CTE Ottawa Seminar Day - September 7th, 2012 This clinic will cover key new features in Windows Server 2012. It will outline new management and access features for areas such as Server Manager, Active Directory and PowerShell. It will also cover storage and network improvements as well as High Availability and significant changes to Hyper-V contained within Windows Server 2012. This clinic is intended for IT Professionals who are interested in learning about the new features and functionality in Windows Server 2012. People who are key influencers and technology decision makers in an IT organization will also be interested in attending this clinic and will benefit from gaining early insight into some of the latest technologies included in Windows Server 2012. In general, early adopters of new technology or people looking to gain early insight into new functionality in Windows Server 2012 will benefit from attending this First Look Clinic.
Citation preview
1. First Look Clinic:Windows Server 2012CTE Ottawa Seminar Day
September 7th, 2012
2. Introduction Name Company affiliation Title/function Job
responsibility Windows administration experience Windows Server
experience Your expectations for the clinic
3. Clinic MaterialClinic HandbookA succinct classroom learning
guide that provides criticaltechnical information to optimize
yourin-class learning experience.
http://www.microsoft.com/learning/
4. Facilities Class hours Building hours Parking Restrooms
Meals Phones Messages Smoking Recycling
5. About This Clinic Description Audience Clinic Prerequisites
Clinic Objectives
6. Clinic Outline Module 1: Server Management in Windows Server
2012 Module 2: Storage, Networking and Availability in Windows
Server 2012 Module 3: Hyper-V in Windows Server 2012
7. Demonstration: Using Hyper-V ManagerIn this demonstration,
you will learn how to: Open Hyper-V Manager Navigate the various
sections/panes within Hyper-V Manager Virtual Machines, Snapshots,
and Actions: Server specific and Virtual Machine specific Identify
the virtual machines (VMs) used in the labs for this course Take a
Snapshot and Apply a Snapshot Connect to a VM Start and log on to a
VM Switch between the full screen and window modes Revert to the
previous Snapshot Shut down a VM Understand the difference between
Shut Down and Turn off Close Hyper-V Manager
8. Module 1Server Management inWindows Server 2012
9. Module Overview Whats New in Server Manager Windows
PowerShell and Server Core Enhancements Whats New in Active
Directory Dynamic Access Control Introducing IP Address
Management
10. Lesson 1: Whats New in Server Manager Administering Servers
with Server Manager Adding Roles and Features
11. Administering Servers with Server ManagerUsing Server
Manager, youcan: Manage multiple servers from one instance of
Server Manager Deploy roles and features to remote servers Generate
Windows PowerShell scripts for actions performed in Server Manager
Group servers View the status of all servers from a single location
Determine whether roles on the network are functioning
efficiently.
12. Adding Roles and Features Remotely deploy roles and
features Add roles and features to virtual hard disks even if the
virtual machine is turned off.
13. Demonstration: Exploring Server Management inWindows Server
2012In this demonstration you will: Start the Server Manager
console. Add a server role or feature. View role related events.
Run the Best Practice Analyzer for a role. List the tools available
from Server Manager. Open the Start Menu. Log off the currently
logged on user. Restart Windows Server 2012.Recorded Demo -
Configuring Server Manager.wmv
14. Lesson 2: Windows PowerShell and Server CoreEnhancements
Using Windows PowerShell in Windows Server 2012 Removing the
Graphical Interface
15. Using Windows PowerShell in Windows Server 2012The new
PowerShell Integrated Scripting Engine (ISE)provides: Integrated
help enables you to search for Windows PowerShell cmdlets if you
know a few characters in their name. IntelliSense - which suggests
values as you type and prompts you for parameter values.
16. Removing the Graphical Interface Benefits of Using Server
Core Reduced update requirements. Reduced hardware footprint.
Graphical shell is now a feature. Can be turned off and back on
again Server Core Installation Options Server Core. The standard
deployment of Server Core. It is possible to convert to the full
version of Windows Server 2012. Server Core with Management. This
works the same as a deployment of Windows Server 2012 with the
graphical component, except that the graphical components are not
installed
17. Lesson 3: Whats New in Active Directory Key New Features
Deploying Domain Controllers Virtualization-Safe Technology Group
Managed Service Accounts
18. Key New FeaturesNew features of AD DS: New deployment
methods Simplified administration Virtualized domain controllers
Active Directory module for PowerShell Windows PowerShell History
Viewer Active Directory Federated Services Active Directory Based
Activation
19. Deploying Domain Controllers All configuration of domain
controllers can be done through a wizard in Server Manager AD DS
binaries can be installed using PowerShell Dism.exe is more complex
to use Dcpromo is only supported in Unattended mode
20. Virtualization-Safe TechnologyYou can safely clone existing
virtual domaincontrollers by: Creating a DcCloneConfig.xml file and
storing it in the AD DS database location. Taking the VDC offline
and exporting it. Creating a new virtual machine by importing the
exported VDC.DcCloneConfig.xmlto AD DS databaselocation Export the
VDC Import the VDC
21. Group Managed Service Accounts Group Managed Service
Accounts provide: Automatic password and SPN management to multiple
servers in a farm A single identity for services running on a farm
Farm server1 Farm server2 Group managed Farm service server3
account
22. Lesson 4: Dynamic Access Control Introduction to Dynamic
Access Control What are Claims? Using Central Access Policies and
Rules Classifying Objects Using Resource Properties
23. Introduction to Dynamic Access Control Dynamic Access
Control provides : Data Identification Access Control to files
Auditing of access to files RMS protection integration Give users
access to file system objects based on their attributes in Active
Directory and the Classification of the file system object Finance
Finance
24. What are Claims? Claims are statements made by AD DS about
specific user or object in AD DS AD DS in Windows Server 2012
supports : User claims Device claims Can be based on existing
Active Directory attributes Typical implementation might use
Department Department: Sales Level: 5 Site: Berlin Role:
Manager
25. Using Central Access Policies and Rules Central Access
Rules define access based on user attributes (claims) and resource
properties Central Access Rules are grouped into Central Access
Policies Central Access Policies are pushed to file servers using
group policies A Central Access Policy has three configurable parts
: Applicability. Access conditions. Exception.
26. Classifying Objects Using Resource Properties You manage
Resource Property objects in Resource Properties container in
Dynamic Access Control node In ADAC There is a new Classification
tabfor file system objectProperties in FSRM The Classification tab
allows you to addclassifications to files and folders
27. Demonstration: Implement Dynamic AccessControl In this
demonstration, you will step through the process and UI for the
following: Creating and Enabling Claim Types Creating Central
Access Rule Creating Central Access Policy Enabling Dynamic Access
Control and Kerberos armoring via Group Policy
28. Lesson 5: Introducing IP Address Management Introducing IP
Address Management Server Discovery Address Space Management
29. Introducing IP Address ManagementIPAM has the following
functionality: Address Planning DHCP Address Allocation Usage
Tracking Troubleshooting Auditing IPAMKey Prerequisites: The IPAM
server DNS must not be a domain controller You must log on to the
IPAM server using a domain account
30. Server Discovery Agentless discovery Server connects to
DHCP servers, DNS servers, domain controllers, and Network Policy
Servers Client connects to IPAM server to view data Client connects
to DHCP and DNS servers to perform updates Update Query DHCP, DNS,
NPS, IPAM Client Domain Controllers IPAM Server Agentless
Discovery
31. Address Space Management Address blocks Contiguous range of
IP addresses Address ranges Sub-division of address block for
internal allocation IP addresses Individual IP addresses
32. Demonstration: IP Address Management In this demonstration,
you will use IPAM Server to perform a server discovery
33. Module Review Module Summary Review Questions
34. Module 2Storage, Networking and Availability in Windows
Server 2012
35. Module Overview Storage Enhancements Whats New in Remote
Access New and Improved Networking Technologies Availability
Enhancements
36. Lesson 1: Storage Enhancements New Storage Features in
Windows Server 2012 Storage Spaces and Storage Pools SMB 3.0 iSCSI
Target Server Microsoft Online Backup
37. New Storage Features in Windows Server 2012 Multi-terabyte
volumes Data Deduplication Storage Spaces and Storage Pools Unified
remote management of File and Storage Services in Server Manager.
Server Message Block (SMB) 3.0 iSCSI Target server Resilient
System(ReFS) Scale-Out File Server Windows PowerShell cmdlets for
File and Storage Services.
38. Storage Spaces and Storage Pools Provides RAID
functionality without the need for RAID hardware or software
Enables striping, mirroring, and parity Can be configured from
Server Manager, Control Panel, or PowerShell Provisioning Schemes
Thin Provisioning space Fixed provisioning space
39. SMB 3.0 High Speed SMB Multi-Channel SMB Direct SMB
Encryption
40. iSCSI Target Server iSCSI Target is included with Windows
Server 2012 as a role service New Features include Authentication
Query initiator computer for ID. Provides iSCSI network storage to
provide network storage to systems including: Application servers
Hyper-V Clustering Diskless systems
41. Microsoft Online Backup Back up to the cloud Uses Windows
Server Backup Extensible to enable third-party providers
42. Lesson 2: Whats New in Remote Access DirectAccess and
Unified Remote Access BranchCache
43. DirectAccess and Unified Remote Access DirectAccess
Improved Management Simplified Deployment Performance and
Scalability New Deployment Scenarios Unified Remote Access One
gateway can provide clients-to-site connectivity and site-to-site
connectivity Ideally suited to a hybrid cloud environment
44. Demonstration: Configuring Direct Access In this
demonstration, you will configure a Direct Access server
45. BranchCache BranchCache caches data from head office to
branch office to reduce network bandwidth and improve performance
at the branch office In Windows Server 2012, there are a number of
improvements: Performance Performance is improved through chunking
improvements and caching starting sooner. Manageability
Manageability is improved through more straightforward deployment
and PowerShell integration. Scalability Scalability is improved by
supporting multi-terabyte caches
46. Lesson 3: New and Improved NetworkingTechnologies
Networking Changes DNSSEC Data Center TCP Data Center Bridging NIC
Improvements High Performance Networking Offloads
47. Networking Changes DNSSEC Extensible Authentication
Protocol (EAP) for Network Access Landing Page 802.1X Authenticated
Wireless Access Overview Data Center Bridging (DCB) Data Center
Transmission Control Protocol (DCTCP) Network Direct IPSecTOv2
SR-IOV Receive Segment Coalescing (RSC) Receive Side Scaling (RSS)
Quality of Service (QoS) NIC Teaming (Load balancing and failover
(LBFO))
48. DNSSEC New Resource records defined in Windows Server 2012
DNSKEY DS RRSIG NSEC3 Trusted Anchor In DNS it is the DNSKEY
resource record or DS resource record hash of DNSKEY resource
record. Clients use these records to build trust chains. Name
Resolution Policy Table (NRPT) Contains rules that control how DNS
clients validate responses.
49. Data Center TCP TCP traffic flow is interrupted in the
presence of network congestion, so it is affected regardless of the
degree of that congestion DCTCP reacts to the amount of congestion
Traffic is smoothed Buffer memory is dramatically decreased
Congested traffic Smoothed traffic
50. Data Center Bridging Reserves bandwidth by the type of
network traffic Requires DCB-capable NICs Bandwidth Reservation:
Live Migration Media Streaming Video Conferencing
51. NIC Improvements NIC Teaming Consistent Device Naming
52. Demonstration: Configure NIC Teaming In this demonstration,
you will configure NIC Teaming.
53. High Performance Networking Offloads Offloading data
transfers with RDMA Offloading security with IPSecTOv2 Offloading
networking for virtual machines with SR-IOV Coalescing received
packets with RSC Scaling out received network traffic with RSS
54. Lesson 4: Availability Enhancements Cluster Scalability
File Server High Availability DHCP High Availability Cluster Aware
Updating Introducing Hyper-V Availability
55. Cluster Scalability Clustering is now much more scalable
Clustering is now available in Standard Edition
56. File Server High Availability Scale out to provide
scalability Automatic failover to provide availability with zero
downtime failovers Scale-Out File Servers CSV
57. DHCP High Availability DHCP Failover is a new feature in
Windows Server 2012 Lease information is replicated between the two
DHCP servers. If one of the DHCP servers fails, then the other DHCP
server services the clients for the whole subnet. Only IPv4 scopes
and subnets are supported because IPv6 uses a different IP address
assignment scheme.
58. Cluster Aware Updating One command performs an update on
all nodes in turn: 1. Fails over the workload 2. Applies updates 3.
Reboots if necessary 4. Fails back the workload 5. Continues to
next node Cluster Updating Modes Remote-updating mode Self-updating
mode.
59. Introducing Hyper-V Availability Virtual machine monitoring
Live Migration
60. Module Review Module Summary Review Questions
61. Module 3Hyper-V in Windows Server 2012
62. Module Overview Storage Enhancements Whats New in
Networking Introducing Hyper-V Replica Whats New in Guest
Clustering and VM Monitoring Virtual Machine Movement in
Hyper-V
63. Lesson 1: Storage Enhancements Features of Virtual Hard
Disk File Format Hyper-V over SMB Offloaded Data Transfer
64. Features of Virtual Hard Disk File Format Support for
virtual hard disk storage capacity of up to 64 TB Protection
against data corruption during power failures Improved alignment of
the virtual hard disk format Larger block sizes for dynamic and
differencing disks A 4-KB logical sector virtual disk Store custom
metadata Efficiency in representing data VHDX
65. Hyper-V over SMB File Server Cluster (SMB) DISK DISK Share
1 Share 2 Config Child Config Child 1 1 Disk Disk VHDX VHDX Hyper-V
Parent 1 Hyper-V Parent N Single-Node File Server
66. Offloaded Data Transfer Enables copying of large amounts of
data from one location to another Uses a token-based operation to
move data on the storage device TokenOffload Offload Token Token
read write Intelligent storage array Virtual Virtual Disk Actual
Data Transfer Disk
67. Lesson 2: Whats New in Networking Changes in Hyper-V
Networking Virtual Switches Hyper-V Network Virtualization Virtual
MAC Addresses Configuring Virtual Network Adapters Quality of
Service
68. Changes in Hyper-V Networking DHCP guard Router Guard
Hyper-V Extensible Switch Extension monitoring MAC address MAC
address spoofing Monitor Port single root I/O virtualization
(SR-IOV) Virtual Fibre Channel in Hyper-V MultiPath I/O (MPIO)
Server for NFS data Store
69. Virtual Switches Extensible virtual switch ISVs can create
their own plug-ins Features Bandwidth limit and burst support ENC
marking support Diagnostics Spoofing protection DHCP Guard Trunk
mode to a VM Port ACLs Network traffic monitoring Isolated
VLAN
70. Hyper-V Network VirtualizationWoodgrove VM Contoso VM
Woodgrove network Contoso network Switches Physica Physical l
server networ k Servers Hyper-V Machine Hyper-V Network
Virtualization Virtualization Run multiple virtual networks on a
physicalRun multiple virtual servers network on a physical
server
71. Virtual MAC Addresses MAC Address in Hyper-V Can be
manually specified Can be dynamically assigned within a range If
multiple Hyper-V hosts are hosting virtual machines using adapters
connected to external networks, Should ensure that each Hyper-V
host uses a different pool of MAC addresses Consider using static
MAC addresses for virtual machines when those virtual machines are
allocated IP addresses through a DHCP reservation.
72. Configuring Virtual Network Adapters Synthetic and Legacy
Adapters support: MAC address allocation DHCP Guard Router Guard
Port Mirroring NIC Teaming Synthetic Adapters also support Hardware
Acceleration features Legacy Adapters do not support Hardware
Acceleration features
73. Quality of Service Includes bandwidth management features
Delivers predictable network performance Ensures no customer is
impacted by other customers on their shared infrastructure Provides
a basis for cost charging
74. Lesson 3: Introducing Hyper-V Replica Overview of Hyper-V
Replica How to Configure Hyper-V Replica Test Failover Planned
Failover
75. Overview of Hyper-V Replica Site A Site B Primary host
Replica host (cluster) (standalone)
76. How to Configure Hyper-V Replica Requirements Hardware that
supports Hyper-V Windows Server 2012 Sufficient storage Sufficient
network bandwidth Setup Configure Hyper-V servers to accept
replication Enable replication of the VM Monitoring Add Replication
Health column
77. Test FailoverTo verify the data at the replica site: Test
failover Test workloads Site A Site B Primary host Replica host
(cluster) (standalone)
78. Planned Failover 1. Shutdown primary 2. Send last delta
Site A Site B 3. Failover to replica 4. Reverse replication Primary
host Replica host (cluster) (standalone) Testing DR or failover
before disaster or planned maintenance Zero data loss, but some
downtime Efficient reverse replication
79. Demonstration: Configuring Hyper-V Replica In this
demonstration, you will see how to configure Hyper-V Replica
Recorded Demo Hyper-V Replica.wmv
80. Lesson 4: Whats New in Guest Clustering andVM Monitoring VM
Monitoring Overview Comparison of Guest Clustering and VM
Monitoring High Availability Printing
81. VM Monitoring OverviewSequence of recovery steps:1.
Application-level recovery Service Control Manager (SCM) SQL2.
Guest level HA recovery Cluster service reboots VM3. Host-level HA
recovery Cluster service fails over VM to another node SAN
82. Comparison of Guest Clustering and VMMonitoring VM
Monitoring Guest Clustering Application health monitoring Proactive
application monitoring Application mobility Simplified
configuration Event monitoring
83. High Availability PrintingIn Windows Server 2012, HA
Printing: Enables Print Servers use Live Migration Can be monitored
by Virtual Machine Monitoring Is easier to deploy and has reduced
complexity Can now be deployed on Server Core Experiences fewer
problems with print devices and drivers that were not designed to
work in a server cluster Has simplified backup, restore, and
migration features
84. Lesson 5: Virtual Machine Movement in Hyper-V Importing
Virtual Machines Storage Migration Live Migration Process Live
Migration by using Shared Storage Constrained Delegation
85. Importing Virtual Machines Each VM consists of: Virtual
hard disks Snapshots Saved state of host specific devices Memory
file Config file Import Wizard: Enables you to import either
exported or copied VMs Provides ability to fix common issues during
import
86. Storage Migration Move any part of a running virtual
machine VHDs Config files Snapshots Storage migration enables you
to: Perform storage upgrades with no downtime Respond to I/O
bottlenecks Resolve problems caused by poorly designed storage
87. Live Migration Process Move running virtual machines form
one physical host to another No disruption of service No perceived
downtime TCP
88. Live Migration by using Shared Storage VMs can now be
stored on an SMB 3 share You can migrate a VM with the storage
remaining on the SMB share VHDX
89. Demonstration: Live Migration In this demonstration, you
will see how to perform a Live Migration of a virtual machine
Recorded Demo - Hyper-V Live Migration.wmv.
90. Constrained DelegationWhen using Kerberos to authenticate,
scenariosinvolving 3 computers can be problematic: Log on to
desktop, connect to Hyper-V server Hyper-V server cannot pass your
credentials to 3rd computer (e.g. SMB storage) VHDX Constrained
delegation allows credentials to be passed Configure through Active
Directory