TIP:Delegate Control to Users to Work with GPOs

Delegate Control to Users to Work with GPOs

Follow Our Daily Tips
• TechNet Tips library

You can allow a nonadministrative user or a group (including users and groups from other domains) to work with a domain, site, or OU GPO by granting one of three specific permissions:


Read Allows the user or group to view the GPO and its settings.
Edit Settings Allows the user or group to view the GPO and its settings and also change settings. The user or group cannot delete the GPO or modify security.
Edit Settings, Delete, Modify Security Allows the user or group to view the GPO and its settings and also change settings, delete the GPO, and modify security.

To grant these permissions to a user or group, follow these steps:

1. In the GPMC, expand the entry for the forest you want to work with and then expand the related Domains node.
2. Expand the node for the domain you want to work with. If you don’t see the domain you want to work with, right-click Domains and then click Show Domains. You can then select the domains you want to display.
3. Select the Group Policy Objects node, and then select the GPO you want to work with in the left pane. In the right pane, select the Delegation tab.
4. The current permissions for individual users and groups are listed. To grant permissions to another user or group, click Add.
5. In the Select User, Computer, Or Group dialog box, select the user or group and then click OK.
6. In the Add Group Or User dialog box, select the permission to grant: Read; Edit Settings; or Edit Settings, Delete, Modify Security. Click OK.

The list of users and groups on the Delegation tab is updated to reflect the permissions granted. If you want to remove this permission in the future, display the Delegation tab, click the user or group, and then click Remove.

Hyper-V Cloud

Hyper-V Cloud

blauge

8 Nov 2010 10:21 PM

• Comments 0

To help you deploy commercial private and public clouds based on Windows Server 2008 R2 Hyper-V, System Center, and related products, Microsoft offers a set of programs and initiatives called Hyper-V Cloud. These programs can help you:

Build your own private cloud with help from the Hyper-V Cloud Deployment Guides and Hyper-V Cloud partners.

Your private cloud will offer a dynamic, virtualized infrastructure that will enable you to move applications seamlessly between private, hosted, and public cloud environments, and give you many other advantages of cloud computing

Get a pre-validated private cloud configuration from Hyper-V Cloud Fast Track OEM partners. Hyper-V Cloud Fast Track partners have worked with Microsoft to combine hardware and software offerings based on a reference architecture for building private clouds.

Find a service provider in the Hyper-V Cloud Service Provider Program who can host a dedicated private cloud for you.

TechEd 2010: Attack and Defence: Authentication and Passwords!

TechEd 2010: Attack and Defence: Authentication and Passwords!

PTSAustria PTSAustria

9 Nov 2010 4:03 AM November 9, 2010 4:03 AM

Markus Murray – mein absoluter Lieblingsspeaker auf der TechEd ! Mark Murray - my favorite speaker at TechEd!
Wahrscheinlich fürcht ich mich gleich wieder ;) Probably I fear me again;)

Er zeigt das Cain Tool her – er ist damit in der TechEd herumgegangen und hat eine lange Liste an Kennwörtern (IMAP) herausgefunden und gezeigt ;) He shows her the tool Cain - he walked to the TechEd and has a long list of passwords (IMAP) found out and shown;)

Ich lege einen Computeraccount an: I create a computer account:

P2V fails with Error 2910 (0x80070005) Access Denied

P2V fails with Error 2910 (0x80070005) Access Denied

from TechNet Blogs by mbriggs

Symptom

When using Microsoft System Center Virtual Machine Manager 2008 to perform a Physical-to-Virtual conversion (P2V), the following error message appears during the Scan System phase.
Error (2910)
VMM does not have appropriate permissions

Reading LDAP SSL Network Traffic with NetMon 3.4 and NMDecrypt

Reading LDAP SSL Network Traffic with NetMon 3.4 and NMDecrypt

 

Hi folks, Ned here again. Today I show you how to decrypt LDAP traffic protected by SSL by using Network Monitor and its handy add-on NetMon Decryption Expert. This is useful when you need to see what an application is asking your domain controllers, especially when that app has lousy logging. Since the traffic is all encrypted on the wire, ordinary network captures are useless.
I’m not going to explain LDAP and SSL as we already have some great articles by James, Mike, Rob, Randy, and Dave here:

http://blogs.technet.com/b/askds/archive/tags/ldap/

This is also possible to do in WireShark but naturally, you’re on your own there. Let them write some darned blog posts for once.
I like screenshots!

What you need

First download your tools:

• NetMon 3.4 or later
• NMDecrypt 2.2 or later

Install these on the computer that’s talking LDAP; this could be the DC or a member server or a client or whatever. If you are troubleshooting a non-Windows OS then the DC is your only choice, obviously.
Note: NMDecrypt has its own support channels with a discussion group and issue tracker. They also have the people you can contact. They are probably not AskDS readers so using our Comments section is not the best use of your time.

Getting the data

It goes without saying that this is all being done in your test lab, mmmmmkay. Don’t have a test lab? Come back later when you do.

1. Fire up NetMon, pick your network(s), and start capturing without filters.
2. Make the application start sending encrypted LDAP traffic. Naturally, you won’t be able to easily capture an LDAP application running on a DC itself, so use at least two computers to test. In my examples, I use LDP.EXE because it’s the closest thing to a “pure” LDAP client in Windows; PowerShell, ADSIEDIT, and other tools usually go through various levels of abstraction. LDP also obeys orders unlike many third party apps. You can download LDP with the Win2003 Support Tools. It’s included in Win2008/2008 R2/Vista RSAT/7 RSAT.
So in my example, I start up LDP.EXE and connect with port 636 and SSL set. Then I bind with my credentials and navigate (i.e. LDAP query) through a few levels until I return data for a user named Alice Scott.





In my example, this returned lots of unreadable data:

3. Filter your capture display by the IP address of the computer sending LDAP traffic and by “TLS”. This allows us to see the SSL handshake process, including the “Server Hello”:

The “Server Hello” is the response frame that tells the application which certificate is being used by LDAP to create the SSL-encrypted session. Examine the frame’s “Cert” field, and then drill down to the “SerialNumber” and “IdCeSubjectAltName” fields. These give important certificate uniqueness info that we can use later to identify which certificate was being used on the DC. Below I have an example – you will have completely different values obviously:




4. Now decrypt the traffic and this requires an exported PFX file copy of the certificate that was used on the DC to encrypt this traffic. Things can get gummy here so pay close attention.
A. Start MMC.EXE on that DC and add the Certificates snap-in for the Computer store:

B. Examine the certificates. There may be a bunch or only one. You need to open each certificate and look at the details tab for the “Serial Number” and “Subject Alternative Name” fields. The certificate that matches your network capture data is the one you used.

C. Now right-click that certificate and select All Tasks then Export. This is where things get sticky – if the certificate has “yes, export the private key” grayed out, you cannot proceed. So the screenshot below is bad news:

When you decrypt the network capture later you will need a server authentication certificate PFX file that includes the private key info. So if the certificate being used doesn’t allow this, you will need to issue a new certificate that does allow private key export.
To fix this you change whatever server authentication certificate template that is being used for issuing to your DC to allow private key exports. In my example I have altered the built-in Domain Controller Authentication template to do this – I am doing this out of convenience in a lab, not need. You may decide to do something totally different. For instance, creating a special certificate for this troubleshooting is a good idea; only that DC could be allowed to enroll to minimize your risk, based on the template security. This can all be done through the Certificate Templates snap-in in an MMC console on your certificate authority.

If you are using certs issues by a third party that you have no control over, stop here: you cannot decrypt these captures. And you paid for that privilege… :-/

Having ironed all that out, request or auto-enroll that certificate to this DC so that it can be used for decryption. The old server authentication certificate will need to be deleted or it will simply keep being used. If it is being used for other things or if its deletion might break something, you need to stop now and take stock of this entire exercise. But since you’re in a test lab (right?!?!) it’s probably fine to zap it.
D. If you had to get a new certificate, you need to repeat all the steps leading up to here and confirm that your new certificate was used. At this point you can now export the certificate with the private key in a PFX format. Make sure you put the file somewhere safe and that it is named appropriately. You must set a password and it should be a good one.

5. Make sure you have the “All Traffic” node selected in the Network Connections pane – not “My Traffic” or any conversations. Now you decrypt the traffic with NMDecrypt. Click:
Experts –> NMDecrypt –> Run Expert.

6. NMDecrypt makes you save a copy of your capture. Select your saved PFX file by browsing the “server Certificate Path” and enter the password. Specify an output capture file in the “decrypted file path” field. You don’t have to specify a log unless you get errors with decryption.

7. Click “Start” and the new CAP file will be created with all the SSL/TLS traffic decrypted and readable. This capture stands on its own so you can give it to others without the need to provide any certificates. To see the good stuff, use the following display filter in the capture:
DecryptedPayloadHeader

Now everything is readable (the filter removes a lot of the chaff created by the expert to render the translated frames). That previous capture was just a series of “Encrypted over SSL” message. In my example now, I can see all this attribute data being returned for the Users container and Alice Scott when I was querying with LDP. Sweet!

Naturally, everything I talked about today works for SSL-encrypted traffic in general. HTTPS web traffic can be analyzed with the same technique, for instance.
Don’t forget to delete that exported certificate when you’re done!

Common Mistakes

• Error “SSL Frames are not found in the current capture file”

This means that you did not select the “All Traffic” node when you started the expert. It must be selected.

• Error “Invalid Key Exchange data or Invalid Certificate”

This means you exported the wrong certificate and tried to decrypt with it. Go back to step 3.

Important Side Note

If you are allergic to network captures and the LDAP is coming from a Windows Vista or later computer, you can use ETW to leverage client tracing to see traffic before decryption or after decryption. Rather than reinvent those steps I recommend you examine these excellent write-ups:

• LDAP client tracing... (Spat’s blog)
• Tracing LDAP calls with Powershell (BSonPosh‘s blog)

Windows Server 2008 R2 Active Directory–Recycle Bin

Windows Server 2008 R2 Active Directory–Recycle Bin

With  Recycle Bin now available I may now be able to get a job in Active Directory, as it provides recovery form the sort of finger trouble I occasionally suffer from.  To use it you need to turn on the feature and this ironically cannot be undone, as it changes the way deletes are handled from this


to this..

. 
My screencast on the subject is here..

Note your forest functional level of Active Directory needs to be at the Windows Server 2008 R2 level for this to work
For more detail on the active directory recycle bin and a simple step by step guide please go to TechNet here

IIS Application Pool Tracking

Tip 40: IIS Application Pool Tracking

This tip pertains to all versions of SharePoint and no versions of SharePoint. It is really more of an IIS troubleshooting tip.
When strange things happen to IIS application pools I am reminded of the old public service announcement, “Do you know where your children are?” Well, do you know what your application pools are doing? When was the last time one restarted? What is the history of restarts? If you cannot answer these questions read ahead.
To find out when an application pool has started or how long it has been running use Process Explorer to view the time the application pool process started.

1. Download Process Explorer from http://live.sysinternals.com/procexp.exe.
2. Run Process Explorer as a local administrator.
3. Scroll down the main Process Explorer window until you see some processes whose names are w3wp.exe.
   
4. Enable the Command Line column in the main Process Explorer window by right-clicking on a column header and selecting ‘Select Columns’.
5. Add the ‘Command Line’ column and click OK.
6. Find the application pool that you want more information on by expanding the ‘Command Line’ column and finding the name of the application pool.
7. Double-click the process in the main window; this will bring up the Properties page. Look at the Started time.

Now that you can find out the current start times of application pools how do you get a history of when application pools have been restarted.
Enable logging of application pool restarts to the Event Log; http://support.microsoft.com/kb/332088. To make a long KB simple; use the following command to enable the logging of all types of restarts for an application pool:
cscript adsutil.vbs Set "w3svc/AppPools/<App Pool Name>/LogEventOnRecycle" 255
To disable logging of recycle events for an application pool use the following:
cscript adsutil.vbs Set "w3svc/AppPools/<App Pool Name>/LogEventOnRecycle" 0
After the logging is set there is no need to IISRESET or reboot, the change is instant.
To view the recycle events open Event Viewer on the machine and look in the System Event Log for the following event ids: 1074, 1075, 1076, 1077, 1078, 1079, 1080 and 1177.
Now you can keep track of those application pools.

How to determine if a cluster is over-committed in System Center Virtual Machine Manager 2008

How to determine if a cluster is over-committed in System Center Virtual Machine Manager 2008

 

Just a heads up on a new KB article we published on how to determine if a cluster is over-committed in System Center Virtual Machine Manager 2008.  If you do any kind of admin work with System Center Virtual Machine Manager 2008 you'll want to add this to your favorites.
=====

Symptoms

The cluster status displayed in the System Center Virtual Machine Manager 2008 Administrator's Console may change from "OK" to "over-committed" after a cluster refresh operation completes.
Note : The host status values do not change in the VMM Administrator Console until the VMM server performs a host refresh, which runs automatically every 30 minutes. You can run a refresh on demand by right-clicking the host and then clicking Refresh.

When the displayed status of a managed cluster becomes over-committed then the administrator is not able to use this cluster for placement of virtual machines for new or migrated virtual machines.

Cause

This occurs because the sum of free slots in the entire cluster is greater than the sum of slots in the largest host (both free and used).

Resolution

The resolution will depend on a variety of factors. The primary factors are
·         The cluster reserve value defined in SCVMM console
·         The amount of memory in each cluster node
·         The amount of memory assigned to each VM
·         The placement of the VMs on nodes in the cluster
Below you will see a discussion on how to determine if a cluster is over-committed. This will help to demonstrate how the factors mentioned above play a role in a cluster showing as over-committed.
In some cases, the resolution might be as simple as ensuring an even distribution of VMs on each cluster node or ensuring all nodes have same amount of RAM. A more advanced resolution might require considering memory requirements of VM’s and placing VMs with similar memory requirements in the same cluster.
How VMM determines if a cluster is over-committed:
1. Find out the HAVM with the largest allocated memory across all nodes in the cluster.  The allocated memory of this VM represents the size of a slot.
2. Calculate number of “used slots” on each host:
Note : More than one virtual machine can be used to fill a slot.  For instance, if the slot size is 8 GB, two virtual machines with 4 GB RAM each can be used to fill one slot.

a. Using the slot size determined in step 1, group as many VMs as possible into a slot based on their allocated memory.  

i. For example: Consider case of three VM’s with 2,4 and 8 GB of memory allocated and a slot size of 8GB. 2 slots would be required to group the three VM’s without exceeding the slot size.

b. Continue the process until all VM’s have been grouped into a slot.

c. The number of groupings will be the number of “used slots"

3. Calculate number of “free slots” on each host:

a.  Determine the physical memory on the host

b.  Determine the host memory reserve defined in SCVMM for each node

c.  Determine the memory allocated to each VM
d.  Plug the values into the following formula and divide by the slot size determined in step 1.
                 (PhysicalMemory – HostMemoryReserve – VMMemory) / SlotSize
4. Determine the number of slots that need to be in reserve.
The cluster reserve, R, defines the number of nodes that we must protect against failing. By summing the number of “used slots” and “free slots” on the R largest host[s] we are able to the determine number of slots to be held in reserve.
5. Determine if the Cluster is over-committed. As long as the number of “free slots” in the entire cluster (summation of # obtained in step 3) is greater than the slots that need to be in reserve (step 4), the cluster is not overcommitted.
Example:  Overcommitted formula implementation
Cluster name:  VMM-Cluster1
Cluster reserve = 1
Cluster nodes:  All cluster nodes run on identical hardware with 32 GB RAM each
                N1: VMM-ClusterN1
N2: VMM-ClusterN2
N3: VMM-ClusterN3
N4: VMM-ClusterN4
Virtual Machines on this cluster:  16
Note : This example assumes that the default value for the cluster reserve of 512kb.   It is common for this value to be increased and subsequently impacts this calculation.

6. Find the HAVM with the largest allocated memory to define the slot size. Using the above table as our example, we see the largest memory allocated for any VM is 8GB. This represents the slot size for this cluster at this time.
7. Calculate number of used slots on each host:
Based off of an 8GB slot size and being able to fit more than one VM per slot until reaching the 8GB maximum, we determine the number of “used slots” per host (see above table for details):
VMM-ClusterN1:  3
VMM-ClusterN2:  3
VMM-ClusterN3:  2
VMM-ClusterN4:  1
8. Calculate number of “free slots” on each host:
                                (PhysicalMemory – HostMemoryReserve – VMMemory) / SlotSize
Note : We can’t have a partial slot. If the formula returns 1.8 slots, then use a value of 1.
VMM-ClusterN1:  1 slots (32GB - 512kb - 20GB in use / 8GB)
VMM-ClusterN2:  1 slots (32GB - 512kb - 18GB in use / 8GB)
VMM-ClusterN3:  2 slots (32GB - 512kb - 10GB in use / 8GB)
VMM-ClusterN4:  2 slots (32GB - 512kb -   8GB in use / 8GB)
9.  Determine the number of slots that need to be in reserve
Cluster Reserve is 1, so we look for 1 largest host(s). In our example we determine nodes 1, 2 and 3 represent the largest total slots per node. We will use VMM-ClusterN1 as the host that represents the total number of slots that must be held in reserve

10. Determine if the Cluster is over-committed
Add up the free slots of remaining hosts:
VMM-ClusterN2:  1
VMM-ClusterN3:  2
VMM-ClusterN4:  2
      Total:  5
As long as the number of free slots in the entire cluster (summation of number obtained in step 3 minus the largest host) 5 is greater than sum of slots in the largest hosts (both free and used) 4, the cluster is not overcommitted.

More Information

HAVM Placement and “Over-committed” Status
Cluster reserve is a unique feature of VMM 2008 and VMM 2008 R2.The cluster reserve specifies the number of node failures a cluster must be able to sustain while still supporting all virtual machines that are currently deployed on the clustered hosts. If a host cluster cannot withstand the specified number of node failures and still keep all of the virtual machines running, the cluster is placed in an Over-committed state.
For example, if you specify a cluster reserve of 2 for an 8-node cluster, the rule is applied in the following ways:

• If all 8 nodes of the cluster are functioning, the host cluster is marked over-committed  if any combination of 6 nodes (8-2) in the cluster lacks the capacity to accommodate existing virtual machines.
• If only 5 nodes in the cluster are functioning, the cluster is marked Overcommitted if any combination of 3 (5-2) nodes in the cluster lacks the capacity to accommodate existing virtual machines.

When placing a virtual machine in a failover cluster, the placement process in VMM calculates whether the new virtual machine will over-commit the cluster. If the action will over-commit the cluster, the cluster hosts are not made available for placement.  
Note : An administrator can override this and place a VM on a host in an over-committed cluster during manual placement.
VMM’s cluster refresher updates the host cluster’s over-committed status after each of the following events:

• A change in the cluster reserve value
• The failure or removal of nodes from the host cluster
• The addition of nodes to the host cluster
• The discovery of new virtual machines on nodes in the host cluster

The cluster reserve is set on the General tab of the host cluster properties. For a procedure, see How to View and Modify the Properties of a Host Cluster (http://go.microsoft.com/fwlink/?LinkID=162986).
=====
For the latest version of this article see the link below:
KB2463008 - How to determine if a cluster is over-committed in System Center Virtual Machine Manager 2008
J.C. Hornbeck | System Center Knowledge Engineer
The App-V Team blog: http://blogs.technet.com/appv/
The WSUS Support Team blog: http://blogs.technet.com/sus/
The SCMDM Support Team blog: http://blogs.technet.com/mdm/
The ConfigMgr Support Team blog: http://blogs.technet.com/configurationmgr/
The SCOM 2007 Support Team blog: http://blogs.technet.com/operationsmgr/
The SCVMM Team blog: http://blogs.technet.com/scvmm/
The MED-V Team blog: http://blogs.technet.com/medv/
The DPM Team blog: http://blogs.technet.com/dpm/
The OOB Support Team blog: http://blogs.technet.com/oob/
The Opalis Team blog: http://blogs.technet.com/opalis

Enhanced Event Viewer -

Enhanced Event Viewer -

http://blogs.technet.com/b/sateesh-arveti/archive/2010/11/22/enhanced-event-viewer.aspx

Windows provides a nice tool for viewing event logs of our machine. This tool called as Event Viewer is having lot of features to browse through our event logs. Even though, it is a very useful tool to browse our event log, but it does not provide certain features like searching and auto-show up of new events etc. So, I thought of doing an application that makes our event log browsing faster and much easier. I will explain the features provided by it.
Features provided by this Viewer:
•  Easy to navigate among the Logs.
• Easy to filter events.
•Easy to do Search.
•Click away to access it.
•Connect to remote machine's Event Log.
•Listener to show new event entry automatically.
•Better User Experience and lot more.

Download Enhanced Event Viewer -
http://blogs.technet.com/cfs-file.ashx/__key/CommunityServer-Components-PostAttachments/00-03-37-01-91/EnhancedEventViewer.zip

Use PowerShell to Create Local User Accounts

Use PowerShell to Create Local User Accounts


http://blogs.technet.com/b/heyscriptingguy/archive/2010/11/23/use-powershell-to-create-local-user-accounts.aspx

How To Improve Windows 2003 File Server Performance

How To Improve Windows 2003 File Server Performance


TipsOverview and Implementation Some tests allow us to find out that may be some con...Overview and Implementation
Some tests allow us to find out that may be some configuration that would help youTo improve Windows 2003 file server performance.
Although, these configurations may help you, use this modification without testing them
 

First May terminate yours network.
Also, this configuration was testing with only one server in the network, and there no
Knowledgebase what is the effect of multiple servers in yours network.
Please backup the system state and the registry of all the operating systems that you
Intend to change there configuration, before make any change. Also, I dont recommend
to implement this changes on production server.
 
 
 
Windows Server 2003 Tunings
 
              Windows 2003 built 3790 (RTM) that used only for file server in the network:
 
 
Created   HKLM\System\CurrentControlSet\Control\SessionManager\MemoryManagement\PagedPoolSize set to 192,000,000.
            Windows normally calculates the paged and non paged pool memory sizes using complex algorithms based on physical memory size. These settings allow you to override and manually specify values.
Created HKLM\System\CurrentControlSet\Control\FileSystem\NtfsDisable8dot3NameCreation to 1.
 
You can increase NTFS performance if you disable 8.3 name creations.
(Some 16bit programs may have trouble finding Long File Names. Don't set this option if you wish to install Norton NT Utilities.)
 
 
Created HKLM\System\CurrentControlSet\Control\FileSystem\Disablelastaccess and set to 1.
            This will disable the last access information written to each file as it is    accessed. The result is faster hard disk file read-access.  
Created HKLM\System\CurrentControlSet\Services\tcpip\Parameters\NumTcbTablePartitions and set to 8.
 
The value of this entry can be changed to partition the TCP control block (TCB) table to avoid contention. The default is 0x4; the value should be a power of two, that is, 2, 4, 8, 16, 32, and so on. On multiprocessor systems, change the number of partitions to four times the number of processors in your system.
 
Created HKLM\System\CurrentControlSet\Services\tcpip\Parameters\TcpAckFrequency and set to 13.
 
            Frequency of TCP ACK message that send to the other side.
 
   
       
Client Operating System Tunings
 
Windows XP with Service Pack 1:
 
 
Created HKLM\System\CurrentControlSet\Services\tcpip\Parameters\TcpAckFrequency and set to 13.
 
            Frequency of TCP ACK message that send to the other side.
 
 
Created HKLM\System\CurrentControlSet\Services\Lanmanworkstation\Parameters\DisableByteRangeLockingOnReadOnlyFiles set to 1.
 
This change allow the client to work faster with SAMBA server (you don't need
It to connection with Windows Server that isn't SAMBA):
 
http://h71000.www7.hp.com/doc/tcpip51/documentation/v51_relnotes_002.html
 
 
Created HKLM\System\CurrentControlSet\Services\Lanmanworkstation\Parameters\DormantFileLimit set to 100.
 
Determines how many files on each share can remain open in the redirector's cache after an application has closed them. If the number of open, cached files on a share exceeds the value of this entry, the system begins to close the cached files.
The Windows redirector keeps files open in the cache after an application has closed the file. This entry prevents cached files from occupying the limited number of places available for open files. By default, LAN Manager servers permit only 60 files from remote clients and 50 files from each client workstation to remain open.
 
HKLM\System\CurrentControlSet\Services\Lanmanworkstation\Parameters\ScavengerTimeLimit set to 100.
 
            http://www.cnaf.infn.it/~ferrari/infn-grid-wp5/task-dg/task2/scavenger-tests-cern.pdf
 
 
After you finish the changes in the server/client, please reboot yours computer to allow this changes to affect yours system.
If  for some reason you want to restore yours original configuration
Before you log in, use "last known good configuration":
 
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/server/boot_last_good.asp
 
 
References:
 
 
http://tailorednews.com/MicrosoftSP/NI/articles/tuningasp.doc
 
http://www.mindcraft.com/whitepapers/sm461ad/sm461ad-p2.pdf
 
http://www.nwfusion.com/reviews/2000/0124revtuning.html
 
http://www.synapse.de/regcheck/ger/registry/win-2000/root/hkey_local_machine/system/currentcontrolset/services/tcpip/parameters/
 
http://www.specbench.org/osg/web99/results/res2002q1/web99-20020215-00178.html
 
http://www.microsoft.com/windows2000/docs/tcpip2000.doc
 
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/reskit/serverop/part2/sopch09.asp
 
http://www.siesystems.com/w2k_registry_tcp.htm
 
http://nms.lcs.mit.edu/talks/tcp-asym/


ORIGINAL POST (Microsoft): http://support.microsoft.com/kb/555041

Mastering Trust Video Now Available!

Mastering Trust Video Now Available!

Pete Herzog presents on security, trust, and how we are broken at SecTor, Oct. 2010

 

Download Video:   http://bit.ly/avWVbJ

VMMap: A process virtual and physical memory analysis utility.

VMMap is a process virtual and physical memory analysis utility. It shows a breakdown of a process's committed virtual memory types as well as the amount of physical memory (working set) assigned by the operating system to those types. Besides graphical representations of memory usage, VMMap also shows summary information and a detailed process memory map. Powerful filtering and refresh capabilities allow you to identify the sources of process memory usage and the memory cost of application features.

Besides flexible views for analyzing live processes, VMMap supports the export of data in multiple forms, including a native format that preserves all the information so that you can load back in. It also includes command-line options that enable scripting scenarios.

VMMap is the ideal tool for developers wanting to understand and optimize their application's memory resource usage.

Download :
http://technet.microsoft.com/hi-in/sysinternals/dd535533(en-us).aspx