2. Monitoring vs. Accessing
• Administrators have great power, so must use
judiciously.
• Can change permissions, change ownership
etc., so can silently examine drives on remote
Network Design & Administration
machines while users still logged on.
• Can monitor actions, usage of
resources, processes.
• Do not have time to watch everything!
2
3. Historical vs. Real-time
monitoring
• Historical monitoring summarises information
over a time period:
• Essential for an organisation that is trying to
understand and improve its performance.
Network Design & Administration
• Indicates need for upgrades.
• Justifies spend.
• Real-time monitoring looks at the current/recent
situation:
• Used to understand problem/issue.
3
• Generates a relatively quick action/response.
4. Monitoring User Machines
• Monitoring may imply high level, light touch:
• How much printing is a user doing?
• How close are they getting to their disk quotas?
• May also imply detailed management checking:
Network Design & Administration
• What are they actually storing on disk?
• How active at the computer actually are they?
• May be needed for security:
• Are there a lot of failed attempts to log in at one
particular machine? 4
5. Monitoring Servers
• Need to catch potential problems before they
cause delays/inconvenience.
• Question: What sort of problems?
• Running out of disk or disk faults.
Network Design & Administration
• Memory leaks we want to programs.
Question: why dodue to faultymonitor servers?
• Network limitations.
• Dead services/daemons meaning tasks not
performed.
• General resource shortages. 5
6. How to monitor or check
machines
• There are a number of ways as:
• Use Microsoft Management Console locally.
• Physically log on at user machine.
Network Design & Administration
• Remote log in.
• Use MMC addressing other machine.
• Use log entries/audit trails/real-time
monitoring.
6
7. Microsoft Management
Console
• Already encountered this when looking at users and
computers.
• Provides a central point of management for different objects
and resources.
• Can start via “admin tools”.
Network Design & Administration
• Alternatively, can use the MMC (mmc.exe) and include a snap-
in (e.g. gpedit.msc)
• MMC can also be redirected to another machine.
7
8. Physically logging in
• Can be inconvenient to both user and admin.
• Sometimes necessary.
• e.g. if network card has died.
Network Design & Administration
• More often used when helping a particular user.
• Sometimes users prefer local presence.
• Can be costly…
• Is there an alternative?
8
9. Remote Log in
• A better solution!
• Use Remote Desktop to remotely log into a client
machine.
• Particularly used for monitoring servers, which may
be in remote locations.
Network Design & Administration
• Uses Remote Desktop Services at target machine
and client program (Remote Desktop Connection) at
admin’s desktop machine.
• Needs to be set up at both ends.
• Question: Can you think of why this is a good thing
to do?
• Question: Can you think of any potential problems? 9
10. Client-side remote desktop
access
• Can simply be set up
from System
properties
• By default,
Network Design & Administration
Administrator group
members are granted
remote access
permission
• Additional users can
be added 10
11. Remote Desktop Services
• Previously called Terminal Services in pre-Windows Server 2008
editions.
• Allows clients to use server as if it were their PC.
[2]
[1]
Network Design & Administration
[3]
• Questions:
• Why would you want to use a single machine?
• What benefits would it provide?
• Are there any special considerations for the server to take into 11
account?
13. Remotely accessing a Unix
server
• Not all servers will be running Windows Server.
• A number of companies and universities use Unix/Linux
within their workplace.
• Could be setup to provide roles:
Network Design & Administration
• DNS
• Web Server
• File Server
• Print Server
• (Pretty much everything Windows Server can offer)
• Question: How do we remotely administer and maintain 13
them?
14. Monitoring the Server
• Servers are important!
• Need to constantly monitor the health of a server
because of its mission critical nature.
• Things to monitor:
Network Design & Administration
• Processor (usage & temperature)
• Disk (performance, usage, throughput)
• Memory (utilisation, page file etc.)
• Network
• To monitor server, best to start from a baseline.
• Baselines can change over time with the addition of new 14
hardware & software.
15. Monitoring via the Event
Viewer
• Accessed from
“Administration Tools”
menu.
• Should be looked at
Network Design & Administration
regularly. This needs
to be part of a
procedure (come back
to this in a future
lecture)
• Event viewer can also
15
access event logs on a
remote machine.
16. Event Logs
• Application – about specific programs, depends
on what developers decided to log.
• System – about components e.g. device driver
fail to load, or service fail to start.
Network Design & Administration
• Security – e.g. failed logons, attempts to access
protected resources. Entries ONLY turn up if
explicitly set up – none by default.
• Additionally - domain controllers, DNS servers
have extra logs specific to them.
16
19. Real time monitoring
• Task Manager gives live real-time information
• Processor and memory.
• Applications and processes.
Network Design & Administration
• Network Utilisation.
• Users connected to a system.
• Can only be used to view information for local
system (though can use remote desktop – but
what is problem then?)
• Has no logging capability. 19
20. Performance Console
• Snap ins to display real-time data, record over time, and
execute actions when trigger values reached.
• System Monitor displays default of:
• Memory: Pages per Sec
Network Design & Administration
• Physical Disk: Average Disk Queue Length
• Processor: % Processor Time
• Do not monitor too many/too often – generate system
overheads.
• Do not monitor too infrequently or could miss spikes.
20
22. Performance Logs & Alerts
• Counter Log
• Capture stats for specified counters to log file for
later analysis.
• Trace Logs
Network Design & Administration
• Records information about system apps when
certain events occur.
• Alerts
• Perform action when counter reaches specified
value.
22