Lecture 12: Monitoring & Remotely Accessing SystemsNetwork Design & Administration

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Monitoring vs. Accessing

• Administrators have great power, so must use judiciously.• Can change permissions, change ownership etc.,

so can silently examine drives on remote machines while users still logged on.• Can monitor actions, usage of resources,

processes.• Do not have time to watch everything!

2

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Historical vs. Real-time monitoring• Historical monitoring summarises information

over a time period:• Essential for an organisation that is trying to

understand and improve its performance.• Indicates need for upgrades.• Justifies spend.

• Real-time monitoring looks at the current/recent situation:• Used to understand problem/issue.• Generates a relatively quick action/response. 3

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Monitoring User Machines

• Monitoring may imply high level, light touch:• How much printing is a user doing?• How close are they getting to their disk quotas?

• May also imply detailed management checking:• What are they actually storing on disk?• How active at the computer actually are they?

• May be needed for security:• Are there a lot of failed attempts to log in at one

particular machine?4

Net

wor

k D

esig

n &

Adm

inist

ratio

n

• Need to catch potential problems before they cause delays/inconvenience.• Question: What sort of problems?• Running out of disk or disk faults.• Memory leaks due to faulty programs.• Network limitations.• Dead services/daemons meaning tasks not

performed.• General resource shortages.

Question: why do we want to monitor servers?

Monitoring Servers

5

Net

wor

k D

esig

n &

Adm

inist

ratio

n

How to monitor or check machines• There are a number of ways as:• Use Microsoft Management Console locally.• Physically log on at user machine.• Remote log in.• Use MMC addressing other machine.• Use log entries/audit trails/real-time

monitoring.

6

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Microsoft Management Console• Already encountered this when looking at users and

computers.• Provides a central point of management for different objects

and resources.• Can start via “admin tools”.• Alternatively, can use the MMC (mmc.exe) and include a snap-

in (e.g. gpedit.msc)• MMC can also be redirected to another machine.

7

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Physically logging in

• Can be inconvenient to both user and admin.• Sometimes necessary. • e.g. if network card has died.

• More often used when helping a particular user.• Sometimes users prefer local presence.• Can be costly…• Is there an alternative?

8

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Remote Log in

• A better solution!• Use Remote Desktop to remotely log into a client

machine.• Particularly used for monitoring servers, which may be

in remote locations.• Uses Remote Desktop Services at target machine and

client program (Remote Desktop Connection) at admin’s desktop machine.• Needs to be set up at both ends.• Question: Can you think of why this is a good thing to

do?• Question: Can you think of any potential problems?

9

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Client-side remote desktop access• Can simply be set up

from System properties• By default,

Administrator group members are granted remote access permission• Additional users can

be added 10

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Remote Desktop Services• Previously called Terminal Services in pre-Windows Server 2008 editions.• Allows clients to use server as if it were their PC.

• Questions:• Why would you want to use a single machine?• What benefits would it provide?• Are there any special considerations for the server to take into account?

[1]

[2]

[3]

11

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Configuring Server side remote desktop services

12

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Remotely accessing a Unix server• Not all servers will be running Windows Server.• A number of companies and universities use Unix/Linux

within their workplace.• Could be setup to provide roles:• DNS• Web Server• File Server• Print Server• (Pretty much everything Windows Server can offer)

• Question: How do we remotely administer and maintain them? 13

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Monitoring the Server

• Servers are important! • Need to constantly monitor the health of a server

because of its mission critical nature.• Things to monitor:• Processor (usage & temperature)• Disk (performance, usage, throughput)• Memory (utilisation, page file etc.)• Network

• To monitor server, best to start from a baseline.• Baselines can change over time with the addition of new

hardware & software. 14

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Monitoring via the Event Viewer• Accessed from

“Administration Tools” menu.• Should be looked at

regularly. This needs to be part of a procedure (come back to this in a future lecture)• Event viewer can also

access event logs on a remote machine.

15

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Event Logs

• Application – about specific programs, depends on what developers decided to log.• System – about components e.g. device driver

fail to load, or service fail to start.• Security – e.g. failed logons, attempts to access

protected resources. Entries ONLY turn up if explicitly set up – none by default.• Additionally - domain controllers, DNS servers

have extra logs specific to them.16

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Event Types

[4]17

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Event Properties

18

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Real time monitoring

• Task Manager gives live real-time information• Processor and memory.• Applications and processes.• Network Utilisation.• Users connected to a system.

• Can only be used to view information for local system (though can use remote desktop – but what is problem then?)• Has no logging capability. 19

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Performance Console

• Snap ins to display real-time data, record over time, and execute actions when trigger values reached.• System Monitor displays default of:• Memory: Pages per Sec• Physical Disk: Average Disk Queue Length• Processor: % Processor Time

• Do not monitor too many/too often – generate system overheads.• Do not monitor too infrequently or could miss spikes.

20

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Performance Console

21

Net

wor

k D

esig

n &

Adm

inist

ratio

n

Performance Logs & Alerts

• Counter Log• Capture stats for specified counters to log file for

later analysis.• Trace Logs• Records information about system apps when

certain events occur.• Alerts• Perform action when counter reaches specified

value.22

Net

wor

k D

esig

n &

Adm

inist

ratio

n

References

Next Time …• C# programming.

References

[1] http://www.dell.com/uk/business/p/poweredge-m910/pd[2] http://www.wyse.com/products/hardware/thinclients/S10/index.asp[3] http://www.dell.com/uk/business/p/precision-desktops[4] MOAC 290 Chapter 3

23