1. First Look Clinic:Windows Server 2012CTE Ottawa Seminar Day September 7th, 2012

2. Introduction Name Company affiliation Title/function Job responsibility Windows administration experience Windows Server experience Your expectations for the clinic

3. Clinic MaterialClinic HandbookA succinct classroom learning guide that provides criticaltechnical information to optimize yourin-class learning experience. http://www.microsoft.com/learning/

4. Facilities Class hours Building hours Parking Restrooms Meals Phones Messages Smoking Recycling

5. About This Clinic Description Audience Clinic Prerequisites Clinic Objectives

6. Clinic Outline Module 1: Server Management in Windows Server 2012 Module 2: Storage, Networking and Availability in Windows Server 2012 Module 3: Hyper-V in Windows Server 2012

7. Demonstration: Using Hyper-V ManagerIn this demonstration, you will learn how to: Open Hyper-V Manager Navigate the various sections/panes within Hyper-V Manager Virtual Machines, Snapshots, and Actions: Server specific and Virtual Machine specific Identify the virtual machines (VMs) used in the labs for this course Take a Snapshot and Apply a Snapshot Connect to a VM Start and log on to a VM Switch between the full screen and window modes Revert to the previous Snapshot Shut down a VM Understand the difference between Shut Down and Turn off Close Hyper-V Manager

8. Module 1Server Management inWindows Server 2012

9. Module Overview Whats New in Server Manager Windows PowerShell and Server Core Enhancements Whats New in Active Directory Dynamic Access Control Introducing IP Address Management

10. Lesson 1: Whats New in Server Manager Administering Servers with Server Manager Adding Roles and Features

11. Administering Servers with Server ManagerUsing Server Manager, youcan: Manage multiple servers from one instance of Server Manager Deploy roles and features to remote servers Generate Windows PowerShell scripts for actions performed in Server Manager Group servers View the status of all servers from a single location Determine whether roles on the network are functioning efficiently.

12. Adding Roles and Features Remotely deploy roles and features Add roles and features to virtual hard disks even if the virtual machine is turned off.

13. Demonstration: Exploring Server Management inWindows Server 2012In this demonstration you will: Start the Server Manager console. Add a server role or feature. View role related events. Run the Best Practice Analyzer for a role. List the tools available from Server Manager. Open the Start Menu. Log off the currently logged on user. Restart Windows Server 2012.Recorded Demo - Configuring Server Manager.wmv

14. Lesson 2: Windows PowerShell and Server CoreEnhancements Using Windows PowerShell in Windows Server 2012 Removing the Graphical Interface

15. Using Windows PowerShell in Windows Server 2012The new PowerShell Integrated Scripting Engine (ISE)provides: Integrated help enables you to search for Windows PowerShell cmdlets if you know a few characters in their name. IntelliSense - which suggests values as you type and prompts you for parameter values.

16. Removing the Graphical Interface Benefits of Using Server Core Reduced update requirements. Reduced hardware footprint. Graphical shell is now a feature. Can be turned off and back on again Server Core Installation Options Server Core. The standard deployment of Server Core. It is possible to convert to the full version of Windows Server 2012. Server Core with Management. This works the same as a deployment of Windows Server 2012 with the graphical component, except that the graphical components are not installed

17. Lesson 3: Whats New in Active Directory Key New Features Deploying Domain Controllers Virtualization-Safe Technology Group Managed Service Accounts

18. Key New FeaturesNew features of AD DS: New deployment methods Simplified administration Virtualized domain controllers Active Directory module for PowerShell Windows PowerShell History Viewer Active Directory Federated Services Active Directory Based Activation

19. Deploying Domain Controllers All configuration of domain controllers can be done through a wizard in Server Manager AD DS binaries can be installed using PowerShell Dism.exe is more complex to use Dcpromo is only supported in Unattended mode

20. Virtualization-Safe TechnologyYou can safely clone existing virtual domaincontrollers by: Creating a DcCloneConfig.xml file and storing it in the AD DS database location. Taking the VDC offline and exporting it. Creating a new virtual machine by importing the exported VDC.DcCloneConfig.xmlto AD DS databaselocation Export the VDC Import the VDC

21. Group Managed Service Accounts Group Managed Service Accounts provide: Automatic password and SPN management to multiple servers in a farm A single identity for services running on a farm Farm server1 Farm server2 Group managed Farm service server3 account

22. Lesson 4: Dynamic Access Control Introduction to Dynamic Access Control What are Claims? Using Central Access Policies and Rules Classifying Objects Using Resource Properties

23. Introduction to Dynamic Access Control Dynamic Access Control provides : Data Identification Access Control to files Auditing of access to files RMS protection integration Give users access to file system objects based on their attributes in Active Directory and the Classification of the file system object Finance Finance

24. What are Claims? Claims are statements made by AD DS about specific user or object in AD DS AD DS in Windows Server 2012 supports : User claims Device claims Can be based on existing Active Directory attributes Typical implementation might use Department Department: Sales Level: 5 Site: Berlin Role: Manager

25. Using Central Access Policies and Rules Central Access Rules define access based on user attributes (claims) and resource properties Central Access Rules are grouped into Central Access Policies Central Access Policies are pushed to file servers using group policies A Central Access Policy has three configurable parts : Applicability. Access conditions. Exception.

26. Classifying Objects Using Resource Properties You manage Resource Property objects in Resource Properties container in Dynamic Access Control node In ADAC There is a new Classification tabfor file system objectProperties in FSRM The Classification tab allows you to addclassifications to files and folders

27. Demonstration: Implement Dynamic AccessControl In this demonstration, you will step through the process and UI for the following: Creating and Enabling Claim Types Creating Central Access Rule Creating Central Access Policy Enabling Dynamic Access Control and Kerberos armoring via Group Policy

28. Lesson 5: Introducing IP Address Management Introducing IP Address Management Server Discovery Address Space Management

29. Introducing IP Address ManagementIPAM has the following functionality: Address Planning DHCP Address Allocation Usage Tracking Troubleshooting Auditing IPAMKey Prerequisites: The IPAM server DNS must not be a domain controller You must log on to the IPAM server using a domain account

30. Server Discovery Agentless discovery Server connects to DHCP servers, DNS servers, domain controllers, and Network Policy Servers Client connects to IPAM server to view data Client connects to DHCP and DNS servers to perform updates Update Query DHCP, DNS, NPS, IPAM Client Domain Controllers IPAM Server Agentless Discovery

31. Address Space Management Address blocks Contiguous range of IP addresses Address ranges Sub-division of address block for internal allocation IP addresses Individual IP addresses

32. Demonstration: IP Address Management In this demonstration, you will use IPAM Server to perform a server discovery

33. Module Review Module Summary Review Questions

34. Module 2Storage, Networking and Availability in Windows Server 2012

35. Module Overview Storage Enhancements Whats New in Remote Access New and Improved Networking Technologies Availability Enhancements

36. Lesson 1: Storage Enhancements New Storage Features in Windows Server 2012 Storage Spaces and Storage Pools SMB 3.0 iSCSI Target Server Microsoft Online Backup

37. New Storage Features in Windows Server 2012 Multi-terabyte volumes Data Deduplication Storage Spaces and Storage Pools Unified remote management of File and Storage Services in Server Manager. Server Message Block (SMB) 3.0 iSCSI Target server Resilient System(ReFS) Scale-Out File Server Windows PowerShell cmdlets for File and Storage Services.

38. Storage Spaces and Storage Pools Provides RAID functionality without the need for RAID hardware or software Enables striping, mirroring, and parity Can be configured from Server Manager, Control Panel, or PowerShell Provisioning Schemes Thin Provisioning space Fixed provisioning space

39. SMB 3.0 High Speed SMB Multi-Channel SMB Direct SMB Encryption

40. iSCSI Target Server iSCSI Target is included with Windows Server 2012 as a role service New Features include Authentication Query initiator computer for ID. Provides iSCSI network storage to provide network storage to systems including: Application servers Hyper-V Clustering Diskless systems

41. Microsoft Online Backup Back up to the cloud Uses Windows Server Backup Extensible to enable third-party providers

42. Lesson 2: Whats New in Remote Access DirectAccess and Unified Remote Access BranchCache

43. DirectAccess and Unified Remote Access DirectAccess Improved Management Simplified Deployment Performance and Scalability New Deployment Scenarios Unified Remote Access One gateway can provide clients-to-site connectivity and site-to-site connectivity Ideally suited to a hybrid cloud environment

44. Demonstration: Configuring Direct Access In this demonstration, you will configure a Direct Access server

45. BranchCache BranchCache caches data from head office to branch office to reduce network bandwidth and improve performance at the branch office In Windows Server 2012, there are a number of improvements: Performance Performance is improved through chunking improvements and caching starting sooner. Manageability Manageability is improved through more straightforward deployment and PowerShell integration. Scalability Scalability is improved by supporting multi-terabyte caches

46. Lesson 3: New and Improved NetworkingTechnologies Networking Changes DNSSEC Data Center TCP Data Center Bridging NIC Improvements High Performance Networking Offloads

47. Networking Changes DNSSEC Extensible Authentication Protocol (EAP) for Network Access Landing Page 802.1X Authenticated Wireless Access Overview Data Center Bridging (DCB) Data Center Transmission Control Protocol (DCTCP) Network Direct IPSecTOv2 SR-IOV Receive Segment Coalescing (RSC) Receive Side Scaling (RSS) Quality of Service (QoS) NIC Teaming (Load balancing and failover (LBFO))

48. DNSSEC New Resource records defined in Windows Server 2012 DNSKEY DS RRSIG NSEC3 Trusted Anchor In DNS it is the DNSKEY resource record or DS resource record hash of DNSKEY resource record. Clients use these records to build trust chains. Name Resolution Policy Table (NRPT) Contains rules that control how DNS clients validate responses.

49. Data Center TCP TCP traffic flow is interrupted in the presence of network congestion, so it is affected regardless of the degree of that congestion DCTCP reacts to the amount of congestion Traffic is smoothed Buffer memory is dramatically decreased Congested traffic Smoothed traffic

50. Data Center Bridging Reserves bandwidth by the type of network traffic Requires DCB-capable NICs Bandwidth Reservation: Live Migration Media Streaming Video Conferencing

51. NIC Improvements NIC Teaming Consistent Device Naming

52. Demonstration: Configure NIC Teaming In this demonstration, you will configure NIC Teaming.

53. High Performance Networking Offloads Offloading data transfers with RDMA Offloading security with IPSecTOv2 Offloading networking for virtual machines with SR-IOV Coalescing received packets with RSC Scaling out received network traffic with RSS

54. Lesson 4: Availability Enhancements Cluster Scalability File Server High Availability DHCP High Availability Cluster Aware Updating Introducing Hyper-V Availability

55. Cluster Scalability Clustering is now much more scalable Clustering is now available in Standard Edition

56. File Server High Availability Scale out to provide scalability Automatic failover to provide availability with zero downtime failovers Scale-Out File Servers CSV

57. DHCP High Availability DHCP Failover is a new feature in Windows Server 2012 Lease information is replicated between the two DHCP servers. If one of the DHCP servers fails, then the other DHCP server services the clients for the whole subnet. Only IPv4 scopes and subnets are supported because IPv6 uses a different IP address assignment scheme.

58. Cluster Aware Updating One command performs an update on all nodes in turn: 1. Fails over the workload 2. Applies updates 3. Reboots if necessary 4. Fails back the workload 5. Continues to next node Cluster Updating Modes Remote-updating mode Self-updating mode.

59. Introducing Hyper-V Availability Virtual machine monitoring Live Migration

60. Module Review Module Summary Review Questions

61. Module 3Hyper-V in Windows Server 2012

62. Module Overview Storage Enhancements Whats New in Networking Introducing Hyper-V Replica Whats New in Guest Clustering and VM Monitoring Virtual Machine Movement in Hyper-V

63. Lesson 1: Storage Enhancements Features of Virtual Hard Disk File Format Hyper-V over SMB Offloaded Data Transfer

64. Features of Virtual Hard Disk File Format Support for virtual hard disk storage capacity of up to 64 TB Protection against data corruption during power failures Improved alignment of the virtual hard disk format Larger block sizes for dynamic and differencing disks A 4-KB logical sector virtual disk Store custom metadata Efficiency in representing data VHDX

65. Hyper-V over SMB File Server Cluster (SMB) DISK DISK Share 1 Share 2 Config Child Config Child 1 1 Disk Disk VHDX VHDX Hyper-V Parent 1 Hyper-V Parent N Single-Node File Server

66. Offloaded Data Transfer Enables copying of large amounts of data from one location to another Uses a token-based operation to move data on the storage device TokenOffload Offload Token Token read write Intelligent storage array Virtual Virtual Disk Actual Data Transfer Disk

67. Lesson 2: Whats New in Networking Changes in Hyper-V Networking Virtual Switches Hyper-V Network Virtualization Virtual MAC Addresses Configuring Virtual Network Adapters Quality of Service

68. Changes in Hyper-V Networking DHCP guard Router Guard Hyper-V Extensible Switch Extension monitoring MAC address MAC address spoofing Monitor Port single root I/O virtualization (SR-IOV) Virtual Fibre Channel in Hyper-V MultiPath I/O (MPIO) Server for NFS data Store

69. Virtual Switches Extensible virtual switch ISVs can create their own plug-ins Features Bandwidth limit and burst support ENC marking support Diagnostics Spoofing protection DHCP Guard Trunk mode to a VM Port ACLs Network traffic monitoring Isolated VLAN

70. Hyper-V Network VirtualizationWoodgrove VM Contoso VM Woodgrove network Contoso network Switches Physica Physical l server networ k Servers Hyper-V Machine Hyper-V Network Virtualization Virtualization Run multiple virtual networks on a physicalRun multiple virtual servers network on a physical server

71. Virtual MAC Addresses MAC Address in Hyper-V Can be manually specified Can be dynamically assigned within a range If multiple Hyper-V hosts are hosting virtual machines using adapters connected to external networks, Should ensure that each Hyper-V host uses a different pool of MAC addresses Consider using static MAC addresses for virtual machines when those virtual machines are allocated IP addresses through a DHCP reservation.

72. Configuring Virtual Network Adapters Synthetic and Legacy Adapters support: MAC address allocation DHCP Guard Router Guard Port Mirroring NIC Teaming Synthetic Adapters also support Hardware Acceleration features Legacy Adapters do not support Hardware Acceleration features

73. Quality of Service Includes bandwidth management features Delivers predictable network performance Ensures no customer is impacted by other customers on their shared infrastructure Provides a basis for cost charging

74. Lesson 3: Introducing Hyper-V Replica Overview of Hyper-V Replica How to Configure Hyper-V Replica Test Failover Planned Failover

75. Overview of Hyper-V Replica Site A Site B Primary host Replica host (cluster) (standalone)

76. How to Configure Hyper-V Replica Requirements Hardware that supports Hyper-V Windows Server 2012 Sufficient storage Sufficient network bandwidth Setup Configure Hyper-V servers to accept replication Enable replication of the VM Monitoring Add Replication Health column

77. Test FailoverTo verify the data at the replica site: Test failover Test workloads Site A Site B Primary host Replica host (cluster) (standalone)

78. Planned Failover 1. Shutdown primary 2. Send last delta Site A Site B 3. Failover to replica 4. Reverse replication Primary host Replica host (cluster) (standalone) Testing DR or failover before disaster or planned maintenance Zero data loss, but some downtime Efficient reverse replication

79. Demonstration: Configuring Hyper-V Replica In this demonstration, you will see how to configure Hyper-V Replica Recorded Demo Hyper-V Replica.wmv

80. Lesson 4: Whats New in Guest Clustering andVM Monitoring VM Monitoring Overview Comparison of Guest Clustering and VM Monitoring High Availability Printing

81. VM Monitoring OverviewSequence of recovery steps:1. Application-level recovery Service Control Manager (SCM) SQL2. Guest level HA recovery Cluster service reboots VM3. Host-level HA recovery Cluster service fails over VM to another node SAN

82. Comparison of Guest Clustering and VMMonitoring VM Monitoring Guest Clustering Application health monitoring Proactive application monitoring Application mobility Simplified configuration Event monitoring

83. High Availability PrintingIn Windows Server 2012, HA Printing: Enables Print Servers use Live Migration Can be monitored by Virtual Machine Monitoring Is easier to deploy and has reduced complexity Can now be deployed on Server Core Experiences fewer problems with print devices and drivers that were not designed to work in a server cluster Has simplified backup, restore, and migration features

84. Lesson 5: Virtual Machine Movement in Hyper-V Importing Virtual Machines Storage Migration Live Migration Process Live Migration by using Shared Storage Constrained Delegation

85. Importing Virtual Machines Each VM consists of: Virtual hard disks Snapshots Saved state of host specific devices Memory file Config file Import Wizard: Enables you to import either exported or copied VMs Provides ability to fix common issues during import

86. Storage Migration Move any part of a running virtual machine VHDs Config files Snapshots Storage migration enables you to: Perform storage upgrades with no downtime Respond to I/O bottlenecks Resolve problems caused by poorly designed storage

87. Live Migration Process Move running virtual machines form one physical host to another No disruption of service No perceived downtime TCP

88. Live Migration by using Shared Storage VMs can now be stored on an SMB 3 share You can migrate a VM with the storage remaining on the SMB share VHDX

89. Demonstration: Live Migration In this demonstration, you will see how to perform a Live Migration of a virtual machine Recorded Demo - Hyper-V Live Migration.wmv.

90. Constrained DelegationWhen using Kerberos to authenticate, scenariosinvolving 3 computers can be problematic: Log on to desktop, connect to Hyper-V server Hyper-V server cannot pass your credentials to 3rd computer (e.g. SMB storage) VHDX Constrained delegation allows credentials to be passed Configure through Active Directory

91. Module Review Module Summary Review Questions

92. Clinic Evaluation