Introduction to Windows Server 2003 Task Manager
When it comes to checking a Windows Server, do not neglect the trusty Task Manager. There will be occasions when you just
need a quick piece of system information, calling for your task manager can be
just as effective as creating performance logs but much faster.
 Let us start with a flashy way of executing the Task manager with: CTRL +SHIFT +ESC.
If you have long fingers, try
launching it with just your left hand. (As ever Microsoft provide at least 3 ways
of doing everything, thus in addition to Run taskmgr, you can also right click the grey bar at the bottom of your
screen and select Task Manger.)
Each of Task Manager's five tabs
has it's own personality, I recommend that you get to know the capabilities of each one. An application tab
for zapping programs, a process tab for checking for viruses, a performance tab
to calculate pagefile and now a network utilization tab to see how much activity
there is on the LAN or WAN.
Topics for Task Manager
in Windows Server 2003
‡
No doubt you have already used task manager's Application Tab to end process
for programs that hang or do not respond. Assuming that your group policy
allows users access to this tab, why not send out an email reminding users of
how to use this Applications tab when their machine hangs and programs are 'Not
Responding'. I admit that this tip may not work if Group Policy prevents the users launching Task Manager. However, in Vista there is a trend to empower users where the task has no security
implications.
Another use of the Applications Tab is to discover the underlying Image Name
of a program, simply right click and then select: Go to Process.
One of the joys of using any new program is setting the preferences.
With Task Manager (taskmgr) I like to remove the tick which says ' Always on top'. (Option
Menu).
Guy Recommends: SolarWinds Engineer's Toolset v10
The Engineer's Toolset v10 provides a
comprehensive console of utilities for troubleshooting computer problems. Guy says
it helps me monitor what's occurring on the network, and the tools
teaches me more about how the system literally operates.
There are so many good gadgets, it's like having free rein of a
sweetshop. Thankfully the utilities are displayed logically: monitoring, discovery, diagnostic, and Cisco tools.
Download your copy of the Engineer's Toolset v 10
The Process Tab is a key place in the Task manager for the support professional to investigate, in fact the more 'Image Names'
that you can identify the better techie you are.
By matching Image Names more processes to programs,
the easier it is detect
impostors such as viruses. Moreover, by identifying the 'good guys' you will learn how
applications such as Exchange and SQL interact with the operating system.
At first a process called svchost seems suspicious. Could you have been infected 7 times by
a strange virus? No, svchost is the generic name for an image shared by the
operating systems services, for example, Alerter, Net Logon, Print Spooler.
The interesting fact about all these svchost is that certain services would fight if
put together in the same Image Name process, therefore, the operating system separates
incompatible services and puts them in separate svchosts. Incidentally, PowerShell can identify which processes are in which svchosts.
Returning to the theme of identifying rogue programs, what
would think if you saw Avgserv and Agvcc32 amongst the image names? When I
saw these processes, I must
admit my heart missed a beat. At first I thought my machine has been infected by a virus,
but no, it was actually my virus checker which had installed itself as a
process. Naturally I left that running!
How about msblast.exe? Was this a game that my nephew
had
installed on my XP machine? Well I tried a search in Google and up came W32/BlasterA virus.
Here was a case where I needed to check the registry as the blaster virus
cunningly re-infects those who are not diligent. Other viruses have more
innocuous names like Tlntsvr.exe and Wina.exe, so this is why I urge you to
know the Processes Image names.
View Menu, Select Columns
When using the Processes tab to troubleshoot be aware that you can add extra
columns, for example Virtual Memory, IO Reads and Writes. Again, my idea is
to use the Task Manager to display information quickly without resorting to
setting up the System Monitor and Log Counters.
Adjust Priority, Set Affinity
If you right click any process then you can adjust Priority, typically if you
have a spreadsheet calculating in the background, you may want to give a foreground application like Outlook more CPU time slices. Note, never set programs to Real Time, it will cripple your machine and
require a reboot - you have been warned!
Affinity means that one program can be associated exclusively with one
processor, naturally you need a multi processor machine for this setting to even
appear. In truth, Affinity is a case of 'Mother knows best'. Guy
says leave alone, unless someone has got in before you and incorrectly set
affinity, leave it to the operating system.
My main use of this Tab is to check memory. In particular, to check on
the size of the pagefile. Now I have read many articles about how big to set the page
file. Experts say use RAM x 1.5 whilst others say RAM x 2. Guy says
suck it and see. By that I mean compare two figures: Commit Charge (K)
Limit with Peak. You may have already guessed that the Commit Charge (K)
is the sum of RAM + Pagefile.
In the Diagram above the Limit is 1280032 (I wish Task Manager would add commas!)
Whilst the
Peak is 617564. My interpretation is that this machine has a big enough page
file. However if the Peak was 1MB (1000000), then I would declare that the
pagefile was not big enough and I would take action in the System Icon. If the Peak was below 400000 and I was desperate for the disk space, then I would even reduce the pagefile.
Leaky Memory
Keep your eye on Kernel Memory, Nonpaged. These days servers need
rebooting less frequently, if you have a 'leaky app' then over time, Nonpaged memory will
gradually increase. Confirm any suspicions with View, Select Columns,
Non-Paged Pool.
 Guy
recommends: The SolarWinds ipMonitor
I am attracted to
ipMonitor
because it inhabits that zone of part work, part play; Guy just could not put
the dashboard away. This excellent performance monitor will get you
started in the quest to remove bottlenecks on your network. SolarWinds
provides this fully-functioning product free for 21 days. So download and
install ipMonitor, then start scrutinizing your computers CPU, memory and disk
performance.
Installing ipMonitor is a breeze, but learn from gung-ho Guy's mistake, and
install SNMP on each computer that you wish to monitor. What sealed my
unreserved recommendation of SolarWinds is their support team, you will get
expert help even when you are evaluating the ipMonitor.
Download SolarWinds ipMonitor (21 days eval)
This is a great utility to view network utilization. This Networking Tab is a new Task
Manager interface in XP and Server 2003. In fact it is difficult if not
impossible to create performance logs to measure % Network utilization.
Call me a 'Luddite' but I have never had much use for this tab on my Windows
2003 Server. When I want to check which users connected to the server, I
prefer the Shared Folder snap-in.
Another reason that I do not use the Users Tab is that with XP you only see
this machine if it's part of a Workgroup and you are using 'Fast User
Switching'. Therefore in a domain, this Users Tab is absent.
When I was a 'greenhorn, (many, many years ago) I fell into the trap of carelessly
double clicking inside Task Manger, as a result the top menu with File,
Option, Help disappeared. I could not understand what had happened until I double
clicked near the top, and lo and behold, the menu reappeared. It was a
beginner's
mistake; I mention it because there are about 3 or 4 other Microsoft programs
that display the same menu behaviour when you double click on their title area.
Summary of Task Manager (taskmgr)The number of Task Manager tabs is steadily increasing. On Windows Server 2003 we have Applications, Process, Performance, Networking and Users. Press CTRL,
Shift, Esc and launch Task Manager, in particular get to know the Processes, what you are looking for is viruses in among the regular programs. To be successful you have to become a minor expert on
svchost and the other processes.
See Also
● ADSI Edit
● ADSI More Examples ●
ADModify
● LDP ●
Replmon
●
Performance Monitor Tool
|
