Andy Malone MVP,MCT, Technology Evangelist Quality Training (Scotland) Ltd & Microsoft (UK)Whats New & Exciting in Windows Server 2008! - Part 1 Part 1 will cover! Getting to Know Server Core? Managing a Server Core Box AD Deployment Hyper-V Update System Centre Virtual Machine Manager Conclusions Part 2 will cover! Terminal Services! What is it and why you need it! Deploying Terminal Services Understanding TS Licensing & TS Session Broker! Deploying TS Remote Programs! TS Web Access Security Update: ADRMS & Other Stuff! Conclusions! Architecture & Background! Server Core! Reasons To Use Server Core Setup option in Standard, Enterprise, Datacenter Does DNS, AD, WINS, DFS-N, IIS and lots more Advantages Less RAM usage Easier on the CPU, less disk needed More secure Fewer services running Lack of a GUI reduces points of attack A GUI-less system is of less interest to lazy admins and so wont become a surfing station Server Core Drawbacks Very limited GUI; most GUI tools and Setup programs cannot run No.NET (but maybe in R2) Cannot perform many server functions Same license cost as full server install Most admins aren't familiar enough with CLI tools to get daily tasks done (hence this talk!) Setup GUI problems means that most apps cannot be installed at all Server Core Architecture Server Core Server Roles Server Core Security, TCP/IP, File Systems, RPC, plus other Core Server Sub-Systems DNSDHCP File AD Server With.NetFx, Shell, Tools, etc. TSIASRMS Share Point Etc GUI, CLR, Shell, IE, Media, OE, Etc. Server, Server Roles (for example only) AD LDS Media Server IIS 7 Hyper-V Print All of This Looks Great So What Now? Server Core Server Core provides a minimal server option No GUI shell, audio stack, active sync Same binaries as full version Windows directory Full: 6 GB, 35K files Core: 1.5 GB 13K files Less patch management Windows % of patches applied to removed components Reduced attack surface Smaller memory and disk footprints Runs supported server roles and features Not an application platform No.NET 3 rd Party Tools Coreconfigurator.exe Browsing the Web! Hardware on Server Core Plug and Play is included in Server Core If you add hardware with an inbox driver, PnP will silently install the driver If the driver is not included, but you have a PnP driver for the hardware Copy the driver files to the Server Core box Pnputil i a driverinf To list installed drivers sc query type= driver To remove a driver sc delete service_name Control Panel in Server Core? Limited functionality for specific scenarios Time zone, to change Control timedate.cpl Keyboards and/or language, to change Control intl.cpl Server Core The Basics! Deploying Active Directory! AD Preparation with ADPrep CommandDomain Controller adprep.exe /forestprepSchema Master adprep.exe /domainprep Infrastructure Master adprep.exe /domainprep /gpprep Infrastructure Master adprep.exe /rodcprep *Domain Naming Master Tip: Update PKI template to allow RODCs to enroll for domain controller certificates if you use smartcards After preparing your Active Directory for Windows Server 2008 be sure to check the process. Breadcrumbs to failures may be found in the event viewer, but real men will check the adprep.log files. AD Installed on Server Core! Preparing to DCPromo Perform any configuration setting that you require (tasks such as changing computer name etc. After changing the required server configuration, make sure that for the task of creating it as a DC you have the following requirements in place: A partition formatted with NTFS (you should, it's a server) A network interface card, configure properly with the right driver A network cable plugged in The right IP address, subnet mask, default gateway And most importantly, do not forget: The right DNS setting, in most cases, pointing to an existing internal DNS in your corporate network Manual DC Installation All in one command: dcpromo /unattend /SafeModeAdminPassword=Panda12 /ReplicaOrNewDomain=Domain /NewDomain=Forest /NewDomainDNSName=bigfirm.com /domainlevel=3 /skipautoconfigdns /forestlevel=3 /rebootonsuccess=yes Or get DCPROMO on a GUI system to create a script for you and run dcpromo /unattend:filename DCPromo Export Settings DCPromo Export Settings Cool New export option. Creates answer file. DCPromo Answer File Answer file Forrest Level dcpromo /unattend: dcpromo /unattend: Domain & Forrest Levels DomainLevel - This entry is based on the levels that exist in the forest when a new domain is created in an existing forest. Value descriptions are as follows: 0 = Windows 2000 Server native mode 2 = Windows Server = Windows Server 2008 ForestLevel - This entry specifies the forest functional level when a new domain is created in a new forest as follows: ForestLevel - This entry specifies the forest functional level when a new domain is created in a new forest as follows: 0 = Windows 2000 Server 2 = Windows Server = Windows Server 2008 Deploying Active Directory via a Unattend.txt file. Upgrading to Windows Server 2008 No Upgrade for Server Core Except from RC1 to RTM In-place GUI upgrading - Windows Server 2003 and Windows Server 2003 R2 can both be upgraded in-place to Windows Server 2008 In-place GUI upgrading - Windows Server 2003 and Windows Server 2003 R2 can both be upgraded in-place to Windows Server 2008 Transitioning - Migrating this way means adding Windows Server 2008 Domain Controllers to your existing Active Directory environment. Transitioning - Migrating this way means adding Windows Server 2008 Domain Controllers to your existing Active Directory environment. Restructuring - A third way to go from Windows Server 2003 Domain Controllers to Windows Server 2008 Domain Controllers is restructuring your Active Directory environment. This involves moving all your resources from one (Windows Server 2003) domain to a new and fresh (Windows Server 2008) domain. Tools like the Active Directory Migration Tool (ADMT) are priceless in these kind of migrations. Gotchas! Your servers do not meet the required patch level for in-place upgrading (The Windows Server 2003 patch level should be at least Service Pack 1) You want to upgrade across architectures (between x86, x64 and/or Itanium) You're running Windows Small Business Server 2003 or Windows Small Business Server 2003 R2 (upgrade scenarios for Small Business Server are uncertain at this moment) You want to switch Windows Server edition (to obtain clustering for instance) Standard Edition can be upgraded to both Standard and Enterprise Edition Enterprise Edition can be upgraded to Enterprise Edition only Datacenter Edition can be upgraded to Datacenter Edition only You want your Windows Server 2008 Domain Controllers to be Server Core installations of Windows Server Upgrading to Server Core is not possible More Gotchas! Your Windows Server 2003 Domain Controllers are equipped with a boot drive which has less than MB of free space. Windows Server 2003 Domain Controllers do not meet the Windows Server 2008 (recommended) System requirements. Applications on your existing Domain Controllers are not tested with or certified for usage on Windows Server Applications or installed components on your Windows Server 2003 have known problems when upgrading in-place to Windows Server Powershell and thus Exchange Server 2007are such programs! 2008 Forest Benefits Enhanced Active Directory Features Granular Password Policies Restartable Active Directory Advanced Encryption Services (AES 128 and 256) support for Kerberos Freshly-created Server 2008 forests shift to Server 2008FL automatically Last Interactive Logon SYSVOL Replicates with DFS-R (RDC) rather than the File Replication Services Does NOT support NT4 No Support for ADMT 3 (New version out now!) Managing Active Directory Virtualization Update! Management Microsoft Virtualization From the Datacenter to the Desktop Desktop Virtualization Windows Vista Enterprise Centralized Desktop Application Virtualization Presentation Virtualization Server Virtualization Profile Virtualization Document Redirection Offline files Windows Server 2008 with Hyper-V Technology A role of Windows Server 2008 (Std, EE, DC) Can be installed on both Windows Server 2008 Full and Core Production servers can be configured as a minimal footprint Server Core role Hyper-V Core standalone Version Free!! (PPVM+ Hypervisor based architecture Flexible and dynamic virtualization solution Managed by the Microsoft System Center family of products Gotha! No Drag & Drop (Like in VPC) Hyper-V Versions (Licensing) Hyper-V Server Free (Pay Per VM) Standard (1 Physical & 1 VM) Enterprise (1 Physical & 4 VMs) Data Centre (1 Physical & Unlimited VMs) Windows Server 2008 VSP Windows Kernel Applications Non- Hypervisor Aware OS Supported Windows OS Windows Kernel VSC VMBus Emulation Designed for Windows Server Hardware Windows hypervisor Xen-Enabled Linux Kernel Linux VSC Hypercall Adapter Parent Partition Child Partitions VMMS WMI Provider VM Worker Processes Microsoft Hyper-V Microsoft / Citrix (XenSource) User Mode Ring 3 Kernel Mode Ring 0 Ring -1 IHV Drivers VMBus Applications OS ISV / IHV / OEM Provided by: Hyper-V Architecture Application Planning! The Gotcha Determine Application Compatibility Processor architecture requirements Number of required processors Memory requirements Graphics adapter requirements Test the application in a VM Virtual Server 2005 Hyper-VHyper-V Up to 3.6 GB virtual memory 32-bit Single virtual CPU No USB devices Runs on Server 2008 Requires Intel VT or AMD-V Exchange 2007 Candidate app Installing Hyper-V ocsetup Microsoft-Hyper-V Tips on Deploying Hosts Hyper-V RTM is a free download. DO NOT USE THE BINARIES ON THE W2008 MEDIA! Install KB after installing Hyper-V on hosts and management. Deploy by hand: For a few hosts. Deploying using unattended: Slipstream Hyper-V using WAIK and deploy using WDS. SYSPREP: Requires some post install work - SCVMM 2008 Hyper-V & Laptops No support for wireless networking (http://tinyurl.com/5p9yq8) Cant sleep/hibernate system Use multiple spindles Disk for system Disk for virtual machines Intel Note: Santa Rosa Chipset and later Supports 4 GB and greater Creating Virtual Hard Disks VM Disks IDE or SCSI? Dynamically Expanding, Fixed Size, Differencing or Pass-Through*? Virtual Disk: Snapshots, differencing, dynamically expanding. 2TB limit per disk. 4 IDE or 256 SCSI per VM. Pass-Through: Up to 256TB. No virtual disk features. 4 IDE or 256 SCSI per VM. Networking VMs connect to the network via a Virtual Switch. A Virtual switch is mapped to a host machine NIC. You should have at least 2 NICs in the host. Might be best with 4 or more: Parent (1), clustering (1), Virtual Network(2). 3 types of virtual network: External, Internal and Private. Be careful: Internal and Private do not span hosts. No native NIC teaming in the virtual switch. As before, we rely on the OEM teaming driver. No support yet from the OEMs. Creating Virtual Machines NameLocationMemoryNetwork Virtual Hard Disk Operating System Managing Virtual Machines Managing Running Virtual Machines Installing SCVMM Tips Pre install WAIK SQL Server 2005 Express edition &.NET V3 installed as part of Setup! Can only be installed in an AD Integrated Environment Fixed IP Address Machine must be a clean install Difficult to Remove!! Install SCVMM Update for RC1 SCVMM Can run on a VM Installing SCVMM 2008 Creating Virtual Machines Steps: 1. Create virtual machine 2. Install guest operating system & latest SP 3. Install integration components 4. Install anti-virus 5. Install management agents 6. SYSPREP 7. Add it to the SCVMM Library Windows Server 2003 Create vms using 2-way to ensure an MP HAL Don't Forget! Windows 7 Beta Available at TechEd & PDC App-V (Application Virtualization) Physical to Virtual Migration! Coming in Hyper-V V2 Live Migration Hardware Hot Add! Physical to Virtual Migration! Physical to Virtual Migration! Conclusions! Getting to Know Server Core? Managing a Server Core Box AD Deployment Hyper-V Update System Centre Virtual Machine Manager Conclusions Thank you for attending this TechNet Event Find these slides at: Thank you for attending