Category: work

Process to Named Instance

When working with programs that spawn multiple processes (i.e. BizTalk, svchost, etc), sometimes you just need to know which one of the processes is actually spinning at 100% CPU or eating all your memory.  Unfortunately, task manager doesn’t really give you and details about which process it is.

In order to get the details, you need to run the following (example is for svchost)

tasklist /SVC /fi “imagename eq svchost.exe”

Just remember to open the command prompt as administrator for elevated processes.

 

Published
Categorized as work

Offline SharePoint

I’m sure a lot of you have heard about Colligo for offline SharePoint.  Unfortunately, the SharePoint sites that I continually access where for my company have some interesting security setup and therefore I’ve never been able to get Colligo to work.  Since I had originally tried, I never really bothered to figure it out as we were told it simply wouldn’t work.

However, when I installed Office 2010 I noticed that there was a SharePoint Workspace 2010 which does offline SharePoint too.  Since we only use MS products for security I was very optimistic about getting Offline SharePoint finally working (incredibly useful for working on flights).  Well, I attempted to use it and quickly realized it will only do offline SharePoint for SharePoint 2010.  Unfortunately we were still on 2007.

Fast forward through a bit of searching, and I ran across a nice KB article that explains how to sync a SharePoint 2007 site with SharePoint Workspace 2010 using groove.  I don’t really care how it works, as long as I can have offline editing and syncing.  Yay!

TokenAndPermUserStore Cache on x64 SQL 2005

We’ve been having yet another performance issue that has taken awhile to fix.  This one isn’t related to code though.  However, it has been a nightmare to solve.  Thankfully we have some Microsoft guys on sight who were able to quickly diagnose the problem and get us moving along.

Some background:

  • x64 SQL 2005 SP3
  • x64 Windows 2003 R2
  • 64GB RAM per cluster node
  • 12 HT enabled cores

With that, we were noticing a lot of CPU activity even though we really shouldn’t have, but it was strange as CPU would peak at about 45% and the SQL would appear to become very sluggish.  Running ad hoc queries took forever, and it was causing our app to run slowly too.  In fact, we were normally front-end CPU bound, but when we were having these issues, the front-end sat at about 25% CPU, SQL was at 45% and there were no waits on the SQL server.  It was very annoying as there was no place to point the finger at.

As I was digging through things, I noticed that the last geography we did we had set MDOP to 1 (see previous post).  As I was slowly going through various SQL configurations I noticed that it was set to 0 on all of the cluster nodes.  Needless to say, I talked to a few people, and 1 is apparently the default setting during their buildout, so I changed it. 

Miraculously everything was solved!  A quality day’s worth of work!  Ran some validation steps, and then handed it off to our offshore team.  The next day, I notice that the results were looking a lot worse that what I was seeing.  I spin up LoadRunner (ugh, another post I should probably write about) and run a test.  My results are for crap too.  Looking at front-end CPU, I notice it is once again not maxing out, and SQL is running hot again. 

I know how to fix this though, so I go and look at the MDOP setting.  Interesting, it is still set to 1.  Well, maybe something is hung someplace, so I set it to 0 then back to 1.  Run the test, problem solved, move on to something else. 

Well, this continually happens for the next week, and so I send an email asking if anyone has seen this before to the local DBAs and the onsite Microsoft DBAs if they have ever seen MDOP “revert”, but not really.  Needless to say, they had never heard of this, but the Microsoft DBA quickly narrowed in on the fact that the cache plan is being dumped when I re-run that configuration.  Looking at some memory dumps, he quickly jumped on the TokenAndPermUserStore cache.  We also verified it by only flushing that cache and watching the improvements on the site. 

The good news is that we are not the only ones having issues with this.  MS has actually tried to fix this issue since before SP2.  However, nothing, not even in SP3 has actually fixed it.  Yet, in SP3 they finally added a few trace flags that can be used to manually set the size of this specific cache.  Before I get to telling you how to fix it, here is what is going on.

On the previous geography our SQL tier looked the same except that we only had 24GB of RAM on the SQL nodes, plus our databases were a lot larger because of legacy data.  Therefore, we have memory pressure on the box.  SQL wants to load all the databases into RAM, but it can’t.  Therefore, the caches are continually going through garbage collection.  Now, on this current project, we have more than doubled the amount of RAM, and our databases are are tiny in comparison.  In fact, all of our databases are effectively in memory.  Therefore, we have no memory pressure, and the caches are never collected.  They keep growing to sizes that make them useless as they are spending more time in CPU finding the corresponding item (the security token in this case) than just recreating it.

Our SQL nodes are too big.  Who knew that was possible?

Now the solution.  Microsoft has tons of articles on this, but the one that describes it the best is 927396.  The top bullet points explain exactly what we were seeing:

  • Queries that typically run faster take a longer time to finish running.
  • CPU utilization for the SQL Server process is more than usual.
  • When you experience decreased performance when you run an ad hoc query, you view the query from the sys.dm_exec_requests or sys.dm_os_waiting_tasks dynamic management view. However, the query does not appear to be waiting for any resource.
  • The size of the TokenAndPermUserStore cache store grows at a steady rate.
  • The size of the TokenAndPermUserStore cache store is in the order of several hundred megabytes (MB).
  • In some cases, execution of the DBCC FREEPROCCACHE command provides temporary relief.

Now there are multiple ways of fixing it, it really depends on how many users are accessing your database.  For us, it is very few as we only have application accounts.  However, here are your options:

  1. Enable trace flag 4618 to set a quota of 1,024 entries.
  2. Enable both trace flag 4618 and 4610 to set a quota of 8,192 entries.
  3. Put a custom quota in the registry and enable trace flag 4621.

We went with option #2, so we have the default settings, and guess what it works!  The downside is that the memory keeps increasing, but we haven’t had a performance issue.  I am guessing is that the used memory space is staying consistently the same size, but it is not reclaiming memory, which is causing a memory leak.  I am going to work with our DBA this next week to validate that assumption (and make sure it will reclaim the memory at some point), so I will keep this post updated based on what we found.

In addition, I am going to switch MDOP back to 0, and see if SQL isn’t quite as dumb with parallelism as we think it is now.

 

Base Perf Improvements

Since I keep forgetting to check these base performance assumptions prior to digging in, I thought I would list them here with some description.  Yes, this is mostly for my personal edification, so deal with it.

  1. SQL – These items can be done when you see Buffer Latch waits
    1. Max Degree of Parallelism (DOP) – This setting should be set to 1.  By default it is set to 0, so it needs to be changed.  This setting becomes more important as CPU cores scale up.  It turns out that SQL is not good at parallelizing T-SQL queries.  When set to the default of 0, CPU is artificially increased due to SQL attempting to parallelize threads.  Some additional info can be found here.  This affects all versions of SQL.  Be sure to test first!
    2. T1118 Flag – This is a trace flag that much be added to the SQL startup parameters (-T1118).  This allows SQL to access multiple pages.  When you have a multi-core (processor) machine, you should definitely enable this flag on all instances of SQL.  In addition to this change you must do the following item to see benefits.  You can get more information here.
    3. File Partitioning – In addition to the T1118 flag, you also need to break out your files.  TempDB is the most common bottleneck that you should do this to.  In our testing it is at least worth while to create the number of data files (with autogrowth turned off) to 1/2 the number of cores you have.  We added all our This also helps other databases that have high contention.  Log files can also be broken out if lots or log contention is occurring.  However, in our cases, it has typically been limited to the data files.
  2. Web/App Server
    1. Wildcarding Disabled – By enabling wildcarding you can have pretty URLs that don’t end in an extension without using a rewrite module (not free for IIS6).  However, by enabling scriptmap wildcarding all files go through the asp.net handler.  This is obviously a huge CPU burden on the web server, plus an even larger burden if you are backing session in the database because the database CPU and IO goes through the charts.  Nothing like having session information for loading a JPG file!  You can see what not to do here.
    2. Kernel Mode SSL – This adds ~10% CPU relief on the web servers.  You can’t do anything with client certifications though, so be sure to test and read all the gotchas.  Find out more here.
    3. Debug = “False” – For ASP.NET applications, the <compilation debug=”false”/> causes three things to happen.  First, asp.net timeouts are removed.  Second, the temp asp.net dlls are batch compiled and in release mode.  When it is set to true, each ascx, asax, and aspx is compiled into it’s own dll in debug mode.  Third, is that you can’t step line by line in the assemblies, which allows for a large performance increase.

Black Logon Screen for RDP

I get this every once in a while, and it is quite annoying.  Basically all the colors are messed up when you try to log in via RDP.  Everything appears black.  You can see your cursor, so you can log into machines, but it is very difficult when dialog boxes are around.  I found the solution over at server intellect, and wanted to slap it here so that I have an easy place to find it.

A black Remote Desktop Login Screen when connecting to your Windows Server 2003 Server is caused by registry entries changed either through minor corruption or user error. To resolve it, replace the registry entries with the ones in the registry script below. Simply copy and paste the below script into a text file, and rename it “rdpreset.reg”. Right click on the resulting file, and select Merge.

Windows Registry Editor Version 5.00

[HKEY_USERS.DEFAULTControl PanelColors]
“ActiveBorder”=“212 208 200”
“ActiveTitle”=“10 36 106”
“AppWorkSpace”=“128 128 128”
“Background”=“102 111 116”
“ButtonAlternateFace”=“181 181 181”
“ButtonDkShadow”=“64 64 64”
“ButtonFace”=“212 208 200”
“ButtonHilight”=“255 255 255”
“ButtonLight”=“212 208 200”
“ButtonShadow”=“128 128 128”
“ButtonText”=“0 0 0”
“GradientActiveTitle”=“166 202 240”
“GradientInactiveTitle”=“192 192 192”
“GrayText”=“128 128 128”
“Hilight”=“10 36 106”
“HilightText”=“255 255 255”
“HotTrackingColor”=“0 0 128”
“InactiveBorder”=“212 208 200”
“InactiveTitle”=“128 128 128”
“InactiveTitleText”=“212 208 200”
“InfoText”=“0 0 0”
“InfoWindow”=“255 255 225”
“Menu”=“212 208 200”
“MenuText”=“0 0 0”
“Scrollbar”=“212 208 200”
“TitleText”=“255 255 255”
“Window”=“255 255 255”
“WindowFrame”=“0 0 0”
“WindowText”=“0 0 0”
This will correct the colors on the login screen to Windows Server default.

Published
Categorized as work

More CSS Fun

As I am sure you gathered from other recent posts, we are using (read: testing) CSS for a lot of stuff.  Well, we found out a beautiful new issue when creating and editing projects from the command line. 

When you look at MSDN about adding a filter to a Project, you are presented with the following syntax:

/Filter “+text1.txt -*.exe -dir1 +…*.jpg”

Needless to say, that is not correct.  For AddProj, they syntax has to be correct, but for EditProj, syntax is a lot more lax (the below is the syntax for EditProj).  Regardless, everything in the quotes is incorrect.  Instead a filter should look like the following:

Filter=+“text.txt” -”*.exe” -“dir1” +”…*.jpg”

They are either updating the MSDN article or creating a KB article about this.

Copy Files Between Untrusted Domains Programmatically

Normally on a Windows machine when you attempt to access a share in a different domain you are prompted for credentials.  However, there are no copy utilities (copy, xcopy, robocopy, etc) that pass credentials in the command line.  Also, as it is an untrusted domain, you simply can’t do a RunAs (need to manually type in a password for that anyways).

The answer was so obvious, I can’t believe it didn’t come to me right away.  However, net use, the simplest of commands, is your friend again.  Using the following command you can initiate the connection and then copy between the machines as much as you like via normal UNC path.

net use [server][path] [password] /user:[username]

copy [server][path][more path]

net use [server][path] /delete /y

By using the following syntax there is no mapped drive.  There is simply a stored connection with the associated credentials for the life of the profile or until the delete command is run. 

PSExec

On my current project they deploy PSExec to all machines.  The downside?  It is a version from 2004.  Yes, that is right from over 5 years ago.  Needless to say, there has been nothing but problems with it.  Granted, PSExec is probably one of the easiest things to upgrade as you just need to upgrade the version that you are calling PSExec from.  It then copies itself out to the machine and does it’s job.  However, if the old version was ever tried against a machine, you may be in some weird state like we were where PSExec wouldn’t start, or it would and wouldn’t close, etc.

Stumbling along the internet I found someone else who had this issue.  However, his processes doesn’t always work because there may be something hanging onto the PSExecsvc.exe file still.  Instead I recommend using the following batch file.

sc %1 stop psexesvc
sc %1 delete psexesvc
del %1admin$psexesvc.exe
del %1admin$system32psexesvc.exe

 

It just deletes the service before it tries to delete the files.  Works like a charm.

CSS Project Destination Authentication Account

Been a long time again, but I have a few updates to put up here.  They may not help a lot of people, but they are good things that I want to remember 🙂

Commerce Server uses a pretty antiquated system for doing content and code promotions.  It is called Commerce Server Staging (CSS).  We have set it up, but want to better automate the deployment of all the CSS projects (jobs).  For the life of me, I could not figure out how to add in the destination authentication account programmatically.  Thankfully it wasn’t something short sighted I was missing.  After discussing with Microsoft for awhile, there is apparently some undocumented switches on CSS.exe.  After you add the project (css.exe addproj), you then need to edit the project with the following syntax:

css.exe editproj [project] Destination=[server];[username];[password]

Yay to automation!

Update:
Turns out you can do this with the Addproj also doing the same way with the semicolon separated items for the destination.

SQL Performance Optimizations

The team that I’m currently working on is focused on performance testing. None of us on the current team are really SQL experts though and we’re running into an issue that appears to be SQL related. Well, it turns out in SQL 2005, there’s these great new things: Database Management Views. What makes them even cooler is that you can pool them all together. And the hottest thing about this whole thing, is a script we found to do most of the work on our own. This things is awesome for SQL performance testing, and will definitely get a lot of reuse, that’s for sure.