RDP, LogMeIn, VNC etc -
The most common issue is an unstable IP protocol stack. Try running "netsh int ip reset c:\ipreset.log"
The other common issue is trojan redirectors attempting to override the DNS which causes connections to drop.
If this goes away by the user connecting in Safe Mode with Networking, then you have an issue with a trojan, a firewall application, or an a/v application trying to block the system.
Monday, February 22, 2010
Saturday, February 06, 2010
Email Administrator Tips - Volume 1
When you are performing the email administration role, there are some important things to keep in mind and to test on a regular basis.
Here's some basic Email services checklist items:
Test Remote Email Web Access -
Make sure you can successfully connect and log in to Outlook Web Access (OWA) etc.
Check that all Email services are running -
You either need to confirm these yourself on a daily basis or setup availability monitoring via RMon etc. Some of these services can be continuosly monitored from your desktop using Exchange Monitor.
Check Mail queues -
Check in Exchange System Manager (or equivalent) that there are no pending emails in the mail (SMTP) queues.
Check Size of Mailbox stores -
Managing the size of your email databases is critical especially in Small Business environments where disk space is at a premium.
Exchange uses single-instance storage, so if a message is sent to 20 employees, only one copy is kept in the mailstore DB.
This keeps the size of the store down, but the mailbox list counts this message in the total size for each of those 20 users. So, the total of the mailbox sizes from System Manager will almost always be larger than the actual databases sizes.
The quickest way to check total storage size for Exchange 2000 - 2007 is here: http://www.petri.co.il/reporting_storage_size_in_exchange.htm
Check sizes of individual mailboxes -
As with the above advice, you also need to make sure you keep track of your biggest offenders in the mailbox disk space usage wars. In Exchange 2003 this can be checked easily from System Manager's Mailboxes screen. Mailbox sizes should be kept below 2GB and 10K items to maintain performance according to best practices.
Offline Mail Store Defrag -
Consider performing an offline mail store defrag depending on the activity of email, but especially if you haven't performed one in 6 months or if you have recently deleted a lot of old mailboxes.
The mail store size doesn't really shrink after these deletions until on offline defrag is performed. This can take several hours for a small to moderate sized mail store set, so you'll need to bring mail services down during that time, best done in the middle of the night and when you have scheduled downtime with the users.
Clean up BADMAIL directory -
"What is this BadMail? Let us start with NDRs (Non-deliverable requests). These NDR emails cannot be returned to the sender. So what happens is that after the allotted retries, Exchange 2003 routes the email to a bin called the BadMail folder.
To find the BadMail folder: Navigate to \Exchsrvr\Mailroot, now you should see a \vsi 1\BadMail folder. There will be one vsi folder for each virtual server. " (See link below)
This was important with Exchange 2000 and earlier. If you are using Exchange 2003 SP1 and later then you can skip this.
Here is a good summary of BadMail: http://www.computerperformance.co.uk/exchange2003/exchange2003_badmail.htm
Confirm that there are no open relays -
Test for open mail relays using (one or more of the following sites): http://www.mxtoolbox.com/diagnostic.aspx
http://www.checkor.com/
http://www.spamhelp.org/shopenrelay/shopenrelaytest.php
http://www.abuse.net/relay.html
Useful tools to have in your toolkit:
Sam Spade (WIN32) - a multi-function analysis web site that can decode a message's headers and make a fairly good guess about where it came from. Be patient with yourself while learning it, it's a very useful tool for dealing with spam and backtracing it's origin.
Exchange Monitor (WIN32) - from SolarWinds is a desktop dashboard that continuously monitors Microsoft Exchange to deliver real-time insight into Exchange services, mail queue sizes, and host server health.
Microsoft Exchange Server User Monitor (WIN32) aka ExMon - Use the Microsoft Exchange Server User Monitor to gather real-time data to better understand current client usage patterns, and to plan for future work. Administrators can view several items, including IP addresses used by clients, versions and modes of Microsoft Office Outlook, and resources such as CPU usage, server-side processor latency, and total latency for network and processing. Works with Microsoft Exchange Server 2000, 2003, 2007 and 2010. How to use it: http://www.petri.co.il/using_ms_exmon.htm
Here's some basic Email services checklist items:
Test Remote Email Web Access -
Make sure you can successfully connect and log in to Outlook Web Access (OWA) etc.
Check that all Email services are running -
You either need to confirm these yourself on a daily basis or setup availability monitoring via RMon etc. Some of these services can be continuosly monitored from your desktop using Exchange Monitor.
Check Mail queues -
Check in Exchange System Manager (or equivalent) that there are no pending emails in the mail (SMTP) queues.
Check Size of Mailbox stores -
Managing the size of your email databases is critical especially in Small Business environments where disk space is at a premium.
Exchange uses single-instance storage, so if a message is sent to 20 employees, only one copy is kept in the mailstore DB.
This keeps the size of the store down, but the mailbox list counts this message in the total size for each of those 20 users. So, the total of the mailbox sizes from System Manager will almost always be larger than the actual databases sizes.
The quickest way to check total storage size for Exchange 2000 - 2007 is here: http://www.petri.co.il/reporting_storage_size_in_exchange.htm
Check sizes of individual mailboxes -
As with the above advice, you also need to make sure you keep track of your biggest offenders in the mailbox disk space usage wars. In Exchange 2003 this can be checked easily from System Manager's Mailboxes screen. Mailbox sizes should be kept below 2GB and 10K items to maintain performance according to best practices.
Offline Mail Store Defrag -
Consider performing an offline mail store defrag depending on the activity of email, but especially if you haven't performed one in 6 months or if you have recently deleted a lot of old mailboxes.
The mail store size doesn't really shrink after these deletions until on offline defrag is performed. This can take several hours for a small to moderate sized mail store set, so you'll need to bring mail services down during that time, best done in the middle of the night and when you have scheduled downtime with the users.
Clean up BADMAIL directory -
"What is this BadMail? Let us start with NDRs (Non-deliverable requests). These NDR emails cannot be returned to the sender. So what happens is that after the allotted retries, Exchange 2003 routes the email to a bin called the BadMail folder.
To find the BadMail folder: Navigate to \Exchsrvr\Mailroot, now you should see a \vsi 1\BadMail folder. There will be one vsi folder for each virtual server. " (See link below)
This was important with Exchange 2000 and earlier. If you are using Exchange 2003 SP1 and later then you can skip this.
Here is a good summary of BadMail: http://www.computerperformance.co.uk/exchange2003/exchange2003_badmail.htm
Confirm that there are no open relays -
Test for open mail relays using (one or more of the following sites): http://www.mxtoolbox.com/diagnostic.aspx
http://www.checkor.com/
http://www.spamhelp.org/shopenrelay/shopenrelaytest.php
http://www.abuse.net/relay.html
Useful tools to have in your toolkit:
Sam Spade (WIN32) - a multi-function analysis web site that can decode a message's headers and make a fairly good guess about where it came from. Be patient with yourself while learning it, it's a very useful tool for dealing with spam and backtracing it's origin.
Exchange Monitor (WIN32) - from SolarWinds is a desktop dashboard that continuously monitors Microsoft Exchange to deliver real-time insight into Exchange services, mail queue sizes, and host server health.
Microsoft Exchange Server User Monitor (WIN32) aka ExMon - Use the Microsoft Exchange Server User Monitor to gather real-time data to better understand current client usage patterns, and to plan for future work. Administrators can view several items, including IP addresses used by clients, versions and modes of Microsoft Office Outlook, and resources such as CPU usage, server-side processor latency, and total latency for network and processing. Works with Microsoft Exchange Server 2000, 2003, 2007 and 2010. How to use it: http://www.petri.co.il/using_ms_exmon.htm
Friday, February 05, 2010
Configure Services MMC to Open Maximized by Default
One of my pet peeves when working on client servers remotely doing maintenance is that I need to check to make sure all automatically started services are ... started, using Services MMC.
You'd think this would not be an issue, but believe me, automatically started services do not always start automatically. True Story.
Now when you open up Services (services.msc) it starts in extended windowed mode. I like to maximize it to see the most services at a glance as possible.
You can edit the shortcut for the MMC all day long and it will never start Maximized ... Damn you Microsoft!
Well here's how you fix this in the non-obvious way:
You will open Services MMC in author mode to create a new Services console or modify existing Services console. (This works for all MMCs btw)
1. Click Start, Run and type %systemroot%\system32
2. Right click the file Services.msc and copy/paste it back into the same directory, which will create a backup copy called "Copy of Services.msc"
3. Right-click the original Services.msc, and choose Author
The Services MMC Snap-In opens in Author mode, in which you can customize the window size, pane width, view mode (Standard or Extended) etc.
4. Customize the MMC to your hearts content.
5. From the File menu, click Save As to save your settings, save over Services.msc.
6. Exit the Services MMC.
Now open Services MMC (services.msc) normally, it should have retained your customizations.
Rock it like a hurricane, baby!
You'd think this would not be an issue, but believe me, automatically started services do not always start automatically. True Story.
Now when you open up Services (services.msc) it starts in extended windowed mode. I like to maximize it to see the most services at a glance as possible.
You can edit the shortcut for the MMC all day long and it will never start Maximized ... Damn you Microsoft!
Well here's how you fix this in the non-obvious way:
You will open Services MMC in author mode to create a new Services console or modify existing Services console. (This works for all MMCs btw)
1. Click Start, Run and type %systemroot%\system32
2. Right click the file Services.msc and copy/paste it back into the same directory, which will create a backup copy called "Copy of Services.msc"
3. Right-click the original Services.msc, and choose Author
The Services MMC Snap-In opens in Author mode, in which you can customize the window size, pane width, view mode (Standard or Extended) etc.
4. Customize the MMC to your hearts content.
5. From the File menu, click Save As to save your settings, save over Services.msc.
6. Exit the Services MMC.
Now open Services MMC (services.msc) normally, it should have retained your customizations.
Rock it like a hurricane, baby!
Tuesday, February 02, 2010
Get System Uptime quickly via the Command-line
Here is a real quick way to find the a System's Up Time value (Time since it was last booted) using the Command Prompt.
This becomes important during due-diligence on a server crash etc. where you need to determine when the system came back online etc.
The following command-line coding uses the piping technique and the Find filter tool to easily isolate the System Up Time value:
Open a Command Prompt window.
Type the following command, exactly as you see it here, caps and quotes included:
Systeminfo Find "Up Time"
This will print the info to the Command Prompt window, if you would like to send it to a text file for instance, type is in as follows:
Systeminfo Find "Up Time" > c:\uptime.txt
For Windows 2008 and Vista/Windows 7 use the following command:
Systeminfo Find "System Boot Time"
** Note between Systeminfo and Find there is a pipe (shift+\) which blogger.com is removing, so make sure to put it in.
If you'd like to just type in uptime to get the System Up Time value then you can also download the following command-line app from Microsoft and install on your PC/server:
http://download.microsoft.com/download/appcenter2000/uptime/1.0/NT5/EN-US/AC-UpTimeTool.exe
This becomes important during due-diligence on a server crash etc. where you need to determine when the system came back online etc.
The following command-line coding uses the piping technique and the Find filter tool to easily isolate the System Up Time value:
Open a Command Prompt window.
Type the following command, exactly as you see it here, caps and quotes included:
Systeminfo Find "Up Time"
This will print the info to the Command Prompt window, if you would like to send it to a text file for instance, type is in as follows:
Systeminfo Find "Up Time" > c:\uptime.txt
For Windows 2008 and Vista/Windows 7 use the following command:
Systeminfo Find "System Boot Time"
** Note between Systeminfo and Find there is a pipe (shift+\) which blogger.com is removing, so make sure to put it in.
If you'd like to just type in uptime to get the System Up Time value then you can also download the following command-line app from Microsoft and install on your PC/server:
http://download.microsoft.com/download/appcenter2000/uptime/1.0/NT5/EN-US/AC-UpTimeTool.exe
Subscribe to:
Posts (Atom)