What’s New in Windows Server 2008 R2 AD

Windows Deployment Services-1

Netbackup interview Questions

Questions set-1

1. If you have a SCSI attached robot and in device monitor you see the drives marked as AVR, what does that mean and how would you fix it?
2. If I asked you to tell me if a client has Netbackup on it just by using a telnet command what would you do?
3. If you wanted to know what IP address netbackup was using to perform backups what command would you run and where would you run it?
4. What is flash backup?
5. How is image stored in netbackup
6. If a media ID A04567 comes back and it is frozen, what are the steps to unfreeze it and move it back to scratch from the command line?
7. If you wanted to bypass netbackup commands and move a tape from slot 1 to drive 3 how would you do that?
8. What is the client version supported by NBU 6.x and 5.x masters
9. If your last catalog backup was two days ago and the master server crashed what would you have to do to bring your environment back up to present time?
10. How do you find a disk based image via the command line and then delete it?
11. How do you import an NBU image that has been written to a disk storage unit?
12. What are the critical catalogs or databases on a Media Server?
13. How would you tune NetBackup to increase backup performance?
In which location(path) the temp files located in Netbackup for Windows/Unix?
14.What is the process of importing images and why do we import images?
15.How to Importing and expiring images?
16.What does it mean by inventoring a robot?
17.What is SAN media server?
18. How to check tape is bad?
19. How to check the tape is already expired or not?
20. How to check volume pool?
21 Media has been already expired, How to find out?
22. How to check tape is in cap?
53. How to see log entries, how to create log directories?
24.SQL Script.. in client..how to create?
25. How to install media server(with device configuration steps)?
26.what is avr mode

27. There is a Tape library with 10 drives …Can we able to create 2 Storage units…..?

28.There are 1000 Client machines , 999 machines are transferring datas in good speed but one client machine is taking too long to transfer a datas ….. That is …backup should complete within 2 hours ..but after 12 hours and more …the data transfer is still happening…. why?

Questions set 2

1. What is User Backup,User Archive & How to take?
2. Difference between 5.x, 6.x VNB
3 .In which location(path) the temp files located in Netbackup for Windows/Unix?
4. How do you configure a client for automatic backups?
5. What’s the difference between diff incr and cumulative incr? What happens when I mix them on Windows client… Unix client?
6. How is a changed file determined on Unix?
7. When would I, or would I not, use cross mount points?
8. What is the difference between a Volume Group and a Volume Pool?
9. How do you back up the catalog? Why is this important? What do you have todo if you don’t have a catalog backup?
10. How do you recover the catalog?
11. How do you configure retention levels for a backup?
12. If I install the Admin client on an NT workstation, what else has to be done for it to work… be an authorized server?
13. What is multiplexing? What is multiple data streams? Are they the same?
14 .how can I recover an corrupted image?
15. How can we assign barcode rules?
16. What is OTM? TIR?
17. What format does NetBackup write the tape in?
18. How does NetBackup tie together with Media Manager?
19. How do I create a Storage Unit that will only be used by one client?
20. What is the difference between the expiration date for a volume in NetBackup’s media catalog and Media Manager’s volume database?
22. What is the difference between a frozen volume and a suspended volume?
23. How many Robot Control Hosts can a DLT tape library have?
24. What does the bpbkar process do? bpsched? bpbrm? bpdbm? ltid? What process controls a DLT tape library… a DLT tape drive? What is the AVRD process?
25. Why is the catalog the most important component of Netbackup?
26. What does status 59 mean in the activity monitor?
27. Installation process for NBU 5.x, 6.x?
28. what is AVR mode?
29. Why is a binary catalog more efficient than an ASCII catalog?
30. What are NBU daemons and how to process

10 Free Server & Network Monitoring Tools

1. Monit


Monit not only monitors your server, but also attempts to remedy problems by taking predefined actions for certain situations. For example, if your database server crashes, Monit can automatically restart the service if this is the action that you want to take (hint: it usually is).

If you have more than one server that you need to monitor, then you can use M/Monit– an extended version of Monit that provides a simple way to monitor multiple machines.

There’s also an iPhone app available for M/Monit to help you conveniently check on your network without lugging around a laptop around.

2. Ganglia


When you have a cluster of machines, it’s difficult to see how the whole cluster is doing all at once. Ganglia, instead, presents an overview of the whole cluster. This is a great tool to have set up when you’re working with a server cluster; with that said, it may be overkill for single-machine set-ups.

3. Munin


Munin monitors and graphs system performance metrics. It can automatically produce daily/weekly/monthly/yearly performance graphs and reports of many important metrics. It comes with the ability to monitor core system resources, such as memory, disk space, CPU usage, server applications such as MySQL, Apache, and Squid.

One of Munin’s greatest strengths is how simple it is to extend. With just a few lines of code, you can write a plugin to monitor almost anything. Being so easy to extend means that Munin is also a good choice for graphing things unrelated to server performance, such as the number of user signups or website popularity.

4. Cacti


Cacti is similar to Munin in many ways. What is makes Cacti different though–and where it stands out in relation to Munin–is that it allows you to resize your graphs and view data for an arbitrary range. Whereas Munin has fixed daily, weekly, monthly and yearly graphs (unless you write a custom extension), Cacti lets you view your data however you want to: last 2 hours, last 4 days, last 6 months, out of the box. You can even visually select and zoom into regions on your graphs.

5. Nagios


Nagios is “the industry standard in IT infrastructure monitoring,”–well, at least that’s what it says on their website. Nagios can be complicated to install and configure, but its wealth of features are unmatched by any tool out in the market and is geared for the experienced IT network administrator. Nagios supports monitoring of multiple hosts and can send out alerts via email, pager (if you still use this ancient technology) or SMS/text messaging. Like Monit, it can also be configured to automatically respond to problems.

6. Zabbix


Zabbix is a feature-packed monitoring tool. It has great visualization support including user-defined views, zooming, and mapping. It can send out alerts via email, SMS or instant message. It also provides audible alerts, which can be useful when you’re physically near the monitoring machine.

7. Observium


Observium is geared towards Linux, BSD and Cisco networks. It supports auto discovery of your network infrastructure, finding the networks that you’re likely interested in monitoring; this feature can be compared to how your Wi-Fi software automatically finds signals in range that you can jack into. Observium provides detailed graphs, and can be set up alongside Nagios to provide alerts. It also integrates well with Collectd (featured below) for a more robust interface.

8. Zenoss


Zenoss is an open source version of the commercial server monitoring tool Zenoss Enterprise, written entirely in Python. It supports the Nagios plugin format, so many existing Nagios plugins can be used in Zenoss. One of the main highlights of Zenoss is its powerful yet simple to use user interface.

9. Collectd


Collectd is similar to Munin and Cacti in that it focuses on graphing system metrics. Where it excels in is that it is designed specifically for performance and portability; this ultimately means it’s great on rugged systems, low-end systems, and embedded systems. Being designed for performance and low-system resource use means that Collectd can gather data every 10 seconds without interfering with your server processes, providing extremely high-resolution statistics. You can write extensions for it in C, Perl or Java.

10. Argus


Argus focuses on the monitoring of network services, and supports IPv4 and IPv6. It has a nice alert escalation procedure: after sending out an alert and the problem still isn’t resolved within a fixed amount of time (because the systems admin is at home enjoying his sleep), another alert will be sent out to someone else.

Pushing the Limits of Windows: Paged and Nonpaged Pool

In previous Pushing the Limits posts, I described the two most basic system resources, physical memory and virtual memory. This time I’m going to describe two fundamental kernel resources, paged pool and nonpaged pool, that are based on those, and that are directly responsible for many other system resource limits including the maximum number of processes, synchronization objects, and handles.

Here’s the index of the entire Pushing the Limits series. While they can stand on their own, they assume that you read them in order.

Pushing the Limits of Windows: Physical Memory

Pushing the Limits of Windows: Virtual Memory

Pushing the Limits of Windows: Paged and Nonpaged Pool

Pushing the Limits of Windows: Processes and Threads

Pushing the Limits of Windows: Handles

Pushing the Limits of Windows: USER and GDI Objects – Part 1

Pushing the Limits of Windows: USER and GDI Objects – Part 2

Paged and nonpaged pools serve as the memory resources that the operating system and device drivers use to store their data structures. The pool manager operates in kernel mode, using regions of the system’s virtual address space (described in the Pushing the Limits post on virtual memory) for the memory it sub-allocates. The kernel’s pool manager operates similarly to the C-runtime and Windows heap managers that execute within user-mode processes.  Because the minimum virtual memory allocation size is a multiple of the system page size (4KB on x86 and x64), these subsidiary memory managers carve up larger allocations into smaller ones so that memory isn’t wasted.

For example, if an application wants a 512-byte buffer to store some data, a heap manager takes one of the regions it has allocated and notes that the first 512-bytes are in use, returning a pointer to that memory and putting the remaining memory on a list it uses to track free heap regions. The heap manager satisfies subsequent allocations using memory from the free region, which begins just past the 512-byte region that is allocated.

Nonpaged Pool

The kernel and device drivers use nonpaged pool to store data that might be accessed when the system can’t handle page faults. The kernel enters such a state when it executes interrupt service routines (ISRs) and deferred procedure calls (DPCs), which are functions related to hardware interrupts. Page faults are also illegal when the kernel or a device driver acquires a spin lock, which, because they are the only type of lock that can be used within ISRs and DPCs, must be used to protect data structures that are accessed from within ISRs or DPCs and either other ISRs or DPCs or code executing on kernel threads. Failure by a driver to honor these rules results in the most common crash code, IRQL_NOT_LESS_OR_EQUAL.

Nonpaged pool is therefore always kept present in physical memory and nonpaged pool virtual memory is assigned physical memory. Common system data structures stored in nonpaged pool include the kernel and objects that represent processes and threads, synchronization objects like mutexes, semaphores and events, references to files, which are represented as file objects, and I/O request packets (IRPs), which represent I/O operations.

Paged Pool

Paged pool, on the other hand, gets its name from the fact that Windows can write the data it stores to the paging file, allowing the physical memory it occupies to be repurposed. Just as for user-mode virtual memory, when a driver or the system references paged pool memory that’s in the paging file, an operation called a page fault occurs, and the memory manager reads the data back into physical memory. The largest consumer of paged pool, at least on Windows Vista and later, is typically the Registry, since references to registry keys and other registry data structures are stored in paged pool. The data structures that represent memory mapped files, called sections internally, are also stored in paged pool.

Device drivers use the ExAllocatePoolWithTag API to allocate nonpaged and paged pool, specifying the type of pool desired as one of the parameters. Another parameter is a 4-byte Tag, which drivers are supposed to use to uniquely identify the memory they allocate, and that can be a useful key for tracking down drivers that leak pool, as I’ll show later.

Viewing Paged and Nonpaged Pool Usage

There are three performance counters that indicate pool usage:

  • Pool nonpaged bytes
  • Pool paged bytes (virtual size of paged pool – some may be paged out)
  • Pool paged resident bytes (physical size of paged pool)

However, there are no performance counters for the maximum size of these pools. They can be viewed with the kernel debugger !vm command, but with Windows Vista and later to use the kernel debugger in local kernel debugging mode you must boot the system in debugging mode, which disables MPEG2 playback.

So instead, use Process Explorer to view both the currently allocated pool sizes, as well as the maximum. To see the maximum, you’ll need to configure Process Explorer to use symbol files for the operating system. First, install the latest Debugging Tools for Windows package. Then run Process Explorer and open the Symbol Configuration dialog in the Options menu and point it at the dbghelp.dll in the Debugging Tools for Windows installation directory and set the symbol path to point at Microsoft’s symbol server:


After you’ve configured symbols, open the System Information dialog (click System Information in the View menu or press Ctrl+I) to see the pool information in the Kernel Memory section. Here’s what that looks like on a 2GB Windows XP system:


    2GB 32-bit Windows XP

Nonpaged Pool Limits

As I mentioned in a previous post, on 32-bit Windows, the system address space is 2GB by default. That inherently caps the upper bound for nonpaged pool (or any type of system virtual memory) at 2GB, but it has to share that space with other types of resources such as the kernel itself, device drivers, system Page Table Entries (PTEs), and cached file views.

Prior to Vista, the memory manager on 32-bit Windows calculates how much address space to assign each type at boot time. Its formulas takes into account various factors, the main one being the amount of physical memory on the system.  The amount it assigns to nonpaged pool starts at 128MB on a system with 512MB and goes up to 256MB for a system with a little over 1GB or more. On a system booted with the /3GB option, which expands the user-mode address space to 3GB at the expense of the kernel address space, the maximum nonpaged pool is 128MB. The Process Explorer screenshot shown earlier reports the 256MB maximum on a 2GB Windows XP system booted without the /3GB switch.

The memory manager in 32-bit Windows Vista and later, including Server 2008 and Windows 7 (there is no 32-bit version of Windows Server 2008 R2) doesn’t carve up the system address statically; instead, it dynamically assigns ranges to different types of memory according to changing demands. However, it still sets a maximum for nonpaged pool that’s based on the amount of physical memory, either slightly more than 75% of physical memory or 2GB, whichever is smaller. Here’s the maximum on a 2GB Windows Server 2008 system:


    2GB 32-bit Windows Server 2008

64-bit Windows systems have a much larger address space, so the memory manager can carve it up statically without worrying that different types might not have enough space. 64-bit Windows XP and Windows Server 2003 set the maximum nonpaged pool to a little over 400K per MB of RAM or 128GB, whichever is smaller. Here’s a screenshot from a 2GB 64-bit Windows XP system:


2GB 64-bit Windows XP

64-bit Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2 memory managers match their 32-bit counterparts (where applicable – as mentioned earlier, there is no 32-bit version of Windows Server 2008 R2) by setting the maximum to approximately 75% of RAM, but they cap the maximum at 128GB instead of 2GB. Here’s the screenshot from a 2GB 64-bit Windows Vista system, which has a nonpaged pool limit similar to that of the 32-bit Windows Server 2008 system shown earlier.


2GB 32-bit Windows Server 2008

Finally, here’s the limit on an 8GB 64-bit Windows 7 system:


8GB 64-bit Windows 7

Here’s a table summarizing the nonpaged pool limits across different version of Windows:

32-bit 64-bit
XP, Server 2003 up to 1.2GB RAM: 32-256 MB
> 1.2GB RAM: 256MB
min( ~400K/MB of RAM, 128GB)
Vista, Server 2008,
Windows 7, Server 2008 R2
min( ~75% of RAM, 2GB) min(~75% of RAM, 128GB)

Paged Pool Limits

The kernel and device drivers use paged pool to store any data structures that won’t ever be accessed from inside a DPC or ISR or when a spinlock is held. That’s because the contents of paged pool can either be present in physical memory or, if the memory manager’s working set algorithms decide to repurpose the physical memory, be sent to the paging file and demand-faulted back into physical memory when referenced again. Paged pool limits are therefore primarily dictated by the amount of system address space the memory manager assigns to paged pool, as well as the system commit limit.

On 32-bit Windows XP, the limit is calculated based on how much address space is assigned other resources, most notably system PTEs, with an upper limit of 491MB. The 2GB Windows XP System shown earlier has a limit of 360MB, for example:


2GB 32-bit Windows XP

32-bit Windows Server 2003 reserves more space for paged pool, so its upper limit is 650MB.

Since 32-bit Windows Vista and later have dynamic kernel address space, they simply set the limit to 2GB. Paged pool will therefore run out either when the system address space is full or the system commit limit is reached.

64-bit Windows XP and Windows Server 2003 set their maximums to four times the nonpaged pool limit or 128GB, whichever is smaller. Here again is the screenshot from the 64-bit Windows XP system, which shows that the paged pool limit is exactly four times that of nonpaged pool:


     2GB 64-bit Windows XP

Finally, 64-bit versions of Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2 simply set the maximum to 128GB, allowing paged pool’s limit to track the system commit limit. Here’s the screenshot of the 64-bit Windows 7 system again:


    8GB 64-bit Windows 7

Here’s a summary of paged pool limits across operating systems:

32-bit 64-bit
XP, Server 2003 XP: up to 491MB
Server 2003: up to 650MB
min( 4 * nonpaged pool limit, 128GB)
Vista, Server 2008,
Windows 7, Server 2008 R2
min( system commit limit, 2GB) min( system commit limit, 128GB)

Testing Pool Limits

Because the kernel pools are used by almost every kernel operation, exhausting them can lead to unpredictable results. If you want to witness first hand how a system behaves when pool runs low, use the Notmyfault tool. It has options that cause it to leak either nonpaged or paged pool in the increment that you specify. You can change the leak size while it’s leaking if you want to change the rate of the leak and Notmyfault frees all the leaked memory when you exit it:


Don’t run this on a system unless you’re prepared for possible data loss, as applications and I/O operations will start failing when pool runs out. You might even get a blue screen if the driver doesn’t handle the out-of-memory condition correctly (which is considered a bug in the driver). The Windows Hardware Quality Laboratory (WHQL) stresses drivers using the Driver Verifier, a tool built into Windows, to make sure that they can tolerate out-of-pool conditions without crashing, but you might have third-party drivers that haven’t gone through such testing or that have bugs that weren’t caught during WHQL testing.

I ran Notmyfault on a variety of test systems in virtual machines to see how they behaved and didn’t encounter any system crashes, but did see erratic behavior. After nonpaged pool ran out on a 64-bit Windows XP system, for example, trying to launch a command prompt resulted in this dialog:


On a 32-bit Windows Server 2008 system where I already had a command prompt running, even simple operations like changing the current directory and directory listings started to fail after nonpaged pool was exhausted:


On one test system, I eventually saw this error message indicating that data had potentially been lost. I hope you never see this dialog on a real system!


Running out of paged pool causes similar errors. Here’s the result of trying to launch Notepad from a command prompt on a 32-bit Windows XP system after paged pool had run out. Note how Windows failed to redraw the window’s title bar and the different errors encountered for each attempt:


And here’s the start menu’s Accessories folder failing to populate on a 64-bit Windows Server 2008 system that’s out of paged pool:


Here you can see the system commit level, also displayed on Process Explorer’s System Information dialog, quickly rise as Notmyfault leaks large chunks of paged pool and hits the 2GB maximum on a 2GB 32-bit Windows Server 2008 system:


The reason that Windows doesn’t simply crash when pool is exhausted, even though the system is unusable, is that pool exhaustion can be a temporary condition caused by an extreme workload peak, after which pool is freed and the system returns to normal operation. When a driver (or the kernel) leaks pool, however, the condition is permanent and identifying the cause of the leak becomes important. That’s where the pool tags described at the beginning of the post come into play.

Tracking Pool Leaks

When you suspect a pool leak and the system is still able to launch additional applications, Poolmon, a tool in the Windows Driver Kit, shows you the number of allocations and outstanding bytes of allocation by type of pool and the tag passed into calls of ExAllocatePoolWithTag. Various hotkeys cause Poolmon to sort by different columns; to find the leaking allocation type, use either ‘b’ to sort by bytes or ‘d’ to sort by the difference between the number of allocations and frees. Here’s Poolmon running on a system where Notmyfault has leaked 14 allocations of about 100MB each:


After identifying the guilty tag in the left column, in this case ‘Leak’, the next step is finding the driver that’s using it. Since the tags are stored in the driver image, you can do that by scanning driver images for the tag in question. The Strings utility from Sysinternals dumps printable strings in the files you specify (that are by default a minimum of three characters in length), and since most device driver images are in the %Systemroot%\System32\Drivers directory, you can open a command prompt, change to that directory and execute “strings * | findstr ”. After you’ve found a match, you can dump the driver’s version information with the Sysinternals Sigcheck utility. Here’s what that process looks like when looking for the driver using “Leak”:


If a system has crashed and you suspect that it’s due to pool exhaustion, load the crash dump file into the Windbg debugger, which is included in the Debugging Tools for Windows package, and use the !vm command to confirm it. Here’s the output of !vm on a system where Notmyfault has exhausted nonpaged pool:


Once you’ve confirmed a leak, use the !poolused command to get a view of pool usage by tag that’s similar to Poolmon’s. !poolused by default shows unsorted summary information, so specify 1 as the the option to sort by paged pool usage and 2 to sort by nonpaged pool usage:


Use Strings on the system where the dump came from to search for the driver using the tag that you find causing the problem.

So far in this blog series I’ve covered the most fundamental limits in Windows, including physical memory, virtual memory, paged and nonpaged pool. Next time I’ll talk about the limits for the number of processes and threads that Windows supports, which are limits that derive from these.

How to add a new disk to a SQL Server Failover Cluster

When you need to add a new disk to a SQL Server 2008 R2 Failover Cluster (running on Windows Server 2008 R2), you just need to follow this steps:


1. Configure your SAN to present your disks to the Cluster Servers.

2. Detect the new disk’s at Windows Storage Manager (on both servers):



3. Add this new this to the cluster Service (Go to Server Manager –> Features –> Failover Cluster Manager –> Storage –> Right Click and click Add a Disk):



4. Go to Failover Cluster Manager –> Services and Applications, and right click SQL Server and then select “Add storage”:



5. Now it’s important, after the step 4 you can see the disk at cluster service associated to the SQL Server Service, but at SQL Server Manager, you can’t see the disk! So, you just need to add service dependence:

Right Click SQL Server Resource, and click Properties:


Click on Dependencies Tab, and then click on the last line to add a new line, and select “AND” and then select the new disk resource:



Now click Apply and OK and the new disk is now available to the SQL Server Service!



Don’t forget to click like (FB) or share this post Piscar de olho

How to Activate and Use Active Directory Recycle Bin with PowerShell

Important Note:This acction is irreversible, so when you activate the Active Directory Recycle Bin Feature you will not be able to disable this feature!


First open Active Directory Module for Windows PowerShell (You can find it on your DC Administrative Tools).

Then type this command:

Enable-ADOptionalFeature –Identity “CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=domain,DC=com” –Scope ForestOrConfigurationSet –Target “domain.com”

You need to change “DC=domain,DC=com” and “-Target “domain.com” to your domain information.


If youreceive this error:



You just need to run the Active Directory Module for Windows PowerShell with your Domain Admin and with “Run As Administrator”.


After do this here is the result:



Now the Active Directory Recycle Bin is enabled,and if you need to restore an ADObject you just need to list the recycle bin objects:

Get-ADObject -SearchBase “CN=Deleted Objects,DC=domain,DC=com” -ldapFilter “(objectClass=*)” -includeDeletedObjects | FT ObjectGUID,Name  -A




Then you can recover the Object using this command:

Restore-ADObject -Identity dd83eec4-f136-4aed-b1e1-437f7fed4f92




Hope you enjoy ;)


%d bloggers like this: