如何确认Windows下cmd是否以管理员身份运行?

如何确认Windows下cmd是否以管理员身份运行?

 

QQ截图20151223175332

 

这是一个常见的初学者问题,在应当需要使用管理员身份的时候没有启用管理员身份来运行 脚本或代码,而初学者 很难搞清楚 所谓以“管理员”身份运行到底是指什么?Windows上的这种描述实在太容易让初学者混淆了。

可以通过如下的命令来确认 是否当前cmd有用管理员身份运行:

 

 

 

 

whoami /groups | find "S-1-16-12288" && Echo I am running elevated, so I must be an admin anyway ;-)


如果有输出则代表具有 Mandatory Label\High Mandatory Level 最高权限,确实是以 管理员身份运行的。

如果没有输出则代表当前cmd没有最高权限。

 

 

Windows上如何禁用TCP/IP自动调优特性

之前有网友在t.askmaclean.com提问版上提问关于远程PL/SQL Developer连接Oracle数据库发现查询v$session会hang住的问题,而本地连接(local connection)则可以正常查询。

 

分析了问题相关的10046 trace和MOS上的一些案例发现可能是由Bug 9087501: SELECT FROM V$SESSION AND SOME OTHER DICTIONARY VIEWS HANG FROM A REMOTE CLIENT      所引起, 该Bug Note 还指出在Windows Vista上存在因为操作系统默认启用了TCP/IP Auto-tuning(TCP Window Scaling)从而可能导致使用如PL/SQL Developer这样的客户端登录数据库后某些查询Hang住的问题。 而在其他Windows版本中(如Win 7)没有默认启用该TCP/IP Auto-tuning特性,所以默认不存在该问题; 看起来Vista还真是一个失败的作品。

 

该TCP Window Scaling(接收窗口自动调谐级别)用以优化TCP网络的吞吐量,更多信息参考一下文本:

 

TCP Window Scaling
For larger window sizes to accommodate high-speed transmission paths, RFC 1323 (ietf.org/rfc/rfc1323.txt) defines window scaling that allows a receiver to advertise a window size larger than 65,535 bytes. A TCP Window Scale option includes a window scaling factor that, when combined with the 16-bit Window field in the TCP header, can increase the receive window size to a maximum of approximately 1GB. The Window Scale option is sent only in synchronize (SYN) segments during the connection establishment process. Both TCP peers can indicate different window scaling factors to use for their receive window sizes. By allowing a sender to send more data on a connection, TCP window scaling allows TCP nodes to better utilize some types of transmission paths with high BDPs.
Although the receive window size is important for TCP throughput, another important factor for determining the optimal TCP throughput is how fast the application retrieves the accumulated data in the receive window (the application retrieve rate). If the application does not retrieve the data, the receive window can begin to fill, causing the receiver to advertise a smaller current window size. In the extreme case, the entire maximum receive window is filled, causing the receiver to advertise a window size of 0 bytes. In this case, the sender must stop sending data until the receive window has been cleared. Therefore, to optimize TCP throughput, the TCP receive window for a connection should be set to a value that reflects both the BDP of the connection’s transmission path and the application retrieve rate.
Even if you could correctly determine both the BDP and the application retrieve rate, they can change over time. The BDP rate can vary based on the congestion in the transmission path and the app retrieve rate can vary based on the number of connections on which the app is receiving data.

 

 

为了在Windows Vista上正常使用受此影响的网络客户端程序,我们需要手动禁用该TCP/IP Auto-tuning特性,步骤如下:

 

1. 点击开始->ALL Programs -> Accessories(附件) -> 右键以管理员身份运行Command Prompt(命令提示符)

 

2.  输入命令”netsh interface tcp show global”

 

C:\Windows\system32>netsh interface tcp show global
Querying active state...

TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State          : enabled
Chimney Offload State               : automatic
NetDMA State                        : enabled
Direct Cache Acess (DCA)            : disabled
Receive Window Auto-Tuning Level    : normal
Add-On Congestion Control Provider  : none
ECN Capability                      : disabled
RFC 1323 Timestamps                 : disabled

 

若命令输出的Receive Window Auto-Tuning Level(接收窗口自动调谐级别)值 为normal则说明系统启用了Auto-Tuning特性。

 

3. 输入命令netsh interface tcp set global autotuninglevel=disabled 以禁用Auto-Tuning特性:

 

C:\Windows\system32>netsh interface tcp set global autotuninglevel=disabled
Ok.

C:\Windows\system32>netsh interface tcp show global
Querying active state...

TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State          : enabled
Chimney Offload State               : automatic
NetDMA State                        : enabled
Direct Cache Acess (DCA)            : disabled
Receive Window Auto-Tuning Level    : disabled
Add-On Congestion Control Provider  : none
ECN Capability                      : disabled
RFC 1323 Timestamps                 : disabled

 

4.  重启计算机,以便设置生效(restart computer)

 

5. 如今后希望再次启用该autotuning特性则可以在命令行中输入”netsh interface tcp set global autotuninglevel=normal”命令,并重启计算机

 

C:\Windows\system32>netsh interface tcp set global autotuninglevel=normal
Ok.

C:\Windows\system32>netsh interface tcp show global
Querying active state...

TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State          : enabled
Chimney Offload State               : automatic
NetDMA State                        : enabled
Direct Cache Acess (DCA)            : disabled
Receive Window Auto-Tuning Level    : normal
Add-On Congestion Control Provider  : none
ECN Capability                      : disabled
RFC 1323 Timestamps                 : disabled

 

Reference:
http://support.microsoft.com/kb/934430
http://technet.microsoft.com/en-us/magazine/2007.01.cableguy.aspx

利用ProcDump工具诊断Windows平台上的Oracle数据库性能

ProcDump与Procexp一样是Windows平台上的内部调试工具,Procexp采用图形界面体现系统整体及个别进程的性能信息,而ProcDump则与我们在Unix平台上使用的性能分析工具类似使用CLI命令行界面。

Procdump目前的版本号为3.04,可以从其Homepage上下载到该工具,该监控软件由Mark Russinovich开发,是一款Free Software。其官方介绍如下:

ProcDump is a command-line utility whose primary purpose is monitoring an application for
CPU spikes and generating crash dumps during a spike that an administrator or developer can use to
determine the cause of the spike. ProcDump also includes hung window monitoring
(using the same definition of a window hang that Windows and Task Manager use),
unhandled exception monitoring and can generate dumps based on the values of system performance counters.
It also can serve as a general process dump utility that you can embed in other scripts.

Procdump可以用于监控应用进程的CPU峰值,并在峰值阶段生成crash dump转储信息,其功能还包括:

  • 监控hang住的窗口
  • 可以为未处理的意外(unhandled exceptions)生成dump
  • 基于系统性能计数器(system performance counters)生成dump
  • 因为Procdump是基于命令行的,所以它可以被嵌入在脚本中

以下为Procdump的命令行选项:

   -64     By default Procdump will capture a 32-bit dump of a 32-bit process
           when running on 64-bit Windows. This option overrides to create a
           64-bit dump.
   -b      Treat debug breakpoints as exceptions (otherwise ignore them).
   -c      CPU threshold at which to create a dump of the process.
   -e      Write a dump when the process encounters an unhandled exception.
           Include the 1 to create dump on first chance exceptions.
   -h      Write dump if process has a hung window (does not respond to
           window messages for at least 5 seconds).
   -m      Memory commit threshold in MB at which to create a dump of the
           process.
   -ma     Write a dump file with all process memory. The default
           dump format includes thread and handle information.
   -mp     Write a dump file with thread and handle information, and all
           read/write process memory. To minimize dump size, memory areas
           larger than 512MB are searched for, and if found, the largest
           area is excluded. A memory area is the collection of same
           sized memory allocation areas. The removal of this (cache)
           memory reduces Exchange and SQL Server dumps by over 90%.
   -n      Number of dumps to write before exiting.
   -o      Overwrite an existing dump file.
   -p      Trigger on the specified performance counter when the threshold
           is exceeded. Note: to specify a process counter when there are
           multiple instances of the process running, use the process ID
           with the following syntax: "\Process(_)\counter"
   -r      Reflect (clone) the process for the dump to minimize the time
           the process is suspended (Windows 7 and higher only).
   -s      Consecutive seconds before dump is written (default is 10).
   -t      Write a dump when the process terminates.
   -u      Treat CPU usage relative to a single core.
   -x      Launch the specified image with optional arguments.

以下为常见的Procdump使用示例:

To just create a dump of a running process, omit the CPU threshold. If
you omit the dump file name, it defaults to _.dmp.

Example: Write up to 3 dumps of a process named 'consume' when it exceeds
         20% CPU usage for five seconds to the directory
         c:\dump\consume with the name consume.dmp:
            C:\>procdump -c 20 -s 5 -n 3 -o consume c:\dump\consume
Example: Write a dump for a process named 'hang.exe' when one of it's
         windows is unresponsive for more than 5 seconds:
            C:\>procdump -h hang.exe hungwindow.dmp
Example: Write 3 dumps 5 seconds apart:
            C:\>procdump -s 5 -n 3 notepad.exe notepad.dmp
Example: Launch a process and then monitor it for excessive CPU usage:
            C:\>procdump -c 30 -s 10 -x consume.exe consume.dmp
Example: Write a dump of a process named 'iexplore' to a dump file
         that has the default name iexplore.dmp:
            C:\>procdump iexplore
Example: Write a dump of a process named 'outlook' when total system
         CPU usage exceeds 20% for 10 seconds:
            C:\>procdump outlook -p "\Processor(_Total)\% Processor Time" 20
Example: Write a dump of a process named 'outlook' when Outlook's handle count
         exceeds 10000:
            C:\>procdump outlook -p "\Process(Outlook)\Handle Count" 10000

具体使用Procdump监控Oracle进程的方法:

在我们的场景中某个服务线程消耗了大量的CPU资源:

Terminal A:
sqlplus / as sysdba
SQL> select count(1) from obj$,obj$,obj$;

Terminal B:
C:\Users\Maclean Liu>procdump  -c 20  -ma oracle.exe

ProcDump v3.04 - Writes process dump files
Copyright (C) 2009-2011 Mark Russinovich
Sysinternals - www.sysinternals.com

Process:               oracle.exe (1776)
CPU threshold:         20% of system
Performance counter:   n/a
Commit threshold:      n/a
Threshold seconds:     10
Number of dumps:       1
Hung window check:     Disabled
Exception monitor:     Disabled
Terminate monitor:     Disabled
Dump file:             C:\Users\Maclean Liu\oracle.dmp

[19:56.51] CPU:          25%  1s
[19:56.52] CPU:          24%  2s
[19:56.53] CPU:          24%  3s
[19:56.54] CPU:          25%  4s
[19:56.55] CPU:          24%  5s
[19:56.56] CPU:          24%  6s
[19:56.57] CPU:          24%  7s
[19:56.58] CPU:          25%  8s
[19:56.59] CPU:          24%  9s
[19:57.00] CPU:          25%  10s

Process has hit CPU spike threshold.
Writing dump file C:\Users\Maclean Liu\oracle_110805_195700.dmp ...
Dump written.

Dump count reached.

因为Oracle.exe的cpu峰值达到了我们所设置的20,所以产生了进程dump转储文件oracle_110805_195700.dmp

Windbg是windows平台上的图形化dump分析工具,可以通过安装Debugging Tools for Windows包获得该程序,或者直接点击这里下载。

成功安装debugging工具后,从start->Debugging Tools for Windows (x86)->windbg启动工具,在主界面上选中File->Open Crash Dump 并输入dump文件的位置,成功分析后的显示:
windbg-dump-oracle

利用Procexp工具监控Windows平台上的Oracle数据库性能

我们可以从http://technet.microsoft.com/en-us/sysinternals下载到Windows平台上的系统内部调试工具包,这些工具中大部分是由Mark Russinovich编写的,其中最为著名的tools包括进程管探测器(Process Explorer)、Regmon等。

这里我们要介绍的是使用Procexp工具监控Windows平台上的Oracle性能信息。Procexp是一套功能齐全的进程信息管理工具,它使用图形界面显示(GUI),可以把它看做是Windows平台上taskmgr.exe任务管理器的扩展,事实上它完全足以代替taskmgr,前提是用户需要有一定的OS基础。

我们来看看Procexp针对运行在Windows上的Oracle(一种不太推荐的组合)时所能监控的信息:

1.进程属性

  • 包括进程的性能数据,包括CPU、Virtual Memory、Physical Memory、I/O、Handles
  • 查看详细的线程信息(包括个别线程的CPU使用率)
  • 查看线程堆栈(thread stack)
  • Kill/suspend thread

2.系统全局信息

  • 提供系统级别的性能数据

3.创建进程的DUMP文件

  • 创建FULL或minidump转储以便诊断BUG

4.识别文件句柄(Handle)或动态链接库(DDL)

  • 可以用来判断进程锁住了那些DDL文件或普通文件句柄

当我们在Windows上成功启动Oracle实例后就可以通过Procexp.exe工具来监控数据库性能了,使用十分简便,选中”Oracle.exe”进程之后右键菜单Properties即可浏览进程的属性:

procexp_monitor_oracle1

选中Performance面板后可以浏览进程的性能数据,这就像是Windows上的nmon命令,注意要使用管理员身份运行Procexp.exe,否则可能性能数据无法正确收集而显示N/A:

procexp_monitor_oracle2

选中Performance Graphy面板浏览图形化的性能趋势图:

procexp_monitor_oracle3

 

点击Thread面板我们可以浏览Oracle.exe进程下的线程信息,Windows平台上的一点不便就是无法通过线程信息直接判断该线程是哪个”后台进程”或”服务进程”,需要配合v$process视图才能做到。

SQL> select spid ,program from v$process;

SPID                     PROGRAM
------------------------ --------------------
                         PSEUDO
3124                     ORACLE.EXE (PMON)
4328                     ORACLE.EXE (VKTM)
5096                     ORACLE.EXE (GEN0)
2840                     ORACLE.EXE (DIAG)
2068                     ORACLE.EXE (DBRM)
2464                     ORACLE.EXE (PSP0)
4468                     ORACLE.EXE (DIA0)
120                      ORACLE.EXE (MMAN)
4424                     ORACLE.EXE (DBW0)
1312                     ORACLE.EXE (LGWR)
684                      ORACLE.EXE (CKPT)
5684                     ORACLE.EXE (SMON)
1016                     ORACLE.EXE (RECO)
4516                     ORACLE.EXE (MMON)
1108                     ORACLE.EXE (MMNL)
6108                     ORACLE.EXE (NSS2)
2728                     ORACLE.EXE (SHAD)

18 rows selected.

以上SPID=3124即指TID为3124的线程为PMON”后台进程”,在Thread面板上能够直接了解到某个线程的CPU使用率,这在我们诊断Oracle.exe进程有过高的CPU使用率时可以方便定位;点击stack按钮可以调出该线程当前的调用栈,这在我们确定BUG的时候很有用。

procexp_monitor_oracle4

 

同时在以上Thread面板上还可以使用Kill/Suspend按钮来杀死或停止某个异常线程(前提是我们确认所要杀死的线程是非关键后台的non-critical background thread),在Windows平台上这原本是需要使用orakill命令来完成的。

TCP/IP面板可以为我们提供简要的进程网络信息,包括Local Address和Remote Address,如果要获取更完整的信息可以配合其他网络监控工具(如工具包中的TCPView):

procexp_monitor_oracle5

 

另一个十分有用的功能是Environment面板,该面板用以显示详细的环境变量信息,如:Path,TEMP,ORACLE_SID,CLASSPATH等等,在诊断一些本地登录问题或实例异常问题时十分有效:

procexp_monitor_oracle6

Procexp工具也能像taskmgr那样监控系统级的性能信息,而且更为详细,点击主面板上的View -> System Information:

procexp_monitor_oracle7

 

如上文所述View DDL/Handle功能可以帮助我们了解Oracle进程所调用的动态链接库文件(DDL)和所持有的文件句柄(Handle)信息,因为Windows平台上某个被打开的文件时无法被同时修改或移动的,这在我们维护过程中可能造成许多麻烦, 而又因为win平台上没有如lsof,fuser这样的工具,所以我们在诊断Oracle软件的某些文件锁定问题时可以借助于该功能。

procexp_monitor_oracle8

如上图所示Oracle.exe持有”\Device\NamedPipe\*oraspawn_pipe*.4284“等多个文件的句柄。

procexp_monitor_oracle9

如上图所示Oracle.exe加载了多个ora开头的DDL,因为Windows平台上的特殊性,Oracle软件大量使用DDL库来替换在Unix平台上编译在Oracle 2进制镜像中的指令,这样方便了升级(直接替换DDL文件就可以了,无需编译,这也导致Windows平台上PSU/CPU补丁发布的特殊性),可以注意到这些DDL文件还标有Version信息,大多为11.02.0000.0001,编译时间为2010/2/10 9:01。

在较新版本的Procexp工具中还加入了create dump功能,以完善该工具的诊断能力。针对Oracle实例的异常现象和Bug可以创建进程转储信息,以便提交给Oracle Support分析问题,一般来说你并不需要亲自分析dump文件,这是一项高级功能,不要对正常运行着的生产数据库使用这一终极手段。

procexp_monitor_oracle10

总结

如果你还在抱怨Windows平台上为什么没有一个如Unix平台上NMON功能强大的监控软件的话,那么Procexp会是一个非常杰出的选择,另一点需要感恩的是这是一款免费软件,访问该软件的Homepage,可以让你了解更多的有用信息。

沪ICP备14014813号

沪公网安备 31010802001379号