Robin M's questions

I think there's a bug in the way that DSC chooses the certificate file that is used for credential encryption, such as with the Service resource and a PSCredential.

The DSC configuration uses the wrong CertificateFile from the AllNodes collection if a node name is contained in a subsequent node name (the node order is significant). This means that the encrypted value sent to the node may be wrong.

Here's a repro including two tests. Both tests should fail but the first succeeds (with the wrong certificate):

$password = ConvertTo-SecureString "password" -AsPlainText -Force
$serviceCredential = New-Object System.Management.Automation.PSCredential ("username", $password)
$currentPath = Split-Path -Parent $MyInvocation.MyCommand.Definition

$thisShouldNotWork = @{
    AllNodes = @(
        @{
            NodeName = "web1"
            CertificateFile = "nonexistentfile"
        },

       @{
            NodeName = "customerweb1"
            CertificateFile = "$currentPath\mycert.cer"
        }
    );
}

$thisDoesNotWork = @{
    AllNodes = @(
        @{
            NodeName = "web1"
            CertificateFile = "nonexistentfile"
        },

       @{
            NodeName = "customerweXb1"
            CertificateFile = "$currentPath\mycert.cer"
        }
    );
}

Configuration DscWebServer
{
  Node $AllNodes.NodeName
  {
    Service "Service Started"
    {
      Name = "MyService"
      State = "Running"
      Credential = $serviceCredential
    }
  }
}

Write-Host "Test 1" -ForegroundColor Blue -BackgroundColor White
DscWebServer -OutputPath .\DSC -ConfigurationData $thisShouldNotWork
Write-Host "Test 2" -ForegroundColor Blue -BackgroundColor White
DscWebServer -OutputPath .\DSC -ConfigurationData $thisDoesNotWork

I've reported this on Connect but wanted to raise it here in case it's helpful or there's something unusual about what I've done. Can anyone explain this behaviour?

UPDATE: Microsoft confirmed this as a bug and fixed it in May 2015. I got this feedback: "This issue has been fixed in WMF5 April Preview. Please let us know if you disagree :)"

I'm trying to monitor an MSMQ queue counter using Nagios (3.0.1). The remote server is running NC_Net. The check_command config looks like this:

check_command check_nt!COUNTER!-l "\\MSMQ Queue(servername\\private$\\queuename)\\Messages in Queue","%.f messages in MSMQ queue" -w 5 -c 10

This doesn't work. I believe that the dollar symbol needs to be escaped and I'm having trouble working out how.

This article suggests "$$" ie.

check_command check_nt!COUNTER!-l "\\MSMQ Queue(servername\\private"$$"\\queuename)\\Messages in Queue","%.f messages in MSMQ queue" -w 5 -c 10

but that doesn't work. I've tried a few other methods (backslash, single quotes etc).

Any suggestions?

EDIT:

I've been doing some testing via the command line which is one reason I believe it's the $ causing the problem. The following works:

./check_nt -H hostip -v COUNTER -l "\\MSMQ Queue(Computer Queues)\\Messages in Queue","%.f messages in MSMQ queue" -w 5 -c 10

but this doesn't:

./check_nt -H hostip -v COUNTER -l "\\MSMQ Queue(servername\\private$\\queuename)\\Messages in Queue","%.f messages in MSMQ queue" -w 5 -c 10

I've also used ECHO to see how those commands expand but that hasn't helped me.

EDIT:

Turns out it wasn't the dollar symbol. See below.

I'd like to be able to allow the development team to install services on a Win2003 server. They can already connect via RDP/FTP with limited accounts but I'd like to be able to grant installation privileges.

How do I do that without granting admin rights?

(The services are created using the .NET framework so we're installing with C:\Windows\Microsoft.NET\Framework\v2.0.50727\installutil.exe)

I need to sync a number of IIS6 webservers in a farm. I currently use ViceVersa (with the VVEngine service) which does a good job of keeping files in sync but I'd like to move to the Microsoft web deployment tool (msdeploy). That way, the configuration stays in sync too.

So, the question is how do you schedule/trigger the synchronization?

• Do you use the Windows scheduler?
• Is there something built in to the web deployment tool service that I've missed?
• Something else?

Ideally, the synchronization would be triggered by a change on the primary webserver.

I have an IIS 6 server running on Windows 2003 SP2 x86. The server has 4GB of RAM and runs consistently with 2GB allocated.

I realise that with x86, the server won't utilize all of the 4GB RAM and the application space is also limited but the IIS processes seem to be limited elsewhere. w3wp.exe never has more than 500MB allocated and I occasionally get OutOfMemory exceptions from a busy .NET application (there are several applications running, each with a separate application pool).

What is the maximum memory that an IIS6 web site/app pool can use?

I have an IIS 6 server serving an application using a mix of classic ASP and ASP.NET.

I'm increasingly getting problems where the number of requests in the ASP.NET requests queue (observed using the ASP.NET\Requests Queued counter) starts to increase to a point where the server can no longer service the requests. That happens a three or four minutes from the point where queued requests starts increasing. Recycling the application pool restores service.

Normally, requests queued is zero and occasionally there'll be small spikes but it seems that once or twice a day, a number of requests are blocking the queue and queued requests starts to increase.

I suspect there are network problems causing clients to lose their connection (and re-submit their request) and the requests in the queue continue despite losing their client.

How can I diagnose the problem? Can I look at the status of requests in the queue? Do I need the MS Debug Diagnostic Tool or one of these tools?

I'm looking for the best tools/techniques for monitoring IIS performance problems and then debugging them. I'm particularly interested in ASP.NET applications.

This may be a combination of tools or there may be something that is good for both?

(I'll add an answer or two based on my experience, for my future reference!, but I hope I'll get some other answers with useful tools to add to my collection)