A blog with focus on experiences with the Windows Client operating systems…
RSS icon Email icon Home icon

  • Follow-up to TechEd session WCL326: Five infrastructure changes that will boost performance for the Windows Client

    Posted on June 27th, 2012 By Andreas Stenhall + No comments

    So to summarize the key areas which you can look into when optimizing performance from an infrastructure point of view here is a summary of the key takeaways from TechEd session WCL326: Five infrastructure changes that will boost performance for the Windows Client.

    1. Slow machine boot and login / GPOs and scripts

    Use Windows Performance Toolkit (part of Windows 7 SDK) to troubleshoot what is happening during boot. Specifically narrow in one Group Policy in the section in the Generic events and look for and enable only the Group Policy provider to see what’s going on with group policies. Group policies and scripts are most often the bad guys when having performance problems with boot and login.

    Also use Event Viewer > Applications and Services > Windows > Group Policy > Operational log to look for instance events with id 5326, 8000, 8001or 5016. In particular the last one is of interest as this will quickly show you which Group policy extension is taking most of the time to finish.

    Cleanup, remove unnecessary settings and GPO objects. Convert scripts to Group Policy Preferences as necessary or make scripts running scheduled after startup or login to minimize the boot and login times.

    2. Optimizations for RDP

    Activate asynchronous login for users to speed up login for Remote Desktop Services and RemoteApp. Go to Administrative templates > Policies > System > Group Policy and set the setting for “Allow asynchronous user Group Policy processing when logging in to Remote Desktop Services”.

    Three other really great tweaks found in Administrative templates > Policies > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment:

    Do not allow font smoothing = Enabled
    Limit maximum color depth =  Enabled, set it to 32-bit
    Set compression algorithm for RDP data = Enabled, set it to Optimized to use less network bandwidth

    3. SMB 2.1

    To get full use of performance improvements in SMB2.1 protocol you need file servers that are running Windows Server 2008 R2 or if you are running a third party storage solution to activate SMB2.x support as that is not always activated by default and sometimes a firmware upgraded is needed.

    Performance increases based on my own performance measuring are varying from 10-80% performance increase.

    4. BranchCache

    Activate BranchCache feature from Server Manager on the content servers you want to use with BranchCache. Require windows Server 2008 R2 on the content server. For file shares make sure to enable the BranchCache feature on the share(s) you want to use with BranchCache. Also set the group policy “Hash Publication for BranchCache” on the file server(s) found in Administrative templates > Policies > Network > Lanman Server.

    To activate BranchCache on the Windows 7 client look in Administrative templates > Policies > Network > BranchCache and activate the required GPO settings.

    5. Upgrade key servers to Windows Server 2008 R2

    To gain use of RDP improvements, SMB2.1 improvements and actually make performance better for file handling the simple thing to do is to migrate to Windows Server 2008 R2.

    BONUS 1. Microsoft tool to measure performance:

    WDRAP (Risk and health Assessment Program for Windows Desktop) is a tool designed for enterprise customers that verifies overall performance, including bad drivers, apps that are causing the machine to start slowly etc. Contact your Technical Account Manager at Microsoft to get more information and analyzing the results with this tool. Microsoft themselves used this tool some time ago to improve performance in their environment, more on this in the Microsoft IT Case Study.

    BONUS 2. Hotfixes related to infrastructure and performance, Windows 7 Post-SP1:

    You experience a long domain logon time in Windows 7 or in Windows Server 2008 R2 after you deploy Group Policy preferences to the computer
    http://support.microsoft.com/kb/2561285

    Unexpectedly slow startup or logon process in Windows Server 2008 R2 or in Windows 7 (WMI issue)
    http://support.microsoft.com/kb/2617858

    Slow performance when you browse the My Documents folder in the document library in Windows 7 or in Windows Server 2008 R2
    http://support.microsoft.com/kb/2690528

    Improved interoperability between the BranchCache feature and the Offline Files feature in Windows 7 or in Windows Server 2008 R2
    http://support.microsoft.com/kb/2675611

    General Q and A

    Q: Can I use this tool to measure performance and troubleshoot on Windows XP?
    A: You can run the tool on Windows XP by copying xbootmgr and xperfctrl.dll to an XP machine. You can then analyse the results on a Windows 7 machine. However do not expect the same amount of detailed data as Windows 7 has introduced new features that are not available in Windows XP.

    Any further questions around the session or the topics, feel free to leave a comment to the article or send me an email on andreas.stenhall@knowledgefactory.se.

    SLIDES: Download the slides from the session WCL326

     

  • Case of “catastrophic failure” and error 0x8000ffff with Group Policy Preferences mapping printers

    Posted on April 7th, 2011 By Andreas Stenhall + No comments

    Mapping printers using Group Policy Preferences is a really nice feature and it is supposed to be working much better than using traditional scripting technologies. Let me tell you about an interesting day troubleshooting why printers didn’t want to map using Group Policy Preferences. In the logs it just stated “catastrophic failure” which does not sound good at all nor makes much sense.

    Log Name: Application
    Source: Group Policy Printers
    Event ID: 4098
    Description: The user 'X' preference item in the 'Y {3EE4E80F-17CB-4E56-9237-4FC8B9FA090A}' Group Policy object did not apply because it failed with error code '0x8000ffff Catastrophic failure' This error was suppressed.

    Logging in as the user on another machine did not produce the same problem and the mapping of printers work fine, as did mapping the printers when logging in using an administrator account.

    This got me thinking that I should try mapping a printer manually as the standard user so I did. It got me a “You do not have permission to use the selected printer” which made me turn to the classic tool Process Monitor and to start a trace. It didn’t take long to see that after filtering all logs for a result of “denied” resulted in the following line:

    Operation: CreateFile
    Result: ACCESS DENIED
    Path: \\printserver\print$\w32x86\3\OPLO_UM.dll
    Desired access: Generic Read

    Note that CreateFile does not necessarily mean to create a file, it can mean “read file” as documented by Microsoft for the CreateFile function. 

    So the conclusion was that after investigating with the printer department the printer share “print$” security permissions did not match the user and the user actually did not have read permissions to read the driver which is an absolute requirement for the printer to be mapped (as the print driver is actually installed when the printer is mapped).

    Also one setting that affected the behavior was that one have to set “Run in logged-on user’s security context” in the Common tab of the printer mapping Properties. This is an essential part of the solution…

    Case closed!

  • Split services for troubleshooting purposes

    Posted on October 7th, 2010 By Andreas Stenhall + No comments

    In Windows you might know that a lot of services do not run as separate processes, instead many of them are actually run within the famous svchost.exe processes. To see this in action just go to a cmd.exe and type “tasklist /svc” and it will list all processes and subprocesses. It might look like:

    svchost.exe    AeLookupSvc, Appinfo, AppMgmt, BITS,
                   Browser, CertPropSvc, gpsvc, IKEEXT,
                   iphlpsvc, LanmanServer, MMCSS, ProfSvc,
                   Schedule, SENS, SessionEnv,
                   ShellHWDetection, Themes, Winmgmt, wuauserv

    If you need to do some troubleshooting or investigate something related to a certain process that is running with other services you can split this service to make in run in its own process. This is done by using the command:

    sc.exe config servicename wuauserv type= own

    Which in this case makes sure that the Windows Update service (wuauserv) will be run in its own process, for you to troubleshoot. Set it back to its original setting by changing “own” to “share” in the above command. You can find more information about this in KB934650.

  • Case of the CHM files which give you “Navigation to the webpage was canceled”

    Posted on August 23rd, 2010 By Andreas Stenhall + No comments

    Opening CHM (Windows Help Files) downloaded from the internet or from a network location will most likely give you “Navigation to the webpage was canceled” and it will refuse to display the contents of the help file. This is due to changes that were introduced some years ago by a security update, and this is the default behavior in Windows Vista and 7 (and their Windows server equivalents).

    I experienced this case at a customer site and to resolve the problem you can follow the steps in MS KB article KB896054. However adding the trusted UNC path caused some problems in this case, as the UNC path was sort of hidden because the CHM file was opened from an embedded link within an application.

    So to find the UNC path from where the CHM file was opened I had two choices, either to use the famous Sysinternals tool Process Monitor to trace the open file action, but I chose a quicker way. Opened CHM files are logged in a file called hh.dat which can be found at C:\users\\AppData\Roaming\Microsoft\HTML Help. This file, when opened with WordPad contains the path to the opened CHM file, which lead me to the key which was an important part of this solution.