[SDP 3][a203be4b-86ed-4705-a2df-e6aa82b0acf0] Cluster Network Diagnostic for Windows Server 2008 Enterprise

The Cluster Network Diagnostic collects data either statically or interactively.

The Static Data Collection option collects static configuration information.

The Interactive Data Collection option allows the user to collect data while the issue is reproduced, and then also collects static configuration data.

The diagnostic generates a dialog box that prompts the user to start tracing. When the user clicks Next, the diagnostic enables NetFT ETL logging and network capturing by using NetMon 3.4. A stop tracing dialog box appears directly after logging starts. In the background, this diagnostic stops tracing by monitoring the event log for three event IDs. If any of the three are logged, data collection stops. The stop tracing dialog box remains present even if data collection stops. This lets the user stop tracing if necessary.

Information collected

Event logs - Failover Cluster

Event logs - Networking

FailoverCluster feature

File version information (Chksym)

General information

Hyper-V role

IPsec

IPv6Check

IPv6To4Check

Network capture

Registry keys

Server manager and server roles information

Servicing and related logs

In addition to collecting the information that is described earlier, this diagnostic package can perform the following tasks:

• Check for Symantec Endpoint Protection MR1/MR2
• Check for evaluation media
• Check whether Page Heap is enabled to one or more processes
• Check whether driver verifier has been enabled for at least one driver
• Check for ephemeral port usage
• Check for ephemeral port usage
• Detect Advanced Format drives
• Detect native 4K drives on the system
• Check whether KB982018 is installed, or if the files are outdated
• Check whether EMC Replistor software is on the computer but KB975759 is not installed
• Check for unsupported versions of Windows Vista and Windows Server 2008
• Check whether DEP and PAE are enabled on a 32-bit system
• Check whether Ultimaco Safeware disk encryption is installed and is the latest version
• Check whether Telnet service is running under System account
• Check for known issue with BIOS version of PowerEdge R910, R810, and M910
• Check the value of SystemPages in Memory Management registry key
• Detect whether this computer is a virtual machine running in Microsoft Azure
• Detect Windows XP End-of-Support
• Check whether cluster groups are in Offline or Failed state
• Check for errors while gathering cluster information through the Get-ClusterNode cmdlet
• Check whether the state of one or more cluster nodes is down or paused
• Check whether Cluster service is not running or is offline
• Check whether the Cluster Name Object (CNO) exists and is enabled in Active Directory Domain Services (AD DS)
• Check whether Cluster Shared Volumes is configured to redirected access
• Check whether Cluster Shared Volumes is configured for local access
• Check whether Cluster Shared Volumes is configured to maintenance mode
• Check whether Cluster Shared Volumes is configured to network access
• Check for third-party virtualization solution from Xsigo
• Check for LmCompatibilityLevel setting
• Check firewall rules on cluster nodes with IPv6 enabled
• Detect whether there are no orphan resources
• Check whether FailoverCluster Crypto resource exists
• Check for FailoverCluster missing dependent resources
• Detect whether Cluster nodes have the correct CAU WMI namespace registered
• Detect whether Cluster nodes have the correct MSCluster WMI namespace registered
• Check for the presence of HKLM\Components registry keys that indicate a recent component installation
• Check for the presence of Pending.XML in WinSxS folder
• Check whether SYSTEM permissions in usbhub.sys
• Run DISM to check servicing corruption
• Check for event ID 5 from Windows Backup (KB 2182466)
• Check for Veritas disk VXIO device states
• Check the number of entries in FilesNotToBackup registry key
• Check for Bitlocker Drive Encryption Fixed Data Drive Read-Only Policy
• Detect the presence of vLite software though registry key
• Check state of 'Application Compatibility Engine' policy
• Check DNS Zones for top level CNAME records
• Windows Firewall start mode check
• Windows Firewall Running check
• IPv6 check
• IPv6 6To4 interface check
• Check whether more than 32 GB of physical memory and operating system is Windows 2008 R2 Standard Edition
• Check whether PMTU has been disabled on computer
• Check for unexpected TcpIp registry settings (KB967224)
• Check for excessive number of 6to4 adapters; this may decrease startup and logon performance
• Check whether Tunnel.sys driver is missing a Windows Server 2008 R2 Server Core installation option
• Check for problem related to Microsoft DHCP Relay Agent; this may cause slow startup (KB2459530)
• Check HTTP Redirection on TSGateway
• Check whether the SMB2 Client driver has been disabled
• Check whether the SMB2 Server driver has been disabled
• Check whether Opportunistic Locking has been disabled
• Check whether InfoCacheLevel setting is configured to enable caching for all files and folders
• Check whether McAfee HIPS 7.0 is installed
• Event logs messages
• Check whether there are any virtual machine with High CPU utilization
• Check whether dynamic memory is enabled to one or more virtual machines
• Check whether dynamic memory is enabled on one or more virtual machines with old Integration Services
• Check for version mismatches of Integration Services
• Check whether one or more virtual machines have virtual hard drives located on an disk with Advanced Format Drives (512e disks)
• Check whether a %Component% Event trace log file was collected

References

For more information about the Microsoft Automated Troubleshooting Services and about the Support Diagnostics Platform, see the following Microsoft Knowledge Base article:

2598970 Information about Microsoft Automated Troubleshooting Services and Support Diagnostic Platform