windows server 2012: new features. administering servers with server manager using server manager,...
Post on 31-Mar-2015
225 Views
Preview:
TRANSCRIPT
Windows Server 2012:New Features
Administering Servers with Server Manager
Using Server Manager, you can:
• Manage multiple servers from one instance of Server Manager
• Deploy roles and features to remote servers
• Generate Windows PowerShell scripts for actions performed in Server Manager
• Group servers
• View the status of all servers from a single location
• Determine whether roles on the network are functioning efficiently
Adding and Removing Roles and Features
• Remotely deploy roles and features
• Add roles and features to virtual hard disks even if the virtual machine is turned off
Using Windows PowerShell in Windows Server 2012
The new PowerShell Integrated Scripting Engine provides:
• Integrated help – enables you to search for Windows PowerShell cmdlets if you know a few characters in their name.
• IntelliSense - which suggests values as you type and prompts you for parameter values.
Removing and Restoring the Graphical Interface
• Benefits of Using Server Core Reduced update requirements.
Reduced hardware footprint.
• Graphical shell is now a feature. Can be turned off and back on again
• Server Core Installation Options Server Core. The standard deployment of Server Core. It is possible to convert
to the full version of Windows Server 2012.
Server Core with Management. This works the same as a deployment of Windows Server 2012 with the graphical component, except that the graphical components are not installed.
Important New FeaturesNew features of AD DS:
• New deployment methods
• Simplified administration
• Virtualized domain controllers
• Active Directory module for PowerShell
• Windows PowerShell History Viewer
• Active Directory Based Activation
Active Directory Recycle BinThe Active Directory Recycle Bin:
• Cannot be disabled once it is enabled• Now has a user interface to simplify restoration of objects
• Is enabled and accessed through the Active Directory Administration Center
• Cannot restore sub-trees of object in a single operation
• Requires the forest level be at least Windows Server 2008 R2
• Requires Enterprise Admins • Increases the size of the Active Directory database• Objects are preserved in the recycle bin for a configurable period, which is 180 days by default
• Deleted objects can be viewed in the Active Directory Administrative Center console
• Objects can be restored by selecting them and choosing Restore
Improvements to Domain Controller Virtualization
You can safely clone existing virtual domain controllers by:
• Creating a DcCloneConfig.xml file and storing it in the AD DS database location.
• Taking the VDC offline and exporting it.
• Creating a new virtual machine by importing the exported VDC.
DcCloneConfig.xml to AD DS database location
Export the VDC
Import the VDC
Group Managed Service AccountsGroup Managed Service Accounts provide:
• Automatic password and SPN management to multiple servers in a farm
• A single identity for services running on a farm
Group managed service account
Farm server1
Farm server2
Farm server3
Introduction to Dynamic Access Control• Dynamic Access Control provides :
Data classification
Access control to files
Auditing of access to files
Optional RMS protection integration
• Give users access to file system objects based on their attributes in AD DS and the Classification of the file system object
Finance Finance
What are Identity, Claims, and Central Access Policy?
• Identity is information provided from a trusted source about an entity
• Claims are statements made by AD DS about specific user or computer objects
• Central Access Policy contains one or more Central Access Policy rules which determine applicability and permissions
Overview of How to Implement Dynamic Access Control
Task Purpose
Enable support in AD DS To enable AD DS to apply Dynamic Access Control
Create and configure user and device claims
To identify attributes that will be used in Dynamic Access Control
Create resource property definitions To identify resource properties that will be used in conditional expression
Classify files To automatically set values on properties
Create Central Access Rules To define scope and conditional expressions
Create Central Access Policy To group Central Access Rules and act as a safety net over resources
New Storage Features in Windows Server 2012
• Multi-terabyte volumes
• Data deduplication
• Storage Spaces and Storage Pools
• Unified remote management of File and Storage Services in Server Manager.
• Server Message Block 3.0
• iSCSI Target server
• Resilient System
• Scale-Out File Server
• Windows PowerShell cmdlets for File and Storage Services
Storage Spaces
To create a virtual disk, you need the following:• One or more physical disks• Storage pool that includes the disks• Virtual drives (or storage spaces) that are created with disks from the storage pool
• Disk drives that are based on virtual drives
You can use storage spaces to add physical disks of any type and size to a storage pool and create highly-available virtual disks from it
Virtual drives are not virtual hard disks; they should be considered as a drive in Disk Manager
Physical Disks
Storage Pool
Virtual Disk
Disk Drive
What is SMB 3.0?High SpeedHigh Speed
SMB Multi-ChannelSMB Multi-Channel
SMB DirectSMB Direct
SMB EncryptionSMB Encryption
iSCSI TargetThe iSCSI initiator:
• Runs as a service in the operating system
• Installed by default on Windows 8 and Windows Server 2012; just needs to be started
The iSCSI target server:• Is available as role service in Windows Server
2012
• Provides the following features:
Network/diskless boot
Server application storage
Heterogeneous storage
Lab environments
Data DeduplicationData deduplication identifies and removes duplications within data without compromising its integrity or fidelity with the ultimate goal to store more data on less space
You should consider using deduplication for the following areas:
File Shares Software Deployment Shares
VHD Libraries
BranchCache Improvements• BranchCache caches data from head office to branch office, reducing network bandwidth and improving performance at the branch office
• BranchCache improvements in Windows Server 2012 include:• Performance
• Performance is improved through chunking improvements and caching starting sooner.
• Manageability• Manageability is improved through more
straightforward deployment and PowerShell integration.
• Scalability• Scalability is improved by supporting multi-terabyte
caches
Windows Azure Online Backup• Back up to the cloud• Uses Windows Server Backup• Extensible to enable third-party providers
What Is DirectAccess? Connects automatically to the corporate network over the
public network Uses various protocols, including HTTPS, to establish IPv6
connectivity Supports selected server access and IPSec authentication Supports end-to-end authentication and encryption Supports management of remote client computers Allows remote users to connect directly to intranet servers
Features of DirectAccess
Always-on connectivity Seamless connectivity Bidirectional access Manage-out Support Improved security Integrated solution
Benefits of DirectAccess
Improved ManagementImproved DirectAccess management includes: Rich monitoring of client computers DirectAccess and RRAS coexistence Accounting and reporting Windows PowerShell and Server Core support Unified management wizard and tools
Simplified Deployment
Express setup for small and medium deployment
Works with existing infrastructure IPv6 for internal network is not
required Single NIC adapter Single IP address
Simplified DirectAccess deployment:
Performance and Scalability Improvements
Performance and scalability improvements: Support for high availability and
external load balancers Improved support for RSS running in
virtual machines IP-HTTPS interoperability and
performance improvements Lower bandwidth utilization Streamlined encryption
New Deployment ScenariosNew deployment scenarios:
Deploy multiple endpoints through the world
Global unified management through single console
Deploy a server behind a NAT Support for one-time password and
virtual smart cards Off premise provisioning
Overview of Networking Changes
• DNSSEC
• DHCP
• Data Center Bridging
• NIC Teaming
• IIS
DNSSEC Improvements• New Resource records defined in Windows Server 2012
DNSKEY
DS
RRSIG
NSEC3
• Trusted Anchor In DNS it is the DNSKEY resource record or DS resource record hash of DNSKEY
resource record. Clients use these records to build trust chains.
• Name Resolution Policy Table Contains rules that control how DNS clients validate responses.
DHCP Improvements• DHCP name protection can be configured in properties at the IP
level or scope level
DHCP Limitations WS 2012 solution
Failure of DHCP will result in loss of network connectivity for clients
DHCP failover
Windows systems can have their DNS name registrations overwritten by non-Microsoft systems bearing the same system name
DHCP name protection
Data Center Bridging• Reserves bandwidth by the type of network traffic
• Requires DCB-capable NICs
Bandwidth Reservation: Live Migration Media Streaming Video Conferencing
NIC Improvements
NIC Teaming NIC Teaming
Consistent Device Naming Consistent Device NamingNIC 1
IIS 8• Application Initialization
• Centralized SSL Certificate Support: SSL Scalability and Manageability
• CPU Throttling: Sand-boxing Sites and Applications
• Dynamic IP Address Restrictions
• FTP Logon Attempt Restrictions
• Multicore Scaling on NUMA Hardware
• Server Name Indication (SNI): SSL Scalability
• WebSocket Protocol Support
What Is IPAM?
IP administration area Description
Planning Reduces the time and expense of the planning process when changes occur in the network
ManagingProvides a single point of management and assists in optimizing utilization and capacity planning for DHCP and DNS
Tracking Enables tracking and forecasting of IP address utilization
AuditingAssists with compliance requirements and provides reporting for forensics and change management
IPAM facilitates IP management in organizations with complex networks by enabling administration and monitoring of DHCP and DNS
IPAM Functions and Architecture• IPAM discovery
• IPAM address space management
• Multiserver management and monitoring
• Operational auditing and IP address tracking
IPAM provides four main functions:
• Distributed
• Centralized
• Hybrid
You can deploy IPAM in the following topologies:
Address Space Management
• IP address blocks
• IP address ranges
• IP addresses
• IP inventory
• IP address range groups
You can view and manage the IP address space using the following views:
• DNS and DHCP servers
• DHCP scopes
• DNS zone monitoring
• Server groups
You can monitor the IP address space using the following views:
Features of VHDX File Format• Virtual hard disks can be as large as 64 terabyte
• File structure minimizes the chance that the disk will become corrupt if the host server experiences a power outage
• VHDX supports better alignment when deployed to a large sector disk
• Allows larger block size for dynamic and differencing disks, which provides better performance for these workloads
VHDX
Hyper-V over SMB
SMB 3.0:• Configuration files
• Snapshot files
• Virtual hard disk files (in VHD or VHDX format)
Windows Server 2012 introduces SMB 3.0
Offloaded Data TransferODX functionality benefits Hyper-V operations such as:
• Secure offload data transfer
• Fixed VHD/VHDX creation
• Dynamic VHD/VHDX expansion
• VHD/VHDX merge
• Live Storage migration
Changes in Hyper-V Networking• Network virtualization
• Bandwidth management
• DHCP guard
• Router guard
• Port mirroring
• NIC teaming
• Virtual Machine Queue
• IPsec task offloading
• SR-IOV
Virtual SwitchesVirtual switches are virtual devices that you can manage through the Virtual Switch Manager
Hyper-V Network Virtualization
Physical server
Blue VM Red VMVirtualization
Physical network
Servers
Switches
Blue network Red network
Network virtualization runs multiple virtual networks on a physical network
Server virtualization runs multiple virtual servers on a physical server
Choosing Between Host and Guest Clustering
High availability options
Description
Host clustering • Virtual machines are highly available
• Does not require virtual machine operating system or application to be cluster aware
Guest clustering
• Virtual machines are failover cluster nodes
• Virtual machine applications must be cluster aware
• Requires iSCSI or virtual fiber channel interface for shared storage connections
NLB • Virtual machines are NLB cluster nodes
• Use for web-based applications
What Is New in Failover Clustering?
• Support for up to 4,000 virtual machines per cluster
• Multi select virtual machines for Live Migration
• Virtual machine priority attribute• CSV improvements• Virtual machine application monitoring• Storing virtual machines on highly available SMB file share
VM Monitoring
VM Monitoring Guest Clustering
Application health monitoring
Proactive application monitoring
Application mobility
Simplified configuration
Event monitoring
Options for Virtual Machine MigrationAvailable options for moving virtual machines are:• Virtual machine and storage migration• Quick Migration• Export/Import of a virtual machine
How Does Virtual Machine and Storage Migration Work?
Storage Migration technology enables you to move a virtual machine and its storage to another location without downtime.
• During migration the virtual machine hard drive is copied from one location to another
• Changes are written to both source and destination drives
• You can move virtual machine storage to same host, another host, or server message block share
• Storage and virtual machine configuration can be in different locations
How Live Migration WorksThe Live Migration process consists of four steps:1. Migration setup2. Guest-memory transfer3. State transfer4. Clean up
Overview of Hyper-V ReplicaHyper-V Replica enables you to replicate a single virtual machine over WAN or LAN network to another hostHyper-V Replica components:• Replication Engine• Change Tracking• Network Module• Hyper-V Replica Broker role
top related