A Windows system in a domain synchronizes its time from a domain controller.
Is it possible to synchronize it from an external server via NTP?
Thank you
Yes, you don't have to sync the time via the domain controller - but you do have to ensure that if your going to split things up in that way you need to make sure that the DC keeps correct time as it will have implications with things like Kerberos and you may find you start to get odd auth errors or failures.
This question and my answer should give you enough details to get it working for workstations of Windows 7, and 8 - I've not tested Windows 10 yet but it should be very similar. Server versions may have slightly different settings, and certainly in Server 2012 or higher there is a group policy section which allows the setting and management of ntp specific stuff which can be applied to Windows 7 & above machines.
There are some details & screen shots here which show the server group policy side of things (2012).
Related
We want to install Dynamics CRM 2013 for 10 users. We are thinking about 2 approaches:
Install only one instance of CRM and SQL Server on two separate servers machines. CRM server machine will have front end server role and SQL Server machine will have back end server role. All 10 users will browse and work on same instance of CRM.
Install SQL Server on a separate machine and install CRM on the machines of all the 10 users. All 10 CRM instances will point to the same organization created on SQL Server. Each users will use CRM installed on their own system but their customizations will be published on one organisation since all CRMs are pointing to the same organisation.
Could anyone let me know which approach will be better in terms of performance.
Update after the reply of Draiden and Kye:
All 10 machines will be used only for development and IFD or NLB will never be required.
In one of our previous projects, we had used the approach of 1SQL-SSRS and 1CRM (Full server). During peak development periods when around 8 users were connected to CRM doing customization, memory usage of CRM server would go to around 85% - 95%. At this point, CRM used to become non-responsive.
In order to avoid the high memory usage, we are thinking of approach 2 where CRM memory usage will be distributed among multiple machines. Also if someone wants to debug a plugin, they will debug on their own CRM (and will not block others). Having one SQL Server in the backend will enable developers to share the same data. Also their customization changes will be published on one central organization.
The second solutions involves the creation of a front-end server for each user? I don't think that is a viable (really nice way) to install crm. Also If you will be in the situation of setup something else, like IFD you will need to install and setup a NLB and teach everyone to change the url.
The first approach you are suggesting is the better one, but usually you go with 2 servers, 1 sql and 1 crm full installation. Performance wise shouldn't make much of a difference since the user using the system will be just 10 people.
So I would say that solution 1 doesn't help you much, because you still keep the db an the backend on the same machine,
while solution 2 still has a bottleneck when you are doing SQL operations, plus CRM is quite demanding, and let run the server on a user machine will choke it.
Go with a more traditional approach.
1 SQL-SSRS and 1 CRM, or if you think that you will have performance issues go with 1 SQL-SSRS, 1 Back-End server a NLB and as many front-end you want/need.
Again for 10 users having multiple front end server doesn't make much sense.
Please refer to this TechNet article for supported configurations.
For best performance, you will want to use a multi-server architecture. Furthermore, in order to have the data be shared between the users, they would need to be using the same environment.
Could anyone let me know which approach will be better in terms of
performance.
I don't think option 2 is viable, as it means installing the CRM web server on 10 machines:
Running IIS on client machines will start using up memory your end
users should be using for desktop applications.
If you ever need to scale up the front end machines, you'll need to
do this 10 times.
Since your users may not be using CRM all day, IIS will eventually
recycle, making the first time a user access the site seem slower
then expected.
I would install the CRM webs server and database on separate machines, following the minimum recommended hardware requirements.
https://technet.microsoft.com/en-us/library/hh699840(v=crm.6).aspx
Update - If your requirement is around a development environment, I would use two servers for Production and two servers for Test (to mimic Production).
For the development environment - I'd ask developers to install CRM and SQL locally so that they can debug their own code, and then push their finished code to a central repository such as Github or TFS. It would then be someone's (or something's) role to pull down updated code, prepare and CRM solution and deploy to the next environment.
I hope someone can help me figure out this issue.
I have a windows based VPS with 6GB of ram and enough disk space.
I have only 3 websites hosted and all three are not advertised publicly, so no one could access.
The issue is the server is slow in response whenever we try to load the sites in browser or in RDP or thru Parallel Plesk Control. Everything slow to response.
I have every 1 minute to 3 , from green zone to red zone a lot of numsessions limit hits.
I have browsed SO and read Parallel doc and even browse their forum and no one has mentioned a real solution. They say that numsessions is hit when many sessions of rdp or Parallel Plesk Control are left open.In my case no one has access to the server and no one is logging to the server either. I have rebooted the server many times and only one session was open and that was to control server via virtuoso (Parallel Power Control) and same the numsessions is hit again within 3 min of reboot.
I have talk to the idiots at 1and1 (where we bought the VPS xxl) and they have no clue saying it is not our problem but yours or MS Windows! I have not installed any third party or even proprietary software on server which could cause the issue. The server is brand new and only created new sites via Parallel Plesk control. Emails are not working either.
Windows Event viewer doesnt show much information either.
Last resort is to re-image the server which may solve issue but I doubt since the issue seems to be from the server when we bought it.
anyone could shed their wisdom light on this please?
Thanks
Just noticed my resource log full of these as well. I think the issue is that a session is counted as soon as a RDP connection is made - so bots trying common admin passwords count towards this.
The real issue is as there is no way I can find to filter these from the resource alerts you basically can't find the real problem you have as the logs are just full of numsesssions.
I work on a large C++ application and often get the opportunity to continue this while at home. The IBM MQ configuration is using some kind of domain group for authentication so the application won't run unless I'm connected to the office VPN via Secure Client.
Why does the application run so much slower when connected to the VPN than in the office?
As background info, I should state the application also needs a database (Oracle) etc but all of this is locally hosted, so shouldn't be affected by the change in location.
I'm using a local MQ server as well, in case that wasn't clear. Essentially, beyond the MQ domain authentication (which is at the start of the process as far as I can tell), application behaviour is dramatically reduced. A process which takes 30 minutes in the office takes >2hrs at home. I have noticed the filesystem is generally slower (although this is a SSD drive laptop). Could Clearcase / Sophos be conflicting?
Is there a 'good way' I can monitor windows to see what exactly, if anything, is slowing the machine down out of the office?
If I get to May with no useful responses I think I'll nuke this message. FYI, I tried server overflow as well but to no avail (they complained and said the question should live on stackoverflow instead!)
Well, if your internet speed is not very fast then that would explain the issue.
I'm using the role-based caching feature for a windows azure web role.
Configured as co-located. I've followed the steps given by windows azure docs for caching (preview). I get the following error:
ErrorCode <ERRCA0017>:SubStatus<ES0006>:There is a temporary failure.
Please retry later. (One or more specified cache servers are
unavailable, which could be caused by busy network or servers. For
on-premises cache clusters, also verify the following conditions.
Ensure that security permission has been granted for this client
account, and check that the AppFabric Caching Service is allowed
through the firewall on all cache hosts. Also the MaxBufferSize on the
server must be greater than or equal to the serialized object size
sent from the client.). Additional Information : The client was trying
to communicate with the server: net.tcp://127.255.0.4:20010/.
I'm running everything as localhost, using the local development storage, my cache client is in the same role as the server. Changed many configuration attributes, but I always get that excpection or similar like "cannot connect to tcp....".
I'd appreciate some help. Thanks.
There are couple of things which could go wrong with your application.
Very first thing to make sure that you have SDK 1.7 in your machine even with Windows Azure Caching Services and then verify that you have reference set from Windows Azure Cache (not from Windows Server App Fabric SDK). I have seen such misconfiguration in past which lead to such errors.
Now have you changed your dataCacheClient, identifier to your ROLE Name as described in the documentation link here. If you follow the documentation as described to you should not hit any error so for the sake of checking what could be wrong, you can create exact same application as described in this link and see if that works or not.
To get more details error, please be sure to increase the DataCacheFactoryConfiguration.ChannelOpenTimeout value to longer i.e. 2 minutes then default 20 seconds as described here. This step will help you to get details about inner exception which may lead to actual root cause to your problem.
We use Azure co-located caching (not in preview anymore) as our session backer and have fairly regular outages. About once a month.
We tried using the Enterprise library Transient Fault Handling but our instances still hang when caching experiences problems. I think that the transient fault code would work for data caching, but for session backing there is some activity closer to the metal that we can't seem to code against.
The error codes have become more informative over the last year and go something like...
ErrorCode:SubStatus:The request timed out..
Additional Information : The client was trying to communicate with the
server: net.tcp://10.xx.xxx.xx:xxxxx/.
Our best guess so far from experimenting and MS support is that each, or at least one co-located cache role/instance needs to know about all the other instance's IPs, since Azure can destroy and re-up instances whenever they want, this sometimes fails to update the dependent instances. This is secret sauce for Azure, but it is not a secret when our site goes down. I'm looking for any more information on this and to see how others are working around this issue.
One possible work-around. One of our talented platform administrators found that resetting IIS on the instances and scaling up two more instances seem to help the problem. This makes sense to me because it gives caching another chance to gather all the required info about the other instances. This is NOT CONFIRMED to solve the problem but if we repeat this during the next outage it could be a valid work around.
How can my app get a valid "last time connected to domain" timestamp from Windows, even when the app is running offline?
Background:
I am writing an application that is run on multiple client machines throughout my company. All of these client machines are on one of the AD domains implemented by my company. This application needs to take certain measures if the client machine has not communicated with the AD for a period of time.
An example might be that a machine running this app is stolen. After e.g. 4 weeks, the application refuses to work because it detects that the machine has not communicated with its AD domain for 4 weeks.
Note that this must not be tied to a user account because the app might be running as a Local Service account. It the computer-domain relationship that I'm interested in.
I have considered and rejected using WinNT://<domain>/<machine>$,user because it doesn't work while offline. Also, any LDAP://... lookups won't work while offline.
I have also considered and rejected scheduling this query on a dayly basis and storing the timestamp in the registry or a file. This solutions requires too much setup and coding. Besides this value simply MUST be stored locally by Windows.
I don't believe this value is stored on the client machine. It's stored in Active Directory, and you can get a list of inactive machines using the Dsquery tool.
The best option is to have your program do a simple test such as connection to a DC, and then store the timestamp of that action.
IMHO i dont think the client machine would store a timestamp of the last time it communicated with AD. This information is stored in active directory itself (ie. on the DC)
Once a user logs into say a Windows machine the credentials are cached. If that machine is disconnected from the network the credentials will last forever. You can turn this feature off with group policies, so that the machine does not cache any credentials.