Learn some helpful IT Administrator tips and tricks.

Welcome to the most comprehensive list of tips and tricks for IT field, you'll find anywhere on the internet. I hope these tips help you get the most out of your internet.

Cloud Computing Next Generation of your company

Benefits of cloud computing is increased efficiency; services are rapidly deployed and ready for use in your company. Find out about the benefits of moving your business to cloud computing....

Support Tips and Tricks

Tips and Tricks for. Learning Before. Helping. Learning. Service. Research Computing... We are ...

Server, Network, System, Application | Diagram

Client-side Examples; Server-side Examples; Client-side Advantages ... this concept is to view the following diagram and considering some examples: ...

Good roadmap for System Engineer, Network Engineer

Roadmap global customer support professionals are focused on crucial, quick issue resolution and uninterrupted service.. HOW?

Showing posts with label Troubleshooting. Show all posts
Showing posts with label Troubleshooting. Show all posts

Monday, April 23, 2012

Solving the Problem

       Many device or network problems are straightforward to resolve, but others yield misleading symptoms. If one solution does not work, continue with another.
A solution often involves:
  • Upgrading software or hardware (for example, upgrading to a new version of agent software or installing Gigabit Ethernet devices)
  • Balancing your network load by analyzing:
    • What users communicate with which servers
    • What the user traffic levels are in different segments
Based on these findings, you can decide how to redistribute network traffic.
  • Adding segments to your LAN (for example, adding a new switch where utilization is continually high)
  • Replacing faulty equipment (for example, replacing a module that has port problems or replacing a network card that has a faulty jabber protection mechanism)
To help solve problems, have available:
  • Spare hardware equipment (such as modules and power supplies), especially for your critical devices
  • A recent backup of your device configurations to reload if flash memory gets corrupted (which can sometimes happen due to a power outage)
Why do we investigate incidents the key purpose of an investigation should be
     - to preven a future recurrence of the incident
     - determine root cause to prevent similar losses at the same or another location
     - satisfy legal & company requirements and determine the company's liability
     - benefit from lessons learned which may result in improved safety and operation
     - inform employees by keep employees informed about the event and follow up action

Sunday, April 22, 2012

Identifying and Testing the Cause of the Problem

      After you develop a theory about the cause of the problem, test your theory. The test must conclusively prove or disprove your theory.

Two general rules of troubleshooting are:

  • If you cannot reproduce a problem, then no problem exists unless it happens again on its own.
  • If the problem is intermittent and you cannot replicate it, you can configure your network management software to catch the event in progress.
      For example, with"LANsentry Manager", you can set alarms and automatic packet capture filters to monitor your network and inform you when the problem occurs again. See"Configuring Transcend NCS" for more information.

      Although network management tools can provide a great deal of information about problems and their general location, you may still need to swap equipment or replace components of your network until you locate the exact trouble spot.

      After you test your theory, either fix the problem as described in"Solving the Problem" or develop another theory.

Sample Problem Analysis
       This section illustrates the analysis phase of a typical troubleshooting incident. On your network, a user cannot access the mail server. You need to establish two areas of information:
  • What you know - In this case, the user's workstation cannot communicate with the mail server.
  • What you donot know and need to test-
  • Can the workstation communicate with the network at all, or is the problem limited to communication with the server? Test by sending a"Ping" or by connecting to other devices.
  • Is the workstation the only device that is unable to communicate with the server, or do other workstations have the same problem? Test connectivity at other workstations.
  • If other workstations cannot communicate with the server, can they communicate with other network devices? Again, test the connectivity.
The analysis process follows these steps:
  1. Can the workstation communicate with any other device on the subnetwork?• Ifno, then go to step 2.
    • Ifyes, determine if only the server is unreachable.
    • If only the server cannot be reached, this suggests a server problem. Confirm by doing step 2.
    • If other devices cannot be reached, this suggests a connectivity problem in the network. Confirm by doing step 3.
  2. Can other workstations communicate with the server?
    • Ifno, then most likely it is a server problem. Go to step 3.
    • Ifyes, then the problem is that the workstation is not communicating with the subnetwork. (This situation can be caused by workstation issues or a network issue with that specific station.)
  3. Can other workstations communicate with other network devices?• Ifno, then the problem is likely a network problem.
    • Ifyes, the problem is likely a server problem.
When you determine whether the problem is with the server, subnetwork, or workstation, you can further analyze the problem, as follows:
  • For a problem with the server - Examine whether the server is running, if it is properly connected to the network, and if it is configured appropriately.
  • For a problem with the subnetwork - Examine any device on the path between the users and the server.
  • For a problem with the workstation - Examine whether the workstation can access other network resources and if it is configured to communicate with that particular server.

Equipment for TestingTo help identify and test the cause of problems, have available:
  • A laptop computer that is loaded with a terminal emulator, TCP/IP stack, TFTP server, CD-ROM drive (to read the online documentation), and some key network management applications, such as LANsentry Manager. With the laptop computer, you can plug into any subnetwork to gather and analyze data about the segment.
  • A spare managed hub to swap for any hub that does not have management. Swapping in a managed hub allows you to quickly spot which port is generating the errors.
  • A single port probe to insert in the network if you are having a problem where you do not have management capability.
  • Console cables for each type of connector, labeled and stored in a secure place.

Understanding the Problem

      Networks are designed to move data from a transmitting device to a receiving device. When communication becomes problematic, you must determine why data are not traveling as expected and then find a solution. The two most common causes for data not moving reliably from source to destination are:
  • The physical connection breaks (that is, a cable is unplugged or broken).
  • A network device is not working properly and cannot send or receive some or all data.
       Network management software can easily locate and report a physical connection break (layer 1 problem). It is more difficult to determine why a network device is not working as expected, which is often related to a layer 2 or a layer 3 problem.

To determine why a network device is not working properly, look first for:
  •  Valid service - Is the device configured properly for the type of service it is supposed to provide? For example, has Quality of Service (QoS), which is the definition of the transmission parameters, been established?
  • Restricted access - Is an end station supposed to be able to connect with a specific device or is that connection restricted? For example, is a firewall set up that prevents that device from accessing certain network resources?
  • Correct configuration - Is there a misconfiguration of IP address, subnet mask, gateway, or broadcast address? Network problems are commonly caused by misconfiguration of newly connected or configured devices.

Saturday, April 21, 2012

Recognizing Symptoms

       The first step to resolving any problem is to identify and interpret the symptoms."Recognizing Symptoms" The first step to resolving any problem is to identify and interpret the symptoms. You may discover network problems in several ways. Users may complain that the network seems slow or that they cannot connect to a server. You may pass your network management station and notice that a node icon is red. Your beeper may go off and display the message:WAN connection down.

User Comments
       Although you can often solve networking problems before users notice a change in their environment, you invariably get feedback from your users about how the network is running, such as:
  • They cannot print.
  • They cannot access the application server.
  • It takes them much longer to copy files across the network than it usually does.
  • They cannot log on to a remote server.
  • When they send e-mail to another site, they get a routing error message.
  • Their system freezes whenever they try to Telnet.
Network Management Software Alerts
      Network management software, as described in"Your Network Troubleshooting Toolbox", can alert you to areas of your network that need attention. For example:
  • The application displays red (Warning) icons.
  • Your weekly Top-N utilization report (which indicates the 10 ports with the highest utilization rates) shows that one port is experiencing much higher utilization levels than normal.
  • You receive an e-mail message from your network management station that the threshold for broadcast and multicast packets has been exceeded.
       These signs usually provide additional information about the problem, allowing you to focus on the right area.

Analyzing Symptoms
      When a symptom occurs, ask yourself these types of questions to narrow the location of the problem and to get more data for analysis:
  • To what degree is the network not acting normally (for example, does it now take one minute to perform a task that normally takes five seconds)?
  • On what subnetwork is the user located?
  • Is the user trying to reach a server, end station, or printer on the same subnetwork or on a different subnetwork?
  • Are many users complaining that the network is operating slowly or that a specific network application is operating slowly?
  • Are many users reporting network logon failures?
  • Are the problems intermittent? For example, some files may print with no problems, while other printing attempts generate error messages, make users lose their connections, and cause systems to freeze. " You may discover network problems in several ways. Users may complain that the network seems slow or that they cannot connect to a server. You may pass your network management station and notice that a node icon is red. Your beeper may go off and display the message:WAN connection down.

Troubleshooting Strategy

How do you know when you are having a network problem? The answer to this question depends on your site's network configuration and on your network's normal behavior. See"Knowing Your Network" for more information.
If you notice changes on your network, ask the following questions:
  • Is the change expected or unusual?
  • Has this event ever occurred before?
  • Does the change involve a device or network path for which you already have a backup solution in place?
  • Does the change interfere with vital network operations?
  • Does the change affect one or many devices or network paths?
       After you have an idea of how the change is affecting your network, you can categorize it as critical or noncritical. Both of these categories need resolution (except for changes that are one-time occurrences); the difference between the categories is the time that you have to fix the problem.

       By using a strategy for network troubleshooting, you can approach a problem methodically and resolve it with minimal disruption to network users. It is also important to have an accurate and detailed map of your current network environment. Beyond that, a good approach to problem resolution is:

Thursday, April 19, 2012

How To Prioritization for Incidents

What is a incident?An Incident is a system bug or error, user question, or routine administration request.
Defect Categories Defined –


  • High      Incident of highest relative urgency. Essential Suite may be severely impacted and end-users require immediate assistance. The situation meets one or more of the following criteria:
          1. Any issue that significantly increases the likelihood of a safety or environmental incident occurring and/or the consequence of that potential event
          2. A Mission Critical business process is impacted and no workaround exists.
          3. Impacts 100 users or more.
          4. Work is totally stopped.
          5. System is down completely.
  • Medium
  •      Significant problem for the end-user, may result in financial or other serious impact for Essential Suite. Situation may become of high priority if not quickly addressed. The situation is not high, but meets one or more of the following criteria:
          1. A significant business process is impacted but a workaround exists.
          2. Impacts 50 to 99 users.
          3. Significant loss of work capacity, but can get some work done.
Incident Classification
We classify incidents based on the scenarios defined below:
  • High – System down related issues
  • Medium – User has classified it as moderate priority based on criteria, access related issue, etc.
  • Low – Updating records in system, Scheduling report, Data Mining, Close action items issue, Troubleshooting issues
Times:  High  Medium  Low 
Initial Response Time  <=  2 Hours <= 24 Hours <=  2 Business Days 
Restoration Time for an incident <= 24 Hours <=  2 Business Days  <=  5 Business Days 

Friday, April 6, 2012

Ping Multiple Destination With Batch File

       A common tool that network and system admins make use of is the “Ping” command which is a very simple and effective way to verify a machine is available on the network (firewall rules depending of course). So if you find yourself having to ping multiple machines at once, a very useful tool is the batch files, which will not only ping all the ip addresses but also give you ping results in text file format with just single click.


      A batch file is a text file containing a series of commands intended to be executed by the command interpreter. When a batch file is run, the shell program (usually COMMAND.COM  or cmd.exe) reads the file and executes its commands, normally line-by-line. Batch files are useful for running a sequence of executables automatically and are often used by system administrators to automate tedious processes.
Steps to create batch file::
  1. Open up Notepad, type in the following commands (Example)
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    @Echo off

    ping 192.168.1.1 > "%userprofile%\desktop\pingresult.txt"

    ping www.google.com >> "%userprofile%\desktop\pingresult.txt"

    ping 146.23.4.45 >> "%userprofile%\desktop\pingresult.txt"

    tracert 192.168.1.1 >> "%userprofile%\desktop\pingresult.txt"
    tracert www.google.com >> "%userprofile%\desktop\pingresult.txt"

    tracert 146.23.4.45 >> "%userprofile%\desktop\pingresult.txt"

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Remember::  > will run the command and create a file with ping results and >> will append or add next ip address ping results to the created file . So whenever you create batch file first command should always have single > and subsequent  commands should have  >>.
  2. Now save this file with Filename Ping_result.cmd or whatever you want and Change  Save as type to All files.
  3. Run the Ping_result.cmd and you will get pingresult.txt on your desktop.
       Play around with netstat , ipconfig and other commands by creating batch files in the similar manner.., just change the ping command to the command of your choice in the above example.

How to Use the Traceroute Command

     Traceroute is a command which can show you the path a packet of information takes from your computer to one you specify. It will list all the routers it passes through until it reaches its destination, or fails to and is discarded. In addition to this, it will tell you how long each 'hop' from router to router takes.
    In Windows, select Start > Run > Type cmd or Start > Programs > Accessories > Command Prompt.  This will give you a window like the one below.
    Enter the word tracert, followed by a space, then the domain name.

    The following is a successful traceroute from a my machine in Thailand to liverpoolfc.tv:


     Firstly it tells you that it's tracing the route to liverpoolfc.tv, tells you the IP address of that domain, and what the maximum number of hops will be before it times out.
Next it gives information about each router it passes through on the way to its destination.
1 is the internet gateway on the network this traceroute was done from (an ADSL modem in this case)

2 - 5 are the ISP the origin computer is connected to (totbb.net)
6 - 8 are also in the xtra network
9 - 10 are all routers on the sg.bb.gin.ntt.net network (the domain that is the internet gateway Sigapore side)
11 - 13 are all uk.bb.gin.ntt.net in the UK (a telecom supplier in the UK)
14 - 15 are on the UK network 
and finally, line 16 is the computer liverpoolfc.tv is hosted on (liverpoolfc.tv)

      This is extremely useful when trying to find out why a website is unreachable, as you will be able to see where the connection fails. If you have a website hosted somewhere, it would be a good idea to do a traceroute to it when it is working, so that when it fails, you can do another traceroute to it (which will probably time out if the website is unreachable) and compare them. Be aware though, that it will probably take a different route each time, but the networks it passes through will generally be very similar. 
If the example above had continued to time out after line 9, you could suspect that sg.bb.gin.ntt.net was the problem, and not liverpoolfc.tv.

     If it timed out after line 1, you would know there was a problem connecting to your ISP (in this case you would not be able to access anything on the internet).
    It is generally recommended that if you have a website that is unreachable, you should use both the traceroute and ping commands before you contact your ISP to complain. More often that not, there will be nothing to your ISP or hosting company can do about it.

How to Use the Ping Command

       Pinging is a command which tells you if the connection between your computer and a particular domain is working correctly.


       In Windows, select Start > Run > Type cmd or Start > Programs > Accessories > Command Prompt. This will give you a window like the one below.
      Enter the word ping, followed by a space, then the domain name.
      If the results show a series of replies, the connection is working. The time shows you how fast the connection is. If you see a "timed out" error instead of a reply, there is a breakdown somewhere between your computer and the domain. In this case the next step is to perform a traceroute.

      Online ping. If you can't use the Ping command from your own computer because of a firewall or other restriction, or want to do an Internet ping from another location than your own, you can use one of the following websites that offer online ping services:
his.com Ping http://www.his.com/cgi-bin/ping?
Network-Tools http://network-tools.com/
Spfld.com Ping   http://www.spfld.com/ping.html
Theworldsend.net ping http://www.theworldsend.net/php-ping.php

Thursday, April 5, 2012

Color Batch File To Check Network~Server

       I wrote this today to provide an easy way for anyone to see if a computer is on the network/internet and even do some basic troubleshooting. If someone wanted to take this. Just cut and past into a text file and save with a .bat extension and you should be good to go. Could easily be put on a floppy or e-mailed to someone to test with..



Here is the basic color command:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@echo off
::
:: cecho by thomas
::
cecho {00}**********{\n}
cecho {0C}{\n}
echo This is a private system operated for HXXX Company business.
echo Authorization from XXX management is required to use this system.
echo Use by unauthorized person is prohibited.
cecho {00}**********{\n}
cecho {0C}{\n}
echo WARNING: This computer system is accessed by authorized users outside
echo of HP. All security and control procedures must be strictly followed.
pause
cecho {00}**********{\n}
echo Unpacking cecho utility
call :unpack_cecho
cecho {00}**********{\n}
cecho {0E}***************************************{\n}
cecho {0E}** BKKGCAP01.asiapacific..net **{\n}
cecho {0E}***************************************{\n}
cecho {0B}{\n}
cecho {9F} ------- {9F}Location: Row {9F}2 {9F}Rack {9F}8 {9F}------ {\n}
cecho {0B}{\n}
ping bkkgcap01 -n 5
cecho {00}**********{\n}
cecho {00}**********{\n}
cecho {0A}**************************************{\n}
cecho {0A}** TLAEXC01.asiapacific.xxxx.net **{\n}
cecho {0A}**************************************{\n}
cecho {0B}{\n}
cecho {9F} ------ {9F}Location: Row {9F}2 {9F}Rack {9F}2 {9F}------ {\n}
cecho {0B}{\n}
ping tlaexc01 -n 5
cecho {00}**********{\n}
cecho {00}**********{\n}
cecho {0E}***************************************{\n}
cecho {0E}** BKKFILE01.asiapacific.xxxx.net **{\n}
cecho {0E}***************************************{\n}
cecho {0B}{\n}
cecho {9F} ------- {9F}Location: Row {9F}2 {9F}Rack {9F}1 {9F}------ {\n}
cecho {0B}{\n}
ping bkkfile01 -n 5
cecho {00}**********{\n}
cecho {00}**********{\n}
cecho {0A}**************************************{\n}
cecho {0A}** BKKCOE01.asiapacific.xxxx.net **{\n}
cecho {0A}**************************************{\n}
cecho {0B}{\n}
cecho {9F} ------ {9F}Location: Row {9F}2 {9F}Rack {9F}1 {9F}------ {\n}
cecho {0B}{\n}
ping bkkcoe01 -n 5
cecho {00}**********{\n}
cecho {00}**********{\n}
cecho {0E}**************************************{\n}
cecho {0E}** THACOE01.asiapacific.xxxx.net **{\n}
cecho {0E}**************************************{\n}
cecho {0B}{\n}
cecho {9F} ------ {9F}Location: Row {9F}2 {9F}Rack {9F}* {9F}------ {\n}
cecho {0B}{\n}
ping thacoe01 -n 5
cecho {00}**********{\n}
cecho {00}**********{\n}
cecho {0A}***************************************{\n}
cecho {0A}** THNCIU01.asiapacific.xxxx.net  **{\n}
cecho {0A}***************************************{\n}
cecho {0B}{\n}
cecho {9F} ------- {9F}Location: Row {9F}1 {9F}Rack {9F}8 {9F}------ {\n}
cecho {0B}{\n}
ping thnciu01 -n 5
cecho {00}**********{\n}
cecho {00}**********{\n}
cecho {0A}**************************************{\n}
cecho {0A}** BKKSQL01.asiapacific.xxxx.net **{\n}
cecho {0A}**************************************{\n}
cecho {0B}{\n}
cecho {9F} ------ {9F}Location: Row {9F}2 {9F}Rack {9F}8 {9F}------ {\n}
cecho {0B}{\n}
ping bkksql01 -n 5
cecho {00}**********{\n}
cecho {00}**********{\n}
cecho {0E}*************************************{\n}
cecho {0E}** BKKDP01.asiapacific.cpqcorp.net **{\n}
cecho {0E}*************************************{\n}
cecho {0B}{\n}
cecho {9F} ----- {9F}Location: Row {9F}1 {9F}Rack {9F}8 {9F}------ {\n}
cecho {0B}{\n}
ping bkkdp01 -n 5
pause
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Download sample file
cecho.c      cecho.exe      cecho.vcproj      cecho BoYLaSeR.cmd    

Wednesday, December 14, 2011

Basic commands

Basic commands, windows admin's should know


Basic commands
View Last Reboot Time
net statistics server | more
Run a program as another user
runas /user:domain\username appname
ex: runas /user:jeffk cmd.exe


Remote Desktop into Console of specific computer
Mstsc /v:computername /console
Ex: mstsc /v:deserver /console
Map a network Drive
Net use drivename: \\server\share
Net use z: \\daserver\music
Force network credentials
Net use \\server\sharename /user:domain\user
Ex: net user \\daserver\music /user:jeffk
Tip: Before using this you may want to issue net use * /d to delete previously stored credentials, or you can view your credentials by just typing net use

Environmental Variables 
use these at start>run to quickly goto or anywhere in explorer
Tip: Type set to see your variables
%windir%
%systemdrive%
%appdata%
%userprofile%
%programfiles%
%allusersprofile%
%temp%


sc queryex - The following command displays the process ID (PID) that corresponds to a service
sc \\ qc - The following command displays the services that the specified service depends on
sc \\ enumdepend - The following command displays the services that depend on the specified service
psservice \\ depend - You can also use the following command

taskkill -pid - The following command kills a process by PID
taskkill /s -im - And this command kills a process by name on a remote server
pskill \\ - The pskill.exe utility works in a very similar manner

tasklist - viewing the running processes via the command line
pslist \\ - The Sysinternals pslist.exe utility is available for Windows Server 2003 or Windows 2008 and can be run against a remote host
top - There is also the top.exe command, which is available in the Windows 2003 Resource Kit. It provides a continually updated view of the top running process (by CPU)

runas /user: "" - The runas.exe command allows you to run a command with alternate credentials
runas /user:AMER\rallen.adm "mmc.exe" -

diskpart - On Windows Server 2008, you can use the diskpart utility to view the disk, drive, and volume configuration. First, get into interactive mode
list disk - to view the list of disks
list vol - to see the list of volume and assigned drive letters,