These are a few of my favorite tools (part 1)
Often times people ask what sorts of tools and logging we use, and why we use them. I thought I’d share a few with y’all. These are some of the ones I find myself using more than most. I’m sure I’m forgetting some key ones, but I’ll revisit this topic I’m sure.
Server Performance Advisor (SPA)
SPA is a tool that I use to diagnose performance issues. While Perfmon is great and putting the counters in front of you, SPA encapsulates a ton of logic and can perform some pretty solid diagnostic work in the area of AD / ADAM performance. It helps you understand what your directory is busy doing, and what work is bogging the server down.
Using LDP (the STATS control) and inefficient and expensive search logging
https://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnactdir/html/efficientadapps.asp
Often times we have a single query that we know is slowing us down, but we want to understand why that particular query is slow. The STATS control, when issued with a query, returns additional diagnostic information about the processing of that query which can help you make better choices around query optimization.
Inefficient and expensive search logging allows you to log events that indicate what queries are bogging down your server with custom-defined thresholds of what you consider egregious and worth flagging. This provides some overlapping data with what one might obtain by running SPA, but it is very targeted at just giving you data about this subset of queries which your directory services.
From the Windows support tools, repadmin
Repadmin is one of the more powerful AD tools out there. People typically use it for replication status reporting, but it has many other interesting uses as well. My favorite switch which does not directly report replication status information is /showattr, which lets you issue arbitrary queries against one or many DCs for reporting in a more distributed fashion.
Be sure you use repadmin from the Server 2003 CD or from ADAM. We added many new features as of those releases.
You’ll find that, going forward, I’ll probably reference repadmin a lot and use sample syntax for it. I really use this tool as one of my primary troubleshooting tools.
FRSDiag & Ultrasound
Anyone who has worked on FRS issues in their environment has probably realized that out of the box diagnostic logging in FRS is not detailed enough to give meaningful data which lets you resolve issues. In response to this, we released FRSDiag. This tool aims to collect data from many different replicas in a given FRS replica set at once and aggregate the data such that analysis can be performed quickly.
In the area of proactive monitoring, Ultrasound is the Microsoft tool for FRS health. This tool installs an agent on the servers hosting the replica’s and regularly collects health information such that you can ensure replica health at all times.
UserEnv logging
https://support.microsoft.com/default.aspx?scid=KB;EN-US;221833
Anyone who has had a group policy issue has probably been asked to collect a userenv log. UserEnv logging can be flipped up on the fly through the modification of a single registry value, UserEnvDebugLevel. My personal value of choice is 10002 (hex), and I’ll then collect the UserEnv.log file for inspection. Often times you can find a policy issue upon first glance at this log.
UPHClean
https://support.microsoft.com/default.aspx?kbid=837115
Once you’ve dug in to a profile unload problem you realize that they can often be difficult to track down and even more difficult to resolve. In response to this, we released UPHClean. This tool helps diagnose the offending process / application so you can understand what it is that is keeping handles on resources required to be released during the profile unload process.
Today there was actually an article in a magazine (thanks to an MVP for pointing it out to me) that listed what they felt where the 5 most important AD tools out there. While I haven’t actually used these myself, it is always interesting to hear what others think. That article can be found here: https://www.windowsitpro.com/Windows/Article/ArticleID/43879/43879.html
That’s enough on tools for a while. I’m sure this topic will be mentioned over and over again as the months pass by. There is really an endless supply of good tools out there. Do holler with your favorites.
(UPDATE: fixed an incorrect link next to UserEnv logging)