نمایش نتایج: از شماره 1 تا 2 از مجموع 2
سپاس ها 3سپاس
  • 2 توسط patris1
  • 1 توسط patris1

موضوع: Using ISABPA for Proactive and Reactive Work with ISA Server

  
  1. #1
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272

    Using ISABPA for Proactive and Reactive Work with ISA Server

    کد:
    http://blogs.technet.com/yuridiogenes/archive/2009/03/13/using-isabpa-for-proactively-and-reactively-work-with-isa-server-part-1-of-2.aspx
    Part -1


    Using ISABPA for Proactive and Reactive Work with ISA Server – Part 1 of 2

    It is very interesting to me that many people didn’t fully realized yet the benefits of ISABPA. Certainly we already have lots of admins that use this tool, but do you know if you really use the full capability of this tool? This post will describe the most common scenarios of using ISABPA and how to take full advantage of it. In this first part of the post I’m going to discuss how ISA BPA can assist you proactively to mitigate possible issues.

    2. Proactive Health Check

    When you deploy ISA Server you should first of all plan, plan and plan. I worked in many cases where the ISA was installed like you install Microsoft Office, using NNF technology (Next, Next and Finish), no kidding. We all know that it is easy to install, but you need to collect information prior to deploy. Here some typical questions that can influence how you will size ISA for your environment:
    ·What type of scenario you plan to install ISA:
    oWeb Proxy?
    oFirewall?
    oVPN Access?
    oSecure Publishing Server?
    oAll of them?
    ·What applications are you planning to publish through ISA?
    oExchange OWA?
    oOutlook Anywhere?
    oSharepoint?

    This is definitely not the complete list, is just an example of some questions that you should ask your customer (or yourself) when planning an ISA Server installation. After gather all the data, go ahead and use ISA Server Capacity Planner to see if you have the correct hardware for ISA.

    Ok, but where ISA BPA comes in on this? I didn’t want to lose the opportunity to bring how important it is the planning phase; this is the reason why I started with that. ISABPA using Health Check option will be a post installation task.


    Figure 1 – Starting a new scan.

    The following screen shows ISABPA performing the scanning operation:


    Figure 2 – Scanning in Progress

    When this process finished you can click and view report and you will see (depends on the amount of warning or errors you have) a screen similar to Figure 3:


    Figure 3 – ISA Report

    This is an example of a pristine installation of ISA Server 2006 on top of Windows Server 2003 SP2 with some basic rules configured on it. Notice how many warnings I have and how many improvements I can make on this configuration. If you want more details about each one of those suggestions, just click on it and you will see what the recommendation is as shown in Figure 4:



    Figure 4 – Details about the warning message.

    If you want to see a hierarchal view plus more details about this configuration you can click in Tree Reports and you will have a view like the one below:


    Figure 5 – Tree Reports View.


    3. Conclusion

    In this first part of the article I explained some advantages of using ISA BPA for a proactive work, next article I will show you how ISBPA Tools can assist you during a troubleshooting scenario.









    موضوعات مشابه:
    ARM و pardazande سپاسگزاری کرده‌اند.

  2. #2
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://blogs.technet.com/yuridiogenes/archive/2009/05/07/using-isabpa-for-proactive-and-reactive-work-with-isa-server-part-2-of-2.aspx
    Part -2


    Using ISABPA for Proactive and Reactive Work with ISA Server – Part 2 of 2

    1. Introduction

    This week we launched ISA BPA V7 and this is a great opportunity to continue the explanation on how ISABPA can be useful for proactive and reactive work. Last session I explained how you can use ISA BPA for proactive work with ISA Server. This session will explain the benefits of using ISABPA while troubleshooting an issue.

    2. ISA Data Packager

    Besides the ISABPA itself, when you install this tool a group of programs is created within Microsoft ISA Server group as you can see in Figure 1:


    Figure 1 – Tools that are installed by ISA BPA.

    ISA Data Packager is a data gathering tool that can assist you to collect a set of data in one single shot. Let’s use as an example a scenario where user can’t access certain web sites. You can launch the ISA Data Packager and the first screen will present you the templates that are available:


    Figure 2 – ISA Templates.

    The template that you will choose will depend on the scenario that you are dealing with; here are some examples of usability of the main templates:


    Scenario
    Template
    Unable to access Internet
    Web Proxy and Web Publishing
    Unable to access some parts of the web site
    Get prompt for authentication when accessing a web site
    OWA Exchange Publishing rule not working
    Sharepoint Publishing rule no working
    Unable to establish a VPN Site to Site
    VPN
    Unable to connect from a client to ISA using PPTP or L2TP
    VPN
    When I open my ISA Console I receive a 0x800 Error and nothing shows up
    ISA Administration
    ISA Console is crashing
    Firewall Policy doesn’t show the rules
    Monitoring / Configuration shows one node is not out of Sync
    Configuration Storage Server
    When accessing Internet Firewall Client turns red.
    Firewall Client (NEW in ISABPA7)
    Collect data from ISA Server to review the configuration later (no issue to reproduce)
    Basic Repro and Static Configuration

    Next step is to choose the template according to the scenario, for this example I’m going to chose Web Proxy and Web Publishing. After select and click Next you will see the following screen:


    Figure 3 – Summary of the default selections

    A set of options are selected by default when you choose the template, those options will vary according to the template that was previously selected. Notice that ISAInfo Report is not selected, which is something that is very useful since with this information you will be able to review all the details from this particular ISA box. In case you want to add that in your data collection you just need to click Modify Options and the following screen will appear:


    Figure 4 – Changing default Options.

    Here are some other guidelines about this screen:
    ·If you are having issues such as prompt for authentication when browsing internet, or ISA Server losing the secure channel with the DC, make sure to enable the option Netlogon Logging.
    ·If you are not dealing with Performance issue, disable the option Performance Monitor Snapshot.
    ·If you are using MSDE Database for logging and you want to collect data from it, select MSDE Error Logs.
    ·Change Tracking is NEW in ISABPA7.

    After making the selection, click Start Data Collection and wait until the option press space bar to continue appears as shown in Figure 5:


    Figure 5 – Starting capture.

    At this point you should go to the workstation that is facing the problem and reproduce the issue that you are having. After reproduce the issue press space bar again in the collecting data window and wait until the CAB is generated.

    3. Now What?

    ISA Data Packager Creates a file called ISAPackage.CAB, by default located in the desktop. This file contains the following folder / files:


    Folder
    File(s)
    Description
    BpaDataPackagerLogFiles
    BpaDataPackagerLogFile.txt
    This is the ISA Data Packager Log that has information about the moment of the data collection. You will use this file to troubleshoot issues where the Data Packager failed to run for example.
    IDP.2009-5-7.9-8-29.trace.log
    Verbose logging for ISA Data Packager, also used to troubleshoot ISA Data Packager itself.
    BpaReportFiles
    BPAReport_ISACONTN1_200905070911.xml
    This is the ISA BPA Health Check report that you can load using the ISA BPA Tool.
    BPAReport_ISACONTN1_200905070911.xml.log
    Log for data collection of the ISA BPA, used to troubleshoot ISA Health Check itself.

    IsaConfigExport.200905070911.xml
    This is the export configuration of the ISA Server. Consider this your backup if you never made one, here it goes.
    EventViewerEvents
    Application.evt
    NEW on BPA7 – this is the export of the Application log in EVT format.
    EventViewer_ErrorEvents6.csv
    Only errors events (windows event viewer events) in CSV format.
    EventViewer_IsaEvents6.csv
    Only ISA errors events logged in windows event viewer.
    System.evt
    NEW on BPA7 – this is the export of the System log in EVT format.
    IsaInfoFiles
    ISAInfo_isacontn1.log
    Log for data collection of the ISA Info, used to troubleshoot ISA Info itself.
    ISAInfo_isacontn1.xml
    ISAInfo file that you can open using ISA Info tool from ISA Tools .org.
    ISALogs
    IsaLogs_Firewall_TextEXT_200905070911.csv
    Firewall Logging in CSV format.
    IsaLogs_WebProxy_TextEXT_200905070911.csv
    Web Proxy Logging in CSV format.
    IsaTraces
    isalog.bin
    Files used by Microsoft CSS Engineers only since they require internal symbols to parse it.
    manifest.txt
    NetworkCaptures
    External_20090507090839.cap
    Network Capture from the external interface. Correct, you don’t need to start netmon separately when using ISA Data Packager.
    LocalCorp_20090507090839.cap
    Network Capture from the Internal interface.

    Note1: amount of files and folders will vary according to the template that you choose.
    Note 2: file name will vary according to the date of the day.

    4. Conclusion

    With this set of data you have enough data to start troubleshooting the issue that you are facing with ISA Server. You have logs, network captures and capability to read ISA Server configuration. My recommendation is that you install this tool in your lab, and start to test simple scenarios so you get used to read those logs. Try to simulate simple issues in your lab and look the logs to see what you can do to fix the issue.





    ARM سپاسگزاری کرده است.

کلمات کلیدی در جستجوها:

open msdeerrorlogs

isa how to health check report

برچسب برای این موضوع

مجوز های ارسال و ویرایش

  • شما نمی توانید موضوع جدید ارسال کنید
  • شما نمی توانید به پست ها پاسخ دهید
  • شما نمی توانید فایل پیوست ضمیمه کنید
  • شما نمی توانید پست های خود را ویرایش کنید
  •