Windows Server 2008 R2 Unleashed (138 page)

684

CHAPTER 20

Windows Server 2008 R2 Management and Maintenance Practices

ptg

FIGURE 20.16

Windows Update console.

The Windows Updates functionality is a great tool for keeping servers updated with very

little administrative overhead, albeit with some loss of control.

Windows Server Update Services

Realizing the increased administration and management efforts administrators must face

when using Windows Update to keep up with SPs and updates for anything other than

small environments, Microsoft has created the Windows Server Update Services (WSUS)

client and server versions to minimize administration, management, and maintenance of

mid- to large-sized organizations. WSUS 3.0 SP1 communicates directly and securely with

Microsoft to gather the latest SPs and updates.

Microsoft Windows Server Update Services provides a number of features to support orga-

nizations, such as the following:

. Support for a broad range of products such as Windows operating system family,

Exchange messaging, SQL Server, Office, System Center family, and Windows

Defender.

. Automatic download of updates.

. Administrative control over which updates are approved, removed, or declined; the

remove option permits updates to be rolled back.

. Email notification of updates and deployment status reports.

Maintaining Windows Server 2008 R2

685

. Targeting of updates to specific groups of computers for testing and for control of

the update process.

. Scalability to multiple WSUS servers controlled from a single console.

. Reporting on all aspects of the WSUS operations and status.

. Integration with Automatic Windows Updates.

The SPs and updates downloaded onto WSUS can then be distributed to either a lab server

for testing (recommended) or to a production server for distribution. After these updates

are tested, WSUS can automatically update systems inside the network.

The following steps install the Windows Server Update Services role:

1. Open the Server Manager console.

2. Select the Roles folder and click Add Roles.

3. In the Add Roles Wizard, select Windows Server Update Services and follow the

instructions onscreen. The wizard will install WSUS 3.0 SP1 and any required com-

ponents, including Web Server (IIS), if needed.

Unlike other server roles, the binaries for WSUS 3.0 SP1 are downloaded from Microsoft.

This ensures that any time WSUS is installed, you will always be installing the most

ptg

current version.

Maintaining Windows Server 2008 R2

Maintaining Windows Server 2008 R2 systems isn’t an easy task for administrators. They

must find time in their firefighting efforts to focus and plan for maintenance on the

server systems. When maintenance tasks are commonplace in an environment, they can

alleviate many of the common firefighting tasks.

The processes and procedures for maintaining Windows Server 2008 R2 systems can be

separated based on the appropriate time to maintain a particular aspect of Windows Server

2008 R2. Some maintenance procedures require daily attention, whereas others might

require only quarterly checkups. The maintenance processes and procedures that an orga-

nization follows depend strictly on the organization; however, the categories described in

the following sections and their corresponding procedures are best practices for organiza-

tions of all sizes and varying IT infrastructures.

20

Daily Maintenance

Certain maintenance procedures require more attention than others. The procedures that

require the most attention are categorized into the daily procedures. Therefore, it is

recommended that an administrator take on these procedures each day to ensure system

reliability, availability, performance, and security. These procedures are examined in the

following three sections.

686

CHAPTER 20

Windows Server 2008 R2 Management and Maintenance Practices

Checking Overall Server Functionality

Although checking the overall server health and functionality might seem redundant or

elementary, this procedure is critical to keeping the system environment and users

working productively.

Some questions that should be addressed during the checking and verification process are

the following:

. Can users access data on file servers?

. Are printers printing properly? Are there long queues for certain printers?

. Is there an exceptionally long wait to log on (that is, longer than normal)?

. Can users access messaging systems?

. Can users access external resources?

Verifying That Backups Are Successful

To provide a secure and fault-tolerant organization, it is imperative that a successful

backup be performed each night. In the event of a server failure, the administrator might

be required to perform a restore from tape. Without a backup each night, the IT organiza-

tion will be forced to rely on rebuilding the server without the data. Therefore, the admin-

istrator should always back up servers so that the IT organization can restore them with

ptg

minimum downtime in the event of a disaster. Because of the importance of the backups,

the first priority of the administrator each day needs to be verifying and maintaining the

backup sets.

If disaster ever strikes, the administrators want to be confident that a system or entire site

can be recovered as quickly as possible. Successful backup mechanisms are imperative to

the recovery operation; recoveries are only as good as the most recent backups.

Monitoring Event Viewer

Event Viewer is used to check the system, security, application, and other logs on a local

or remote system. These logs are an invaluable source of information regarding the

system. The Event Viewer Overview and Summary page in Server Manager is shown in

Figure 20.17.

NOTE

Checking these logs often helps your understanding of them. There are some events

that constantly appear but aren’t significant. Events will begin to look familiar, so you

will notice when something is new or amiss in your event logs.

All Event Viewer events are categorized either as informational, warning, or error. Some

best practices for monitoring event logs include the following:

. Understanding the events that are being reported

. Setting up a database for archived event logs

. Archiving event logs frequently

Maintaining Windows Server 2008 R2

687

FIGURE 20.17

The Event Viewer snap-in.

ptg

To simplify monitoring hundreds or thousands of generated events each day, the admin-

istrator should use the filtering mechanism provided in Event Viewer. Although warnings

and errors should take priority, the informational events should be reviewed to track

what was happening before the problem occurred. After the administrator reviews the

informational events, she can filter out the informational events and view only the warn-

ings and errors.

To filter events, do the following:

1. Expand the Event View folder in Server Manager.

2. Select the log from which you want to filter events.

3. Right-click the log and select Filter Current Log.

4. In the log properties window, select the types of events to filter. In this case, select

the Critical, Error, and Warning check boxes.

5. Click OK when you’re done.

20

Figure 20.18 shows the results of filtering on the system log. You can see in the figure that

there are a total of 8,006 events. In the message above the log, the filter is noted and also

the 92 resulting number of events. The filter reduced the events by a factor of over 80 to

1. This really helps reduce the volume of data that an administrator needs to review.

688

CHAPTER 20

Windows Server 2008 R2 Management and Maintenance Practices

FIGURE 20.18

The Event Viewer filter.

ptg

Some warnings and errors are normal because of bandwidth constraints or other environ-

mental issues. The more you monitor the logs, the more familiar you will become with

the messages and, therefore, the more likely you will be able to spot a problem before it

affects the user community.

TIP

You might need to increase the size of the log files in Event Viewer to accommodate an

increase in logging activity. The default log sizes are larger in Windows Server 2008 R2

than in previous versions of Windows, which were notorious for running out of space.

Weekly Maintenance

Maintenance procedures that require slightly less attention than daily checking are catego-

rized in a weekly routine and are examined in the following sections.

Checking Disk Space

Disk space is a precious commodity. Although the disk capacity of a Windows Server 2008

R2 system can be virtually endless, the amount of free space on all drives should be

checked at least weekly if not more frequently. Serious problems can occur if there isn’t

enough disk space.

One of the most common disk space problems occurs on data drives where end users save

and modify information. Other volumes such as the system drive and partitions with

logging data can also quickly fill up.

Maintaining Windows Server 2008 R2

689

As mentioned earlier, lack of free disk space can cause a multitude of problems, including,

but not limited to, the following:

. Application failures

. System crashes

. Unsuccessful backup jobs

. Service failures

. The inability to audit

. Degradation in performance

To prevent these problems from occurring, administrators should keep the amount of free

space to at least 25%.

CAUTION

If you need to free disk space, you should move or delete files and folders with caution.

System files are automatically protected by Windows Server 2008 R2, but data is not.

Verifying Hardware

ptg

Hardware components supported by Windows Server 2008 R2 are reliable, but this doesn’t

mean that they’ll always run continuously without failure. Hardware availability is

measured in terms of mean time between failures (MTBF) and mean time to repair

(MTTR). This includes downtime for both planned and unplanned events. These measure-

ments provided by the manufacturer are good guidelines to follow; however, mechanical

parts are bound to fail at one time or another. As a result, hardware should be monitored

weekly to ensure efficient operation.

Hardware can be monitored in many different ways. For example, server systems might

have internal checks and logging functionality to warn against possible failure, Windows

Server 2008 R2’s System Monitor might bring light to a hardware failure, and a physical

hardware check can help to determine whether the system is about to experience a

problem with the hardware.

If a failure has occurred or is about to occur, having an inventory of spare hardware can

significantly improve the chances and timing of recoverability. Checking system hardware

on a weekly basis provides the opportunity to correct the issue before it becomes a problem.

20

Running Disk Defragmenter

Whenever files are created, deleted, or modified, Windows Server 2008 R2 assigns a group

of clusters depending on the size of the file. As file size requirements fluctuate over time,