Archive for March, 2010

Microsoft TechNet Desktop Player (Beta)

March 31, 2010 Leave a comment

Microsoft TechNet Desktop Player (Beta)

Microsoft recently launched a Desktop player that allows users to consume selected Microsoft content for IT professionals and developers based on your adoption lifecycle.

The Desktop Player filters content by topic based on your role and where you are in your adoption lifecycle (Evaluation, Development/Pilot, Support).

Find videos, webcasts, podcasts, whitepapers and relevant links based on your specific criteria. And get a feed of the latest news for IT pros.

From the EULA:

The Microsoft TechNet Desktop Player (the “PLAYER”) is a content aggregator that surfaces filtered content that exist at Microsoft across various engines that have relevant contextual content for the user.

Use it online or download from

Requirements: .NET Framework 3.5 SP1 installed for the offline version and Silverlight for the online version.


Performance Tuning your Windows Server (Part 1)

March 28, 2010 4 comments

In this series of posts I’ll be describing several settings and parameters that can be tuned to optimize your server performance. I hope you’ll find them useful and help you improve your servers performance.

Note: As with all changes, you should implement the following suggestions one at a time and verify that there was a performance improvement. If system performance decreases after making a change, you should reverse the change.


Processor scheduling

Performance Options: Processor schedulingWindows uses multitasking to prioritize process threads that the CPU has to handle. The execution of a process is halted and another is started, preventing a single thread from monopolizing the entire CPU.

Switching the CPU from executing one process to the next is known as context-switching. The Windows operating system includes a setting that determines how long individual threads are allowed to run on the CPU before a context-switch occurs and the next thread is serviced.

Typically for a server, it is not desirable to allow the foreground program to have more CPU time allocated to it than background processes. That is, all applications and their processes running on the server should be given equal contention for the CPU.

To set this, Open the System Control Panel, select the Advanced tab, in the Performance frame click Settings, go to the Advance tab, and within the Processor Scheduling frame, set the Adjust for best performance of: to Background Services.


Memory usage

The file system cache is an area of physical memory set aside to dynamically store recently
accessed data that has been read or written from or to the I/O subsystem (hard drives, networks interfaces, and networks). The file system cache improves performance by reducing the number of accesses to physical devices attached to the I/O subsystem, by moving commonly used files into system cache, disk and network read and write operations are reduced and system performance is increased. You can optimize Windows server performance by tuning the file system cache.

System Cache: This option is the default setting. It instructs the operating system to give the working set of the file system cache a higher priority for memory allocation than the working sets of applications. It will give the best performance on a file server that is not running other applications.
Programs: This choice is the recommended setting for machines running applications that are memory-intensive (SQL, Exchange, etc’). With this option chosen, the working set of applications will have a priority over the working set of the file system cache.


Virtual memory

Memory paging occurs when memory resources required by the processes running on the server exceed the physical amount of memory installed. Windows uses virtual memory techniques that allow applications to address greater amounts of memory than what is physically available. This is achieved by setting aside a portion of disk for paging. This area, known as the paging file, is used by the operating system to page portions of physical memory contents to disk, freeing up physical memory to be used by applications that require it at a given time. The combination of the paging file and the physical memory installed in the server is known as virtual memory.


Physical memory can be accessed faster than the disk. Every time the operating system needs to move data between physical memory and the disk, there will be a significant system delay. While some degree of paging is normal on servers, excessive memory paging activity can effect the overall system performance. Thus, it is always desirable to minimize paging activity.

A pagefile can be created for each individual volume on a server, up to a maximum of 16
page files and a maximum 4 GB limit per pagefile. This allows for a maximum total pagefile size of 64 GB. The total of all pagefiles on all volumes is managed and used by the operating system as one large pagefile.
When a pagefile is split between smaller pagefiles on separate volumes as described above, when it needs to write to the pagefile, the virtual memory manager optimizes the workload by
selecting the least busy disk based on internal algorithms. This ensures best possible performance for a multiple-volume pagefile.

Optimal pagefile performance can be achieved by isolating pagefiles to dedicated physical drives on RAID-0 (striping) or RAID-1 (mirroring) arrays, or on single disk without RAID at all. By doing so, the PAGEFILE.SYS is the only file on the entire volume and there is no risk of fragmentation caused by other files or directories on the same volume. As with most disk-arrays, the more physical disks in the array, the better the performance.



Where pagefile optimization is critical, do not place the pagefile on the same physical drive as
the operating system, which happens to be the system default. If you don’t have a choice, put the pagefile on the same volume (typically C:) as the operating system. Putting it on another volume on the same physical drive will only increase disk seek time and reduce system performance.

To configure the PageFile, Open the System Control Panel, select the Advanced tab, in the Performance frame click Settings, go to the Advance tab, and within the Virtual Memory frame, click Change.

Best-practice tuning is to set the initial (minimum) and maximum size for the pagefile to the same value. This ensures that no processing resources are lost to the dynamic resizing of the pagefile. Setting the same minimum and maximum page file size values ensures that the paging area on a disk is one single, contiguous area, improving disk seek time.

The pagefile on all disks combined should be configured up to twice the physical memory for
optimal performance.


Related reading:

VBScript Tools and Links

March 6, 2010 Leave a comment



Here are a bunch of tools and links you’ll find useful if you are (or want to get) into scripting in VBS.


Code Collections:

TechNet Script Center Sample Scripts
Sample scripts found in the TechNet Script Center Repository.

Script Center All-in-One
Script Center All-in-One features over 160 scripting-related articles collected in a single .CHM file. This collection features all of the Tales From the Script and Office Space columns.

Sesame Script, 2005-2007
The complete collection of Sesame Script, the beginning scripting column published in the TechNet Script Center in a fully-searchable help file, with individual topics arranged by category.

SMS 2003 Scripting Guide
The SMS 2003 Scripting Guide provides over 40 scripts, ranging from tasks such as creating advertisements to running queries. It explains the basics of SMS objects, WMI, and VBScript through a series of ‘How To’ examples.


Code Generators:

Scriptomatic 2.0
Utility that helps you write WMI scripts for system administration.
Scriptomatic 2.0 isn’t limited to writing just VBScript scripts; instead, Scriptomatic 2.0 can write scripts in Perl, Python, or JScript as well. In addition, Scriptomatic 2.0 gives you a host of new output formats to use when running scripts, including saving data as plain-text, as a stand-alone Web page, or even as XML. Scriptomatic 2.0 handles arrays, it converts dates to a more readable format, and it works with all the WMI classes on your computer; on top of all that, it also writes scripts that can be run against multiple machines.

ADSI Scriptomatic
The ADSI Scriptomatic is designed to help you write ADSI scripts; that is, scripts that can be used to manage Active Directory. The ADSI Scriptomatic also teaches you an important point about ADSI scripting: like WMI, there are consistent patterns to ADSI scripts.

WMI Code Creator v1.0
The WMI Code Creator tool allows you to generate VBScript, C#, and VB .NET code that uses WMI to complete a management task such as querying for management data, executing a method from a WMI class, or receiving event notifications using WMI.
The tool is meant to help IT Professionals quickly create management scripts and to help developers learn WMI scripting and WMI .NET. The tool helps take the complexity out of writing code that uses WMI and helps developers and IT Professionals understand how powerful and useful WMI can be for managing computers.
Using the tool, you can query for management information such as the name and version of an operating system, how much free disk space is on a hard drive, or the state of a service. You can also use the tool to execute a method from a WMI class to perform a management task. For example, you can create code that executes the Create method of the Win32_Process class to create a new process such as Notepad or another executable. The tool also allows you to generate code to receive event notifications using WMI. For example, you can select to receive an event every time a process is started or stopped, or when a computer shuts down.
The tool also allows you to browse through the available WMI namespaces and classes on the local computer to find their descriptions, properties, methods, and qualifiers

HTA Helpomatic
The HTA Helpomatic is a utility that helps script writers create HTML Applications (HTAs). HTAs enable you to provide a graphical user interface for your scripts, an interface that can include anything from list boxes to radio buttons to checkboxes. The HTA Helpomatic includes sample VBScript code and sample HTML code showing you how to do things like add a button to an HTA. Equally important, the Helpomatic also shows you how you can run a script any time that button is clicked. As an added bonus, the Helpomatic enables you to modify the scripts and HTML code and test those modifications in the utility itself.

Tweakomatic is a utility that writes scripts that enable you to retrieve and/or configure Windows and Internet Explorer settings.


Language Documentation and References:

Windows Script 5.6 Documentation
Extensive reference and conceptual documentation for all of Microsoft Windows Script Technologies, including VBScript, JScript and WSH.

VBScript Quick Reference
Four-page booklet Word Document reference guide to commonly-used VBScript commands.

VBScript (Visual Basic Script)
Microsoft Visual Basic Scripting Edition (VBScript) is an easy-to-use scripting language that enables system administrators to create powerful tools for managing their Windows based computers.

WSH (Windows Script Host)
Windows Script Host (WSH), a feature of the Microsoft® Windows® 2000 family of operating systems, is a powerful multi-language scripting environment ideal for automating system administration tasks. Scripts running in the WSH environment can leverage the power of WSH objects and other COM-based technologies that support Automation, such as Windows Management Instrumentation (WMI) and Active Directory Service Interfaces (ADSI), to manage the Windows subsystems that are central to many system administration tasks.

WMI (Windows Management Instrumentation)
Windows Management Instrumentation (WMI) is the primary management technology for Microsoft Windows operating systems. It enables consistent and uniform management, control, and monitoring of systems throughout your enterprise. WMI allows system administrators to query, change, and monitor configuration settings on desktop and server systems, applications, networks, and other enterprise components.

ADSI (Active Directory Service Interfaces)
Administering a directory service often involves numerous repetitive tasks such as creating, deleting, and modifying users, groups, organizational units, computers, and other directory resources. Performing these steps manually by using graphical user interface (GUI) tools is time-consuming, tedious, and error prone. A key to reducing time consumption, tedium, and errors when administering a directory is automating repetitive tasks by using scripts.
Active Directory Service Interfaces (ADSI) is the technology that allows you to create custom scripts to administer directories. ADSI-enabled scripts are capable of performing a wide range of administrative tasks involving network directories such as the Active Directory directory service.

EventLog Query Options

March 1, 2010 1 comment

This post is actually an answer to Grant’s question.
I quote:

"I discovered eventcombmt today and have been playing round with it. I have an application whereby I want to write out a listing showing any/all accesses by a particular user. I want to run this once a day. I have not been able to figure out what the commandline switch is to specify to only scan the last 24 hours.
Do you know what it is?"


Well Grant, If you want to use EventCombMT, you can use the command line parameters /before & /after but then you’ll need to specify the full date and time in the form of MMDDYYYYHHMMSS. The date-time format needs to be exactly 14 characters, and both parameters must be used together. I think this only works in the ALTools version.

A more elegant way, would be to use Log Parser and query the Security EventLog using:

LogParser "SELECT * INTO C:\myEvents.xml FROM \\Server1\Security,\\Server2\Security WHERE EXTRACT_TOKEN(Strings, 1, ‘|’) = ‘myUser’ AND TimeGenerated >= TO_LOCALTIME(SUB(SYSTEM_TIMESTAMP(), TIMESTAMP(’23:59:59′, ‘hh:mm:ss’)))"

(You can open the C:\myEvents.xml with Excel as an XML table).


But… A simpler way, would be to use PsLogList from the Sysinternals Suite and run the command:

PsLoglist \\Server1,Server2 -s -h 24 security |find "myUser" >c:\myEvents.log


Which one do you prefer?