When thinking of a position in server or system administration, we often recall images of designing infrastructure, spinning up new servers, and implementing new technology. The truth can reflect those items, but it can just as easily include 3 A.M. wakeup calls to deal with a system being down, poring over event and diagnostic logs, and living on Google and Bing when your acquired knowledge and wisdom just isn't cutting the mustard. Sometimes, hardware breaks. Other times, software freaks out. Certificates expire, internet connections fail, and occasionally, you work on an issue from a certain angle all day only to discover in the end that it was being caused by something entirely different. Working in IT can bring with it great mysteries every single day, which is one of the reasons I love it. This final chapter uncovers some of the tools available in Windows Server 2019 that can assist with troubleshooting and repair:

• Backup and...

The need to back up and occasionally restore your servers is, unfortunately, still present in Windows Server 2019. I dream of a day when servers are 100 percent reliable and stable throughout their lifetimes, unaffected by viruses and rogue software, but today is not that day. While there are many third-party tools available on the market that can improve and automate your backup experience when managing many servers, we do have these capabilities baked right into our own Server 2019 operating system, and we should all be familiar with how to utilize them. Maintaining good backups should be priority number one for any business and is the most important troubleshooting component that exists. There is a myriad of reasons why you may fail to repair a server that is having a problem, and sometimes, your only two options are to build from scratch or restore from backup. Ransomware attacks are on the increase, and attackers are targeting companies of all sizes. If you...

If you can remember all the way back to Chapter 1, Getting Started with Windows Server 2019, you'll know that we already discussed Task Manager. There, we described how to launch it and took a quick look at the different tabs available inside Task Manager. While there is no need to re-hash the same information here, it is important to note Task Manager in this chapter regarding troubleshooting, because it is one of the first places you should visit on any server that is portraying performance problems or otherwise strange symptoms.

Task Manager gives you a quick glance at the overall CPU and memory utilization on a server, letting you know how taxed the server is. One of the most common tabs to review on any server is Processes, which allows you to sort all the running applications and processes by their CPU or memory consumption, which can quickly identify a problematic application that may be hindering the entire server. Once identified, you can easily right...

Like Task Manager on steroids, Resource Monitor can take system monitoring and troubleshooting even further. There is plenty of the same information that we just experienced inside Task Manager but laid out in a different format. CPU, memory, and disk utilization metrics are present, as well as monitoring of your network interfaces. There are various ways to sort the items utilizing resources, quickly identifying the high hitters for CPU and memory, and there are also right-click functions to end or suspend processes. On the Overview tab, as shown in Figure 15.13, you can see that I can quickly identify the reason for my high CPU utilization – PowerShell is consuming almost 100% of available CPU resources:

Figure 15.13: Using Resource Monitor to investigate high CPU utilization

Exploring the different tabs inside Resource Monitor will show you more detailed information about CPU, memory, and even disk resource consumption. This is particularly...

Another built-in monitoring tool is called Performance Monitor, commonly referred to as Perfmon. Almost every component inside Windows Server has predefined performance monitor counters, and Perfmon taps into those counters to display extremely in-depth information about what is happening with those components, but only when you specifically set up reporting to see it. Perfmon does not log anything by default, because to do so would consume plenty of server resources, so this tool is generally only to be used temporarily during troubleshooting or for a specific reason, and then disabled again when you are finished.

The easiest way to launch Perfmon is to Start | Run or open a Command Prompt or PowerShell, simply type Perfmon, and then press Enter. This launches the interface and by default, you can see that it has plugged in a counter for % Processor Time. You can obviously find CPU percentage information in much easier and better-looking places than Perfmon...

When thinking about Windows Server troubleshooting, the firewall is probably not one of the first things that comes to mind. However, the Windows Firewall with Advanced Security console can be a very friendly tool for identifying and resolving issues that crop up related to networking on our servers. While reading this book, you have already been given instructions on some of the most important things that you can do within WFAS. We discussed the three different firewall profiles and the fact that each individual NIC on a server could be utilizing a different firewall profile. This knowledge really comes into play within a corporate domain environment. When servers are running inside your network and can contact a domain controller, their NICs that are connected to that network should always self-assign the Domain firewall profile. This is important because the firewall rules you expect to be in place while that server is inside the network...

We summarized System Insights in Chapter 1, Getting Started with Windows Server 2019, but we definitely want to revisit it here in our chapter on troubleshooting. This is because this tool gathers all the right parts and pieces to help us build a comprehensive story about what is going on with our servers, and to help predict critical points at which servers may run out of resources and need to be upgraded or expanded.

System Insights is all about predictive analytics. It is available on any Windows Server 2019 (you just need to enable it) and utilizes performance counters to monitor the system and record data. This data is stored on the local server, which is important because it means you do not have to go through a bunch of work and hoops to implement some kind of centralized database for retaining the data, nor do any cloud work to maintain these metrics. The information collected by System Insights is individual per server and is retained on each server for...

Here is another section where you already have the information you need if you have been working through this book from start to finish, but it never hurts to receive a gentle reminder on taking what you have learned and putting it into practice.

Remote Desktop, Hyper-V Console, PowerShell, Sconfig, Windows Admin Center, MMC consoles, Server Manager. These are all different tools, any of which could be used to accomplish similar tasks on your servers. I love training new IT staff into our service desk and working alongside them on tickets, especially in areas where they have limited experience and are hesitant to dive in. Using the Remote Desktop client to RDP into servers is still by far the most common way that administrators log into their servers to make changes or for any reason, and when you do that all day every day, it is easy to forget about all the other ways that you can interact with those servers. RDP is one of the first things that will quit working...

Any investigatory work on a server is well-complimented by Windows Event Logs. Sometimes you catch a server in the act of misbehaving and can utilize all the tools we have discussed so far to figure out, in real time, what is happening and how to remediate it. Other times, you may have experienced a problem – an unexpected restart of a server is a prime example – and even though things are running smoothly again, you are now tasked with answering that enormous question, "What happened?"

The Windows operating system logs a lot of data, all the time. These logs can answer questions when nothing else in the system can, as it provides a historical roadmap of wins and challenges happening within the OS, visible in static text where patterns emerge and details are given.

The tool that is home to Windows Event Logs is called Event Viewer. Opening Event Viewer can be accomplished in a few ways. You could seek out Event Viewer in the Start search...

You have probably noticed that many of the management consoles that we utilize to configure components inside Windows Server 2019 look pretty similar. What happens under the hood with a number of these consoles is that you are actually looking at a snap-in function, a specific set of tools that are snapped into a generic console tool called the Microsoft Management Console, more commonly referred to as MMC. In fact, rather than opening all these management functions from inside Server Manager, for many of them, you could simply type MMC by navigating to Start | Run or Command Prompt and invoke the generic MMC console. From here, you can click on the File menu and choose Add or Remove Snap-ins:

Figure 15.27: Using MMC to snap in management consoles

Choose the management snap-in that you would like to work in and add it to the console. There are a large number of management functions that can be accessed through the standard MMC console, and even some...

Designing and building brand new servers rarely presents challenges, and if they are encountered, those issues are typically low priority, since the new server won't yet be affecting a production workforce. Troubleshooting servers, on the other hand, can be very stressful and requires quick, on-the-fly recollection of tools and command sets available inside the operating system that can be used to identify issues and resolutions. I hope this chapter has given you the ammunition needed to feel more confident in those situations and to become the "go-to" person in your IT department when it comes to diagnosing server problems and digging deep into problems that arise.

This brings us to the end of our story on Windows Server 2019. Many of the topics we discussed could fill entire books, and I hope that the ideas provided in this volume are enough to prompt you to dig further into the technologies that you plan to work with. Microsoft technology reigns supreme...

1. What is the MSC shortcut for opening Active Directory Users and Computers?
2. True or False – You should always store server backups on the same server that you are backing up for performance reasons.
3. Which Windows monitoring tool can be used to graph CPU utilization over a 24-hour period?
4. True or False – System Insights stores all data on a centralized RADIUS server.
5. What is the MSC shortcut for opening Windows Defender Firewall with Advanced Security?
6. Which PowerShell cmdlet can be used to gather Windows log files?
7. Which Event ID can be used to calculate system uptime?