Monday, 10 December 2007

Simple Active Directory

Active directory is a bit of an animal.

Many problems can reside inside active directory if its not well maintained most of us will see error in the event log and that will be our first clue that something as gone wrong.

If you are lucky enough to have some reporting tools deployed on your server then you might notice them before that.

Most common error is site to site replication these errors no so hard to deal with. First check the server you are trying to replicate with is up and running you can ping it you can net view to it and if you have the support tool and resource kit install you can RPC ping as well

So first you ping in this case my domain controller is we an IP of


If you get a reply this means that the network is running doesn’t mean the server is working so next we do a net view to see if the shares such as sysvol are there

Net view file://

If you can see there then all is good and you are most likely looking at DNS errors where the DNS entry is wrong or lookup to the DNS is not possible because the link is down

Some useful command you can use from the command prompt are,
This one is useful to check server is correctly registered with the DNS
netdiag /test:DNS /v

This one is useful to see the replication history
repadmin /showreps

If you are still having active directory issue, I would suggest you contact some one that knows it well google news groups are always a good place if you are not in a hurry to fix little issues.

Simple QoS

Lots of people run networks with high speed internet connections these days and almost all of them complain that they are not getting the service they want out of the line, well basic answer is get more speed, the second answer is define what you want most.

A basic QoS (quality of service) config will give you much of that internet back, also and this is something to remember unless your router is also your switch you will need a switch that can also deliver QoS other wise it will just get stuck in the LAN traffic.

So here is a simple example for your WAN interface, this will make sure your out bound traffic to the net and normally is the out bound that is the slower speed for you, is controlled. As an example if you upstream (connection to the internet leaving your router) is 512kbs and your downstream (speed from the internet to you) is 2048kbs then is safe to say that the bottle neck will be on your upstream.

Now lets look at an example bit of code, we create a class map with a name in this case highpriority so show that these type of traffic are most important and will reserve a % of bandwidth for them

Router(config)#class-map HIGHPRIORITY
match http
match pop3
match smtp
bandwidth X

X = the total % or in kbs of the bandwidth you want to allow for your
Traffic i.e. bandwidth 70 would mean 70% of the total so if your line as 512kbs the then it would mean 358kbs was now for use by traffic matching highpriority class

All this is fine but we still need to apply this is your WAN interface so just go under the WAN interface and do:

Router(config-if)#service-policy output HIGHPRIORITY_POLICY

That’s it a simple QoS for you internet connection the match set are upgraded with each ISO version so check the router for options.