Wednesday, January 26, 2011

System File Reliability

In each release of Microsoft Windows for the workstation or server, Microsoft has made great attempts to increase the reliability of the system by extending the number of included hardware drivers. This holds true today for Windows Server 2008 R2 and Windows 7, which to date have the most complete set of hardware and device drivers. Of course, Windows Server 2008 R2 is only available in 64 bit, which does limit hardware compatibility to a certain degree. Microsoft works hand in hand with software and hardware manufacturers to provide the means for these manufacturers to create the best drivers for Windows that will provide the highest level of reliability for the client and server operating systems.

System File Stability
Windows Server 2008 R2 and Windows 7 allow an administrator to control the level of security associated with hardware drivers. Because Microsoft works closely with independent hardware vendors (IHVs), Windows Server 2008 R2 and Windows 7 support extensive brands of hardware and client/server peripherals. When an IHV tests its hardware and passes certain Microsoft requirements, its hardware driver is certified, digitally signed by Microsoft, and, in most cases, added to the Hardware Compatibility List (HCL) for the particular platform or operating system. If the driver is certified early enough in the operating system development process, the driver is included with the operating system.

Most new hardware will be detected by Windows and will prompt to search the local file system or Windows Update to find the driver. If the hardware was tested and verified by Microsoft before the production release of Windows, it should be found and added automatically. If the hardware was certified after the release of Windows, it might be included in Windows Update or the administrator might be required to locate, download, and install the driver right from the manufacturer’s website.

In most cases, administrators should only install drivers provided by Microsoft and digitally signed by Microsoft Windows Hardware Compatibility Publisher. In other cases, however, especially when it comes to connecting to external disk storage, it might be preferential and required to use the driver provided by the manufacturer. Unsigned drivers are not accepted by default on Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2. These drivers are not fully tested and can cause issues. Make sure to check with the hardware manufacturer for compatibility before purchasing any new or used hardware that will be attached to a new Windows Server 2008 R2 system. In particular, disk controllers and disk access are critical to server stability and administrators should always try to configure their disk controller firmware version and driver version to match the recommended manufacturer and Microsoft specification; otherwise, data corruption or loss might result.

File Signature Verification (Sigverif.exe)
File Signature Verification is a graphic-based utility that can be used when it is suspected that original, protected, and digitally signed system files or drivers have been replaced or overwritten after an application or device installation. This tool checks the system files and drivers to verify that all the files have a Microsoft digital signature. When unsigned or incorrect version files are found, the information, including filename, location, file date, and version number, is saved in a log file and displayed on the screen.

To run this tool, click Start, Run, and in the search pane, type Sigverif.exe, and press Enter. When the window is open, click Start to run a check for signed drivers and system files in the operating system. This starts a scan of the devices drivers and if they all pass, a window will open stating that the files have been scanned and verified and digitally signed. Click OK to close the pop-up and click Close to close the File Signature Verification window.

System File Checker (Sfc.exe)
The System File Checker is a command-line tool that is similar in function to the File
Signature Verification tool, but any detected incorrect files are automatically replaced with the Microsoft version of the detected file. This tool can be dangerous and cause serious problems if the administrator is not sure if certain Windows files or unsigned drivers are required for the operating system to function properly. This tool should be used if operating systems become unstable and drivers or system files are suspected or logged as possible causes of problems.

Sfc.exe can be configured to run using Group Policy. Sfc.exe options are configurable using Group Policy with settings found in Computer Configuration\Policies\Administrative Templates\System\Windows File Protection. This might be a good option for supporting workstations to maintain system stability. It might also prove to be useful for servers, but as a general guideline, use is on workstations and servers only when system file corruption or driver issues have been reported as problematic.

Sfc.exe scans and replaces any system files that it detects are incorrect. If any unsigned drivers are necessary for operation, do not run this utility; otherwise, the files might be replaced and cause your hardware to operate incorrectly, producing data corruption, loss of functionality, or actually producing different problems.

Source of Information :  Sams - Windows Server 2008 R2 Unleashed

No comments: