Server become unresponsive</STRONG><STRONG>?</STRONG></H4> <H3><STRONG><U>Scenario</U></STRONG> <STRONG><U>#2</U></STRONG><STRONG>:</STRONG> Windows server 2019 that inevitably runs us of memory due to a resource depletion, but we cannot figure out why?</H3> <P>Looking at task manager is leaving you without a "clue" as the top consumer is just 75 MB.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_11-1634153488955.png" style="width: 410px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317155i781329BA7FF0688A/image-dimensions/410x355?v=v2" width="410" height="355" role="button" title="Becky_11-1634153488955.png" alt="Becky_11-1634153488955.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>If we were to manually gather the data, it would look like this:</P> <P>Obtain a perfmon to determine there is a memory issue. Oh, there is, but now I need more data.</P> <P><BR />I might look at the following counters.<BR /><BR /></P> <TABLE width="676"> <TBODY> <TR> <TD width="85"> <P>Memory</P> </TD> <TD width="94"> <P>Usage</P> </TD> <TD width="489"> <P>Memory\ Available Bytes <BR />Memory\ Cache Bytes<BR />Memory\%Committed Bytes<BR />Memory\Pages Input or Reads/s</P> </TD> </TR> <TR> <TD width="85"> <P>Memory</P> </TD> <TD width="94"> <P>Bottlenecks or leaks</P> </TD> <TD width="489"> <P>Memory\ Pages/sec <BR />Memory\ Page Inputs or Reads/sec</P> <P>Memory\ Page Output or Write/sec<BR />Memory\ Transition Faults/sec <BR />Memory\ Pool Paged Bytes</P> <P>Memory\ Pool Paged Resident Bytes<BR />Memory\ Pool NonPaged Bytes <BR /><BR />Although not specifically Memory object counters, the following are also useful for memory analysis: <BR />Paging File\ % Usage object (all instances) <BR />Cache\ Data Map Hits %</P> </TD> </TR> </TBODY> </TABLE> <P><BR /><BR /></P> <P><STRONG>Memory - some metrics to keep in mind when you look at the data.</STRONG></P> <TABLE> <TBODY> <TR> <TD width="132"> <P><STRONG>Counter Name</STRONG></P> </TD> <TD width="760"> <P><STRONG>Metric</STRONG></P> </TD> </TR> <TR> <TD width="132"> <P>Available Bytes</P> </TD> <TD width="760"> <P>Minimum value:</P> <P>~700mb – monitor</P> <P>~500 mb or less - critical</P> </TD> </TR> <TR> <TD width="132"> <P>Pool Paged Bytes (PP)</P> </TD> <TD width="760"> <P>Exhausted: Event 2020 logged in system log.</P> <P>Both 2019 and 2020 event log errors with a source of SRV are relatively common and indicate a depletion of non-paged or paged pool memory respectively.&nbsp;</P> </TD> </TR> <TR> <TD width="132"> <P>Pool Nonpaged Bytes (NPP)</P> </TD> <TD width="760"> <P>Exhausted: Event 2019 and 2004 logged in system log.<BR /><BR /></P> <P>NPP can exhaust and it causes more of a problem if high or pool tag is leaking resulting in low memory condition on the system. Check usage if available memory is low on the OS</P> <P>&nbsp;</P> </TD> </TR> <TR> <TD width="132"> <P>Free System PTEs</P> </TD> <TD width="760"> <P>Rarely if at all will a 64-bit machine run out of PTEs as normally available is in the tens of millions.</P> <P>Available PTEs value is few hundred thousand: monitor</P> <P>Available PTEs value is 10,000 or less: critical</P> </TD> </TR> <TR> <TD width="132"> <P>Handle Count</P> </TD> <TD width="760"> <P>Exchange, SQL and LSASS can have 100k + and be normal.</P> <P>Other software or processes high are worth investigating. Rule of thumb is 1500 – 2000 is a good place to being looking at those applications consuming a lot more than this number.</P> </TD> </TR> <TR> <TD width="132"> <P>Thread Count</P> </TD> <TD width="760"> <P>~500+ possible unexpected behavior: monitor</P> <P>~2000+: warning</P> </TD> </TR> <TR> <TD width="134"> <P>% Committed Bytes Used</P> </TD> <TD width="758"> <P>~90% but may only be relative if low available memory present</P> </TD> </TR> <TR> <TD width="132"> <P>Pages/sec</P> </TD> <TD width="760"> <P>~1000+ could be start of running out of memory: monitor</P> <P>~2500+ could be experiencing system wide delays: Check available memory</P> <P>~5000+ most likely experiencing system wide delays: Check available memory and memory used by individual processes</P> <P>&nbsp;</P> </TD> </TR> </TBODY> </TABLE> <P><BR />The <STRONG>manual way</STRONG> which would be lengthier and more time consuming would be to:</P> <OL> <LI>Obtain a poolmon to determine what tag might be leaking. Okay, there is a leak, but now I need more data.</LI> <LI>Use FindStr to try and identify what tags are being used by what files (unfortunately, we rebooted the box, and we had to start all over with the data captures).</LI> <LI>Obtain Tasklist to determine the services in use</LI> <LI>May need an ETL or even a dump after that.<BR /><BR /></LI> </OL> <P><STRONG>Here’s CLUE to the rescue</STRONG><STRONG>. </STRONG>CLUE was running a Perfmon trace and noticed that NonPaged Pool consumption was &gt; 10% for the following tags:&nbsp; LEAK and MxGN. It then automagically collects data needed to help you isolate this further (like Perfmon, Poolmon, and in some instances an ETL trace).</P> <P>&nbsp;</P> <P>Looks like my good friend, Ron wrote me a bad driver that was allocating but not deallocating my memory using the LEAK Tag.</P> <P>&nbsp;</P> <P>*Normally I would show a larger time frame between poolmon data, but this is just for demo purposes. Clearly you see in a matter of minutes the number of Frees is 0 and the number of Bytes is growing.</P> <P>&nbsp;</P> <P>LeakyFlt is bad news as it’s borrowing the OS’s memory and never freeing it. The OS expects for applications to borrow memory and resources, but they should deallocate/Free it as well.</P> <P>&nbsp;</P> <P><STRONG>2021.08.11-02:08:20 UTC (local time of the PC where this was collected)</STRONG></P> <P>&nbsp;</P> <P>&nbsp;Memory: 3669556K Avail: 1492408K&nbsp; PageFlts:4060786&nbsp;&nbsp; InRam Krnl: 9468K P:77912K</P> <P>&nbsp;Commit:2783988K Limit:4586800K Peak:3077384K&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Pool <STRONG>N:536064</STRONG>K P:84252K</P> <P>&nbsp;</P> <P>&nbsp;Tag&nbsp; Type&nbsp;&nbsp;&nbsp;&nbsp; Allocs&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Frees&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Diff&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Bytes&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Per Alloc</P> <P>&nbsp;</P> <P>&nbsp;<STRONG>LEAK Nonp&nbsp; &nbsp; &nbsp; 340&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;0&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;340&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 356515840&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;</STRONG><STRONG>&nbsp;&nbsp;&nbsp;</STRONG><STRONG>1048576</STRONG>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</P> <P>&nbsp;MxGn Nonp&nbsp;&nbsp;&nbsp; 7985&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 6436&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1549&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;55044672&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;35535</P> <P>&nbsp;</P> <P>&nbsp;</P> <P><STRONG>2021.08.11-01:57:13 UTC (local time of the PC where this was collected)</STRONG></P> <P>&nbsp;</P> <P>&nbsp;Memory: 3669556K Avail: 1529880K&nbsp; PageFlts:2763623&nbsp;&nbsp; InRam Krnl: 9480K P:67448K</P> <P>&nbsp;Commit:2544788K Limit:4586800K Peak:2546588K&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Pool <STRONG>N:372744K</STRONG> P:74848K</P> <P>&nbsp;</P> <P>&nbsp;Tag&nbsp; Type&nbsp;&nbsp;&nbsp;&nbsp; Allocs&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Frees&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Diff&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Bytes&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Per Alloc</P> <P>&nbsp;</P> <P>&nbsp;<STRONG>LEAK Nonp&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 200&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;0&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</STRONG><STRONG>&nbsp;&nbsp;</STRONG><STRONG>200&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 209715200&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;</STRONG><STRONG>&nbsp;&nbsp;</STRONG><STRONG>1048576&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </STRONG></P> <P><STRONG>&nbsp;</STRONG>MxGn Nonp&nbsp;&nbsp;&nbsp;&nbsp; 4750&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 3201&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1549&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 55044672&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;35535&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</P> <P>&nbsp;&nbsp;</P> <P><STRONG>&nbsp;</STRONG></P> <P>Clue stepped up and in the TagstoDrivers Folder even tried to help identify what files might be using the tags.</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Becky_12-1634153488960.png" style="width: 711px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/317158i197C9CDED25E1A72/image-dimensions/711x42?v=v2" width="711" height="42" role="button" title="Becky_12-1634153488960.png" alt="Becky_12-1634153488960.png" /></span></P> <P>&nbsp;</P> <P>So, I stopped the service that was using LeakyFlt.sys and BAM the problem is solved.</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Would you like a way to automate your data captures? Would you like a way to gather data on intermittent issues? Ongoing Issues? Reproducible Issues? Tired of manually setting up tools for data capture? Or can’t seem to stop a trace in time? Then CLUE may just be the tool for you.</P> Wed, 13 Oct 2021 20:02:25 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/automating-data-collection-for-memory-cpu-and-disk-issues-using/ba-p/2843412 Becky 2021-10-13T20:02:25Z Difficulty Generating a Memory Dump https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/difficulty-generating-a-memory-dump/ba-p/2351370 <P>Hi there!</P> <P>My name is Teeda, and I am a Support Escalation Engineer on the Windows Performance Team at Microsoft. This blog post provides several suggestions and workarounds when there is difficulty generating a memory dump for bugcheck issues (or even hang scenarios). Special thanks to my colleague, Alisse, for assembling this documentation.</P> <P>&nbsp;</P> <H2>Think about the goal…</H2> <P>Is a bugcheck occurring and you are trying to get a memory dump from that?&nbsp;&nbsp;If so, you can skip the parts about manually triggering a dump.&nbsp;&nbsp;However, you may want to use these settings to test out if you can get a memory dump.&nbsp;&nbsp;This will be faster than waiting for the next bugcheck.</P> <P>&nbsp;</P> <P>Do you need to crash the machine manually?&nbsp;&nbsp;If so, pay attention to the type of machine (virtualized or physical) and the situation we are working with.</P> <P>&nbsp;</P> <H2>Is this a virtual machine?</H2> <H5><STRONG>VMware machines allow to create a snapshot which can then be converted to a memory dump.&nbsp;&nbsp;Often, this is easier than trying to generate the memory dump manually.</STRONG></H5> <OL> <LI>Capture the snapshot in the VMWare console with “Take Snapshot” either at the bugcheck screen or if another issue, at the time of the issue.</LI> <LI>Go to the following website:&nbsp;<A href="#" target="_blank" rel="noopener">https://labs.vmware.com/flings/vmss2core</A></LI> </OL> <OL> <UL> <LI>On the left-hand side, check the Agree and Download box.</LI> <LI>Change the Dropdown to the appropriate OS (vmss2core-sb-8456865.exe).</LI> <LI>Click on download.</LI> </UL> </OL> <OL start="3"> <LI>Once you have downloaded the file, save it on the C drive to a folder called c:\Snapshot</LI> <LI>Copy the vmss or vmsn/vmem file that you wish to convert to that folder.</LI> <LI>Open an elevated command prompt and run the following command: <OL> <LI>cd&nbsp;<STRONG>c:\Snapshot</STRONG> <UL> <LI>For VMs OS until Windows 7/2008R2 use:&nbsp;<STRONG>vmss2core-sb-8456865 –W &lt;snapshot.vmsn/Suspend.vmss&gt; &lt;snapshot.vmem&gt;</STRONG></LI> <LI>For VMs OS Windows 8.1/2012 and above use:&nbsp;<STRONG>vmss2core-sb-8456865 –W8 &lt;snapshot.vmsn/Suspend.vmss&gt; &lt;snapshot.vmem&gt;</STRONG></LI> </UL> </LI> <LI>Replace the '<STRONG>&lt;snapshot.vmsn/Suspend.vmss&gt; &lt;snapshot.vmem&gt;’</STRONG>&nbsp;with the name of the snapshot.</LI> <LI>This process may take a few minutes depending on the size of the snapshot, but it will create a memory.dmp file in the&nbsp;<STRONG>c:\snapshots</STRONG>&nbsp;folder.</LI> </OL> </LI> </OL> <H5><STRONG>There is also the option to use the NMI switch in VMWare as an alternative if taking a snapshot is not an option.&nbsp; Please note you will still need to configure for a memory dump whether it be kernel or complete:&nbsp;</STRONG><A href="#" target="_blank" rel="noopener">https://kb.vmware.com/s/article/2149185</A></H5> <P>&nbsp;</P> <H3><STRONG>Hyper-V Machines allow to save the state of the machine which can then be converted to a memory dump.</STRONG></H3> <UL> <LI>To do this, please right click the VM from Hyper-V manager and click "save" in state.&nbsp; There will be saved state files at the location of the hard disk.</LI> <LI>To allow the VM to continue running, you will need to right click the server and click start. Please OS version of the host machine as this will be needed to use the correct tool for conversion.</LI> <LI>You will need to engage Microsoft to convert the Save state files (.bin/.vsv or .vmrs).</LI> </UL> <P class="lia-indent-padding-left-30px">Alternatively, you can also configure for a manual Hyper-V crash using:&nbsp;<BR />HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hyperkbd\crashdump <BR />HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\hyperkbd\Parameters</P> <P class="lia-indent-padding-left-30px">Configuration information found here:&nbsp;<A href="#" target="_blank" rel="noopener">Forcing a System Crash from the Keyboard - Windows drivers | Microsoft Docs</A></P> <P>&nbsp;</P> <H3><STRONG>For Azure machines, Azure engineers can grab a memory dump or use NMI:</STRONG></H3> <P>Configure for complete memory dump:</P> <P><STRONG>Step 1: Change page file size</STRONG></P> <UL> <LI>Verify the machine has enough free space for 2x the RAM before continuing.</LI> <LI>Launch&nbsp;<STRONG>File Explorer</STRONG>, then right-click&nbsp;<STRONG>This PC</STRONG>. Select<STRONG>&nbsp;Properties</STRONG></LI> <LI>Click&nbsp;<STRONG>Advanced system settings</STRONG>&nbsp;on the System page. Make sure you are on the&nbsp;<STRONG>Advanced</STRONG>&nbsp;tab.</LI> <LI>Click&nbsp;<STRONG>Settings</STRONG>&nbsp;under the&nbsp;<STRONG>Performance</STRONG>&nbsp;area.</LI> <LI>Click the&nbsp;<STRONG>Advanced</STRONG>&nbsp;tab, and then click&nbsp;<STRONG>Change</STRONG>&nbsp;under the&nbsp;<STRONG>Virtual memory area</STRONG>. <UL> <LI><STRONG>Note:</STRONG>&nbsp;To enable the system partition, you must uncheck “<STRONG>Automatically manage paging file size for all drives check box</STRONG>.”</LI> </UL> </LI> </UL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_0-1620920230012.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280519i6E7B84DA1DEE14D7/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_0-1620920230012.png" alt="TeedaN_0-1620920230012.png" /></span></P> <UL> <LI>Select the C:\ drive for page file location.</LI> <LI>Click&nbsp;<STRONG>Custom Size</STRONG>. Set the value of Initial size and Maximum size to the amount of physical RAM that is installed plus 256 megabyte (MB) under the Custom Size button. (RAM*1024 + 256MB = Size in MB)</LI> <LI>Click&nbsp;<STRONG>Set</STRONG>, and then click&nbsp;<STRONG>OK</STRONG>.</LI> </UL> <P><STRONG>Step 2: Configure for a complete memory dump file</STRONG></P> <UL> <LI>Go back to&nbsp;<STRONG>Advanced system settings&nbsp;</STRONG>page</LI> <LI>Click&nbsp;<STRONG>Settings</STRONG>&nbsp;under the&nbsp;<STRONG>Startup and Recovery,</STRONG>&nbsp;and then make sure&nbsp;complete memory dump&nbsp;is selected. <UL> <LI><STRONG>Note</STRONG>: If you want to enable the complete memory dump option, manually set the CrashDumpEnabled registry entry to 0x1 under the following registry subkey and restart Windows: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\</LI> </UL> </LI> <LI>Ensure the path is&nbsp;<STRONG>C:\Windows\MEMORY.DMP (%SystemRoot%\MEMORY.DMP)</STRONG></LI> </UL> <P class="lia-indent-padding-left-90px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_1-1620920230022.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280520i325CCB9B8E79561F/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_1-1620920230022.png" alt="TeedaN_1-1620920230022.png" /></span></P> <UL> <LI>Click&nbsp;<STRONG>OK</STRONG></LI> <LI><STRONG>Reboot VM</STRONG>&nbsp;for settings to take effect</LI> </UL> <P><STRONG>Step 3: Enable Boot Diagnostics for NMI Crash</STRONG></P> <UL> <LI>Login to Azure portal &gt; select VM &gt; Serial Console</LI> </UL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_2-1620920230027.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280521i0312A2757C0E014E/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_2-1620920230027.png" alt="TeedaN_2-1620920230027.png" /></span></P> <UL> <LI>Note: Serial Console requires boot diagnostics enabled</LI> </UL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_3-1620920230030.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280522iA2804351ACEF799B/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_3-1620920230030.png" alt="TeedaN_3-1620920230030.png" /></span></P> <UL> <LI>So, if not enabled, go to Boot Diagnostics &gt; click Settings &gt; Turn On &gt; Save</LI> </UL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_4-1620920230035.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280523iB30114A370DBD3A8/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_4-1620920230035.png" alt="TeedaN_4-1620920230035.png" /></span></P> <P>&nbsp;</P> <P><STRONG>Step 4: Send NMI during issue</STRONG></P> <UL> <LI>When computer is in problem state &gt; Serial Console &gt; click Send Command [1] &gt; click Send Non-Maskable Interrupt (NMI) [2]</LI> </UL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_5-1620920230040.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280524i73E1334B3D9EC5B6/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_5-1620920230040.png" alt="TeedaN_5-1620920230040.png" /></span></P> <UL> <LI>Click Send NMI</LI> </UL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_6-1620920230046.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280525iBB3C28EAB92AB2B8/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_6-1620920230046.png" alt="TeedaN_6-1620920230046.png" /></span></P> <UL> <LI>Dump will be generated.</LI> </UL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_7-1620920230053.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280527iA650A1ACC13988BF/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_7-1620920230053.png" alt="TeedaN_7-1620920230053.png" /></span></P> <UL> <LI>After completes login to VM and dump will be in C:\Windows\MEMORY.DMP</LI> </UL> <P class="lia-indent-padding-left-90px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_8-1620920230058.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280526iA9E5B401B00E67CB/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_8-1620920230058.png" alt="TeedaN_8-1620920230058.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <H4>For AWS machines, try using these steps:&nbsp;<A href="#" target="_blank" rel="noopener">https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/diagnostic-interrupt.html</A></H4> <H4>For Nutanix machines, please engage the vendor to capture the memory dump.</H4> <H2><BR />Do you have the correct configuration?</H2> <P><STRONG>Step 1: Change your page file size</STRONG></P> <UL> <LI>Verify the machine has enough free space for 2x the RAM before continuing.</LI> <LI>Go to&nbsp;<STRONG>Advanced system settings</STRONG></LI> <LI>On the&nbsp;<STRONG>System</STRONG>&nbsp;page, click the&nbsp;<STRONG>Advanced</STRONG>&nbsp;tab.</LI> <LI>Click&nbsp;<STRONG>Settings</STRONG>&nbsp;under the&nbsp;<STRONG>Performance</STRONG>&nbsp;area.</LI> <LI>Click the&nbsp;<STRONG>Advanced</STRONG>&nbsp;tab, and then click&nbsp;<STRONG>Change</STRONG>&nbsp;under the&nbsp;<STRONG>Virtual memory area</STRONG>. <UL> <LI><STRONG>Note:</STRONG>&nbsp;To enable the system partition, you must click to&nbsp;<STRONG>clear the Automatically manage paging file size for all drives check box</STRONG>.</LI> </UL> </LI> <LI>Select the C:\ drive for pagefile location.</LI> <LI>Click&nbsp;<STRONG>Custom Size</STRONG>. Set the value of Initial size and Maximum size to the amount of physical RAM that is installed plus 256 megabytes (MB) under the Custom Size button.</LI> <LI>Click&nbsp;<STRONG>Set</STRONG>, and then click&nbsp;<STRONG>OK three times</STRONG>.&nbsp;</LI> </UL> <P><STRONG>Step 2: Configure for a complete memory dump file</STRONG></P> <UL> <LI>Go back to&nbsp;<STRONG>Advanced system settings</STRONG></LI> <LI>On the&nbsp;<STRONG>System</STRONG>&nbsp;page, click the&nbsp;<STRONG>Advanced</STRONG>&nbsp;tab.</LI> <LI>Click&nbsp;<STRONG>Settings</STRONG>&nbsp;under the&nbsp;<STRONG>Writing debugging information area (Startup and Recovery),</STRONG>&nbsp;and then make sure&nbsp;complete memory dump&nbsp;is selected. <UL> <LI>If the complete memory dump is not an option here, to enable the complete memory dump option, manually set the CrashDumpEnabled registry entry to 0x1 under the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl</LI> </UL> </LI> </UL> <P><STRONG>Step 3: Apply the settings&nbsp;</STRONG></P> <UL> <LI>Ensure there is more space available on the C drive than there is RAM on the machine.</LI> <LI>Please restart the machine for the settings to take effect</LI> </UL> <P>&nbsp;</P> <H2>More Options</H2> <H5>Try to use DedicatedDumpFile.sys - <A href="#" target="_blank" rel="noopener">How to use the DedicatedDumpFile registry value to overcome space limitations on the system drive when capturing a system memory dump | Microsoft Docs</A></H5> <H2>Manual Dump Trigger Options</H2> <H4><STRONG>NMI</STRONG></H4> <P>Does this machine have a NMI switch? This would be in the&nbsp;Integrated Lights Out (iLO) Web interface.&nbsp;Create a DWORD value called&nbsp;NMICrashDump under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl and set it to a 1.&nbsp; Then reboot the machine for the setting to take effect.</P> <P>&nbsp;</P> <H4><STRONG>Keyboard initiated</STRONG></H4> <P>For a USB keyboard, create the following registry entry:</P> <UL> <LI>In HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbdhid\Parameters, create a value named CrashOnCtrlScroll, and set it equal to a REG_DWORD value of 0x01.&nbsp;</LI> </UL> <P>For a PS/2 Keyboard, create the following registry entry:</P> <UL> <LI>In HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i8042prt\Parameters, create a value named CrashOnCtrlScroll, and set it equal to a REG_DWORD value of 0x01.</LI> </UL> <P>Then reboot the machine for the setting to take effect.</P> <P><STRONG>Note:</STRONG>&nbsp;you will need to use the Right Ctrl key + press the ScrLk key twice to trigger the dump with the above settings. If the machine does not have those available, there are other options.&nbsp;<A href="#" target="_blank" rel="noopener">Forcing a System Crash from the Keyboard - Windows drivers | Microsoft Docs</A></P> <P>Ex: Left Ctrl + Space Bar:</P> <P>HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbhid\CrashDump</P> <P>Create DWORD value Dump1keys set to 20 (hex)</P> <P>Create DWORD value Dump2key (note no s here) set to 3d (hex)</P> <P>&nbsp;</P> <H4><STRONG>NotMyFault</STRONG></H4> <P>Use NotMyFault to initiate a crash: <A href="#" target="_blank" rel="noopener">NotMyFault - Windows Sysinternals | Microsoft Docs</A></P> <P>&nbsp;</P> <H4><STRONG>Change the Settings</STRONG></H4> <UL> <LI>Ensure there is enough space to capture the memory dump.&nbsp;&nbsp;We need enough space for the page file, and for the memory dump itself which will be the size of the page file.</LI> <LI>Disable the Autoreboot:(HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\AutoReboot)</LI> <LI>Change the memory dump location to another spot on a local drive</LI> <LI>Ensure the option "Overwrite Any Existing File" (found in Control Panel System) is selected. It is a good idea to leave this box checked and to move or copy the current Memory.dmp file.</LI> </UL> <P>&nbsp;</P> <H4><STRONG>There is dump logging</STRONG></H4> <P>You can create a DWORD registry key HKLM\SYSTEM\CurrentControlSet\Control\CrashControl\EnableLogFile set to 1.&nbsp;&nbsp;You will need to crash the machine twice, then you will see a dumpstack.log file on the root of the C drive which will keep track of what occurs during the action of writing to the page file.</P> <P>&nbsp;</P> <H4><STRONG>Is ASR enabled?</STRONG></H4> <P>Hardware vendors, such as HP, IBM, and Dell, may provide an Automatic System Recovery (ASR) feature. You should disable this feature during troubleshooting. For example, if HP and Compaq's ASR feature is enabled in the BIOS, disable this feature while you are troubleshooting to generate a complete memory.dmp file. For the exact steps, contact your hardware vendor.</P> <H4><BR /><STRONG>Antivirus and Encryption</STRONG></H4> <UL> <LI>Check for any dump filter drivers.</LI> <LI>Remove the encryption to test.</LI> </UL> <P>&nbsp;</P> <H4><STRONG>What else?</STRONG></H4> <UL> <LI>It is possible the paging file on the boot drive is not large enough. To use the "Write Debugging Information To" feature to obtain a complete memory dump file, the paging file on the boot drive must be at least as large as physical memory + 100 MB. When you create a kernel memory dump file, the file is usually around one-third the size of the physical memory on the system. Of course, this quantity will vary, depending on your circumstances.</LI> <LI>Also possible there is not room for the Memory.dmp file in the path specified for writing the memory dump.</LI> <LI>It is possible that the SCSI controller is bad, or the system crash is caused by a bad SCSI controller board.</LI> <LI>If you specify a non-existent path, a dump file will not be written. For example, if you specify the path as C:\Dumpfiles\Memory.dmp and no C:\Dumpfiles folder exists, a dump file will not be written.</LI> <LI>Is the Host Guardian Service enabled on either the host or the guest?&nbsp;&nbsp;There are several settings which may prevent dumps from writing.&nbsp;&nbsp;<A href="#" target="_blank" rel="noopener">Managing the Host Guardian Service | Microsoft Docs</A></LI> </UL> <H4><STRONG>Grab that Page file!</STRONG></H4> <P>Ensure the Autoreboot key is set to 0, and when the bugcheck occurs, boot into winre.&nbsp;&nbsp;Grab the pagefile.sys and rename to memory.dmp</P> <P>&nbsp;</P> Thu, 13 May 2021 15:47:53 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/difficulty-generating-a-memory-dump/ba-p/2351370 TeedaN 2021-05-13T15:47:53Z Change Altitude of Process Monitor (ProcMon) https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/change-altitude-of-process-monitor-procmon/ba-p/2118159 <P>My name is Susan and a small group of us have joined together to provide you documentation on how to view a kernel filter driver in procmon on the stack, that is normally obfuscated.&nbsp; A special thanks to my colleague, Becky Burns for documentation collaboration; and a special shout out to Denis Pasos and Ron Stock for both creating a leaky kernel filter driver, and documentation collaboration.</P> <P>&nbsp;</P> <H2><STRONG>Symptoms or Error</STRONG></H2> <P>If you need to get Procmon's filter to run below us in the filter stack, it has a setting for that. Procmon is typically used to figure out what is happening on the machine, but you do not get to see the activity of things such as virus scanners because they happen at a lower level than the procmon filter. &nbsp;In our case, we have a driver called Leakyflt.sys but in procmon it only shows as FLTMGR.sys but we want to know which driver it is without performing more tracing.</P> <P>&nbsp;</P> <P>From an administrative command prompt, we see the driver LeakyFlt at altitude 372000:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_0-1612809073745.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253396i5036C7B3FA99005A/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_0-1612809073745.png" alt="TeedaN_0-1612809073745.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>In this example below, you will see Procmon’s <STRONG>altitude</STRONG> at <STRONG>385200</STRONG> as well as Legacy Filter Drivers such as <STRONG>vdorctl</STRONG>, and <STRONG>dgmaster:</STRONG></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_1-1612809073800.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253397iFC0FE23AB8AC2C74/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_1-1612809073800.png" alt="TeedaN_1-1612809073800.png" /></span></P> <P>&nbsp;</P> <P>From Procmon, in the stack it looks like</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_2-1612809138460.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253398i81F8121A84E71A92/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_2-1612809138460.png" alt="TeedaN_2-1612809138460.png" /></span></P> <P>&nbsp;</P> <H2><STRONG>Solution</STRONG></H2> <P>Changing the "Altitude" that procmon will run, putting it lower in the filter stack. In doing so, you will be able to see all the activity that you want from most filter drivers. <BR /><BR /></P> <P>To change the altitude of procmon, you will want to perform the following steps:</P> <OL> <LI>Install Procmon (assuming you have not already installed it) <A href="#" target="_blank" rel="noopener">https://docs.microsoft.com/en-us/sysinternals/downloads/procmon</A></LI> <LI>From an Administrative Command prompt, run <STRONG>FLTMC </STRONG>to see the Altitude of the filter drivers:<span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_3-1612809207753.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253399i393629EBEACB0E40/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_3-1612809207753.png" alt="TeedaN_3-1612809207753.png" /></span> <P>In the screenshot, the lowest filter driver altitude is 37200</P> </LI> <LI> <P>Open Registry Editor (RegEdit)</P> <P>Navigate to registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PROCMONXX\</P> <P><STRONG>In Example:</STRONG> PROCMON24 (name may have a different number on your machine)</P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_4-1612809245210.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253400i1380EE79D73017CC/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_4-1612809245210.png" alt="TeedaN_4-1612809245210.png" /></span><STRONG style="font-family: inherit;"><BR />Expand to </STRONG><SPAN style="font-family: inherit;">HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PROCMONXX\Instances\Process Monitor XX instance. (i.e., Process Monitor 24 Instance)</SPAN></LI> <LI><SPAN style="font-family: inherit;">Change the Altitude Regkey value to lower than your lowest filter driver.<BR /></SPAN>For this example: change the Altitude value to <STRONG>40000</STRONG> (which will show you virtually everything that is happening on the machine).&nbsp; Alternatively, you could set the altitude to 372000 if you suspected a specific driver.&nbsp; <P>&nbsp;</P> <P>Ex. Default altitude currently set to 385200</P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_8-1612809353297.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253405i70E6EF92E10D7664/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_8-1612809353297.png" alt="TeedaN_8-1612809353297.png" /></span> <P>Right click on Altitude, change value to <STRONG>40000</STRONG>, click OK</P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_9-1612809353299.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253404iE1A7AAF4F4581DB4/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_9-1612809353299.png" alt="TeedaN_9-1612809353299.png" /></span> <P>&nbsp;</P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_10-1612809353305.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253406i3941C71203BEB413/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_10-1612809353305.png" alt="TeedaN_10-1612809353305.png" /></span></LI> <LI><SPAN style="font-family: inherit;">You must also set the security on the "</SPAN><STRONG style="font-family: inherit;">Process Monitor XX Instance</STRONG><SPAN style="font-family: inherit;">" key and </SPAN><STRONG style="font-family: inherit;"><U>add</U> deny rights for everyone</STRONG><SPAN style="font-family: inherit;"> for "</SPAN><STRONG style="font-family: inherit;">delete</STRONG><SPAN style="font-family: inherit;">" and "</SPAN><STRONG style="font-family: inherit;">set value</STRONG><SPAN style="font-family: inherit;">". &nbsp;Reason being that procmon will try to change its value back right away. &nbsp;You will have to select "</SPAN><STRONG style="font-family: inherit;">Disable inheritance</STRONG><SPAN style="font-family: inherit;">" to be able to set them at the </SPAN><EM style="font-family: inherit;">Process Monitor XX Instance</EM><SPAN style="font-family: inherit;"> level.</SPAN> <P>&nbsp;</P> <P>Right click on <STRONG>Process Monitor 24 Instance</STRONG>, select Permissions…</P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_11-1612809432923.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253408i12CFC4C5C89BC345/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_11-1612809432923.png" alt="TeedaN_11-1612809432923.png" /></span> <P>Click <STRONG>Add</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_12-1612809432926.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253407i5D64CAAF6BF05FB5/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_12-1612809432926.png" alt="TeedaN_12-1612809432926.png" /></span> <P>&nbsp;</P> <P><BR />In “Enter the object names to select:” type <STRONG>Everyone</STRONG>, click <STRONG>Check Names</STRONG>, then click <STRONG>OK.</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_13-1612809490163.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253409iA6A8ECE0B975F640/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_13-1612809490163.png" alt="TeedaN_13-1612809490163.png" /></span> <P>&nbsp;</P> <P>Select <STRONG>Everyone</STRONG>, Click <STRONG>Advanced.</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_14-1612809490166.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253410i58C0F846FDD31CBC/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_14-1612809490166.png" alt="TeedaN_14-1612809490166.png" /></span> <P>&nbsp;</P> <P>Select <STRONG>Everyone</STRONG>, click <STRONG>Edit.</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_15-1612809490174.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253411i92F06FD42DDD8FCA/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_15-1612809490174.png" alt="TeedaN_15-1612809490174.png" /></span> <P>&nbsp;</P> <P>Click <STRONG>Show advanced permissions.</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_16-1612809490184.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253412iA046FFD3FD7112E6/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_16-1612809490184.png" alt="TeedaN_16-1612809490184.png" /></span> <P>&nbsp;</P> <P>Change Type: to <STRONG>Deny</STRONG>, check <STRONG>Set Value</STRONG>, check <STRONG>Delete</STRONG>, click <STRONG>OK.</STRONG></P> <P>(if <STRONG>Read Control</STRONG> is checked, <STRONG><U>uncheck</U></STRONG> it)</P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_17-1612809490188.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253413i797A1AD84AD29B39/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_17-1612809490188.png" alt="TeedaN_17-1612809490188.png" /></span> <P>&nbsp;</P> <P>With <STRONG>Everyone</STRONG> highlighted, select <STRONG>Disable inheritance</STRONG>, click <STRONG>OK</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_18-1612809490192.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253414i11D063FDA7579A51/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_18-1612809490192.png" alt="TeedaN_18-1612809490192.png" /></span> <P>&nbsp;</P> <P>Choose <STRONG>Convert inherited permissions into explicit permissions on this object.</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_19-1612809490195.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253416i2B07DBACD3858744/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_19-1612809490195.png" alt="TeedaN_19-1612809490195.png" /></span> <P>&nbsp;</P> <P>Click <STRONG>OK.</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_20-1612809490199.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253417i50800B642482C5EC/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_20-1612809490199.png" alt="TeedaN_20-1612809490199.png" /></span> <P>&nbsp;</P> <P>Click <STRONG>Yes</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_21-1612809490201.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253415i0A787CB7BD6A741E/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_21-1612809490201.png" alt="TeedaN_21-1612809490201.png" /></span> <P>&nbsp;</P> <P>Click <STRONG>OK</STRONG></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_22-1612809490202.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253418iD60FA038B8FAD42D/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_22-1612809490202.png" alt="TeedaN_22-1612809490202.png" /></span> <P>&nbsp;</P> <P>Exit Registry Editor</P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_23-1612809490208.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253419i263905D36BAB7FA3/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_23-1612809490208.png" alt="TeedaN_23-1612809490208.png" /></span></LI> <LI>If you have already started procmon before doing these changes, you will need to restart the machine. &nbsp;If not, you should be able to just start procmon.</LI> <LI> <P>From an elevated command prompt, run the command <STRONG>fltmc instances</STRONG> and verify that the procmon drivers are running at the altitude that you set (ex. 40000).<BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_24-1612809723632.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/253421i316279F24D43C6CE/image-size/large?v=v2&amp;px=999" role="button" title="TeedaN_24-1612809723632.png" alt="TeedaN_24-1612809723632.png" /></span></P> <P>Then reproduce the scenario you want to capture. Your capture will be even larger than normal.<BR /><SPAN style="font-family: inherit;">Notice now when we review the new procmon, and view Stack we see the name of the driver LeakyFlt.sys.</SPAN></P> </LI> <LI style="list-style-type: none;"> <P>&nbsp;</P> <P><STRONG>Note:</STRONG>&nbsp; You can leave the setting as it just lowers the threshold of what we see.&nbsp; And more is always better when it comes to legacy kernel drivers.&nbsp; Once you get a procmon with that enabled, you can look at the stack and see it.</P> <P><STRONG>Note 2:</STRONG>&nbsp; Will the deny permission for Everyone only impacts that instance?&nbsp; Will it not interfere with other applications/permissions on the machine?</P> <P>It only affects that procmon instance; not all procmons.&nbsp; So, if they installed e.g., something that had their own procmon instance it would not impact it.&nbsp; You can take ownership of the key to delete the key when you are done.</P> <P>&nbsp;</P> </LI> </OL> Mon, 08 Feb 2021 18:52:45 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/change-altitude-of-process-monitor-procmon/ba-p/2118159 TeedaN 2021-02-08T18:52:45Z Windows 10/Server 2016 Graphics Troubleshooting https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-10-server-2016-graphics-troubleshooting/ba-p/2059092 <P>My name is Susan, and I am a Support Escalation Engineer on the Windows Performance Team at Microsoft.&nbsp; A special thanks to my colleague, Dan, for his input.<BR /><BR />This blog will address how to troubleshoot graphics issues in Windows 10 and includes identifying and data collection.</P> <H2>Scenario</H2> <UL> <LI>You have a Windows 10, Server 2016 or later showing graphics corruption such as black bars*, trails*, artifacts* when moving windows, or distortion. (*Defined at end of this post.)</LI> </UL> <P><STRONG><U>Troubleshooting</U></STRONG></P> <P>When you experience graphics corruption, always start by isolating it to a specification application, OS, and identify steps to reproduce the issue.</P> <OL> <LI>First, confirm if the issue is specific to an application. If it’s only a custom in house application, or a 3<SUP>rd</SUP> party application, please engage the vendor of the application.</LI> <LI>Take a screenshot of the distortion, or a video demo’ing the distortion (use your cell phone if necessary).</LI> <LI>In this example, let’s assume Word is the only application impacted:</LI> <OL class="lia-list-style-type-lower-alpha"> <LI>Test starting the application in Safe mode (if applicable) <UL> <LI>Start &gt; Run &gt; <EM>Winword /safe</EM></LI> </UL> </LI> </OL> </OL> <P class="lia-indent-padding-left-120px">OR</P> <OL class="lia-list-style-type-lower-roman"> <OL class="lia-list-style-type-lower-alpha"> <LI style="list-style-type: none;"> <UL> <LI>Hold down the CTRL key while starting the application until the following prompt appears:<BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="wordsafe.png" style="width: 425px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246304i4082388F9F0DBABF/image-size/large?v=v2&amp;px=999" role="button" title="wordsafe.png" alt="wordsafe.png" /></span></LI> </UL> </LI> <LI>If the issue does NOT reproduce, begin investigating Add-ins that may be impacting the application:</LI> <LI>Start the application normally, and Enable Hardware Acceleration <UL> <LI><STRONG>Microsoft Office 2019/16/13</STRONG> is a great software for <STRONG>Windows 10/8</STRONG> if application specific (e.g. Office) test <STRONG>Enabling</STRONG> the <STRONG>Disable Graphics Acceleration</STRONG></LI> <LI>Click File <span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="file.png" style="width: 624px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246303i286A8C318EC18738/image-size/large?v=v2&amp;px=999" role="button" title="file.png" alt="file.png" /></span></LI> <LI>Click Options<BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="options.png" style="width: 165px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246302iE5FEB1F6C322FD6F/image-size/large?v=v2&amp;px=999" role="button" title="options.png" alt="options.png" /></span></LI> <LI>Click Advanced</LI> <LI>Scroll down to the Display Section and Enable <STRONG>Disable Hardware graphics acceleration (screenshot shows it is currently disabled)</STRONG><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="disable.png" style="width: 624px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246310i3DCF41F6BC119104/image-size/large?v=v2&amp;px=999" role="button" title="disable.png" alt="disable.png" /></span></STRONG></LI> </UL> </LI> </OL> </OL> <P>If the issue is more systemic:</P> <OL> <LI>Update the Graphics Card driver/GPU to the latest drivers and reboot <OL class="lia-list-style-type-lower-alpha"> <LI>Use Device Manager and click on Display Adapters<span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="display.png" style="width: 370px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246300i16916E864E21D911/image-size/large?v=v2&amp;px=999" role="button" title="display.png" alt="display.png" /></span></LI> <LI>Select the adapter, right-click and select Update driver</LI> <LI><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="updatedriver.png" style="width: 479px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246309i774CA8C1649ED4EE/image-size/large?v=v2&amp;px=999" role="button" title="updatedriver.png" alt="updatedriver.png" /></span></LI> </OL> </LI> <LI>Test using a lower video resolution on the OS or the Base video <OL class="lia-list-style-type-lower-alpha"> <LI>Start &gt; Search &gt; MSConfig<span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="base.png" style="width: 624px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246308i8F0D5DFCEA7E91CA/image-size/large?v=v2&amp;px=999" role="button" title="base.png" alt="base.png" /></span></LI> </OL> </LI> <LI>Boot into Windows Safe Mode with network and test <OL class="lia-list-style-type-lower-alpha"> <LI>Start &gt; Search &gt; MSConfig<span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="network.png" style="width: 624px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246307i465C75FBA0B9D07E/image-size/large?v=v2&amp;px=999" role="button" title="network.png" alt="network.png" /></span></LI> </OL> </LI> <LI>In many versions of Windows 10, WPR is built in. Use either following the GUI or command line below&nbsp; <PRE>wpr<STRONG style="color: #3e3e3e; font-family: Menlo, Monaco, Consolas, 'Courier New', monospace; font-size: 13px;"> -start gpu -start video -start audio</STRONG></PRE> <OL> <LI style="list-style-type: none;"> <UL> <LI>Reproduce the issue e.g. run a workload such as video playback or a real time communications scenario, or dragging an application across the screen.</LI> <LI>Run the following command:</LI> </UL> <PRE><STRONG>wpr -stop Media.etl</STRONG></PRE> </LI> </OL> </LI> <LI>Run DxDiag <OL class="lia-list-style-type-lower-alpha"> <LI>Start &gt; Search &gt; DxDiag<BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="dxdiag.png" style="width: 210px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246306i88E16E621205C180/image-size/large?v=v2&amp;px=999" role="button" title="dxdiag.png" alt="dxdiag.png" /></span></LI> <LI>Check the Video drivers and confirm they are up to date.&nbsp; If an update was just applied, you may wish to rollback and test.</LI> <LI>Lastly, <STRONG>Save All</STRONG> <DIV id="tinyMceEditorTeedaN_1" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <DIV id="tinyMceEditorTeedaN_3" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <DIV id="tinyMceEditorTeedaN_4" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <DIV id="tinyMceEditorTeedaN_5" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="saveall.png" style="width: 624px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/246299iD0EABD9CE88B8464/image-size/large?v=v2&amp;px=999" role="button" title="saveall.png" alt="saveall.png" /></span></P> </LI> </OL> </LI> <LI>Last resort: gather a complete memory dump of the Operating System while the distortion is present.</LI> </OL> <P>&nbsp;</P> <P><STRONG>*Glossary and Guide: graphics issues</STRONG></P> <UL> <LI><STRONG>Black Bars:&nbsp;</STRONG> desktop may appear to have black lines either vertical or horizontal.</LI> <LI><STRONG>Trails and Artifacts:&nbsp;</STRONG>On moving a tiled window or application, it may leave a trail of what appears to be orphaned.&nbsp;</LI> </UL> <P>&nbsp;</P> Wed, 03 Feb 2021 17:22:13 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-10-server-2016-graphics-troubleshooting/ba-p/2059092 TeedaN 2021-02-03T17:22:13Z Alternative Tools for Application Hangs https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/alternative-tools-for-application-hangs/ba-p/1685245 <P>My name is Susan Buchanan and today I’d like to discuss some basic troubleshooting for applications hangs using <STRONG>Task Manager, Resource Monitor,</STRONG> and <STRONG>WaitingOn</STRONG> outside of getting an application dump.&nbsp; A special shout out to Leo Fagundes for writing the WaitingOn application.</P> <P><BR />Troubleshooting application hangs is key to resolution. Getting an application dump will not always be a smoking gun and should be used as a last resort for various reasons as missing symbols for 3<SUP>rd</SUP> party applications or waiting on other processes.</P> <P>&nbsp;</P> <P><STRONG>Task Manager &amp; Resource Monitor – Analyze Wait Chain:</STRONG> Beginning with Windows 8, in 2014 we added new options into Task Manager as well as Resource Monitor was the “Analyze Wait Chain” option when you right-click on a task in the Details view. This allows you to see what processes are waiting for a resource that is being used by another process.</P> <UL> <LI>What this means is that if you have an application hanging for some reason, you can analyze the wait chain to see whether it is waiting on something that is in use.</LI> <LI>Additional Information on how to prevent hangs in windows applications:<BR /><A href="#" target="_blank" rel="noopener">https://docs.microsoft.com/en-us/windows/win32/win7appqual/preventing-hangs-in-windows-applications</A> and a Blog which talks about the “analyze wait chain” feature: <BR /><A href="#" target="_blank" rel="noopener">https://blogs.technet.microsoft.com/tip_of_the_day/2014/03/01/tip-of-the-day-wait-chain-analyzer/</A></LI> </UL> <P>&nbsp;</P> <H3><STRONG>WaitingOn.exe</STRONG> a simple tool that helps troubleshoot hung applications and services.&nbsp;</H3> <P>WaitingOn.exe is available at <A href="#" target="_blank" rel="noopener">https://github.com/leonardomsft/WaitingOn/releases/download/v1.1/WaitingOn.exe</A>, and besides functional, it’s still experimental. Use it with caution. If you install it on a customer’s machine, please remove it at the end of the troubleshooting session.</P> <P>WaitingOn.exe displays all the blocked threads from a process and what they are Waiting On. It can also display all blocked threads for all processes in the system.</P> <P>WaitingOn.exe leverages the Wait Chain Traversal (WCT) API introduced in Windows 2008/Vista. The WCT API is the one behind the "Analyze Wait Chain" functionality in Task Manager and Resource Monitor.</P> <P>&nbsp;</P> <H3><STRONG>Task Manager</STRONG></H3> <P>One of the new options added into Task Manager in recent versions was the “Analyze Wait Chain” option when you right-click on a task in the Details view. This allows you to see what processes are waiting for a resource that is being used by another process.</P> <P>What this means is that if you have an application hanging for some reason, you can analyze the wait chain to see whether it is waiting on something that is in use.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_0-1600442457986.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219568iD73D3F65AB41DC1B/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_0-1600442457986.png" alt="TeedaN_0-1600442457986.png" /></span></P> <P>&nbsp;</P> <P>For instance, we printed from Word, and then used this option while the print process was happening to see what would happen. In this case, Word was waiting for splwow64.exe, which handles printing from 32-bit applications.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_1-1600442457996.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219570i9A7B47CE509D4D97/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_1-1600442457996.png" alt="TeedaN_1-1600442457996.png" /></span></P> <P>&nbsp;</P> <P>It’s worth noting that because Word is written properly, the GUI interface doesn’t actually hang while it is waiting for the other process.&nbsp;</P> <P>In this case the process is working correctly and is not hung.</P> <P>For 3<SUP>rd</SUP> party applications, it may show you other processes it is waiting on.&nbsp; If the selected process is waiting for another process, a tree organized by dependency on other processes will be displayed. (See screenshot above).<BR /><STRONG>NOTE:</STRONG> <EM>Many system processes depend on other processes and services for normal operation. Both Task Manager and Resource Monitor will display </EM><A href="#" target="_blank" rel="noopener"><STRONG><EM>wait chain</EM></STRONG></A><EM> information for any process. </EM></P> <P>&nbsp;</P> <P><STRONG><EM><U>In a second scenario BadApp.exe is not responding</U></EM></STRONG></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_2-1600442458006.png" style="width: 583px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219569iC80AA2B3C99DB5BA/image-dimensions/583x107?v=v2" width="583" height="107" role="button" title="TeedaN_2-1600442458006.png" alt="TeedaN_2-1600442458006.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>We attempt to Analyze Wait Chain from within Task Manager</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_3-1600442458009.png" style="width: 288px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219571i8A9572AA9A7757A2/image-dimensions/288x425?v=v2" width="288" height="425" role="button" title="TeedaN_3-1600442458009.png" alt="TeedaN_3-1600442458009.png" /></span></P> <P>&nbsp;</P> <P>If the application is not waiting on anything, it will be empty:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_4-1600442458018.png" style="width: 482px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219572i5A8B1F5D86EEAAFE/image-dimensions/482x335?v=v2" width="482" height="335" role="button" title="TeedaN_4-1600442458018.png" alt="TeedaN_4-1600442458018.png" /></span></P> <P>&nbsp;</P> <P>If the application is waiting on something, it will show the process it is waiting for:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_5-1600442458027.jpeg" style="width: 479px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219573i046675FC8E34B49C/image-dimensions/479x371?v=v2" width="479" height="371" role="button" title="TeedaN_5-1600442458027.jpeg" alt="TeedaN_5-1600442458027.jpeg" /></span></P> <P>(In this example you can see that Perfmon is waiting on a svchost). We will dig deeper into this in a few moments.</P> <P>&nbsp;</P> <H3><STRONG>Resource Monitor</STRONG></H3> <P><STRONG><EM><U>Use case example: Badapp</U></EM></STRONG></P> <P>Start Resource Monitor by either typing ResMon from the search box or starting the Resource Monitor icon from the Start Menu.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_6-1600442458029.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219574i2375F5E0C4925D91/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_6-1600442458029.png" alt="TeedaN_6-1600442458029.png" /></span></P> <P>&nbsp;</P> <P>In Resource Monitor we see badapp.exe is not responding.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_7-1600442458047.png" style="width: 593px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219576i289879DA1D009960/image-dimensions/593x242?v=v2" width="593" height="242" role="button" title="TeedaN_7-1600442458047.png" alt="TeedaN_7-1600442458047.png" /></span></P> <P>&nbsp;</P> <P><EM>If a process entry in the table is not <STRONG>red</STRONG>, if the process status is <STRONG>Running</STRONG>, and if the program is operating normally, then no action should be required by you</EM>.<BR /><EM>If a process entry in the table is <STRONG>red</STRONG>, if the process status is <STRONG>not running</STRONG>, and if the program is&nbsp; not operating normally, then you can try killing the process it is waiting on starting with the child processes in red first, then moving to the parent processes.<BR /><BR /></EM>You can start a “wait chain analysis” from Resource Monitor as well, simply do a right click on the process you want to investigate.</P> <P>&nbsp;</P> <P><U><STRONG>Using WaitingOn.exe &amp; it’s Advantages</STRONG></U></P> <P><STRONG>WaitingOn.exe</STRONG> has the following advantages over Task Manager and Resource Monitor:</P> <OL> <LI>It displays what type of object is blocking the thread.</LI> <LI>It displays the name of the object blocking the thread.</LI> <LI>It can be scripted.</LI> <LI>It can be run against a computer that you can't logon (by using PsExec or Remote Powershell).</LI> </OL> <P>WaitingOn.exe was built on top of the sample WCF code available in the MSDN documentation.</P> <P>&nbsp;</P> <P><STRONG><EM><U>Use case example: Badapp</U></EM></STRONG></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_8-1600442458053.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219575i60EFA5BD25764827/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_8-1600442458053.png" alt="TeedaN_8-1600442458053.png" /></span></P> <P>As seen earlier, this process is the parent process that is hung and is not waiting on any other processes thread.</P> <P><STRONG><EM><U><BR />Use case example : Perfmon</U></EM></STRONG></P> <P>In this example, we had a hung perfmon.exe window that was not responding to mouse clicks. Attempting to run the Analyze Wait Chain command from Task Manager produced the following results:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_9-1600442458070.jpeg" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219579iBC1ACC71BC43C1B0/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_9-1600442458070.jpeg" alt="TeedaN_9-1600442458070.jpeg" /></span></P> <P>&nbsp;</P> <P>We can see that perfmon.exe (PID 3292) is waiting on an svchost process (PID 1564), but since it hosts many services, there is not much we can do.</P> <P><STRONG>&lt;background information&gt;<BR /></STRONG>If you encounter a service host with multiple services, always consider isolating the services. In Windows 10 / WS 2016 we have introduced the change by default (if you have more than 4 GB RAM). To isolate a service, we use the sc.exe command line tool: <BR />sc config &lt;servicename&gt; type= own <BR /><EM>Important: there is a space between type= and own which is required!<BR /></EM><A href="#" target="_blank" rel="noopener">https://docs.microsoft.com/de-de/windows-server/administration/windows-commands/sc-config</A> <BR /><STRONG>&lt;/background information&gt;</STRONG></P> <P>Now, running WaitingOn.exe against the hung perfmon.exe revealed that Thread 7352 was blocked by an Alpc called “\RPC Control\DNSResolver”, which was found in the svchost.exe handle list:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_10-1600442458072.jpeg" style="width: 738px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219577i5D5964C51D19FEBD/image-dimensions/738x94?v=v2" width="738" height="94" role="button" title="TeedaN_10-1600442458072.jpeg" alt="TeedaN_10-1600442458072.jpeg" /></span></P> <P>&nbsp;</P> <P>We then can use Process Explorer to further investigate or kill that object (which might result in unexpected behavior!)</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_11-1600442458081.jpeg" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/219578i904B24E44B83C187/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_11-1600442458081.jpeg" alt="TeedaN_11-1600442458081.jpeg" /></span></P> <P>&nbsp;</P> <P>In this case we decided to simply restart the associated service (DNS Cache service) which unfroze the perfmon.exe window.</P> <P>&nbsp;</P> <P><STRONG>Additional information: </STRONG></P> <P>Links within this article:</P> <UL> <LI>Additional Information on how to prevent hangs in windows applications:<BR /><A href="#" target="_blank" rel="noopener">https://docs.microsoft.com/en-us/windows/win32/win7appqual/preventing-hangs-in-windows-applications</A></LI> <LI>and a Blog which talks about the “analyze wait chain” feature: <BR /><A href="#" target="_blank" rel="noopener">https://blogs.technet.microsoft.com/tip_of_the_day/2014/03/01/tip-of-the-day-wait-chain-analyzer/</A></LI> <LI>WaitingOn.exe at github: <A style="font-family: inherit; background-color: #ffffff;" href="#" target="_blank" rel="noopener">https://github.com/leonardomsft/WaitingOn/releases/download/v1.1/WaitingOn.exe</A><SPAN style="font-family: inherit;">,</SPAN></LI> <LI>Wait Chain Traversal:<BR /><A href="#" target="_blank" rel="noopener">https://docs.microsoft.com/de-de/windows/win32/debug/wait-chain-traversal</A></LI> <LI>sc command line options: <BR /><A style="font-family: inherit; background-color: #ffffff;" href="#" target="_blank" rel="noopener">https://docs.microsoft.com/de-de/windows-server/administration/windows-commands/sc-config</A></LI> </UL> Fri, 18 Sep 2020 18:40:33 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/alternative-tools-for-application-hangs/ba-p/1685245 TeedaN 2020-09-18T18:40:33Z MYSTERY MEMORY LEAK: WHERE DID MY MEMORY GO?! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/mystery-memory-leak-where-did-my-memory-go/ba-p/1675369 <P>Hello,<BR /><BR /></P> <P>My name is Jeffrey Worline, and I am a Senior Support Escalation Engineer on the Windows Performance Team at Microsoft. This blog addresses how to troubleshoot unaccounted memory usage or leak to include identifying and data collection.</P> <P>&nbsp;</P> <P>If you already determined the process consuming memory, check out my previous blog post: <A href="https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/memory-leaks-in-a-process/ba-p/1655208" target="_blank" rel="noopener">Memory Leaks in a Process</A></P> <P>&nbsp;</P> <H3><FONT size="5">Scenario</FONT></H3> <UL> <LI>When you cannot reconcile the amount of RAM being used with task manager, resource monitor, or perfmon collection.</LI> <LI>Large chunk of RAM being used but you cannot see where or by what.</LI> </UL> <H2>Troubleshooting</H2> <H4><STRONG>Scenario A</STRONG></H4> <P>When large amount of RAM is being used by not accounted for in task manager or resource manager. How do we find or account where that mystery memory is being used?&nbsp;<A href="#" target="_blank" rel="noopener">RAMMap</A>&nbsp;from Sysinternals is the tool needed for the job.</P> <OL> <LI>First, when looking in task manager and at the memory usage by processes to view memory usage, ensure you also look in the Memory box on the performance tab – the amount of cached, paged pool, and non-paged pool memory usage.</LI> </OL> <P>&nbsp;</P> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_0-1600280617707.png" style="width: 590px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/218793iB1FB5D470108BF94/image-dimensions/590x317?v=v2" width="590" height="317" role="button" title="TeedaN_0-1600280617707.png" alt="TeedaN_0-1600280617707.png" /></span></P> <P>&nbsp;</P> <OL start="2"> <LI>Download <A href="#" target="_blank" rel="noopener">RAMMap</A></LI> <LI>Launch RAMMap to have it take a snapshot of memory usage.</LI> </OL> <P>&nbsp;</P> <H4><STRONG>Glossary and Guide to the column and row headings</STRONG></H4> <H4><U><STRONG>Stages of memory</STRONG></U></H4> <UL> <LI><STRONG>Active:&nbsp;</STRONG>Pages of physical RAM in active use by the specified category (usually a process working set or the system working set).</LI> <LI><STRONG>Standby:&nbsp;</STRONG>Pages of physical RAM not actively being used. These are still left in physical RAM but will be repurposed first by the memory manager (either returned to the active list or zeroed out and reused) if something needs physical ram for active pages.</LI> <LI><STRONG>Modified:&nbsp;</STRONG>Similar to Standby, but these are pages of physical RAM that have been changed and must be flushed to disk before reusing them.</LI> <LI><STRONG>Modified no write:&nbsp;</STRONG>Similar to modified pages but have been marked not to write out to disk.</LI> <LI><STRONG>Transition:&nbsp;</STRONG>Pages that are in transition between any of the other categories</LI> <LI><STRONG>Zeroed:&nbsp;</STRONG>Pages that have been zeroed out and are ready to be used – they can be quickly allocated for new physical memory allocations</LI> <LI><STRONG>Free:&nbsp;</STRONG>Free pages are free to be used but have some type of “dirty” data in them so they must be zeroed for security reasons before given to a user process.&nbsp; These are usually pages that have been freed by an existing process.</LI> <LI><STRONG>Bad:&nbsp;</STRONG>These are physical pages that have been marked as bad.</LI> </UL> <P>Areas of interest would be the following rows to check for high memory consumption to account where the rest of your memory is being used.</P> <P>&nbsp;</P> <P><STRONG>TIP:</STRONG></P> <P>If you have a memory leak and get to the point of almost running out of memory, the normal procedure is to reboot the machine in order to clear out the memory. You can use RAMMap to clear areas of memory negating the need to reboot the machine.</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_1-1600280617712.jpeg" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/218792i7AAF6FD8665AD4D9/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_1-1600280617712.jpeg" alt="TeedaN_1-1600280617712.jpeg" /></span></P> <P>&nbsp;</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</P> <P><STRONG>&nbsp;</STRONG></P> <H4><U><STRONG>Types of memory usage</STRONG></U></H4> <UL> <LI><STRONG>Process Private:</STRONG> Memory allocated for use only by a single process.</LI> <LI><STRONG>Mapped file:</STRONG> Mapped “views” of files are when the contents of that file are mapped to virtual addresses in memory.</LI> <LI><STRONG>Shareable:</STRONG> Pages that have been marked as shared can be used by multiple processes.</LI> <LI><STRONG>Paged Pool:</STRONG> Kernel pooled memory that <U>can</U> be paged to disk.</LI> <LI><STRONG>Nonpaged Pool:</STRONG> Kernel pooled memory that <U>cannot</U> be paged to disk.</LI> <LI><STRONG>Session Private:</STRONG> Memory that is private to a particular logged in session. This will be higher on RDS Session Host server.</LI> <LI><STRONG>Metafile:</STRONG> Metafile is a part of the system cache containing NTFS metadata and used to increase the performance of the file system.</LI> <LI><STRONG>AWE:</STRONG> You will typically see this used by SQL or other database applications.</LI> <LI><STRONG>Driver Locked:</STRONG> These are pages that have been locked in physical RAM by a driver. Usually see this usage with Hyper-V or VMware virtual machines.</LI> <LI><STRONG>Large Page: </STRONG>Normal page size for Windows memory is 4kb on x64 systems. But with large pages, the size is 2mb. SQL Server and Oracle support the concept of Large Pages when allocating memory.</LI> </UL> <P>&nbsp;</P> <P>In this snapshot, you can see that about half of the physical RAM being used is by Mapped Files:<BR />&nbsp;</P> <P class="lia-indent-padding-left-30px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_2-1600280617722.png" style="width: 672px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/218794iF7D91590C1BFA4AC/image-dimensions/672x274?v=v2" width="672" height="274" role="button" title="TeedaN_2-1600280617722.png" alt="TeedaN_2-1600280617722.png" /></span></P> <P>&nbsp;</P> <OL start="4"> <LI>In this example, next we would click on the Physical Pages tab</LI> <LI>Now at the bottom of the tool select "Use" for the Filter and "is" select "Mapped File" from the drop down.</LI> </OL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_3-1600280617722.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/218795i51E109F7B4F19497/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_3-1600280617722.png" alt="TeedaN_3-1600280617722.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>This will now show you all the mapped file entries.</P> <OL start="6"> <LI>Next, I would click on the File Name column heading to group similar file names so at this point I could look to see if all the mapping were going to the same path or general path to help determine what is causing all the mapped files.</LI> </OL> <P>&nbsp;</P> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_4-1600280617728.png" style="width: 629px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/218796iE0587AED87E568F2/image-dimensions/629x99?v=v2" width="629" height="99" role="button" title="TeedaN_4-1600280617728.png" alt="TeedaN_4-1600280617728.png" /></span></P> <P>&nbsp;</P> <P>This information is not something you will see any place else other than an RAMMap or memory dump.</P> <P>&nbsp;</P> <P><BR /><BR /></P> <P><STRONG>Scenario B</STRONG><BR />On a VMWare or Hyper-V system, the hypervisor can take memory away from one VM and give it to another VM. It does this by using a driver loaded in the VM to "lock" the memory at the kernel level which can then be given to another VM. If too much memory is taken away, this will cause working set trimming and general performance issues. Standard perfmon memory counters will not provide the info to account for the missing memory. This driver locked or "ballooned" memory can be seen 4 different ways depending on the OS.<BR /><BR />VMWare console - Memory and processor utilization for each VM will be clearly seen in the VMWare console. If you have access to the console, then this is the preferred method to see the state of memory in the VM.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_5-1600280617740.png" style="width: 642px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/218797i208538B4CBBBADB3/image-dimensions/642x318?v=v2" width="642" height="318" role="button" title="TeedaN_5-1600280617740.png" alt="TeedaN_5-1600280617740.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>VMware performance counters - When VMWare tools are installed, VMware performance counters are also created. These can be manually loaded in Performance Monitor or use the logman.exe method below to set up perfmon collection.</P> <P>&nbsp;</P> <H3>Example of Logman to collect VMWare processor and memory counter:</H3> <P>The following will configure the counters, set logging to circular with max file size of 300 mb, and take a counter reading every 3 seconds.</P> <UL> <LI>The resultant log will be place in c:\perflogs.</LI> </UL> <P>&nbsp;</P> <P>&lt;&lt;Start Search&gt;&gt;, enter "<STRONG>CMD.exe</STRONG>" w/o the quotation marks and then press Enter.</P> <UL> <LI>Copy and paste the following command into the command prompt window:</LI> </UL> <PRE><STRONG>Logman.exe create counter PerfLog-Short -o "c:\perflogs\PerfLog-Short.blg" -f bincirc -v mmddhhmm -max 300 -c "\LogicalDisk(*)\*" "\Memory\*" "\Cache\*" "\Network Interface(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Processor(*)\*" "\Processor Information(*)\*" "\Process(*)\*" "\Thread(*)\*" "\Redirector\*" "\Server\*" "\System\*" "\Server Work Queues(*)\*" "\Terminal Services\*" "\VM Processor\*" "\VM Memory\*" -si 00:00:03</STRONG></PRE> <P>&nbsp;</P> <UL> <LI>Start the log with:</LI> </UL> <PRE><STRONG>Logman.exe start PerfLog-Short</STRONG></PRE> <P>&nbsp;</P> <UL> <LI>To stop perfmon log:</LI> </UL> <PRE><STRONG>Logman.exe stop PerfLog-Short</STRONG></PRE> <P>Example output from Perfmon:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_6-1600280617742.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/218798i397F5D9182C984F4/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_6-1600280617742.png" alt="TeedaN_6-1600280617742.png" /></span></P> <P>&nbsp;</P> <P>Example Sysinternals&nbsp;<A href="#" target="_blank" rel="noopener">RAMMap</A>:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TeedaN_7-1600280617751.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/218799i021B7A9F1906C0B2/image-size/medium?v=v2&amp;px=400" role="button" title="TeedaN_7-1600280617751.png" alt="TeedaN_7-1600280617751.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>- Jeffrey Worline</P> Wed, 16 Sep 2020 21:06:47 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/mystery-memory-leak-where-did-my-memory-go/ba-p/1675369 TeedaN 2020-09-16T21:06:47Z Memory Leaks in a Process https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/memory-leaks-in-a-process/ba-p/1655208 <P>Hello,</P> <P>&nbsp;</P> <P>My name is Jeffrey Worline, and I am a Senior Support Escalation Engineer on the Windows Performance Team at Microsoft. This blog addresses troubleshooting leaks occurring in a process to include identifying and data collection. This article assumes that you have already identified the process that is leaking. If you have not yet been able to identify where your leak is, please see my blog: <A href="https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/mystery-memory-leak-where-did-my-memory-go/ba-p/1675369" target="_self"><STRONG>MYSTERY MEMORY LEAK: WHERE DID MY MEMORY GO?!</STRONG></A></P> <P>&nbsp;</P> <P><STRONG>First thing we need to determine is memory consumption being caused by private data, heap data or some other memory type. We need to address the memory types differently.</STRONG></P> <UL> <LI>Download a Windows Sysinternals tool called&nbsp;<A href="#" target="_blank" rel="noopener">VMMap</A></LI> </UL> <P>VMMap is an utility application analyzing virtual and physical memory. It shows a breakdown of a process's committed virtual memory types as well as the amount of physical memory (working set) assigned by the operating system to those types.</P> <P>This tool is used to attach to an individual process allowing a snapshot to be taken to see the memory map for that process.</P> <UL> <LI>Simply launch VMMap and from the process list it displays, pick the instance showing the high private working set.</LI> </UL> <P>If the high memory is being caused by Heap, you will need to enable User Stack Tracking (UST) against the process using gflags.exe which is part of the Debugging Tools for Windows.</P> <P><STRONG>Note:</STRONG>&nbsp;If the high memory shows as Private Data or some other type other than heap, simply continue with getting procdump when memory usage is high.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="MS_PerfGuy_0-1599777963734.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/217677i34934A31822305E0/image-size/medium?v=v2&amp;px=400" role="button" title="MS_PerfGuy_0-1599777963734.png" alt="MS_PerfGuy_0-1599777963734.png" /></span></P> <P>&nbsp;</P> <P><STRONG>Disclaimer</STRONG>: The intent of this blog is not to teach you how to debug. If you are not familiar with debugging process dumps, please open a case with Microsoft support for assistance</P> <P>&nbsp;</P> <P><STRONG>Scenario A: Uniquely named process with high memory by Heap</STRONG></P> <OL> <LI>Download&nbsp;<A href="#" target="_blank" rel="noopener">Debugging Tools for Windows</A></LI> </OL> <P class="lia-indent-padding-left-60px">Just need the standalone version since we only need the debugging tool and not the whole WDK package.</P> <P class="lia-indent-padding-left-60px"><STRONG>Note:</STRONG>&nbsp;If the high memory shows as Private Data or some other type other than heap, simply continue with getting procdump when memory usage is high.</P> <P>&nbsp;</P> <OL start="2"> <LI>Go to the directory where you installed the tool and you will find <STRONG>gflags.exe</STRONG> as one of the files, right-click on it and select “Run as administrator.”</LI> <LI>Click on “Image File” tab.</LI> <LI>Type in the process name, for example notepad.exe&nbsp;</LI> </OL> <P class="lia-indent-padding-left-60px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="tenieman_0-1599772935724.png" style="width: 465px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/217640i09D89D2F63D0F005/image-dimensions/465x456?v=v2" width="465" height="456" role="button" title="tenieman_0-1599772935724.png" alt="tenieman_0-1599772935724.png" /></span></P> <P>&nbsp;</P> <OL start="5"> <LI>Hit the keyboard TAB key to refresh</LI> <LI>Place check mark in “Create user mode stack trace database.”</LI> </OL> <P class="lia-indent-padding-left-60px"><STRONG style="font-family: inherit;">Note</STRONG><SPAN style="font-family: inherit;">: Be sure to reverse your gflag setting also by unchecking the “Create user mode stack trace database” when no longer needed.</SPAN></P> <OL start="7"> <LI>Click “OK”.</LI> <LI>The process or service will need to be restarted to put in to effect.</LI> <LI>Get procdump of process when memory is high.</LI> </OL> <P>&nbsp;</P> <P><STRONG>Scenario B: High memory occurring in svchost.exe process by Heap</STRONG></P> <P>If the svchost process contains more than one service, you will need to break each service out to run in its own svchost process to determine which service is causing the high memory. Once that has been determined, then need to uniquely name that svchost process the service runs in and then enable UST against it. You <STRONG>do not</STRONG> want to enable UST globally against all svchost process as it will put a serious performance hit.</P> <P class="lia-indent-padding-left-30px"><STRONG>Note:</STRONG>&nbsp;We don't ever want to enable UST against svchost.exe as that would enable against any and all instances of svchost.exe running and could cause a performance hit on the machine because of the overhead.</P> <P class="lia-indent-padding-left-30px">&nbsp;</P> <OL> <LI>Use Task Manager to document the PID of the service that is demonstrating high memory usage.</LI> <LI>From administrative command prompt run following command: <PRE><STRONG>tasklist /svc</STRONG></PRE> </LI> <LI>Using PID you documented from Task Manager, locate that svchost process and document the services that it is hosting.</LI> <LI>Break each service out into its own svchost process if it is a shared svchost process hosting several services by running following command for each service:&nbsp; <PRE><STRONG style="font-family: inherit;">sc config &lt;service name&gt; type= own&nbsp;<BR /></STRONG></PRE> replace &lt;service name&gt; with actual service name<BR /><STRONG style="font-family: inherit;">Note</STRONG><SPAN style="font-family: inherit;">: there is no space in “type=” and there is a space between “= own”</SPAN></LI> </OL> <OL start="5"> <LI>Restart the service for setting to take effect.</LI> <LI>Verify the services are running in their own svchost process by running <STRONG>tasklist /svc</STRONG> from command prompt again.</LI> <LI>At this point, you have broken each service out into its own svchost process; now identify which service was driving up memory usage before proceeding to next step.</LI> <LI>Once the service has been identified, from administrative command prompt change command focus to c:\windows\system32 folder if needed and run following command: <PRE><STRONG>copy svchost.exe &lt;unique name&gt;</STRONG></PRE> </LI> </OL> <P class="lia-indent-padding-left-60px">Replace &lt;unique name&gt; with something that represents the service. Example for wmi service - wmisvchost.exe</P> <OL start="9"> <LI>Launch registry editor (Start &gt; Run &gt; “regedit.exe”) and navigate to HKLM\System\CurrentControlSet\Services then the appropriate key for the service you are uniquely naming svchost process for.</LI> <LI>Modify existing ImagePath from&nbsp;%systemroot%\system32\svchost.exe -k netsvcs to&nbsp;%systemroot%\system32\&lt;unique name&gt; -k netsvcs</LI> </OL> <P class="lia-indent-padding-left-60px">Replace &lt;unique name&gt; with that used in step 8. In this example that would be:&nbsp;%systemroot%\system32\wmisvchost.exe -k netsvcs</P> <P class="lia-indent-padding-left-60px"><STRONG>Note</STRONG>: Backup the registry key before modifying it</P> <OL start="11"> <LI>Restart the service.</LI> <LI>Use gflags as noted earlier to enable “<STRONG>Create user mode stack trace database</STRONG>” against the uniquely name svchost process, then restart the service to apply the new settings.</LI> </OL> <P class="lia-indent-padding-left-60px"><STRONG>Note:</STRONG>&nbsp;It is important that you go back and reverse what you did in step 4 and modify path back to original after you are no longer needing the service to be broken out and uniquely named as failure to do so can prevent future hotfixes from being installed associated with that service.</P> <P class="lia-indent-padding-left-60px">To reverse, replace sc config &lt;service name&gt; type= own with&nbsp;<STRONG>sc config &lt;service name&gt; type= share</STRONG></P> <P class="lia-indent-padding-left-60px">Reverse your gflag setting also by unchecking the “Create user mode stack trace database”.</P> <P class="lia-indent-padding-left-60px">Reverse your setting in the registry under the service key for the ImagePath.</P> <OL start="13"> <LI>Get a procdump of the process when memory is high.</LI> </OL> <P>&nbsp;</P> <P><STRONG>Directions for Procdump</STRONG></P> <OL> <LI>Download <A href="#" target="_blank" rel="noopener">Procdump</A> tool from Sysinternals</LI> </OL> <P class="lia-indent-padding-left-60px"><STRONG>Note</STRONG>: Use procdump if dumping 32-bit process and use procdump64 if dumping a 64-bit process</P> <OL start="2"> <LI>From and administrative command prompt, navigate to the directory where you downloaded and unzipped procdump tool.</LI> <LI>Run the following command to dump a unique name process: <PRE><STRONG>procdump -ma &lt;process name&gt;</STRONG></PRE> </LI> </OL> <P class="lia-indent-padding-left-60px">The -ma switch is to perform a full memory dump of the process.</P> <P class="lia-indent-padding-left-60px">Replace &lt;process name&gt; with actual process name.</P> <P>&nbsp;</P> <P>If there is more than one instance of a process running with the same name you must dump the process by PID as opposed to name.</P> <P class="lia-indent-padding-left-30px">e.g. <STRONG>procdump -ma &lt;PID&gt;</STRONG></P> <P class="lia-indent-padding-left-30px">Replace &lt;PID&gt; with actual PID of the process.</P> <P>&nbsp;</P> <P>Next Up: <A href="https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/mystery-memory-leak-where-did-my-memory-go/ba-p/1675369" target="_self"><STRONG>MYSTERY MEMORY LEAK: WHERE DID MY MEMORY GO?!</STRONG></A></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>- Jeffrey Worline</P> <P>&nbsp;</P> Wed, 16 Sep 2020 21:08:53 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/memory-leaks-in-a-process/ba-p/1655208 TeedaN 2020-09-16T21:08:53Z How to configure file associations for IT Pros https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/how-to-configure-file-associations-for-it-pros/ba-p/1313151 <P>All steps described in this blog post have been tested on following Windows 10 versions:</P> <UL> <LI>Windows 10 1709</LI> <LI>Windows 10 1703</LI> <LI>Windows 10 1607</LI> </UL> <H2 id="configuring-file-association-prior-windows-10">Configuring file association prior Windows 10</H2> <P>There were different ways and guidance to set default program prior to Windows 10 (see <A href="#" target="_blank" rel="noopener" data-linktype="external">Managing Default Applications</A>).</P> <P>Before Windows 10, an application could check default apps, ask for user consent and set default app programmatically using <A href="#" target="_blank" rel="noopener" data-linktype="external">Windows API</A>.</P> <DIV id="tinyMceEditorCraigMarcho_0" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P><span class="lia-inline-image-display-wrapper lia-image-align-left" image-alt="1.png" style="width: 388px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186144iF1831830D82B1FA8/image-size/large?v=v2&amp;px=999" role="button" title="1.png" alt="1.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>But some programs skip the user consent and set the app defaults into the registry. The main requirement for default file association is often forgotten: the end-user is in control.</P> <P>Now in Windows 10 checks if registry file extension keys have not been modified to prevent file association hijacking.</P> <H2 id="file-association-changes-in-windows-10">File association changes in Windows 10</H2> <P>The way that default file associations work changed in Windows 10.</P> <P>There is a new UI for the end-user. This new way puts the user in control with a new file association notification.</P> <P>This notification will be displayed:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="2.png" style="width: 182px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186254iED65169DCC7F7BCC/image-size/large?v=v2&amp;px=999" role="button" title="2.png" alt="2.png" /></span></P> <UL> <LI>On the first launch of a file extension, if multiples programs are registered for handling that file extension.</LI> <LI>Each time a new application registers a file extension, except if the Always use this app to open .xxx files is checked.</LI> </UL> <P>If an application used Windows API to set default apps, the user will receive the following notification:</P> <DIV id="tinyMceEditorCraigMarcho_2" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P><span class="lia-inline-image-display-wrapper lia-image-align-left" image-alt="3.png" style="width: 602px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186146i3BB5C021C5BC693C/image-size/large?v=v2&amp;px=999" role="button" title="3.png" alt="3.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>For more information about these changes : <A href="#" target="_blank" rel="noopener" data-linktype="external">https://blogs.windows.com/windowsexperience/2015/05/20/announcing-windows-10-insider-preview-build-10122-for-pcs/</A></P> <P>You will find some explanation on The Old New Thing blog: <A href="#" target="_blank" rel="noopener" data-linktype="external">Why do my PDF file associations get reset every time I restart?</A></P> <H2 id="windows-10-an-app-default-was-reset">Windows 10: An app default was reset</H2> <P>But what happens if an application is not using Windows API and writes some stuff and hijacks user preferences?</P> <P>Now,Windows 10 detects that the registry is corrupted and will reset the default program for this file extension. Additionally, the end-user will receive this notification: An App default was reset. These change is documented in <A href="#" target="_blank" rel="noopener" data-linktype="external">KB4001770</A>: <EM>Reset app default when a registry setting is deleted or corrupted and streamlined notification about the corruption.</EM></P> <P><EM><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="4.png" style="width: 332px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186238i87E06311EDD5E909/image-size/large?v=v2&amp;px=999" role="button" title="4.png" alt="4.png" /></span></EM></P> <H2 id="how-to-configure-file-association-in-windows-10">How to configure file association in Windows 10?</H2> <P>It's possible for IT Pro to configure or <EM>force</EM> default association using supported methods.</P> <P>The best way to do it is to set up a reference computer, install applications, configure default programs and use Dism to export/import the custom default app associations or use a group policy.</P> <OL> <LI> <P>Set up a reference computer</P> </LI> <LI> <P>Install applications</P> </LI> <LI> <P>Go to Control Panel\All Control Panel Items\Default Programs and configure default apps associations. In Windows 10 1709, this control panel item is now in Settings app.</P> <P>Let's try to configure Internet Explorer as the default browser</P> <DIV id="tinyMceEditorCraigMarcho_4" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="5.png" style="width: 315px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186194i3AB03EDE86174342/image-size/medium?v=v2&amp;px=400" role="button" title="5.png" alt="5.png" /></span></LI> </OL> <P class="lia-indent-padding-left-30px">Choose Internet Explorer</P> <P class="lia-indent-padding-left-30px"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="6.png" style="width: 185px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186195i2BDBD4A1CF715457/image-size/medium?v=v2&amp;px=400" role="button" title="6.png" alt="6.png" /></span></P> <DIV id="tinyMceEditorCraigMarcho_5" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> <P>Internet Explorer is now the default web browser</P> <OL> <LI> <P>Export/import the custom default app association with dism.exe<BR />Note that you need administrator rights to use dism.exe. And to export properly the associations use the same account used in step 3, otherwise you will get a malformed XML file.</P> </LI> </OL> <P><!-- end list --></P> <OL> <LI>Dism.exe /online /export-defaultappassociations:C:\temp\CustomFileAssoc.xml</LI> </OL> <P>PS C:\Windows\system32&gt; dism /online /export-defaultappassociations:"C:\Temp\IE-DefaultBrowser.xml"</P> <OL> <LI>Open the xml file and check if everything looks good. <DIV id="tinyMceEditorCraigMarcho_6" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="7.png" style="width: 400px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186198iCEA42B50A0968FA0/image-size/medium?v=v2&amp;px=400" role="button" title="7.png" alt="7.png" /></span></P> </LI> </OL> <P>Usually at this step you will be tempted to delete other lines because you simply don't care about them and get a file like this:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="8.png" style="width: 602px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186241i9BB953B55AB1616E/image-size/large?v=v2&amp;px=999" role="button" title="8.png" alt="8.png" /></span></P> <P>FTA-IE-Only.xml</P> <P><STRONG>VERY IMPORTANT</STRONG>: If you want to import your file with DISM.exe, <STRONG>DO NOT</STRONG> delete any file associations entries!<BR />A missing entry will trigger the App default reset notification and you will get a notification storm at the first logon.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="9.png" style="width: 262px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186200iE889A9AC68818FD4/image-size/medium?v=v2&amp;px=400" role="button" title="9.png" alt="9.png" /></span></P> <DIV id="tinyMceEditorCraigMarcho_8" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> <H3 id="refresh-your-xml-on-a-regular-basis">Refresh your XML on a regular basis</H3> <P>As some recommended applications can manage more extensions with each new Windows 10 version available, it's a good practice to refresh your XML. For example, in Windows 10 1703, Microsoft Edge registers the epub extension. If you're using an XML file from Windows 10 1607, epub is missing. As a result, you will get an app reset notification for epub.</P> <H3 id="tips-for-building-your-xml-file">Tips for building your XML file</H3> <UL> <LI>Manually editing the file could result in a non-valid XML file. Ensure that your XML file is valid. Opening XML file in the <EM>old</EM> Internet Explorer is a good idea to check if the XML is valid. You can try <A href="#" target="_blank" rel="noopener" data-linktype="external">XML Notepad</A> to edit/validate XML files.</LI> <LI>If you do not see your file extension in XML file, go back to Control Panel\All Control Panel Items\Default Programs and configure default apps associations, select file extension, click on Change Program and confirm the program in the dialog box. Then, export again you're XML file.</LI> </UL> <H2 id="deploy-your-custom-xml">Deploy your custom XML</H2> <P>Now it's time to apply your XML file. You have two options:</P> <UL> <LI>Set up file association in your Windows 10 image. File associations will be configured for new users' profiles. Existing profiles are untouched. Users can change file associations.</LI> <LI>Configure a policy for your domain-joined computer: file association will be configured at each logon. User will be able to change file association, but at the next logon file association will be configured using XML file. This policy works only for domain-joined computer.</LI> </UL> <H3 id="configure-the-xml-file-for-your-windows-10-reference-image">Configure the XML file for your Windows 10 reference image:</H3> <P>Dism.exe /online /import-defaultappassociations:c:\temp\CustomFileAssoc.xml</P> <P>Your file will be copied in \Windows\System32 with the following name OEMDefaultAssociations.xml</P> <H3 id="configure-the-xml-file-for-your-domain-joined-computer">Configure the XML file for your domain-joined computer</H3> <P>Configure the following policy <EM>Set a default associations configuration file</EM> located in Computer\Policies\Administrative Templates\Windows Components\File Explorer.</P> <P>If this group policy is enabled and the client machine is domain-joined, the file will be processed, and default associations will be applied at logon time.</P> <P><EM><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="10.png" style="width: 451px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186252iBBD9A761C72CA8DE/image-size/large?v=v2&amp;px=999" role="button" title="10.png" alt="10.png" /></span></STRONG></EM></P> <P><EM><STRONG>Note</STRONG></EM>: this policy will not prevent user to change the file association. But at each logon the default association configured in XML file will be applied.</P> <H3 id="how-to-force-only-a-set-of-file-associations">How to force only a set of file associations?</H3> <P>Some IT Pros want to force only some file associations and let users in control for others file associations. For example, they want to configure Internet Explorer as default for HTTP/HTTPS only for HR people.</P> <P>So, they removed everything in the XML file except Internet Explorer entries. <STRONG>As previously seen, removing entries in XML file could result in app reset notifications</STRONG>.</P> <P>But don't panic, there is a solution to do it in your Windows 10 reference image.</P> <P>You just need to have two XML files, one for configuring the defaults and another one to force file association.</P> <P>The main XML, CustomDefaultAssoc.xml must <STRONG>contain all extensions</STRONG>. You need to import this file using:</P> <P>Dism /online /import-defaultappassociations:C:\CustomDefaultAssoc.xml</P> <P>The second XML, FTA-IE-Only.xml will contain only a set of file extensions. You need to use this XML file with the group policy <EM>Set a default associations configuration file.</EM></P> <P><EM><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="11.png" style="width: 180px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186242i57CE0A94FADA62FA/image-size/large?v=v2&amp;px=999" role="button" title="11.png" alt="11.png" /></span></EM></P> <P>At the first logon, Explorer.exe will apply both XML.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="12.png" style="width: 602px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186243i174558DAEB52FC7C/image-size/large?v=v2&amp;px=999" role="button" title="12.png" alt="12.png" /></span></P> <P>The end user will have this results without any app reset notifications:</P> <UL> <LI>PDF files associated with Microsoft Reader.</LI> <LI>HTM/HTML files associated with Internet Explorer.</LI> </UL> <P><EM><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="13.png" style="width: 185px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186245i15A6054E386C4038/image-size/large?v=v2&amp;px=999" role="button" title="13.png" alt="13.png" /></span></EM></P> <P><EM>OEMDefaultAssociations.xml</EM> contains the following lines:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="14.png" style="width: 602px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186246i2A92C3D00297864A/image-size/large?v=v2&amp;px=999" role="button" title="14.png" alt="14.png" /></span></P> <P><EM>IEOnly.xml</EM> contains the following lines:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="16.png" style="width: 602px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186247iC02E95B62DB6766C/image-size/large?v=v2&amp;px=999" role="button" title="16.png" alt="16.png" /></span></P> <P><STRONG><FONT size="5">Why I'm getting an app reset notification?</FONT></STRONG></P> <P>Raymond Chen talked about <A href="#" target="_blank" rel="noopener" data-linktype="external">this problem</A>. If a program is trying to set some registry keys, Explorer will detect it and the file association will be reset.</P> <P>Stop using script or other pre-Windows 10 ways for configuring file association.</P> <P>You can check the Microsoft-Windows-Shell-Core/AppDefaults event log for clues about file associations reset.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="17.png" style="width: 602px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186248i6C751FF5D55BA984/image-size/large?v=v2&amp;px=999" role="button" title="17.png" alt="17.png" /></span></P> <P>If you want to troubleshoot this, <A href="#" target="_blank" rel="noopener" data-linktype="external">keep calm and run Procmon</A><BR />;)</img><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="18.png" style="width: 601px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186249iEF7247BAF864FA72/image-size/large?v=v2&amp;px=999" role="button" title="18.png" alt="18.png" /></span></P> <P>&nbsp;</P> <P>You should be able to track which application is hijacking your file associations.&nbsp;Once you identified the bad application, the best way to solve this, is to use a more recent version, or contact your vendor.</P> <H2 id="why-im-getting-the-user-choice-notification-even-if-i-used-an-xml-file">Why I'm getting the User Choice notification even if I used an XML file?</H2> <P>You could get the following notification starting Windows 10 1703 when you choose an application as the default viewer instead using Microsoft Edge.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="19.png" style="width: 243px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186250i206A2F5F71313100/image-size/large?v=v2&amp;px=999" role="button" title="19.png" alt="19.png" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="20.png" style="width: 235px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/186251iD0037567534ACE4A/image-size/large?v=v2&amp;px=999" role="button" title="20.png" alt="20.png" /></span></P> <P>These notification windows are displayed only once if you're clicking on OK. It's because Microsoft Edge is detected as a new application.</P> <P>If a new app is installed and is registered to an existing file extension or protocol you will get this notification.</P> <P>If you want to get rid of these notifications, there is a group policy to hide these notifications:</P> <P><STRONG>Do not show the 'new application installed' notification</STRONG></P> <P>This policy removes the end-user notification for new application associations. These associations are based on file types (e.g. *.txt) or protocols (e.g. http:) If this group policy is enabled, no notifications will be shown</P> <H2 id="group-policy-settings-related-to-file-associations-settings">Group Policy Settings related to File Associations settings</H2> <P>You can find in the table below some group policies related to default file associations settings:</P> <DIV class="table-scroll-wrapper"> <TABLE class="table"><CAPTION class="visually-hidden">Table 1</CAPTION> <TBODY> <TR class="odd"> <TD><STRONG>Policy Setting Name</STRONG></TD> <TD><STRONG>Policy Path</STRONG></TD> </TR> <TR class="even"> <TD>Do not reinitialize a pre-existing roamed user profile when it is loaded on a machine for the first time</TD> <TD>Windows Components\File Explorer</TD> </TR> <TR class="odd"> <TD>Turn off Internet File Association service</TD> <TD>System\Internet Communication Management\Internet Communication settings</TD> </TR> <TR class="even"> <TD>Turn off access to the Store</TD> <TD>System\Internet Communication Management\Internet Communication settings</TD> </TR> <TR class="odd"> <TD>Do not show the 'new application installed' notification</TD> <TD>Windows Components\File Explorer</TD> </TR> <TR class="even"> <TD>Set a default associations configuration file</TD> <TD>Windows Components\File Explorer</TD> </TR> </TBODY> </TABLE> </DIV> <H2 id="bonus-for-adobe-reader-xi-users">Bonus for Adobe Reader XI users</H2> <P>If you are still using Adobe Reader XI, you should get a new application to open PDF, as Adobe Reader XI <A href="#" target="_blank" rel="noopener" data-linktype="external">is out of support</A>.</P> <P>With Adobe XI installer, you can get an app reset notification for PDF extensions and it will be reset to Microsoft Edge.</P> <P>You should look at Adobe Reader documentation and launch the Adobe Reader 11 installation with the following command line:</P> <P>AdbeRdr11010_en_US.exe /rs /sAll /msi EULA_ACCEPT=YES OWNERSHIP_STATE=0</P> <P>With OWNERSHIP_STATE=0 Adobe Reader stops to change file association for PDF with an unsupported way.</P> <H4 id="resources">Resources:</H4> <UL> <LI><A href="#" target="_blank" rel="noopener" data-linktype="external">http://www.adobe.com/devnet-docs/acrobatetk/tools/AdminGuide/pdfviewer.html</A></LI> <LI><A href="#" target="_blank" rel="noopener" data-linktype="external">https://www.adobe.com/devnet-docs/acrobatetk/tools/AdminGuide/properties.html#props</A></LI> </UL> Fri, 11 Dec 2020 16:03:37 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/how-to-configure-file-associations-for-it-pros/ba-p/1313151 CraigMarcho 2020-12-11T16:03:37Z Recent Resolved issue with Windows 10: Search from start show blank and no results https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/recent-resolved-issue-with-windows-10-search-from-start-show/ba-p/1164667 <DIV><FONT style="background-color: #ffffff;">Hello AskPerf! My name is Susan from the Microsoft Performance team. We have some important information we wanted to share about a recent issue that has been resolved.&nbsp;&nbsp; <BR />&nbsp;<BR />We were made aware recently of a temporary server-side issue causing Windows search to show a blank box. This issue has been resolved for most users and in some cases, you might need to restart your device. We are working diligently to fully resolve the issue and will provide an update once resolved. <BR /><BR /></FONT></DIV> <DIV><FONT style="background-color: #ffffff;"><A href="#" target="_blank" rel="noopener">https://docs.microsoft.com/en-us/windows/release-information/windows-message-center#387</A></FONT></DIV> <DIV>&nbsp;</DIV> <DIV>&nbsp;</DIV> Mon, 10 Feb 2020 20:43:00 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/recent-resolved-issue-with-windows-10-search-from-start-show/ba-p/1164667 CraigMarcho 2020-02-10T20:43:00Z Help! My Powershell script isn't working! Can you fix it? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/help-my-powershell-script-isn-t-working-can-you-fix-it/ba-p/755797 <P>Hello AskPerf blog, Travis Gradert here from Microsoft Customer Services and Support. I handle quite a number of Powershell cases for our support team, and have noticed that we get a lot of cases where customers are asking for help with things that we do not support. I wanted to write here to help explain what we do and do not handle in our support team when it comes to Powershell. The easy part of this is that we do not support custom or 3<SUP>rd</SUP> party scripts. There is no support for the creation of a script. CSS representatives may put in a best effort to you as the customer, however engineers may not have the expertise required.</P> <P>Instead of engaging a Customer Services and Support team, if you are a premier customer and have a Technical Account Manager, they should be contacted to engage Microsoft Consulting Services for the creation or debugging of a custom or 3<SUP>rd</SUP> party script.</P> <P>[note scripts found in the Powershell Gallery are not supported scripts. Issues with scripts need to be addressed with the author, found on the page where the script was downloaded.]</P> <P>So what is and is not supported? If a specific cmdlet, or the Powershell engine itself seems to be having an unexpected failiure, Customer Support and Services will be able to assist and work towards resolution of the failure. Below are some examples of supported requests.</P> <OL> <LI>A specific Powershell cmdlet with appropriate parameters returns: <OL> <LI>No result</LI> <LI>An unexpected result (missing or extraneous data)</LI> <LI>An error</LI> </OL> </LI> <LI>The engine/console fails to load or crashes</LI> <LI>Configuration and Customization of the console</LI> <LI>Remote Connectivity and Authentication</LI> <LI>Microsoft-Provided DSC Resources fail unexpectedly</LI> </OL> <P>Examples of Unsupported requests</P> <OL> <LI>Create script to perform “X” action.</LI> <LI>Review “X” script to determine a cause of a failure. No script debugging has been performed, issue hasn’t been isolated to a specific commandlet.</LI> <LI>Create DSC configuration</LI> </OL> <P>&nbsp;</P> <P>I’d like to provide some links that I think are helpful when looking for assistance with Powershell Scripts:</P> <H2>Script Debugging Resources<BR /><BR /></H2> <P><STRONG>Using ISE to debug scripts</STRONG></P> <P><A href="#" target="_blank">https://docs.microsoft.com/en-us/powershell/scripting/components/ise/how-to-debug-scripts-in-windows-powershell-ise?view=powershell-6</A></P> <P><STRONG>Remote Runspace Debugging</STRONG></P> <P><A href="#" target="_blank">https://devblogs.microsoft.com/powershell/powershell-runspace-debugging-part-1/</A></P> <P><STRONG>Transcription and Logging:</STRONG></P> <P><A href="#" target="_blank">https://blogs.technet.microsoft.com/ashleymcglone/2017/03/29/practical-powershell-security-enable-auditing-and-logging-with-dsc/</A><BR /><A href="#" target="_blank">https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.host/start-transcript?view=powershell-6</A></P> <P><STRONG>Measuring Command Performance:</STRONG></P> <P><A href="#" target="_blank">https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/measure-command?view=powershell-6</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Mon, 15 Jul 2019 22:21:35 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/help-my-powershell-script-isn-t-working-can-you-fix-it/ba-p/755797 CraigMarcho 2019-07-15T22:21:35Z Introducing Windows Terminal! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/introducing-windows-terminal/ba-p/544421 <P>Hey AskPerf community, Craig Marcho here with some cool news....<BR /><BR />Kayla Cinnamon, Program Manager for Windows Console, Command Line and WSL, recently announced Windows Terminal, which will be available this Summer from the Microsoft Store.</P> <P>&nbsp;</P> <P>What's that? You can't wait until Summer? No problem! You can&nbsp;<FONT style="background-color: #ffffff;">clone, build, run, and test the code from the repository on GitHub: <BR /><BR /><A href="#" target="_self">https://github.com/Microsoft/Terminal</A></FONT></P> <P>&nbsp;</P> <P><BR /><span class="lia-inline-image-display-wrapper lia-image-align-left" image-alt="terminal-screenshot.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/112528i9E46D124AB7ECBDB/image-size/large?v=v2&amp;px=999" role="button" title="terminal-screenshot.png" alt="terminal-screenshot.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P><BR />You can read more about this exciting announcement here:<BR /><BR /><A title="Introducing Windows Terminal" href="#" target="_self">Introducing Windows Terminal</A></P> <P>&nbsp;</P> <P>Thanks for visiting, and we'll see you again soon.</P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 08 May 2019 00:04:37 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/introducing-windows-terminal/ba-p/544421 CraigMarcho 2019-05-08T00:04:37Z Install PowerShell on macOS and Linux https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/install-powershell-on-macos-and-linux/ba-p/472191 <P style="margin: 0in; margin-bottom: .0001pt;">Did you know you can run PowerShell on macOS and Linux based operating systems?</P> <P style="margin: 0in; margin-bottom: .0001pt;">&nbsp;</P> <P style="margin: 0in; margin-bottom: .0001pt;">Just wanted to pass this on in case you did not know...</P> <P style="margin: 0in; margin-bottom: .0001pt;">&nbsp;</P> <P style="margin: 0in; margin-bottom: .0001pt;">For the macOS…</P> <P style="margin: 0in; margin-bottom: .0001pt;"><A href="#" target="_blank">https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-macos?view=powershell-6</A></P> <P style="margin: 0in; margin-bottom: .0001pt;">&nbsp;</P> <P style="margin: 0in; margin-bottom: .0001pt;">for Linux…</P> <P style="margin: 0in; margin-bottom: .0001pt;"><A href="#" target="_blank">https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux?view=powershell-6</A></P> <P style="margin: 0in; margin-bottom: .0001pt;">&nbsp;</P> <P style="margin: 0in; margin-bottom: .0001pt;">Now you know!</P> Thu, 18 Apr 2019 15:53:03 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/install-powershell-on-macos-and-linux/ba-p/472191 CraigMarcho 2019-04-18T15:53:03Z Is your Windows 2012 R2 server crashing after March 12, 2019 updates with bugcheck 0xd1 or 0xfc? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/is-your-windows-2012-r2-server-crashing-after-march-12-2019/ba-p/398549 <P style="margin: 0in; margin-bottom: .0001pt;"><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">Hello AskPerf! My name is Susan from the Microsoft Performance team. We have some important information we wanted to share right away.&nbsp;&nbsp; </SPAN></P> <P style="margin: 0in; margin-bottom: .0001pt; box-sizing: border-box;"><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">&nbsp;</SPAN></P> <P style="box-sizing: border-box; margin: 0in 0in 12.0pt 0in;"><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">After installing the March 12, 2019 updates (KB4489881 and KB4489883) on Windows 2012 R2 machines, devices with a winsock kernel client may experience 0xc2, &nbsp;D1, FC and possibly other bugchecks. (including event 41) <BR /><BR />Systems that run the Skype for Business or Lync Server Edge Transport role may be impacted by this issue.</SPAN></P> <P style="margin: 0in; margin-bottom: .0001pt; box-sizing: border-box;"><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">&nbsp;</SPAN></P> <P><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">At this time, we recommend you apply one of the following patches and reboot.</SPAN></P> <P><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">&nbsp;</SPAN></P> <P><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">1.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Windows 8.1 and Windows Server 2012 R2 Security Only: <A href="#" target="_blank">4493467</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<STRONG>&lt;&lt; includes security fixes only</STRONG></SPAN></P> <P><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">&nbsp;</SPAN></P> <P><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">2.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 Monthly Rollup: <A href="#" target="_blank">4493446</A>&nbsp;&nbsp;&nbsp;&nbsp; <STRONG>&lt;&lt; includes additional fixes both non security fixes, and older security fixes.</STRONG>&nbsp;</SPAN></P> <P style="margin: 0in; margin-bottom: .0001pt;"><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;">&nbsp;</SPAN></P> <P style="margin: 0in; margin-bottom: .0001pt;"><SPAN style="font-size: 12.0pt; font-family: &amp;quot; color: #333333;"><BR /><SPAN style="background: white;">If you are experiencing this issue, and applying either </SPAN><A href="#" target="_blank">4493467</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or&nbsp;&nbsp;&nbsp; <A href="#" target="_blank">4493446</A>&nbsp;&nbsp;&nbsp;&nbsp; <SPAN style="background: white;">does not resolve the issue, please call Microsoft and open a support incident.</SPAN></SPAN></P> Tue, 16 Apr 2019 00:28:29 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/is-your-windows-2012-r2-server-crashing-after-march-12-2019/ba-p/398549 CraigMarcho 2019-04-16T00:28:29Z Powershell Core SSH Remoting https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/powershell-core-ssh-remoting/ba-p/394234 <P>Hi Everyone, my name is Travis, and I am with the User Experience team here at Microsoft.<BR /><BR /></P> <P>Today I’ll be discussing implementing SSH remoting as a Transport for Powershell.<BR /><BR /></P> <P>While WinRM is a great transport for Active Directory domains, or domains with a two way forest trust – where WinRM is lacking is in scenarios where there either is no trust between domains, or no domain membership at all. Where there is no domain membership, certificate authentication is your only real choice when it comes to secure Remoting via WinRM.<BR /><BR /></P> <P>SSH as a transport changes that because public/private key pairs are used to secure the connection, allowing for encrypted transport of the data sent between the machines – even when an active directory solution has not been implemented. This also means that if you prefer to admin from a *nix installation, you now have a viable transport to manage windows machines from a native *nix remoting implementation.<BR /><BR /></P> <P>Newer OS’s include the OpenSSH client natively as a windows capability inbox. The client is enabled by default, however the server is not. To validate the OpenSSH install state, run the following.</P> <P><FONT color="#0000ff">Get-WindowsCapability</FONT> <FONT color="#000080">-Online -Name</FONT> <FONT color="#800080">*SSH*</FONT></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="1.jpg" style="width: 814px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101686i951C3585A3B2A401/image-size/large?v=v2&amp;px=999" role="button" title="1.jpg" alt="1.jpg" /></span><BR /><BR /></P> <P>Add the features by piplining get-windowscapability to add-windowscapability. No restart is needed to complete the installation.</P> <P>&nbsp;</P> <P>On server 2019, be sure to run the latest Cumulative Update, as the error shown below will be thrown due to a known issue that is already resolved in December release patches.<BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="2.jpg" style="width: 835px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101683iF14DCC69E27EE3C2/image-size/large?v=v2&amp;px=999" role="button" title="2.jpg" alt="2.jpg" /></span></P> <P><BR /><BR /><FONT color="#0000ff">Get-WindowsCapability</FONT> <FONT color="#000080">-Online -Name</FONT> <FONT color="#800080">*SSH*</FONT> |<FONT color="#0000ff"> Add-WindowsCapability</FONT> <FONT color="#000080">-Online</FONT> <BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="3.jpg" style="width: 714px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101684iF6982BE9EB9DD4CD/image-size/large?v=v2&amp;px=999" role="button" title="3.jpg" alt="3.jpg" /></span></P> <P><BR /><BR />As far as initial configuration is concerned, the service (sshd) must be started, and should be set to automatic as it is not by default. In addition, the firewall rules for SSH must be enabled. This is a TCP connection on port 22.<BR /><BR /></P> <P>Start the Service with the below command.</P> <P><FONT color="#0000ff">Start-Service</FONT> <FONT color="#800080">sshd </FONT><BR /><BR /></P> <P>Set the service to automatic startup.</P> <P><FONT color="#0000ff">Set-Service</FONT> <FONT color="#000080">-Name</FONT> <FONT color="#800080">sshd </FONT><FONT color="#000080">-StartupType</FONT> <FONT color="#800000">'Automatic'</FONT></P> <P>&nbsp;</P> <P>Confirm if the firewall rule is enabled.</P> <P><FONT color="#0000ff">Get-NetFirewallRule</FONT> <FONT color="#000080">-Name</FONT> <FONT color="#800080">*ssh*</FONT></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="4.jpg" style="width: 644px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101685i65E1C839B860ACFB/image-size/large?v=v2&amp;px=999" role="button" title="4.jpg" alt="4.jpg" /></span><BR /><BR /></P> <P>Set the firewall rule to allow incoming connections if not allowed</P> <P><FONT color="#0000ff">Get-NetFirewallRule</FONT> <FONT color="#000080">-Name</FONT> <FONT color="#800080">*ssh*</FONT> | <FONT color="#0000ff">Set-NetFirewallRule</FONT> <FONT color="#000080">-Enabled</FONT> <FONT color="#800080">True </FONT><FONT color="#000080">-Direction</FONT> <FONT color="#800080">Inbound </FONT><FONT color="#000080">-Action</FONT> <FONT color="#800080">Allow</FONT></P> <P>&nbsp;</P> <P><STRONG>Testing SSH:</STRONG></P> <P>Simply use SSH.exe and specify a remote machine name to use implicit credentials against the remote machine to authenticate.<BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="5.jpg" style="width: 698px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101687iA5570FEADDF39661/image-size/large?v=v2&amp;px=999" role="button" title="5.jpg" alt="5.jpg" /></span><BR /><BR />Once the session has been formed, you should simply see a prompt similar to the following:<BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="6.jpg" style="width: 478px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101688iAA4B0D40139A2B43/image-size/large?v=v2&amp;px=999" role="button" title="6.jpg" alt="6.jpg" /></span><BR /><BR /></P> <P>Simply run the hostname.exe executable to confirm you’re working with the remote machine.<BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="7.jpg" style="width: 485px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101689iB2B0125A092D9DCB/image-size/large?v=v2&amp;px=999" role="button" title="7.jpg" alt="7.jpg" /></span><BR /><BR /></P> <P><STRONG>Remoting with Powershell Core<BR /><BR /></STRONG></P> <P>Download and install the latest version of Powershell Core, available on Github. <A href="#" target="_blank" rel="noopener">https://github.com/powershell/powershell</A><BR /><BR /></P> <P>For the purposes of this Demo, I’m installing the x64 MSI package on both my Windows 10 1809 client, as well as Server 2019 to the default location.<BR /><BR /></P> <P>Powershell Core must be configured as a subsystem in $env:ProgramData\ssh\sshd_config. As a note, there is currently a bug in OpenSSH where paths with spaces fail to be recognized as a subsystem. As a work around you can use a symlink to correct the error and point the sshd_config to the symlink location.<BR /><BR /></P> <P>For the stable release, use: mklink /D c:\pwsh "C:\Program Files\PowerShell\6"<BR /><BR /></P> <P>For the preview release, use: mklink /D c:\pwsh "C:\Program Files\PowerShell\6-preview"</P> <P><BR />Note that we’re pointing to the symlinked path in the subsystem config below.<BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="8.jpg" style="width: 640px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101690iDC924F2C705C7C96/image-size/large?v=v2&amp;px=999" role="button" title="8.jpg" alt="8.jpg" /></span><BR /><BR /></P> <P>After the service configuration is changed, restart the service.</P> <P><FONT color="#0000ff">Restart-Service</FONT> <FONT color="#800080">sshd</FONT></P> <P>&nbsp;</P> <P>Powershell Core adds a few new parameters to the Enter-PSsession commandlet, -Hostname, -SSHTransport, -Keyfile, and -Subsystem. Note that you cannot use -computername in combination with -SSHTransport.<BR /><BR /><BR /></P> <P>An example of Remoting is shown below.<BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="9.jpg" style="width: 766px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/101691i67A9A46B9A3790A1/image-size/large?v=v2&amp;px=999" role="button" title="9.jpg" alt="9.jpg" /></span></P> <P>&nbsp;</P> <P>And that's it for today! Thanks for reading, and let us know if you have any comments or questions below!</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 03 Apr 2019 21:47:40 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/powershell-core-ssh-remoting/ba-p/394234 CraigMarcho 2019-04-03T21:47:40Z Welcome Back AskPerf! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/welcome-back-askperf/ba-p/386881 <P>Hello Everyone! Welcome to the new home of the AskPerf blog. We have recently moved, and many things have changed in the years since the last post here. The owners of the blog have moved on to bigger and better things, so I have decided to bring it back to life, and bring some new fresh content to help the community. The Performance team has actually been split to two teams internally at Microsoft, one is still called "Performance" and the other is called "User Experience", or UEX. Between the two teams, we will still provide information on all of the topics that we cover, here under one roof. So welcome back, and we will be providing some information here soon.<BR /><BR />-Craig Marcho</P> Mon, 25 Mar 2019 17:22:00 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/welcome-back-askperf/ba-p/386881 CraigMarcho 2019-03-25T17:22:00Z WOW...are folks still reading this blog??? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wow-are-folks-still-reading-this-blog/ba-p/375660 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Mar 05, 2018 </STRONG> <BR /> We haven't posted any blogs for ~2 years, yet it seems that people are still reading/commenting on previous posts.&nbsp; For me, I've moved on to the Security Team here at Microsoft, and there really is no more Performance team.&nbsp; They've been broken up into smaller support teams that support certain topics.&nbsp; From a Security standpoint, I might be able to provide a few posts from time to time regarding the topic if your interested.&nbsp; Thoughts?&nbsp; -Blake </BODY></HTML> Sat, 16 Mar 2019 12:51:15 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wow-are-folks-still-reading-this-blog/ba-p/375660 CraigMarcho 2019-03-16T12:51:15Z AskPerf Blog transition… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/askperf-blog-transition-8230/ba-p/375659 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Mar 28, 2016 </STRONG> <BR /> Hello AskPerf! <BR /> <BR /> Wanted to send you a very long overdue note on the current status of the AskPerf Blog site. We are in a transition period on ownership of this blog site going forward. I personally have moved on to another team, and the remaining Performance folks have as well. With that said, a decision will be made hopefully soon, on the future of this blog. <BR /> <BR /> Thank you as always for your support and active participation in our posts. <BR /> <BR /> -Blake </BODY></HTML> Sat, 16 Mar 2019 12:51:11 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/askperf-blog-transition-8230/ba-p/375659 CraigMarcho 2019-03-16T12:51:11Z Office Applications only print 1-2 pages https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/office-applications-only-print-1-2-pages/ba-p/375658 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Sep 25, 2015 </STRONG> <BR /> <P> Hello AskPerf!&nbsp; My name is Susan, and today we are going to discuss an issue where printing through Office applications only produce 1-2 pages out of a multi-page document. </P> <P> For example, you have Windows 2003/2008 Print Server with (e.g. Lexmark Universal v2 PS3 (2.2.5.71)) and Windows 8.1 clients attempt to print from Office applications; only the first page or 2nd pages will print. </P> <P> <B> Other symptoms you may observe: </B> </P> <UL> <LI> You can print only 2 pages, for example: page 2-3 of a 10 page document </LI> <LI> You print just fine out of other applications </LI> <LI> If you print to PDF from Office, the files print as expected </LI> </UL> <P> <B> Cause </B> There are two main causes of the behavior above.&nbsp; The first is missing fonts from the Print Server - the buffer simply fills and overflows and only ~2 pages will print.&nbsp; The second cause is a legacy Bluetooth service is installed as well as its add-on component. </P> <P> <B> Resolution #1 </B> </P> <P> Install the missing fonts on the Print Server.&nbsp; You do not need to install Office, only the fonts. </P> <P> Here are the fonts that should be installed: </P> <P> <A href="#" target="_blank"> Fonts that are installed with Microsoft Office 2013 products </A> </P> <P> <A href="#" target="_blank"> Fonts supplied with* Office 2010 </A> </P> <P> <A href="#" target="_blank"> Office 2010 printing errors with Calibri font when printing through a Windows Server 2003 or 2008 print server </A> </P> <P> <B> Resolution #2 </B> </P> <P> For the Bluetooth Driver, there are two pieces: the service as well as the add-on that is registered under the Office applications.&nbsp; The add-ons should be disabled for all Office applications under multiple keys. </P> <P> <B> Option 1 </B> </P> <OL> <LI> Check with the vendor to determine if there are any updates to your Bluetooth device. </LI> </OL> <P> <B> Option 2 </B> </P> <OL> <LI> Uninstall Bluetooth </LI> </OL> <BLOCKQUOTE> <P> a.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Please confirm it is completely uninstalled via checking MSCONFIG and running Services.msc </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> b.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Next, you will need to modify registry keys in two&nbsp; locations&nbsp; and change the loadbehavior to 0 or delete. </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> <STRONG> For example </STRONG> : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\AddinsBtmoffice.connect </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> And also under&nbsp; BTMOffice.connect is loaded in Access, Excel, Project, Outlook, Powerpoint, Word for each application. </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Access\Addins\AddinsBtmoffice.connect </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> And also under&nbsp; BTMOffice.connect is loaded in Access, Excel, Project, Outlook, Powerpoint, Word for each application. </P> </BLOCKQUOTE> <P> <B> Option 3 </B> </P> <OL> <LI> Disable Bluetooth as a test </LI> </OL> <BLOCKQUOTE> <P> a.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Stop the service from running in Services.msc </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> b.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Change the loadbehavior in the above registry keys to 0 </P> </BLOCKQUOTE> <P> -Susan </P> <P> </P> <BR /> </BODY></HTML> Sat, 16 Mar 2019 12:51:06 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/office-applications-only-print-1-2-pages/ba-p/375658 CraigMarcho 2019-03-16T12:51:06Z Remote Desktop Licensing Service Stopping https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-licensing-service-stopping/ba-p/375657 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Sep 24, 2015 </STRONG> <BR /> <P> Hello AskPerf! My name is Matt Graham and I'll be discussing an issue that you may see on your RDS Licensing Server. </P> <BR /> <P> <STRONG> SCENARIO </STRONG> You have both a 2008 R2 and an 2012 or 2012 R2 Licensing server in your RDS environment.&nbsp; When you look under services.msc, you notice that the Remote Desktop Licensing service is stopped on the 2012 / 2012 R2 server.&nbsp; You try to start it again, but after a short period of time (30 seconds to a few minutes) it stops on its own again.&nbsp; In fact, every time you try to start the service, it starts for a short time and then stops on its own. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93421iA17364C3B50CE666" /> </P> <BR /> <P> Alternatively, you may see this service crash. </P> <BR /> <P> <STRONG> ISSUE </STRONG> This behavior is actually by design.&nbsp; You cannot have a 2008 R2 and a 2012 / 2012 R2 License server in the same RDS environment. </P> <BR /> <P> <STRONG> RESOLUTION </STRONG> If you are moving to a 2012 / 2012 R2 environment, then deactivate and decommission your 2008 R2 license server.&nbsp; If you still want to have two or more license servers, you will need to build another matching 2012 / 2012 R2 license server. </P> <BR /> <P> <STRONG> CONSIDERATION #1 </STRONG> We have seen at least one case where the 2012 License Manager Service still did not start even after removing the 2008 R2 License server.&nbsp; In this case, the licensing server database had become corrupt.&nbsp; If this happens, you can rebuild the database using the "Manage Licenses" wizard. </P> <BR /> <P> <STRONG> WARNING </STRONG> If you do this, you will have to re-install your licenses after the rebuild. Be sure you have your licensing information. </P> <BR /> <P> 1.&nbsp; Open your RD Licensing Manager, right click on your server and select Manage Licenses. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93422iD3D4B3F1228F5BC8" /> </P> <BR /> <P> 2. Select Rebuild the license server database. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93423iD85398FB40505EB2" /> </P> <BR /> <P> 3.&nbsp; After this, you will need to have your Retail CAL pack or your EA information in order to reinstall your licenses. </P> <BR /> <P> <STRONG> CONSIDERATION #2 </STRONG> In one case, a customer had to rename the "C:\Windows\System32\Lserver" folder, uninstall the RDS roles, reboot, and reinstall the RDS Licensing role in order to get the service to start again.&nbsp; This should effectively do the same thing as rebuilding the license database, but I mention it because it was successful in at least one case. </P> <BR /> <P> Finally, when you decommission your old 2008 R2 server, be sure to think through what that will entail for your session hosts.&nbsp; You may need to take inventory of your session hosts and ensure that they are pointed to your 2012 / 2012 R2 license server if they aren't already pointed to it. </P> <BR /> <P> -Matt </P> </BODY></HTML> Sat, 16 Mar 2019 12:50:59 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-licensing-service-stopping/ba-p/375657 CraigMarcho 2019-03-16T12:50:59Z Windows 10 (RTM) RSAT tools now available… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-10-rtm-rsat-tools-now-available-8230/ba-p/375653 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 24, 2015 </STRONG> <BR /> <P> Hey Folks, quick post to let you know that the Windows 10 Remote Server Administration Tools are now available. </P> <P> <A href="#" target="_blank"> Remote Server Administration Tools for Windows 10 </A> </P> <P> <STRONG> Details </STRONG> </P> <P> Remote Server Administration Tools for Windows 10 includes Server Manager, Microsoft Management Console (MMC) snap-ins, consoles, Windows PowerShell cmdlets and providers, and command-line tools for managing roles and features that run on Windows Server Technical Preview. <BR /> <BR /> Remote Server Administration Tools for Windows 10 can be used to manage roles and features that are running on Windows Server Technical Preview, with the following exceptions: </P> <UL> <BR /> <LI> <B> DHCP Tools. </B> Dhcpmgmt.msc is not available in this release of RSAT, but equivalent Windows PowerShell cmdlets are available. </LI> <BR /> <LI> <B> IP Address Management (IPAM) Tools. </B> IPAM tools are not available in this release of RSAT. </LI> <BR /> <LI> <B> Network Policy Server Tools. </B> The NPS console is not supported on a Windows client-based operating system, and will be removed from future releases of RSAT. </LI> <BR /> <LI> <B> Routing and Remote Access Tools. </B> Routing and Remote Access Tools that are GUI-based cannot be used for remote configuration in this release of RSAT, but the equivalent Windows PowerShell cmdlets are available. </LI> <BR /> </UL> <P> -Blake </P> <P> </P> <BR /> </BODY></HTML> Sat, 16 Mar 2019 12:50:30 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-10-rtm-rsat-tools-now-available-8230/ba-p/375653 CraigMarcho 2019-03-16T12:50:30Z Windows 10 is coming! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-10-is-coming/ba-p/375652 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jul 28, 2015 </STRONG> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93420iAE721C8CF47CC1C5" /> </P> <BR /> <P> Hello folks, as I’m sure you already know, Windows 10 will be available tomorrow, July 29th.&nbsp; With that said, we will be blogging some of the new features that our team will be supporting in this new OS. </P> <BR /> <P> We will also blog about features that some of other teams support.&nbsp; Namely, how to manage Windows 10 notifications and upgrade options: </P> <BR /> <P> <A href="#" target="_blank"> How to manage Windows 10 notification and upgrade options </A> </P> <BR /> <P> <A href="#" target="_blank"> Windows 10 landing page </A> </P> <BR /> <P> See you soon! </P> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:50:26 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-10-is-coming/ba-p/375652 CraigMarcho 2019-03-16T12:50:26Z Walkthrough on Session hint / TSVUrl on Windows Server 2012 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/walkthrough-on-session-hint-tsvurl-on-windows-server-2012/ba-p/375650 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jun 11, 2015 </STRONG> <BR /> <P> Hello Askperf, my name is Naresh and today we are going to discuss how we can connect to a Windows 2012 Remote desktop collection from thin clients or other clients that are not session hints aware. </P> <P> You might be thinking what are “Session hints”, so let us right away dig into the need for session hints. The connection broker in Windows 2012/R2 has changed the way clients connect to a group of RDSH/RDVH servers – earlier called farms but now we have them grouped as ‘collections’ in Windows 2012/R2. With Windows 2012, we brought changes in the way how the GUI looks, how we install different roles and how these different roles interact with each other. With all this the flow of remote desktop connections and how a client connects to the endpoint servers, changed as well. </P> <P> <B> Classical way of connecting to Remoteapps-windows server 2008 r2 </B> </P> <P> In Windows 2008 R2 we deployed RemoteApps as: </P> <OL> <LI> MSI files </LI> <LI> RDP files </LI> <LI> Connect through RDWeb </LI> </OL> <P> To explain the connection flow I will walk you through the RDP file content of a RemoteApp in Windows 2008/R2 vs. Windows 2012/R2. </P> <P> This is how a RDP file for a RemoteApp would look like in a <B> 2008 R2 </B> RDS environment: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93417i416955DC0A3DB3FA" /> </P> <OL> <LI> The client reads the full address (of the farm) and the RDGateway properties. </LI> <LI> If the client finds the RDGateway, it will authenticate against the gateway and based on the CAP and RAP policy the connection would be passed on. </LI> <LI> The Client would then do a DNS query for the full address (of the farm) – assuming this is a DNS Round Robin or the farm name is pointing to a NLB – and would try to connect to the RDSH server. (If there is a dedicated redirector, then one of them will receive this connection.) </LI> <LI> The RDSH (or the redirector) server receiving the connection would then contact the connection broker and if there is an existing disconnected session available for this user on an RDSH, the connection broker would send the details of the RDSH server back to the redirector. If there is no disconnected session, the connection broker would determine the best suited server as per the load balancing algorithms and would send the details of that server to the redirector. </LI> <LI> Redirector would in turn pass those details to the client and the client would then directly logon to the application on the assigned server. Session established. </LI> </OL> <P> <B> Change in the way we connect in 2012 -Session Hint / TSVUrl </B> </P> <P> In a 2012/R2 environment the RDP file looks like this: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93418iE9AB7DACD801920A" /> </P> <OL> <LI> In Windows 2012 the concept of Farms has been deprecated and replaced by collections. However, unlike Farms, collections do not have an entry in the DNS. Therefore the client reads the full address (which is for connection broker which hosts the RDS deployment and collections) and the RDGateway properties. </LI> <LI> If the client finds the RDGateway, it will authenticate against the gateway and based on the CAP and RAP policy the connection would be passed on. </LI> <LI> The Client would then do a DNS query for the full address, i.e. the connection broker for windows 2012 and would try to connect to the RD Connection broker. The term redirector is no longer used in Windows 2012 and instead connection broker does the redirection, but how? </LI> </OL> <P> <B> What are session hints/TSVUrls ? </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93419iE8622514E310B19E" /> </P> <P> If you see the above RDP file, I have also highlighted the loadbalanceinfo which consists of the TSVUrl. A TSVUrl or session hints suggests which collection in the deployment the client should connect to. So along with the Full Address and gateway information, the client also reads the loadbalancerinfo and sends that over to the connection broker. </P> <BLOCKQUOTE> <P> 4. The connection broker then reads the TSVUrl to determine the collection name and then suggests which RD Session host participating in the collection should take the session based on whether there is an already existing session or not. </P> <P> 5. If there is an existing session available for this user on an RDSH in that collection, the connection broker would send the details of the RDSH server back to the client. If there is no disconnected session, the connection broker would determine the best suited server within the collection as per the load balancing algorithms and would send the details of that server to the client. </P> <P> 6. The client would then directly logon to the application on that assigned server. Session established. </P> </BLOCKQUOTE> <P> <A> <B> DefaultTsvUrl: workaround for incompatible RDClient </B> </A> </P> <P> <A> However, what would happen if the RD client does not understand the TSVURLs? Yes, the client would directly logon to the connection broker but since the application is not hosted there, it would error out. </A> </P> <P> We have seen a lot of customers not wanting to move over to Windows 2012 Remote desktop services because they have Clients like, old thin clients with old RD clients and some non-windows clients or some of the old Windows clients that might not understand TSVURLs. I would highly recommend upgrading the clients to the latest by getting in touch with the OEM vendor/manufacturer for getting the latest RD client for these devices (in case of old Windows fat cients either install RDC 8 or later or else upgrade to the operating system that supports RDC 8)</img> making sure they are tsvurl aware, given the so many other benefits and features the latest RD client would bring along. However, we do understand that some of our customers would have genuine reasons to keep these clients and also while planning and implementing an upgrade, one would need to run the show in the meantime with the non-compatible clients. </P> <P> For such cases, we can use the below registry key on the connection broker hosting the deployment. </P> <P> <B> Important </B> This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base <A href="#" target="_blank"> 322756 </A> How to back up and restore the registry in Windows. </P> <P> The following tuning recommendation has been helpful in alleviating the problem: </P> <BLOCKQUOTE> <P> 1. Start Registry Editor (Regedit.exe). </P> <P> 2. Locate and then click the following key in the registry: </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> <STRONG> <I> HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\ClusterSettings </I> </STRONG> </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> 3. On the <B> Edit </B> menu, click <B> Add Value </B> , and then add the following registry value: </P> </BLOCKQUOTE> <BLOCKQUOTE> <P> <I> Value name: </I> <STRONG> <I> DefaultTsvUrl </I> </STRONG> <I> <BR /> Data type: REG_SZ <BR /> Value data: <B> tsv://&lt;TSVURL&gt; </B> </I> </P> </BLOCKQUOTE> <P> This registry would provide the connection broker with the default <B> <I> loadbalanceinfo </I> </B> in case the client was unable to read the loadbalanceinfo provided in the remoteapp. </P> <P> To find the <B> <I> TSVUrl </I> </B> to be set in <STRONG> <I> DefaultTsvUrl </I> </STRONG> , you can go to the following registry on the connection broker: </P> <P> <STRONG> <I> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\&lt;CollectionName&gt;\Applications\&lt;RemoteApp&gt;\ </I> </STRONG> <STRONG> <I> </I> </STRONG> </P> <P> <B> <I> RDPFileContents </I> </B> <I> REG_SZ </I> </P> <P> You can find the <B> <I> tsvurl </I> </B> in the <B> <I> RDPFilecontents </I> </B> of the collection you would like to set as your default. Then configure it as your <STRONG> <I> DefaultTsvUrl </I> </STRONG> . You can then keep the show running while you upgrade to newer compatible clients. </P> <P> <B> NOTE: This is being suggested as an alternate/workaround when you do not have upgrading the client as an option. It has the following caveats that one should be aware of: </B> <B> </B> </P> <OL> <LI> This would only be read when the client is unable to understand the tsvurl sent in the RDP file (from the remote app) and thus does not present the tsvurl to connection broker. </LI> <LI> Whenever such a client comes the DefaultTsvUrl sends it to one single collection as specified in the registry value. DefaultTsvUrl can only point to one single collection only and thus you may want to plan and create a single collection for non compatible clients that has all their required apps in it. There is no provision of defining multiple collections in this registry so if you want to use incompatible clients over multiple collections then it won't be possible. </LI> <LI> In case you change that collection, you will have to change the defauDefaultTsvUrl lttsvurl registry value as well. </LI> <LI> This registry is only a workaround for tsvurls and will not work if the clients are not compatible with remoteapps itself. It is only for providing a workaround for clients that were able to access remoteapps earlier in Windows 2008/R2 but cannot access them through collections as explained in the section " <B> Change in the way we connect in 2012 -Session Hint / TSVUrl" </B> . </LI> </OL> <P> -Naresh </P> </BODY></HTML> Sat, 16 Mar 2019 12:50:11 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/walkthrough-on-session-hint-tsvurl-on-windows-server-2012/ba-p/375650 CraigMarcho 2019-03-16T12:50:11Z Task Scheduler "A task or folder with this name already exists" https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/task-scheduler-quot-a-task-or-folder-with-this-name-already/ba-p/375646 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 14, 2015 </STRONG> <BR /> <P> Hello AskPerf! Blake here with a quick blog to discuss an issue I’ve seen more frequently over the past few months. Here is the Scenario: </P> <P> When you try and create a new Scheduled Task via the command line (schtasks.exe), the following error appears: </P> <P> <B> "WARNING: The task name " <EM> PERFTEST </EM> " already exists. Do you want to replace it (Y/N&gt;?" </B> </P> <P> If you hit Y, then this message will appear: </P> <P> <B> "ERROR: Cannot create a file when that file already exists." </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93414i3E16A7578E5F89A1" /> </P> <P> When you try and create the same task via the taskschd.msc snap-in, this message is displayed: </P> <P> <B> "An error has occurred for task <EM> test </EM> .&nbsp; Error message: A task or folder with this name already exists." </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93415iAF8B821C5C135E76" /> </P> <P> When you click OK, the following error appears: </P> <P> <B> "Transaction support within the specified resource manager is not started or was shut down due to an error" </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93416iC30A1F6B540195D3" /> </P> <P> After you click OK, the task is not created. </P> <P> Research internally as well as out on the Internet suggest that the Transaction Log is corrupted. To fix this you need to do the following: </P> <P> </P> <OL> <LI> Open up an elevated CMD prompt </LI> <LI> Type in the following and hit enter: " <STRONG> fsutil resource setautoreset true c:\ </STRONG> " </LI> <LI> Reboot </LI> <LI> After your machine reboots, you should be able to create new Scheduled Tasks now </LI> </OL> <P> <STRONG> NOTE </STRONG> I’ve only seen this on Windows 2008 R2 SP1 thus far, and will update this blog post if seen on other Operating Systems down the line. </P> <P> <STRONG> Additional Resources </STRONG> </P> <UL> <LI> <A href="#" target="_blank"> Fsutil behavior </A> <BR /> </LI> </UL> <P> -Blake </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:49:34 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/task-scheduler-quot-a-task-or-folder-with-this-name-already/ba-p/375646 CraigMarcho 2019-03-16T12:49:34Z WMIDiag 2.2 is here! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmidiag-2-2-is-here/ba-p/375642 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 12, 2015 </STRONG> <BR /> <P> Hello AskPerf blog readers! Jeff here from the Windows Performance Team once again. I am happy to announce that the new version of WMIDIAG is finally here. It’s now compatible for Windows 8/8.1 as well as Sever 2012/2012R2. Some of you may have been aware that the previous version used to also show a lot of errors and that majority of them were erroneous or false positives simply due to wmi class name changes between OS versions. That has been all cleaned up and all errors have been corrected. When you run the new version it should look a lot cleaner and what errors you do see should be accurate and deserving of attention. </P> <P> The WMI Diagnosis Tool is a VBScript based-tool for testing, validating, and analyzing WMI installation/issues. The tool collects data from WMI installations on all Microsoft Operating Systems at any or no service pack level. </P> <P> WMI Diagnostics 2.2 requires you to have Local Administrator rights as well as Windows Script Host (WSH) enabled. </P> <P> To download this tool, please click <A href="#" target="_blank"> here </A> . </P> <P> After you download WMIDiag.exe, run it and extract the files to a local folder. If you double-click WMIDiag.vbs, the following message will appear: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93412i37D5A7B1F5BB6ECD" /> </P> <P> If you want to see its activity, then you would run “ <B> cscript WMIDiag.vbs </B> ” from the command prompt, or you can change the default script host to the command line by running “ <STRONG> cscript //H:CScript </STRONG> ”. </P> <P> <B> Note: </B> By default WMIDiag does not check repository consistency and you would need to run manually from command prompt using “ <B> cscript WMIDiag.vbs checkconsistency </B> ” </P> <P> WMIDIAG can be run from Windows Explorer, or from the command line. Each time it runs, the WMI Diagnosis Tool creates the following three files in the %TEMP% directory: </P> <UL> <LI> .LOG file containing all the WMI Diagnosis Tool activity as well as a WMI report at the end </LI> <LI> .TXT file containing the WMI Diagnosis Tool report </LI> <LI> .CSV file containing statistics that can be used to measure trends and issues </LI> </UL> <P> When the WMI Diagnosis Tool terminates, the ERRORLEVEL environment variable is set to one of the following values: </P> <P> <B> 0 = SUCCESS </B> </P> <UL> <LI> WSH has a script execution timeout setup (in machine or system environment) </LI> <LI> Machine reports suspicious improper shutdowns </LI> <LI> User Account Control (UAC) status is reported (Vista and above) </LI> <LI> Local account token filter policy is reported (Vista and above) </LI> <LI> Unexpected binaries in the WBEM folder </LI> <LI> The Windows Firewall is enabled </LI> <LI> Some WMI service installed in the machine are dependent on the WMI service (i.e. "SMS Agent) </LI> <LI> WMI ADAP has a status different than 'running' </LI> <LI> Some WMI namespaces require a packet privacy encryption for a successful connection </LI> <LI> Some WMI permanent subscriptions or timer instructions are configured </LI> <LI> Some information about registry key configurations for DCOM and/or WMI was reported </LI> </UL> <P> <B> 1 = ERROR </B> </P> <UL> <LI> System32 or WBEM folders are not in the PATH </LI> <LI> WMI system file(s)\ repository is/are missing </LI> <LI> WMI repository is inconsistent (XP SP2, 2003 SP1 and above) </LI> <LI> DCOM is disabled </LI> <LI> WMI service is disabled </LI> <LI> The RPCSS and/or the WMI service(s) cannot be started </LI> <LI> WMI DCOM setup issues </LI> <LI> Expected default trustee or ACE has been removed from a DCOM or WMI security descriptor </LI> <LI> The ADAP status is not available </LI> <LI> One or more WMI connections failed </LI> <LI> Some GET operations\WMI class MOF representations\WMI qualifier retrieval operations failed </LI> <LI> Some critical WMI ENUMERATION operations\WMI EXECQUERY\WMI GET operations failed </LI> <LI> Some WRITE operations in the WMI repository\PUT\DELETE operations failed </LI> <LI> One of the queries of the event log entries for DCOM, WMI and WMIADAPTER failed </LI> <LI> Some critical registry key configurations for DCOM and/or WMI were reported </LI> </UL> <P> <B> 2 = WARNING </B> </P> <UL> <LI> System32 or WBEM folders are further in the PATH string than the maximum system length </LI> <LI> System drive and/or Drive type reporting are skipped </LI> <LI> DCOM has an incorrect default authentication level (other than 'Connect') </LI> <LI> DCOM has an incorrect default impersonation level (other than 'Identify') </LI> <LI> WMI service has an invalid host setup </LI> <LI> WMI service (SCM configuration) has an invalid registry configuration </LI> <LI> Some WMI components have a DCOM registration issue </LI> <LI> WMI COM ProgID cannot be instantiated </LI> <LI> Some WMI providers have a DCOM registration issue </LI> <LI> Some dynamic WMI classes have a registration issue </LI> <LI> Some WMI providers are registered in WMI but their registration lacks a CLSID </LI> <LI> Some WMI providers have a correct CIM/DCOM registration but the corresponding binary file cannot be found </LI> <LI> A new ACE or Trustee with a denied access has been modified to a default trustee of a DCOM or WMI security descriptor </LI> <LI> An invalid ACE has been found for an actual DCOM or WMI security descriptor </LI> <LI> WMI ADAP never ran on the examined system </LI> <LI> Some WMI non-critical ENUMERATION operations failed\skipped </LI> <LI> Some WMI non-critical EXECQUERY operations failed\skipped </LI> <LI> Some non-critical WMI GET VALUE operations failed </LI> <LI> Some WMI GET VALUE operations were skipped (because of an issue with the WMI provider) </LI> <LI> The WRITE operations in the WMI repository were not completed </LI> <LI> The information collection for the DCOM, WMI and WMIADAPTER event log entries was skipped </LI> <LI> New event log entries for DCOM, WMI and WMIADAPTER were created during the WMI Diagnosis Tool execution </LI> <LI> Some non-critical registry key configurations for DCOM and/or WMI were reported </LI> </UL> <P> <B> 3 = Command Line Parameter errors </B> </P> <P> <B> 4 = User Declined </B> (Clicked the Cancel button when getting a consent prompt) </P> <UL> <LI> WMIDiag is started on an unsupported build or OS version </LI> <LI> WMIDiag has no Administrative privileges </LI> <LI> WMIDiag is started in Wow environment (64-bit systems only) </LI> </UL> <P> When you run the WMI Diagnosis Tool via command line: </P> <P> <B> C:\&gt;CSCRIPT WMIDiag.vbs </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93413iB4231577B5661CEA" /> </P> <P> The generated report “ <I> %TEMP%\WMIDIAG-V2.2_WIN8.1_CLI.RTM.64_MYPC_2015.05.11_15.02.30-REPORT.TXT </I> “ contains two types of figures: </P> <UL> <LI> <B> WARNING </B> - Information that is useful if certain actions are executed </LI> <LI> <B> ERROR </B> - Problems that need to be solved to avoid errors reported by WMI </LI> </UL> <P> <B> WMI DIAG 2.2 FAQ: </B> </P> <P> <A> </A> <A> </A> <B> 1. Where can I get the WMI Diagnosis Tool? </B> <B> </B> </P> <P> The WMI Diagnosis Tool can be downloaded from the Microsoft Download Center at <A href="#" target="_blank"> http://www.microsoft.com/en-us/download/details.aspx?id=7684 </A> . More information about the WMI Diagnosis Tool usage can be found in the document ( <B> WMIDiag.doc </B> ) which comes along with the download. </P> <P> <A> </A> <B> 2. Is the tool supported? </B> <B> </B> </P> <P> There is no official support for WMI Diagnosis Tool. </P> <P> <B> 3. <A> </A> <A> </A> Can the WMI Diagnosis Tool diagnose a remote computer? </B> <B> </B> </P> <P> The WMI Diagnosis Tool is not designed to diagnose remote computers. This is due to the fact that WMI remote access is mainly based on the WMI infrastructure. Because the aim of WMI Diagnosis Tool is to diagnose WMI, the WMI Diagnosis Tool does not use WMI to perform its core operations. That’s why the WMI Diagnosis Tool must be run locally. However, the WMI Diagnosis Tool can be deployed remotely using Group Policy, Systems Management Server (SMS), or Microsoft Operations Manager (MOM) via a Management Pack. With Windows Vista, the WMI Diagnosis Tool can also be remotely executed through WinRM/WinRS, provided you configure and enable these features (WinRM/WinRS are not enabled by default). Microsoft SysInternals tool PSEXEC.EXE on Technet can also be used. </P> <P> <A> </A> <B> 4. Does the WMI Diagnosis Tool fix problems it discovers? </B> <B> </B> </P> <P> No. The WMI Diagnosis Tool executes in read-only mode. Even though the WMI Diagnosis Tool diagnoses the situation and provides procedures to fix problems, at no time does the tool automatically fix a problem. This is by design, because the correct repair procedure depends on the context, the usage, and the list of applications installed on the computer. </P> <P> I hope this new tool will help you identifying potential WMI issues in your environment. Don’t forget to read the support document (WMIDiag.doc) included in the WMIDIAG 2.2 download. </P> <P> -Jeff </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:48:59 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmidiag-2-2-is-here/ba-p/375642 CraigMarcho 2019-03-16T12:48:59Z Multiple per device RDS CALS are issued the same device issue… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/multiple-per-device-rds-cals-are-issued-the-same-device-issue/ba-p/375639 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 08, 2015 </STRONG> <BR /> <P> Hello AskPerf! Ishu Sharma here again from Microsoft Performance team.&nbsp; Today I will be discussing an issue where multiple per device Remote Desktop Services CALS are issued to the same device. <BR /> Before we dive into this topic, I would like to recall the below facts about RDS Per Device Licensing. </P> <P> If an unlicensed client connects to a Remote Desktop Server for the first time, the Remote Desktop Licensing Server issues the client a temporary RDS Client Access License (CAL). After the user has logged into the session, the RDS server instructs the License Server to mark the issued temporary RDS CAL token as being validated. The next time the client connects, an attempt is made to upgrade the validated temporary RDS CAL token to a full RDS CAL token. If no license tokens are available, the temporary RDS CAL token will continue to function for 90 days. <BR /> When a client device receives an RDS Device CAL from an RDS Host, it receives it in the form of a digital certificate from a license server. That certificate is saved in the below location on Licensing server: </P> <P> <STRONG> [HKLM\Software\Microsoft\TermServLicensing\Certificates] <BR /> [HKLM\System\CurrentControlSet\services\TermservLicensing\Parameters\Certificates.000] <BR /> [HKLM\System\CurrentControlSet\services\TermservLicensing\Parameters\Certificates.001] </STRONG> </P> <P> The digital certificate is an actual certificate copied to the client device. Once a client device connects to an RDS Host, an RDS CAL digital certificate is transferred from the license server to the client device. The license server loses one of its licenses from its inventory, and the client device has the digital certificate that it can present to any RDS Host on future connections. </P> <P> Clients store their license under the key: </P> <P> <STRONG> [HKEY_LOCAL_MACHINE\Software\Microsoft\MSLicensing] </STRONG> </P> <P> The MSLicensing key contains two sub-keys used to store both unique client-specific information and any license certificates obtained from license servers. </P> <P> <STRONG> HardwareID </STRONG> <BR /> <STRONG> Store </STRONG> </P> <P> <STRONG> HardwareID </STRONG> stores a Random 20-byte identifier specific to the client machine and is generated automatically by Windows. This ID uniquely identifies the machine to the license server. When a client is allocated an RDS CAL from the license server, this HardwareID is recorded in the licensing database to associate the client with the CAL. This entry is made when clients are allocated both temporary CALs and permanent licenses. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93409iBE28E2DC4F232B5B" /> </P> <P> <STRONG> Store </STRONG> is used to store the terminal services CAL allocated from the license server.&nbsp; Entries are contained in sub key named License00x, where X is a numerical ID beginning with 0.&nbsp; Each License00x entry contains a separate CAL. </P> <P> The License00x entry contains four binary components that comprise a terminal services CAL certificate: </P> <UL> <LI> ClientLicense </LI> <LI> CompanyName </LI> <LI> LicenseScope </LI> <LI> ProductID </LI> </UL> <P> Every time the client device connects to an RDS Host, it presents its RDS CAL certificate to the server. The server checks not only whether the client device has a valid certificate, but also the expiration date of that certificate. If the expiration date of the certificate is within 7 days of the current date, the RDS Host connects to the license server to renew the license for another random period of 52 to 89 days. </P> <P> Ideally each Client device should be issued only one RDS CAL. However, there would be times where License Server Manager will show multiple per device CALS being issues to the same device as shown in the below picture: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93410i6A46C4008A44A45C" /> </P> <P> Now this is intriguing!! Why is the same device consuming multiple RDS CALS? The administrators usually notice this issue when they start running out of per device CALS and when they check the list of issued per device CALS in RDS licensing Manager, they notice that multiple RDS CALS have been issues to the same device. <BR /> To temporarily get around this issue you can revoke licenses but the catch is that you can only revoke 20% of the CALS at one time. This may not help if you have very few CALS left and you see that multiple per device CALS are being allocated to multiple machines. </P> <P> Below are the possible reasons which can cause this issue: </P> <P> 1.&nbsp;&nbsp;&nbsp; If you have built multiple machines using the same image: </P> <BLOCKQUOTE> <P> a)&nbsp;&nbsp;&nbsp; There could be times when you used a syspreped image or Citrix provisioned machines where the HardwareID was defined in the image because of which each device which was built using that image got the same hardware ID. This would result in the below situation: </P> </BLOCKQUOTE> <UL> <UL> <LI> If Client1 has HWID xxxx and logs into the RDS, it will get license 1 </LI> <LI> Then Client 2 which also has HWID xxx logs in and does not have license 1, so it's issued a new license, license 2 </LI> <LI> If Server 1 tries to log in again, the xxx HWID is now associated with license 2, which Client 1 does not have, so Client 1 will get issued a new license, license 3 </LI> <LI> Now the XXX HWID is associated with license 3 </LI> <LI> Every time that HWID logs in, no matter what machine it is, its license will be compared to what's in the database for HWID XXX </LI> <LI> That's where the problem comes in -- machines are constantly getting new licenses, even when they aren't needed. </LI> </UL> </UL> <P> <STRONG> Resolution </STRONG> In order to get around this issue, you need to rectify the image itself and use a syspreped image which does not have MSLicensing Key information of the original machine hardcoded to it </P> <BLOCKQUOTE> <P> b)&nbsp;&nbsp;&nbsp; You Create a Citrix Provisioned machine where all the machines are booted from a pre-defined image and all the changes are lost after reboot. So every time the machine connects it gets a new ClientHWID and this is lost on the next boot. The next time the machine connects to the RDS Host, it gets a new Client HWID and hence a new RDS license is issued. Citrix XenDesktop provisioned machine with different hardware ID which can cause the license server to recognize it as different device and issue duplicate licenses </P> </BLOCKQUOTE> <P> <STRONG> Resolution </STRONG> It is recommended to use Per-User RDS licensing in these scenarios, because the licenses are reverted when the user logs off, hence the number of licenses will not be affected. </P> <P> 2.&nbsp;&nbsp;&nbsp; This could also happen if you have a script in place which deletes MSLicensing Key at shutdown. </P> <P> <STRONG> Resolution </STRONG> Remove the script </P> <P> 3.&nbsp;&nbsp;&nbsp; Different machines using same name. </P> <P> If machines are cloned, sometimes third party cloning tools do not wipe out all the stale information and the cloned clients although with a different hardware it would give the same computer name to the RDS Host. </P> <P> Though the Hardware ID might be different, if two different machines have the same name, looking at the Licensing Manager you might think that the same device is using multiple CALS but it is not. </P> <P> 4.&nbsp;&nbsp;&nbsp; Machine was re-built: </P> <P> For some reason if a machine that got a CAL once is re-built then due the new installation it got a new hardware ID and when connected again to Remote desktop server and hence got another CAL. </P> <P> Assume that a client device successfully authenticates to an RDS Host and is granted a full RDS CAL certificate that was (worst case) randomly selected to expire at the 89 day maximum. When it passes down the certificate, the license server decrements its total RDS CAL license count by one, also noting that particular certificate's expiration date. Now, assume that a catastrophic event occurs at the client, causing its local operating system to be reinstalled and its local RDS CAL certificate to be lost. When that client authenticates to an RDS Host, the RDS will request a new RDS CAL certificate from the license server and the license server (again) decrements its RDS CAL inventory by one. At this point there have been two RDS CAL licenses given out to that one client, but the first one will never be renewed because the certificate was lost when the client was rebuilt. After 89 days (the randomly selected duration of the first certificate), the first RDS CAL is returned to the pool by the license server. </P> <P> <STRONG> Resolution </STRONG> The old CAL will be freed within next 52-89 days after being issued or you can simply revoke the old CAL. </P> <P> 5.&nbsp;&nbsp;&nbsp;&nbsp; Multiple Hardware ID’s in the MSLICENSING Reg key of the client machine: </P> <P> This could happen if the license has been corrupted. If it has already been corrupted, a new hardware ID will be generated automatically for the client during next RDS Host logon and hence you may notice duplicate CALS for that device. </P> <P> <STRONG> Resolution </STRONG> To determine which one you need to delete, go to the server, and open PowerShell “As Administrator” on the RDS License server, and execute the following command: get-wmiobject Win32_TSIssuedLicense | export-csv [outputfile] <BR /> Then in the output file, find out the client who is issued with multiple licenses, then record the hardware ID within the license which is not the most recently issued. <BR /> Then go back to the client, open registry, locate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing\HardwareID and check the ClientHWID which matches the one you just record, delete the HardwareID subkey. </P> <P> <STRONG> DATA collection </STRONG> </P> <P> 1.&nbsp;&nbsp;&nbsp; Look at TerminalServices-Licensing event logs. <BR /> 2.&nbsp;&nbsp;&nbsp; Generate per device RDS Per device Cal report to verify if the issue is because of multiple Hardware ID’s issued to the same machine, or same hardware ID issued to different machines or due to duplicate Machine names with different Hardware IDs. </P> <P> <A href="#" target="_blank"> Script for RDS Per Devices CALs (PowerShell) </A> </P> <P> This shows Keypack ID, License ID, Name of the client device along with Hardware ID and Expiration date of the CAL as shown below. <BR /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93411i70CDB97654641E6D" /> </P> <P> 3. Use the RDS Client License Test tool (TSCTST.EXE) provided with the Windows Server 2003 Resource Kit on the client machine for which you see multiple CALS to display details about the license token residing on a client device. It is a command-line utility that displays the following information by default: </P> <UL> <LI> Issuer </LI> <LI> Scope </LI> <LI> Issued to computer </LI> <LI> Issued to user </LI> <LI> License ID </LI> <LI> Type/Version </LI> <LI> Valid From </LI> <LI> Expires On </LI> </UL> <P> By using the /A switch, the following additional information is displayed: </P> <UL> <LI> Server certificate version </LI> <LI> Licensed product version </LI> <LI> Hardware ID </LI> <LI> Client platform ID </LI> <LI> Company name </LI> </UL> <P> 3. If you are still not able to find the cause, Microsoft professional can help you collect an RDS Licensing ETL trace while reproducing the issue. The etl trace should tell what name / HWID was used to request new licenses. </P> <P> <STRONG> Quick Workarounds </STRONG> </P> <P> 1.&nbsp;&nbsp;&nbsp; If all per device CALS are exhausted and you are working to find the case of multiple RDS CALS being issued to same device, temporarily you can change the licensing mode to per user to allow remote sessions. However, this should not be a practice as it will be a breach of Microsoft Licensing agreement. </P> <P> 2.&nbsp;&nbsp;&nbsp; Regenerate the ClientHWID and Rebuild the License server database ( <A href="#" target="_blank"> KB273566 </A> ) and reinstall the CAL Packs to restore all the CALS. </P> <P> The hardware ID can be regenerated by deleting the below keys manually: </P> <P> <STRONG> Reg Delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing\HardwareID </STRONG> </P> <P> <STRONG> Reg Delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing\Store /f </STRONG> </P> <P> The next time you need to take an Remote session as an admin to regenerate the hardware ID as normal users do not have permissions on this registry key. Or you can use tools (RegenerateHDWID) to regenerate the hardware ID’s on the fly. </P> <P> -Ishu </P> </BODY></HTML> Sat, 16 Mar 2019 12:48:31 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/multiple-per-device-rds-cals-are-issued-the-same-device-issue/ba-p/375639 CraigMarcho 2019-03-16T12:48:31Z 2012 R2 License Server issuing Built-in OverUsed CALs for 2008 R2 Session Host Servers https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/2012-r2-license-server-issuing-built-in-overused-cals-for-2008/ba-p/375635 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 07, 2015 </STRONG> <BR /> <P> Hello AskPerf! My name is Prachi Singh and today I will be talking about a behavior that can occur when users attempt to pull licenses from a 2012 R2 License server via a 2008 R2 Session Host. Under these circumstances, you may see a line item in your 2012 R2 license manager that says “Windows Server 2008 or Windows Server 2008 R2 -Installed TS or RDS Per User CAL”. Under “License Program” you then see “Built-in Overused”. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93405iB58C7C4EA3D4DD9E" /> </P> <P> In the case above, the license server is used to issue RDS CALs to users when they connect to both Windows Server 2008 R2 and Windows Server 2012 R2 Session Host Servers. When a user connects to a Windows Server 2012 R2 Session Host, a Windows Server 2012 "per User" RDS CAL is issued. </P> <P> However, when a user connects to a Windows Server 2008 R2 RDS Server, a Windows Server 2008 R2 "Built-in OverUsed" RDS CAL category appears and shows the value only for the issued RDS CAL. The "Total" and "Available" values remain 0. Additionally, the issued RDS CAL amount is not deducted from the total Windows Server 2012 RDS CALs. </P> <P> <B> What is the "Built-in OverUsed" group and is it ok to have it? </B> </P> <P> The "Built-In Overused" group was also used in earlier operating systems if the licensing mode was being set to Per User but no "per user" CALs were installed on the license server and the users will still connect to the terminal servers. This was an indication for admins that they must install licenses. After the applicable licenses get installed, this group goes away and the number of licenses issued gets synchronized with the installed license group. </P> <P> <B> Why are Windows Server 2008 R2 RDS CALs not deducted from the installed Windows Server 2012 RDS CALs? </B> </P> <P> By default, a license server attempts to provide the most appropriate RDS CAL for a connection. For example, a license server running Windows Server 2008 R2 tries to issue a Windows Server 2008 R2 RDS CAL for clients connecting to an RD Session Host server running Windows Server 2008 R2, and a Windows Server 2003 TS CAL for clients connecting to a terminal server running Windows Server 2003. If the most appropriate RDS CAL is not available, a license server running Windows Server 2008 R2 issues a Windows Server 2008 R2 RDS CAL, if available, to a client connecting to a terminal server running Windows Server 2003 or Windows Server 2000. </P> <P> <B> Why are the "Built-In Overused" RDS CALs “issued” counted but not the “total” and “remaining” too? </B> </P> <P> Starting with Windows Server 2012 R2 license server, when only Windows Server 2012 RDS CALs are installed and a user logs on to a Windows Server 2008 R2 RDS Server, the "Built-in OverUsed" group is displayed and the user gets a 2008 R2 "Built-In Overused" RDS CAL. Here, in this case it is just a reporting mechanism to tell that these number of users have logged in without an appropriate CAL. This is to make admins visible that 2012 licenses were issued for older terminal servers for which no dedicated (in this case the 2008 R2) RDS CALs are installed. </P> <P> Since, this group is displayed separately, the number of licenses will not be deducted directly from the 2012 RDS CAL group. The "Built-In Overused" group will display only the number of licenses issued and no " Remaining" or "total", because in the background the 2008 RDS CALs are not actually installed. The column “Built-in Overused” represents the number of user connections to Windows Server 2008 R2 servers where a Per User license was issued. </P> <P> <B> Do you need to install additional Windows Server 2008 R2 RDS CALs too, or is this a compatibility behavior? </B> </P> <P> Server 2012 RDS requires a Server 2012 RD Licensing server.&nbsp; A 2012 RD Licensing server will serve 2012/2008 R2/2008/2003 servers, so you may consolidate your RDS CALs onto a Server 2012 RD Licensing server if you would like to. </P> <P> RDS CALs are not forward compatible, only backward compatible. Meaning that Windows Server 2012 CALs will work with Server 2008 R2 </P> <P> Windows Server 2012 RDS CALs can be issued to 2003, 2008/R2 terminal server. For more detailed info, you may check below article: </P> <P> <A href="#" target="_blank"> RDS and TS CAL Interoperability Matrix </A> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93406iBBECA8FB809B29CE" /> </P> <P> The above screenshot shows that there are 4 users who are connecting to 2008 R2 Session Host Server and 1 user who connects to 2012 R2. With respect to reporting, the admin has the number of issued RDS CALs (Built-in OverUsed + 2012 RDS CALs) and they should make sure that the total does not exceed the number of installed RDS CALs. </P> <P> The RDS CAL reports will contain information about both (Built-in Overused + 2012 RDS CALs) </P> <TABLE> <TBODY><TR> <TD> <P> </P> <P> RD License Server: </P> <P> </P> </TD> <TD> <P> ******LAB-DC </P> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> Report Date: </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> CAL Version </P> </TD> <TD> <P> CAL Type </P> </TD> <TD> <P> Installed CALs </P> </TD> <TD> <P> CALs in Use </P> </TD> <TD> <P> CAL Availability </P> </TD> </TR> <TR> <TD> <P> Windows Server 2008 or Windows Server 2008 R2 </P> </TD> <TD> <P> TS or RDS Per User CAL </P> </TD> <TD> <P> 0 </P> </TD> <TD> <P> 4 </P> </TD> <TD> <P> None </P> </TD> </TR> <TR> <TD> <P> Windows Server 2012 </P> </TD> <TD> <P> RDS Per User CAL </P> </TD> <TD> <P> 20 </P> </TD> <TD> <P> 1 </P> </TD> <TD> <P> Available </P> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> Successful Per User License Issuance Detail </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> Issued to User </P> </TD> <TD> <P> CAL Version </P> </TD> <TD> <P> CAL Type </P> </TD> <TD> <P> Expires On </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User1 </P> </TD> <TD> <P> Windows Server 2008 or Windows Server 2008 R2 </P> </TD> <TD> <P> TS or RDS Per User CAL </P> </TD> <TD> <P> Sunday, May 10, 2015 8:57:24 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User2 </P> </TD> <TD> <P> Windows Server 2008 or Windows Server 2008 R2 </P> </TD> <TD> <P> TS or RDS Per User CAL </P> </TD> <TD> <P> Sunday, May 10, 2015 9:04:53 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User3 </P> </TD> <TD> <P> Windows Server 2008 or Windows Server 2008 R2 </P> </TD> <TD> <P> TS or RDS Per User CAL </P> </TD> <TD> <P> Monday, May 11, 2015 1:13:27 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User4 </P> </TD> <TD> <P> Windows Server 2008 or Windows Server 2008 R2 </P> </TD> <TD> <P> TS or RDS Per User CAL </P> </TD> <TD> <P> Monday, May 11, 2015 1:14:35 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User6 </P> </TD> <TD> <P> Windows Server 2012 </P> </TD> <TD> <P> RDS Per User CAL </P> </TD> <TD> <P> Thursday, May 14, 2015 1:21:11 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> No Per User License Issuance has failed </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> No Per Device License has been issued </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> </TBODY></TABLE> <P> <B> </B> </P> <P> <B> Are the "Built-In Overused" RDS CALs handled like any other CALs, especially regarding license renewal? </B> </P> <P> Per user "RDS CALs are valid 60 days but can be extended automatically if the user logs on again to the RDS server. If the license it has is within seven days of expiring, then the RD Session Host server attempts to obtain a license for the User at each login. If the server cannot find a license server to renew the license before it expires or no license is available, the license will expire. If the server has the licenses available, it will issue it to the user. This is how a "Built-in OverUsed" per user CALs as well as all other "normal" per user RDS CALs behaves. </P> <P> When a user (which got "Built-In Overused" RDS CAL issued) logs on to a Windows Server 2012 R2 RDS server, the built-in overused CAL gets converted to 2012 RDS CAL. Once converted, the user will continue using 2012 RDS CAL even if he connects to 2008 R2 RDS server ( once "upgraded" the license is no longer "downgraded"). </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93407iE6437069C119980B" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93408i0C2853506ACD88A4" /> </P> <P> The report will look something like this: </P> <P> </P> <TABLE> <TBODY><TR> <TD> <P> CAL Usage Report </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> RD License Server: </P> </TD> <TD> <P> ******LAB-DC </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> Report Date: </P> </TD> <TD> <P> Monday, March 16, 2015 6:17:51 PM </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> CAL Version </P> </TD> <TD> <P> CAL Type </P> </TD> <TD> <P> Installed CALs </P> </TD> <TD> <P> CALs in Use </P> </TD> <TD> <P> CAL Availability </P> </TD> </TR> <TR> <TD> <P> Windows Server 2008 or Windows Server 2008 R2 </P> </TD> <TD> <P> TS or RDS Per User CAL </P> </TD> <TD> <P> 0 </P> </TD> <TD> <P> 0 </P> </TD> <TD> <P> None </P> </TD> </TR> <TR> <TD> <P> Windows Server 2012 </P> </TD> <TD> <P> RDS Per User CAL </P> </TD> <TD> <P> 20 </P> </TD> <TD> <P> 5 </P> </TD> <TD> <P> Available </P> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> Successful Per User License Issuance Detail </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> Issued to User </P> </TD> <TD> <P> CAL Version </P> </TD> <TD> <P> CAL Type </P> </TD> <TD> <P> Expires On </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User6 </P> </TD> <TD> <P> Windows Server 2012 </P> </TD> <TD> <P> RDS Per User CAL </P> </TD> <TD> <P> Thursday, May 14, 2015 1:21:11 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User1 </P> </TD> <TD> <P> Windows Server 2012 </P> </TD> <TD> <P> RDS Per User CAL </P> </TD> <TD> <P> Friday, May 15, 2015 12:27:38 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User4 </P> </TD> <TD> <P> Windows Server 2012 </P> </TD> <TD> <P> RDS Per User CAL </P> </TD> <TD> <P> Friday, May 15, 2015 12:36:11 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User2 </P> </TD> <TD> <P> Windows Server 2012 </P> </TD> <TD> <P> RDS Per User CAL </P> </TD> <TD> <P> Friday, May 15, 2015 12:38:37 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> <P> PerfNation.com\User3 </P> </TD> <TD> <P> Windows Server 2012 </P> </TD> <TD> <P> RDS Per User CAL </P> </TD> <TD> <P> Friday, May 15, 2015 12:40:01 PM </P> </TD> <TD> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> No Per User License Issuance has failed </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> <TR> <TD> <P> No Per Device License has been issued </P> </TD> <TD> </TD> <TD> </TD> <TD> </TD> <TD> </TD> </TR> </TBODY></TABLE> <P> </P> <P> </P> <P> -Prachi </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:47:58 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/2012-r2-license-server-issuing-built-in-overused-cals-for-2008/ba-p/375635 CraigMarcho 2019-03-16T12:47:58Z Migrating User Profile Disks in Remote Desktop Services https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/migrating-user-profile-disks-in-remote-desktop-services/ba-p/375630 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 06, 2015 </STRONG> <BR /> <P> Good morning AskPerf!&nbsp; This is Sree Krishna and Ramesh from Remote Desktop Services Team. Today we will discuss&nbsp;User Profile Disk migrations. </P> <BR /> <P> As you may know, Microsoft released a new feature to manage user profiles in Remote Desktop Services (RDS) deployments called User Profile Disks. User Profile Disks (UPD) store user and application data on a single virtual disk that is dedicated to one user. </P> <BR /> <P> UPD takes advantage of the NTFS attributes to control the permissions of objects. Since every user has their own user profile disk, each disk is created with explicit permissions. In other words when a user profile disk is created, the ACL (Access Control List) is added with the below default permissions: </P> <BR /> <BLOCKQUOTE> <BR /> <P> a) SYSTEM </P> <BR /> <P> b) Administrator </P> <BR /> <P> c) &lt;User account to which the User profile disk belongs &gt; </P> <BR /> </BLOCKQUOTE> <BR /> <P> All other user permissions are removed to avoid the user profile disk being accessed other than the corresponding user. </P> <BR /> <P> <B> Why would this be an issue? </B> </P> <BR /> <P> Let's consider the below scenario: </P> <BR /> <UL> <BR /> <LI> You have the user profile disks created on Drive A:. </LI> <BR /> <LI> For some reason such as (Space constraints/ Server migration / Data migration) you are forced to move your User Profile disks to a different location. </LI> <BR /> </UL> <BR /> <P> This is when you should consider the Windows NT permission architecture. </P> <BR /> <P> <B> Scenario 1 <BR /> </B> </P> <BR /> <P> You plan to migrate the UPD files on within the same Drive (Migrating the files that are one volume to another volume on the same disk) </P> <BR /> <P> If so, then you have nothing to worry about as this not difficult. </P> <BR /> <P> <A> <B> Scenario 2 </B> </A> </P> <BR /> <P> On the Other Hand you Move between different drives. For Example (From a Volume on Drive A to a volume on Drive B:), Windows NT permissions Architecture is not going to favor you here. </P> <BR /> <P> Below are summary highlights between copy and Move among Same/different Volumes. </P> <BR /> <TABLE> <TBODY><TR> <TD> </TD> <TD> <BR /> <P> <B> Same Volume </B> </P> <BR /> </TD> <TD> <BR /> <P> <B> Different Volume </B> </P> <BR /> </TD> </TR> <TR> <TD> <BR /> <P> <B> Copy </B> </P> <BR /> </TD> <TD> <BR /> <P> Security attributes are NOT retained and NOT carried </P> <BR /> </TD> <TD> <BR /> <P> Security attributes are NOT retained and NOT carried </P> <BR /> </TD> </TR> <TR> <TD> <BR /> <P> <B> Move </B> </P> <BR /> </TD> <TD> <BR /> <P> Security attributes are retained and carried </P> <BR /> </TD> <TD> <BR /> <P> Security attributes are NOT retained and NOT carried </P> <BR /> </TD> </TR> </TBODY></TABLE> <BR /> <P> The differences and conditions are neatly outlined in the below articles: </P> <BR /> <P> <A href="#" target="_blank"> How permissions are handled when you copy and move files and folders </A> </P> <BR /> <P> All this being said, when the permissions of a User Profile Disk loses its default permissions (especially in Scenario 2), you will likely end up with problems in your Remote desktop Services environment. </P> <BR /> <P> <B> Symptoms you May notice: <BR /> </B> </P> <BR /> <P> If the User Profile Disk loses permission for its corresponding user, that user will be logged on with a temporary profile. The issue with this is all of the users profile settings will not be available, and, any changes made in that session will be lost. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93403i1052C070DC44B3F3" /> </P> <BR /> <P> Additionally you may see Event ID’s 1511 recorded in the event viewer for every login attempt. </P> <BR /> <P> <B> Mitigation options: </B> </P> <BR /> <P> <A href="#" target="_blank"> HOW TO: Copy a Folder to Another Folder and Retain its Permissions </A> </P> <BR /> <P> </P> <BR /> <UL> <BR /> <LI> To preserve permissions when files and folders are copied or moved, use the Xcopy.exe utility with the /O or the /X switch. The object’s original permissions will be added to inheritable permissions in the new location. </LI> <BR /> <LI> To add an object's original permissions to inheritable permissions when you copy or move an object, use the Xcopy.exe utility with the –O and –X switches. </LI> <BR /> <LI> To preserve existing permissions without adding inheritable permissions from the parent folder, use the utilities such as Robocopy.exe </LI> <BR /> </UL> <BR /> <P> <B> xcopy c:\old c:\new /O /X /E /H /K <BR /> </B> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93404iAFCDC44347105D70" /> <B> </B> </P> <BR /> <P> where <B> old </B> is the source folder and <B> new </B> is the destination folder. <B> <BR /> </B> <B> </B> </P> <BR /> <P> <B> /E </B> - Copies folders and subfolders, including empty ones. <BR /> <B> /H </B> - Copies hidden and system files also. <BR /> <B> /K </B> - Copies attributes. Typically, Xcopy resets read-only attributes. <BR /> <B> /O </B> - Copies file ownership and ACL information. <BR /> <B> /X </B> - Copies file audit settings (implies <B> /O </B> ). </P> <BR /> <P> Hopefully this post makes you aware of issues that can arise from migrating UPD’s. </P> <BR /> <P> <B> Reference: </B> </P> <BR /> <UL> <BR /> <LI> <A href="#" target="_blank"> Easier User Data Management with User Profile Disks in Windows Server 2012 </A> </LI> <BR /> <LI> <A href="#" target="_blank"> Installing and Configuring User Profile Disks (UPD) in Windows Server 2012 </A> </LI> <BR /> </UL> <BR /> <P> -Sree &amp; Ramesh </P> </BODY></HTML> Sat, 16 Mar 2019 12:47:16 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/migrating-user-profile-disks-in-remote-desktop-services/ba-p/375630 CraigMarcho 2019-03-16T12:47:16Z Icons of unpublished/old remote apps appearing on RDWEB Page in Server 2012/2012 R2 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/icons-of-unpublished-old-remote-apps-appearing-on-rdweb-page-in/ba-p/375627 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 05, 2015 </STRONG> <BR /> <P> Hello Askperf! This is Ishu Sharma from Microsoft Performance team. Today I am going to discuss a peculiar issue I came across in a couple of cases involving Server 2012 and 2012 R2. In these case, users were able to see icons for unpublished remote apps on the RDWEB page. </P> <P> The remote apps, which show as actually published in the collection, can be launched. However, when you click on the icons for the apps that are not published you receive an error. Hence it was very clear that these remote apps do not actually exist but their entries are being pulled from somewhere. </P> <P> In one case, I checked and confirmed that those extra remote app icons were not published in the collection. Which means, these remote app icons were being pushed from somewhere else. I used tools like procmon and RDWEB tracing while launching the app to figure out where those unpublished/old remoteapp icons are coming from. However, before doing that I checked the below registry key on the connection broker because every time a collection or remote application is published an entry for the same gets created in the below registry location: </P> <P> <B> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\CollectionName </B> </P> <P> <B> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\CollectionName\Applications </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93402i8151B8C9342E4C14" /> </P> <P> <B> </B> </P> <P> I found that there was a stale entry for an old collection on the connection broker which does not exist anymore and those extra remote app icons were published for the old collection. Hence, deleting the registry entry for the old collection from connection broker resolved the issue. </P> <P> In one of the cases we could also see the same thing in rdweb tracing logs ( <A href="#" target="_blank"> RemoteApps go missing from RDWeb page when any of the RDSH servers are rebooted </A> ) . It shows that icons for remote app were being written to cache from two different collections but one of the collection ( <B> ContosStandard </B> ) actually doesn’t exist anymore. </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Verbose] 7 Wrote icon CSMAGIC- <B> ContosoRemoteApps </B> -CmsRdsh into cache </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Info] 7 :App: MEDITECH WilMed Healthcare added, FileExtension: .rdp </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Verbose] 7 Wrote icon DWRCC-ContosoRemoteApps-CmsRdsh into cache </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Info] 7 :App: Dameware Remote Control added, FileExtension: .rdp </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Verbose] 7 Wrote icon EXCEL-ContosoRemoteApps-CmsRdsh into cache </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Info] 7 :App: Microsoft Excel 2010 added, FileExtension: .rdp </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Info] 7 :App: PreOP Blank added, FileExtension: .rdp </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Verbose] 7 Wrote icon mstsc- <B> ContosoStandard </B> -CmsRdsh into cache </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Info] 7 :App: Remote Desktop Connection added, FileExtension: .rdp </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Verbose] 7 Wrote icon powershell <B> - </B> ContosoStandard-CmsRdsh into cache </P> <P> w3wp.exe Information 0 2014/03/05 13:45:26 [Info] 7 :App: Windows PowerShell added, FileExtension: .rdp </P> <P> You may also come across cases where instead of a stale entry for old collection, you might find a stale entry for just an old remote app which is not supposed to be displayed on RDWEB page. So, in such scenarios you can verify the above registry Keys to check that no extra/stale entries for a non-existent collection or remote app is present. </P> <P> <B> Reference Articles: </B> </P> <UL> <LI> <A href="#" target="_blank"> Removing RDP Sessions Host and Remote Desktop Collection Icons from RDWeb </A> </LI> <LI> <A href="#" target="_blank"> Old Collections Still Showing </A> </LI> </UL> <P> -Ishu </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:46:53 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/icons-of-unpublished-old-remote-apps-appearing-on-rdweb-page-in/ba-p/375627 CraigMarcho 2019-03-16T12:46:53Z Remote Desktop Services (RDS) 2012 session deployment scenarios “Quick Start” https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-services-rds-2012-session-deployment-scenarios/ba-p/375625 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 09, 2015 </STRONG> <BR /> <P> Good morning AskPerf! Jason here to continue our mini-series on RDS Session Deployment. </P> <P> Please see <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2015/04/02/remote-desktop-services-rds-2012-session-host-deployment-scenarios.aspx" target="_blank"> RDS 2012 Session Host deployment scenarios </A> for an overview of the different ways to deploy RDS on Windows 2012 for additional information. </P> <P> When would I use <STRONG> Quick Start </STRONG> ? Typically you would not. It’s similar to a <STRONG> Standard Deployment </STRONG> which is the current best practice, except that it will only deploy the RDS components to a single server. All components (Connection Broker, RDWeb, and RDSH) will be installed with no option to modify. This would be good if setting up a quick POC, or maybe a lab environment, or if you are only going to deploy one server with all the components for example for a small office. If you want to split the components out to different machines, then chose <STRONG> Standard Deployment </STRONG> . </P> <P> <B> DEPLOYING “QUICK START”: </B> </P> <P> 1. On the server that will become the Connection Broker, logon with a domain account that is an administrator and start Server Manager. From <STRONG> Manage </STRONG> menu item, select <STRONG> Add Roles and Features </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93389i0B18A1657779A2EF" /> </P> <P> 2. Select <STRONG> Remote Desktop Services installation </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93390iAD7340C3FD335974" /> </P> <P> 3. Select <STRONG> Quick Start </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93391i45A982BCBAC07FAC" /> </P> <P> 4. Select <STRONG> Session-based desktop deployment </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93392iD31C5992C3D2BECC" /> </P> <P> 5. Add your local server to the <STRONG> Selected </STRONG> list for <STRONG> Specify RD Connection Broker server </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93393iA402A14CD3077EA5" /> </P> <P> 6. On the <STRONG> Confirm Selections </STRONG> dialog, check <STRONG> Restart the destination server automatically if required </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93394iB4010699F73F32F7" /> </P> <P> 7. The RDS session deployment will now begin the install to all the servers and components selected. A progress dialog will be shown and the server will reboot. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93395iA905208748AAEE82" /> </P> <P> 8. After reboot, log in and the progress dialog will be shown again and installation will continue. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93396iB1BA861D8E51948B" /> </P> <P> 9. After installation is complete, in the Server Manager Dashboard, there will be a <STRONG> Remote Desktop Services </STRONG> role listed in the left navigation pane. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93397i4FA2F61CA879F23E" /> </P> <P> 10. Selecting <STRONG> Remote Desktop Services </STRONG> will display the <STRONG> Overview </STRONG> of the new deployment. From this page, the next steps would be to add / specify both the license server and RD Gateway if needed. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93398i8129B92B2EF7D012" /> </P> <P> <B> LICENSING: </B> </P> <P> There are multiple ways to configure licensing in RDS 2012 and this can be confusing. Group Policy always takes precedence and will NOT show in the Connection Broker console if configured, however the settings will show in the <STRONG> RD Licensing Diagnoser </STRONG> console. Do not mix methods of setting licensing. For example, do not set in GPO and also in Server Manager Gui as this may result in errors. A more detailed post about licensing methods will be following this post series. </P> <P> 1. To add a new license server through Gui, simply click on ‘RD Licensing’ node. The <STRONG> Add RD Licensing Servers </STRONG> dialog will be displayed. See next step to add an existing license server. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93399iA7C1201636C6AB3C" /> </P> <P> 2. To add an existing license server, in <STRONG> Deployment Overview </STRONG> , click on <STRONG> TASKS </STRONG> , and select <STRONG> Edit Deployment Properties </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93400i171D614CD27B3E8E" /> </P> <P> 3. In <STRONG> Configure the deployment </STRONG> , select <STRONG> RD Licensing </STRONG> . Best practice is to use <STRONG> Per User </STRONG> mode as it provides better resiliency in case of a license server outage. Enter the license server and select <STRONG> Add </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93401iEA8F4111FC55FD1A" /> </P> <P> Not covered in this post, but is the next step after deployment is to configure the <STRONG> QuickStart </STRONG> Session Collection. Simply right click on <STRONG> QuickStart </STRONG> in <STRONG> Deployment Overview </STRONG> to get started. </P> <P> Congratulations! You now have a new 2012 RDS session deployment. </P> <P> -Jason </P> </BODY></HTML> Sat, 16 Mar 2019 12:46:38 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-services-rds-2012-session-deployment-scenarios/ba-p/375625 CraigMarcho 2019-03-16T12:46:38Z Remote Desktop Services (RDS) 2012 session deployment scenarios "Server Role Deployment" https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-services-rds-2012-session-deployment-scenarios/ba-p/375610 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 08, 2015 </STRONG> <BR /> <P> Hello AskPerf! Jason here again to continue our RDS mini-series. </P> <P> Please see <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2015/04/02/remote-desktop-services-rds-2012-session-host-deployment-scenarios.aspx" target="_blank"> RDS 2012 Session Host deployment scenarios </A> for an overview of the different ways to deploy RDS on Windows 2012 before using this method, as this method is not the normal method of deployment. </P> <P> Ok, so why would I deploy just the <STRONG> Remote Desktop Services Server Role </STRONG> ? There are a couple of scenarios for when deploying just the Server Role service makes sense. This would be for non-typical setups such as using RDS in a workgroup, using RDS on a non RDS server for example on a SQL server to allow more than 2 concurrent sessions. Another scenario would for deploying just the Server Role would be if you are deploying Citrix. Since Citrix has its own management and consoles. When just deploying the Server role, you do NOT get the centralized management, management consoles, or the RemoteApp published application functionality. All of these components are part of Collection and for these reasons, a <STRONG> Standard Deployment </STRONG> is normally recommended. </P> <P> <STRONG> DEPLOYING “REMOTE DESKTOP SERVICES” SERVER ROLE: </STRONG> </P> <P> 1. Start Server Manager, and from the <STRONG> Manage </STRONG> menu dropdown, select <STRONG> Add Roles and Features </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93376i0BC1CDF317A7D0D9" /> </P> <P> 2. Select <STRONG> Role-based or feature-based installation </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93377i345034C4CD2DE39D" /> </P> <P> 3. Select server from <STRONG> Server Pool </STRONG> to install the RDS Role. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93378i441C55DA2F5F874B" /> </P> <P> 4. Select <STRONG> Remote Desktop Services </STRONG> for the Role to install. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93379i630333B938073701" /> </P> <P> 5. Select <STRONG> Next </STRONG> for <STRONG> Features </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93380i094851F76310BA9F" /> </P> <P> 6. Select <STRONG> Next </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93381i0795FDB0BB57B0DD" /> </P> <P> 7. For <STRONG> Role Services </STRONG> select <STRONG> Remote Desktop Session Host </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93382i2272DC7349835E33" /> </P> <P> 8. Upon selection of the <STRONG> Remote Desktop Session Host </STRONG> role, a popup will be displayed to install both <STRONG> Media Foundation </STRONG> and <STRONG> Remote Desktop Licensing Diagnoser Tools </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93383iF3A802D990553FE5" /> </P> <P> 9. Check <STRONG> Restart the destination server automatically if required </STRONG> and <STRONG> Install </STRONG> to start the installation. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93384i935E87A480F58C26" /> </P> <P> 10. If prompted to allow automatic restarts, select <STRONG> Yes </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93385iB854CD2EF2D20BCE" /> </P> <P> 11. At this point installation will start and progress will be shown. After the selected components have been installed, the server will automatically reboot to complete the installation. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93386i3B6B2FDA6480F674" /> </P> <P> 12. After reboot and logon, the <STRONG> Installation Progress </STRONG> will be displayed again with final status of installation. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93387iA0BA3990C3B2852B" /> </P> <P> 13. After closing the <STRONG> Add Roles and Features Wizard </STRONG> you are shown the <STRONG> Remote Desktop Services </STRONG> Role Management snapin. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93388iC03365C8C67E09CE" /> </P> <P> Using this method, we kind of get dropped off in an unfriendly place. Nothing for the <STRONG> Remote Desktop Services Server Role </STRONG> can be viewed or managed from here. As you can see from above, there are no management consoles installed for RDS when selecting just the <STRONG> Server Role </STRONG> and therefore no easy way to directly manage this server. You can select <STRONG> Servers </STRONG> and see the events associated with RDS but that’s about it. </P> <P> As I mentioned previously, this method of install is NOT the preferred method and should only be used for certain specific use cases. Even though there are not any management consoles, most of the PowerShell commands for RDS except for the cmdlets for collections are still available for use if this is the method you choose to use for deploying RDS 2012 sessions. </P> <P> <B> LICENSING: </B> </P> <P> With no console for Licensing, how do I configure? Configuring Licensing in detail is described in another post. To configure for a server with only RDS role and not in a collection, you can either use Group Policy which takes precedence or use PowerShell / WMI. See the following KB for additional information on deploying <STRONG> RDS Role </STRONG> without a Connection Broker. </P> <P> <A href="#" target="_blank"> Guidelines for installing the Remote Desktop Session Host role service on a computer running Windows Server 2012 without the Remote Desktop Connection Broker role service </A> </P> <P> Example way to configure license server in PowerShell from KB if not using Group Policy: </P> <P> 1. Open an elevated Windows PowerShell prompt </P> <P> 2. Type the following command on the PS prompt and press Enter: </P> <OL> <OL> </OL> </OL> <UL> <LI> <B> $obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting </B> </LI> </UL> <P> 3. Run the following command to set the licensing mode. Best Practice is to use Per User for resiliency: </P> <OL> <OL> </OL> </OL> <UL> <LI> <B> Note: </B> Value = 2 for Per device, Value = 4 for Per User </LI> <LI> <B> $obj.ChangeMode(value) </B> </LI> </UL> <P> 4. Run the following command to replace the machine name with License Server: </P> <OL> <OL> </OL> </OL> <UL> <LI> <B> $obj.SetSpecifiedLicenseServerList("LicServer") </B> </LI> </UL> <P> 5. Run the following command to verify the settings that are configured using above mentioned steps: </P> <OL> <OL> </OL> </OL> <UL> <LI> <B> $obj.GetSpecifiedLicenseServerList() </B> </LI> </UL> <P> -Jason </P> </BODY></HTML> Sat, 16 Mar 2019 12:44:39 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-services-rds-2012-session-deployment-scenarios/ba-p/375610 CraigMarcho 2019-03-16T12:44:39Z Remote Desktop Services (RDS) 2012 session deployment scenarios “Standard Deployment” https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-services-rds-2012-session-deployment-scenarios/ba-p/375596 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 07, 2015 </STRONG> <BR /> <P> Hello AskPerf! Jason here again to continue our mini-series. This a part of a complete post series for RDS 2012 session deployment scenarios. </P> <P> Please see <A href="#" target="_blank"> RDS 2012 Session Host deployment scenarios </A> for an overview of the different ways to deploy RDS on Windows 2012 for additional information. </P> <P> For Windows 2012 R2, the most typical scenario and best practice is to do a <STRONG> Standard Deployment </STRONG> . Why? As previously mentioned, it gives you all the consoles for management of your collections. It supports both all in one to multiple servers being deployed to. It allows each role (RDWeb, Connection Broker, RDSH) to be installed on the same or different servers. It has all the features required for RemoteApp, RDWeb, and Connection Broker. Unlike previous versions, all deployment, configuration, and management is performed from the Connection Broker. In summary, if you are deploying RDSH for production to multiple servers, then this your option. </P> <P> <B> For Standard Deployment, all installation, configuration, and management of the RDS session deployment should be done from the Connection Broker. </B> The Connection Broker maintains all of the static configuration and dynamic session information for the collections in a Windows Internal Database (WID) on the local server. HA for connection brokers can be setup as well using remote SQL instance but that is another topic. </P> <P> <B> NOTE: </B> At this time, only two connection brokers are supported in a deployment. More can be added without warning and will function under most scenarios but this is NOT supported. </P> <P> <B> DEPLOYING ‘STANDARD DEPLOYMENT’: </B> </P> <P> 1. On the server that will become the Connection Broker, logon with a domain account that is an administrator. Start Server Manager, and from the <STRONG> Manage </STRONG> menu dropdown, select <STRONG> Add Servers </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93358i9DADA9B4FE0911B3" /> </P> <P> 2. In the <STRONG> Add Servers </STRONG> dialog, select and add all servers that will be in this deployment. This includes all Connection Brokers (up to 2), RDS session host servers, and RDWeb servers. </P> <P> <B> NOTE: </B> At this time, only two connection brokers are supported in a deployment. More can be added without warning and will function under most scenarios but this is NOT supported. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93359i63C1745BDF55FB2B" /> </P> <P> 3. After adding all servers for this deployment, from the 'Manage' menu dropdown, select <STRONG> Add Roles and Features </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93360iD1CEB6F4B79B6BBE" /> </P> <P> 4. Select <STRONG> Remote Desktop Services installation. </STRONG> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93361iA551768F8E093D4E" /> </P> <P> 5. Select <STRONG> Standard deployment </STRONG> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93362iD6A4AAE8CA76D5F0" /> </P> <P> 6. Select <STRONG> Session-based desktop deployment </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93363i1FBD2F5F951A24C2" /> </P> <P> 7. Select <STRONG> Next </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93364iD467772E3AD72229" /> </P> <P> 8. Add your local server to the <STRONG> Selected </STRONG> list for <STRONG> Specify RD Connection Broker server </STRONG> . Note: only one Connection Broker (your local server) can be added at this time. Configuration of a Connection Broker for HA is done after initial installation of first Connection Broker. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93365i8FE2C3D1259C8504" /> </P> <P> 9. Next, select the server that will be used for RDWeb. RDWeb provides access to RemoteApps (published applications) through a web page or via <STRONG> RemoteApps and Desktop Connections </STRONG> applet in Control Panel. Again only one server can be selected at this time. Additional RDWeb servers can be added after initial deployment. You also have the choice to instead install RDWeb on the Connection Broker. The Connection Broker unless in very large environments can be used as the RDWeb server too. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93366iAF56896650348211" /> </P> <P> 10. The last selection is the selection of the RDSH servers. This selection can be used to specify one or more RDSH servers. In this example we will only use one. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93367i02661E911E1CC602" /> </P> <P> 11. On the <STRONG> Confirm Selections </STRONG> dialog, check <STRONG> Restart the destination server automatically if required </STRONG> . The RDSH servers will require a restart, but the Connection Broker and RDWeb servers will not. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93368iF6E66326E2B9764E" /> </P> <P> 12. The RDS session deployment will now begin the install to all the servers and components selected. A progress dialog will be shown. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93369iC622BF0270B3A0C4" /> </P> <P> 13. When the deployment has finished, the <STRONG> View progress </STRONG> dialog will show the final status. Verify all component installations show <STRONG> Succeeded </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93370i318E7CF2C9AE8D7D" /> </P> <P> 14. Now in the Server Manager Dashboard, there will be a <STRONG> Remote Desktop Services </STRONG> role listed in the left navigation pane. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93371i1CA072C84DD1A66E" /> </P> <P> 15. Selecting <STRONG> Remote Desktop Services </STRONG> will display the ‘Overview’ of the new deployment. From this page, the next steps would be to add / specify both the license server(s) and RD Gateway(s). Additional servers for existing roles can be added and collections can be created. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93372iFCC36B9481A89B70" /> </P> <P> <B> LICENSING: </B> </P> <P> There are multiple ways to configure licensing in RDS 2012 and this can be confusing. Group Policy always takes precedence and will NOT show in the Connection Broker console if configured, however the settings will show in the <STRONG> RD Licensing Diagnoser </STRONG> console if installed. Do not mix methods of setting licensing. For example, do not set in GPO and also in Server Manager Gui as this may result in errors. A more detailed post about licensing methods will be following this post series. </P> <P> 1. To add a new license server through Gui, simply click on <STRONG> RD Licensing </STRONG> node. The <STRONG> Add RD Licensing Servers </STRONG> dialog will be displayed. See next step to add an existing license server. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93373i626ABA0613BB1E9C" /> </P> <P> 2. To add an existing license server, in <STRONG> Deployment Overview </STRONG> , click on <STRONG> TASKS </STRONG> , and select <STRONG> Edit Deployment Properties </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93374i00A9BE0A54287B22" /> </P> <P> 3. In <STRONG> Configure the deployment </STRONG> , select <STRONG> RD Licensing </STRONG> . Best practice is to use <STRONG> Per User </STRONG> mode as it provides better resiliency in case of a license server outage. Enter the license server and select <STRONG> Add </STRONG> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93375i16B3F686906FF982" /> </P> <P> Not covered in this post, but is the next step after deployment is to create a Session Collection. Simply right click on <STRONG> RD Session Host </STRONG> in <STRONG> Deployment Overview </STRONG> to get started. </P> <P> Congratulations! You now have a new 2012 RDS session deployment. J </P> <P> -Jason </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:42:40 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-services-rds-2012-session-deployment-scenarios/ba-p/375596 CraigMarcho 2019-03-16T12:42:40Z Server Hung/Becoming Unresponsive https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/server-hung-becoming-unresponsive/ba-p/375577 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 03, 2015 </STRONG> <BR /> <P> A server hang is typically defined as a condition where a machine is non-responsive locally or over the network. <B> </B> </P> <BR /> <P> <STRONG> Hard Hang (Not necessary referring to hardware): </STRONG> </P> <BR /> <UL> <BR /> <LI> The server is not accessible using any remote functionalities - RDP, Citrix, etc… </LI> <BR /> <LI> Remote Console Access such as Drac, iLo, Rsa is possible but the Operating System is not responding to any command for example “Ctrl+Alt+Del”. </LI> <BR /> <LI> If the server is a Virtual Machine, the Hypervisor console doesn’t respond to CAD or the Hypervisor performance monitoring tools are not showing activity. </LI> <BR /> <LI> A test ping to the server will fail and we cannot access Administrative shares (\\ServerName\c$). </LI> <BR /> </UL> <BR /> <P> <STRONG> Soft Hang: </STRONG> </P> <BR /> <UL> <BR /> <LI> The server is not accessible using any remote functionalities - RDP, Citrix, etc... </LI> <BR /> <LI> You are able to send “Ctrl+Alt+Del” command into the console access but the Credentials Box/Winlogon GINA never comes up or is slowly coming up. </LI> <BR /> <LI> The Ping Test response are fine, dropping, high network latency is observed. </LI> <BR /> <LI> Accessing an administrative Share is not working/working /slow (\\ServerName\c$). </LI> <BR /> </UL> <BR /> <P> Reference: <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2010/01/15/prf-server-hang-pre-windows-server-2008.aspx" target="_blank"> PRF: Server Hang (Pre-Windows Server 2008+) </A> </P> <BR /> <P> If you are currently experiencing a hang and are considering opening a support incident with Microsoft, please prepare for the following: Troubleshooting Server hangs, memory leaks or resource depletions can be a very difficult and time consuming process of involving multiple attempts to collect the <B> RIGHT </B> data. Ensuring that you have collected the data and that the data is valid before engaging support will greatly reduce the time spent by both you and the support engineer when it comes to identifying the source of the issue. </P> <BR /> <UL> <BR /> <LI> If the machine is in state, we will ask you to configure data collection based on the steps provided in this blog </LI> <BR /> <LI> If the machine is not instate but you anticipate an occurrence. We will again ask you to configure data collection based on the steps in this blog </LI> <BR /> <LI> Once you complete the data collection steps defined in this blog and have a dump file you would like Microsoft Support to review, please verify the data based on the validation steps listed in this blog. </LI> <BR /> </UL> <BR /> <P> <STRONG> Note: </STRONG> Server hang, memory leaks or resource depletions are often times related to 3 <SUP> rd </SUP> party products. Support is able to, in some cases identify the third party but is unable to provide a resolution other than uninstalling the product or contacting the vendor. If you suspect that your issue might be related to a third party product, it is highly recommend that you contact them to ensure there are no known issues, that you have the latest updates and ensure availability for collaboration with Microsoft should the issue be identified with the product. </P> <BR /> <P> <B> You must restart the system after any change in the registry or the Pagefile except for VMware Snapshots of Suspend State. </B> <B> </B> </P> <BR /> <P> <B> 1. </B> <B> Pre-requisites for Memory Dump </B> </P> <BR /> <P> Applies to Physical machines and Virtual Machines. </P> <BR /> <P> <B> A- </B> <B> NMI or Keyboard Key Combination </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> The Non Makeable Interruption is not enabled by default on a Windows Operating System, create the following registry entry to enable it. <B> </B> </P> <BR /> <P> Location - <STRONG> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl </STRONG> <BR /> Name – <STRONG> NMICrashDump </STRONG> <BR /> Type – <STRONG> REG_DWORD </STRONG> <BR /> Value – <STRONG> 1 </STRONG> </P> <BR /> <P> <STRONG> KeyBoard PS/2 <BR /> </STRONG> Location - <STRONG> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i8042prt\Parameters <BR /> </STRONG> Name – <STRONG> CrashOnCtrlScroll </STRONG> <BR /> Type - <STRONG> REG_DWORD <BR /> </STRONG> Value – <STRONG> 1 </STRONG> </P> <BR /> <P> <STRONG> USB Keyboard <BR /> </STRONG> Location - <STRONG> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ kbdhid\Parameters <BR /> </STRONG> Name – <STRONG> CrashOnCtrlScroll </STRONG> <BR /> Type - <STRONG> REG_DWORD </STRONG> <BR /> Value – <STRONG> 1 </STRONG> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Note </B> : We recommend setting the 2 last Registry Entries in case you choose the Keyboard initiated crash as the Host may not recognize USB or PS/2. </P> <BR /> <P> <B> B- </B> <B> Type of Dump </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> The Full memory dump option is not available on Windows Operating System Prior Windows 8/2012. In any Windows Operating System (including Windows 8/2012-8.1/2012R2), you can select the Full Memory dump option by modifying the following registry key. If there isn’t enough space on Local Drives then you may set the value to 2 (Kernel Memory Dump), however the user mode portion (Application) side will not be captured: </P> <BR /> <P> Location - <STRONG> HKLM\SYSTEM\CurrentControlSet\Control\CrashControl </STRONG> <BR /> Name – <STRONG> CrashDumpEnabled </STRONG> <BR /> Value – <STRONG> 1 </STRONG> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <STRONG> Note: </STRONG> On Windows 8/2012 and above you can change the option using the User Interface (See Point 1-C) </P> <BR /> <P> <B> C- </B> <B> Pagefile </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> The Pagefile should the size of the Physical RAM+100MB. If the Pagefile is setup equal to the amount of RAM there is a good chance the dump file gets corrupt. </P> <BR /> <P> Setup the PageFile by going to <STRONG> Control Panel &gt; System and Security &gt; System </STRONG> . Click <STRONG> Advanced system settings </STRONG> . &gt; Click on <B> Settings </B> under Performance &gt; Click <B> Advanced </B> &gt; <B> Change </B> . Select the Drive where you want the SwapFile/Pagefile to be hosted on, then, Select <B> Custom Size </B> . Once the size is correctly setup press the <B> Set </B> Button. Click <B> OK </B> and quit/exit the settings. <B> </B> </P> <BR /> <P> Example Bellow: Pagefile is set on E Drive with <B> 196608 </B> MB (192 GB) as an initial Size and <B> 196708 </B> Mb as a maximal size. </P> <BR /> </BLOCKQUOTE> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93354i01F39CDB605B7A5D" /> </P> <BR /> <P> In case there isn’t enough space on the C drive to host both the Pagefile and the Memory dump (2 times the size of RAM per total), you may want to change the memory dump location. To setup a different memory dump location use the Interface or the registry: </P> <BR /> <BLOCKQUOTE> <BR /> <P> <B> User Interface: </B> </P> <BR /> <P> To change these settings, go to <STRONG> Control Panel &gt; System and Security &gt; System </STRONG> . Click <STRONG> Advanced system settings </STRONG> . Under <STRONG> Startup and Recovery </STRONG> , click <STRONG> Settings </STRONG> . </P> <BR /> </BLOCKQUOTE> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93355iC97C6A4C5D82D81A" /> </P> <BR /> <BLOCKQUOTE> <BR /> <P> <B> Registry: </B> </P> <BR /> <P> Location - <STRONG> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl </STRONG> <BR /> Name – <STRONG> DumpFile <BR /> </STRONG> Value – <STRONG> Change %SystemRoot% to a local Drive letter </STRONG> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Important: In case the issue occur on a Physical Server, make sure the Automated System Recovery feature (if Applicable) is disabled in the BIOS. The recovery mechanism can restart the Server prematurely while the System is paging all the memory in the swapfile during the Crash/Bugcheck. </B> </P> <BR /> <P> <B> 2. </B> <B> How to trigger the dump collection. </B> </P> <BR /> <P> <B> NMI Method </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> Remote Console Access such as Drac, iLo, Rsa, etc… allow the interruption using the Console Access through an Option often time under ‘Diagnostics’. If the Button is not available you may also have a Physical Button on the Hardware. </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Keyboard (Ctrl+ScrLk) Method </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> The keyboard crash can be initiated by using the following hotkey sequence: Hold down the rightmost CTRL key, and press the SCROLL LOCK key twice. </P> <BR /> <P> <A href="#" target="_blank"> Forcing a System Crash from the Keyboard </A> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Virtual Machines on Hyper-V 2012 R2 Only </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> You can generate an NMI call using PowerShell directly on the host: <B> </B> </P> <BR /> <P> PS C:\Windows\system32&gt; <STRONG> Debug-VM -Name "VM Name" -InjectNonMaskableInterrupt -ComputerName Hostname </STRONG> <B> </B> </P> <BR /> <P> <A href="#" target="_blank"> Get a kernel dump of a 2012 R2 Hyper-V server with Powershell </A> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Virtual Machines (Vmware) </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> Vmware snapshot or suspend states files are a copy of the Physical memory and are convertible into a Full Memory dump. If any issue is encountered while creating the snapshot or suspend state, then try the Steps above or contact Vmware support. </P> <BR /> <P> ‘Vmss2core_win.exe’ tool will convert .vmsn/.vmss file extensions to memory dump: <A href="#" target="_blank"> https://labs.vmware.com/flings/vmss2core </A> </P> <BR /> <P> For VMs OS until Windows7/2008R2 use: vmss2core_win –W snapshot.vmsn/Suspend.vmss </P> <BR /> <P> For VMs OS Windows8/2012 and above use: Vmss2core_win –W8 snapshot.vmsn/Suspend.vmss </P> <BR /> <P> <B> Note </B> : copy the ‘Vmss2core’ tool on a Windows Operating System OS along with the Snapshot/Suspend state file. </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> 3. </B> <B> Data Check/Sanity Check. </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> <B> A- </B> <B> Checking the memory.dmp output file </B> </P> <BR /> <P> Once the memory dump is generated, there is a chance the dump may be corrupted after reboot. In order to check if the dump is readable, a tool called ‘Dumpchk’ is available for download. This application will verify the data is readable. You can download Dumpchk from the <B> Debugging tools for Windows </B> from the <B> Windows SDK </B> : </P> <BR /> <P> <A href="#" target="_blank"> Windows Software Development Kit (SDK) for Windows 8.1 </A> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93356i9BF907714716073E" /> </P> <BR /> <BLOCKQUOTE> <BR /> <P> Usage: </P> <BR /> <P> From an elevated Command prompt, change directory to the dumpchk folder location and run ‘Dumpcheck [Path to Dump]’ </P> <BR /> </BLOCKQUOTE> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93357i64D2910D3A30A8FD" /> </P> <BR /> <P> <B> B- </B> <B> Data review and Analysis </B> </P> <BR /> <UL> <BR /> <LI> <B> Option 1 </B> </LI> <BR /> </UL> <BR /> <BLOCKQUOTE> <BR /> <P> Compress the memory dump using either the Windows built-in Compression tool (Right Click &gt; Send to &gt; Compressed (Zipped) Folder) or any third party compression solution. If the File size after compression is lower than 8 GB then you can obtain a preliminary analysis using our Free Memory Dump Diagnostic Website: </P> <BR /> <P> <A href="#" target="_blank"> Diagnostic Packages </A> </P> <BR /> <P> Please note the report analysis is automated and may not be accurate. If you are not satisfied with the report then a support case will need to be opened. </P> <BR /> </BLOCKQUOTE> <BR /> <UL> <BR /> <LI> <B> Option 2 </B> </LI> <BR /> </UL> <BR /> <BLOCKQUOTE> <BR /> <P> Reviewing the dump using the Windows Debugger included in the “Debugging Tools for Windows” (SDK): </P> <BR /> <P> <A href="#" target="_blank"> Windows Software Development Kit (SDK) for Windows 8.1 </A> </P> <BR /> <P> Open the Debugger, go to <B> File </B> &gt; <B> Symbols File Path </B> , input the path to the Symbol server and a local folder to save the symbols (Example Bellow). </P> <BR /> <P> <I> SRV*your local symbol folder*<A href="#" target="_blank">http://msdl.microsoft.com/download/symbols</A> </I> </P> <BR /> <P> Where <I> your local symbol folder </I> is any drive or share that is used as a symbol destination. </P> <BR /> <P> Source: <A href="#" target="_blank"> Use the Microsoft Symbol Server to obtain debug symbol files </A> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> <B> Important: The option 2 requires medium to advanced debugging skills. </B> </P> <BR /> </BLOCKQUOTE> </BODY></HTML> Sat, 16 Mar 2019 12:39:57 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/server-hung-becoming-unresponsive/ba-p/375577 CraigMarcho 2019-03-16T12:39:57Z Remote Desktop Services (RDS) 2012 Session Host deployment scenarios https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-services-rds-2012-session-host-deployment/ba-p/375572 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 02, 2015 </STRONG> <BR /> Hello AskPerf!&nbsp; Jason here from the Windows Reliability team.&nbsp; As more customers migrate from Remote Desktop Services (Session Host)&nbsp; on Windows 2008 R2 to Windows 2012 R2, we occasionally get calls requesting assistance with either migrating to, or deploying a new 2012 R2 RDS environment.&nbsp; Versions prior to 2008 R2 installing the RDS Server role was fairly straight forward.&nbsp; Windows 2008 R2 changed this method with the addition of a Connection Broker though if not using RemoteApp or VDI, the Connection Broker was not needed.&nbsp; Even when using a Connection Broker, to deploy the RDS Hosts in a collection, you would install the RDS role on each RDS server.&nbsp; All the familiar consoles are there.&nbsp; Publishing of Applications in the application were still done on each server. <BR /> <BR /> This is the first post in a multipart series to help Admins quickly determine which method to use for deploying RDS in 2012 R2. <BR /> <BR /> So, what changed?&nbsp; Well, a lot, and for the good.&nbsp; Comparing 2008 R2 to 2012 R2 RDS components, the biggest change is the Connection Broker and the role that it plays.&nbsp; Prior to 2012, the concept of collections did not really exist.&nbsp; With the release of 2012, the Connection Broker database now includes all of the management data as well as connection data.&nbsp; This made configuration of any sizable farm in 2008 R2 more tedious.&nbsp; To publish apps you went to each RDS Host and published.&nbsp; It was made a little easier by being able to export and import, but still was not as manageable as it could be.&nbsp; Configuring certs for the different components and setting up RDS Gateway was definitely more complicated.&nbsp; To me Server 2012 R2 is as it should be, centralized configuration and management.&nbsp; Deploying a collection is very easy once you figure out not to deploy as an RDS role except for certain scenarios. Missing and different consoles, and not having consoles at all on the RDS Hosts is a big change from 2008. <BR /> <BR /> Where did my Consoles go?!?&nbsp; Good question!&nbsp; I’ve heard the following statement more than once - “I deployed RDS role as I have always done.”&nbsp; Along with changes to the Connection Broker, the consoles and their locations have changed as well.&nbsp; The Connection Broker in Server Manager has all of the consoles now except for RDS Gateway and RDS Licensing which are still separate.&nbsp; Deploying just the RDS role will actually not install any console at all except for the <STRONG> RD Licensing Diagnoser </STRONG> . <BR /> <BR /> Windows 2012 R2 has 3 deployment methods, or 4 counting PowerShell, which are actually pretty easy - see links section below. <STRONG> Hint </STRONG> , if you are wanting the short answer then do a <STRONG> Standard Deployment </STRONG> and get your consoles back.&nbsp; Do EVERYTHING from the Connection Broker.&nbsp; Add all servers being deployed to the Connection Broker <STRONG> All Servers </STRONG> First.&nbsp; There are multiple ways to configure licensing in RDS 2012 and this can be confusing.&nbsp; Group policy always takes precedence and will NOT show in the Connection Broker console if configured.&nbsp; Do not mix methods of setting licensing.&nbsp; For example, do not set in Group Policy and also in Server Manager GUI, as this may result in errors.&nbsp; A more detailed post about licensing methods will be following this post series. <BR /> <BR /> For Windows 2012 R2, the most typical scenario and best practice is to do a <STRONG> Standard Deployment </STRONG> .&nbsp; Why? Well as previously mentioned, it gives you all the consoles for management of your collections.&nbsp; It supports both all in one to multiple servers being deployed to.&nbsp; It allows each role (RDWeb, Connection Broker, RDSH) to be installed on the same or different servers.&nbsp; It has all the features required for RemoteApp, RDWeb, and Connection Broker.&nbsp; Unlike previous versions, all deployment and management is performed from the Connection Broker.&nbsp; In summary, if you are deploying RDSH for production to multiple servers, then this your option. <BR /> <BR /> So, when would I use <STRONG> Quick Start </STRONG> ?&nbsp; Typically you wouldn’t.&nbsp; It’s similar to a <STRONG> Standard Deployment </STRONG> which is the current best practice, except that it will only deploy the RDS components to a single server.&nbsp; All components (Connection Broker, RDWeb, and RDSH) will be installed with no option to modify.&nbsp; This would be good if setting up a quick POC, or maybe a lab environment, or if you are only going to deploy one server with all the components; for example, a small office.&nbsp; If you want to split the components out to different machines, then chose <STRONG> Standard Deployment </STRONG> . <BR /> <BR /> Ok, so why would I deploy just the <STRONG> Server Role </STRONG> ?&nbsp; There are a couple of scenarios for where deploying just the Server Role service makes sense.&nbsp; This would be for non-typical setups such as using RDS in a workgroup, using RDS on a non RDS server, for example, on a SQL server to allow more than 2 concurrent sessions.&nbsp; Another scenario would for deploying just the Server Role would be if you are deploying Citrix since it has its own management and consoles.&nbsp; When just deploying the Server Role, you do not get the centralized management, management consoles, and the RemoteApp published application functionality. <BR /> <BR /> Hopefully this clears up some of the confusion around deciding which way to deploy RDS in 2012R2.&nbsp; Check the following links for more detailed information on the different installation methods. <BR /> <BR /> <A href="#" target="_blank"> RDS 2012 session deployment scenarios Standard Deployment </A> <BR /> <A href="#" target="_blank"> RDS 2012 session deployment scenarios Server Role Deployment </A> <BR /> <A href="#" target="_blank"> RDS 2012 session deployment scenarios Quick Start </A> <BR /> RDS 2012 session deployment Licensing Methods (coming soon) <BR /> <BR /> REFERENCE: <BR /> <A href="#" target="_blank"> RDS Step by Steps to install RDS Session Deployment using Powershell.docx </A> <BR /> <BR /> <P> -Jason </P> </BODY></HTML> Sat, 16 Mar 2019 12:39:15 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/remote-desktop-services-rds-2012-session-host-deployment/ba-p/375572 CraigMarcho 2019-03-16T12:39:15Z DST Reminder for this weekend… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/dst-reminder-for-this-weekend-8230/ba-p/375571 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Mar 04, 2015 </STRONG> <BR /> <P> Hello Folks!&nbsp; This mornings post is a friendly reminder that DST (Spring forward) is kicking in this weekend (March 8th at 2:00AM – US).&nbsp; Hopefully by now you are prepared and have the latest DST cumulative patch installed: </P> <P> <A href="#" target="_blank"> December 2014 cumulative time zone update for Windows operating systems </A> </P> <P> This particular update includes changes for Russia time zones, Fiji Standard time, and Cape Verde Standard time.&nbsp; Per the More information section, “This is a cumulative update rollup that includes all previous Windows time zone changes.” </P> <P> <STRONG> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93353iB4E746A94701AD28" /> </STRONG> </P> <P> <STRONG> Additional Resources </STRONG> </P> <UL> <LI> <A href="#" target="_blank"> Daylight Saving Time Help and Support Center </A> </LI> <LI> <A href="#" target="_blank"> Microsoft Daylight Saving Time &amp; Time blog </A> </LI> <LI> <A href="#" target="_blank"> Daylight saving time – Wikipedia </A> </LI> </UL> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:39:08 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/dst-reminder-for-this-weekend-8230/ba-p/375571 CraigMarcho 2019-03-16T12:39:08Z Step by Step instructions for installing RDS Session Deployment using PowerShell in Windows Server 2012 R2 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/step-by-step-instructions-for-installing-rds-session-deployment/ba-p/375569 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Mar 04, 2015 </STRONG> <BR /> <P> Hello AskPerf Readers! Dhiraj here from the Windows Performance team to talk about deploying RDS using Windows PowerShell on Windows Server 2012 R2. </P> <P> As you know, PowerShell has been around for quite a few years now (November 2006 to be exact). Over the past 8 years, we have seen PowerShell become an integral part of Windows. One such example is deploying RDS within your environment. In this blog, we are going to walk you through setting this up. With that, let’s get rolling! </P> <P> Before we begin though, we need to import the RDS module using the <STRONG> Import-Module </STRONG> cmdlet: </P> <P> Import-Module RemoteDesktop </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93318iC7F8BAC73E959123" /> </P> <P> We will use the <STRONG> New-SessionDeployment </STRONG> cmdlet to begin with the installation. Below is the syntax for this cmdlet: </P> <P> New-SessionDeployment [-ConnectionBroker] &lt;string&gt; [-WebAccessServer] &lt;string&gt; [-SessionHost] &lt;string[]&gt; </P> <P> <STRONG> Note </STRONG> If you are installing the Session Host on the Connection Broker, then you need to run this cmdlet on a remote server, as running it on the connection Broker will give you the following error: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93319i9FF2133492846117" /> </P> <P> The Session Host role needs a reboot after the install, and we received the above error as PowerShell cannot resume the deployment after a reboot. However, this will work in the GUI if you do the same process. </P> <P> In this deployment, we will use 3 servers for the deployment: </P> <UL> <LI> RDCBWA.spike.com – RD Connection Broker, RD Web Access, and RD Session Host </LI> <LI> RDSH01.spike.com – Second RD Session Host </LI> <LI> DC01.spike.com – RD license server </LI> </UL> <P> We will need to add RDSH01 and DC01 to All Servers pool on RDCBWA before we start the deployment. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93320iE46CD45E6BB33384" /> </P> <P> Now we run the below cmdlet on RDSH01 to install RD Connection Broker, RD Web Access and RD Session Host on RDCBWA: </P> <P> New-SessionDeployment –ConnectionBroker RDCBWA.spike.com –WebAccessServer RDCBWA.spike.com –SessionHost RDCBWA.spike.com </P> <P> During the install, we’ll see the following progress meters: </P> <P> 1. Validation begins: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93321iB96A1F67D78D5052" /> </P> <P> 2. Deployment begins: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93322i149A26F80F252A4D" /> </P> <P> 3. Connection Broker is installed: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93323iEB3965CA6F44D398" /> </P> <P> 4. RD Web Access role is installed: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93324i459787B0756CAD95" /> </P> <P> 5. RD Session Host role is installed: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93325i621AF7DD013A57AC" /> </P> <P> 6. After all roles are installed, the RDCBWA.spike.com server is restarted: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93326i32CB6FB528F3A447" /> </P> <P> Once the PowerShell setup finishes, we now go to RDCBWA.spike.com and verify the installation. As you can see from the screenshot below, everything except the RD Gateway and Licensing server have been installed. We will now add another session host and a Licensing server. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93327iDD2E79F5F3EB55E6" /> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93328iA4A16169E6C42F46" /> </P> <P> First, let’s add the second RD Session Host server to our deployment. We will use the <STRONG> Add-RDServer </STRONG> cmdlet and run it on the Connection Broker this time. </P> <P> Add-RDServer -Server RDSH01.spike.com -Role RDS-RD-SERVER -ConnectionBroker RDCBWA.spike.com </P> <P> When you run the above command, you will see the following progress: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93329iDFBCF678B95FC1FD" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93330iF53933232847D11B" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93331i0AC717259FDFD056" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93332i003A8A79C7488262" /> </P> <P> RDSH01.spike.com is now rebooted: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93333i172D750E3EC8CAB9" /> </P> <P> We can now verify the addition of the second Session Host server in Server Manager: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93334i6FA80BD1B385D3C2" /> </P> <P> We are now ready to add our Before proceeding, let’s configure RD Licensing server.for our deployment. To install RD licensing role, we use the below cmdlet: </P> <P> Add-RDServer -Server DC01.spike.com -Role RDS-LICENSING -ConnectionBroker RDCBWA.spike.com </P> <P> You will now see the below progress messages: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93335i1974A92C3F680A6E" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93336i32192A093078795E" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93337iC698B5A9E2EE7062" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93338iA4540E1BAF564005" /> </P> <P> We now need to activate our License server and install CALs via the Licensing Manager GUI on the License server. I have activated the License Server and installed PerUser CALs. </P> <P> Let’s configure our deployment for licensing. We use the below cmdlet for this: </P> <P> Set-RDLicenseConfiguration -LicenseServer DC01.spike.com -Mode PerUser -ConnectionBroker RDCBWA.spike.com </P> <P> Running the above cmdlet requires confirmation: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93339i2CD6C06C72FB1968" /> </P> <P> Select yes and continue. </P> <P> When finished, it will return to the next line: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93340i9BBC1C286C0AF9C3" /> </P> <P> To confirm that licensing is configured, run the following cmdlet: </P> <P> Get-RDLicenseConfiguration </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93341i12FB522EAB8E94B2" /> </P> <P> We can now confirm everything in Server manager: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93342i071EFC4CE0366232" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93343iAA884A3F06DB0DE9" /> </P> <P> We are halfway done here and have completed the installation of our roles. We now need to configure RDS to make Desktop Sessions and RemoteApps available to users. </P> <P> This takes us to the next step: creating a new collection using PowerShell. </P> <P> We will create two collections here consisting each of the RDSH servers, with one for Desktop Sessions and the other for RemoteApps. </P> <P> To create a new collection, we use the below cmdlet: </P> <P> New-RDSessionCollection –CollectionName SessionCollection –SessionHost RDCBWA.spike.com –CollectionDescription “This Collection is for Desktop Sessions” –ConnectionBroker RDCBWA.spike.com </P> <P> This also shows a progress bar and summary when it finishes: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93344i057C4A3E3B10DB46" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93345iA574B5F9DDA90528" /> </P> <P> We can verify this set up in Server Manager. As this collection is for Desktop Sessions, nothing else needs to be done. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93346i72829133AB7F1824" /> </P> <P> Let’s go ahead with creating the second collection for RemoteApps: </P> <P> New-RDSessionCollection –CollectionName RemoteAppCollection –SessionHost RDCBWA.spike.com –CollectionDescription “This Collection is for RemoteApps” –ConnectionBroker RDCBWA.spike.com </P> <P> When it completes, we see the summary and collection in Server Manager: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93347i9153DF1E36F87F1B" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93348i1E712BEB236C91FE" /> </P> <P> As we will use this collection for publishing RemoteApps, Let’s go ahead with adding RemoteApp’s to it: </P> <P> New-RDRemoteapp -Alias Wordpad -DisplayName WordPad -FilePath "C:\Program Files\Windows NT\Accessories\wordpad.exe" -ShowInWebAccess 1 -CollectionName "RemoteAppCollection" -ConnectionBroker RDCBWA.spike.com </P> <P> Summary progress below: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93349iACAD7E01ADF674A6" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93350i29E55ACE5B62B58C" /> </P> <P> Server Manager shows the RemoteApp added: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93351i1490F1AA96313798" /> </P> <P> And with that, you are done! Users can now access the Desktop Session and Remote App Collections. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93352i020BFCAD51182622" /> </P> <P> Windows Server 2012 R2 comes with enormous amount of PowerShell cmdlets. In this article we’ve only seen a few of them. We may dive deeper into the power of PowerShell for managing RDS for Server 2012 R2 in future posts. </P> <P> If you are interested in setting up a VDI deployment using PowerShell, please check the link below: </P> <P> <A href="#" target="_blank"> Setting up a new Remote Desktop Services deployment using Windows PowerShell </A> </P> <P> -Dhiraj </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:38:53 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/step-by-step-instructions-for-installing-rds-session-deployment/ba-p/375569 CraigMarcho 2019-03-16T12:38:53Z Highly Available RDS 2008 R2 License Servers https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/highly-available-rds-2008-r2-license-servers/ba-p/375532 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Feb 23, 2015 </STRONG> <BR /> <P> Hello AskPerf! My name is Matt Graham and today I want to address some questions surrounding the setup of highly available licensing servers. Anyone setting up a RDS infrastructure wants to ensure that it will keep working if a license server goes down. In Termial Services (2003) the recommended way of setting up highly available license servers was as follows: </P> <OL> <LI> Deploy two activated license servers </LI> <LI> Either place all active licenses on single server or split between two servers. Typically you would install all licenses on a single license server in the case of a user-mode license scenario. </LI> <LI> Ensure that both license servers are discoverable </LI> </OL> <P> In the scenario where you place all licenses on a single license server, when that license server goes down, the secondary server will hand out temporary licenses until you are able to build another license server or install licenses on the secondary server. This, however could be complicated depending how you have your session hosts discover your license servers. </P> <P> <B> Server 2008 R2 </B> </P> <P> Server 2008 R2 is similar, but there are some features that work differently. For example, the Auto Discovery feature that helped TS servers find the license server is no longer available in 2008 R2 ( <A href="#" target="_blank"> https://technet.microsoft.com/en-us/library/cc731605.aspx </A> ). By design, you tell your session hosts how to find your license server via RD Licensing Manager, GPO, or the registry ( <A href="#" target="_blank"> https://technet.microsoft.com/en-us/library/cc770585.aspx </A> ). </P> <P> It's important to keep in mind that the session host checks to see if a license is even needed before making a request to the license server for a CAL. So in most cases, even if your license server fails, most clients should still be able to connect to your session hosts. A new license will not be requested unless a new client tries to connect or a license has expired on a specific client. What that means is that in most environments, the failure of a license server does not mean that all of your clients that try to connect will be unable to connect. </P> <P> With that in mind, some people will still want to setup a backup license server in case their main license server fails. </P> <P> <B> Configuration for Multiple License Servers (Per User Licensing) </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93316i6EE73822CBAF8EF6" /> </P> <P> As before, you setup two license servers. In most cases, you would install some of your CAL's on one license server and install the rest of them on another license server. You then configure half of your session hosts to point first to license server 1 and secondarily to license server 2. The other half of your session hosts should point to license server 2 as the primary license server and to license server 1 as the secondary server. </P> <P> In this scenario, RDSH01 will first try to pull licenses from RDSL01. If it doesn't have licenses, it will pull from RDSH02. Likewise, RDSH01 will first try to get licenses from RDSL02 and if there aren't any available licenses, it will pull licenses from RDSL01. So you should be able to utilize all of your licenses even though different session hosts are pointed to different primary license servers. </P> <P> NOTE: You will need take into consideration how many users / computers will be connecting to which session hosts. For example, if RDSH02 is going to have twice as many users connecting to it, you will want to install more CAL's on RDSL02 as it is serving as the primary licensing server for that session host. </P> <P> <B> Configuring Session Hosts to Point to License Servers </B> </P> <P> If you configure your session hosts through GPO, you go to the following: </P> <P> <B> <I> Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Licensing </I> </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93317i887C9E46620F3F92" /> </P> <P> In this case, the session host will first look to RDSL01 for licenses and if it can't find a license it will look to RDSL02 for a license. You can also set this via the session host configuration manager. This can be done in the following way. </P> <OL> <LI> On the RD Session Host server, open Remote Desktop Session Host Configuration. To open Remote Desktop Session Host Configuration, click <B> Start </B> , point to <B> Administrative Tools </B> , point to <B> Remote Desktop Services </B> , and then click <B> Remote Desktop Session Host Configuration </B> . </LI> <LI> If the <B> User Account Control </B> dialog box appears, confirm that the action it displays is what you want, and then click <B> Yes </B> . </LI> <LI> In the <B> Edit settings </B> area, under <B> Licensing </B> , double-click <B> Remote Desktop license servers </B> . </LI> <LI> On the <B> Licensing </B> tab of the <B> Properties </B> dialog box, click <B> Add </B> . </LI> <LI> In the <B> Add License Server </B> dialog box, select a license server from the list of known license servers, and then click <B> Add </B> . If the license server that you want to add is not listed, in the <B> License server name or IP address </B> box, type the name or IP address of the license server that you want to add, and then click <B> Add </B> . <BR /> You can add more than one license server for the RD Session Host server to use. The RD Session Host server contacts the license servers in the order in which they appear in the <B> Specified license servers </B> box. </LI> <LI> Click <B> OK </B> to close the <B> Add License Server </B> dialog box, and then click <B> OK </B> to save your changes to the licensing settings. </LI> </OL> <P> This is a basic setup for a highly available license server in Server 2008 R2. </P> <P> -Matt </P> </BODY></HTML> Sat, 16 Mar 2019 12:33:53 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/highly-available-rds-2008-r2-license-servers/ba-p/375532 CraigMarcho 2019-03-16T12:33:53Z MS15-010 causing font/text issues… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/ms15-010-causing-font-text-issues-8230/ba-p/375529 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Feb 20, 2015 </STRONG> <BR /> Hello Folks.&nbsp; Wanted to send out a quick note on an emerging issue we are seeing in Support after installing <A href="#" target="_blank"> MS15-010 </A> .&nbsp; If your fonts/text are distorted on the following Operating Systems… <BR /> <BR /> <UL> <LI> Windows Server 2008 Service Pack 2 (SP2) </LI> <LI> Windows Server 2003 SP2 </LI> <LI> Windows Vista SP2 </LI> </UL> <BR /> <BR /> …then you can download/install the following fix: <BR /> <BR /> <STRONG> <A href="#" target="_blank"> Fix for text quality degradation after security update 3013455 (MS15-010) is installed </A> </STRONG> <BR /> <BR /> Please see this <A href="#" target="_blank"> link </A> for more information. <BR /> <BR /> Additionally, this fix will be including in March’s patch cycle. <BR /> <BR /> <STRONG> UPDATE 2/26/2015 </STRONG> <BR /> <BR /> WSUS update for deployment will not be available until March 10th, the next patch Tuesday. <BR /> <BR /> An alternative to&nbsp;deploying 3037639 is to use Configuration Manager - See article below: <BR /> <BR /> <A href="#" target="_blank"> https://technet.microsoft.com/en-us/library/gg682112.aspx </A> <BR /> <BR /> <STRONG> *UPDATE 3/11/2015* </STRONG> <BR /> <BR /> The below security update is now available to correct the text issues found after installing KB3013455: <BR /> <BR /> <A href="#" target="_blank"> MS15-023: Vulnerabilities in Kernel-mode driver could allow elevation of privilege: March 10, 2015 </A> <BR /> <BR /> <BR /> <BR /> <P> -Krishnan Ayyer &amp; Susan Buchanan </P> </BODY></HTML> Sat, 16 Mar 2019 12:33:29 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/ms15-010-causing-font-text-issues-8230/ba-p/375529 CraigMarcho 2019-03-16T12:33:29Z Help! My Scheduled Task does not run… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/help-my-scheduled-task-does-not-run-8230/ba-p/375528 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Feb 18, 2015 </STRONG> <BR /> <P> Good morning/afternoon/evening AskPerf! Blake here with a post I’ve been meaning to write/publish for a year or so now. Here in on the Performance Team, we support a wide range of technologies, with Task Scheduler being one of them. More often than not, the number one Scheduled Task issue we encounter is as follows: </P> <BR /> <P> “In Windows 2003/XP, my scheduled tasks ran with no problems. Since we’ve upgraded to Windows <I> 2008/2008-R2/Win7/Win8/2012/2012-R2 </I> , our tasks no longer run.” </P> <BR /> <P> With that, we explain that Task Scheduler was completely re-written in 2008/Vista, with one of the main changes being in Security. Here is a snippet from a Technet Article published back on March 3, 2006: </P> <BR /> <P> <A href="#" target="_blank"> Windows Vista Task Scheduler </A> </P> <BR /> <P> <B> <I> Security. </I> </B> <I> In the Windows Vista Task Scheduler, security is vastly improved. Task Scheduler supports a security isolation model in which each set of tasks running in a specific security context starts in a separate session. Tasks executed for different users are launched in separate window sessions, in complete isolation from one other and from tasks running in the machine (system) context. Passwords are stored (when needed) in the Credentials Manager (CredMan) service using encryption interfaces. Using CredMan prevents malware from retrieving the stored password, tightening security further. </I> </P> <BR /> <P> <I> In Windows Vista, the burden of credentials management in Task Scheduler has lessened. Credentials are no longer stored locally for the majority of scenarios, so tasks do not "break" when a password changes. Administrators can configure security services such as Service for Users (S4U) and CredMan, depending on whether the task requires remote or local resources. S4U relieves the need to store passwords locally on the computer, and CredMan, though it requires that passwords be updated once per computer, automatically updates scheduled tasks configured to run for the specific user with the new password. </I> </P> <BR /> <P> Enter the new world of <A href="#" target="_blank"> Session 0 Isolation </A> . </P> <BR /> <P> Prior to Vista/2008 Server, all services ran in the same session as the first user who logged onto the console - this is Session 0. Well, running user apps and services in this session posed a security risk because services run at elevated privileges and can be targets for malicious code. </P> <BR /> <P> Enter the new and improved Task Scheduler that uses Session 0 isolation. In Vista/2008 and higher, we mitigate this security risk by isolating services in Session 0, and making it non-interactive. Only system processes and services now run in Session 0. The first user who logs onto a machine does so in Session 1. Subsequent users log into Session 2, 3, 4, etc. Doing this isolation protects services and system processes from tasks ran in this session. </P> <BR /> <P> So, how does this isolation prevent my task from running? </P> <BR /> <UL> <BR /> <LI> There is no active Shell (explorer.exe) </LI> <BR /> <LI> If a process/service tries to display a message box, the task will not complete </LI> <BR /> <LI> Non-interactive </LI> <BR /> <LI> Apps creating globally named objects </LI> <BR /> <LI> Possible network communication failures </LI> <BR /> </UL> <BR /> <P> For more information about Session 0 Isolation, please see the link above. </P> <BR /> <P> At this point, we need to determine if there is a simple workaround to get your task to run, or determine if the application vendor needs to be engaged. </P> <BR /> <P> Typically, I start with making the following Security changes to my Scheduled Task: </P> <BR /> <P> <B> “Run only when user is logged on” </B> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93312i3A912AA4A4615679" /> </P> <BR /> <P> With this option selected, my task will only run if I am logged on with my WillyP account. I can now test and confirm to see that Task Scheduler properly launches/runs my task. Selecting this option also runs my task interactively in my session. </P> <BR /> <P> You will see notepad.exe running in the same session as my logged on user – Session ID 2. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93313iE7C60161610539FD" /> </P> <BR /> <P> Now, let’s look at the behavior when I have the other Security option selected. </P> <BR /> <P> <B> “Run whether user is logged on or not” </B> </P> <BR /> <P> With this option selected, I am telling Task Scheduler to run my task whether I am logged on or not – aka Session 0 isolated. Let’s see how this looks when my Willyp user is logged off and I schedule a task to run. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93314iAE34C729622E8823" /> </P> <BR /> <P> As you can see, notepad.exe is running in Session 0. The other process, taskeng.exe, is the Task Scheduler Engine process that started my task. </P> <BR /> <P> So, you may be asking yourself, would if I am logged on with this account, and the “Run whether user is logged on or not” is selected - will it be interactive? No, as Session 0 is a non-interactive session, therefore you will not see your Action even if you are logged on as the running user account. </P> <BR /> <P> Now, how do we troubleshoot this and get your task to run? Well, in troubleshooting these issues, I’ve come across multiple ways to fix them. You may have to experiment to see which of the following works for you in your scenario. </P> <BR /> <UL> <BR /> <LI> If your Task requires UAC Elevation, select the “ <B> Run with highest privileges </B> ” option under Security on the General tab </LI> <BR /> <LI> If you are launching a Batch script (.vbs/.cmd/.bat/.ps1), modify your script to add some type of logging to see where it may be failing – see the following blog for examples: <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2011/06/10/two-minute-drill-quickly-test-task-scheduler.aspx" target="_blank"> Two Minute Drill: Quickly test Task Scheduler </A> </LI> <BR /> <LI> Try creating a new task, but select the <B> Configure for: </B> option to be “ <B> Windows Server 2003, Windows XP, or Windows 2000 </B> ” – this will create an XP/2003 fashioned task </LI> <BR /> <LI> If running a .vbs / .ps1 script, try launching it from a .cmd / .bat script – for example: “ <B> cscript.exe myscript.vbs” </B> would be in my .cmd/.bat script, and I would then launch it from my Scheduled Task </LI> <BR /> <LI> Check your scripts for environmental issues – when we run a script, we default to the “%SystemRoot%\System32” folder unless specified in the script (i.e. CD C:\Scripts\Test) </LI> <BR /> <LI> If you are running nested scripts/programs within one script, try breaking them out as multiple Actions – for example: </LI> <BR /> </UL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93315i0BC5A704B2AEC51B" /> </P> <BR /> <P> So, when script1.cmd finishes, script2.cmd will be launched. Then when script2.cmd completes, script3.cmd will run. </P> <BR /> <UL> <BR /> <LI> If running a 3 <SUP> rd </SUP> party app/script, engage the app vendor to check if their app/process will run correctly in a non-interactive session </LI> <BR /> <LI> Try running your script with the SYSTEM account </LI> <BR /> <LI> Check the History tab for clues as to why your task is not running </LI> <BR /> <LI> If copying files to network shares via script, use UNC paths instead of mapped drives, especially if you are selecting the “Run whether user is logged on or not” security option </LI> <BR /> <LI> If all else fails, your only choice may be to “Run only when user is logged on” </LI> <BR /> </UL> <BR /> <P> As we come across different issues/fixes, I will add them to the bulleted list above. </P> <BR /> <P> Play around with the options above and see if you can get your Scheduled Task to run. If you come across a different fix not mentioned above, let us know in the comments below. </P> <BR /> <P> <A> -Blake </A> </P> </BODY></HTML> Sat, 16 Mar 2019 12:33:20 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/help-my-scheduled-task-does-not-run-8230/ba-p/375528 CraigMarcho 2019-03-16T12:33:20Z How to use Dumpchk.exe to check your dump files… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/how-to-use-dumpchk-exe-to-check-your-dump-files-8230/ba-p/375523 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jan 27, 2015 </STRONG> <BR /> Hello AskPerf!&nbsp; Today’s post is a quick one that points to one of Bob' Golding's Windows Troubleshooting videos.&nbsp; He talks about how to download/run Dumpchk.exe on your dump files to check for corruption.&nbsp; Check it out below: <BR /> <BR /> <A href="#" target="_blank"> DumpCheck – youtube video </A> <BR /> <BR /> <A href="#" target="_blank"> DumpChk – MSDN Link to more info </A> <BR /> <BR /> <BR /> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:32:42 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/how-to-use-dumpchk-exe-to-check-your-dump-files-8230/ba-p/375523 CraigMarcho 2019-03-16T12:32:42Z Case of the blank print jobs https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/case-of-the-blank-print-jobs/ba-p/375522 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jan 08, 2015 </STRONG> <BR /> <P> Hello Askperf! Anshuman here again with an interesting issue I worked a few weeks ago. </P> <P> The following pop-up appeared on my workstation intermittently: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93307i167CD56129B7E1CA" /> </P> <P> I then realized that I had the <B> Send To OneNote </B> printer set as my default printer. </P> <P> The next time this occurred, I paused the print queue and noticed that the “Remote Desktop Redirected Printer Doc” document was getting spooled under my account. This was interesting because I had several remote desktop sessions opened to different machines from my workstation, and did not send any prints jobs from them. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93308i22DC366CE0DB107B" /> </P> <P> So two questions came to mind: </P> <P> 1. Which RDS session is this coming from? </P> <P> 2. What was sending this print job? </P> <P> I then thought to myself, “when in doubt, run Process Monitor!” </P> <P> My first challenge was to figure out which server session this job was generated from. For this, I ensured that all the RDS sessions I established were using the command line option of of mstsc.exe ( <B> mstsc /v:servername </B> ). Next, I started process monitor on my workstation with a specific filter of “Process Name is mstsc.exe” and “Path contains .spl”. Since this issue was intermittent, I checked the “Drop filtered events” option. I also ensured that the Backing File option under File menu was pointing to a file, instead of Virtual Memory (pagefile). After a while the issue occurred, and procmon captured the following events: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93309i5F4A7B6FF0CFDF4F" /> </P> <P> One of the first things I noticed was the CloseFile operation immediately after the CreateFile operation. Typically, you will see a WriteFile operation in between these two operations. So mstsc is connecting to which server? That was easily found by examining the Command Line entry of mstsc captured in the pml file: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93310i00C06FB4234B48AB" /> </P> <P> I logged into the problem server and launched procmon, ensuring that the Backing file option was set to point to a .pml file on a drive with enough space, and “Drop filtered events” was selected. Next I set up a filter “Path Contains tsclient” as well as “Path Contains RdpDr”. I then established an RDS session to the server from my work station and waited for the mysterious 0Kb print job. Once it happened, I had the following events in the pml file from the ProblemServer: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93311i61B9444FC2FCE79B" /> </P> <P> So there was an addon service that got installed on the printer server with a print driver. Disabling this ensured that those mysterious 0kb jobs ceased to occur. </P> <P> -Anshuman </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:32:36 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/case-of-the-blank-print-jobs/ba-p/375522 CraigMarcho 2019-03-16T12:32:36Z How to migrate local ports when doing print migration https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/how-to-migrate-local-ports-when-doing-print-migration/ba-p/375516 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jan 07, 2015 </STRONG> <BR /> <P> Hello Askperf! My name is Tingu, and today I’m going to talk about an interesting print migration issue I had a few weeks ago. </P> <BR /> <P> We had a case where an application server was running on Windows 2003, where more than 400 print queues were created. The port was created as a local port to forward the print job in case of a failure as noted in the “ <A href="#" target="_blank"> Transfer documents to another printer </A> ” Technet article. </P> <BR /> <P> The port was configured as \\printservername\printer.&nbsp; See example screenshot below: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93300i640EC387BF8E0289" /> </P> <BR /> <P> Here, we were trying to move the application to a 2012 R2 server and wanted to migrate all the print queues to the new server. We used <A href="#" target="_blank"> printbrm </A> to migrate all of the local printers.&nbsp; But the problem we ran into is that it did not migrate the local ports. </P> <BR /> <P> When we started the migration, we did not see the local ports listed: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93301i4076C6A3EAA64141" /> </P> <BR /> <P> Additionally after the migration, the port was not present: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93302iC89C87BD33D391CF" /> </P> <BR /> <P> We tried to add the port manually, but gave us the error “port already exists”.&nbsp; Additionally, the registry shows that the printer is set to use the forwarder. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93303i7BEF1DF56168AA7B" /> </P> <BR /> <P> We really needed to get the local ports migrated as it can be a tedious task to re-create all the ports and map to their respective print queue. </P> <BR /> <P> We created a test lab and saw the same issue while migrating.&nbsp; It did not matter from/which OS we were migrating.&nbsp; During the migration, we saw an event ID 81 on the 2012 R2 server. (This event is not triggered if you are migrating to 2003 or 2008R2): </P> <BR /> <P> Log Name:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Microsoft-Windows-PrintBRM/Admin <BR /> Source:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Microsoft-Windows-PrintBRM <BR /> Date:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 12/25/2014 <BR /> Event ID:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 81 <BR /> Task Category: Restore <BR /> Level:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Error <BR /> Keywords:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Print Queue <BR /> User:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Joe <BR /> Computer:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 12345 </P> <BR /> <P> Description: <BR /> Printbrm.exe (the Printer Migration Wizard or the command-line tool) failed to restore print queue test. The restore process will continue, skipping this queue. Error: 0x80070057 which is “invalid parameter” <BR /> Error: 0x80070057 which is pointing to “invalid parameter” </P> <BR /> <P> So what we determined is that when you use printbrm for migration, it will not migrate the local ports.&nbsp; The reason is that the local port is specific to the server, and it may cause conflicts or not work if you migrate it to a different server.&nbsp; But in our case it’s a forwarder, and we need it to be migrated. </P> <BR /> <P> Further testing revealed that if a local port to which the printer is mapped is already present on the destination server, then the migrated printers will use that local port for the printers. </P> <BR /> <P> For example: on the source server you have a printer mapped to LPT1, and the destination server has LPT1 port available; then after the migration, the printer will be set to use that port. We created a forwarder on the destination server for a test printer before migration, and after importing the printer, we see that the port is mapped accordingly. </P> <BR /> <P> Now the question is, how do we migrate multiple local ports at a time? </P> <BR /> <P> Here is what we did… </P> <BR /> <P> From the print management on a 2012 R2 server, we added the 2003 server.&nbsp; Then we exported the list of ports to a .csv file: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93304i414F6229ED5FBEF4" /> </P> <BR /> <P> This gave us the list of all ports needing to be migrated.&nbsp; We then created a script to add the ports to the destination server.&nbsp; As in our case, the destination server was Windows 2012 R2 server, so we used the powershell command <A href="#" target="_blank"> Add-PrinterPort </A> . </P> <BR /> <P> We copied all of the required ports into notepad, and saved it as a .ps1 file: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93305i428AF13F28A47172" /> </P> <BR /> <P> We ran the .ps1 file as admin, and all of the ports got created on the destination server! </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93306iE11D745F007351CD" /> </P> <BR /> <P> Note If you have already tried the migration before creating the ports on the destination server, it may give you the error ‘port already exists’ while running the powershell command.&nbsp; You may need to delete the printers migrated and restart the spooler and then retry the powershell command to complete the port creation. </P> <BR /> <P> After that, we followed the <A href="#" target="_blank"> normal migration procedure </A> and all printers got mapped to the correct port. </P> <BR /> <P> I hope this information will come in handy the next time you are working through a printer migration. </P> <BR /> <P> -Tingu </P> </BODY></HTML> Sat, 16 Mar 2019 12:31:49 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/how-to-migrate-local-ports-when-doing-print-migration/ba-p/375516 CraigMarcho 2019-03-16T12:31:49Z Your technical answers and automated solutions via Bing.com https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/your-technical-answers-and-automated-solutions-via-bing-com/ba-p/375508 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 04, 2014 </STRONG> <BR /> Hello folks, <BR /> <BR /> One of our Engineering PMs that supports our Diagnostics and Automated solutions published a blog regarding Bing and how you can use it to answer your technical questions and provide automated solutions.&nbsp; Here is a brief overview: <BR /> <BR /> Bing Technical Instant Answers provide concise answers to technical questions directly within search results and hopefully answer your question (or help you solve an issue) without you having to actually visit the web pages linked within the answer. The answers are triggered by specific search phrases, and they try to provide a unique benefit either by precisely matching your intent or by providing additional content related to your intent. In some cases, the instant answer will link to an automated fix or troubleshooter that you can run directly from the Bing search results. Microsoft will constantly be adding new technical answers, so if you have a technical problem with a Microsoft product or service try asking Bing to see if we have an instant answer for you! <BR /> <BR /> Go check out his blog via the link below: <BR /> <BR /> <A href="#" target="_blank"> Using Bing for technical instant answers and automated solutions </A> <BR /> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:30:44 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/your-technical-answers-and-automated-solutions-via-bing-com/ba-p/375508 CraigMarcho 2019-03-16T12:30:44Z Unable to restart server due to registry bloat over 2GB https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/unable-to-restart-server-due-to-registry-bloat-over-2gb/ba-p/375507 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 22, 2014 </STRONG> <BR /> <P> Hello AskPerf!&nbsp; Pushing up a blog today to discuss the registry bloat issue that has been recently addressed in the following KB: </P> <BR /> <P> <A href="#" target="_blank"> Computer cannot be restarted if the registry hives are larger than 2 GB </A> </P> <BR /> <P> <B> Symptom </B> </P> <BR /> <UL> <BR /> <LI> You have a computer that is running the x64-based version of Windows 8.1, Windows Server 2012 R2, Windows 8, or Windows Server 2012. </LI> <BR /> <LI> The registry hives for the computer are larger than 2 gigabyte (GB). </LI> <BR /> </UL> <BR /> <P> <STRONG> Cause </STRONG> <BR /> This problem occurs because of the 2 GB size limit of the registry hives in x64-based version of Windows. </P> <BR /> <P> <STRONG> Resolution <BR /> </STRONG> Install this patch to resolve the issue. </P> <BR /> <P> </P> <BR /> <P> When you get into this state, you may experience one of the following issues: </P> <BR /> <OL> <BR /> <LI> You can boot to a stop error. </LI> <BR /> <LI> You can boot and not be able to log in due to the RQL (Registry Quota Limit). </LI> <BR /> <LI> You can boot and be logged in with a temp profile and not be able to install any software due to the RQL. </LI> <BR /> </OL> <BR /> <P> If this happens, <A href="#" target="_blank"> KB2978366 </A> should be installed. </P> <BR /> <P> With that, the following questions may come to mind: </P> <BR /> <UL> <BR /> <LI> How does this issue occur? </LI> <BR /> <LI> How do I prevent this issue in the first place? </LI> <BR /> <LI> How do I fix this issue once the hotfix is installed? </LI> <BR /> <LI> What happens if I see this problem on another OS version? </LI> <BR /> <LI> Are there any tools I can use to troubleshoot this issue? </LI> <BR /> </UL> <BR /> <P> <B> Question: </B> How does this issue occur? </P> <BR /> <P> <B> Answer: </B> There are many reasons that cause registry hives/keys to bloat.&nbsp; Some of the ones we have seen are related to <A href="#" target="_blank"> KB2871131 </A> , which refers to the “..\Printers\DevModes2” key bloat.&nbsp; This hotfix does not “fix” the issue, but prevents it from occurring in the first place.&nbsp; You still have to clean the keys first.&nbsp; Additionally, there is a known issue with SQL Server 2012 SP1 that can cause the registry to hit the 2GB limit and put the machine in a no-boot state.&nbsp; Please see <A href="#" target="_blank"> KB2793634 </A> for more details on this. </P> <BR /> <P> <B> Question: </B> How do I prevent this issue in the first place? </P> <BR /> <P> <B> Answer: </B> There really is no good answer for this outside of installing the hotfixes noted above, and keeping a close eye out on your registry hives.&nbsp; You can use Performance Monitor however to monitor the “System\ % Registry Quota In Use” counter.&nbsp; If this counter gets over 50 %, then you should start investigating what registry keys/hives are growing. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93298iDD56E512AF426FCA" /> </P> <BR /> <P> <I> % Registry Quota In Use is the percentage of the Total Registry Quota Allowed that is currently being used by the system.&nbsp; This counter displays the current percentage value only; it is not an average. </I> </P> <BR /> <P> <STRONG> NOTE </STRONG> The following Registry hives point to their corresponding files: </P> <BR /> <UL> <BR /> <LI> HKLM\BCD00000000 - \Boot\BCD </LI> <BR /> <LI> HKLM\COMPONENTS - %windir%\System32\config\Components </LI> <BR /> <LI> HKLM\SAM - %windir%\System32\config\SAM </LI> <BR /> <LI> HKLM\SECURITY - %windir%\System32\config\SECURITY </LI> <BR /> <LI> HKLM\SOFTWARE - %windir%\System32\config\SOFTWARE </LI> <BR /> <LI> HKLM\SYSTEM - %windir%\System32\config\SYSTEM </LI> <BR /> <LI> HKU\.DEFAULT - %windir%\System32\config\DEFAULT </LI> <BR /> <LI> HKCU - %userprofile%\NTUSER.DAT </LI> <BR /> <LI> HKLM\HARDWARE - This is dynamic and gets built with the OS boots (volatile hive) </LI> <BR /> <LI> HKLM\CLUSTER - %windir%\Cluster\CLUSDB </LI> <BR /> <LI> HKU\&lt;SID of local service account&gt; - %systemroot%\ServiceProfiles\LocalService\Ntuser.dat </LI> <BR /> <LI> HKU\&lt;SID of network service account&gt; - %systemroot%\ServiceProfiles\NetworkService\Ntuser.dat </LI> <BR /> <LI> HKU\&lt;SID of username&gt; - \Users\&lt;username&lt;\Ntuser.dat </LI> <BR /> <LI> HKU\&lt;SID of username&gt;\Classes - \Users\&lt;username&gt;\AppData\Local\Microsoft\Windows\Usrclass.dat </LI> <BR /> </UL> <BR /> <P> <B> Question: </B> How do I fix this issue once the hotfix is installed? </P> <BR /> <P> <B> Answer: </B> After installing the hotfix, you may need to copy your Registry file to another machine that includes the hotfix.&nbsp; After you have cleared out the bloated entries (whitespace will remain), then simply load the hive up, and then unload it.&nbsp; This process will shrink your registry key back down pre-bloat. If a system is unbootable due to registry bloat install the hotfix on another system. Boot the problem system from DVD, copy the bloated registry hive to external storage, put on system with hotfix and use regedit to remove the bloated registry info and whitespace. The hive can then be copied back to problem system to allow it to boot normally. </P> <BR /> <P> <B> Question: </B> What happens if I see this problem on another OS version? </P> <BR /> <P> <B> Answer: </B> Simply copy your hive over to a Win 8/ Server 2012 machine that has this hotfix installed, then follow the steps above. </P> <BR /> <P> <B> Question: </B> Are there any tools I can use to troubleshoot this issue? </P> <BR /> <P> <B> Answer: </B> Sysinternals RU.exe is a good tool to check the sizes of your registry keys/hives, in addition to loading up the hive and clearing out the whitespaces. </P> <BR /> <P> Ru (registry usage) reports the registry space usage for the registry key you specify. By default it recurses subkeys to show the total size of a key and its subkeys. </P> <BR /> <H3> Using Registry Usage (RU) </H3> <BR /> <P> <STRONG> usage: ru [-c[t]] [-l &lt;levels&gt; | -n | -v] [-q] &lt;absolute path&gt; </STRONG> </P> <BR /> <P> <STRONG> usage: ru [-c[t]] [-l &lt;levels&gt; | -n | -v] [-q] -h &lt;hive file&gt; [relative path] </STRONG> </P> <BR /> <TABLE> <TBODY><TR> <TD> <STRONG> -c </STRONG> </TD> <TD> Print output as CSV. Specify -ct for tab delimiting. </TD> </TR> <TR> <TD> <STRONG> -h </STRONG> </TD> <TD> Load the specified hive file, perform the size calculation, then unload it and compress it. </TD> </TR> <TR> <TD> <STRONG> -l </STRONG> </TD> <TD> Specify subkey depth of information (default is one level). </TD> </TR> <TR> <TD> <STRONG> -n </STRONG> </TD> <TD> Do not recurse. </TD> </TR> <TR> <TD> <STRONG> -q </STRONG> </TD> <TD> Quiet (no banner). </TD> </TR> <TR> <TD> <STRONG> -v </STRONG> </TD> <TD> Show size of all subkeys. </TD> </TR> </TBODY></TABLE> <BR /> <P> CSV output is formatted as: </P> <BR /> <P> Path,CurrentValueCount,CurrentValueSize,ValueCount,KeyCount,KeySize,WriteTime </P> <BR /> <P> <STRONG> Example: </STRONG> </P> <BR /> <P> The original size of DEFAULT was 1.45 GB.&nbsp; After I ran RU with the -h switch, it reduced down to 38.48 MB: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93299i3B173D2F3A48D1A5" /> </P> <BR /> <P> </P> <BR /> <P> <B> Reference </B> </P> <BR /> <P> <A href="#" target="_blank"> How to Compress "Bloated" Registry Hives </A> </P> <BR /> <P> <A href="#" target="_blank"> Registry Usage (RU) v1.1 </A> </P> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:30:41 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/unable-to-restart-server-due-to-registry-bloat-over-2gb/ba-p/375507 CraigMarcho 2019-03-16T12:30:41Z RDP Fails with Event ID 1058 & Event 36870 with Remote Desktop Session Host Certificate & SSL Communication https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/rdp-fails-with-event-id-1058-event-36870-with-remote-desktop/ba-p/375504 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 22, 2014 </STRONG> <BR /> <P> Hello AskPerf!&nbsp; Sanket here from the Windows Platforms team here to discuss an issue with Remote Desktop Services where RDP does not work when you try to connect from a remote machine.&nbsp; With that, let’s get started! </P> <P> I’m sure most of you have come across the following message when connecting to a machine via RDP: </P> <P> <I> Remote Desktop Connection </I> </P> <P> <I> This computer can't connect to the remote computer. Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator </I> . </P> <P> This is a generic that can be caused by numerous varying reasons.&nbsp; We have a fairly detailed troubleshooting KB article that talks about this error and what to do to fix it: </P> <P> <A href="#" target="_blank"> Remote Desktop disconnected or can’t connect to remote computer or to Remote Desktop server (Terminal Server) that is running Windows Server 2008 R2 </A> </P> <P> Assumptions are that most of you have followed this KB and resolved your issue.&nbsp; However, there could other reasons that could cause RDP to fail as well. </P> <P> I recently worked an issue with same error where RDP from a remote machine was not connecting to a Windows 2012 Server.&nbsp; NOTE the same error can occur on previous OS versions as well. </P> <P> There was a mystery as to what was changed on the server that could have caused this start.&nbsp; Possible assumptions were user intervention, or some application may have changed/removed certain permissions. </P> <P> During the course of troubleshooting, we double-checked the KB article noted above, and noted the following Error events in the System Log: </P> <P> Log Name:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; System <BR /> Source:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Microsoft-Windows-TerminalServices-RemoteConnectionManager <BR /> Date:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 7/27/2014 12:16:59 AM <BR /> Event ID:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1058 <BR /> Task Category: None <BR /> Level:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Error <BR /> Keywords:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Classic <BR /> User:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; N/A <BR /> Computer:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; XXXXXXX <BR /> Description: The RD Session Host Server has failed to replace the expired self-signed certificate used for RD Session Host Server authentication on SSL connections. <BR /> The relevant status code was Access is denied. <BR /> <BR /> This error indicates that there is already a Certificate in place, however there is no sufficient permissions, and/or the default permissions on “C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys” may have been modified. <BR /> <BR /> &amp; <BR /> <BR /> Log Name:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; System <BR /> Source:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Schannel <BR /> Date:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -- <BR /> Event ID:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 36870 <BR /> Task Category: None <BR /> Level:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Error <BR /> Keywords: <BR /> User:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SYSTEM <BR /> Computer:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; XXXXX <BR /> Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030D. <BR /> The internal error state is 10001. <BR /> <BR /> There was a fatal error accessing the Private Key for secure communications. </P> <P> At this point, I decided to capture a Process Monitor (Procmon) log on the destination server where the connection was going to.&nbsp; As you may already know, Procmon allows us to monitor/record real-time file system, Registry and process/thread activity on Windows Workstations/Servers. </P> <P> Per the Procmon log, we found an “Access Denied” error to the following path: </P> <P> “C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_” </P> <P> The above cert key f686aace6942fb7f7ceb231212eef4a4_xxx is associated with RDS, and this GUID like number is the pair key for both the computer and user. </P> <P> If you use the certutil -key command, you would see this Cert key with TSSecKeySet1: </P> <P> f686aace6942fb7f7ceb231212eef4a4_xxxxxxxxxx: AT_KEYEXCHANGE </P> <P> From the Procmon Logs: <BR /> <BR /> 12:39:53.5364585 AM lsass.exe 588 CreateFile C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_xxxx ACCESS DENIED Desired Access: Generic Read, Disposition: Open, Options: Sequential Access, Synchronous IO Non-Alert, Non-Directory File, Attributes: N/A, Share Mode: Read, Allocation Size: N/A, <BR /> Impersonating: NT AUTHORITY\NETWORK SERVICE <BR /> <BR /> 12:40:24.3692803 AM lsass.exe 588 CreateFile C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_xxxx ACCESS DENIED <BR /> Desired Access: Generic Read, Disposition: Open, Options: Sequential Access, Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, Share Mode: Read, Allocation Size: n/a, Impersonating: NT AUTHORITY\SYSTEM <BR /> <BR /> 12:40:23.9265708 AM svchost.exe 1012 CreateFile C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_xxxx ACCESS DENIED <BR /> Desired Access: Generic Read, Disposition: Open, Options: Sequential Access, Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, Share Mode: Read, Allocation Size: n/a <BR /> <BR /> So, what are the default permissions?&nbsp; Well, you can use icacls to find this: <BR /> <BR /> C:\&gt;icacls C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ <BR /> Everyone :(R,W) <BR /> BUILTIN\Administrators :(F) <BR /> <BR /> c:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_xxxxx <BR /> NT AUTHORITY\NETWORK SERVICE :(R) <BR /> NT AUTHORITY\SYSTEM :(F) <BR /> BUILTIN\Administrators ::(R) </P> <P> In case if you want to grant permission using icals you can provide the same using following command : <BR /> <BR /> <STRONG> icacls C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_xxxxx /grant " NT AUTHORITY\NETWORK SERVICE :(</img> R) <BR /> icacls C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_xxxxx /grant " NT AUTHORITY\SYSTEM :(F) <BR /> icacls C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_xxxxx /grant " NT AUTHORITY\NETWORK SERVICE :(R ) </STRONG> <BR /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93296i7C4BC1E1B2F338D2" /> </P> <P> Fig 1.1 (Permission in Windows Explorer) </P> <P> As you can see above, the SYSTEM accounts needs the proper permissions.&nbsp; If these permissions have been changed, then they need put back to defaults.&nbsp; The certs under this key should be inheriting the above permissions from the parent folder MachineKeys. </P> <P> You can restore permissions, grant the permissions back using icacls, or use the Windows Explorer GUI.&nbsp; Correcting the default permission on the cert should allow RDP to now work correctly. </P> <P> Considering if this would have been easily reproducible, there is always an option to enable the Auditing on the cert key f686aace6942fb7f7ceb231212eef4a4_xxxxx under “C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys”.&nbsp; This can be done using the Security Tab on Properties of the cert key as seen in the screenshot below: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93297i283AC3A1FB43023B" /> </P> <P> <STRONG> NOTE </STRONG> Adding Auditing on this object will log Events to the Security Event Logs.&nbsp; You will want to keep this enabled until you are able to reproduce the connection issue. </P> <P> Hope you find this information helpful. </P> <P> <STRONG> Additional Resources </STRONG> </P> <UL> <LI> <A href="#" target="_blank"> Remote Desktop Services Authentication and Encryption </A> </LI> <LI> <A href="#" target="_blank"> The MachineKeys directory is configured with non-default permissions </A> </LI> <LI> <A href="#" target="_blank"> How to: Change the Security Permissions for the MachineKeys Directory </A> </LI> <LI> <A href="#" target="_blank"> How Permission Works </A> </LI> </UL> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:30:20 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/rdp-fails-with-event-id-1058-event-36870-with-remote-desktop/ba-p/375504 CraigMarcho 2019-03-16T12:30:20Z Windows 10 Preview available for review https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-10-preview-available-for-review/ba-p/375501 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 14, 2014 </STRONG> <BR /> Good morning AskPerf!&nbsp; It’s been a while since our last post, and we apologize for that.&nbsp; We’ve been quite busy here on the Support side knocking out customer issues… <BR /> <BR /> Any who, we have some upcoming blogs in the oven that need a little more time to bake.&nbsp; One of which is a short series on Windows Event Forwarding which I am very excited about.&nbsp; Look for that to come out in the coming months. <BR /> <BR /> Even though we are commonly known as the Performance team, internally we are known as the Reliability team.&nbsp; Some of the technologies we support are as follows: <BR /> <BR /> <STRONG> Windows Client/Server OS </STRONG> <BR /> <BR /> <UL> <LI> Printing </LI> <LI> RDS / TS </LI> <LI> Performance which includes System Hangs, High CPU, Memory issues, etc. </LI> <LI> Base WMI functionality </LI> <LI> COM/DCOM – base functionality </LI> <LI> Explorer (Shell) </LI> <LI> Desktop Search </LI> <LI> MUI and IME </LI> <LI> MSI – basic functionality </LI> <LI> Themes/Fonts/Screen Savers/Wallpaper </LI> <LI> Task Scheduler </LI> <LI> WinRM – basic functionality </LI> <LI> Windows PowerShell – install and basic functionality </LI> <LI> ACT </LI> </UL> <BR /> <BR /> There are many other smaller technologies, but these are the main ones. <BR /> <BR /> Now back to our original topic:&nbsp; The Windows 10 Preview is available for download/testing.&nbsp; To get it, click the following link: <BR /> <BR /> <A href="#" target="_blank"> Windows 10 Preview </A> <BR /> <BR /> Finally, we always welcome feedback on topics you would like for us to blog about here on the AskPerf blog site. <BR /> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:29:55 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-10-preview-available-for-review/ba-p/375501 CraigMarcho 2019-03-16T12:29:55Z WMI: How to Troubleshoot WMI High Handle Count https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-how-to-troubleshoot-wmi-high-handle-count/ba-p/375500 <P><STRONG> First published on TECHNET on Aug 12, 2014 </STRONG> </P> <P>Scenario</P> <P>&nbsp;</P> <P>Windows Management Instrumentation Service (Winmgmt) or <STRONG> WMI </STRONG> provider (wmiprvse.exe) is experiencing high handle count</P> <P>&nbsp;</P> <P>Your first thing to do is check the Application Event log for following event:</P> <P>&nbsp;</P> <P><STRONG> <I> Source: </I> Microsoft-Windows-WMI </STRONG> <I> </I></P> <P>&nbsp;</P> <P><STRONG> <I> Event 5612 Wmiprvse.exe exceeding handle quota limit Event </I> </STRONG></P> <P>&nbsp;</P> <P><STRONG> <I> WMI has stopped WMIPRVSE.EXE because a quota reached a warning value. Quota: %1 Value: %2 Maximum value: %3 WMIPRVSE PID: %4 </I> </STRONG></P> <P>&nbsp;</P> <P>If you find the above Event, you can try and bump up the handle quota limit to see if it resolves your issue. If it is a leak, then bumping limit will only mean it will take longer to reach the new limit. If it’s just load related, then bumping the limit could resolve the issue.</P> <P>&nbsp;</P> <P>The event will tell you what the handle count was, and if it is higher than the <STRONG> 8192 </STRONG> value I suggest below.&nbsp; You can then skip this section and move on to data collection to figure out the cause of high handle count.</P> <P>&nbsp;</P> <P><STRONG> How to increase the handle quota limit for the WMI Provider Service </STRONG></P> <P><BR /><BR /></P> <OL> <OL> <LI>Go to Start--&gt; run and type <STRONG> wbemtest.exe </STRONG></LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Click Connect on the Windows Management Instrumentation Tester</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>In the namespace text box just enter " <STRONG> root </STRONG> " (without quotes)</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Click <STRONG> Connect </STRONG></LI> </OL> </OL> <P><BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" style="width: 428px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93291i542A48E11E786407/image-size/large?v=v2&amp;px=999" role="button" /></span></P> <P>&nbsp;</P> <P><I> Note: you aren’t connecting to CimV2 or any other namespaces. It’s ROOT </I></P> <P><BR /><BR /></P> <OL> <OL> <LI>Click " <STRONG> Enum Instances </STRONG> …"</LI> </OL> </OL> <P><BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" style="width: 427px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93292i5781A7542E8FB1D5/image-size/large?v=v2&amp;px=999" role="button" /></span></P> <P><BR /><BR /></P> <OL> <OL> <LI>In the Class Info dialog box enter Superclass Name as <STRONG> "__ProviderHostQuotaConfiguration </STRONG> " (without quotes) and press OK.</LI> </OL> </OL> <P><BR /><BR /></P> <P>Note: a double underscore <STRONG> __ </STRONG> precedes ProviderHostQuotaConfiguration</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" style="width: 425px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93293iE4A59A116F482895/image-size/large?v=v2&amp;px=999" role="button" /></span></P> <P><BR /><BR /></P> <OL> <OL> <LI>A query Result window will come up. In this windows now double click "__ProviderHostQuotaConfiguration=@"</LI> </OL> </OL> <P><BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" style="width: 427px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93294iEBC48798C6A72FE2/image-size/large?v=v2&amp;px=999" role="button" /></span></P> <P><BR /><BR /></P> <OL> <OL> <LI>An Object Editor windows will come up now</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Under properties find the property " <STRONG> HandlesPerHost </STRONG> "</LI> </OL> </OL> <P><BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" style="width: 426px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93295iDEB8E52ACB48DAF3/image-size/large?v=v2&amp;px=999" role="button" /></span></P> <P><BR /><BR /></P> <OL> <OL> <LI>Change the value from default of 4096 to <STRONG> 8192 </STRONG></LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Click <STRONG> Save Property </STRONG></LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Click <STRONG> Save Object </STRONG> in the Object Editor window</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Close the other windows now and exit WMI Tester</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Restart Windows Management Instrumentation Service.</LI> </OL> </OL> <P><BR /><BR /></P> <P>If after bumping up quota limit and wmiprvse is still exceeding quota limit, complete the following actions below. You will want to read through the rest of the instructions in its entirety to ensure you get all of the necessary tools downloaded before taking any actions.</P> <P>&nbsp;</P> <P><STRONG> Configure System for Complete Memory Dump by referring to: </STRONG></P> <P>&nbsp;</P> <P>Windows 8 and Windows Server 2012 Automatic Memory Dump: <A href="https://gorovian.000webhostapp.com/?exam=b/askcore/archive/2012/09/12/windows-8-and-windows-server-2012-automatic-memory-dump.aspx" target="_blank" rel="noopener"> http://blogs.technet.com/b/askcore/archive/2012/09/12/windows-8-and-windows-server-2012-automatic-memory-dump.aspx </A></P> <P>&nbsp;</P> <P>Windows does not create a memory dump file when a Stop error occurs in Windows 8 or Windows Server 2012: <A href="#" target="_blank" rel="noopener"> http://support.microsoft.com/kb/2853466 </A></P> <P>&nbsp;</P> <P>Windows 2008, Windows Vista, Windows 7, Windows 2008 R2: <A href="#" target="_blank" rel="noopener"> http://support.microsoft.com/kb/969028 </A></P> <P>&nbsp;</P> <P>Windows Server 2003 and Windows XP: <A href="#" target="_blank" rel="noopener"> http://support.microsoft.com/kb/972110 </A></P> <P>&nbsp;</P> <P><STRONG> Collect perfmon logging using logman method </STRONG></P> <P>&nbsp;</P> <P>Directions below will create 2 perfmon logs, one at a 5 minute interval (PerfLog-Long) and a short 5 second interval log (PerfLog-Short) and they will be placed in C:\Perflogs folder.</P> <P><BR /><BR /></P> <UL> <UL> <LI>Long log (5 min intervals) – no thread counter, 250 MB:</LI> </UL> </UL> <P><BR /><BR /></P> <BLOCKQUOTE><BR /> <P>1. Click on Start</P> </BLOCKQUOTE> <P>&nbsp;</P> <P>&lt;&lt;Start Search&gt;&gt;, enter "CMD.exe" w/o the quotation marks and then press Enter.</P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>2. Copy and paste the following command into the command prompt window:</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Logman.exe create counter PerfLog-Long -o "c:\perflogs\PerfLog-Long.blg" -f bincirc -v mmddhhmm -max 250 -c "\Cache\*" "\LogicalDisk(*)\*" "\Memory\*" "\Network Interface(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Processor(*)\*" "\Process(*)\*" "\Redirector\*" "\Server\*" "\Server Work Queues\*" "\System\*"&nbsp; -si 00:05:00 </STRONG></P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>3. Start the log with:</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Logman.exe start PerfLog-Long </STRONG></P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>4. Please stop the performance log as soon as the issue returns with the following command:</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Logman.exe stop PerfLog-Long </STRONG></P> <P><BR /><BR /></P> <UL> <UL> <LI>Short, high resolution log – 5 sec interval with thread counter, 250MB</LI> </UL> </UL> <P><BR /><BR /></P> <BLOCKQUOTE><BR /> <P>1. Click on Start</P> </BLOCKQUOTE> <P>&nbsp;</P> <P>&lt;&lt;Start Search&gt;&gt;, enter "CMD.exe" w/o the quotation marks and then press Enter.</P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>2. Copy and paste the following command into the command prompt window:</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Logman.exe create counter PerfLog-Short -o "c:\perflogs\PerfLog-Short" -f bincirc -v mmddhhmm -max 250 -c "\Cache\*" "\LogicalDisk(*)\*" "\Memory\*" "\Network Interface(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Processor(*)\*" "\Process(*)\*" "\Redirector\*" "\Server\*" "\System\*" "\Server Work Queues\*" "\Thread(*)\*" -si 00:00:05 </STRONG></P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>3. Start the log with:</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Logman.exe start PerfLog-Short </STRONG></P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>4. Please stop the performance log as soon as the issue returns with the following command:</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Logman.exe stop PerfLog-Short </STRONG></P> <P>&nbsp;</P> <P><STRONG> Please note that if you reboot the server, you will need to start the logs again as they will not automatically restart on boot. </STRONG></P> <P>&nbsp;</P> <P><STRONG> Configure Handle Tracing </STRONG></P> <P><BR /><BR /></P> <OL> <OL> <LI>Download Windows <STRONG> Debugging Tools for Windows </STRONG> from following link: <A href="#" target="_blank" rel="noopener"> http://msdn.microsoft.com/en-us/windows/hh852365.aspx </A></LI> </OL> </OL> <P><BR /><BR /></P> <P>You probably just need the standalone version since we only need the debugging tool and not the whole WDK package.</P> <P><BR /><BR /></P> <OL> <OL> <LI>Go to the directory where you installed the tool and you will find <STRONG> gflags.exe </STRONG> as one of the files, right click on it and select run as administrator</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Click on the ‘ <STRONG> Kernel Flags’ </STRONG> tab</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Check the box next to ‘ <STRONG> Enable bad handles detection’ </STRONG></LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Click on the ‘ <STRONG> Image File </STRONG> ’ tab</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Next to ‘Image: (TAB to refresh)’, enter <STRONG> wmiprvse.exe </STRONG> or if tracing <STRONG> WMI Service </STRONG> enter the unique name given to the svchost process for <STRONG> WMI Service </STRONG> per directions in next section below</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>And then click on the ‘Tab’ key</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Next to ‘ <STRONG> Stack Backtrace: (Megs):’ enter ‘10’ </STRONG></LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Click on Apply</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Click on Ok</LI> </OL> </OL> <P>&nbsp;</P> <OL> <OL> <LI>Restart WMI service</LI> </OL> </OL> <P><BR /><BR /></P> <P>If it is a svchost process showing high handle count, you can use Task Manager and add PID column, then identify which svchost process has the high memory usage. From there in a command prompt you can run <STRONG> tasklist /svc </STRONG> and look for the PID then identify if a single service is running in that svchost process or multiple services. If multiple services, it may become necessary to break each service out to run in its own svchost process to determine if it is the WMI service (winmgmt) that is causing the issue. From experience it will be the WMI service more times than not but not always, as such I would try to break it out first on its own and monitor to see if it is the one driving up high handle count in the shared svchost process.</P> <P>&nbsp;</P> <P>WMI (Windows Management Instrumentation) service, you can break it out by accomplishing the following.</P> <P>&nbsp;</P> <P><STRONG> Break WMI Service out into its own unique svchost process </STRONG></P> <P>&nbsp;</P> <P>a.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Open command prompt with elevated privileges</P> <P>&nbsp;</P> <P>b.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Run following command: <STRONG> sc config winmgmt type= own </STRONG></P> <P>&nbsp;</P> <P>c.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Restart <STRONG> Wmi </STRONG> service</P> <P>&nbsp;</P> <P>d.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Run <STRONG> sc query winmgmt </STRONG> to ensure status of service now reflects “ <STRONG> own </STRONG> ” indicating running in its own svchost process</P> <P>&nbsp;</P> <P>When issue had been resolved or no longer needing the service broken out into its own svchost process, place it back into the shared svchost process by running following command from command prompt:</P> <P>&nbsp;</P> <P><STRONG> sc config &lt;service name&gt; type= share </STRONG></P> <P>&nbsp;</P> <P>e. Restart the service or machine and verify result is Win32_SHARE_PROCESS when you run <STRONG> sc query winmgmt </STRONG> command again</P> <P>&nbsp;</P> <P>f. Change command focus to system32 folder and run following command: <STRONG> copy svchost.exe wmisvchost.exe </STRONG></P> <P>&nbsp;</P> <P>g. From start run type in regedit and navigate to <STRONG> HKLM\System_CurrentControlSet\Services\Winmgmt </STRONG></P> <P>&nbsp;</P> <P>h. Modify existing ImagePath from %systemroot%\system32\svchost.exe -k netsvcs to <STRONG> %systemroot%\system32\wmisvchost.exe -k netsvcs </STRONG></P> <P>&nbsp;</P> <P>I. Restart wmi service with <STRONG> net stop winmgmt </STRONG> and <STRONG> net start winmgmt </STRONG> commands again</P> <P>&nbsp;</P> <P>j. Verify you now see wmisvchost.exe process running by running <STRONG> tasklist </STRONG> or looking in task manager at process list</P> <P>&nbsp;</P> <P>k. You would now substitute <STRONG> wmisvchost.exe </STRONG> in lieu of wmiprvse.exe in step 6. under <STRONG> Configure Handle Tracing </STRONG> above</P> <P>&nbsp;</P> <P><STRONG> Using debugger to attach to the process in windbg.exe and running !htrace –enable command </STRONG></P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>1. Launch WinDbg program from under Debugging Tools for Windows that you installed earlier.</P> </BLOCKQUOTE> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>2. Created folder <STRONG> c:\websymbols </STRONG></P> </BLOCKQUOTE> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>3. Click on File-Symbol path and add the following symbol path to the debugger: <STRONG> SRV*c:\websymbols*<A href="#" target="_blank" rel="noopener">http://msdl.microsoft.com/download/symbols</A> </STRONG></P> </BLOCKQUOTE> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>4. Click on File-Save Workspace</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Attach to process to accomplish handle tracking using htrace </STRONG></P> <P>&nbsp;</P> <P>To do this:</P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>1. From Windbg - File - Attach a Process - Select the instance of wmiprvse.exe with high handle count</P> </BLOCKQUOTE> <P>&nbsp;</P> <P>Note: If it is WMI Service (run <STRONG> tasklist /svc or Task Manager </STRONG> with PID column added first to find the PID of svchost.exe containing winmgmt which you should have broken out and uniquely named <STRONG> wmisvchost.exe </STRONG> per earlier directions)</P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>2. Run following command from the debugger:</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> .logopen "C:\debug.log" </STRONG> then hit &lt;ENTER&gt; key</P> <P>&nbsp;</P> <P><STRONG> !htrace -enable 0x20000 </STRONG> then hit &lt;ENTER&gt; key</P> <P>&nbsp;</P> <P><STRONG> Note: </STRONG> By default, Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2 keep a history of 4000 handles open and close operations.</P> <P>&nbsp;</P> <P>With !htrace you can enable to keep a much higher history by doing the following:</P> <P>&nbsp;</P> <P>!htrace -enable 0x20000</P> <P>&nbsp;</P> <P>In this example, we are increasing the handle history to 131072 (decimal, 0x20000 hexadecimal)</P> <P>&nbsp;</P> <P><STRONG> !htrace –snapshot </STRONG> then hit &lt;ENTER&gt; key</P> <P>&nbsp;</P> <P><STRONG> g </STRONG> then hit &lt;ENTER&gt; key</P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>3. Now, let the process run until the number of handle has increased a lot and gotten high.</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Final htrace log </STRONG></P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>1. Break into debugger with Keyboard keys ( <STRONG> Ctrl+Break </STRONG> )</P> </BLOCKQUOTE> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>2. Run following commands:</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> !htrace –diff </STRONG> then hit &lt;ENTER&gt; key</P> <P>&nbsp;</P> <P><STRONG> .logclose </STRONG> then hit &lt;ENTER&gt; key</P> <P>&nbsp;</P> <P><STRONG> .detach </STRONG> then hit &lt;ENTER&gt; key</P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>3. Close WinDbg</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> Now complete the following actions once you have gotten your final htrace log </STRONG></P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>1. If high handle count is with wmiprvse, download the latest version of the Windows Sysinternals tool <STRONG> Process Explorer </STRONG> . <A href="#" target="_blank" rel="noopener"> http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx </A></P> </BLOCKQUOTE> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>2. Find the instance of wmiprvse.exe with high handle count and right click on it and bring up the properties sheet. Click on the <STRONG> WMI Providers </STRONG> tab and document the listed providers</P> </BLOCKQUOTE> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>3. If the <STRONG> WMI Service </STRONG> was the process with the high handle count, then dump out the WMI service process which should be <STRONG> wmisvchost.exe </STRONG> per previous directions and <STRONG> all instances </STRONG> of <STRONG> wmiprvse.exe </STRONG> using <STRONG> procdump </STRONG> . If it is wmiprvse.exe that is exhibiting the high handle count, then only need to dump out that instance and nothing else.</P> </BLOCKQUOTE> <P>&nbsp;</P> <P>a. Download Windows Sysinternals tool called <STRONG> Procdump </STRONG> from URL: <A href="#" target="_blank" rel="noopener"> http://technet.microsoft.com/en-us/sysinternals/dd996900.aspx </A></P> <P>&nbsp;</P> <P>b. Open a command prompt with elevated or administrative rights and change to the directory were you saved <STRONG> Procdump </STRONG></P> <P>&nbsp;</P> <P>c. Open Task Manager and add the PID column view then go locate the instance of wmiprvse.exe with high memory usage and note the PID</P> <P>&nbsp;</P> <P>d. Run the following command: <STRONG> procdump –ma &lt;PID&gt; </STRONG></P> <P>&nbsp;</P> <P>e. <STRONG> Note </STRONG> : Replace with actual PID you documented for instances of wmiprvse.exe and/or wmisvchost.exe as it applies based on directions above</P> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>4. Stop Perfmon logging</P> </BLOCKQUOTE> <P>&nbsp;</P> <BLOCKQUOTE><BR /> <P>5. Do a complete memory dump of the machine</P> </BLOCKQUOTE> <P>&nbsp;</P> <P><STRONG> At this point with data in hand you will want to open a Support Incident with Microsoft to get the data analyzed to help determine cause of high handle count. </STRONG></P> <P>&nbsp;</P> <P><STRONG> Please reference this blog and the following TAG when you open the Support Incident Case with Microsoft, as it will help the engineer understand what actions have been taken or followed and well help us track the effectiveness of the blog. </STRONG></P> <P>&nbsp;</P> <P><STRONG> TAG = WMITBLOG </STRONG></P> <P>&nbsp;</P> <P>-Jeffrey Worline</P> Wed, 28 Aug 2019 20:47:41 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-how-to-troubleshoot-wmi-high-handle-count/ba-p/375500 CraigMarcho 2019-08-28T20:47:41Z WMI: How to troubleshoot High CPU Usage by WMI Components https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-how-to-troubleshoot-high-cpu-usage-by-wmi-components/ba-p/375494 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 12, 2014 </STRONG> <BR /> <P> Scenario </P> <BR /> <P> <B> Windows Management Instrumentation Service </B> (Winmgmt) or <B> WMI </B> provider (wmiprvse.exe) is consuming high amounts of CPU. </P> <BR /> <P> In the directions below, you may have already broken out <B> WMI </B> Service to troubleshoot your issue.&nbsp; By default, WMI runs in the main shared networking svchost process with several other services. </P> <BR /> <P> If it is a svchost process showing high cpu usage, you can use Task Manager and add PID column, then identify which svchost process has the high memory usage. From inside a command prompt you can type in <B> tasklist /svc </B> and look for the PID #, and identify if a single service is running in that svchost process or multiple services. If multiple services, it may become necessary to break each service out to run in its own svchost process to determine if it is the WMI service (winmgmt) that is causing the issue. From my experience, it will be the WMI service more times than not but not always.&nbsp; As such, I would suggest breaking it out first into its own, and monitor to see if it is the one driving up high memory usage in the shared svchost process. </P> <BR /> <P> If you suspect the WMI (Windows Management Instrumentation) service, you can break it out following directions below. </P> <BR /> <P> Break <B> WMI </B> Service out into its own svchost process </P> <BR /> <OL> <BR /> <LI> Open command prompt with elevated privileges </LI> <BR /> <LI> Run following command: <B> sc config winmgmt type= own </B> </LI> <BR /> <LI> Restart <B> Wmi </B> service </LI> <BR /> <LI> Run <B> sc query winmgmt </B> to ensure status of service now reflects “own” indicating running in its own svchost process </LI> <BR /> </OL> <BR /> <P> When issue had been resolved or no longer needing the service broken out into its own svchost process, place it back into the shared svchost process by running following command from command prompt: </P> <BR /> <UL> <BR /> <LI> <B> sc config &lt;service name&gt; type= share </B> </LI> <BR /> <LI> Restart the service or machine and verify result is Win32_SHARE_PROCESS when you </LI> <BR /> <LI> run <B> sc query winmgmt </B> command again </LI> <BR /> </UL> <BR /> <P> <B> Configure Perfmon Collection using logman.exe method </B> . <B> Capture 15 minutes while issue is occurring. </B> </P> <BR /> <P> Short, high resolution log – 1 sec interval with thread counter, 250MB </P> <BR /> <BLOCKQUOTE> <BR /> <P> 1. Click on Start </P> <BR /> </BLOCKQUOTE> <BR /> <P> &lt;&lt;Start Search&gt;&gt;, enter "CMD.exe" w/o the quotation marks and then press Enter. </P> <BR /> <BLOCKQUOTE> <BR /> <P> 2. Copy and paste the following command into the command prompt window (if this does not work, you may need to manually type it in): </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Logman.exe create counter PerfLog-Short -o "c:\perflogs\PerfLog-Short" -f bincirc -v mmddhhmm -max 250 -c "\Cache\*" "\LogicalDisk(*)\*" "\Memory\*" "\Network Interface(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Processor(*)\*" "\Process(*)\*" "\Redirector\*" "\Server\*" "\System\*" "\Server Work Queues\*" "\Thread(*)\*" -si 00:00:01 </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 3. Start the log with: </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Logman.exe start PerfLog-Short </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 4. Please stop the performance log as soon as the issue returns with the following command: </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Logman.exe stop PerfLog-Short </B> </P> <BR /> <P> <B> Please note that if you reboot the server, you will need to start the logs again as they will not automatically restart on boot. </B> </P> <BR /> <P> <B> Collect and Xperf trace for High CPU by using the Windows Performance Recorder form the Windows Performance Toolkit which you can install from the ADK </B> </P> <BR /> <P> <B> Note: If the Operating System is a 64 bit box, you must first accomplish the following registry setting before collecting Xperf trace. </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> Registry Path <BR /> HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management <BR /> Setting <BR /> DisablePagingExecutive <BR /> Data Type: <BR /> REG_DWORD <BR /> Value: <BR /> 1 </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> NOTE </B> setting this key is not needed on Windows Server 2012 &amp; 2012 R2 </P> <BR /> <P> Reboot machine to place registry setting into effect. <B> </B> </P> <BR /> <OL> <BR /> <LI> Download the Windows 8 ADK (Windows Assessment Deployment Kit) from <A href="#" target="_blank"> here </A> . </LI> <BR /> <LI> Open the adksetup.exe and hit next until you get you the option to select feature options </LI> <BR /> <LI> Select "Windows Performance Toolkit" and hit "Install" </LI> <BR /> </OL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93289i7D3A70A2D59352D3" /> </P> <BR /> <P> After installation has finished, start creating a trace by starting the "Windows Performance Recorder" </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93290i0B040CEFB28D5B02" /> </P> <BR /> <P> Select <B> CPU usage </B> under Resource Analysis </P> <BR /> <P> Logging mode can be left set to “ <B> Memory </B> ”, or you can change to “ <B> File </B> ”. Just be conscious of your disk space if you chose “ <B> File </B> ” as the etl file can become large fast </P> <BR /> <P> Capture high cpu occurrence, but do not let the recording run for no more than 10 minutes. </P> <BR /> <P> Immediately after capturing the event using Windows Performance Recorder (WPR), now use process explorer to dump out the process exhibiting high cpu usage. </P> <BR /> <BLOCKQUOTE> <BR /> <P> 1. Download Windows Sysinternals tool called <B> Procdump </B> : <A href="#" target="_blank"> http://technet.microsoft.com/en-us/sysinternals/dd996900.aspx </A> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 2. Open a command prompt with elevated or administrative rights and change to the directory were you saved Procdump </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 3. Open <B> Task Manager </B> and add the <B> PID </B> column view, then go locate the instance of wmiprvse.exe with high cpu usage and note the <B> PID </B> . If it was the WMI service that had the high cpu, then you should already have it broken out to run in its own svchost process and note the <B> PID </B> of that svchost process. To confirm you have the right svchost process, you can run <B> tasklist /svc </B> from administrative command prompt and verify the <B> PID </B> noted in task manager and ensure it is the svchost process running <B> winmgmt </B> in it. </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 4. Run the following command: <B> procdump –ma -s 60 -n 3 &lt;PID&gt; </B> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Note </B> : Replace <B> &lt;PID&gt; </B> with actual <B> PID </B> you documented for instance of <B> wmiprvse.exe </B> or for the svchost process running <B> winmgmt </B> exhibiting high memory usage </P> <BR /> <P> The above command will produce 3 dumps spaced 1 minute apart each in same directory you ran the procdump command from </P> <BR /> <BLOCKQUOTE> <BR /> <P> 5. Download the latest version of the Windows Sysinternals tool <B> Process Explorer </B> . <A href="#" target="_blank"> http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx </A> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 6. If it was wmiprvse.exe that had the high CPU usage, then find the instance and right click on it and bring up the properties sheet. Click on the <B> WMI Providers </B> tab and document the listed providers </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> At this point you will now need to open a Support Incident Case with Microsoft to get the data analyzed to determine cause of high CPU usage. </B> </P> <BR /> <P> <STRONG> Please reference this blog and the following TAG when you open the Support Incident Case with Microsoft, as it will help the engineer understand what actions have been taken or followed and well help us track the effectiveness of the blog. </STRONG> </P> <BR /> <P> <STRONG> TAG = WMITBLOG </STRONG> </P> <BR /> <P> Next up: <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2014/08/12/wmi-how-to-troubleshoot-wmi-high-handle-count.aspx" target="_blank"> WMI: How to Troubleshoot WMI High Handle Count </A> </P> <BR /> <P> -Jeffrey Worline </P> </BODY></HTML> Sat, 16 Mar 2019 12:29:01 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-how-to-troubleshoot-high-cpu-usage-by-wmi-components/ba-p/375494 CraigMarcho 2019-03-16T12:29:01Z WMI: High Memory Usage by WMI Service or Wmiprvse.exe https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-high-memory-usage-by-wmi-service-or-wmiprvse-exe/ba-p/375491 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 11, 2014 </STRONG> <BR /> <P> <B> Scenario </B> </P> <BR /> <P> Windows Management Instrumentation Service (Winmgmt) or <B> WMI </B> provider (wmiprvse.exe) is consuming high amounts of memory. </P> <BR /> <P> There are many reasons why WMI might experience high memory consumptions. This can occur in the WMI (Windows Management Instrumentation) service (winmgmt) or in the WMI provider hosting vehicle wmiprvse.exe. Both scenarios will be addressed below. </P> <BR /> <P> High memory usage may simply be due to load, as opposed to some type of leak. By default, the memory quota limit for instances of wmiprvse.exe on Windows XP and Windows Server 2003 is 128 MB, and 512 MB on newer Operating Systems (Vista and higher). Hit those limits and wmi functionality will become problematic if not come to a grinding halt. </P> <BR /> <P> There is another case where the quota limit problem could happen. There is limit for all wmiprvse’s cumulatively. If the total memory of all instances of wmiprvse’s ( <B> with one exception </B> ) together reaches 1GB, then all new memory allocations fail in all wmiprvse processes. </P> <BR /> <P> As a first effort you can try to bump up that quota limit to see if it gives enough room for wmiprvse to operate, but if you still reach the new quota limit, then you will want to proceed with the Scenarios below </P> <BR /> <P> How To Bump up WMI memory quota limit: </P> <BR /> <UL> <BR /> <LI> Go to Start--&gt; Run and type <B> wbemtest.exe </B> </LI> <BR /> <LI> Click <B> Connect </B> </LI> <BR /> </UL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93284i0E19E347BF3693DE" /> </P> <BR /> <P> </P> <BR /> <UL> <BR /> <LI> In the namespace text box type "root" (without quotes). </LI> <BR /> </UL> <BR /> <P> <B> Note: you aren’t connecting to CimV2 or any other namespaces. It’s ROOT </B> </P> <BR /> <UL> <BR /> <LI> Click <B> Connect </B> </LI> <BR /> <LI> Click <B> Enum Instances… </B> </LI> <BR /> </UL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93285iE488200917C0D3EB" /> </P> <BR /> <P> </P> <BR /> <UL> <BR /> <LI> In the <B> Class Info </B> dialog box enter Superclass Name as "__ProviderHostQuotaConfiguration" (without quotes) and press <B> OK </B> . <B> Note </B> : the Superclass name includes a double underscore at the front. </LI> <BR /> </UL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93286i404913B364886FDB" /> </P> <BR /> <P> </P> <BR /> <UL> <BR /> <LI> In the <B> Query Result </B> window, double-click "__ProviderHostQuotaConfiguration=@" </LI> <BR /> </UL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93287i7CDB3CA44624BBAA" /> </P> <BR /> <P> </P> <BR /> <UL> <BR /> <LI> In the <B> Object Editor </B> window, double-click whichever Property name you wish to modify the <B> quota </B> for. In this case that will be MemoryPerHost </LI> <BR /> </UL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93288i837DE98F6A08DD84" /> </P> <BR /> <P> </P> <BR /> <UL> <BR /> <LI> In the <B> Value </B> dialog, type in <B> 536870912 </B> (512 MB) for XP and Windows 2003.&nbsp; For Vista and higher, start with new value of <B> 805306368 </B> (768), then move to <B> 1073741824 </B> (1024) if still needing room. At the same time, if you are going to bump up the MemoryPerHostLimit, you should also then bump up the MemoryAllHost limit to 2147483648 (2048) provided you have the available ram to do so. If this does not resolve quota violation issue, then need to troubleshoot cause of high memory usage following below <B> Scenario </B> section </LI> <BR /> <LI> Click <B> Save Property. </B> </LI> <BR /> <LI> Click <B> Save Object. </B> </LI> <BR /> <LI> Close <B> Wbemtest. </B> </LI> <BR /> <LI> Restart the machine </LI> <BR /> </UL> <BR /> <P> Note: if you cannot restart the machine, then as a workaround, you can break Windows Management Instrumentation service into its own svchost process outline in step 2. a-c below. </P> <BR /> <P> If bumping the quota limits does not resolve the issue, then as workaround you can try to move suspected leaking providers into their own group (wmiprvse) to avoid the memory quota caused by other providers running in the group or kill the instance of wmiprvse exhibiting high memory until issue is resolved. This is outlined below in Scenarios 1a and 2a. </P> <BR /> <P> First thing we need to determine is if the memory consumption being caused by private data or heap data. We have to address the 2 types differently. </P> <BR /> <BLOCKQUOTE> <BR /> <P> 1. Download a Windows Sysinternals tool call <B> VMMap </B> from following url: <A href="#" target="_blank"> http://technet.microsoft.com/en-us/sysinternals/dd535533.aspx </A> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> VMMap </B> is a process virtual and physical memory analysis utility. It shows a breakdown of a process's committed virtual memory types as well as the amount of physical memory (working set) assigned by the operating system to those types. </P> <BR /> <P> This tool is used to attach to an individual process allowing a snapshot to be taken to see the memory map for that process. </P> <BR /> <BLOCKQUOTE> <BR /> <P> 2. Simply launch <B> VMMap </B> and from the process list it displays, pick the instance of wmiprvse showing the high working set memory usage. </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 3. If it is a svchost process that is exhibiting high memory, from a command run <B> scqueryex winmgmt </B> to identify the PID of the svchost process that is hosting WMI Service (winmgmt). From experience it will be the WMI service more times than not but not always as the service using majority of the memory; as such I would try to break it out first on its own and monitor to see if it is the one driving up high memory usage in the shared svchost process. </P> <BR /> </BLOCKQUOTE> <BR /> <P> From this point, I will assume it is the WMI service as this article is only addressing WMI and no other services. </P> <BR /> <P> You will need to break the WMI service out into its own svchost process first if it hasn’t already been accomplished so you can run <B> VMMap </B> specifically against the WMI service to truly know if it is being consumed by <B> Heap </B> or <B> Private D </B> ata. By default the WMI service runs in a shared svchost process with a community of other services. You can do so by the following directions. If it is caused by Heap, you will find later in the Scenario directions below that you will have to go back and uniquely name the svchost process for the service to run in to be able to enable <B> User Stack Tracing </B> against it. </P> <BR /> <BLOCKQUOTE> <BR /> <P> a. Open command prompted with elevated privileges </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> b. Break wmi service out into its own svchost process by running following command: <B> sc config winmgmt type= own </B> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> c. Restart wmi service with <B> net stop winmgmt </B> and <B> net start winmgmt </B> commands </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> d. Verify winmgmt service running in its own svchost process by runnning <B> tasklist /svc </B> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 4. Once it displays the result, look under the size column for Private Data and Heap. This should tell you if the majority of the memory being consumed is Private Data or Heap. </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 5. Follow appropriate Scenario below based on if issue is with Windows Management Instrumentation service or wmiprvse and if caused by Heap or Private Data memory. </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Scenario 1a: High Memory Consumption by Wmiprvse.exe caused by Heap memory </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 1. Download Windows <B> Debugging Tools for Windows </B> from following link: <A href="#" target="_blank"> http://msdn.microsoft.com/en-us/windows/hh852365.aspx </A> </P> <BR /> </BLOCKQUOTE> <BR /> <P> You can probably just get the standalone version since we only need the debugging tool and not the whole WDK package. </P> <BR /> <BLOCKQUOTE> <BR /> <P> 2. Go to the directory where you installed the tool and you will find <B> gflags.exe </B> as one of the files, right click on it and select run as administrator </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 3. Click on “ <B> Image File </B> ” tab </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 4. Type in <B> wmiprvse.exe </B> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 5. Hit the keyboard <B> TAB </B> key </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 6. Place check mark in “ <B> Create user mode stack trace database </B> ” </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 7. Click <B> Ok </B> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 8. Download the latest version of the Windows Sysinternals tool <B> Process Explorer </B> . <A href="#" target="_blank"> http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx </A> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 9. Find the instance of wmiprvse.exe with high memory consumption and right click on it and bring up the properties sheet. Click on the <B> WMI Providers </B> tab and document the listed providers </P> <BR /> </BLOCKQUOTE> <BR /> <P> Alternatively you could run following <B> wmic </B> command from command prompt to get a list of loaded providers and their associated PID you could then match up to PID with instance of wmiprvse with high memory usage: </P> <BR /> <P> <B> wmic path msft_providers get Provider,HostProcessIdentifier /format:list </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 10. We now want to take that list of providers and configure them to run in their own instance of wmiprivse.exe. Open an instance of PowerShell with admin rights </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 11. Run the following commands: Replace <B> ProviderName </B> below with actual ProviderNamer found from step 9, retain the quote marks. </P> <BR /> </BLOCKQUOTE> <BR /> <P> $prv = gcim -namespace root/standardcimv2 __win32provider -filter "name='ProviderName'" <BR /> &lt;ENTER&gt; <BR /> $prv.HostingModel = $Prv.HostingModel + ":OWN" <BR /> &lt;ENTER&gt; <BR /> set-ciminstance -inputobject $prv <BR /> &lt;ENTER&gt; </P> <BR /> <P> Repeat the above for each Provider found in step 9 </P> <BR /> <BLOCKQUOTE> <BR /> <P> 12. Restarting of Wmi service will put the settings into effect without having to reboot machine </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 13. Now you will want to take a process dump of the instance of wmiprvse when memory usage is high. Download Windows Sysinternals tool called <B> Procdump </B> from URL: <A href="#" target="_blank"> http://technet.microsoft.com/en-us/sysinternals/dd996900.aspx </A> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 14. Open a command prompt with elevated or administrative rights and change to the directory where you saved <B> Procdump </B> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 15. Open <B> Task Manager </B> and add the <B> PID </B> column view then go locate the instance of wmiprvse.exe with high memory usage and note the <B> PID, </B> or use Process Explorer </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 16. Run the following command: <B> procdump –ma -s 300 -n 3 &lt;PID&gt; </B> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Note </B> : Replace <B> &lt;PID&gt; </B> with actual <B> PID </B> you documented for instance of wmiprvse.exe exhibiting high memory usage </P> <BR /> <P> The above command will produce 3 dumps spaced at 5 minutes apart each in same directory you ran the procdump command from </P> <BR /> <BLOCKQUOTE> <BR /> <P> 17. Note also as workaround until issue gets resolved you could simply kill the instance of wmiprvse with high memory from task manager or from PowerShell can run following: </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> kill -f &lt;pid of suspect wmiprvse&gt; </B> </P> <BR /> <P> <B> At this point you will now need to open a Support Incident Case with Microsoft to get the data analyzed to determine cause of high memory usage </B> </P> <BR /> <P> <B> Reference this blog when you open the Support Incident Case with Microsoft as it will help the engineer understand what actions have been taken or followed and will help us track the effectiveness of the blog. </B> </P> <BR /> <P> <B> Scenario 1b: High Memory Consumption by WMI (Windows Management Instrumentation) service caused by Heap memory </B> </P> <BR /> <P> <B> The Windows Management Instrumentation </B> service runs under the display name of <B> winmgmt </B> and is located in networking svchost.exe process shared along with several other services. You need to break the WMI service out into its own unique svchost process for data collection purposes. </P> <BR /> <P> <B> NOTE </B> : If you have already broken the WMI service out to run in its own general svchost process following directions at beginning of this article, then you can skip to step 6 to uniquely name the svchost process it is running in. We do this because we only want to enable <B> User Stack Tracing </B> against just the WMI service and not every svchost process. </P> <BR /> <OL> <BR /> <LI> Open command prompted with elevated privileges </LI> <BR /> <LI> Break <B> wmi </B> service out into its own svchost process by running following command: <B> sc config winmgmt type= own </B> </LI> <BR /> <LI> Restart <B> wmi </B> service with <B> net stop winmgmt </B> and <B> net start winmgmt commands </B> </LI> <BR /> <LI> Verify winmgmt service running in its own svchost process by runnning <B> tasklist /svc </B> </LI> <BR /> <LI> Change command focus to system32 folder and run following command: <B> copy svchost.exe wmisvchost.exe </B> </LI> <BR /> <LI> From start run type in regedit and navigate to <B> HKLM\System_CurrentControlSet\Services\Winmgmt </B> </LI> <BR /> <LI> Modify existing ImagePath from %systemroot%\system32\svchost.exe -k netsvcs to <B> %systemroot%\system32\wmisvchost.exe -k netsvcs </B> </LI> <BR /> </OL> <BR /> <P> <B> Note: It is important that you go back and reverse what you did in step 7 and modify path back to original after you are no longer needing the service to be broken out and uniquely named as failure to do this can prevent future WMI hotfixes from being installed. </B> </P> <BR /> <P> <B> Simply run following command then restart wmi service: sc config winmgmt type= share </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 8. Restart wmi service with <B> net stop winmgmt </B> and <B> net start winmgmt </B> commands again </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 9. Verify you now see wmisvchost.exe process running by running <B> tasklist </B> or looking in <B> task manager </B> at process list </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 10. For sake of brevity here, follow steps 4-14 from Scenario 1a with the exception of typing in <B> wmisvchost.exe </B> in place or wmiprvse.exe for process we are enabling “ <B> Create user mode stack trace database </B> ” against. </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 11. Here we want to use procdump to dump the wmisvchost.exe process along with every instance of wmiprvse.exe that is running. Reference steps 9-11 listed in Scenario 1a above. </P> <BR /> </BLOCKQUOTE> <BR /> <P> First command will dump wmisvchost.exe 3 times spaced at 5 minute interval. Once it has completed, and then run second command to dump out each instance of wmiprvse.exe that is running. </P> <BR /> <P> Command for dumping wmisvchost.exe would be: <B> procdump –ma -s 300 -n 3 wmisvchost.exe </B> </P> <BR /> <P> Command for dumping each instance of wmiprvse just once: <B> procdump –ma &lt;PID&gt; </B> </P> <BR /> <P> <B> Note: Replace &lt;PID&gt; with actual PID for each instance of wmiprvse.exe </B> </P> <BR /> <P> <B> At this point you will now need to open a Support Incident Case with Microsoft to get the process dumps analyzed to determine cause of high memory usage </B> </P> <BR /> <P> <B> Reference this blog when you open the Support Incident Case with Microsoft as it will help the engineer understand what actions have been taken or followed and will help us track the effectiveness of the blog. </B> </P> <BR /> <P> <B> Scenario 2a: High Memory Consumption by Wmiprvse.exe caused by Private Data memory </B> </P> <BR /> <P> This scenario is a little bit different than being caused by Heap, as just dumps in of themselves normally do not tell the full story. In this type of case, we need to know what type of wmi activity is occurring and it becomes significantly harder and more involved to try and determine cause. </P> <BR /> <P> We will need to collect procdumps still, but also need to add in WMI activity logging. </P> <BR /> <BLOCKQUOTE> <BR /> <P> 1. From start run type in <B> eventvwr.msc </B> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 2. On the View menu at the top select “ <B> show analytical and debug logs </B> ” so it displays check mark next to it </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 3. Expand <B> Applications and Services\Microsoft\Windows\WMI-Activity </B> </P> <BR /> </BLOCKQUOTE> <BR /> <P> Right click on items Debug and Trace and select “ <B> Enable </B> ” for each one </P> <BR /> <BLOCKQUOTE> <BR /> <P> 4. Download the latest version of the Windows Sysinternals tool Process Explorer <A href="#" target="_blank"> http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx </A> . </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 5. Find the instance of wmiprvse.exe with high memory consumption and right click on it and bring up the properties sheet. Click on the <B> WMI Providers </B> tab and document the listed providers </P> <BR /> </BLOCKQUOTE> <BR /> <P> Alternatively you could run following <B> wmic </B> command from command prompt to get a list of loaded providers and their associated PID you could then match up to PID with instance of wmiprvse with high </P> <BR /> <P> memory usage: </P> <BR /> <P> <B> wmic path msft_providers get Provider,HostProcessIdentifier /format:list </B> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 6. We now want to take that list of providers and configure them to run in their own instance of wmiprivse.exe. Open an instance of PowerShell with admin rights </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 7. Run the following commands: Replace <B> ProviderName </B> below with actual ProviderNamer found from step 9, retain the quote marks. </P> <BR /> </BLOCKQUOTE> <BR /> <P> $prv = gcim -namespace root/standardcimv2 __win32provider -filter "name='ProviderName'" <BR /> &lt;ENTER&gt; <BR /> $prv.HostingModel = $Prv.HostingModel + ":OWN" <BR /> &lt;ENTER&gt; <BR /> set-ciminstance -inputobject $prv <BR /> &lt;ENTER&gt; </P> <BR /> <P> Repeat the above for each Provider found in step 5 </P> <BR /> <BLOCKQUOTE> <BR /> <P> 8. Restarting of Wmi service will put the settings into effect without having to reboot machine </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 9. When memory usage is high, use <B> Procdump </B> tool to dump out the wmiprvse.exe exhibiting high memory usage. <A href="#" target="_blank"> http://technet.microsoft.com/en-us/sysinternals/dd996900.aspx </A> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 10. Open a command prompt with elevated or administrative rights and change to the directory where you saved Procdump </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 11. Open <B> Task Manager </B> and add the <B> PID </B> column view then go locate the instance of wmiprvse.exe with high memory usage and note the <B> PID, </B> or use Process Explorer </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 12. Run the following command: <B> procdump –ma -s 300 -n 3 &lt;PID&gt; </B> </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> Note: </B> Replace <B> &lt;PID&gt; </B> with actual <B> PID </B> you documented for instance of wmiprvse.exe exhibiting high memory usage </P> <BR /> <P> The above command will produce 3 dumps space out 5 minutes apart each in same directory you ran the procdump command from </P> <BR /> <BLOCKQUOTE> <BR /> <P> 13. Collect a network trace for 2 minutes using <B> Network Monitor </B> . Latest version can be found at: <A href="#" target="_blank"> http://www.microsoft.com/en-us/download/details.aspx?id=4865 </A> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 14. Now save wmi-activity traces in Event Viewer, do so by right clicking on each and select “ <B> Save all events as </B> ” option </P> <BR /> </BLOCKQUOTE> <BR /> <P> <B> At this point you will now need to open a Support Incident Case with Microsoft for data analysis and most likely for more in depth troubleshooting and data collection methods </B> </P> <BR /> <P> <B> Reference this blog when you open the Support Incident Case with Microsoft as it will help the engineer understand what actions have been taken or followed and will help us track the effectiveness of the blog. </B> </P> <BR /> <P> <B> Scenario 2b: High Memory Consumption by WMI (Windows Management Instrumentation) service caused by Private Data memory </B> </P> <BR /> <P> <B> NOTE </B> : If you have already broken the WMI service out to run in its own general svchost process following directions at beginning of this article, then you can skip to step 5 </P> <BR /> <OL> <BR /> <LI> Open command prompted with elevated privileges </LI> <BR /> <LI> Break <B> WMI </B> service out into its own svchost process by running following command: <B> sc config winmgmt type= own </B> </LI> <BR /> <LI> Restart <B> WMI </B> service with <B> net stop winmgmt </B> and <B> net start winmgmt </B> commands </LI> <BR /> <LI> Verify winmgmt service running in its own svchost process by runnning <B> tasklist /svc </B> </LI> <BR /> <LI> From start run type in <B> eventvwr.msc </B> </LI> <BR /> <LI> On the View menu at the top select “ <B> show analytical and debug logs </B> ” so it displays check mark next to it </LI> <BR /> <LI> Expand <B> Applications and Services\Microsoft\Windows\WMI-Activity </B> </LI> <BR /> </OL> <BR /> <P> Right click on items Debug and Trace and select “ <B> Enable </B> ” for each one </P> <BR /> <P> 8. Here we want to use procdump to dump the svchost process housing the WMI Service along with every instance of wmiprvse.exe that is running. Reference steps 9-10 listed in Scenario 1a above </P> <BR /> <BLOCKQUOTE> <BR /> <P> a. From command prompt run <B> tasklist /svc </B> and locate the instance of svchost that winmgmt is running in and note the <B> PID </B> </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> b. First command will dump svchost.exe 3 times spaced at 5 minute interval. Once it has completed, and then run second command to dump out each instance of wmiprvse.exe that is running just once </P> <BR /> </BLOCKQUOTE> <BR /> <P> Command for dumping svchost.exe housing winmgmt would be: <B> procdump –ma -s 300 -n 3 &lt;PID&gt; </B> </P> <BR /> <P> <B> Note: Replace &lt;PID&gt; with actual PID for svchost process housing winmgmt </B> </P> <BR /> <P> Command for dumping each instance of wmiprvse running would be: <B> procdump –ma &lt;PID&gt; </B> </P> <BR /> <P> <B> Note: Replace &lt;PID&gt; with actual PID for each instance of wmiprvse.exe </B> </P> <BR /> <P> <STRONG> </STRONG> </P> <BR /> <OL> <BR /> <LI> Collect a network trace for 2 minutes using <B> Network Monitor </B> . Latest version can be found at: <A href="#" target="_blank"> http://www.microsoft.com/en-us/download/details.aspx?id=4865 </A> </LI> <BR /> <LI> Now save wmi-activity traces in Event Viewer, do so by right clicking on each and select <B> “Save all events as” </B> option </LI> <BR /> </OL> <BR /> <P> <B> At this point you will now need to open a Support Incident Case with Microsoft for data analysis and most likely for more in depth troubleshooting and data collection methods </B> </P> <BR /> <P> <STRONG> Please reference this blog and the following TAG when you open the Support Incident Case with Microsoft, as it will help the engineer understand what actions have been taken or followed and well help us track the effectiveness of the blog. </STRONG> </P> <BR /> <P> <STRONG> TAG = WMITBLOG </STRONG> <STRONG> <BR /> </STRONG> </P> <BR /> <P> Next up: <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2014/08/12/wmi-how-to-troubleshoot-high-cpu-usage-by-wmi-components.aspx" target="_blank"> WMI: How to troubleshoot High CPU Usage by WMI Components </A> </P> <BR /> <P> -Jeffrey Worline </P> </BODY></HTML> Sat, 16 Mar 2019 12:28:35 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-high-memory-usage-by-wmi-service-or-wmiprvse-exe/ba-p/375491 CraigMarcho 2019-03-16T12:28:35Z WMI: Missing or Failing WMI Providers or Invalid WMI Class https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-missing-or-failing-wmi-providers-or-invalid-wmi-class/ba-p/375485 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 11, 2014 </STRONG> <BR /> <B> Scenario </B> <BR /> <BR /> Windows Management Instrumentation fails due to receiving an event or error concerning missing or failure to load <B> WMI Provider, </B> or <B> Invalid WMI class, </B> or <B> WMI Invalid Namespace </B> . <BR /> <BR /> Below are some common errors indicating issues with a WMI Provider or Class: <BR /> <BR /> <UL> <LI> Failed to initialize all required <B> WMI </B> classes </LI> <LI> Win32_processor: <B> WMI </B> : Invalid namespace </LI> <LI> Win32_WMISetting: <B> WMI </B> : Invalid namespace </LI> <LI> Win32_OperatingSystem: <B> WMI </B> : Invalid namespace </LI> <LI> WBEM_E_NOT_FOUND 0x80041002 </LI> <LI> WBEM_E_PROVIDER_FAILURE 0x80041004 </LI> <LI> WBEM_E_INVALID_NAMESPACE 0x8004100E </LI> <LI> WBEM_E_INVALID_CLASS 0x80041010 </LI> <LI> WBEM_E_PROVIDER_NOT_FOUND 0x80041011 </LI> <LI> WBEM_E_INVALID_PROVIDER_REGISTRATION 0x80041012 </LI> <LI> WBEM_E_PROVIDER_LOAD_FAILURE&nbsp;&nbsp;&nbsp; 0x80041013 </LI> </UL> <BR /> <BR /> The common urge by many is to simply take a hammer to WMI and either rebuild the repository or recompile all of the .mof files in the <B> C:WindowsSystem32Wbem </B> folder. While the hammer may seem a good approach to solve your problem in some cases or what seems like a quick fix, it can actually cause more problems and issues that are not immediately visible or felt. These newly created problems as a result of the hammer approach are not always immediately obvious and tend to surface later, and usually when the last thing you need is another problem to have to deal with on your plate, especially if it created a critical business situation. <BR /> <BR /> Rebuilding the repository or recompiling all of the .mof files as a first action when other steps should be taken first can cause damage to the system and/or to installed applications. <BR /> <BR /> First we want to just check right up front if our repository is corrupted or not to save time, then continue from there with appropriate actions. <BR /> <BR /> Check the Windows Application log, look for events in the past week where Source = Microsoft-Windows-WMI, check if any of the following WMI event IDs exist: 28, 65, 5600, 5601, 5614. Any of these could indicate a WMI repository or core infrastructure problem. <BR /> <BR /> Check if the repository is corrupted or not by running following command from command prompt with admin rights: <B> winmgmt /verifyrepository </B> . If it is corrupted the returned result will be “ <B> Repository is inconsistent </B> .” If it comes back as consistent, then repository is not corrupted so do not rebuild repository at this point. <BR /> <BR /> <B> Note: if results came back as “inconsistent”, then skip to bottom of the page and reference the section titled “Wmi Repository Corrupted”, otherwise continue with the methods below. </B> <BR /> <BR /> <B> If issue is with a 3 <SUP> rd </SUP> party provider or namespace, the vendor should be engaged as they are responsible for their own namespaces and providers. </B> <BR /> <BR /> For the 3 scenarios listed below for WMI Invalid Namespace, WMI Invalid Class, and WMI Provider Load failure, if a class is present and operation still errors out with invalid class, then the most likely reason is that service/wmiprvse is hitting memory quota limit or issues. <BR /> <BR /> When a quota issue is hit in wmiprvse, new memory allocations fail and based on where the failure happen client gets different errors “invalid query”/Invalid class/Provider load failure/quota check” <BR /> When a quota issue is hit when a new operation is for a provider which is not loaded already in wmiprvse and thus requiring it to be loaded in a new instance of wmiprvse, then the provider loading would fail with “provider load failure”. <BR /> <BR /> <B> Scenario 1: WMI Invalid Namespace </B> <BR /> <BR /> First we want to take any scripts or programs out of the equation by using local built in tools. The two most common tools used to check wmi functionality is the WMI console ( <B> winmgmt.msc </B> ) and <B> Wbemtest </B> (Windows Management Instrumentation Tester). <BR /> <BR /> Ensure the Namespace in question actually exist and functional. <BR /> <BR /> <OL> <LI> Go to start-run and type in <B> wmimgmt.msc </B> </LI> <LI> Right click on <B> Local Wmi Control </B> (Local)and select properties </LI> <LI> On the <B> general </B> tab, if there is any failures noted on that box, that indicates a core WMI issue and most likely with the <B> Cimv2 </B> namespace. </LI> <LI> Click on the <B> Security </B> tab and expand Root folder. This is where you will see all of the namespace listed for WMI </LI> <LI> Find the namespace referenced in the error message you are getting </LI> <LI> If you find the namespace is missing, do the following, otherwise skip to step 6 if the namespace is listed </LI> </OL> <BR /> <BR /> <BLOCKQUOTE> a. Open up a command prompt with administrative rights or elevated privileges <P> </P> <P> b. Go to <A href="#" target="_blank"> www.msdn.com </A> and search for the provider of the missing namespace. We are looking for the associated .mof file. In the below example, we will use MSCluster as our missing namespace. </P> </BLOCKQUOTE> <BR /> <BR /> <P> e.g. search words: wmi mscluster provider or wmi mscluster namespace. In this case you should find ClusWmi.mof as the WMI provider <BR /> <BR /> In case the CimV2 namespace is missing, the provider is CimWin32.mof <BR /> <BR /> If it also lists the associated .dll file, you will want to re-register it also as this would be the registration for the DCOM side as WMI and DCOM work hand in hand. <BR /> <BR /> </P> <BLOCKQUOTE> c. From the command prompt with administrative rights or elevated privileges change directory to C:WindowsSystem32Wbem and run the following command: <B> mofcomp.exe &lt;provider.mof&gt; </B> <P> </P> </BLOCKQUOTE> <BR /> <BR /> <P> <B> Note: Replace &lt;provider.mof&gt; with actual .mof name you found searching MSDN. In our example above that command would be: mofcomp.exe ClusWmi.mof </B> <BR /> <BR /> <B> For re-registering associated .dll if one exists use following command: regsvr32 &lt;provider.dll&gt; and again replacing &lt;provider.dl&gt; with actual dll name </B> <BR /> <BR /> </P> <BLOCKQUOTE> d. Restart the Windows Management Instrumentation Service <P> </P> </BLOCKQUOTE> <BR /> <BR /> <BLOCKQUOTE> <P> e. Use <B> wmimgmt.msc </B> console again to now check if the missing namespace is now listed. First close the console and reopen if it was still open from previous action </P> </BLOCKQUOTE> <BR /> <BR /> <P> 7. Go to start-run and type in <B> wbemtest </B> <BR /> <BR /> 8. Click on the “ <B> Connect Button </B> ” <BR /> <BR /> 9. In the Namespace Box type in the path to the namespace for which getting invalid namespace error for. This path would have the same look and feel of a Windows Directory, so just as you see the structure in <B> wmimgmt.msc </B> console on the <B> Security </B> tab, so is how you will type in path <BR /> <BR /> Examples: <BR /> <BR /> RootCimv2 <BR /> RootMscluster <BR /> RootRSOPComputer <BR /> <BR /> 10. Click on the “Connect” button <BR /> <BR /> 11. Now all of the buttons should no longer be greyed out on the main <B> wbemtest </B> console page. Click on the “ <B> Enum Classes </B> ” button <BR /> <BR /> 12. Leave “Enter Superclass Name” blank and select “ <B> Recursive </B> ” then click OK. If you don’t get any error messages then you can access the name successfully without issue using built in Windows Management Instrumentation Tester <BR /> <BR /> 13. To test further, let’s see if we can access some classes. <BR /> <BR /> </P> <BLOCKQUOTE> a. Pick any class and double click on it to bring up the <B> Object Editor </B> for that class <P> </P> </BLOCKQUOTE> <BR /> <BR /> <BLOCKQUOTE> <P> b. Next click on the “ <B> Instances </B> ” button on the right </P> </BLOCKQUOTE> <BR /> <BR /> <BLOCKQUOTE> <P> c. If it doesn’t sit there hung at “ <B> Operation in progress </B> ” or doesn’t return any error, then access to that class would appear to be okay. </P> </BLOCKQUOTE> <BR /> <BR /> <P> NOTE: Not every class you click in the “ <B> Instances </B> ” button will actually return results. Some classes will and some won’t depending on the class. Don’t sweat it if it doesn’t as long as the box above says “Done” <BR /> <BR /> Repeat this on several classes in the namespace for sanity check just to see if any produce an error message or <B> Operation in progress </B> hangs. <BR /> <BR /> If you did not get any errors connecting to the namespace or accessing some of the classes in that namespace, then your issue may be with the application or whatever method being used outside of <B> Wbemtest </B> that is the problem and would <B> advise opening case with Microsoft if it is a Microsoft application or process, otherwise first contact the vendor of the application for assistance in troubleshooting. </B> <BR /> <BR /> <B> Reference this blog when you open the Support Incident Case with Microsoft as it will help the engineer understand what actions have been taken or followed and will help us track the effectiveness of the blog. </B> <BR /> <BR /> <B> Scenario 2: WMI Invalid Class </B> <BR /> <BR /> To troubleshoot an Invalid WMI Class, you basically would follow the same procedure as above that you would for WMI Invalid Namespace. <BR /> <BR /> Here is a good link that you could probably also click your way thru various links to find the provider .mof for Microsoft classes. <BR /> <BR /> <A href="#" target="_blank"> WMI Classes </A> <BR /> <BR /> <B> Scenario 3: WMI Provider Load Failure </B> <BR /> <BR /> Again, you will follow the same procedures as above for testing, and also locating the provider .mof file and associated .dll if one is listed and recompiling and re-registering of that particular provider. <BR /> <BR /> <B> Wmi Repository Corrupted </B> <BR /> <BR /> There are some exceptions where you have accomplished all of the above and from <B> Wbemtest </B> (note I said <B> Wbemtest </B> , not some method outside of <B> Wbemtest </B> ) and you are still getting failures with a namespace, class, or provider. In these scenarios you may have to revert to using the proverbial hammer as a last ditch effort even though the repository check came back as <B> consistent </B> when your ran <B> winmgmt /verifyrepository </B> . <BR /> <BR /> Before doing such, it would be a good idea to open a <B> Support Incident Case with Microsoft </B> for assistance before reverting to rebuilding of the repository if the winmgmt /verifyrepository had come back as <B> Consistent </B> . <BR /> <BR /> <B> IMPORTANT </B> <BR /> <BR /> <B> If this becomes the case, please refer to my Ask the Performance Team Blog article, WMI: Rebuilding the WMI Repository before rebuilding the repository as there are some important gotchas that you need to be aware of. </B> <BR /> <BR /> <B> As a final note, if you are running into a reoccurring WMI corruption issue in your environment, try to exclude the WBEM folder and all subfolders under it from AV scanning. AV scanning is known to cause corruption in WMI. </B> <BR /> <BR /> <B> At this point you may also want to open a Support Incident with Microsoft for further assistance if needed. </B> <BR /> <BR /> <STRONG> Please reference this blog and the following TAG when you open the Support Incident Case with Microsoft, as it will help the engineer understand what actions have been taken or followed and well help us track the effectiveness of the blog. </STRONG> <BR /> <BR /> <STRONG> TAG = WMITBLOG </STRONG> <BR /> <BR /> Next up: <A href="#" target="_blank"> WMI: High Memory Usage by WMI Service or Wmiprvse.exe </A> <BR /> <BR /> </P> <P> -Jeffrey Worline </P> </BODY></HTML> Sat, 16 Mar 2019 12:27:44 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-missing-or-failing-wmi-providers-or-invalid-wmi-class/ba-p/375485 CraigMarcho 2019-03-16T12:27:44Z WMI: Repository Corruption, or Not? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-repository-corruption-or-not/ba-p/375484 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 08, 2014 </STRONG> <BR /> <STRONG> Scenario </STRONG> <BR /> <BR /> Windows Management Instrumentation failing due to repository being corrupted <BR /> <BR /> The <B> WMI </B> Repository <B> (%windir%System32WbemRepository </B> ) is the database that stores meta-information and definitions for <B> WMI </B> classes; in some cases the repository also stores static class data as well. If Repository becomes corrupted, then the <B> WMI </B> service will not be able to function correctly. <BR /> <BR /> Before grabbing that preverbal hammer approach and just rebuilding your repository, ask yourself, <B> “Is the WMI repository OK?” </B> <BR /> <BR /> Common symptoms that lead to this question are: provider load failure, access denied, class not found, invalid namespace, and namespace not found to mention a few. <BR /> <BR /> If you suspect <B> WMI </B> or repository corruption, <B> rebuilding repository is the last thing you should do without verifying this is truly the case </B> . Deleting and rebuilding the repository can cause damage to Windows or to installed applications. Other steps should be taken first to eliminate other possibilities or to confirm we have repository corruption. Noting here that having a repository too large also creates problems; an issue that can sometimes be interpreted as a corrupt repository, which is not always the case. If issues are due to a large repository, rebuilding the repository is currently the only method available to reduce it back to a working size. <BR /> <BR /> Since I mentioned “large repository”, let me set some guidelines up front. There is no hard fast number per say as to when you will start feeling performance problems with a large repository. As a guideline, if the <B> objects.data </B> file, located in <B> (%windir%System32WbemRepository, </B> is 1 GB or larger, then I would recommend rebuilding your repository to reduce it back down to a working and manageable size. If the size is between 600-900 MB, and you are not feeling any noticeable performance issues, then I would recommend against rebuilding the repository. <BR /> <BR /> If <B> WMI </B> is corrupted, you can receive various errors and symptoms, depending on what activity was being done at the time. Below is a few errors and symptoms that could indicate that the repository is corrupted: <BR /> <BR /> <OL> <LI> Unable to connect to rootdefault or rootcimv2 namespaces. Fails returning error code 0x80041002 pointing to WBEM_E_NOT_FOUND. </LI> <LI> When we open Computer Management and Right Click on Computer Management (Local) and select Properties, you get the following error: " <B> WMI </B> : Not Found" or it hangs trying connect </LI> <LI> 0x80041010 WBEM_E_INVALID_CLASS </LI> <LI> Trying to use wbemtest, it hangs </LI> <LI> Schemas/Objects missing </LI> <LI> Strange connection/operation errors (0x8007054e): </LI> </OL> <BR /> <BR /> get-cimclass : Unable to complete the requested operation because of either a catastrophic media failure or a data structure corruption on the disk. <BR /> <BR /> At line:1 char:1 <BR /> <BR /> + get-cimclass -Namespace rootcimv2TerminalServices <BR /> <BR /> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <BR /> <BR /> + CategoryInfo : NotSpecified: (:) [Get-CimClass], CimException <BR /> <BR /> + FullyQualifiedErrorId : HRESULT <B> 0x8007054e </B> ,Microsoft.Management.Infrastructure.CimCmdlets.GetCimClassCommand <BR /> <BR /> Check the Windows Application log for events in the past week where Source = Microsoft-Windows-WMI.&nbsp; Look for any of the following WMI event IDs: 28, 65, 5600, 5601, 5614. Any of these could indicate a WMI repository issue or core infrastructure problem. <BR /> <BR /> If you do not find any of these events logged, your next action is to use the built in repository checker. From an elevated command prompt run <B> "winmgmt /verifyrepository </B> ". If the repository has an issue, it will respond "repository is not consistent". <BR /> <BR /> If repository check comes back as “consistent”, then look at my other Ask Perf blogs for applicability: <BR /> <BR /> <A href="#" target="_blank"> WMI: Missing or Failing WMI Providers or Invalid WMI Class </A> <BR /> <BR /> <A href="#" target="_blank"> WMI: High Memory Usage by WMI Service or Wmiprvse.exe </A> <BR /> <BR /> <A href="#" target="_blank"> How to troubleshoot High CPU Usage by WMI Components </A> <BR /> <BR /> <B> WMI Self-Recover </B> <BR /> <BR /> When the WMI service restarts or detects Repository corruption, the self-recovery procedure will trigger automatically in two approaches (one or the other): <BR /> <BR /> <OL> <LI> AutoRestore: if the VSS backup mechanism enable snapshot the timestamp backup images In the system (ex. Win7 feature: previous fileversion), WMI will apply the AutoRestore approach to restore backup valid images in version queue. (if possible) <UL> <LI> EVT: 65 (start restore) / 66 (succeed recovered with VSS Path) </LI> </UL> </LI> </OL> <BR /> <BR /> <OL> <LI> AutoRecovery: the rebuild process to generate fresh images of Repository based on registered mofs( listed @ HKLMSoftwareMicrosoftWBEMCIMOM: AutoRecover Mofs). <UL> <LI> EVT: 5616 (complete recovery), eventually, there are lots of EVT:63 for mof warning about Localsystem registration of providers. </LI> </UL> </LI> </OL> <BR /> <BR /> <B> Note: Under almost no circumstance should you use the script that rebuilds the WMI repository from the MOF files </B> <BR /> <BR /> The script is inherently flawed, for 2 reasons: <BR /> <BR /> <OL> <OL> <LI> If you navigate to the %systemroot%system32wbem folder, and list the MOF files, you see find MOFs named (some provider name)_ <B> uninstall.mof </B> . When you mofcomp those, they remove the classes in the MOF. The script mofcomps everything, so it can very easily install then immediately uninstall the classes, resulting in the class not being accessible. </LI> <LI> Replaying mofs is often sequence dependent. Example: classes in mof1 can depend on or have associations with classes in mof2. If they aren't present, MOFCOMP will not insert the classes. It's extremely difficult to know what is / is not the right sequence, so any script that simply MOFCOMPs everything is not going to be fully successful. </LI> </OL> </OL> <BR /> <BR /> In addition to causing damage to your system that's almost impossible to fix correctly, if you take that approach you will blow away all information that could be used to determine the root-cause. <BR /> <BR /> If the repository check ( <B> winmgmt /verifyrepository) </B> comes back as inconsistent, your first action is to run “ <B> winmmgmt /salvagerepository” </B> followed by running “ <B> winmgmt /verifyrepository” </B> again to see if it now comes back as consistent. <BR /> <BR /> If it is still comes back inconsistent, then you need to run “ <B> winmgmt /resetrepository </B> .” Before running this, <B> please read the important note below for Server 2012 </B> . <BR /> <BR /> <B> Force-recovery process </B> -- rebuild based on the registry list of AutoRecover Mofs <BR /> <BR /> <BR /> <BR /> <OL> <LI> Check regkey value is <B> empty </B> or not <B> @ HKLMSoftwareMicrosoftWBEMCIMOM: 'Autorecover Mofs' (** </B> first line on some OSs is empty, review it in opening the regkey value <B> ) </B> </LI> <LI> If above regkey is empty, copy/paste the regkey value from another machine of equal System/OS to the suspect machine </LI> <LI> Run the following command from command prompt with admin rights: “ <B> Winmgmt /resetrepositoy” </B> </LI> <LI> If you get the error noted below, stop all dependency services on the WMI service by running following command: <B> </B> </LI> </OL> <BR /> <BR /> <B> net stop winmgmt /y </B> <BR /> <BR /> then run <BR /> <BR /> <B> Winmgmt /resetrepositoy </B> <BR /> <BR /> WMI repository reset failed <BR /> Error code:&nbsp;&nbsp;&nbsp;&nbsp; 0x8007041B <BR /> Facility:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Win32 <BR /> Description:&nbsp;&nbsp;&nbsp; A stop control has been sent to a service that other running services are dependent on <BR /> <BR /> <B> NOTE: Applies to Server 2012 </B> <BR /> <BR /> We have encountered some issues when running the mofcomp command on <B> Windows Server 2012 </B> which has caused the Cluster namespace to be removed due to the <B> cluswmiuninstall.mof </B> contained in the c:windowssystem32wbem folder. It has also caused unregistering class names for Cluster Aware Updating (CAU) because of its cauwmiv2.mof also in the wbem folder. Those could also affect other namespace that have an uninstall type .mof in the wbem folder beyond the two mentioned above. <BR /> <BR /> Furthermore, the uninstall .mof files for servers running Microsoft Cluster are also part of the <B> autorecover </B> folder that is used when you run the <B> winmgmt /resetrepository </B> command which will end up having the same effect of first installing the Cluster namespace, then uninstalling it just as if you had run a script to rebuild the repository that contained the “for” command to recompile all of the MOFs in the WBEM folder. <BR /> <BR /> <B> Take the following actions to confirm if the uninstall problem for this scenario exists on your server. </B> If it doesn’t, then you can run the <B> winmgmt /reset repository </B> , otherwise follow my directions below for manually accomplishing rebuild. <BR /> <BR /> <OL> <LI> Open regedit, and navigate to <B> hklmsoftwaremicrosoftwbemcimom </B> , and open “ <B> Autorecover MOFS </B> ” </LI> <LI> Copy the data from that string value, and paste it into notepad </LI> <LI> Do a search for <B> ClusWmiUninstall.mof </B> . If the cluster provider uninstall has autorecover, it will be listed here </LI> <LI> If found, then continue to manual rebuild below, if not found then go ahead and use the <B> winmgmt /resetrepository </B> command </LI> </OL> <BR /> <BR /> <B> How to manually rebuild repository on Server 2012 Cluster machine when cluster provider uninstall has an autorecover </B> <BR /> <BR /> First ensure you have run <B> winmgmt /verifyrepository </B> to ensure that it is “ <B> inconsistent </B> ” and that you have tried <B> winmgmt /salvagerepository </B> to see if it resolves your issue. <BR /> <BR /> Change the startup type for the Window Management Instrumentation ( <B> WMI </B> ) Service to disabled. <BR /> <BR /> <BR /> <BR /> <OL> <LI> Stop the <B> WMI </B> Service, you may need to stop services dependent on the WMI service first before it allow you to successfully stop <B> WMI </B> Service </LI> <LI> Rename the repository folder:&nbsp; C:WINDOWSsystem32wbemRepository to <B> Repository.old </B> </LI> <LI> Open a CMD Prompt with elevated privileges </LI> <LI> Cd windowssystem32wbem </LI> <LI> Run following command to re-register all the dlls: <B> for /f %s in ('dir /b /s *.dll') do regsvr32 /s %s </B> </LI> <LI> Set the <B> WMI </B> Service type back to Automatic and restart <B> WMI </B> Service </LI> <LI> <B> cd /d c: </B> ((go to the root of the c drive, this is important)) </LI> <LI> Run following command specifically adopted for 2012 Clustered servers to recompile the MOFs: <B> “dir /b *.mof *.mfl | findstr /v /i uninstall &gt; moflist.txt &amp; for /F %s in (moflist.txt) do mofcomp %s” </B> </LI> <LI> Restart WMI service </LI> </OL> <BR /> <BR /> <B> As a final note, if you run into a reoccurring corruption issue in your environment with WMI, try to exclude the WBEM folder and all subfolders under it from AV scanning. AV scanning is known to cause corruption and other issues in WMI. </B> <BR /> <BR /> <B> Other repository recovery solutions: </B> <BR /> <BR /> <B> Note: in following solutions (1 &amp; 2), if the backup images (repository) are in large size (&gt;100MB), restoring the repository will take some time. </B> <BR /> <BR /> <OL> <LI> Apply WMI AutoRestore story in the system to recover the repository image quickly and keep it in sync with previous state. </LI> <LI> Enable VSS backup-related features for storing image snapshots <UL> <LI> ex.&nbsp; Volume Shadow Copy (VSS), or check any valid copies listed Local Disk(C:) Properties &gt;&gt; Shadow copies </LI> </UL> </LI> <LI> Make sure registry key has following setting: <B> HKLMSoftwareMicrosoftWBEMCIMOM: AutoRestoreEnabled=1 </B> </LI> <LI> Frequently snapshot the restore-points of the system (if needed, refer to the following PowerShell scripts) </LI> </OL> <BR /> <BR /> <B> $filterStmt = [String]::Format("DriveLetter='{0}'",$env:SystemDrive) </B> <BR /> <BR /> <B> # Get systemdrive Volume info </B> <BR /> <BR /> <B> $vlm = gcim win32_Volume -Filter $filterStmt </B> <BR /> <BR /> <B> # create a shadowcopy </B> <BR /> <BR /> <B> $res = icim win32_ShadowCopy -MethodName Create -Arguments @{Volume=$Vlm.DeviceID} </B> <BR /> <BR /> <B> if ($res.ReturnValue -eq 0) </B> <BR /> <BR /> <B> { gcim win32_ShadowCopy -Filter ("ID='"+$res.ShadowID+"'") } # ** </B> <BR /> <BR /> <B> else </B> <BR /> <BR /> <B> { $res | fc } </B> <BR /> <BR /> <OL> </OL> <BR /> <BR /> <UL> <LI> AutoRestore only searches the top 3 queued snapshots for the latest valid backup, if no valid one is found, AutoRecovery will apply. </LI> <LI> To restore others in the queue of snapshots ( manually ) <OL> <LI> In Server sku, looking at 'previous version' tab of the repository folder to find the expected backup path <UL> <LI> ex. " <A> \localhostC$@GMT-2014.03.13-01.02.49Windowssystem32wbemrepository </A> " </LI> <LI> to check whether the snapshot image is valid or not, from command prompt do: <UL> <LI> <B> winmgmt /verifyrepository </B> " <A> \localhostC$@GMT-2014.03.13-01.02.49Windowssystem32wbemrepository </A> " </LI> </UL> </LI> </UL> </LI> <LI> stop WMI service: Net stop winmgmt /y </LI> <LI> Replace all of the files in <B> %windir%system32wbemRepository </B> folder with the files from the backup path found in step 1 </LI> </OL> </LI> </UL> <BR /> <BR /> <STRONG> Note </STRONG> The WMI Service has auto start setting, and if it comes back alive, you will not be able to replace the files.&nbsp; The service needs to be in a stopped state (if WMI service is alive at the time, repeat step: 2~3) <BR /> <BR /> ex. Directory of <A> \localhostC$@GMT-2014.03.13-01.02.49Windowssystem32wbemrepository </A> <BR /> <BR /> 03/11/2014&nbsp; 11:53 AM&nbsp;&nbsp;&nbsp; &lt;DIR&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; . <BR /> 03/11/2014&nbsp; 11:53 AM&nbsp;&nbsp;&nbsp; &lt;DIR&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; .. <BR /> 03/12/2014&nbsp; 05:30 PM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 4,759,552 INDEX.BTR <BR /> 03/12/2014&nbsp; 05:30 PM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 90,640 MAPPING1.MAP <BR /> 03/12/2014&nbsp; 03:26 PM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 90,640 MAPPING2.MAP <BR /> 03/12/2014&nbsp; 05:24 PM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 90,640 MAPPING3.MAP <BR /> 03/12/2014&nbsp; 05:30 PM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 27,541,504 OBJECTS.DATA <BR /> <BR /> 4. Run following wmic command to bring WMI service back to life: <B> wmic os </B> <BR /> <BR /> You should set up a regular Scheduled Task to backup the latest repository: <BR /> <BR /> <OL> </OL> <BR /> <BR /> <UL> <UL> <LI> winmgmt /backup &lt;backup image path&gt; </LI> <LI> tracing EVT: 67,68 </LI> </UL> </UL> <BR /> <BR /> You could also schedule restores as necessary <BR /> <BR /> <UL> <LI> winmgmt /restore &lt;above backup image path&gt; 1 </LI> <LI> tracing EVT: 65,66 </LI> </UL> <BR /> <BR /> <B> If the issue is not a repository issue, and the objects are not retrievable: </B> <BR /> <BR /> <UL> <LI> Re-install the product. This is the first place to start. </LI> <LI> If there is a specific provider that is not showing up, you can re-run mofcomp of a single provider. See Ask the Performance Team Blog article <A href="#" target="_blank"> WMI: Missing or Failing WMI Providers or Invalid WMI Class </A> </LI> </UL> <BR /> <BR /> <B> If the issue persists or keeps returning, then </B> <B> at this point you will now need to open a Support Incident Case with Microsoft for further assistance. </B> <BR /> <BR /> <STRONG> Please reference this blog and the following TAG when you open the Support Incident Case with Microsoft, as it will help the engineer understand what actions have been taken or followed and well help us track the effectiveness of the blog. </STRONG> <BR /> <BR /> <STRONG> TAG = WMITBLOG </STRONG> <BR /> <BR /> Next up: <A href="#" target="_blank"> WMI: Missing or Failing WMI Providers or Invalid WMI Class </A> <BR /> <BR /> <P> -Jeffrey Worline </P> </BODY></HTML> Sat, 16 Mar 2019 12:27:35 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-repository-corruption-or-not/ba-p/375484 CraigMarcho 2019-03-16T12:27:35Z WMI: Common Symptoms and Errors https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-common-symptoms-and-errors/ba-p/375483 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 08, 2014 </STRONG> <BR /> <B> Quota Violation Issues: Memory and/or Handle </B> <BR /> <BR /> <STRONG> Symptoms </STRONG> <BR /> <BR /> <UL> <LI> General WMI-based scripts or applications fail or fail intermittently </LI> <LI> Applications such as SMS/SCCM produce errors on server and/or inventories fail or fail intermittently </LI> <LI> Applications such as Exchange or SQL fail on server or fail intermittently </LI> <LI> Unable to connect to specific namespace via WBEMTEST or unable to query specific classes in a namespace. May be intermittent. </LI> <LI> WMI appears to be hung or non-responsive </LI> <LI> Unable to run msinfo32 or tasklist </LI> <LI> Events for unexpected termination/crash of wmiprvse.exe </LI> <LI> Lower than normal available memory on the system </LI> <LI> Out of memory errors when running certain WMI tasks </LI> <LI> 0x80041033 -- SHUTDOWN of the target provider </LI> <LI> 0x80041006 – OUTOFMEMORY </LI> <LI> 0x80041013 -- fail to load the provider </LI> <LI> 0x800705af -- The paging file is too small for this operation to complete </LI> <LI> 0x8004106C-- Quota violation </LI> <LI> Event logs contain WMI-related events </LI> <LI> WMI service crashing </LI> </UL> <BR /> <BR /> Event Source: Service Control Manager <BR /> Event ID: 7031 <BR /> Description: The Windows Management Instrumentation service terminated unexpectedly <BR /> <BR /> <UL> <LI> Handle Quota Violation </LI> </UL> <BR /> <BR /> Source: Microsoft-Windows-WMI <BR /> Event 5612 Wmiprvse.exe exceeding handle quota limit Event <BR /> WMI has stopped WMIPRVSE.EXE because a quota reached a warning value. Quota: %1 Value: %2 Maximum value: %3 WMIPRVSE PID: %4 <BR /> <BR /> <UL> <LI> Memory Quota Violation does not log and event such as Handle Quota Violation does. You can check to see if any instance of wmiprvse is using 500 mb of memory or greater as the default limit is 512 mb on Vista an newer. Once you hit around 500 mb and any new allocation that would cross the 512 mb limit would fail. All instances of wmiprvse combined have a 1 gb limit. For Windows XP and 2003 the default is 128 mb. Exceed the default and you have reached a Quota Violation. Also check for Windows Management Instrumentation service crashing </LI> </UL> <BR /> <BR /> Memory Quota Violations refer to Ask Perf blog: <A href="#" target="_blank"> WMI: High Memory Usage by WMI Service or Wmiprvse.exe </A> <BR /> <BR /> Handle Quota Violations refer to Ask Perf blog: <A href="#" target="_blank"> WMI:How to Troubleshoot WMI High Handle Count </A> <BR /> <BR /> <B> Missing or Failing WMI Providers or Invalid WMI Class </B> <BR /> <BR /> <STRONG> Symptoms </STRONG> <BR /> <BR /> <UL> <LI> General WMI-based scripts or applications fail </LI> <LI> Applications such as SMS/SCCM produce errors on server and/or inventories fail </LI> <LI> Applications such as Exchange or SQL fail on server </LI> <LI> Unable to connect to specific namespace via WBEMTEST or unable to query specific classes in a namespace </LI> <LI> WMI functionality appears normal on local node but unable to connect to/from machine via WMI scripts, tools or applications </LI> <LI> WMI (Local) properties in wmimgmt.msc console and see the following </LI> </UL> <BR /> <BR /> <BLOCKQUOTE> Failed to initialize all required WMI classes <BR /> Win32_processor: WMI: Invalid namespace <BR /> Win32_WMISetting: WMI: Invalid namespace <BR /> Security information: Successful <BR /> Win32_OperatingSystem: WMI: Invalid namespace <BR /> Win32_processor: WMI: Invalid namespace <BR /> Win32_WMISetting: WMI: Invalid namespace <BR /> Win32_OperatingSystem: WMI: Invalid namespace <P> </P> </BLOCKQUOTE> <BR /> <BR /> <UL> <LI> WBEM_E_NOT_FOUND 0x80041002 </LI> <LI> WBEM_E_PROVIDER_FAILURE 0x80041004 </LI> <LI> WBEM_E_INVALID_NAMESPACE 0x8004100E </LI> <LI> WBEM_E_INVALID_CLASS 0x80041010 </LI> <LI> WBEM_E_PROVIDER_NOT_FOUND 0x80041011 </LI> <LI> WBEM_E_INVALID_PROVIDER_REGISTRATION 0x80041012 </LI> <LI> WBEM_E_PROVIDER_LOAD_FAILURE 0x80041013 </LI> </UL> <BR /> <BR /> <P> Refer to Ask Perf blog: <A href="#" target="_blank"> WMI: Missing or Failing WMI Providers or Invalid WMI Class </A> <BR /> <BR /> <B> High Memory Usage by WMI Service or Wmiprvse.exe </B> <BR /> <BR /> <STRONG> Symptoms </STRONG> <BR /> <BR /> </P> <UL> <LI> Wmiprvse.exe memory quota violations – refer to top of blog </LI> <LI> Lower than normal available memory on the system </LI> <LI> Delayed or slow logons to the box </LI> <LI> Excessive or slow return times to queries to WMI or scripts that are running that call to WMI </LI> <LI> Spinning donut when trying to bring up WMI (Local) properties in wmimgmt.msc console or using Wbemtest (Windows Management Instrumentation Tester) built in tool </LI> <LI> Sluggish or slow responding system </LI> <LI> Server hang </LI> <LI> Unable to run msinfo32 or tasklist </LI> <LI> Svchost process housing WMI service (winmgmt) exhibiting high memory usage or leak </LI> <LI> Instance of wmiprvse reaching or exceeding 512 mb on Vista and newer, or 128 mb on XP or Windows 2003: Quota Violation issue </LI> <LI> Large repository C:WindowsSystem32WbemRepository folder and objects.data file is 1gb or larger </LI> <LI> Cluster management tools not working </LI> </UL> <BR /> <BR /> Refer to Ask Perf blog: <STRONG> </STRONG> <A href="#" target="_blank"> WMI: High Memory Usage by WMI Service or Wmiprvse.exe </A> <BR /> <BR /> <B> High CPU Usage by WMI Components </B> <B> </B> <BR /> <BR /> <STRONG> Symptoms </STRONG> <BR /> <BR /> <UL> <LI> High cpu usage by svchost hosting WMI service (winmgmt) </LI> <LI> High cpu usage by wmiprvse </LI> <LI> System sluggish or slow performance </LI> </UL> <BR /> <BR /> Refer to Ask Perf blog: <A href="#" target="_blank"> WMI: How to troubleshoot High CPU Usage by WMI Components </A> <BR /> <BR /> <B> High Handle Count on WMI Components </B> <BR /> <BR /> <STRONG> Symptoms </STRONG> <BR /> <BR /> <UL> <LI> Refer to top of blog: <B> Quota Violation Issues: Memory and/or Handle </B> </LI> <LI> Following Event being logged </LI> </UL> <BR /> <BR /> Source: Microsoft-Windows-WMI <BR /> Event 5612 Wmiprvse.exe exceeding handle quota limit Event <BR /> WMI has stopped WMIPRVSE.EXE because a quota reached a warning value. Quota: %1 Value: %2 Maximum value: %3 WMIPRVSE PID: %4 <BR /> <BR /> <UL> <LI> Resource depletion type messages </LI> <LI> Error message: No more treads can be created in the system </LI> <LI> Message when trying to RDP </LI> </UL> <BR /> <BR /> The User Profile Service service failed the logon <BR /> <BR /> <BR /> <BR /> <UL> <LI> High handle count on svchost process hosting WMI service (winmgmt) </LI> <LI> Cluster management tools not working </LI> </UL> <BR /> <BR /> Refer to Ask Perf blog: <A href="#" target="_blank"> WMI: How to Troubleshoot WMI High Handle Count </A> <BR /> <BR /> <B> Repository Corruption </B> <BR /> <BR /> <STRONG> Symptoms </STRONG> <BR /> <BR /> <UL> <LI> General WMI-based scripts or applications fail </LI> <LI> Applications such as SMS/SCCM produce errors on server and/or inventories fail </LI> <LI> Applications such as Exchange and SQL fail on server </LI> <LI> WINMGMT.MSC Security tab shows missing, repeating and/or gibberish namespace entries </LI> <LI> Unable to connect to specific or possibly any namespace via WBEMTEST </LI> <LI> Winmgmt.msc console WMI (local) properties Security tab shows missing, repeating and/or gibberish namespace entries </LI> <LI> Unable to connect to rootdefault or rootcimv2 namespaces. Fails returning error code 0x80041002 pointing to WBEM_E_NOT_FOUND </LI> <LI> Opening Computer Management and Right Click on Computer Management (Local) and select Properties, you get the following error: " <B> WMI </B> : Not Found" or it hangs trying connect </LI> <LI> Wbemtest (Windows Management Instrumentation Tester) built in tool hangs </LI> <LI> Error 0x80041010 WBEM_E_INVALID_CLASS </LI> <LI> Any events with Source = Microsoft-Windows-WMI, look for any of the following WMI event IDs: 28, 65, 5600, 5601, 5614 as any of these can be indicators or repository corruption </LI> <LI> WMI namespaces end up missing </LI> </UL> <BR /> <BR /> Refer to Ask Perf blog: <A href="#" target="_blank"> WMI: Repository Corruption, or Not? </A> <BR /> <BR /> Next up: <A href="#" target="_blank"> WMI: Repository Corruption, or Not? </A> <BR /> <BR /> <P> -Jeffrey Worline </P> </BODY></HTML> Sat, 16 Mar 2019 12:27:28 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/wmi-common-symptoms-and-errors/ba-p/375483 CraigMarcho 2019-03-16T12:27:28Z Troubleshooting WMI Series coming https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/troubleshooting-wmi-series-coming/ba-p/375482 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 07, 2014 </STRONG> <BR /> Hello AskPerf! My name is Jeffrey Worline and I wanted to let you know that I will be writing several troubleshooting WMI blog posts over the next few days. These will not be your typical Blog post, but more around the KB/Technet format. <BR /> <BR /> There has been a lot of internal discussions here at Microsoft with Product Group, Developers, and myself concerning the high amount of&nbsp;WMI issues&nbsp;that have come into Support. Whenever there is an issue with WMI itself, or suspected issue with WMI, the first words that always seem to come out is that “WMI is corrupted”. Oh no, say it isn’t so. What do we do? Grab the “Big Hammer” and rebuild the repository! Excuse my humor as we have a little fun, as the upcoming blogs are going to be more straight forward and dry. <BR /> <BR /> While rebuilding the repository may seem like a good idea and a quick fix at times, what most do not realize is that if you suspect WMI or repository corruption, rebuilding repository is the last thing you should do without verifying this is truly the case. Deleting and rebuilding the repository can cause damage to Windows and/or to your installed applications. That last sentence is worth repeating; “ <B> Deleting and rebuilding the repository can cause damage to Windows and/or to your installed applications. </B> ” When it becomes necessary to rebuild the repository and this has been verified, there are right and wrong ways to go about it. <BR /> <BR /> Other steps should be taken first to eliminate other possibilities or to confirm we have repository corruption before taking such actions as rebuilding the repository. There are also other proactive steps that can be taken as alternatives to rebuilding the repository if such an occasion arises. <BR /> <BR /> So, the following blog posts will address various scenarios surrounding WMI, how to troubleshoot them, and the data we should collect to help resolve WMI related issues. These posts will equip you with the information you need to address WMI issues in the correct manner, and to help prevent you from causing more damage by just using the proverbial “Big Hammer” approach. <BR /> <BR /> With that, here is a list of the Posts/Topics you will see in the coming days: <BR /> <BR /> <UL> <LI> <A href="#" target="_blank"> WMI: Common Symptoms and Errors </A> </LI> <LI> <A href="#" target="_blank"> WMI: Repository Corruption, or Not? </A> </LI> <LI> <A href="#" target="_blank"> WMI: Missing or Failing WMI Providers or Invalid WMI Class </A> </LI> <LI> <A href="#" target="_blank"> WMI: High Memory Usage by WMI Service or Wmiprvse.exe </A> </LI> <LI> <A href="#" target="_blank"> WMI: How to troubleshoot High CPU Usage by WMI Components </A> </LI> <LI> <A href="#" target="_blank"> WMI: How to Troubleshoot WMI High Handle Count </A> </LI> </UL> <BR /> <BR /> <STRONG> We are also asking that you reference the following TAG if you open up a Support Incident regarding these topics. </STRONG> <BR /> <BR /> <STRONG> TAG = WMITBLOG </STRONG> <BR /> <BR /> <P> -Jeffrey Worline </P> </BODY></HTML> Sat, 16 Mar 2019 12:27:21 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/troubleshooting-wmi-series-coming/ba-p/375482 CraigMarcho 2019-03-16T12:27:21Z Windows Performance Monitor Overview https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-performance-monitor-overview/ba-p/375481 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jul 17, 2014 </STRONG> <BR /> <P> Hello AskPerf!&nbsp; My name is Matt Graham and I will be writing a high level overview of the capabilities of Windows Performance Monitor.&nbsp; The intention of this blog post is to introduce new users to this powerful, and often underutilized, tool.&nbsp; So rather than going through each part of Performance Monitor and explaining it in depth, my aim here is to offer a quick guide to the tool. </P> <BR /> <P> When you first open Performance Monitor (perfmon), you see the following: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93271i8F6F20A72CEAC78C" /> </P> <BR /> <P> Let's briefly go through each one and talk about what they do. </P> <BR /> <P> <B> Performance </B> </P> <BR /> <P> At the very top level "Performance" gives you an overview of your systems memory usage, network usage, disk usage, etc.&nbsp; You can right click on "Performance" and connect to another computer to view a remote computers performance statistics. (NOTE: Should add brief comments about what is required in order to remotely connect to another machine…) </P> <BR /> <P> <B> Monitoring Tools </B> </P> <BR /> <P> From the Monitoring Tools icon you can right click and launch the Resource Monitor.&nbsp; Resource Monitor is another powerful tool that can help you see how your system resources are being used.&nbsp; You also have the ability to launch the System Reliability Monitor.&nbsp; This utility allows you to see information about software updates and installations.&nbsp; You can also see critical events that occurred and on what day those events occurred.&nbsp; Finally, you can see all of the problem reports that have been sent from your computer by clicking on the "View all problem reports" link at the bottom of the window. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93272i40732C1A2B0DAED4" /> </P> <BR /> <P> <B> Performance Monitor </B> </P> <BR /> <P> The Performance Monitor is primarily for viewing real time statistics.&nbsp; By default only one counter is selected; the %Processor Time counter.&nbsp; However you can add additional counters by clicking on the green plus sign.&nbsp; This will allow you to monitor any counters you wish in real time. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93273iBF16D25040D08B24" /> </P> <BR /> <P> <B> <I> While you can see all of the performance counters you like here, the real power of Performance Monitor is found in its ability to capture performance metrics over an elapsed period of time. </I> </B> Capturing data over a period of time allows you to see trends and these trends are what are most useful for determining the overall performance of your system.&nbsp; To capture this data, you can create what are called "Data Collector Sets". </P> <BR /> <P> <B> Data Collector Sets </B> </P> <BR /> <P> Data Collector Sets are aptly named.&nbsp; They collect data from your system so that you can view changes in configuration information and performance information over a specified period of time. </P> <BR /> <P> There are basically three types of data collector sets: </P> <BR /> <TABLE> <TBODY><TR> <TD> <BR /> <P> Performance Counter </P> <BR /> </TD> <TD> <BR /> <P> Capture data based on the polling of an event at a specified time interval </P> <BR /> </TD> </TR> <TR> <TD> <BR /> <P> Event Traces </P> <BR /> </TD> <TD> <BR /> <P> Capture data based on events that occur rather than based on a specified time interval </P> <BR /> </TD> </TR> <TR> <TD> <BR /> <P> System Configuration Information </P> <BR /> </TD> <TD> <BR /> <P> Capture configuration information </P> <BR /> </TD> </TR> </TBODY></TABLE> <BR /> <P> Under Data Collector Sets you can see the following: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93274i0A6627B96C6B8DC1" /> </P> <BR /> <P> <B> User Defined </B> </P> <BR /> <P> Under User Defined, you can create your own custom Data Collector Set.&nbsp; These Data Collections Sets can contain counters, traces, and configuration collectors.&nbsp; You can right click on User Defined and select New -&gt; New Data Collector Set to create one.&nbsp; You can create a data collector set from a template or create your own custom set.&nbsp; Let's create a custom one: </P> <BR /> <P> 1. Name your Data Collector Set and select "Create manually (Advanced)". </P> <BR /> <P> 2. On this screen you can choose to create data logs (counter / trace / config) or you can create a Performance Counter Alert.&nbsp; The "Performance Counter Alert" option allows you to create alerts based off of certain performance values and thresholds.&nbsp; For now, we will select "Create Data Logs" and place a check box in all three boxes: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93275iE3CCF5A4B64747E1" /> </P> <BR /> <P> 3. On the screen below you can set the counter interval rate (how often do you want it to capture the selected data) and the specific counters that you want to capture. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93276iCC9C1F7ADE8CC483" /> </P> <BR /> <P> 4. Once you click Add, you can select counters and then add them to the "Added Counters" box.&nbsp; Note that you have options in terms of whether you want Perfmon to collect the data as a total or if you want to break the data up, in this case, per processor.&nbsp; You should pay attention to which one you select as the meaning of these counters depends on what is being counted. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93277i0166277CBF3F5F4B" /> </P> <BR /> <P> 5. You will then be prompted to add trace providers.&nbsp; Trace providers simply provide information to perfmon about a specific set of events.&nbsp; For example, if you wanted to collect event information about the Windows Firewall, you would select the "Microsoft-Windows-Firewall" provider.&nbsp; You can then edit the properties (if you know what you are doing) and even record registry keys (after you hit next you can specify which keys to record). </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93278iD509B10E6AA69986" /> </P> <BR /> <P> 6. You can also specify a location where you would like to save the data.&nbsp; By default, the data is saved to: %systemdrive%\PerfLogs\Admin\New Data Collector Set. </P> <BR /> <P> 7. Finally, you can select a user that you would like to run the data collector set as.&nbsp; This may be helpful in environments where desktops and servers are locked down for security purposes. </P> <BR /> <P> If you look at the "New Data Collector Set" that we just created, you can see that it contains a performance counter, a trace, and a configuration collector.&nbsp; You can right click on any of these to modify them as you see fit. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93279iF2CE788A652DBFE4" /> </P> <BR /> <P> Finally, if you look at the remaining items under Data Collector Sets, you can see a bunch of preconfigured collector sets. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93280i0C9ACBC2C14964D5" /> </P> <BR /> <P> <B> Reports </B> </P> <BR /> <P> The final part of Performance Monitor is the Reports section.&nbsp; Here you can view the information that was collected by your data collector sets.&nbsp; If you have never run your data collector set, then you will not see any information when you click on it. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93281iD3B4446B7D283D8C" /> </P> <BR /> <P> However, once you have run your data collector set, you can click on it and see the reports and information collected: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93282iF376C08305902871" /> </P> <BR /> <P> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93283i1B2557C6C8AEA8FB" /> </P> <BR /> <P> So this is a basic overview of Windows Performance Monitor.&nbsp; Once you are familiar with the parts, you can then dive into learning about which counters to use when, and what your counter interval rate should be when you are trying to capture this kind of data vs that kind of data. </P> <BR /> <P> <B> Additional Resources </B> </P> <BR /> <UL> <BR /> <LI> <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2008/05/13/two-minute-drill-logman-exe.aspx" target="_blank"> Two Minute Drill: LOGMAN.EXE </A> </LI> <BR /> <LI> <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2009/05/12/two-minute-drill-typeperf.aspx" target="_blank"> Two Minute Drill: TYPEPERF </A> </LI> <BR /> <LI> <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2008/05/20/two-minute-drill-relog-exe.aspx" target="_blank"> Two Minute Drill: RELOG.EXE </A> </LI> <BR /> <LI> <A href="#" target="_blank"> Windows Perofrmance Monitor (TechNet) </A> </LI> <BR /> <LI> <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2012/02/01/using-resource-monitor-to-troubleshoot-windows-performance-issues-part-1.aspx" target="_blank"> Using Resource Monitor to Troubleshoot Windows Performance Issues Part 1 </A> </LI> <BR /> <LI> <A href="https://gorovian.000webhostapp.com/?exam=b/askperf/archive/2012/02/08/using-resource-monitor-to-troubleshoot-windows-performance-issues-part-2.aspx" target="_blank"> Using Resource Monitor to Troubleshoot Windows Performance Issues Part 2 </A> </LI> <BR /> </UL> </BODY></HTML> Sat, 16 Mar 2019 12:27:14 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-performance-monitor-overview/ba-p/375481 CraigMarcho 2019-03-16T12:27:14Z Listener Certificate Configurations in Windows Server 2012 / 2012 R2 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/listener-certificate-configurations-in-windows-server-2012-2012/ba-p/375467 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 28, 2014 </STRONG> <BR /> <P> Hello AskPerf!&nbsp; Kiran Kadaba here to talk about configuring Listener Certificates. </P> <P> When we have the Remote Desktop Session Host role installed on a server, or have the server as part of an RDS collection/deployment, it’s quite easy to configure certificate through the connection broker UI. </P> <P> We have received a high amount of inquires on how we can configure certificates if the server is not part of a deployment, and is simply being configured for ‘Remote Desktop for Administration’. </P> <P> In Windows 2003/2008/2008 R2, we had the ‘Remote Desktop Configuration Manager’ MMC snap-in which allowed us direct access to the RDP Listener. Here we could bind a certificate to the listener and in turn, enforce SSL security for the RDP sessions. </P> <P> In Windows 2012, we no longer have this MMC snap-in, nor do we have direct access to the RDP listener. You can follow the below steps to configure the certificates on Windows 2012/2012 R2. </P> <P> This can be achieved in 2 ways: </P> <P> <STRONG> Method 1:&nbsp; Using WMI </STRONG> </P> <P> The configuration data for the RDS Listener is stored in the ‘Win32_TSGeneralSetting’ class in WMI under the ‘Root\CimV2\TerminalServices’ namespace. </P> <P> The certificate for the RDS listener is referenced through the ‘Thumbprint’ value of that certificate on a property called ‘SSLCertificateSHA1Hash’. </P> <P> This thumbprint value is unique to each certificate. You can find the value using the following steps: </P> <P> 1. Open the properties dialog for your certificate and select the Details tab </P> <P> 2. Scroll down to the Thumbprint field and copy the space delimited hex string into something like Notepad </P> <P> Here is what the certificate thumbprint will look like in the certificate properties: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93267iA8070C259D68A8F8" /> </P> <P> Once I copy this into notepad, it will look as follows: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93268i937BE96565EDF676" /> </P> <P> After I remove the spaces, it will still contain the invisible ASCII character that will only be visible in the command prompt (shown below): </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93269iBAC5A94460AC155C" /> </P> <P> Ensure that this ASCII character is removed before we run the command to import the certificate </P> <P> 3. Remove all the spaces from the string. (Keep in mind that there may be an ‘invisible’ ACSII character that also gets copied. This is not visible in Notepad. Only way to validate, would be to copy directly into the command prompt window.) </P> <P> 4. This is the value you need to set in WMI. It should look something like this: 1ea1fd5b25b8c327be2c4e4852263efdb4d16af4. </P> <P> Now that you have the thumbprint value, here's a one-liner you can use to set the value using wmic: </P> <P> wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="THUMBPRINT" </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93270i298F5D52B45FB5AC" /> </P> <P> This solution would work on Windows 7 and Windows 8 systems as well. </P> <P> Note: The certificate you want to use, must be imported to the 'Personal' Certificate Store for the Machine account, before you run the above commands. Failure to do so will result in a “Invalid Parameter” error. </P> <P> <STRONG> Option 2:&nbsp; Registry edits </STRONG> </P> <P> </P> <OL> <LI> Install a server authentication certificate to the ‘Personal’ Certificate Store, using the Computer account. </LI> <LI> Create the following registry value containing the certificate’s SHA1 hash to configure this custom certificate to support TLS instead of using the default self-signed certificate. <BR /> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp <BR /> Value name:&nbsp; SSLCertificateSHA1Hash <BR /> Value type:&nbsp; REG_BINARY <BR /> Value data:&nbsp; &lt;certificate thumbprint&gt; <BR /> The value should be the thumbprint of the certificate separated by comma ‘,’ and no empty spaces. For example, if you were to export that registry key the SSLCertificateSHA1Hash value would look like this: <BR /> “SSLCertificateSHA1Hash"=hex:42,49,e1,6e,0a,f0,a0,2e,63,c4,5c,93,fd,52,ad,09,27,82,1b,01 </LI> </OL> <P> 3. The Remote Desktop Host Services service runs under the NETWORK SERVICE account. Therefore, it is necessary to set the ACL of the key file used by RDS (referenced by the certificate named in the SSLCertificateSHA1Hash registry value) to include NETWORK SERVICE with "Read" permissions. To modify the permissions follow the steps below: <BR /> Open the <B> Certificates </B> snap-in for the local computer: </P> <OL> <OL> <LI> Click <B> Start </B> , click <B> Run </B> , type <B> mmc </B> , and click <B> OK </B> . </LI> <LI> On the <B> File </B> menu, click <B> Add/Remove Snap-in </B> . </LI> <LI> In the <B> Add or Remove Snap-ins </B> dialog box, in the <B> Available snap-ins </B> list, click <B> Certificates </B> , and click <B> Add </B> . </LI> <LI> In the <B> Certificates </B> snap-in dialog box, click <B> Computer account </B> , and click <B> Next </B> . </LI> <LI> In the <B> Select Computer </B> dialog box, click <B> Local computer: (the computer this console is running on) </B> , and click <B> Finish </B> . </LI> <LI> In the <B> Add or Remove Snap-ins </B> dialog box, click <B> OK </B> . </LI> <LI> In the <B> Certificates </B> snap-in, in the console tree, expand <B> Certificates (Local Computer) </B> , expand <B> Personal </B> , and navigate to the SSL certificate that you would like to use. </LI> <LI> Right-click the certificate, select <B> All Tasks </B> , and select <B> Manage Private Keys </B> . </LI> <LI> In the <B> Permissions </B> dialog box, click <B> Add, </B> type <B> NETWORK SERVICE </B> , click <B> OK, </B> select <B> Read </B> under the <B> Allow </B> checkbox, then click <B> OK </B> . </LI> </OL> </OL> <P> -Kiran </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:25:16 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/listener-certificate-configurations-in-windows-server-2012-2012/ba-p/375467 CraigMarcho 2019-03-16T12:25:16Z What's New in the Windows 8.1 Update https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/what-s-new-in-the-windows-8-1-update/ba-p/375462 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 08, 2014 </STRONG> <BR /> <P> Hello AskPerf Readers! Henry Chen here from the Devices &amp; Deployment team. Today, I would like to spend some time highlighting some of the user experience changes in the shell for Windows 8.1 Update. </P> <P> Windows 8.1 Update introduces numerous enhancements to the Desktop experience for mouse and keyboard users. <B> </B> </P> <P> <B> Start Screen </B> </P> <P> For mouse users, when right clicking anywhere on the Start Screen, a context menu will now appear in replacement of the command bar. The context menu provides the same options as what the command bar. Some of these commands are tile resizing, enable/disable live tile, and uninstall the application. </P> <P> For devices with a screen larger than 8.5" and are not connected standby capable, Power and search controls can now accessible from the Start screen. For other devices, only the search control is available. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93263i1258C03B24A36B23" /> </P> <P> <B> Pin Apps to Taskbar </B> </P> <P> Users can now pin modern apps to the taskbar with the exception of modern Internet Explorer. Users can block this setting by unselecting "Show Windows Store apps on the taskbar" from the Taskbar and Navigation properties. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93264i5F2624BA324C91EE" /> </P> <P> <B> </B> </P> <P> <B> Access taskbar from anywhere </B> </P> <P> When you are using a mouse, you can see the taskbar from any screen, including Start or a Windows Store app. Move your mouse pointer below the bottom edge of the screen to show the taskbar and then click an app to open or switch to it. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93265i7F96CC49C80AC070" /> </P> <P> <B> </B> </P> <P> <B> Modern App User Interface (UI) </B> </P> <P> Your mouse works more consistently anywhere in Windows. When moving the mouse to the top of the screen, the <B> close </B> and <B> minimize </B> buttons will appear from within Windows Store apps. </P> <P> For devices that are touch enabled, users will continue to use the close gesture (From top edge, tap and hold dragging to bottom of the screen for a few seconds). </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93266i9916DD38ABE9E822" /> </P> <P> These are just some of the user experience changes available in Windows 8.1 Update. Let us know what you think or if you have any questions regarding these changes. </P> <P> Enjoy! </P> <P> <B> For more information and to view the complete list of new features, check the following links: </B> </P> <P> <A href="#" target="_blank"> What’s new in Windows 8.1 Update and Windows RT 8.1 Update? </A> </P> <P> <A href="#" target="_blank"> Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 Update April, 2014 </A> </P> <P> -Henry </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:24:37 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/what-s-new-in-the-windows-8-1-update/ba-p/375462 CraigMarcho 2019-03-16T12:24:37Z Timestamp difference in Windows Explorer FTP folder view https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/timestamp-difference-in-windows-explorer-ftp-folder-view/ba-p/375457 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Mar 19, 2014 </STRONG> <BR /> <P> Good morning AskPerf! Anshuman here with a quick post on timestamp differences in Windows Explorer when accessing FTP sites. </P> <P> <B> Scenario </B> </P> <P> On Windows 7(SP1), Windows 8, and Windows 8.1, you access a folder using ftp by opening an explorer window and typing in the FQDN FTP URL in the address bar. In the FTP folder view, if you access the properties of a file, you may notice that the Modified time in the properties of the file may not match the Date modified time stamp displayed in the detailed view in explorer.&nbsp; See screenshot below: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93262i8D33D52C697788E4" /> </P> <P> This behavior can be observed if the local time set on the machine from where you access the FTP folder in explorer view is set to a Time Zone other that the UTC time. In this case you will see that the Timestamp of the item, when its property is accessed is displayed as UTC, while the timestamp that we see under the Date modified column for the same file is shown as per the Time Zone that’s set on the machine. </P> <P> Please note that both the timestamps are correct. The difference is due to the Time Zone bias added or subtracted from the UTC time. </P> <P> <STRONG> Additional Resources </STRONG> </P> <UL> <LI> <A href="#" target="_blank"> Daylight Saving Time Help and Support Center </A> </LI> <LI> <A href="#" target="_blank"> How Outlook handles time zones for meeting requests </A> </LI> <LI> <A href="#" target="_blank"> How time zone normalization works in Outlook 2010 and Outlook 2013 </A> </LI> </UL> <P> -Anshuman Ghosh </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:23:58 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/timestamp-difference-in-windows-explorer-ftp-folder-view/ba-p/375457 CraigMarcho 2019-03-16T12:23:58Z XP Support coming to an End soon… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/xp-support-coming-to-an-end-soon-8230/ba-p/375455 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Mar 17, 2014 </STRONG> <BR /> <P> Hello AskPerf!&nbsp; I’m sure you already know this, but if you don’t, XP Support Ends on April 8th, 2014.&nbsp; That is 21 days from this post.&nbsp; Below are a couple of links that will give you more information on moving forward: </P> <UL> <LI> <A href="#" target="_blank"> Support for Windows XP and Office 2003 ends </A> </LI> <LI> <A href="#" target="_blank"> Support is ending soon </A> </LI> </UL> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93261i62ED76CF1BFAFBED" /> </P> <P> <STRONG> &lt;SNIP from the second link above&gt; </STRONG> </P> <P> As a result, after April 8, 2014, technical assistance for Windows XP will no longer be available, including automatic updates that help protect your PC. Microsoft will also stop providing <A href="#" target="_blank"> Microsoft Security Essentials </A> for download on Windows XP on this date. (If you already have Microsoft Security Essentials installed, you will continue to receive antimalware signature updates for a limited time, but this does not mean that your PC will be secure because Microsoft will no longer be providing security updates to help protect your PC.) </P> <P> If you continue to use Windows XP after support ends, your computer will still work but it might become more vulnerable to security risks and viruses. Also, as more software and hardware manufacturers continue to optimize for more recent versions of Windows, you can expect to encounter greater numbers of apps and devices that do not work with Windows XP. </P> <P> <STRONG> &lt;/END SNIP&gt; </STRONG> </P> <P> <A href="#" target="_blank"> Windows main landing page </A> </P> <P> -Blake Morrison </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:23:42 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/xp-support-coming-to-an-end-soon-8230/ba-p/375455 CraigMarcho 2019-03-16T12:23:42Z Windows Dynamic Cache Service Updated https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-dynamic-cache-service-updated/ba-p/375452 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Feb 27, 2014 </STRONG> <BR /> <P> Good morning AskPerf! This is a quick blog to inform you that you no longer have to contact Microsoft Technical Support to obtain the Dynamic Cache Service for Windows Server 2008 R2. It is now freely available to download from the following link: </P> <P> <A href="#" target="_blank"> Microsoft Windows Dynamic Cache Service </A> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93260i4B90CBFF5C5F6417" /> </P> <P> <STRONG> Additional Resources </STRONG> </P> <UL> <LI> <A href="#" target="_blank"> Too Much Cache? </A> </LI> <LI> <A href="#" target="_blank"> Microsoft Windows Dynamic Cache Service </A> </LI> <LI> <A href="#" target="_blank"> You experience performance issues in applications and services when the system file cache consumes most of the physical RAM </A> </LI> </UL> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:23:28 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-dynamic-cache-service-updated/ba-p/375452 CraigMarcho 2019-03-16T12:23:28Z Network Isolation of Windows Modern Apps – How Apps work with Akamai Internet Caching Servers in Windows 8/8.1 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/network-isolation-of-windows-modern-apps-8211-how-apps-work-with/ba-p/375450 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Feb 18, 2014 </STRONG> <BR /> <P> Good morning AskPerf! Mario Liu here from the Windows 8/8.1 Support Team. Today I’d like to discuss a Windows Modern App connectivity issue I’ve worked over the past few months. </P> <BR /> <P> We have several Enterprise customers who have deployed Windows 8 and 8.1 in their environments. However, after joining the machine to the domain, we discovered that numerous Windows Modern Apps could not display the contents correctly. For example, if we launched the Weather App, we saw the message “This page failed to load”: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93259i67EA2F3A7F229054" /> </P> <BR /> <P> On the surface, this looks like a network connectivity issue, however other network related programs ran fine. A Network Trace was captured, but we could not find any dropped packets. </P> <BR /> <P> After further troubleshooting, we found that the same Windows 8/8.1 machines worked if they were outside of their corporate network. This gave us a clue that something inside their environment is causing the issue. In one step, we noticed that if the Firewall was disabled, the Modern App ran fine. Obviously turning the firewall off is not recommended. </P> <BR /> <P> After lots of additional troubleshooting steps were done, we discovered that the Akamai Internet Caching Servers had a hand in this issue. The Windows Firewall Service blocked the traffic to Akamai devices, but why would it do this? Why would a Modern App have network connectivity issues to Akamai devices? </P> <BR /> <P> To answer this question, first we need understand what Akamai Internet Caching Server is. It is a widely used content management solution worldwide. The main purpose of it is to save the web contents (mostly static) as the cache on the server. So next time a client machine tries to reach the same website, it actually reaches the cache on the local Akamai Server instead of taking longer time to reach the real contents on the remote web server. By doing this, we save a lot network traffic and speed up the contents delivery. So, the Akamai Internet Caching Server plays a similar role as an Internet Proxy Server, but from a web content management perspective. It basically delivers the contents to Windows clients on behalf of real/live web server. </P> <BR /> <P> OK, so now that we understand Akamai’s role, let’s switch back to the Windows Modern App. In Windows, there is an important feature called Windows Store App Network Isolation. Modern Apps are network isolated depending on the network capabilities the app developer chooses. An enterprise private network is protected and only available to those apps that declare the privateNetworkClientServer capability in the app manifest. There are very few Modern Apps in the Microsoft store that work on a private network. Even though users can very easily download and install any kind of app, the app cannot talk to the enterprise network because the app can only talk to the public network. In most cases, what is a private / public internet network is automatically detected, which means the Modern App knows to reach public internet even when a Windows 8/8.1 machine is running in a corporate (private) environment. But what happens if we bring the Akamai Internet Caching Server into this scene? Instead of letting Modern App reach the real contents on the remote web server via public internet, the Modern App is forced to talk to the Akamai device which is on the corporate (private) network. Remember, very few Modern Apps are approved to work on a private network ONLY. If the apps try to reach private network, the firewall will block it. Here is a way you can check to see if your machine is hitting this problem: </P> <BR /> <P> 1. Enable WFP (Windows Filtering Platform) auditing by running the following command via elevated command prompt: </P> <BR /> <BLOCKQUOTE> <BR /> <P> <B> auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:enable /failure:enable </B> </P> <BR /> </BLOCKQUOTE> <BR /> <P> 2. Reproduce the issue. </P> <BR /> <P> 3. Go to event viewer -&gt; Windows Logs -&gt; Security. You should see some event ID 5152 which means Filtering Platform Packet Drop. </P> <BR /> <P> 4. Look at one of these events and you should find this similar information. Note: 192.168.0.10 is Akamai server’s address in this example. </P> <BR /> <P> The Windows Filtering Platform has blocked a packet. </P> <BR /> <P> Application Information: </P> <BR /> <BLOCKQUOTE> <BR /> <P> Process ID: 2712 </P> <BR /> <P> Application Name: \device\harddiskvolume2\windows\system32\wwahost.exe </P> <BR /> </BLOCKQUOTE> <BR /> <P> Network Information: </P> <BR /> <BLOCKQUOTE> <BR /> <P> Direction: Outbound </P> <BR /> <P> Source Address: 192.168.0.30 </P> <BR /> <P> Source Port: 50571 </P> <BR /> <P> Destination Address: 192.168.0.10 </P> <BR /> <P> Destination Port: 80 </P> <BR /> <P> Protocol: 6 </P> <BR /> </BLOCKQUOTE> <BR /> <P> Filter Information: </P> <BR /> <BLOCKQUOTE> <BR /> <P> Filter Run-Time ID: 71620 </P> <BR /> <P> Layer Name: Connect </P> <BR /> <P> Layer Run-Time ID: 48 </P> <BR /> </BLOCKQUOTE> <BR /> <P> Wwahost.exe is the Modern App process. As you can see, WFP blocked this traffic with Filter ID 71620 because it tried to reach a private IP address. This filter is called Block Outbound Default Rule. If you want to know how I can tell this filter’s name, you can do <B> netsh.exe wfp capture start </B> via elevated command prompt when you reproduce the issue. This will generate a wfpdiag.cab file and in this cab you can see wfpdiag.xml. Now open this xml file to correlate the filter name and ID. </P> <BR /> <P> So, at this point, we now know that Akamai is filtering the cached Internet traffic. That internet cache however is hosted in the private network. Akamai internet cache is essentially the internet network and needs to be deployed as such. </P> <BR /> <P> There are several solutions. But they can be essentially classified in two types: </P> <BR /> <P> Type 1: Either the Akamai servers must be deployed outside of the private network, or </P> <BR /> <P> Type 2: The Akamai servers must be declared explicitly as proxies who live in the private network </P> <BR /> <P> Microsoft’s recommendation is Type 1 as the enterprise cannot control much of what the Akamai devices do. So, putting the device just outside of the corporate firewall on a different address space or outside of enterprise subnet would appear to be a better solution. However, if this requires a fundamental change of your infrastructure, the Type 2 solution can also be guaranteed to work. </P> <BR /> <P> Below we cover some solutions of how the Akamai Servers can be deployed. </P> <BR /> <P> <STRONG> Solution 1 – Akamai servers on their own IP space. </STRONG> </P> <BR /> <P> Akamai servers are deployed outside of the DMZ and they are given an address space different from the one provided to the company. In this scenario the ISP might participate or even the company can simply not provision the subnet given to Akamai anywhere else. </P> <BR /> <P> <STRONG> Solution 2 – Akamai servers are outside of AD sites and Subnets. </STRONG> </P> <BR /> <P> Akamai servers are given an IP address space that is not one included in the AD sites and Subnets configuration of active directory. In theory it should be a security issue that an external device not belonging to the corporation is included in the AD sites and subnets as it providing it with access that the enterprise does not want to provide. Hence this approach is not only an appropriate deployment of network isolation but an appropriate deployment of AD in general and a good tightening of the network. </P> <BR /> <P> <STRONG> Solution 3 – Akamai servers are removed manually from the private network by using the Network isolation Group Policy controls to override the private network. </STRONG> </P> <BR /> <P> Network Isolation Group Policy controls allows Group Policy admins to add private network subnets. It also allows them to completely override the private network definitions in AD sites and subnets and hence carve out any IP space that shouldn’t be considered part of the private network of the enterprise. </P> <BR /> <P> Let’s assume your corporate IP address space ranges from 192.168.0.1 to 192.168.0.255 and you have two Akamai servers with IP 192.168.0.10 and 192.168.0.11. </P> <BR /> <P> Here is the example to implement this solution: </P> <BR /> <OL> <BR /> <LI> Open the Group Policy Management snap-in (gpmc.msc) and edit the Default Domain Policy. </LI> <BR /> <LI> From the Group Policy Management Editor, expand Computer Configuration, expand Policies, expand Administrative Templates, expand Network, and click Network Isolation. </LI> <BR /> <LI> In the right pane, double-click Private network ranges for apps. </LI> <BR /> <LI> In the Private network ranges for apps dialog box, click Enabled. In the Private subnets text box, type the private subnets for your intranet, and remove Akamai servers. </LI> <BR /> </OL> <BR /> <P> In this example the values are 192.168.0.1-192.168.0.9; 192.168.0.12-192.168.0.255 in the Private subnets text box. Note we have excluded 192.168.0.10 and 192.168.0.11 since they are Akamai’s. </P> <BR /> <BLOCKQUOTE> <BR /> <P> 5.Double-click Subnet definitions are authoritative, click Enabled. </P> <BR /> </BLOCKQUOTE> <BR /> <P> <STRONG> Solution 4 – Configure network isolation proxy GPO to allow communication with the Akamai servers </STRONG> </P> <BR /> <P> The Network Isolation Internet Proxy Servers for Apps group policy allows administrators to define proxy server(s) that will route traffic that is classified as internal to the appropriate resources. </P> <BR /> <P> <STRONG> Note </STRONG> Internet Proxy Servers for Apps group policy defines a proxy that will only be used to route traffic that is classified as internal.&nbsp; It does not define a general purpose proxy server for use by Windows Store Applications. For details on configuring proxy servers in Windows 8 please see, <A href="#" target="_blank"> http://support.microsoft.com/kb/2777643 </A> </P> <BR /> <P> Here is the example to implement this solution: </P> <BR /> <OL> <BR /> <LI> Open the Group Policy Management snap-in (gpmc.msc) and edit the Default Domain Policy. </LI> <BR /> <LI> From the Group Policy Management Editor, expand Computer Configuration, expand Policies, expand Administrative Templates, expand Network, and click Network Isolation. </LI> <BR /> <LI> Double-click Internet proxy servers for apps. Click Enabled, and then in the Domain Proxies text box, type the IP addresses of your Internet proxy servers, separated by semicolons. In this example the values are 192.168.0.10; 192.168.0.11 </LI> <BR /> <LI> Double-click Proxy definitions are authoritative. Ensure that the Not Configured default value is selected to add these proxies to other discovered http proxies. </LI> <BR /> </OL> <BR /> <P> For more information about the feature of Network Isolation of Windows Modern Apps, please refer to: </P> <BR /> <P> <A href="#" target="_blank"> Isolating Windows Store Apps on Your Network </A> </P> <BR /> <P> <A href="#" target="_blank"> How to set network capabilities </A> </P> <BR /> <P> -Mario </P> </BODY></HTML> Sat, 16 Mar 2019 12:23:13 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/network-isolation-of-windows-modern-apps-8211-how-apps-work-with/ba-p/375450 CraigMarcho 2019-03-16T12:23:13Z Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/certificate-requirements-for-windows-2008-r2-and-windows-2012/ba-p/375448 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jan 24, 2014 </STRONG> <BR /> <P> Good morning AskPerf!&nbsp; Kiran here with a question for you:&nbsp; Why do we need certificates?&nbsp; Well, certificates are used to sign the communication between two machines.&nbsp; When a client connects to a server, the identity of the server that is receiving the connection and in turn, information from the client, is validated using certificates. </P> <P> This is done to prevent possible man-in-the-middle attacks.&nbsp; When a communication channel is setup between the client and the server, the authority that issues/generates the certificate is vouching for the server to be authentic. </P> <P> So, as long as the client trusts the server it is communicating with, the data being sent to and from the server is considered secure.&nbsp; This brings me to the next question: </P> <P> What type of certificate is required for RDS? </P> <P> The following blog contains information regarding the type of certificates and how you can create them using the Internal CA of the domain. </P> <P> <A href="#" target="_blank"> http://blogs.msdn.com/b/rds/archive/2010/04/09/configuring-remote-desktop-certificates.aspx </A> </P> <P> Basic requirements for Remote Desktop certificates: </P> <OL> <LI> The certificate is installed into computer’s “Personal” certificate store. </LI> <LI> The certificate has a corresponding private key. </LI> <LI> The "Enhanced Key Usage" extension has a value of either "Server Authentication" or "Remote Desktop Authentication" (1.3.6.1.4.1.311.54.1.2). Certificates with no "Enhanced Key Usage" extension can be used as well. </LI> </OL> <P> As the function it performs suggests, we need a ‘Server Authentication’ certificate.&nbsp; This certificate can be generated using the ‘Workstation Authentication’ template (if required). </P> <P> Here is the exact process: </P> <OL> <LI> Open CERTSRV.MSC and configure certificates. </LI> <LI> Open Certification Authority. </LI> <LI> In the details pane, expand the instructor computer name. </LI> <LI> Right-click Certificate Templates and select Manage. Right-click Workstation Authentication and click Duplicate Template. </LI> <LI> On the General tab, change the Template display name to Client-Server Authentication and check Publish certificate in Active Directory. </LI> <LI> On the Extensions tab, click Application Policies then Edit. Click Add then select Server Authentication. Click OK until you return to the Properties of New Template dialog. </LI> <LI> Click the Security tab. For Domain Computers, click the checkbox to ‘Allow Autoenroll’. Click OK. Close the Certificate Templates Console. </LI> <LI> In the certsrv snap-in, right-click Certificate Templates and select New then Certificate Template to Issue. </LI> <LI> Select Client-Server Authentication and then click OK. </LI> </OL> <P> This will be visible when viewing the certificate in the ‘Certificates’ MMC snap-in, as below: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93254i042A8DDAF15435C6" /> </P> <P> When you open the certificate, the ‘General’ tab will also contain the purpose of this certificate to be ‘Server Authentication’ as seen below: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93255i72021479E49A44AB" /> </P> <P> Another way to validate this, would be to go to the ‘Details’ section of the certificate and look at the ‘Enhanced Key Usage’ property: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93256iAC9C79399C377C21" /> </P> <P> The easiest way to get a certificate, if you control the client machines that will be connecting, is to use Active Directory Certificate Services.&nbsp; You can request and deploy your own certificates and they will be trusted by every machine in the domain. </P> <P> If you're going to allow users to connect externally and they will not be part of your domain, you would need to deploy certificates from a public CA.&nbsp; Examples including, but not limited to: GoDaddy, Verisign, Entrust, Thawte, DigiCert </P> <P> Now that you know what type of certificate you need, let’s talk about the contents of the certificate. </P> <P> In Windows 2008/2008 R2, you connect to the farm name, which as per DNS round robin, gets first directed to the redirector, next to the connection broker and finally to the server that will host your session. </P> <P> In Windows 2012, you connect to the Connection Broker and it routes you to the collection by using the collection name. </P> <P> The certificates you deploy need to have a subject name or subject alternate name that matches the name of the server that the user is connecting to.&nbsp; So for example, for Publishing, the certificate needs to contain the names of all of the RDSH servers in the collection.&nbsp; The certificate for RDWeb needs to contain the FQDN of the URL, based on the name the users connect to.&nbsp; If you have users connecting externally, this needs to be an external name (needs to match what they connect to).&nbsp; If you have users connecting internally to RDweb, the name needs to match the internal name.&nbsp; For Single Sign On, again the subject name needs to match the servers in the collection. </P> <P> For our example, let’s consider my RDS deployment to contain the following machines: </P> <P> RDSH1.RENDER.COM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Session Host with Remote Apps configured </P> <P> RDSH2.RENDER.COM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Session Host with Remote Apps configured </P> <P> RDVH1.RENDER.COM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Virtualization host with VDI VMs configured </P> <P> RDVH2.RENDER.COM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Virtualization host with VDI VMs configured </P> <P> RDCB.RENDER.COM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Connection Broker </P> <P> RDWEB.RENDER.COM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; RDWeb and Gateway server </P> <P> When my client connects internally, he will enter the FQDN of the server that hosts the web page, i.e,: RDWEB.RENDER.COM. </P> <P> The name of the certificate needs to be this name, of the URL that the user will initiate the connection to.&nbsp; But we need to remember that the connection does not just end here.&nbsp; The connection then flows from the web server to one of the session hosts or virtualization hosts and also the connection broker. </P> <P> The certificate can be common on all of these servers.&nbsp; This is why we recommend that the Subject Alternate Name of the certificate contain the names of all the other servers that are part of the deployment. </P> <P> In short, the certificate for my environment would be as follows: </P> <P> Type: Server Authentication </P> <P> Name: RDWEB.RENDER.COM </P> <P> SAN: RDSH1.RENDER.COM; RDSH2.RENDER.COM; RDVH1.RENDER.COM; RDVH2.RENDER.COM; RDCB.RENDER.COM </P> <P> This is all you need as long as you have 5 or less servers in the deployment. But we have a problem when we have more servers in the deployment. This is because, by design, the SAN (Subject Alternate Name) on a certificate, can only contain 5 server names. If you have more of them, you will have to get a wildcard certificate issued to cover all the servers in the deployment. Here my certificate changes as follows: </P> <P> Type: Server Authentication </P> <P> Name: RDWEB.RENDER.COM </P> <P> SAN: *.RENDER.COM </P> <P> We still do encounter some challenges when it comes to the following scenario. Note, that this is true only when you have external users that access the deployment. </P> <P> External name: RDWEB.RENDER.com </P> <P> Internal Name: RDWEB.RENDER.local </P> <P> Here, if you get a certificate with RDWEB.RENDER.COM in the name, the certificate errors still do appear.&nbsp; This is because the certificate is supposed to validate a server with the FQDN: ‘RDWEB.RENDER.COM’.&nbsp; However, your server is ‘RDWEB.RENDER.LOCAL’ and the ‘.com’ to ‘.local’ magic only happens at your public firewall/router using port forwarding (most common scenario). </P> <P> In such scenarios, we previously recommended that the name on the certificate contains the ‘.com’ name and the SAN contains the ‘.local’ name. </P> <P> Recently, all public certificate providers are stopping issuing certificates with ‘.LOCAL’ in them. Starting with Windows 8 and Windows Server 2012, we no longer need the external and internal names to be contained in the certificate. </P> <P> In scenarios where you have external clients connecting in and you have a private internal domain suffix (DOMAIN.LOCAL), you can get a certificate from a Public CA with the external (RDWEB.DOMAIN.COM) name and bind it to the RD Web Access and RD Gateway roles, because these are the only roles that are exposed to the internet.&nbsp; For RD Connection Broker – Publishing and RD Connection Broker – Enable Single Sign On, you can make use of an internal certificate with the ‘DOMAIN.LOCAL’ name on it.&nbsp; This however, as mentioned earlier, will only work with clients connecting through RDC 8.0 or above. </P> <P> The RD Gateway and Remote Desktop Client version 8.0 (and above) provides the external users with a secure connection to the deployment. Once connected to the deployment, the internal certificate with the ‘.local’ name will take care of Remote App signing (publishing) and Single Sign-On. </P> <P> Now, lets look at where we configure the certificate we have: </P> <P> Open the Server Manager on the Connection Broker server and Click on Remote Desktop Services in the left-most pane. </P> <P> Once here, you will see your deployment shown as in the illustration below. Click on Tasks and select “Edit Deployment Properties” </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93257i49C1DB2D3EEE7DD6" /> </P> <P> This will bring up the property sheet of the deployment. Select the Certificates option in the left pane: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93258iB538D994B1DCF597" /> </P> <P> Now, as discussed earlier, you can select the certificate that was created using the ‘Select Existing Certificate’ button on the bottom of the screen. </P> <P> Just point it to the ‘.pfx’ file and allow it to import the certificate for the role. </P> <P> You can use a single certificate for all the roles, if your clients are internal to the domain only, by generating a simple wildcard certificate (*.RENDER.LOCAL) and binding it to all the roles. </P> <P> Note, that even if you have multiple servers that are part of this deployment, the Server Manager will import the certificate to all the servers in the deployment, place them in the trusted root of the machines and bind them to the respective roles. </P> <P> -Kiran Kadaba </P> </BODY></HTML> Sat, 16 Mar 2019 12:23:01 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/certificate-requirements-for-windows-2008-r2-and-windows-2012/ba-p/375448 CraigMarcho 2019-03-16T12:23:01Z The case of “Above normal” priority https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/the-case-of-8220-above-normal-8221-priority/ba-p/375442 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jan 23, 2014 </STRONG> <BR /> <P> Good morning AskPerf!&nbsp; If you’ve used Task Manager, you may have noticed that it allows setting an “instance-based priority”.&nbsp; This is an option where you can choose to boost or reduce the priority of any process, whereby adjusting the amount of CPU attention the process receives.&nbsp; But honestly, how many times have you used this feature for any business apps on your Workstations or Servers?&nbsp; The answer is probably not much.&nbsp; The default CPU scheduling algorithm is adequately designed to distribute CPU among running processes in most scenarios. </P> <P> So recently, one of our customers reported the following anomaly they saw in Task Manager: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93251i5C996BE3796F6084" /> </P> <P> About 70% of the running processes would launch as <STRONG> Normal </STRONG> , and within few seconds the priority would change to <STRONG> Above normal </STRONG> automatically.&nbsp; This would happen for many arbitrary processes, and would not allow a fair CPU scheduling for LOB applications. </P> <P> So how do you drill it down?&nbsp; Well, we need to check some basic settings first.&nbsp; Any process on Windows platform can have <B> one </B> of the following priorities at a given time: </P> <UL> <LI> Realtime </LI> <LI> High </LI> <LI> Above normal </LI> <LI> Normal </LI> <LI> Below normal </LI> <LI> Low </LI> </UL> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93252iE7B31CA2FF59975B" /> </P> <P> Per MSDN these priorities correspond to following classes: </P> <UL> <LI> IDLE_PRIORITY_CLASS </LI> <LI> BELOW_NORMAL_PRIORITY_CLASS </LI> <LI> NORMAL_PRIORITY_CLASS </LI> <LI> ABOVE_NORMAL_PRIORITY_CLASS </LI> <LI> HIGH_PRIORITY_CLASS </LI> <LI> REALTIME_PRIORITY_CLASS </LI> </UL> <P> A process always launches with its Base Priority (default) – which can be decided by the app developer – else will inherit to default NORMAL_PRIORITY_CLASS. </P> <P> If you are a developer, to adjust your process’ priority from Base Priority (to newer priority), you can use the <A href="#" target="_blank"> SetPriorityClass </A> function.&nbsp; That is exactly what happens for a running process’s instance when you opt to adjust its priority from Task Manager.&nbsp; So we followed that route and begin investigating who is calling this <A href="#" target="_blank"> SetPriorityClass </A> () function on affected machine.&nbsp; We used our best friend XPERF (rather <A href="#" target="_blank"> WPR </A> , the latest version of it) with <A href="#" target="_blank"> stackwalk </A> enabled. </P> <P> <STRONG> Steps: </STRONG> </P> <OL> <LI> Start WPR </LI> <LI> Launch a process (say, notepad.exe) </LI> <LI> Wait for few seconds till the priority gets raised from “Normal” to “Above normal” </LI> <LI> Stop WPR capture </LI> <LI> Load the output ETL file in WPA (Windows Performance Analyzer, tool that comes with WPR installation) </LI> </OL> <P> In WPA, we focused on the stack flow for the process in question (notepad.exe in our example), and found below the stack where we see wsrm.exe calling SetPriorityClass() function. You can see this stack using just our public symbols (path: <A href="#" target="_blank"> http://msdl.microsoft.com/download/symbols </A> ). </P> <P> </P> <TABLE> <TBODY><TR> <TD> <P> Line # </P> </TD> <TD> <P> Process </P> </TD> <TD> <P> Stack </P> </TD> <TD> <P> Weight </P> </TD> <TD> <P> All Count </P> </TD> </TR> <TR> <TD> <P> 28 </P> </TD> <TD> </TD> <TD> <P> |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; |- wsrm.exe!CCPUManager::UpdatePriorities </P> </TD> <TD> <P> 4.891726 </P> </TD> <TD> <P> 5 </P> </TD> </TR> <TR> <TD> <P> 29 </P> </TD> <TD> </TD> <TD> <P> |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; wsrm.exe!CCPUManager::UpdatePriorities </P> </TD> <TD> <P> 4.891726 </P> </TD> <TD> <P> 5 </P> </TD> </TR> <TR> <TD> <P> 30 </P> </TD> <TD> </TD> <TD> <P> |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; wsrm.exe!CCPUManager::UpdatePriorities </P> </TD> <TD> <P> 4.891726 </P> </TD> <TD> <P> 5 </P> </TD> </TR> <TR> <TD> <P> 31 </P> </TD> <TD> </TD> <TD> <P> |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; |- wsrm.exe!CProcess::SetPriorityClass </P> </TD> <TD> <P> 4.058269 </P> </TD> <TD> <P> 4 </P> </TD> </TR> <TR> <TD> <P> 32 </P> </TD> <TD> </TD> <TD> <P> |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; KernelBase.dll!SetPriorityClass </P> </TD> <TD> <P> 4.058269 </P> </TD> <TD> <P> 4 </P> </TD> </TR> </TBODY></TABLE> <P> </P> <P> From screenshot of <I> Windows Performance Analyzer </I> : </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93253i1010BE7AA45B4CFC" /> </P> <P> So now we know what is causing the priorities to be bumped up, but why? </P> <P> <A href="#" target="_blank"> Windows Server Resource Manager </A> (wsrm.exe) is a great tool to manage server processor and memory usage with standard or custom resource policies.&nbsp; If you find yourself in a similar situation, chances are that you need to review the WSRM configuration and policies in your environment.&nbsp; Or, you can simply disable WSRM if you are not using it. <A href="#" target="_blank"> This blog </A> discusses more about WSRM policies and configuration. </P> <P> <STRONG> Additional Resources </STRONG> </P> <P> <A href="#" target="_blank"> Scheduling Priorities </A> </P> <P> -Deepak </P> <P> <STRONG> BONUS: </STRONG> Task Scheduler launches tasks by default in <STRONG> Below normal </STRONG> priority.&nbsp; To change the priority of a task, you would have to edit its xml file (&lt;Priority&gt;7&lt;/Priority&gt;), and re-import it.&nbsp; More info: <A href="#" target="_blank"> TaskSettings.Priority property </A> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> <P> </P> </BODY></HTML> Sat, 16 Mar 2019 12:22:14 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/the-case-of-8220-above-normal-8221-priority/ba-p/375442 CraigMarcho 2019-03-16T12:22:14Z Popular new features in Windows 8.1 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/popular-new-features-in-windows-8-1/ba-p/375438 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jan 14, 2014 </STRONG> <BR /> <P> We are very excited, as are many of you, about our latest OS. Windows 8.1 is readily available across the globe. We thought of listing some of the top/new features it brings to the table. Here is a small list of some of the more popular new features: </P> <P> <B> Your favorite Start button on taskbar </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93242iC5516726483DF7BD" /> </P> <P> We heard you and the Start button is back! It makes the task bar look familiar and provides ease of access to the Start screen from the desktop. </P> <P> <B> Start screen customization </B> </P> <P> Customization for the Start screen using group policies and PowerShell is now available. </P> <P> Group policies allow you to specify the Start screen layout and prevent configuration changes. The layout specifications must be stored in an XML file that is generated with the Export-StartLayout PowerShell cmdlet. This XML file can be made available locally or from a UNC path. </P> <P> The policies for the Start screen layout are available under: </P> <UL> <LI> Computer Configuration | Administrative Templates | Start Menu and Taskbar </LI> <LI> User Configuration | Administrative Templates | Start Menu and Taskbar </LI> </UL> <BLOCKQUOTE> <P> <B> NOTE </B> we will provide greater detailed steps in a later blog </P> </BLOCKQUOTE> <P> <B> Roam your favorite apps on 8.1 devices </B> </P> <P> Another highly requested feature. Since last October, you can roam your installed applications on Windows 8 and Windows 8.1 to as many as 81 Windows devices. Earlier, when we launched Windows 8, the number was restricted to just five devices. This is limited to Windows Store apps only. More details can be found here: </P> <P> <A href="#" target="_blank"> http://blogs.windows.com/windows/b/appbuilder/archive/2013/09/27/increasing-the-app-roaming-limits.aspx </A> . </P> <P> <B> Boot directly to the desktop </B> </P> <P> You can now bypass the Start screen and log on directly to the desktop. To configure it, launch Task Bar Properties &gt; Navigation &gt; “When I sign in or close all apps on a screen, go to the desktop instead of Start”. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93243i5838850C2E19FD16" /> </P> <P> You can also use the Start Screen customization policy to deploy this to a group of <B> users </B> . </P> <P> <B> Drag App to another display </B> </P> <P> You can now drag and drop Metro Style apps across monitors. Drag and drop works for both full screen and snapped apps! So if you are like me with multiple monitors, check out how Windows 8.1 can increase productivity: </P> <P> <A href="#" target="_blank"> http://blogs.technet.com/b/uspartner_ts2team/archive/2013/07/31/nice-multi-monitor-enhancements-in-windows-8-1.aspx </A> </P> <P> <B> Multi-snap views </B> </P> <P> This is my personal favourite as I can do multiple things at the same time. I watch my stocks, video call on skype, and still work on my desktop! Not enough? You can even adjust the width of each snap-in to suit your need. Now that’s super cool. It is not limited to three, but here is a screenshot to present the idea. Try it out! </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93244i7754E6953171E01C" /> </P> <BLOCKQUOTE> <P> <B> NOTE </B> we will provide greater detailed steps in a later blog </P> </BLOCKQUOTE> <P> <B> NFC has been enabled (for printing) </B> </P> <P> One of the best implementations of NFC on the Windows Platform is NFC tap-to-connect printers, which is introduced in Windows 8.1. We have detailed post on it here: </P> <P> <A href="#" target="_blank"> http://blogs.technet.com/b/askperf/archive/2013/10/21/windows-8-1-windows-server-2012-r2-nfc-tap-to-connect-printer-connections.aspx </A> </P> <P> <B> In-box Support for 3D printing </B> </P> <P> We debut in-box support for 3D printing in Windows 8.1. Another superb thing to discuss. Most of the functionality and details are posted here: </P> <P> <A href="#" target="_blank"> http://blogs.windows.com/windows/b/extremewindows/archive/2013/08/22/3d-printing-support-in-windows-8-1-explained.aspx </A> </P> <P> <B> Great "Search" capabilities </B> </P> <P> With Windows 8.1 you will fall in love with Windows Search, or what I call “Super Search”. You can now search virtually everywhere from just one place. Hit ‘Windows Key + S’ or select ‘Search’ from the Windows charms bar. You can opt to search the web, files on your local storage, settings or ALL of these places simultaneously. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93245i2452D7292ECB76F7" /> </P> <P> Search results for “Morgan Freeman” </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93246i3C1D905844DA42F1" /> </P> <P> <B> New layout for the Windows Store </B> </P> <P> New look, better visuals to review the screenshots and rating of applications. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93247i517DB7BD8B73ACC8" /> </P> <P> <B> All Apps screen </B> </P> <P> At Start screen now you can click on the small down arrow to quick change the view to “All Apps”. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93248i9C9AADD85C5D7C20" /> </P> <P> All installed apps on “All Apps” screen can be sorted by name (default), install date, mostly used, categories (game, production, utilities, etc). </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93249i189A9DC933B644D4" /> </P> <P> <B> Wireless Display (Miracast support) </B> </P> <P> We tested with several Miracast receivers and among others, these work great in bringing Windows 8.1 to the big screen (wirelessly): ActionTec, ScreenBeam Pro and Netgear Push2TV (PTV3000). Some good details here: </P> <P> <A href="#" target="_blank"> http://blogs.windows.com/windows/b/windowsexperience/archive/2013/11/12/windows-8-1-on-your-big-screen-with-miracast.aspx </A> </P> <P> <B> Download and Install updates for Store Apps automatically </B> </P> <P> The feature can now be turned on/off using group policy located at Computer Configuration | Administrative Templates | Windows Components | Store | “Turn off Automatic Download and install of updates”. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93250i1A21EF96B97710BC" /> </P> <P> Let us know in comments below your favorite features in Windows 8.1, or if you have any questions around these features. </P> <P> -Deepak Kumar </P> </BODY></HTML> Sat, 16 Mar 2019 12:21:45 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/popular-new-features-in-windows-8-1/ba-p/375438 CraigMarcho 2019-03-16T12:21:45Z The [The selected task “{0}” no longer exists…] issue https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/the-the-selected-task-8220-0-8221-no-longer-exists-8230-issue/ba-p/375428 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 20, 2013 </STRONG> <BR /> <P> Good morning AskPerf! Over the past couple of years, our customers have opened Support Cases and created forum posts&nbsp; on the following error when opening Task Scheduler on Windows 7 clients and Windows 2008 R2 Servers: </P> <BR /> <P> <STRONG> The selected task “{0}” no longer exists. To see the current tasks, click Refresh. </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93239i52AF9482A5193617" /> </P> <BR /> <P> After you click OK to the additional messages, Scheduled Tasks will disappear: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93240iDA1938BC08590D84" /> </P> <BR /> <P> <STRONG> Note </STRONG> your tasks are actually there, but because of this issue, they cannot be seen in the GUI. </P> <BR /> <P> There have been multiple resolutions to resolve this issue, however the fix below may be the easiest: </P> <BR /> <OL> <BR /> <LI> Re-create the missing <STRONG> Scm </STRONG> folder under “ <STRONG> %windir%\System32\LogFiles </STRONG> ” </LI> <BR /> </OL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93241iC8E1B9D0F4ED3A00" /> </P> <BR /> <P> 2. Restart your machine </P> <BR /> <P> You should now be able to open Task Scheduler and see your tasks, or at the very least, find the particular task that is triggering this error. </P> <BR /> <P> Unfortunately, we are unsure why the <STRONG> Scm </STRONG> folder is getting removed, but can speculate Malware, an Administrator cleaning up files/folders, etc. </P> <BR /> <P> If this does not resolve your issue, check the blog post below which points to other resolutions by our forum members. </P> <BR /> <P> <A href="#" target="_blank"> Error message 'The selected task "{0}" no longer exists. To see the current tasks, click Refresh’ </A> </P> <BR /> <P> <STRONG> Note </STRONG> this blog post will be updated as new information becomes available. </P> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:20:15 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/the-the-selected-task-8220-0-8221-no-longer-exists-8230-issue/ba-p/375428 CraigMarcho 2019-03-16T12:20:15Z Heads up: Perfmon algorithm issue found/fixed https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/heads-up-perfmon-algorithm-issue-found-fixed/ba-p/375424 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 01, 2013 </STRONG> <BR /> One of our Escalation Engineers has posted the following blog on the NTDEBUGGING page: <BR /> <BR /> <A href="#" target="_blank"> Performance Monitor Averages, the Right Way and the Wrong Way </A> <BR /> <BR /> <BLOCKQUOTE> <P> <EM> Recently we have found that under some conditions perfmon will use the incorrect algorithm to calculate averages.&nbsp; When reading from log files perfmon has been formatting the values, summing them, and dividing by the number of entries.&nbsp; This issue has been corrected in perfmon for Windows 8/Server 2012 with </EM> <EM> KB2877211 </EM> <EM> and for Windows 8.1/Server 2012 R2 as part of </EM> <EM> KB2883200 </EM> <EM> .&nbsp; We recommend using these fixes when analyzing perfmon logs to determine the average of a performance counter.&nbsp; Note that KB2877211/KB2883200 only change the behavior when analyzing logs, there is no change when the data is collected.&nbsp; This means you can collect performance logs from any version of Windows and analyze them on a system with these fixes installed. </EM> </P> <P> </P> </BLOCKQUOTE> <BR /> <BR /> <A href="#" target="_blank"> Windows 8 / Server 2012 hotfix link </A> <BR /> <BR /> <BR /> <BR /> <A href="#" target="_blank"> Windows 8.1 / Server 2012 R2 hotfix link </A> <BR /> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:19:43 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/heads-up-perfmon-algorithm-issue-found-fixed/ba-p/375424 CraigMarcho 2019-03-16T12:19:43Z Windows 8.1 / Windows Server 2012 R2 – Wrap up https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-8211-wrap-up/ba-p/375423 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 29, 2013 </STRONG> <BR /> Over the past 1 1/2 weeks, we have touched on a number of new updates to Windows 8.1 and Windows Server 2012 R2 that our (Windows Performance/Reliability) team supports.&nbsp; We hope you’ve enjoyed reading these posts and look forward to your comments. <BR /> <BR /> To wrap up the mini-series, we’d like to direct you to a couple of other resources with cool new features: <BR /> <BR /> <P> <B> 3D Printing </B> </P> <UL> <LI> <A href="#" target="_blank"> 3D Printing Support in Windows 8.1 Explained </A> </LI> <LI> <A href="#" target="_blank"> 3D Printing Demo </A> <BR /> </LI> </UL> <P> <B> Remote Desktop Services Features </B> </P> <UL> <LI> Dynamic addition and subtraction of monitors </LI> <LI> Improved RemoteApp behavior </LI> <LI> Quick Reconnect </LI> <LI> DirectX 11.1 support </LI> <LI> <A href="#" target="_blank"> What's New in Windows Server 2012 Virtual Desktop Infrastructure and Remote Desktop Services </A> <BR /> <STRONG> Note </STRONG> To see just the new features, skip to 55:23 in our Channel 9 video. </LI> </UL> <P> Thank you to the following folks that helped put this content together and get it published: </P> <UL> <LI> Aaron Maxwell </LI> <LI> Jerry Ciferri </LI> <LI> Madhurjya Bora </LI> <LI> Blake Morrison </LI> </UL> <P> As always, the most current information regarding these features can be found in the following links: </P> <UL> <LI> <A href="#" target="_blank"> Windows OS Landing page </A> </LI> <LI> <A href="#" target="_blank"> Windows Blog </A> </LI> <LI> <A href="#" target="_blank"> Windows Server 2012 R2 </A> </LI> <LI> <A href="#" target="_blank"> Windows Server Blog </A> </LI> </UL> <P> -AskPerf Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:19:35 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-8211-wrap-up/ba-p/375423 CraigMarcho 2019-03-16T12:19:35Z Windows 8.1 / Windows Server 2012 R2 – Assigned Access https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-8211-assigned-access/ba-p/375422 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 28, 2013 </STRONG> <BR /> <P> Hello again Askperf!&nbsp; Today we are going to quickly highlight the new Assigned Access feature in Windows 8.1.&nbsp; Formally known as Kiosk Mode, Assigned Access is designed to restrict a standard user access to a single application. This feature works well for the corporate admin or parent that would like to prevent users from having full access to a given machine.&nbsp; Once configured, Assigned Access will prevent the user from other apps, computer controls, or other computer settings. </P> <P> To enable this feature access the Settings Charm and select Change PC settings.&nbsp; Under the Accounts page you will want to access “Other Accounts” and you will see the option to add an account or “set up an account for assigned access” </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93236i9B87A17F9FEBFCF5" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93237i19E9E45A887ED5E5" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93238i421086EC99CE38D5" /> </P> <P> There you have it.&nbsp; The next time the user logs in he or she will have a full screen of the application specified.&nbsp; It is important to note that you can only assign one Windows Store app per user.&nbsp; To sign out the user will quickly press the Windows log key five times. </P> <P> -Jerry </P> </BODY></HTML> Sat, 16 Mar 2019 12:19:29 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-8211-assigned-access/ba-p/375422 CraigMarcho 2019-03-16T12:19:29Z Windows 8.1 / Windows Server 2012 R2 - Updated Shell UI changes https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-updated-shell-ui-changes/ba-p/375418 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 25, 2013 </STRONG> <BR /> <P> Hello folks, today I would like to take some time and highlight some of the new UI changes in the shell for Windows 8.1. Windows 8.1 introduces several changes that allow the user to personalize and enhance the overall user experience. </P> <P> <B> Start Screen </B> </P> <P> The Start Screen now provides more customization options. There are more sizes available for customizing your tiles. You now have the options of large, medium, wide, or small tiles to maximize real estate on the start screen. Another change in 8.1 is that installing applications will not drop tiles directly on the start screen anymore. Instead, app tiles will be installed under the new All Apps screen. The new All Apps screen is accessed from the down arrow available on the start screen. Both start screen and all apps screen can also be customized to use the desktop wallpaper for additional personalization. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93231i5E25D8C2EC1E1B63" /> </P> <P> <B> All Apps screen </B> </P> <P> The All Apps screen can be sorted by Name, Installed Date, Most Used, and by Category. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93232i2C14A50F71EBAFB5" /> </P> <P> <B> Lock Screen </B> </P> <P> Another new feature is the ability to customize the lock screen with a slide show. This setting is configured via the Settings charm, Change PC Settings, Lock Screen. From here you have the option to play a slide show, specify a new local folder or SkyDrive, and control length of time before turning off the slide show. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93233i1ED40BCB92D6D2E0" /> </P> <P> <B> </B> </P> <P> <B> Start Button </B> </P> <P> The Start Button is back with Windows 8.1! Although it’s not the actual start menu. By default clicking the start button will navigate you to and from the Start Screen but this can be changes to navigate to the All Apps screen instead. Right clicking the button will provide you a context menu of shortcuts to useful and common programs such as event viewer, control panel, and the command prompt to name a few. If you prefer hot keys, pressing “Windows + X” will get you this same menu. The options to shutdown, sign out, or restart are also now available directly from the start button. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93234iBCFCBB5AA52C6BF3" /> </P> <P> <B> Boot to Desktop </B> </P> <P> Another nice feature is the ability to boot directly to your desktop. This setting is tucked away under Taskbar properties. To enable this you can right click on the Taskbar, select properties, access the Navigation tab, and select “When I sign in or close all apps on a screen, go to desktop instead of Start”. From the Navigation tab you can also point the start button to the All Apps screen if you prefer. If you are a PowerShell junkie, you can also replace the default command prompt option with PowerShell in the start button context menu. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93235i5687BCD0D1599D5D" /> </P> <P> These are just some of the new features available in Windows 8.1. Enjoy! </P> <P> -Jerry </P> </BODY></HTML> Sat, 16 Mar 2019 12:18:58 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-updated-shell-ui-changes/ba-p/375418 CraigMarcho 2019-03-16T12:18:58Z Windows 8.1 / Windows Server 2012 R2 - In-box Scan App https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-in-box-scan-app/ba-p/375412 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 24, 2013 </STRONG> <BR /> <P> Welcome back AskPerf readers!&nbsp; Prior to Windows 8.1, scanning could be a relatively frustrating experience with many questions coming to mind… </P> <UL> <LI> Will my scanner work on Windows RT? </LI> <LI> Do I need to download a driver from the manufacturer? </LI> <LI> Do I have the necessary applications to acquire and edit an image? </LI> </UL> <P> With Windows 8.1, any Windows Image Acquisition (WIA) 2.0 compliant scanner will simply plug in and work, thanks to the magic of generic in-box scanner class drivers. </P> <P> Since WIA 2.0 has been a logo requirement for all locally-connected scanner devices since June 2010, you can be fairly confident that any new scanner device will be supported. </P> <P> The software to acquire images is also included with the operating system, thanks to the modern in-box Scan app.&nbsp; Start typing “Scan” at the Start screen and its tile will be displayed. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93228i72DAD8FF31565965" /> </P> <P> The Scan app will occupy the left side of the screen, with scanner configuration options that are automatically detected based on the device.&nbsp; You will also be presented with a choice of image formats and a location to save the image file to. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93229iA945956B1CFBD69A" /> </P> <P> Once an image has been acquired, the Pictures modern app will be displayed to the right with the images you’ve scanned in. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93230iC29E19F03E0CFDB8" /> </P> <P> At this point you’re free to import the image into any application of your choice, and have hopefully had a much better scan experience than in years past. </P> <P> -Aaron </P> </BODY></HTML> Sat, 16 Mar 2019 12:18:06 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-in-box-scan-app/ba-p/375412 CraigMarcho 2019-03-16T12:18:06Z Windows 8.1 / Windows Server 2012 R2 - Printer Roaming https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-printer-roaming/ba-p/375408 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 23, 2013 </STRONG> <BR /> <P> Hello again AskPerf!&nbsp; Today I’m going to introduce a new Windows 8.1 feature called Printer Roaming. </P> <BR /> <P> Windows 8 provided the ability for users to roam a number of settings with their Microsoft account, such as the desktop background and web history. </P> <BR /> <P> Windows 8.1 extends this functionality to include roaming of printer connections, and this is primarily aimed at bring-your-own-device (BYOD) scenarios. </P> <BR /> <P> If you use Microsoft-connected accounts in your workplace (i.e. an account tied to a Hotmail.com or Outlook.com e-mail address), Windows 8.1 will store your UNC printer connections in the cloud and reconnect them on other Windows 8.1 devices you bring into the workplace. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93226iE34E2B8DAA79E5AC" /> </P> <BR /> <P> So, let’s say you’ve manually mapped 3 printer connections (e.g. <A> \\ServerName\PrinterShare </A> ) on your Windows 8.1 desktop PC at work.&nbsp; When you bring a Windows 8.1 tablet into the workplace, the operating system will keep your printer connections in sync by automatically connecting them. </P> <BR /> <P> This feature is currently grouped with Other Windows Settings, which can be found in the SkyDrive options in the PC Settings application. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93227iE90D636A672596C8" /> </P> <BR /> <P> There are a few important caveats that I’d like to note. </P> <BR /> <UL> <BR /> <LI> Printer connections pushed through group policy are not automatically connected.&nbsp; This feature is aimed at personalizing the experience for printers the user has manually connected. </LI> <BR /> <LI> Only queues utilizing v4 printer drivers will be roamed.&nbsp; This guarantees compatibility with Windows RT clients. </LI> <BR /> <LI> This feature currently offers&nbsp;an on/off toggle. </LI> <BR /> <LI> If you use Microsoft-connected accounts in your workplace and want to disable Printer Roaming, all of the Sync settings in Other Windows Settings must also be disabled. </LI> <BR /> <UL> <BR /> <LI> Individual printer connections cannot be configured to roam or not roam. </LI> <BR /> </UL> <BR /> </UL> <BR /> <P> When considering Microsoft-connected accounts in your workplace, you can count Printer Roaming among the many valuable feature opportunities that become available. </P> <BR /> <P> -Aaron </P> </BODY></HTML> Sat, 16 Mar 2019 12:17:33 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-printer-roaming/ba-p/375408 CraigMarcho 2019-03-16T12:17:33Z Windows 8.1 / Windows Server 2012 R2 - RDS Shadowing is back! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-rds-shadowing-is-back/ba-p/375405 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 22, 2013 </STRONG> <BR /> <P> Hello again AskPerf!&nbsp; I’m happy to report that Windows Server 2012 R2 reinstates Remote Desktop Shadowing. </P> <P> This functionality lived in kernel mode through Windows Server 2008 R2, but was removed from the product in Windows Server 2012 when the RDP stack was moved to user mode. </P> <P> We’ve strived for feature-parity with 2008 R2, with the main visual change being accessibility through Server Manager. </P> <P> So, where can I find it? </P> <P> The shadow UI is located in Server Manager under Remote Desktop Services / Collections. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93223iBECE03983D1C5DA6" /> </P> <P> Simply right-click a user’s session and choose Shadow from the context menu, then choose to view or control the session with or without consent. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93224i67A86792EC737237" /> </P> <P> You may also access shadowing from the command line: </P> <BLOCKQUOTE> <P> <B> Mstsc.exe </B> [/shadow:sessionID [/v:Servername] [/u:[Username]] [/control] [/noConsentPrompt]] </P> <P> <B> /shadow:ID </B> Starts shadow with the specified sessionID. </P> <P> <B> /v:servername </B> If not specified, will use the current server as the default. </P> <P> <B> /u:username </B> If not specified, the currently logged on user is used. </P> <P> <B> /control </B> If not specified, will only view the session. </P> <P> <B> /noConsentPrompt </B> Attempts to shadow without prompting the shadowee to grant permission. </P> </BLOCKQUOTE> <P> By default, a shadowee must explicitly give permission to allow their session to be shadowed. To be able to shadow without permission, the administrator must intentionally override this with a group policy set to allow shadowing without user permission. </P> <P> You’ll find the shadow group policies in the following path (gpedit.msc): </P> <BLOCKQUOTE> <P> [&lt;Computer Configuration&gt; |&lt;User Configuration&gt; </P> <P> \Administrative Templates\Windows Components\Remote Desktop Services </P> <P> \Remote Desktop Session Host\Connections </P> <P> \Set rules for remote control of Remote Desktop Services user sessions </P> </BLOCKQUOTE> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93225iDA990B0D2FD6AE76" /> </P> <P> There are a couple of key limitations that you should be aware of: </P> <UL> <LI> Only an administrator may shadow sessions. The ability to shadow sessions cannot be delegated to users that are not part of the administrators group. </LI> <LI> Shadowing is not available in workgroup configurations. </LI> </UL> <P> I hope everyone is able to (re)integrate this extremely helpful tool in their remote desktop environments and get those older deployments moved to Windows Server 2012 R2. </P> <P> -Aaron </P> </BODY></HTML> Sat, 16 Mar 2019 12:17:08 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-rds-shadowing-is-back/ba-p/375405 CraigMarcho 2019-03-16T12:17:08Z Windows 8.1 / Windows Server 2012 R2 – NFC “tap to connect” Printer Connections https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-8211-nfc-8220-tap-to-connect/ba-p/375401 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 21, 2013 </STRONG> <BR /> Hello folks, today I am going to talk about a new feature that's available in Microsoft Windows 8.1 and Server 2012 R2 called <B> NFC “tap to connect” Printing. </B> NFC stands for <B> Near Field Communication </B> , which allows a two way communication between devices (endpoints) within a very close proximity; typically no more than few centimeters. <BR /> <BR /> NFC “tap to connect” printing makes installation of printers very simple, in short, the user can just tap an NFC enabled device (for ex: a laptop or a tablet) on an NFC enabled printer and can then immediately install that particular printer. <BR /> <BR /> This way, the user does not have to follow the traditional method of printer installation and does not need to know any details of the printer. For example, the print server where it’s hosted on, or the actual printer name itself. NFC “tap to connect” printing can be used for both <A href="#" target="_blank"> WSD </A> printers and shared printers. <BR /> <BR /> There are printers that already have NFC capability built-in. The good news is, you can make any existing non-NFC printer NFC capable, by using an NFC tag. NFC tags are like stickers that can be programed to store the required information. <BR /> <BR /> So how do we program an NFC tag? You can do this by using a simple PowerShell cmdlet called <B> Write-PrinterNfcTag </B> . Below are the steps to accomplish this: <BR /> <BR /> 1. Launch PowerShell as an administrator on a Windows 8.1 / 2012 R2 system that has NFC hardware capability. You can verify whether the system is NFC capable in device manager; if the system has an NFC device, it will be located under "Proximity devices" in device manager. <BR /> <BR /> 2. Type in the following command in the PowerShell window: <BR /> <BR /> <BLOCKQUOTE> <B> Write-PrinterNfcTag -Sharepath &lt;UNC path of the printer&gt; </B> <P> </P> </BLOCKQUOTE> <BR /> <BR /> <P> <I> Example: </I> <BR /> <BR /> </P> <BLOCKQUOTE> <B> Write-PrinterNfcTag -Sharepath </B> <B> \MyprintserverPrinterX </B> <B> </B> <B> </B> <P> </P> </BLOCKQUOTE> <BR /> <BR /> <P> 3. Once you run this command, you will be prompted to tap the NFC sticker (tag) against the device on which you ran the command. You now need to tap it against the NFC radio on the Windows 8.1 / 2012 R2 system within 30 seconds. Once tapped, the printer share information is written into the NFC tag. That’s it! Your NFC tag is now encoded with the printer share information and all you need to do is attach the NFC tag on the printer that you have specified in the Write-PrinterNfcTag command. <BR /> <BR /> <B> Note: </B> <BR /> <BR /> </P> <UL> <LI> It is recommended to use NFC forum approved tags, of at least 1kb capacity </LI> <LI> You can use the <B> -Lock </B> parameter with the above mentioned commands if you want to prevent further modification of the NFC tag once its programmed </LI> <LI> To read an NFC tag, you can use the <B> Read-PrinterNfcTag </B> cmdlet </LI> </UL> <BR /> <BR /> For a user to print, all they need to do is tap an NFC enabled device (for instance a tablet), on the NFC tag that’s attached on the printer, and the user will be prompted for the installation of that particular printer. <BR /> <BR /> Please note, the NFC tag and the Printer never communicates with each other, the print process still uses the existing infrastructure and the network. NFC “tap to connect” printing is just a way to pair and install the printer and it does this like a charm! <BR /> <BR /> <P> <B> Additional Resources </B> </P> <UL> <LI> <B> <A href="#" target="_blank"> What's New in Print and Document Services in Windows Server 2012 R2 </A> </B> </LI> </UL> <P> -Madhurjya </P> </BODY></HTML> Sat, 16 Mar 2019 12:16:36 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-8211-nfc-8220-tap-to-connect/ba-p/375401 CraigMarcho 2019-03-16T12:16:36Z Windows 8.1 / Windows Server 2012 R2 - VMConnect Enhanced Mode - RDP over VMBUS https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-vmconnect-enhanced-mode-rdp/ba-p/375400 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 18, 2013 </STRONG> <BR /> <P> Hello folks, </P> <P> I would like to introduce you to an exciting new feature in Windows Server 2012 R2 called VMConnect Enhanced Mode. </P> <P> This feature enables high fidelity RDP sessions to VM guests over the VM bus.&nbsp; High fidelity implies getting audio, clipboard support, USB and other redirection in addition to enhanced graphics. </P> <P> Creating high fidelity sessions to guests through TCP/IP RDP connections has always been possible, but requires a properly configured network path to the VM.&nbsp; The VMConnect Enhanced Mode feature allows for these high fidelity sessions when no network connectivity exists between the host and guest OS's. </P> <P> So, how can I get started with this feature? </P> <P> First, install Windows Server 2012 R2 with the Hyper-V role and create a Windows 8.1 guest OS. </P> <P> Launch Hyper-V Manager on the host OS and tick the following boxes: </P> <P> <STRONG> Server \ Enhanced Session Mode Policy \ Allow enhanced session mode <BR /> </STRONG> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93217i776C114BCB8C35D1" /> </P> <P> <STRONG> </STRONG> </P> <P> <STRONG> User \ Enhanced Session Mode \ Use enhanced session mode <BR /> </STRONG> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93218iAA147BD5CA76EA93" /> </P> <P> Now connect to your VM and notice the familiar RDP dialog options that you may configure to enhance your VMConnect experience. </P> <P> <STRONG> </STRONG> </P> <P> <STRONG> Display options and the ability to save your RDP settings <BR /> </STRONG> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93219iE41027EDD6A21ED8" /> </P> <P> <STRONG> </STRONG> </P> <P> <STRONG> Select which local resources you'd like to redirect with RDP <BR /> </STRONG> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93220iE5D193B0924CF509" /> </P> <P> <STRONG> </STRONG> </P> <P> <STRONG> Audio options, including input (mic) <BR /> </STRONG> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93221i0CF9A15605386E42" /> </P> <P> <STRONG> </STRONG> </P> <P> <STRONG> Additional granular control of what's redirected and available in your session <BR /> </STRONG> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93222iD2563C6B1A3772A8" /> </P> <P> I especially like the clipboard redirection, which means never having to use the Clipboard \ Type Clipboard Text option again. </P> <P> Are there any caveats?&nbsp; Yes, and let's go over those now so there are no surprises. </P> <P> <B> VMConnect Enhanced Mode FAQ: </B> </P> <P> Q) Will this feature work with Windows OS's prior to 8.1? <BR /> A) No. A Windows 8.1, Server 2012R2 or later OS guest is required. </P> <P> Q) Does this feature work from an RDP session into the Hyper-V host? <BR /> A) Yes. This feature is available when RDP'ing into the Hyper-V host. </P> <P> Q) Does this feature work on Gen1 VM's? <BR /> A) Yes. This feature works on both Gen1 and Gen2 VM's. </P> <P> Q) Does this feature require integration services? <BR /> A) Windows 8.1 includes integration services, but this feature does not require them to be enabled in the guest configuration options. </P> <P> Q) Does this feature require a network adapter configured for the VM with a valid virtual switch selected? <BR /> A) No. A key point of this feature is that the RDP connection is made over the VMBUS rather than having to configure networking. </P> <P> Q) Does the guest OS need to be configured to accept RDP connections? <BR /> A) No. This feature will work even if the guest is configured for "Don't allow remote connections to this computer". </P> <P> Q) Are there any user requirements on the guest? <BR /> A) Yes. Enhanced sessions are only available when logging into the guest as a member of the local Administrators group or the Remote Desktop Users group.&nbsp; Additionally, the guest OS must support Remote Desktop sessions.&nbsp; (i.e. Pro or Enterprise editions of Windows 8.1.&nbsp; Home editions will not work.) </P> <P> Q) Is this feature compatible with RemoteFX-enabled guests? <BR /> A) No. This feature is not available on guests with RemoteFX adapters. </P> <P> Q) Should I expect this feature work on the first boot of the guest OS? <BR /> A) No. The guest OS should be rebooted at least once to complete OOBE setup. </P> <P> Thanks for checking out one of the great new features available in Server 2012 R2 and Windows 8.1.&nbsp; I hope everyone is able to make use of this soon! </P> <P> - Aaron </P> </BODY></HTML> Sat, 16 Mar 2019 12:16:30 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-vmconnect-enhanced-mode-rdp/ba-p/375400 CraigMarcho 2019-03-16T12:16:30Z Windows 8.1 / Windows Server 2012 R2 Mini-Blog Series coming… https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-mini-blog-series-coming-8230/ba-p/375392 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 15, 2013 </STRONG> <BR /> Hello AskPerf, <BR /> <BR /> Just wanted to give you a quick heads up that we are going to begin a Mini-Blog Series this Friday (10/18).&nbsp; We will be covering some of the new features in Windows 8.1 and Windows Server 2012 that our (Reliability/Performance) Team support. <BR /> <BR /> We are still finalizing these blogs, so I do not have a complete list as of this post.&nbsp; However, I know you will enjoy reading about the new exciting features in these releases. <BR /> <BR /> <P> For more details about Windows 8.1 &amp; Server 2012 R2, check these links: </P> <UL> <LI> <A href="#" target="_blank"> Windows Blogs </A> </LI> <LI> <A href="#" target="_blank"> Windows 8.1 Enterprise RTM Now Available To Volume License Customers </A> </LI> <LI> <A href="#" target="_blank"> Get your apps ready for the Windows 8.1 launch! </A> </LI> <LI> <A href="#" target="_blank"> Reading Windows 8.1 for release (UPDATED) </A> </LI> <LI> <A href="#" target="_blank"> Mark your calendars for Windows 8.1! </A> </LI> <LI> <A href="#" target="_blank"> Windows Server 2012 R2 </A> </LI> </UL> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:15:35 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-1-windows-server-2012-r2-mini-blog-series-coming-8230/ba-p/375392 CraigMarcho 2019-03-16T12:15:35Z What to do if your Windows 8 Modern App fails to start https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/what-to-do-if-your-windows-8-modern-app-fails-to-start/ba-p/375391 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 11, 2013 </STRONG> <BR /> <P> Good morning AskPerf!&nbsp; David Alessi here from the Windows 8 client team.&nbsp; One of the biggest support issues we’ve seen is with Windows 8 Store (formerly Metro/Modern) Apps failing to start.&nbsp; This post is going to cover some of the most common issues that users run into, and how to troubleshoot them. </P> <P> When troubleshooting Windows 8 Apps, first establish whether or not the App is starting at all.&nbsp; When a Windows 8 App is first clicked the first thing that appears is the splash screen for that particular App.&nbsp; For example: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93212i3F156EAB38C91318" /> </P> <P> The splash screen is a solid color page typically with the App’s logo on it.&nbsp; When the App is first clicked, Windows is responsible for running the splash screen while the App gets ready to run.&nbsp; If the splash screen is briefly displayed and then closes, this means that Windows is opening the splash screen but the App is not starting. </P> <UL> <LI> When the splash screen is displayed and then closes, we could be looking a permissions problem, group policy setting, or something configured in the Windows Firewall service - all of which could cause the start screen to not display Apps that should be there </LI> <LI> When an App starts properly and cannot access local resources,&nbsp; NTFS file permissions should be checked </LI> <LI> If the App starts properly but cannot access network resources, then a likely cause is the Windows 8 App’s inability to work with authenticated proxies </LI> <LI> If the splash screen is never shown, it’s possible that there’s an Application control setting/tool in place.&nbsp; For example, a Microsoft Software restriction and/or Applocker.&nbsp; Both of these Microsoft technologies are deployed with group policy. </LI> <LI> Apps missing from the start screen can be caused by any of the issues covered in this article, just step through the causes one at a time </LI> </UL> <P> Now that I’ve laid out some common causes I’ll go over how to fix each of issues above. </P> <P> To start there are a few logs that can help you narrow down on the issue. I typically start with logs when only a certain app or apps are acting up (as opposed to all of them). If this is the case, make sure to give uninstall/reinstall a shot, or at least update to the latest version of the application. </P> <P> The uninstall option is accessed by right clicking an app, </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93213iE7F8BDC0098282FD" /> </P> <P> And updates are managed through the store. </P> <P> The first log I’ll mention is <B> %TEMP%\winstore.log </B> </P> <P> Winstore.log tracks update and install information for your applications, if you are having issues after an install or update this would be a good place to look first. </P> <P> The other logs that can be helpful are located in your event log, easiest way to get there is to type “eventvwr” with your start screen open. Run it as an administrator. </P> <P> With event viewer open navigate to: <B> Event Viewer&gt;Applications and Services Logs&gt;Microsoft&gt;Windows </B> </P> <P> Logs of interest </P> <UL> <LI> <B> AppModel-Runtime </B> : Issues starting, running, terminating apps, does not report most issues. Events are generic. </LI> <LI> <B> Apps </B> : Start screen operations, most Windows 8 app issues will show up here, although the errors are not always informative. </LI> <LI> <B> AppXDeployment and AppXDeployment-Server: </B> Appx refers to the Windows 8 Store app type, as they are .appx file types. These logs track issues during install, deployment, update, and uninstall. </LI> </UL> <P> There are more logs that track Windows 8 app information, I’m not going to go over them because I have not found them helpful but to name a few: All-User-Install-Agent, AppHost, AppxPackagingOM, PackageState-Roaming, PushNotifications-Platform, and Store-Licensing. </P> <P> <B> Group policy </B> </P> <P> The easiest way to test if group policy is the issue is to test behavior of a fresh machine.&nbsp; That is, using the image and deployment process where you determined there was an issue in the first place (MDT, PXE, etc.). </P> <UL> <LI> Do NOT join the machine to the domain at this point </LI> <LI> If the machine still does not work post-deployment, pre-domain joined, then we could possibly be looking at something wrong in the image </LI> <LI> If the App works soon after it’s joined to the Domain, then breaks after a reboot, a group policy setting could be the culprit </LI> </UL> <P> If you suspect that a group policy setting is breaking the App, then the following steps should be performed on the problem machine and/or user session: </P> <UL> <LI> Elevated CMD Prompt: “Gpresult /h gpreport.html /user &lt;DOMAINNAME&gt;\&lt;USERNAME&gt;” </LI> <UL> <LI> Registry and file system permissions can be set via group policy so search your group policy reports for changes </LI> <LI> Make note of any Services modified by Group Policy, especially Windows Firewall - if Windows Firewall is disabled then Windows 8 Apps will not work </LI> <LI> Look for “software restriction”, “Application control” or “Applocker settings” </LI> <UL> <LI> All 3 of these can be configured to block Applications using certain file extensions.&nbsp; Windows 8 Apps use the .Appx extension which is not present in previous versions of Windows </LI> </UL> </UL> </UL> <P> When applocker is responsible for blocking an application, the user is typically presented with the prompt “This app has been blocked by you system administrator” however, this is not always the case. </P> <P> To verify whether applocker is causing you issues open your event log and open: </P> <P> <B> Application and Services Logs&gt;Microsoft&gt;Windows&gt;Applocker </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93214iCC73F04B7ED583FC" /> </P> <UL> <LI> Applocker will report events when it blocks apps so you can check here to verify, a blocked app will show up as an 8022 </LI> </UL> <P> <B> Permissions </B> </P> <P> As mentioned above, file system permissions, whether in the image, in a logon/startup script, or in group policy, can affect Windows 8 Store Apps. </P> <P> In Windows 8, there is a new principle used to run Windows 8 Apps - ALL APPLICATION PACKAGES. To check for this principle: <B> right-click on a folder or file in the file system&gt;Properties&gt;Security Tab&gt;Advanced </B> . </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93215i80A14D0ADDCADF51" /> </P> <P> Here you can see a list of all security principles on that location and their permissions. Notice ALL APPLICATION PACKAGES at the bottom. </P> <P> ALL APPLICATION PACKAGES need the following permissions to execute properly: </P> <UL> <LI> Read &amp; execute, List folder contents and Read in the following locations </LI> <UL> <LI> C:\Windows </LI> <LI> C:\Program Files (x86) </LI> <LI> C:\Program Files </LI> </UL> <LI> List folder and read data, Create Folders and Append Data </LI> <UL> <LI> C:\Users\&lt;userName&gt;\AppData\Local\Microsoft\Windows\WER </LI> </UL> <LI> Read </LI> <UL> <LI> HKEY_CLASSES_ROOT </LI> <LI> HKEY_LOCAL_MACHINE\Drivers </LI> <LI> HKEY_LOCAL_MACHINE\HARDWARE </LI> <LI> HKEY_LOCAL_MACHINE\SAM </LI> <LI> HKEY_LOCAL_MACHINE\SOFTWARE </LI> <LI> HKEY_LOCAL_MACHINE\SYSTEM </LI> <LI> HKEY_USERS </LI> </UL> </UL> <P> <B> Other Causes </B> </P> <P> The other major issues with Windows 8 Store Apps are authenticated proxies.&nbsp; Windows 8 Apps do not have the architecture built in to pass credentials, cookies, certificates or any other authentication methods to proxies – which will fail when loading.&nbsp; Some of these symptoms include the following: </P> <UL> <LI> Applications will start but not be able to connect to resources on the internet </LI> <LI> You may be able to browse the Store, however downloads will fail, “App couldn’t be installed” or something similar </LI> <LI> Other generic network related errors, not connected to internet, no network connection, problems checking for updates </LI> </UL> <P> This issue has been fixed in 8.1 but if you really want to know before committing to an upgrade collect a netmon trace from the client while attempting to access internet resources in a Windows 8 App. </P> <UL> <LI> Once collected, filter the trace on “http” </LI> <LI> You will see the client initiating HTTP GET requests and the server repeatedly responding with “proxy authentication required” </LI> <LI> Typically, the client will initiate a GET request, the server will send a “proxy authentication required” the client with authenticate and function normally </LI> <LI> With windows 8 Apps you will see “proxy authentication required” several times </LI> </UL> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93216i542D442D13AA9A06" /> </P> <P> Here is the KB detailing this known issue and it’s workarounds: <A href="#" target="_blank"> Using authenticated proxy servers together with Windows 8 </A> . </P> <P> Lastly, the Windows Firewall service needs to be set to automatic and running for Windows 8 Store Apps to work.&nbsp; It’s also required for a lot of other functionality in Windows 8 and so should not be turned off for any reason. </P> <P> If you use a 3 <SUP> rd </SUP> party Firewall product, then we recommend to configure Windows Firewall to not block any inbound or outbound traffic. </P> <P> Finally, if all other steps fail, you can try clearing the Windows Store cache by running the following command: </P> <P> <B> WSRESET.EXE </B> </P> <P> <B> </B> </P> <P> <B> Additional Resources </B> </P> <UL> <LI> <A href="#" target="_blank"> What to do if you have problems with an app </A> </LI> <LI> <A href="#" target="_blank"> Apps troubleshooter </A> (AppsDiagnostic.diagcab) </LI> </UL> <P> -David </P> </BODY></HTML> Sat, 16 Mar 2019 12:15:30 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/what-to-do-if-your-windows-8-modern-app-fails-to-start/ba-p/375391 CraigMarcho 2019-03-16T12:15:30Z Windows Server 2012 R2 Server Manager Crashes when clicking on Local Computer https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-server-2012-r2-server-manager-crashes-when-clicking-on/ba-p/375385 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Oct 01, 2013 </STRONG> <BR /> <P> Hello everyone!&nbsp; I am writing today to raise awareness of an issue that we have come across recently.&nbsp; I was working on a case with a customer where Server Manager in Windows Server 2012 would crash when he selected the Local Computer tab.&nbsp; While debugging the issue, we found that Server Manager was crashing when trying to display a bitmap image for the Local Computer icon.&nbsp; As we looked further into this, we found that when loading the bitmap image, it was trying to load a color profile in order to display the bitmap image properly.&nbsp; If you have ever worked with color profiles, you will recall that they are stored on disk under the Spooler folder, “C:\windows\System32\spool\drivers\color” and you can view them by loading Color Management from Control Panel, or from the Start screen just type “Color Management” and it will come up. </P> <BR /> <P> Figure 1: Color Management loading color profiles properly: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93211iEB3443952CA4D50B" /> </P> <BR /> <P> We have discovered that if the <STRONG> Print Spooler Service </STRONG> is stopped or disabled in Windows Server 2012 R2, the color profiles will not load properly and Color Management will be blank.&nbsp; If the color profiles are unable to load, then when Server Manager is trying to load them to display the bitmap icon, it returns a null and causes Server Manager to crash.&nbsp; This issue only seems to occur in Windows Server 2012 R2 and not Windows Server 2012. </P> <BR /> <P> Microsoft is aware of the issue and we will keep you posted here. </P> <BR /> <P> <STRONG> *UPDATE 11/7/2014* </STRONG> </P> <BR /> <P> If you experience this issue, please download/install the following hotfix: </P> <BR /> <P> SQL Server Management Studio crashes when you try to start a New Query window in Windows 8.1 <BR /> <A href="#" target="_blank"> http://support.microsoft.com/kb/2908806 </A> </P> <BR /> <P> *Do not worry about it mentioning SQL, as winspool.drv is being updated. </P> <BR /> <P> -Craig </P> </BODY></HTML> Sat, 16 Mar 2019 12:14:42 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-server-2012-r2-server-manager-crashes-when-clicking-on/ba-p/375385 CraigMarcho 2019-03-16T12:14:42Z RD Licensing Configuration on Windows Server 2012 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/rd-licensing-configuration-on-windows-server-2012/ba-p/375383 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Sep 20, 2013 </STRONG> <BR /> <P> Good morning AskPerf! Today we are going to discuss the steps in installing/configuring Windows Server 2012 Remote Desktop Services Licensing in your environment using various available options. </P> <P> <B> Adding a new License Server in a new Deployment </B> </P> <P> Let us assume that you already have created a Remote Desktop Services Deployment. You have a Session Based Collection and a Virtual Desktop based collection as per your business requirement. Now, you have introduced a new Server in the domain that will serve as a License Server for Remote Desktop Services. </P> <P> Before you configure Licensing on any Remote Desktop Server Session Host or Virtualization Host server, the RD Licensing Diagnoser looks like below. To open RD Licensing Diagnoser, Click Tools, go to Terminal Services and click RD Licensing Diagnoser. </P> <P> <BR /> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93193i74BF87A08E1FEA31" /> </P> <P> The image below shows that the RD Session Host Server RDS1.contoso.com neither has a Licensing mode configured nor there is a License server configured for it. </P> <P> In the RD Licensing Diagnoser Information section, it will throw 2 warning(s): <BR /> 1. The licensing mode for the Remote Desktop Session Host server is not configured. <BR /> 2. The Remote Desktop Session Host server is within its grace period, but the RD Session Host server has not been configured with any license server. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93194iB12F5ECA10D84C70" /> </P> <P> Configuring Windows Server 2012 Remote Desktop Services Licensing involves 2 step process. <BR /> <B> </B> </P> <P> <B> Note </B> Make sure that the new License Server is already added to the Server Pool on the RD Connection Broker Server before you add it to the deployment. <BR /> 1. Configuring the Deployment Settings <BR /> a. In the Server manager RDMS console Overview page, click on <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93195i0E1B26240CEE77AD" /> to add a License server which is already added to the domain </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93196i8AB0F4EF7EA6FD2E" /> </P> <P> b. In the ‘Add RD Licensing Servers’ applet choose the server that you want to add to the deployment from the Server Pool and click Next </P> <P> <BR /> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93197iC573F612268E2596" /> </P> <P> c. Click on Add on the Confirmation page and click Add </P> <P> d. If the Licensing Role Service is not already installed, the Wizard will install the role, reboot the system if required and add it to the Deployment. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93198iC9CCEBC7E3616CA3" /> </P> <P> e. Once done, the Overview page will look like this </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93199iEC0474C18737A24A" /> </P> <P> Adding the License server to the deployment will not automatically configure the RD Session Host server or the RD Virtualization Host servers with the Licensing mode type or point them to the License server in the deployment that you just added. To configure them you need to follow below steps. </P> <P> 2. Configuring the Licensing Mode. <BR /> a. In deployment Overview page, select on Tasks and click ‘Edit Deployment Properties’ </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93200i82D3116C8375D375" /> </P> <P> b. In the ‘Deployment properties’ applet, click on the ‘RD Licensing’ page. Here you will see the License server is already added i.e., License.contoso.com in our case, however, the Licensing mode is not selected. Choose the appropriate Licensing mode. Click Apply and OK to exit the wizard. </P> <P> <BR /> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93201iE9588823FEDBDE02" /> </P> <P> c. At this stage the License server is installed, added to the deployment and mode is configured. However, the Licenses are yet to be installed. On the Session Host server or on the RD Virtualization host server License Diagnoser will show up as below </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93202iC14825746E00E593" /> </P> <P> d. Once you have installed the required Licenses and Activated the License server, the console will look something like below </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93203iFC365A821418E96F" /> </P> <P> e. Also make sure to check License Configuration and that there are no Warnings with respect to configuration. The License Server should be part of ‘Terminal Server License’ group in Active Directory Domain Services. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93204iFC08C31DDDCBAA8C" /> </P> <P> <BR /> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93205i19D07C3505D541CE" /> </P> <P> f. On the RD Session Host server if you rerun the Diagnoser, you will see that the server now recognizes the License server the CAL type. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93206i9A8CB716B65FCE68" /> </P> <P> <B> Adding an existing License Server in a new RDS deployment </B> </P> <P> In this scenario, let us assume that you already have an existing License server with all the required licenses installed. You just deployed a RDS deployment and created a collection. You, now want to use the same License server in your environment for the new deployment. </P> <P> The steps are exactly the same as “ <I> 2. Configuring the Licensing Mode </I> ” above. </P> <P> In the ‘Deployment properties’ applet, click on the ‘RD Licensing’ page. In the text box specify the Licensing server name with complete FQDN and then click Add. Choose the appropriate Licensing mode ‘Per device’ or ‘Per User’. Click Apply and OK to exit the wizard. </P> <P> <BR /> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93207i86514525A88F3C90" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93208iD2EBAA2069FDEB36" /> </P> <P> Rest of the steps are similar and should be followed as applicable. </P> <P> <B> Configuring License server manually </B> </P> <P> There might be situation when you want to configure License server on the RD Session Host or on the RD Virtualization Host manually since you do not have any RD Connection Broker in your environment. You have already configured RD Session Host server or Virtualization Host Server as required and now you want to configure the License server which is already installed and configured with licenses. All you are left to do is configure the License Server and the Licensing mode on the corresponding RD session Host or Virtualization Host servers. </P> <P> <B> Note </B> The following commands must be ran from an Administrative PowerShell prompt. </P> <P> To configure the <B> license server </B> on RDSH/RDVH: </P> <BLOCKQUOTE> <P> $obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting </P> <P> $obj.SetSpecifiedLicenseServerList("License.contoso.com") </P> </BLOCKQUOTE> <P> <B> Note </B> “License” is the name of the License Server in the environment </P> <P> To verify the license server configuration on RDSH/RDVH: </P> <BLOCKQUOTE> <P> $obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting </P> <P> $obj.GetSpecifiedLicenseServerList() </P> </BLOCKQUOTE> <P> To change the <B> licensing mode </B> on RDSH/RDVH: </P> <BLOCKQUOTE> <P> $obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting </P> <P> $obj.ChangeMode(value) - Value can be 2 - per Device, 4 - Per user </P> </BLOCKQUOTE> <P> To validate the licensing mode: </P> <BLOCKQUOTE> <P> $obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting </P> <P> $obj. LicensingType </P> <P> $obj.LicensingName </P> </BLOCKQUOTE> <P> <B> Configuring license server using Group Policy </B> </P> <P> Per your design requirements you can also configure License Server using Group Policy in your environment. <BR /> The policy is located here: </P> <P> <BR /> Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Licensing\ </P> <P> <BR /> “Use the specified Remote Desktop license servers” – Provide the FQDN of the license servers to use </P> <P> Set the Remote Desktop licensing mode – Specify the ‘per user’ or ‘per device’ licensing types. </P> <P> <B> Known issue with RD Licensing Diagnoser: <I> </I> </B> </P> <P> You may receive an error “Licenses are not available for this Remote Desktop Session Host server, and RD Licensing Diagnoser has identified licensing problems for the RD Session Host Server” </P> <P> In the RD Licensing Diagnoser Information Section, will show the possible cause and its remediation. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93209i98269027F48B83E6" /> </P> <P> To make sure that the License Diagnoser runs successfully, you need administrator privileges on the license server. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93210i917C3FEC6975FEE9" /> </P> <P> <B> Additional Resources </B> </P> <UL> <LI> <A href="#" target="_blank"> Introduction to Windows PowerShell scripting in Windows Server 2012 Remote Desktop Services </A> </LI> <LI> A very Important Updates relating to Remote Desktop Service: <A href="#" target="_blank"> A servicing stack update is available for Windows RT, Windows 8, and Windows Server 2012: September 2013 </A> </LI> <LI> <A href="#" target="_blank"> Test Lab Guide: Remote Desktop Services Licensing </A> </LI> </UL> </BODY></HTML> Sat, 16 Mar 2019 12:14:27 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/rd-licensing-configuration-on-windows-server-2012/ba-p/375383 CraigMarcho 2019-03-16T12:14:27Z Heads up: New Servicing Stack Update for Windows RT, Windows 8, and Server 2012 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/heads-up-new-servicing-stack-update-for-windows-rt-windows-8-and/ba-p/375363 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Sep 12, 2013 </STRONG> <BR /> Hello AskPerf.&nbsp; Another quick post to alert you of a new update for the Servicing Stack, which is very important for Remote Desktop Services.&nbsp; Previously, installing the Remote Desktop Services role and Active Directory Domain Services role on Windows Server 2012 was not supported.&nbsp; This is now supported after installing the update below, along with a few other improvements. <BR /> <BR /> <A href="#" target="_blank"> A servicing stack update is available for Windows RT, Windows 8, and Windows Server 2012: September 2013 </A> <BR /> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:11:46 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/heads-up-new-servicing-stack-update-for-windows-rt-windows-8-and/ba-p/375363 CraigMarcho 2019-03-16T12:11:46Z RTM bits now available on MSDN/TechNet for Win8.1 & Server 2012 R2 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/rtm-bits-now-available-on-msdn-technet-for-win8-1-server-2012-r2/ba-p/375362 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Sep 09, 2013 </STRONG> <BR /> Hello folks, <BR /> <BR /> We have just announced the availability of Windows 8.1 RTM and Windows Server 2012 R2 on MSDN and TechNet.&nbsp; Please see the following “Official” blog for more information on downloading these bits. <BR /> <BR /> <A href="#" target="_blank"> Getting Windows 8.1 RTM bits </A> <BR /> <BR /> <A href="#" target="_blank"> Attention TechNet and MSDN Subscribers: Windows Server 2012 R2 available for download today </A> <BR /> <BR /> As an FYI, we will be publishing a Mini-Blog Series of some new features in these updates.&nbsp; These blogs will be published around General Availability. <BR /> <BR /> Till then….happy upgrading! <BR /> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:11:42 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/rtm-bits-now-available-on-msdn-technet-for-win8-1-server-2012-r2/ba-p/375362 CraigMarcho 2019-03-16T12:11:42Z Heads up on a new TechNet Blog you may find useful https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/heads-up-on-a-new-technet-blog-you-may-find-useful/ba-p/375361 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Sep 04, 2013 </STRONG> <BR /> Hello Folks, this is a quick post to inform you of a new TechNet blog that is now available.&nbsp; For the past year or so, our own Robert Mitchell has been sending us “Tips of the Day” to our inbox, which are very informative.&nbsp; These quick tips are not only useful, but only require a few minutes to read.&nbsp; Check out his first post entitled “The Beginning” to get a small backstory on its roots. <BR /> <BR /> <A href="#" target="_blank"> Tip of the Day </A> <BR /> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:11:38 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/heads-up-on-a-new-technet-blog-you-may-find-useful/ba-p/375361 CraigMarcho 2019-03-16T12:11:38Z Emerging issue with Windows Server 2012 and the HpCISSs2.sys driver https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/emerging-issue-with-windows-server-2012-and-the-hpcisss2-sys/ba-p/375360 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 09, 2013 </STRONG> <BR /> Hello AskPerf readers.&nbsp; We wanted to alert you to an issue that is generating calls within support here recently.&nbsp; The October 2012 release of the HP HpCISSs2.sys driver is causing Windows Server 2012 to hang or become unresponsive every 3 –7 days. <BR /> <BR /> Check out the blog below that details more information on this issue: <BR /> <BR /> <A href="#" target="_blank"> Windows 2012 servers that use HpCISSs2.sys become unresponsive typically every 3-7 days </A> <BR /> <BR /> <P> -AskPerf Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:11:33 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/emerging-issue-with-windows-server-2012-and-the-hpcisss2-sys/ba-p/375360 CraigMarcho 2019-03-16T12:11:33Z Task Manager in Windows Server 2012 and Windows 8 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/task-manager-in-windows-server-2012-and-windows-8/ba-p/375359 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Aug 09, 2013 </STRONG> <BR /> <P> Good morning AskPerf!&nbsp; This is Digvijay from the Performance team in Bangalore. Following up on my <A href="#" target="_blank"> previous blog </A> about Task Manager for Windows Server 2008 R2, it was very apt to write another one about the Task Manager of Windows Server 2012 &amp; Windows 8. </P> <BR /> <P> My first impression of this new task manager was – Wow! This is really simplified but is still powerful.&nbsp; Let’s have a look at what’s new: </P> <BR /> <P> The first time you open update task manager on Windows Server 2012 / Windows 8, you will be presented with a minimal look: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93175i6521FC98D8A25778" /> </P> <BR /> <P> However, clicking “More details” reveals much more… </P> <BR /> <P> <STRONG> NOTE </STRONG> the Disk &amp; Network columns do not appear on Windows Server 2012.&nbsp; Network usage can be found on the Performance tab, and Disk activity can be found in Resource Monitor. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93176iC5C42B4862555199" /> </P> <BR /> <P> At one glance, we can see how any process is doing and what kind of load its adding on the computer.&nbsp; This will come in handy for troubleshooting those slow response issues as just by looking at the task manager, we can now quickly know who’s thrashing the disk and who’s choking up the bandwidth.&nbsp; Memory and CPU are pretty much the same as previous versions. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93177i40730BD0F39BC15D" /> </P> <BR /> <P> If you expand the Process, you will see more details about that process.&nbsp; Example - expanding the Background processes shows the services that are running inside it, if any exist. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93178i157C4EF485155F67" /> </P> <BR /> <P> If you want to stop a service, we can do it right from here.&nbsp; Just right click and select Stop. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93179iB35501DE82283D3C" /> </P> <BR /> <P> We can also open Services snap-in directly from here. </P> <BR /> <P> Apart from other enhancements, the other good thing I like about this tab is the <STRONG> Open File Location </STRONG> option when you right click on any of the processes. Please note that the context menus are different for a program and an open window inside it. </P> <BR /> <P> Here is an example: </P> <BR /> <P> Right click on Microsoft Word – </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93180i61DC54F3465BCE86" /> </P> <BR /> <P> Right click on Document1 </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93181i705922998744B142" /> </P> <BR /> <P> The next tab is Performance.&nbsp; This tab has been redesigned and made easier to get all the required information about your computer in one place. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93182i4FED02D48644D44D" /> </P> <BR /> <P> The main heads here are – </P> <BR /> <UL> <BR /> <LI> CPU – Shows you all the information you might want to know about your CPU at a glimpse. E.g.&nbsp; The type of CPU on the machine ( the make and model), Clock speed, Total Sockets, Number of Cores, Number of Logical Processors being exposed to the OS as well as if the CPU supports virtualization or not. You also get to know about the L1, L2 and L3 cache present on the machine. </LI> <BR /> </UL> <BR /> <P> This tab also shows the CPU usage history since the time Task Manager was opened.&nbsp; We also expose information of the total number of Processes, Threads and Handles along with the Uptime of the machine. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93183iF46A2F36B0291AB6" /> </P> <BR /> <UL> <BR /> <LI> Memory- Again this tab has been modified to show information that is easy to understand and relate. We see the graph of the memory usage of the last 60 seconds since the time the Task Manager was open. </LI> <BR /> </UL> <BR /> <P> The second graph segregates the amount of pages in the different lists of PFN Database: <BR /> <STRONG> <EM> </EM> </STRONG> </P> <BR /> <P> <STRONG> <EM> In Use </EM> </STRONG> – Memory used by processes, drivers and the operating system. <BR /> <STRONG> <EM> Modified </EM> </STRONG> - Memory whose contents must be written to disk before it can be used for another purpose. <BR /> <STRONG> <EM> Standby </EM> </STRONG> - Memory that contains cached data and code that is not actively in use. <BR /> <STRONG> <EM> Free </EM> </STRONG> - Memory that is not currently in use, and that will be repurposed first when processes, drivers, or the operating system need more memory. </P> <BR /> <P> <STRONG> NOTE </STRONG> that this graph shows the same information that’s shown in the Reliability Monitor in Memory section. </P> <BR /> <P> This page also shows hardware information about the physical memory like number of RAM slots present on the server and used, the Type of memory bus, the Speed of the FSB and any amount of memory reserved by the hardware. (PCI cards, Graphics, shadowing etc.) </P> <BR /> <P> It also summarizes the memory in use and memory available along with committed and cached bytes. <BR /> <STRONG> <EM> </EM> </STRONG> </P> <BR /> <P> <STRONG> <EM> In Use </EM> </STRONG> – The total memory currently used by the OS, the process and drivers running. <BR /> <STRONG> <EM> Available </EM> </STRONG> - This is amount of physical memory that is currently available for use by the operating system. It is equal to the sum of the standby pages and the free pages from the above graph. <BR /> <STRONG> <EM> Committed </EM> </STRONG> - Committed memory is the physical memory in use for which space has been reserved in the paging file should it need to be written to disk. </P> <BR /> <P> "Not true - if you have no paging file you still have committed memory - committed virtual memory is private, nonshareable virtual memory created by processes or the OS or drives that MAY need to be paged out. This always starts out in RAM and *may* get paged out if necessary.&nbsp; So committed memory can be backed by RAM (and if you have no paging file, it remains in RAM until the VM is deleted such as at process exit). </P> <BR /> <P> Even if you have a paging file, space is not reserved for this until such time as it actually DOES get paged out.&nbsp; What Windows *does* make sure is that it doesn't overcommit - meaning private virtual memory allocations are charged against the commit LIMIT (sum of RAM + paging files - though the current commit limit shown in Task Manager or other tools is based on the CURRENT size of the paging file, meaning if paging files are configured to expand [the default when you choose System Managed] that the commit limit will go up as the paging file expands)." </P> <BR /> <P> Thanks to David Solomon for this correction and description! <STRONG> <EM> </EM> </STRONG> </P> <BR /> <P> <STRONG> <EM> </EM> </STRONG> </P> <BR /> <P> <STRONG> <EM> Cached – </EM> </STRONG> This is the sum of the standby and the modified pages as shown in the task manager. <BR /> <STRONG> <EM> Paged Pool </EM> </STRONG> – Memory allocated in the of kernel mode virtual address space to kernel mode components, device drivers etc. These can paged to the pagefile if there is any need to free up physical pages. <BR /> <STRONG> <EM> Non-Paged pool </EM> </STRONG> - Memory allocated in kernel mode virtual address space to kernel mode components, device drivers etc which is guaranteed to be resident in physical memory all the time. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93184i67BF22222380613D" /> </P> <BR /> <UL> <BR /> <LI> Disk – Shows information about the disk drives connected to the machine. ( You will see one or more disks depending&nbsp; on the number of connected physical drives including USB drives) </LI> <BR /> </UL> <BR /> <P> The graph shows the percentage disk activity in the last 60 seconds since Task manager was open. The 2 <SUP> nd </SUP> graph shows the speed at which data is being read/written to the disk in KB/MB per second. </P> <BR /> <P> Here we have information about the make and model of the disk, total capacity and formatted disk space. We also show if a particular disk is a system disk or not (has the Boot files) and if it contains any page file. </P> <BR /> <P> <STRONG> <EM> Active time </EM> </STRONG> - Percentage of time the disk is busy. The lower the better. <BR /> <STRONG> <EM> Average response time </EM> </STRONG> – This is the time taken for the disk to complete individual read/write operation. This includes the time required for the spindles to rotate and the head to move and align to the specific sector for reading the content. <BR /> <STRONG> <EM> Read speed </EM> </STRONG> – Rate at which data is being read from the disk in KB/s. <BR /> <STRONG> <EM> Write </EM> </STRONG> <STRONG> <EM> speed </EM> </STRONG> – Rate at which data is being written to the disk in KB/s. </P> <BR /> <UL> <BR /> <LI> Ethernet – Show all the info that you would like to know about your network card. </LI> <BR /> </UL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93185iEFB9B2DB290A55A3" /> </P> <BR /> <P> The graph shows the network throughout of the last 60 seconds since the time the task manager was open. It also shows the current upload and downloads speed along with the type of connection and the ipv4 and ipv6 address. </P> <BR /> <P> The next tab is dedicated to the Modern UI apps and shows the history of the recently used apps and the amount of resources they have been using (CPU, Network bandwidth) for different operations like Tile updates, Uploads, Downloads, etc. Depending on the setting for downloading over a metered connection, we can also view those sections detailing the amount of network bandwidth used. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93186i2A6A1E3B59BCE886" /> </P> <BR /> <P> The Startup tab shows what we used to see in msconfig in the older OS’s (Win7/2008R2 and earlier) with better information like the impact of the startup application on the startup/login process.&nbsp; If you are experiencing issues with slow logons, or delays in reaching the desktop, this is the first place you need to visit to check and disable the processes having high/medium impact. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93187iA143D87A67C45181" /> </P> <BR /> <P> We can also find information regarding the Disk I/O and CPU usage by the processes listed during the at the startup operation. </P> <BR /> <P> Continuing on we come to the Users tab: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93188iB5004A116C81DF92" /> </P> <BR /> <P> This tab shows you which users are logged on, and what processes are running under their context.&nbsp; Clicking the Disconnect button will obviously disconnect that user, but not log them out. </P> <BR /> <P> Details tab is next: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93189i6F5FE80C4F49AAA2" /> </P> <BR /> <P> This Tab is pretty much similar to the Processes tab under XP/2003/Win7/Server 2008.&nbsp; There are some new options available when you right-click a process name: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93190iBF2614C44F1CBC58" /> </P> <BR /> <P> Finally, we come to the Services tab. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93191i68D9778B135BCC29" /> </P> <BR /> <P> This one is also similar to the same one in Windows 7 / Server 2008.&nbsp; It does add a few additional right-click options however: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93192i7AB033AED3CF88F0" /> </P> <BR /> <P> We hope you are enjoying the newly designed Task Manager in Windows Server 2012 / Windows 8.&nbsp; If you want to read more about Task Manager, check out the following links: </P> <BR /> <P> <A href="#" target="_blank"> Windows 8 / Windows Server 2012: The New Task Manager </A> </P> <BR /> <P> <A href="#" target="_blank"> The Windows 8 Task Manager </A> </P> <BR /> <P> -Digvijay </P> </BODY></HTML> Sat, 16 Mar 2019 12:11:26 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/task-manager-in-windows-server-2012-and-windows-8/ba-p/375359 CraigMarcho 2019-03-16T12:11:26Z What’s New in Task Scheduler for Windows 8 & Server 2012 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/what-8217-s-new-in-task-scheduler-for-windows-8-server-2012/ba-p/375338 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jul 05, 2013 </STRONG> <BR /> <P> Hello AskPerf! This is going to be a quick blog post to alert you to some of the changes in Windows 8 and Server 2012 as it relates to Task Scheduler. Most of these changes are a welcome addition like using <A href="#" target="_blank"> PowerShell to manage Task Scheduler </A> . There were however, some features removed that could affect you in your environment. Those include the following: </P> <BR /> <P> <STRONG> Features Deprecated </STRONG> </P> <BR /> <UL> <BR /> <LI> Action: sendEmail </LI> <BR /> <LI> Action: showMessage </LI> <BR /> <LI> AT.exe cmdline utility </LI> <BR /> </UL> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93172i0489D6030D1772B6" /> </P> <BR /> <P> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93173i13B020F28B8EB241" /> </P> <BR /> <P> <STRONG> Workarounds </STRONG> </P> <BR /> <P> For the “ <STRONG> Send an e-mail </STRONG> ” action, you can use the PowerShell “ <A href="#" target="_blank"> Send-MailMessage </A> ” cmdlet in its place. </P> <BR /> <P> For the “ <STRONG> Display a message </STRONG> ” action, you can use the built-in <A href="#" target="_blank"> msg.exe </A> command line tool. Help file output below: </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93174i8BB2E337DC7EF715" /> </P> <BR /> <P> Since the “ <STRONG> AT </STRONG> ” command has been deprecated, you can use schtasks.exe instead. If you need a command prompt launched as the Local System account, you can use “PSEXEC.EXE -s“. Psexec.exe is part of the PsTools, and can be downloaded <A href="#" target="_blank"> here </A> . </P> <BR /> <P> For more information on what else has been changed since Windows Vista, check out the following MSDN article: </P> <BR /> <P> <A href="#" target="_blank"> What’s New in Task Scheduler </A> </P> <BR /> <P> For more information on the schtasks.exe command, check out the following AskPerf Blog: </P> <BR /> <P> <A href="#" target="_blank"> Two Minute Drill: The Schtasks command </A> </P> <BR /> <P> -AskPerf Blog team </P> </BODY></HTML> Sat, 16 Mar 2019 12:08:45 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/what-8217-s-new-in-task-scheduler-for-windows-8-server-2012/ba-p/375338 CraigMarcho 2019-03-16T12:08:45Z Are you ready for the Windows 8.1 Preview? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/are-you-ready-for-the-windows-8-1-preview/ba-p/375334 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jun 26, 2013 </STRONG> <BR /> If so, it’s here!&nbsp; Check out the blog link below where we get our first taste of Windows 8.1 from our own Brandon LeBlanc: <BR /> <BR /> <A href="#" target="_blank"> The Windows 8.1 Preview is here! </A> <BR /> <BR /> Download page <A href="#" target="_blank"> here </A> . <BR /> <BR /> <BR /> <BR /> <P> -AskPerf Blog Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:08:07 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/are-you-ready-for-the-windows-8-1-preview/ba-p/375334 CraigMarcho 2019-03-16T12:08:07Z New tidbits on Windows 8.1 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/new-tidbits-on-windows-8-1/ba-p/375333 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 30, 2013 </STRONG> <BR /> Today on the Windows Blog, Antoine Leblond gave some insight on what’s to come with Windows 8.1.&nbsp; Check it out here: <BR /> <BR /> <A href="#" target="_blank"> Continuing the Windows 8 vision with Windows 8.1 </A> <BR /> <BR /> As an FYI, this update will be free to those running Windows 8. <BR /> <BR /> <P> -AskPerf Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:07:59 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/new-tidbits-on-windows-8-1/ba-p/375333 CraigMarcho 2019-03-16T12:07:59Z Finally a Windows Task Manager Performance tab blog! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/finally-a-windows-task-manager-performance-tab-blog/ba-p/375332 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 03, 2013 </STRONG> <BR /> <P> Good morning AskPerf!&nbsp; How many times have we looked at Windows Task Manager and wondered what the values on the Performance tab meant?&nbsp; Why do they not add up?&nbsp; What is the difference between Free and Available Memory, etc., etc., etc.?&nbsp; In today’s post, we will take a look at these values and explain what each one means. </P> <P> Below is a screenshot of the Performance tab from a Windows 2008 R2 Server with 16GB RAM and a 16GB page file: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93170i069EE970B4E1ACEC" /> </P> <P> </P> <P> Resource Monitor’s Memory tab looked like this: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93171i06538CF8931595D5" /> </P> <P> <B> </B> </P> <P> <B> The Performance tab is divided into the following sections: </B> </P> <UL> <LI> <B> CPU Usage – </B> This indicates the percentage of processor cycles that are not idle at the moment. If this graph displays a high percentage continuously (and if you are not able to find any process chewing it up, it could be due to interrupts / DPCs. Use Process Explorer to get more details regarding them.&nbsp; It may also mean that processor is overloaded on the system) Depending the number of CPUs on the system, we can see multiple graphs per CPU on the right. </LI> <LI> <B> CPU Usage History - </B> Indicates how busy the processor has been. The graph only shows values since the time the Task Manager was opened. </LI> <LI> <B> Memory - </B> Indicates the percentage of the physical memory that is currently being used. </LI> <LI> <B> Physical Memory Usage History - </B> Indicates how much physical memory is being utilized. It also shows values since Task Manager was opened. </LI> <LI> <B> Physical Memory (MB) - </B> Indicates the total and available physical memory, as well as the amount of memory used by system cache. </LI> <LI> <B> Kernel Memory (MB) - </B> Indicates the memory used by the operating system and the drivers running in kernel mode (Paged and Non-paged pool). </LI> <LI> <B> System - </B> Provides totals for the number of handles, threads, and processes currently running. A process is a single executable program. A thread is an object within a process that runs program instructions. A handle is a reference to a resource used by the operating system. A process may have multiple threads, each of which in turn may have multiple handles. </LI> </UL> <P> We need to keep in mind that the Memory Usage graph (showed in Windows Vista/2008/7/2008R2) is the sum of all the process’s private working set.&nbsp; On older Operating Systems (XP/2003), the PF Usage value seen is the Total System Commit.&nbsp; This represents the <I> potential </I> page file usage, i.e how much pagefile would be used if all the private committed virtual memory in the system had to be paged out to the disk. </P> <P> <B> Now taking a detailed look at the Physical Memory section: </B> </P> <UL> <LI> <B> Total - </B> This counter shows the total amount of RAM that is usable by the operating system. Note that there can be a difference between the Installed RAM and the Total RAM due to Physical Memory shadow setting in BIOS, memory mapped to PCI Device etc. To know more about the reasons for this difference click <A href="#" target="_blank"> here </A> . <B> </B> </LI> <LI> <B> Cached - </B> This represents the sum of the system working set, standby list, and modified page list. If you want to find the matching counters in Perfmon, and then load up the following objects under Memory – Cache Bytes, Modified pages list bytes, Standby cache core bytes, standby cache normal priority byte and standby cache reserve bytes. </LI> <LI> <B> Available - </B> This is amount of physical memory that is currently available for use by the operating system, the drivers and the processes. It is equal to the sum of the standby pages, the free pages and the zero page lists. </LI> <LI> <B> Free - </B> This is the sum of the free pages and the zero page lists. </LI> </UL> <P> <B> Under the Kernel Memory section, we have: </B> </P> <UL> <LI> <B> Paged - </B> This is the currently used Pool paged byte in MB. </LI> <LI> <B> Nonpaged - </B> This is the currently allocated Nonpaged Pool bytes in MB. </LI> </UL> <P> For more details, click <A href="#" target="_blank"> here </A> . </P> <P> <B> Here’s some information about different states of a Page in Memory </B> (Reference: Windows Internal 5 <SUP> th </SUP> Edition): <B> </B> </P> <UL> <LI> <B> Active - </B> (also called Valid) The page is part of a working set (either a process working set or the system working set) or it’s not in any working set (for example, nonpaged kernel page) and a valid PTE usually points to it. </LI> <LI> <B> Standby - </B> The page previously belonged to a working set but was removed (or was perfected directly into the standby list). The page wasn’t modified since it was last written to disk. The PTE still refers to the physical page but is marked invalid and in transition. </LI> <LI> <B> Modified - </B> The page previously belonged to a working set but was removed. However, the page was modified while it was in use and its current contents haven’t yet been written to disk or remote storage. The PTE still refers to the physical page but is marked invalid and in transition. It must be written to the backing store before the physical page can be reused. </LI> <LI> <B> Modified no-write - </B> Same as a modified page, except that the page has been marked so that the memory manager’s modified page writer won’t write it to disk. The cache manager marks pages as modified no-write at the request of file system drivers. For example, NTFS uses this state for pages containing file system metadata so that it can first ensure that transaction log entries are flushed to disk before the pages they are protecting are written to disk. </LI> <LI> <B> Free </B> - The page is free but has unspecified dirty data in it. These pages can’t be given as a user page to a user process without being initialized with zeros, for security reasons. </LI> <LI> <B> Zeroed </B> - The page is free and has been initialized with zeros by the zero page thread (or was determined to already contain zeros). </LI> <LI> <B> ROM - </B> The page represents read-only memory. </LI> <LI> <B> Bad </B> - The page has generated parity or other hardware errors and can’t be used. This is also used internally by the system for pages that may be transitioning from one state to another or are on internal look-aside. </LI> </UL> <P> With that, we have come to the end of this post.&nbsp; Please feel free to post additional questions below.&nbsp; Until next time. </P> <P> -Digvijay </P> </BODY></HTML> Sat, 16 Mar 2019 12:07:54 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/finally-a-windows-task-manager-performance-tab-blog/ba-p/375332 CraigMarcho 2019-03-16T12:07:54Z What killed my process? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/what-killed-my-process/ba-p/375329 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on May 01, 2013 </STRONG> <BR /> <P> Hello, world! </P> <P> We're often challenged with a process that exits unexpectedly, but this doesn't always equate to an application "crash".&nbsp; Occasionally this behavior is caused by cross-process termination, where one process terminates another one. </P> <P> Discovering root cause of this behavior used to be just slightly less cumbersome than a barefoot walk to Mordor, but an easy solution called "Silent Process Exit Monitoring" exists Windows 7/2008R2 and later OS's. </P> <P> The Debugging Tools for Windows includes a GUI utility called GFLAGS.EXE that may be used to enable this monitoring with the following quick steps: </P> <P> 1) Run GFLAGS.EXE and select the Silent Process Exit tab. </P> <P> 2) Type the name of the process that is exiting unexpectedly. </P> <P> 3) Hit the TAB key on the keyboard to refresh the GUI. </P> <P> 4) Check the following boxes: </P> <BLOCKQUOTE> <P> a. Enable Silent Exit Process Monitoring <BR /> This enables the feature and tracks silent process exits in the application event log. <BR /> (Event ID: 3001) </P> <P> b. Enable Notification <BR /> This optionally creates a balloon popup with the same information in the event log. </P> <P> c. Ignore Self Exits <BR /> This prevents superfluous logging when the application exits gracefully, such as when File / Exit is selected from a menu. </P> </BLOCKQUOTE> <P> 5) Click OK to save the change and exit the GFLAGS tool. <BR /> </P> <P> NOTE: The changes will take effect immediately for any new processes launched after the change.&nbsp; A reboot is NOT required. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93168i629AA153120FA587" /> </P> <P> When another process forces termination of the monitored process, the offending process name is listed in a balloon popup and in the application event log. (if this option is selected) </P> <P> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93169i907F8D225F6BA2CD" /> </P> <P> </P> <P> The following is an example of the event log entry. </P> <BLOCKQUOTE> <P> Source:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Microsoft-Windows-ProcessExitMonitor <BR /> Event ID:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 3001 <BR /> Level:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Information <BR /> Description: The process 'calc.exe' was terminated by the process 'I Hate Calculators.exe' with termination code 0. </P> </BLOCKQUOTE> <P> Silent Process Exit may also be configured through the registry remotely if the machine is not accessible via the console or a remote desktop session. </P> <P> <B> Example: </B> </P> <BLOCKQUOTE> <P> Windows Registry Editor Version 5.00 <BR /> [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\calc.exe] <BR /> "GlobalFlag"=dword:00000200 </P> <P> [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\calc.exe] <BR /> "IgnoreSelfExits"=dword:00000001 </P> </BLOCKQUOTE> <P> Note: Substitute the name of the process you want to monitor for CALC.EXE. </P> <P> More information on <A href="#" target="_blank"> Silent Process Exit Monitoring </A> is available on MSDN. </P> <P> Keep this in your bag of tricks for the next time you run into this niche scenario. </P> <P> - Aaron Maxwell </P> </BODY></HTML> Sat, 16 Mar 2019 12:07:29 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/what-killed-my-process/ba-p/375329 CraigMarcho 2019-03-16T12:07:29Z Microsoft Fixit for Printing UPDATED for Windows 7 & Windows Server 2008 R2 https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/microsoft-fixit-for-printing-updated-for-windows-7-windows/ba-p/375326 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 24, 2013 </STRONG> <BR /> Hello folks.&nbsp; This is a quick post to inform you that the “Microsoft Fixit for Printing” is now live with .msi packages for Windows 7 and Windows Server 2008 R2.&nbsp; We know a lot of you have been asking for this for months, and we apologize for how long it took.&nbsp; With that, please see the original blog post below, in which you will find the links. <BR /> <BR /> <STRONG> Microsoft Fixit for Printing </STRONG> <BR /> <BR /> <A href="#" title="http://blogs.technet.com/b/askperf/archive/2012/02/24/microsoft-fixit-for-printing.aspx" target="_blank"> http://blogs.technet.com/b/askperf/archive/2012/02/24/microsoft-fixit-for-printing.aspx </A> <BR /> <BR /> <P> -AskPerf Blog team </P> </BODY></HTML> Sat, 16 Mar 2019 12:07:06 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/microsoft-fixit-for-printing-updated-for-windows-7-windows/ba-p/375326 CraigMarcho 2019-03-16T12:07:06Z Unable to connect to a printer using a CNAME record https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/unable-to-connect-to-a-printer-using-a-cname-record/ba-p/375325 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 23, 2013 </STRONG> <BR /> <P> Good morning AskPerf!&nbsp; My name is Sandeep Bhatia and I work with Networking team here in Microsoft Support.&nbsp; In today’s post, we will discuss Print issues when using a CNAME on Windows 2008 R2 Server, with a non-Microsoft DNS Servers. </P> <BR /> <P> When you connect a printer hosted on Windows 2008 R2 Server using a CNAME alias it returns the following error: </P> <BR /> <P> Operation could not be completed (Error 0x0000079). Double check the printer name and make sure that the printer is connected to the network. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93167iD7043C95C7A43A49" /> </P> <BR /> <P> This error is returned because of the optimization changes to the spooler service in Windows 2008 R2 Server.&nbsp; The Print Spooler service uses the local names to service requests.&nbsp; We’ve verified the name being used is correct and we can connect using the NetBIOS, FQDN and IP address of the server. </P> <BR /> <P> Step one is to make sure the target print server has the DNSOnWire registry key set to 1: </P> <BR /> <P> <B> HKLM\SYSTEM\CurrentControlSet\Control\Print\DNSOnWire </B> (REG_DWORD) <B> </B> </P> <BR /> <P> More details about this registry key is available at <A href="#" target="_blank"> KB979602 </A> </P> <BR /> <P> However, if the DNS Server that the Print server is using is not a Windows based DNS Server we could still see a similar error issue because of how the DNS server formats the reply.&nbsp; When the DNSOnWire registry key is set to 1, the Print Server on startup will send a recursive DNS query expecting to get both the host record (A) the CNAME refers to and the IP address of the host. </P> <BR /> <P> A sample DNS request and reply would look something like this: </P> <BR /> <P> <STRONG> Printserver.contoso.com Dnsserver.contoso.com DNS DNS:QueryId = 0x1389, QUERY </STRONG> (Standard query), </P> <BR /> <P> This will query for printservercname.contoso.com of type ALL on class Internet. </P> <BR /> <P> When the type is set to ALL, the client would expect all the information about the record in on packet.&nbsp; This query is also a recursive query to the DNS server for the name printservercname.contoso.com. </P> <BR /> <P> The second step is to make sure is the DNS server supports both a query type of ALL as well as recursive queries. The DNS server should be compliant with RFC 1035. </P> <BR /> <P> In this example of a non-compliant DNS response, the reply from the DNS Server to the Print server for the DNS query, the DNS Server did not respond back with the IP Address of the Print Server.&nbsp; It does send back the CNAME entry which points to the Print Server’ Host record, but the expectation is both should be returned. </P> <BR /> <P> <B> Dnsserver.contoso.com Printserver.contoso.com DNS DNS:QueryId = 0x1389, QUERY (Standard query), Response - Success, Array[IP Address Of the DNS Servers]&nbsp; {DNS:242, UDP:241, IPv4:240} </B> </P> <BR /> <P> - Flags:&nbsp; Response, Opcode - QUERY (Standard query), AA, RD, RA, Rcode - Success </P> <BR /> <P> RD:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (.......1........) Recursion desired </P> <BR /> <P> - ARecord: printservercname.contoso.com of type CNAME on class Internet: Printserver.contoso.com </P> <BR /> <P> ResourceName: printservercname.contoso.com </P> <BR /> <P> ResourceType: CNAME, Canonical name for an alias, 5(0x5) </P> <BR /> <P> ResourceClass: Internet, 1(0x1) </P> <BR /> <P> TimeToLive: 1800 (0x708) </P> <BR /> <P> ResourceDataLength: 15 (0xF) </P> <BR /> <P> CName: Printserver.contoso.com </P> <BR /> <P> + AuthorityRecord: in.Contoso.com of type NS on class Internet: DNSServer.Contoso.com </P> <BR /> <P> + AdditionalRecord: DNSServer.Contoso.com of type Host Addr on class Internet: 192.168.1.100 </P> <BR /> <P> </P> <BR /> <P> </P> <BR /> <P> Under an ideal scenario, the reply for a recursive query from the DNS Server should look more like: </P> <BR /> <P> <B> Dnsserver.contoso.com Printserver.contoso.com DNS DNS:QueryId = 0x1389, QUERY (Standard query), Response - Success, Array[IP Address Of the DNS Servers]&nbsp; {DNS:242, UDP:241, IPv4:240} </B> </P> <BR /> <P> + Flags:&nbsp; Response, Opcode - QUERY (Standard query), AA, RD, RA, Rcode - Success </P> <BR /> <P> - QRecord: Printservercname.contoso.com of type ALL on class Internet </P> <BR /> <P> QuestionName: printserver.contoso.com </P> <BR /> <P> QuestionType: A request for all records, 255(0xff) </P> <BR /> <P> QuestionClass: Internet, 1(0x1) </P> <BR /> <P> - ARecord: printservercname.contoso.com of type CNAME on class Internet: printserver.contoso.com </P> <BR /> <P> ResourceName: printservercname.contoso.com </P> <BR /> <P> ResourceType: CNAME, Canonical name for an alias, 5(0x5) </P> <BR /> <P> ResourceClass: Internet, 1(0x1) </P> <BR /> <P> TimeToLive: 3600 (0xE10) </P> <BR /> <P> ResourceDataLength: 15 (0xF) </P> <BR /> <P> CName: printserver.contoso.com </P> <BR /> <P> - AdditionalRecord: printserver.contoso.com of type Host Addr on class Internet: 192.168.1.110 </P> <BR /> <P> ResourceName: printserver.contoso.com </P> <BR /> <P> ResourceType: A, IPv4 address, 1(0x1) </P> <BR /> <P> ResourceClass: Internet, 1(0x1) </P> <BR /> <P> TimeToLive: 1200 (0x4B0) </P> <BR /> <P> ResourceDataLength: 4 (0x4) </P> <BR /> <P> IPAddress: 192.168.1.100 </P> <BR /> <P> </P> <BR /> <P> The key takeaway is that the configured DNS Server must return both the CNAME information and the IP Address of the Host in the same response in order to use printing to a CNAME successfully. </P> <BR /> <P> </P> <BR /> <P> <STRONG> **UPDATE April 30th, 2014** </STRONG> </P> <BR /> <P> For&nbsp;some 3rd party DNS providers,&nbsp;they may need to&nbsp;use a QWORD Registry Type instead of a DWORD Registry Type.&nbsp; To do this, you will need to remove the&nbsp;DWORD entries,&nbsp;reboot, then add the QWORD entries. </P> <BR /> <P> [HKLM\SYSTEM\CurrentControlSet\Control\Print] <BR /> "DnsOnWire" (REG_QWORD) Decimal = 1 </P> <BR /> <P> (REG ADD HKLM\system\currentcontrolset\control\print /v&nbsp;DnsOnWire&nbsp;/t REG_QWORD /d 1) <BR /> <BR /> [HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters] <BR /> "DisableStrictNameChecking" (REG _QWORD) Decimal = 1 </P> <BR /> <P> (REG ADD HKLM\system\currentcontrolset\services\lanmanserver\parameters /v DisableStrictNameChecking /t REG_QWORD /d 1) <BR /> <BR /> [HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters] <BR /> "OptionalNames" (REG_SZ) = "aliasname" (C-name record in DNS) </P> <BR /> <P> (REG ADD HKLM\system\currentcontrolset\services\lanmanserver\parameters /v OptionalNames /t REG_SZ) </P> <BR /> <P> </P> <BR /> <P> -Sandeep Bhatia </P> <BR /> <P> <STRONG> Additional Resources: </STRONG> </P> <BR /> <UL> <BR /> <LI> <A href="#" target="_blank"> RFC 1035 - Domain Name System (DNS) Parameters </A> </LI> <BR /> <LI> <A href="#" target="_blank"> KB 979602 - Error message when you try to connect to a printer by using an alias (CNAME) resource record: "Windows couldn't connect to the printer" </A> </LI> <BR /> <LI> <A href="#" target="_blank"> Recursive and Iterative DNS Queries </A> </LI> <BR /> <LI> <A href="#" target="_blank"> Nslookup: set type </A> </LI> <BR /> </UL> </BODY></HTML> Sat, 16 Mar 2019 12:06:58 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/unable-to-connect-to-a-printer-using-a-cname-record/ba-p/375325 CraigMarcho 2019-03-16T12:06:58Z Error with the creation of an unmanaged VDI Pool collection https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/error-with-the-creation-of-an-unmanaged-vdi-pool-collection/ba-p/375323 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Apr 05, 2013 </STRONG> <BR /> <P> Good morning AskPerf!&nbsp; Ramesh here from the Microsoft Platforms Support Team.&nbsp; I am blogging today about an issue I recently worked.&nbsp; This particular issue was with the creation of an Unmanaged Virtual machine-based desktop pool collection on a Windows 2012 Server.&nbsp; When I attempted to create a Virtual machine-based desktop pool collection, the following error appeared: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93166i806EBD8CE74FF934" /> </P> <P> <STRONG> “The VMHostAgent service timed out while waiting for the newly provisioned virtual desktop to start” </STRONG> </P> <P> <STRONG> NOTE </STRONG> the error above is a generic one, and indicates that Remote Desktop did not receive a notification from Hyper-V that the VM started.&nbsp; You likely either have a Hyper-V problem or a problem with the VM itself and further troubleshooting is necessary. </P> <P> During our troubleshooting we noticed the first virtual machine was stuck at “Setup is preparing your computer for first use” and this occurred after the first reboot of the virtual machine during the installation.&nbsp; We collected Panther logs from the virtual machine to identify the cause of the setup issue and found out the system was stuck at executing setupcomplete.cmd, a custom post setup script.&nbsp; This script was part of the windows image from where the template virtual machine was installed. We deleted this script from the template virtual machine after setting up the template virtual machine and ran the Virtual machine-based desktop pool collection wizard and it completed successfully. </P> <P> We also tried to repro the same error and we could do it by disabling the DHCP server.&nbsp; This produced the same error because the new virtual machine was not getting the IP address and was unable to reach a DC.&nbsp; In order to identify the cause for this error during Virtual machine-based desktop pool creation, watch the first virtual machine in the Virtual machine-based desktop pool creation process for any abnormal behaviors.&nbsp; In normal conditions the virtual machine will complete the setup. create a snap shot of the virtual machine, put the virtual machine into saved state and continue to the second virtual machine. </P> <P> <B> </B> </P> <P> <B> Addition Resources </B> </P> <P> <A href="#" target="_blank"> Test Lab Guide: Virtual Desktop Infrastructure Quick Start </A> </P> <P> <A href="#" target="_blank"> Add a Custom Script to Windows Setup </A> (only applies to Windows 7) </P> <P> For Windows Deployment with the Windows ADK, click <A href="#" target="_blank"> here </A> . </P> <P> -Until next time </P> </BODY></HTML> Sat, 16 Mar 2019 12:06:43 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/error-with-the-creation-of-an-unmanaged-vdi-pool-collection/ba-p/375323 CraigMarcho 2019-03-16T12:06:43Z PFE’s Troubleshooting Performance issues with Windows Performance Recorder https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/pfe-8217-s-troubleshooting-performance-issues-with-windows/ba-p/375321 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Mar 26, 2013 </STRONG> <BR /> Hey Folks, one of our peeps on AskPFEplat posted a great blog on Troubleshooting Performance issues using the Windows Performance Recorder app.&nbsp; This tool allows you to easily capture XPERF traces on your *machines.&nbsp; Go check it out! <BR /> <BR /> <A href="#" target="_blank"> Troubleshooting Windows Performance Issues Using the Windows Performance Recorder </A> <BR /> <BR /> <STRONG> *NOTE </STRONG> Windows Performance Toolkit v5.0 is only compatible with Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012. <BR /> <BR /> <BR /> <BR /> <P> -Blake </P> </BODY></HTML> Sat, 16 Mar 2019 12:06:23 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/pfe-8217-s-troubleshooting-performance-issues-with-windows/ba-p/375321 CraigMarcho 2019-03-16T12:06:23Z Incorrect amount of RAM listed https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/incorrect-amount-of-ram-listed/ba-p/375320 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Feb 08, 2013 </STRONG> <BR /> <P> Hello everyone!&nbsp; Aamer here from the Windows Performance team at Microsoft.&nbsp; Recently, I’ve noticed an increase in customer calls regarding the amount of RAM that Windows reports.&nbsp; This blog will discuss the reasons why Windows may report the incorrect amount of installed RAM. </P> <BR /> <P> First off, you should confirm that your OS supports more than 4 GB of RAM by checking to the following MSDN page: </P> <BR /> <P> <A href="#" target="_blank"> Memory Limits for Windows Releases (Windows) </A> </P> <BR /> <P> If your OS appears in this list, yet your OS reports the incorrect amount of RAM, then the following options should be reviewed: </P> <BR /> <P> 1. Disable the redundant memory feature in the BIOS </P> <BR /> <P> <STRONG> NOTE </STRONG> If you add more memory to the system, it is possible that the BIOS will recognize the full amount of physical <STRONG> RAM </STRONG> that is installed in the machine, but Windows will recognize only a part of the <STRONG> RAM </STRONG> .&nbsp; If the machine has a redundant memory feature or a memory mirroring feature that is enabled, the full complement of memory may not be visible to Windows.&nbsp; Redundant memory provides the system with a failover memory bank when a memory bank fails.&nbsp; Memory mirroring splits the memory banks into a mirrored set.&nbsp; Both features are enabled or disabled in the BIOS and cannot be accessed through Windows. </P> <BR /> <P> 2. The maximum amount of physical memory available to the OS and applications is also determined by the following: </P> <BR /> <BLOCKQUOTE> <BR /> <P> a. The number and types of PCI devices installed in the system <BR /> b. Support for PCI Hot Plug capability (PCI Hot Plug reserves additional memory to facilitate swapping of devices without bringing the entire system down) <BR /> c. Processor support and chipset design <BR /> d. If “memory remapping” is enabled in your BIOS (sometimes is necessary to update it for this option to be available) <BR /> e. If you have memory assigned to your graphic card in your BIOS </P> <BR /> </BLOCKQUOTE> <BR /> <P> 3. Check the following blog post: </P> <BR /> <P> <A href="#" target="_blank"> The Mystery of the Missing Memory -or- It Pays to Know Your Hardware </A> </P> <BR /> <P> 4. Engage your Hardware vendor </P> <BR /> <P> <STRONG> HP </STRONG> </P> <BR /> <P> <A href="#" target="_blank"> Search Results for “Incorrect RAM” </A> </P> <BR /> <P> <A href="#" target="_blank"> Search Results for “Less RAM” </A> </P> <BR /> <P> <STRONG> Dell </STRONG> </P> <BR /> <P> We have memory mirroring features on Dell™ PowerEdge™ 1850, PowerEdge 2800, and <BR /> PowerEdge 2850 servers. Dell open manager has the required settings to enable and disable memory mirroring features. </P> <BR /> <P> <A href="#" target="_blank"> Enabling Memory Reliability, Availability, and Serviceability Features on Dell PowerEdge Servers (PDF) </A> </P> <BR /> <P> <STRONG> IBM </STRONG> </P> <BR /> <P> <A href="#" target="_blank"> Incorrect memory size displayed in BIOS with Microsoft Windows Server 2008 when mirrored – IBM System x </A> </P> <BR /> <P> <A href="#" target="_blank"> 5 </A> . It’s highly unlikely, but you could have the “Maximum memory” option set under the “System Configuration” program <BR /> </P> <BR /> <P> Start | Run | MsConfig </P> <BR /> <P> The below Window should open up.&nbsp; Click on “Boot” tab and then the “Advanced options…” button. </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93164i38FA654960563A53" /> </P> <BR /> <P> You should see the below window: </P> <BR /> <P> Check if “Maximum Memory” option is checked and there is a value entered against it. If “Yes” </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93165iE74AA038FCDC6529" /> </P> <BR /> <P> Uncheck this option and reboot, then check to see if the correct amount of RAM is now listed. </P> <BR /> <P> <BR /> I would also advise explicitly checking the BOOT.INI (Server 2003) or BCDEDIT (Server 2008+) to determine if any parameters have been added that may mask memory from the operating system. </P> <BR /> <P> <A href="#" target="_blank"> Boot Parameters to Manipulate Memory (Windows Drivers) </A> </P> <BR /> <P> <A href="#" target="_blank"> 6 </A> . Check the following article for Windows Server 2003: </P> <BR /> <P> <A href="#" target="_blank"> Utilities do not display physical memory greater than 4 GB in Windows Server 2003 and in Windows 2000 Server </A> </P> <BR /> <P> <STRONG> NOTES: </STRONG> </P> <BR /> <UL> <BR /> <LI> The PAE kernel is loaded on Windows Server 2003 SP1+ by default for <A href="#" target="_blank"> DEP </A> support. </LI> <BR /> <LI> Please begin phasing Windows Server 2003 out of your environment, which is out of mainstream support per the <A href="#" target="_blank"> Product Lifecycle </A> . </LI> <BR /> </UL> <BR /> <P> Until next time! </P> <BR /> <P> -Aamer </P> </BODY></HTML> Sat, 16 Mar 2019 12:06:14 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/incorrect-amount-of-ram-listed/ba-p/375320 CraigMarcho 2019-03-16T12:06:14Z PFE's Risk Assessment Program as a Service (RaaS) https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/pfe-s-risk-assessment-program-as-a-service-raas/ba-p/375317 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jan 15, 2013 </STRONG> <BR /> This is just a quick post to advertise our PFE folks and their new RaaS Service. <BR /> <BR /> Yong Rhee and Julio Danoviz from the <A href="#" target="_blank"> MSPFE </A> blog go thru a new service called <A href="#" target="_blank"> RAP as a Service (RaaS) </A> . <BR /> <BR /> A RaaS is a service that provides an in-depth analysis of your environment to try preventing issues from occurring and/or producing a detailed plan to remediate discovered issues and address known risks. <BR /> <BR /> For example:&nbsp; Windows Client RaaS (Windows Desktop Risk Assessment Program (WDRAP)). <BR /> <BR /> Spoilers: They go thru the frequently asked questions! <BR /> <BR /> Go check out the post if you’re interested! <BR /> <BR /> <P> -AskPerf Blog Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:05:52 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/pfe-s-risk-assessment-program-as-a-service-raas/ba-p/375317 CraigMarcho 2019-03-16T12:05:52Z Happy New Year 2013!!! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/happy-new-year-2013/ba-p/375316 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Jan 01, 2013 </STRONG> <BR /> Happy New Year AskPerf Blog Readers!&nbsp; Can you believe that 2012 is now over?&nbsp; Seems like it just flew by to me.&nbsp; Anyway, we had some HUGE&nbsp; product launches in 2012.&nbsp; Some of which come to mind: <BR /> <BR /> <UL> <LI> Windows 8 </LI> <LI> Microsoft Surface </LI> <LI> Windows Server 2012 </LI> <LI> Windows Phone 8 </LI> <LI> Office 2013 </LI> <LI> Outlook.com </LI> <LI> SQL Server 2012 </LI> <LI> Halo 4 </LI> </UL> <BR /> <BR /> Plus many, many, many others…&nbsp; I personally feel that 2013 is going to be EPIC (acceptable buzzword?)!&nbsp; We’re looking forward to getting some awesome content out to you this year, so stay tuned! <BR /> <BR /> With that, we hope you have a fantastic 2013! <BR /> <BR /> <P> -AskPerf Blog Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:05:47 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/happy-new-year-2013/ba-p/375316 CraigMarcho 2019-03-16T12:05:47Z Where has all my Physical RAM gone? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/where-has-all-my-physical-ram-gone/ba-p/375315 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Dec 19, 2012 </STRONG> <BR /> <P> Hello AskPerf! Ranajoy here from the Windows Performance Team. One of our highest call generators here in support surrounds low Available Memory shown in Windows Task Manager. Today we are going to take a brief look at this value and where this “Missing Memory” may be hiding. </P> <P> Picture the following: </P> <UL> <LI> Windows 2008 R2 Server with 64GB RAM </LI> <LI> Windows Task Manager shows Available Memory at 400MB </LI> <LI> Cache shows 60GB used </LI> </UL> <P> Is such a high value in System Cache detrimental to system performance? </P> <P> It’s typically not something to be concerned with because the pages come out of the <I> standby list </I> , to be discussed shortly, but we can use tools like Perfmon or Sysinternals <A href="#" target="_blank"> RAMMap </A> to determine how this memory is divvied up to be sure. </P> <P> Collecting PERFMON and RAMMAP output will show us something similar to the below values: </P> <P> <B> PERFMON Capture </B> </P> <P> Memory&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Minimum&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Maximum&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Average </P> <P> ========================================================================= </P> <P> Available Bytes&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; :&nbsp;&nbsp; 56,495MB |&nbsp;&nbsp; 60,304MB | <B> 58,349MB </B> (Total Available Memory in the System) </P> <P> </P> <P> As you can see, Available Bytes (Available Physical Memory) is around 58GB. </P> <P> A RAMMap capture shows the following: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93161iBC4EDEA055FD1907" /> </P> <P> It would appear that most of our RAM is in Mapped File Usage. So, what do these columns mean? </P> <P> <B> Mapped File: </B> Also known as section objects, mapped “views” of files are when the contents of that file are mapped to virtual addresses in memory. This can be a process mapping views of files into its memory (for reading or writing) or for the system file cache. </P> <P> <B> Active: </B> Pages of physical ram in active use by the specified category (usually a process working set or the system working set). </P> <P> <B> Standby: </B> Pages of physical ram not actively being used. These are still left in physical ram but will be repurposed first by the memory manager (either returned to the active list or zeroed out and reused) if something needs physical ram for active pages. Standby pages are essentially cache – it’s better to have infrequently used data kept in RAM “just in case” than pushing it out to disk when the memory isn’t needed for anything else. </P> <P> As we see here the Cache is mainly comprised of memory pages in the standby list. </P> <P> In this scenario, the OS is keeping Memory pages in Standby so that they can be immediately given to a process or a service requesting RAM. As you can see, Mapped File Total equals the amount of Available bytes we saw in our Perfmon log. </P> <P> Another tool that we can use to review Memory Usage is <A href="#" target="_blank"> Process Explorer. </A> </P> <P> <STRONG> Note: </STRONG> </P> <P> The Process Explorer screenshots are taken from a different machine and under different circumstances. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93162iA4BDE108713DC68E" /> </P> <P> </P> <P> Click View | System Information | Memory tab – the following screen appears: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93163i6339DFFAAF0AD00D" /> </P> <P> The values listed under <B> Physical Memory </B> and <B> Page list(K) </B> will give you deeper Memory details than what Windows Task Manager shows and will suit with the values you see in RAMMAP. </P> <P> -Until next time! </P> </BODY></HTML> Sat, 16 Mar 2019 12:05:43 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/where-has-all-my-physical-ram-gone/ba-p/375315 CraigMarcho 2019-03-16T12:05:43Z Windows 8 / Windows Server 2012: Let the fun begin! https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-let-the-fun-begin/ba-p/375311 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 07, 2012 </STRONG> <BR /> <P> Over the past 2 weeks, we’ve touched on a number of different features of Windows 8 and Windows Server 2012. We hope you have enjoyed reading our Launch Series as blogs much as we have enjoyed writing them for you. </P> <P> Don’t fret – we’ll have plenty more to write about regarding both operating systems in the near future. And with that, we’re done with our Launch Series! Again, we certainly hope you’ve enjoyed it and would love your feedback: </P> <UL> <LI> What did you think about our Windows 8 / Windows Server 2012 Launch Series? </LI> <LI> What do you think about the AskPerf blog in general? </LI> <LI> Are there any topics you would be interested in seeing on AskPerf? </LI> </UL> <P> I would like to say a BIG Thank You to the following people who helped make this Blog Series a success: </P> <TABLE> <TBODY><TR> <TD> <UL> <LI> <STRONG> Aaron Maxwell </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Jim Martin </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Don Geddes </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Jeff Worline </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Craig Marcho </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Raul Martinez </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Adam Richards </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Syed Yusuf </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Ankit Oberoi </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Tushank Java </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Ishu Sharma </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Ritika Ahuza </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Ritesh Kumar </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Shahnawaz Ahmad </STRONG> </LI> <STRONG> </STRONG> <LI> <STRONG> Rahul Sharma </STRONG> </LI> </UL> </TD> <TD> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93159i1393DE0AF169C6B5" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93160iDB8CC71721184D5E" /> </P> </TD> </TR> </TBODY></TABLE> <P> P.S. Don’t forget to check out the following links for more information on Windows 8 and Windows Server 2012. </P> <P> <A href="#" target="_blank"> Windows 8 </A> </P> <P> <A href="#" target="_blank"> Windows 8 Blog </A> </P> <P> <A href="#" target="_blank"> Windows Server 2012 </A> </P> <P> <A href="#" target="_blank"> Windows Server Blog </A> </P> </BODY></HTML> Sat, 16 Mar 2019 12:05:12 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-let-the-fun-begin/ba-p/375311 CraigMarcho 2019-03-16T12:05:12Z Windows 8 / Windows Server 2012: A brief look at the new Server Manager https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-a-brief-look-at-the-new-server/ba-p/375308 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 06, 2012 </STRONG> <BR /> <P> Well, we are about finished.&nbsp; Only one post left after this one.&nbsp; Today marks the 15th post in our Launch Series and I know you’ll enjoy reading this one.&nbsp; With that said, let’s dive right in! </P> <P> If you have installed Windows Server 2012, I'm sure you have noticed that Server Manager looks a lot different.&nbsp; The previous MMC-based Server Manager worked very well in many respects.&nbsp; The hierarchical organization was very logical and the familiar MMC snap-ins were easy to use.&nbsp; So why change it? </P> <P> Server Manager has been rewritten from the ground up with a focus on providing true multi-server management support from a single console, as well as extended capabilities for Windows role and feature installation. </P> <P> Like any UI changes, it might be a little disorienting at first, but once you learn the basics of navigating it, I think you will find it easy to use and very powerful. </P> <P> When Server Manager first launches, it defaults to the Dashboard configuration view for the local server: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93148i4EE99D910EA3325C" /> </P> <P> Understanding the layout is key to becoming productive with the new UI. Let's take a look. </P> <P> <B> Navigation pane(s) </B> </P> <P> The pane on the left side is the primary navigation pane.&nbsp; It always includes the Dashboard, the Local Server, and the All Servers group by default. </P> <P> The installation of some roles and features adds groups specific to them to the navigation pane.&nbsp; Examples of roles that do this are File and Storage Services, Remote Desktop Services, Hyper-V, and DNS.&nbsp; The entry in the navigation pane for such a role (File and Storage Services in the screen shot above, for example) often has a "&gt;" to the right of it.&nbsp; If you click that entry, it will expose a secondary navigation pane that includes the rest of the management hierarchy for that role. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93149iD3C49656DBE1E942" /> </P> <P> From that point, you can select entries in the secondary pane to expose tasks related to each topic.&nbsp; This is where most of the management work will be done for a lot of roles and features. </P> <P> You can add servers to the <B> All Servers </B> group by right-clicking it and selecting <B> Add Servers </B> .&nbsp; You can also create your own group by selecting <B> Create Server Group </B> from the <B> Manage </B> command menu on the command bar (the Command bar is discussed below).&nbsp; Server groups allow you to monitor and manage servers that have been delegated to an administrative person or team, that have related roles, or for which it otherwise makes sense to configure and manage them collectively. </P> <P> <B> Address bar </B> </P> <P> That's the wide gray bar that contains "Server Manager &gt; Dashboard" in our first screen shot.&nbsp; It simply indicates where your current focus is within Server Manager.&nbsp; It functions much like the address bar in Windows Explorer.&nbsp; You can overtype the path, or click on the "&gt;" to select different locations within the path. </P> <P> <B> Command bar </B> </P> <P> The portion of the wide gray bar that includes the flag icon and command options to the right of it.&nbsp; Again, these work like the menus in command bars of applications like Office apps.&nbsp; Click on each to see what commands are exposed. </P> <P> The notification flag alerts you about actions that need attention.&nbsp; These can include such things as further configuration of a role required or the restart of the system to complete role installation.&nbsp; The notification flag shows the number of available tasks as a number underneath the flag as shown below. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93150i248CCA9FED933225" /> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93151i40CE08D16A84E51D" /> </P> <P> Selecting the flag displays more details about the additional action(s) required. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93152i15848C97A619DDDB" /> </P> <P> You can click <B> Task Details </B> to even more details about the specific tasks (I'll spare you the additional screen shot). </P> <P> The <B> Manage </B> menu includes actions that can be performed to configure Server Manager, or actions to be performed against the server or group selected in the navigation pane(s).&nbsp; The most common tasks are adding or removing roles or features, creating server groups, and adding servers to the selected group. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93153i7FCE8C537DCF075B" /> </P> <P> The <B> Tools </B> menu allows you to launch commonly used administrative tools and applications from within Server Manager.&nbsp; Role or feature installation can add additional tools to this menu based on whether the role or feature includes a tool as part of role installation so the list of available tools can grow with server configuration. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93154iB5575EE47A6065DF" /> </P> <P> <B> Server thumbnails </B> </P> <P> At the bottom of the Dashboard page, you will see a box for each server and group listed in the navigation pane. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93155iCCCCA635AFFC4F46" /> </P> <P> These "thumbnails" allow you to monitor and be alerted about issues that might affect the operation of the server(s).&nbsp; Each thumbnail includes a quick status of one or more of these: </P> <UL> <LI> <B> Manageability </B> - Whether servers in the group are accessible and otherwise manageable. </LI> <LI> <B> Events </B> - Recent events that met or exceeded a configured threshold. </LI> <LI> <B> Services </B> - Services that are configured to auto-start, but are not currently started. </LI> <LI> <B> Performance </B> - Whether configured performance thresholds have been exceeded. </LI> <LI> <B> BPA results </B> - Best Practice Analyzer results that indicate errors. </LI> </UL> <P> As you might guess, Red indicates a threshold has been exceeded and the number of those within each category that exceeded it is displayed.&nbsp; Green means all is well.&nbsp; If you click on each category, you will see more details about each alert, plus you can configure the alert thresholds to suit your needs.&nbsp; Again, I will spare you the gratuitous screen shots.&nbsp; You will get the most benefit from exploring on your own once you know the basics. </P> <P> <B> Configure this local server </B> </P> <P> On the Dashboard you will see <B> Configure this local server </B> as the first configuration task. As it implies, this is the first place you want to go to perform basic configuration tasks for any server, including changing the server name, joining a domain, configuring networking, setting time zone, etc. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93156iB6759609827A053B" /> </P> <P> Each of the items on that page are self-explanatory and are what you would typically see in WS 2008 R2 on the home page of the old Server Manager, in the properties of the Computer, or in the Initial Configuration Tasks. </P> <P> <B> I'll leave you with a parting tip! </B> </P> <P> There are perhaps a handful of ways to launch tools or tasks to be performed on a selected server or group.&nbsp; Each can have different options depending on the context (which server or group is selected, for example). </P> <P> In general, I use Manage and Tools on the Command Bar when I want to perform a task on my local server, or a global task not specific to an individual server or group.&nbsp; For example, I don't want to be in the context of a Hyper-V server within Server Manager to launch Hyper-V Manager on my local machine. </P> <P> But when you want to perform tasks on a specific server, the fastest way often is to right-click the server under All Servers or another group and choose the task from the list. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93157i0C8BE58D05CA23AD" /> </P> <P> When managing a specific role, the <B> Tasks </B> drop-down in the upper right corner of each details pane provides a list of tasks that are relevant to the node selected in the navigation pane(s). </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93158i443CBB434D188F76" /> </P> <P> That’s it folks!&nbsp; We’ve come to the end of our Launch Series.&nbsp; We’ll have one more blog tomorrow to recap and talk about what lies ahead for upcoming posts.&nbsp; In the meantime, you can check out the AskCore Blog site for their launch series: </P> <P> <A href="#" target="_blank"> Ask the Core Team </A> </P> <P> -AskPerf blog Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:04:53 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-a-brief-look-at-the-new-server/ba-p/375308 CraigMarcho 2019-03-16T12:04:53Z Windows 8 / Windows Server 2012: Windows PowerShell Web Access https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-windows-powershell-web-access/ba-p/375296 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 05, 2012 </STRONG> <BR /> <P> Day 14 is upon us!&nbsp; In today’s post, we are going to take a look at the new feature in Windows Server 2012 called PowerShell Web Access. </P> <P> What is PowerShell Web Access?&nbsp; Glad you asked! </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93145i60CBD21CCA3A8C94" /> </P> <P> Windows PowerShell Web Access is a new feature in Windows Server 2012 that acts as a Windows PowerShell gateway, providing a web-based Windows PowerShell console that is targeted at a remote computer.&nbsp; It enables IT Pros to run Windows PowerShell commands and scripts from a Windows PowerShell console in a web browser, with no Windows PowerShell, remote management software, or browser plug-in installation necessary on the client device.&nbsp; All that is required to run the web-based Windows PowerShell console is a properly-configured Windows PowerShell Web Access gateway, and a client device browser that supports JavaScript and accepts cookies. </P> <P> Examples of client devices include laptops, non-work personal computers, borrowed computers, tablet computers, web kiosks, computers that are not running a Windows-based operating system, and cell phone browsers.&nbsp; IT Pros can perform critical management tasks on remote Windows-based servers from devices that have access to an Internet connection and a web browser. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93146i485746D02938CEA7" /> </P> <P> </P> <P> Here is diagram with a high overview of how PowerShell Web Access works: </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93147i38E90C5FAFD16D96" /> </P> <P> <B> </B> </P> <P> <B> Supported desktop computer browsers </B> </P> <UL> <LI> Windows Internet Explorer for Microsoft Windows 8.0, 9.0, and 10.0 </LI> <LI> Mozilla Firefox 10.0.2 </LI> <LI> Google Chrome 17.0.963.56m for Windows </LI> <LI> Apple Safari 5.1.2 for Windows </LI> <LI> Apple Safari 5.1.2 for Mac OS </LI> </UL> <P> <B> Minimally-tested mobile devices or browsers </B> </P> <UL> <LI> Windows Phone 7 and 7.5 </LI> <LI> Google Android WebKit 3.1 Browser Android 2.2.1 (Kernel 2.6) </LI> <LI> Apple Safari for iPhone operating system 5.0.1 </LI> <LI> Apple Safari for iPad 2 operating system 5.0.1 </LI> </UL> <P> We could go on and on about the new PSWA, but this blog is just to wet your appetite.&nbsp; To give you a little jump start with PSWA, here is the three-step process for setup and configuration. </P> <BLOCKQUOTE> <P> <A href="#" target="_blank"> Step 1: Installing Windows PowerShell Web Access </A> </P> <P> <A href="#" target="_blank"> Step 2: Configuring the gateway </A> </P> <P> <A href="#" target="_blank"> Step 3: Configuring authorization rules and site security </A> </P> </BLOCKQUOTE> <P> This concludes our post for today.&nbsp; For more information on PSWA, check out the following link: </P> <P> <A href="#" target="_blank"> Use the Web-based Windows PowerShell Console </A> </P> <P> Come back tomorrow to learn more about the new Server Manager. </P> <P> -AskPerf blog Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:03:19 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-windows-powershell-web-access/ba-p/375296 CraigMarcho 2019-03-16T12:03:19Z Windows 8 / Windows Server 2012: How do I print in Windows 8 Modern UI Applications? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-how-do-i-print-in-windows-8-modern/ba-p/375292 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 04, 2012 </STRONG> <BR /> <P> It’s day 13 of our Launch Series and we are nearing the finish line.&nbsp; Today we are going to look at ways to print from your Modern UI Apps. </P> <BR /> <P> So you have loaded Windows 8, and need to print from one of the new Modern Apps that have installed, but you do not see a ‘print’ icon, and there is no “File, Print, …” menu.&nbsp; Windows 8 includes a new user interface that is designed to help users easily discover and install devices.&nbsp; Print, Fax, and Scan devices are installed from the Settings or Devices charms: </P> <BR /> <P> <STRONG> Charms Bar with Devices and Settings </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93137i7147597C790B80C4" /> </P> <BR /> <P> </P> <BR /> Adding Devices <BR /> <P> To install a Printer using the Windows 8 Modern App style interface, do the following: </P> <BR /> <OL> <BR /> <LI> Activate the Charms bar by swiping in from the right edge of a touch screen, pressing the Windows+C keys on the keyboard, or moving the mouse to the upper right corner of the display. </LI> <BR /> <LI> Click or touch <B> Settings </B> , and then <B> More PC Settings </B> . </LI> <BR /> <LI> Click or touch <B> Devices </B> , and then click or touch <B> Add a device </B> . </LI> <BR /> <LI> Windows will scan the network for devices and display the list of printers that were found.&nbsp; If the administrator has published printers to the active directory then they should show up at the top of the list. </LI> <BR /> </OL> <BR /> <P> <STRONG> Searching for Devices </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93138iD2E698E14301830F" /> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 5. Click or touch the device that you wish to install and it will be added to the list of devices. If the printer is using a Version 4 driver then no other user interaction is necessary to install the device. </P> <BR /> </BLOCKQUOTE> <BR /> <P> <STRONG> Installed Printer </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93139iD8CA3B78CE0C9CCC" /> </P> <BR /> Printing from Windows 8 Modern Apps <BR /> <P> Windows 8 has a new user interface for discovering and printing to print devices on a network.&nbsp; A Modern App that runs in the Windows 8 interface may have a custom printing interface that is accessible via the application bar or it may provide a printing link similar to the Modern App style Internet Explorer application. </P> <BR /> <P> Additionally, the CTRL + P hotkey will activate the shell print dialog. </P> <BR /> <P> <STRONG> Note </STRONG> Not every Modern App will allow you to print from it. </P> <BR /> <P> To print a document from a Windows 8 Modern App, do the following: </P> <BR /> <BLOCKQUOTE> <BR /> <P> 1. Use the application user interface and select the Print option or use the CTRL + P hotkey to activate the Printing interface. </P> <BR /> </BLOCKQUOTE> <BR /> <BLOCKQUOTE> <BR /> <P> 2. Choose a device to print to by clicking or touching the Print device icon: </P> <BR /> </BLOCKQUOTE> <BR /> <P> <STRONG> Choosing a print device </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93140iF17E96DFC0FE0834" /> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 3. A print preview and basic print settings are displayed. The document can be printed using the <B> Print </B> button: </P> <BR /> </BLOCKQUOTE> <BR /> <P> <STRONG> Basic print settings </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93141iA927A6F3D1B10719" /> </P> <BR /> <BLOCKQUOTE> <BR /> <P> 4. Clicking on More Settings will activate the advanced print settings dialog where page layout, paper and quality, and output options can be specified: </P> <BR /> </BLOCKQUOTE> <BR /> <P> <STRONG> More settings </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93142i85C06C659420A5B9" /> </P> <BR /> <P> But now you’ve launched the Bing News app, and you are trying to print.&nbsp; You do not see printers when you open the Charms and go to Devices.&nbsp; You may see something like this: </P> <BR /> <P> <STRONG> No Printers </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93143iAAFE6051AFDA5936" /> </P> <BR /> <P> When you see this, it indicates that this app does not support printing, or that you have no printers installed.&nbsp; We covered adding printers at the beginning of this blog, so we’ll take a guess that this app does not support printing.&nbsp; What do you do from here?&nbsp; Well, no need to worry.&nbsp; Some Modern Apps do support opening the article in Internet Explorer, and you can then print the article from there.&nbsp; To do this, you can right click in the article you are viewing, and see the following at the bottom of the screen: </P> <BR /> <P> <STRONG> View in Browser </STRONG> </P> <BR /> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93144i99475A0ABBCDC452" /> </P> <BR /> <P> Click on <B> View in browser </B> , and you can then print from Internet Explorer the same way we mentioned above. </P> <BR /> <P> The following apps installed with Windows 8 support printing from within the app: </P> <BR /> <UL> <BR /> <LI> Mail </LI> <BR /> <LI> Photos </LI> <BR /> <LI> News (only when viewing My News and use the open in browser method) </LI> <BR /> <LI> Bing Finance (when you use open in browser) </LI> <BR /> <LI> Maps </LI> <BR /> </UL> <BR /> <P> The following apps <I> <STRONG> do not </STRONG> </I> support printing from within the app: </P> <BR /> <UL> <BR /> <LI> Bing </LI> <BR /> <LI> Finance </LI> <BR /> <LI> Sports </LI> <BR /> <LI> Travel </LI> <BR /> <LI> Weather </LI> <BR /> <LI> Messaging </LI> <BR /> <LI> People </LI> <BR /> <LI> Calendar </LI> <BR /> <LI> SkyDrive </LI> <BR /> </UL> <BR /> <P> And there you have it, everything you need to know about printing in the new Windows 8 Modern App interface!&nbsp; Thanks for reading!&nbsp; We'll take&nbsp;a brief look at Windows PowerShell Web Access in tomorrow's post. </P> <BR /> <P> -AskPerf blog Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:02:48 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-how-do-i-print-in-windows-8-modern/ba-p/375292 CraigMarcho 2019-03-16T12:02:48Z Windows 8 / Windows Server 2012: What’s new with Printing in Windows 8? https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-what-8217-s-new-with-printing-in/ba-p/375283 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 03, 2012 </STRONG> <BR /> Hello AskPerf!&nbsp; Welcome to day 12 of our Launch Series.&nbsp; Today we are going to take a look at what’s new in Printing with Windows 8! <BR /> <BR /> With Windows 8, we have redesigned the printer driver model; it has remained relatively unchanged since the introduction of Version 3 or V3 drivers in Windows 2000.&nbsp; The v3 model relies heavily on OEMs to produce customized drivers for each specific device to make sure that specific features of each print device can be accessed by Windows applications.&nbsp; Managing a printing infrastructure using the v3 driver model requires the administrator to manage a large number of drivers, and to manage drivers on client machines as well as servers, resulting in the requirement to manage both 32-bit and 64-bit print drivers to support both of these client architectures. <BR /> <BR /> <A> <B> V4 Model Overview </B> </A> <B> </B> <BR /> <BR /> The version 4 print driver model provides a simple but flexible management experience. Some of the benefits of version 4 drivers are: <BR /> <BR /> <UL> <LI> Printer sharing does not require the installation of drivers that match the client architecture </LI> <LI> Driver files are isolated from each other, preventing driver filename conflicts </LI> <LI> A single driver can support a single device or multiple devices </LI> <LI> Drivers are typically smaller than version3 drivers, and installation times are typically faster than comparable version 3 drivers </LI> </UL> <BR /> <BR /> Using the version 4 driver model, OEMs can provide <B> Print Class Drivers </B> that support features that are common to a broad set of devices that use the same printer description language, such as PCL, PS, or XPS. Print Class Drivers also provide the following benefits: <BR /> <BR /> <OL> <LI> Driver packages are smaller and printer driver files are less likely to cause stability problems </LI> <LI> The administrator has to manage fewer drivers </LI> </OL> <BR /> <BR /> Version 4 print drivers can be distributed via Windows Update or Windows Software Update Services (WSUS), but are not distributed to print clients from the print server. <BR /> <BR /> <B> Printer Sharing Changes </B> <BR /> <BR /> Printer Sharing has been updated in Windows 8 as well, primarily to meet demands of modern users and to support the new Driver Model. <BR /> <BR /> Previously, we relied on both server and client machines to use identical drivers.&nbsp; If you have ever had to manage a print server with x64 and x86 print drivers, you know this can be difficult to get working.&nbsp; Sometimes driver versions may be incompatible and cause client connection errors, or errors when establishing connections. <BR /> <BR /> With the new v4 driver model and the sharing implementation that it supports, the goal is to make the end-user and administrative experience as easy as possible. <BR /> <BR /> The new features that define the changes that were made are summarized here: <BR /> <BR /> <UL> <LI> Clients can use enhanced Point and Print to generate print jobs that the server can use without using a device specific driver. </LI> <LI> Servers contain the configuration and capabilities of the printer and communicate that data to a client computer in a way that the client can use without needed a device specific driver. </LI> <LI> With the new v4 driver model the print server will no longer be a software distribution mechanism.&nbsp; Previous versions of Windows provided a method for print clients to obtain a driver from the print server.&nbsp; This functionality has been removed for enhanced point and print.&nbsp; Several reasons brought this change such as security, compatibility, serviceability and reliability.&nbsp; Down-level client computers like Windows 7 will still be able to receive the enhanced Point and Print Compatibility driver from Windows Server 2012 to enable compatibility with v4 print shares.&nbsp; Client computers running Windows 8 have enhanced Point and Print support built into the operating system, and they can use standard point and print mechanisms to obtain matching v3 drivers if the administrator wants to continue using older drivers.&nbsp; Device specific v4 drivers can also be deployed to Windows 8clients, or downloaded from Windows Update/WSUS in order to provide additional features or capabilities, such as client side rendering when connecting to enhanced Point and Print shares. </LI> </UL> <BR /> <BR /> With the new changes that arrive with Enhanced Point and Print and the new v4 Printer Driver Model in Windows 8 and Server 2012, printing is about to be much easier for administrators and more trouble free for end users!&nbsp; Thanks for reading, and we hope you enjoy Windows 8.&nbsp; For more in-depth information, please see the following TechNet article: <BR /> <BR /> <A href="#" target="_blank"> Print and Document Services Architecture </A> <BR /> <BR /> In tomorrow’s post, we’ll take a look at Printing within Windows 8. <BR /> <BR /> <P> -AskPerf blog Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:01:35 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-what-8217-s-new-with-printing-in/ba-p/375283 CraigMarcho 2019-03-16T12:01:35Z Windows 8 / Windows Server 2012: Session based Desktop Deployment https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-session-based-desktop-deployment/ba-p/375282 <HTML> <HEAD></HEAD><BODY> <STRONG> First published on TECHNET on Nov 02, 2012 </STRONG> <BR /> <P> It’s day 11 of our Launch Series, and day 4 of our RDS series.&nbsp; The past few posts, have covered the numerous User Interface changes and enhancements that have been made within Windows Server 2012 with regards to Remote Desktop Services (RDS).&nbsp; Today we are going to do a walkthrough of creating a Session Based Desktop deployment and describe the supported methods of accessing session-based collections. </P> <P> <B> Session-based Desktop Deployment Walkthrough </B> </P> <P> 1. Open <B> Server Manager </B> , Click on <B> Add Roles and Features , </B> Select <B> Remote Desktop Services Installation </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93108iFD0A5F99D5BAC582" /> </P> <P> 2. Select <B> Deployment Type </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93109iB3B7F309695D90A8" /> </P> <P> 3. Select the <B> Session-based desktop </B> Deployment and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93110i67B58C6D4667A47F" /> </P> <P> 4. Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93111iC992B3F065997640" /> </P> <P> 5. Select the <B> RD Connection Broker Server </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93112iF7E22D657A349632" /> </P> <P> 6. Select the <B> RD Web Access Server </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93113i032B6EC3C3AD4E2B" /> </P> <P> 7. Select the <B> RD Session Host Server </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93114iA0F8CA77392E580C" /> </P> <P> 8. <B> Confirm Selection </B> and Check <B> Restart the Destination automatically if required </B> and Click <B> Deploy </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93115i82B73F79E3636EE0" /> </P> <P> After completion of this process, the RD Connection Broker , RD Web Access , and RD Session Host roles will have been installed. </P> <P> The next step is to create a collection. </P> <P> 1. Open the <B> Server Manager </B> , Click <B> Remote Desktop Services </B> and Select <B> Collections </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93116i823C59E2B6EB1EC3" /> </P> <P> 2. In <B> Collection </B> Section, Click <B> Tasks </B> and Select <B> Create Session Collection </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93117iB34B55574A8BBFC9" /> </P> <P> 3. <B> Create Collection Window </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93118i3F1B4185943B51D0" /> </P> <P> 4. Type the <B> Name of the Collection </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93119iB6FC1B09F5B48D79" /> </P> <P> 5. Specify the <B> RD Session Host Server </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93120i55313E1434F98D7D" /> </P> <P> 6. Specify <B> User Groups </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93121iBCE12533491716E3" /> </P> <P> 7. Specify the <B> User Profile Disk </B> with the UNC Path if you want and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93122i5B435D66B8B33AE1" /> </P> <P> 8. <B> Confirm Selections </B> and Click <B> Create </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93123iE2B8CF3A70A9E038" /> </P> <P> It will take several minutes for the creation process to complete. When the collection has been created, you can publish RemoteApps within the collection: </P> <P> 1. Select <B> RemoteApp </B> ( Name of Collection) under Collections Tile and Click on <B> Publish Remote App Programs </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93124i7AF9FB29A34A8B5E" /> </P> <P> 2. Select <B> Remote APP Programs </B> and Click <B> Next </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93125i5B570F5FCC5D03B1" /> </P> <P> 3. <STRONG> Confirmation </STRONG> and Click <B> Publish </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93126i263922066F161D88" /> </P> <P> 4. In RemoteApp Programs, you will see the Remote Apps Listed. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93127iE5E33BB2BFA489F1" /> </P> <P> 5. We can assign the <B> Remote apps </B> to <B> Specific Users </B> . Right Click on <B> Calculator </B> ,Select <B> Properties. </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93128iB86BC993FBF925AE" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93129i33FA30DE7062321B" /> </P> <P> 6. We can publish the remote apps in virtual folders. </P> <P> 7. Expand the <B> User Assignment </B> and Select <B> Only specified users and groups </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93130i8F1B7F93DA18D156" /> </P> <P> A RemoteApp has now been published. </P> <P> There are two supported methods of accessing sessions and RemoteApps that are part of a session collection: </P> <OL> <LI> Web Access </LI> <LI> WebFeed ( Remote App Desktop Connections) </LI> </OL> <P> <STRONG> Web Access </STRONG> </P> <P> The Web Access method can be used to access (launch) RemoteApps or Desktop Sessions. The screenshot below shows the RDWeb page without Folders. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93131i87B0CED6F18E5D8C" /> </P> <P> <STRONG> WebFeed (RemoteApp and Desktop Connection) </STRONG> </P> <P> RemoteApp and Desktop Connection allows RemoteApps to be deployed and accessed on the client machine's Start menu (Windows 7) or Start screen (Windows 8).&nbsp; To configure RemoteApps and Desktop Connection on the client: </P> <P> 1. Open <B> Control Panel </B> , Select <B> Remote App and Desktop Connections </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93132iCABB815AE4371231" /> </P> <P> 2. Type the <B> Url </B> and Click <B> Next </B> . URL should be your web access sever name/rdweb/Feed/webfeed.aspx </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93133i55066A6311B0CEC8" /> </P> <P> 3. Click <B> Finish </B> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93134i26749D1C51F4A2E2" /> </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93135i01BA8EA068E3C5C6" /> </P> <P> 4. We should now see the shortcuts on the Start screen. </P> <P> <IMG src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/93136i67A5C31EA0EFC9F5" /> </P> <P> </P> <P> That concludes our 4 part mini series on RDS.&nbsp; Hopefully now you know how to install the RDS components in Windows Server 2012.&nbsp; We will go into more details surrounding these features at a later time.&nbsp; With that, tomorrows post is going to take a look at what’s new in Printing for Windows 8. </P> <P> -AskPerf blog Team </P> </BODY></HTML> Sat, 16 Mar 2019 12:01:28 GMT https://gorovian.000webhostapp.com/?exam=t5/ask-the-performance-team/windows-8-windows-server-2012-session-based-desktop-deployment/ba-p/375282 CraigMarcho 2019-03-16T12:01:28Z