Transcript Server Core!

What’s New & Exciting in Windows
Server 2008! - Part 1
Andy Malone MVP,MCT, Technology Evangelist
Quality Training (Scotland) Ltd & Microsoft (UK)
[email protected]
http://blogs.quality-training.co.uk/blog
Part 1 will cover!
Getting to Know Server Core?
Managing a Server Core Box
AD Deployment
Hyper-V Update
System Centre Virtual Machine Manager
Conclusions
Part 2 will cover!
Terminal Services! What is it and why you
need it!
Deploying Terminal Services
Understanding TS Licensing & TS Session
Broker!
Deploying TS Remote Programs!
TS Web Access
Security Update: ADRMS & Other Stuff!
Conclusions!
Server Core!
Architecture & Background!
Reasons To Use Server Core
Setup option in Standard,
Enterprise, Datacenter
Does DNS, AD, WINS, DFS-N, IIS and lots more
Advantages
Less RAM usage
Easier on the CPU, less disk needed
More secure
Fewer services running
Lack of a GUI reduces points of attack
A GUI-less system is of less interest to lazy
admins and so won’t become a surfing station
Server Core Drawbacks
Very limited GUI; most GUI tools
and Setup programs cannot run
No .NET (but maybe in R2…)
Cannot perform many server functions
Same license cost as full server install
Most admins aren't familiar enough with CLI tools to
get daily tasks done (hence this talk!)
Setup GUI problems means that
most apps cannot be installed at all
Server Core Architecture
Server, Server Roles
(for example only)
TS
File
AD
Print
LDS
Media
Server
Server Core
Security, TCP/IP, File Systems, RPC,
plus other Core Server Sub-Systems
RMS
Share
Etc…
Point
Server
With .NetFx, Shell, Tools, etc.
Server Core Server Roles
DNS DHCP AD
IAS
IIS 7
Hyper-V
GUI, CLR,
Shell, IE,
Media, OE,
Etc.
All of This Looks Great
So What Now?
Server Core
Server Core provides a minimal server option
No GUI shell, audio stack, active sync…
Same binaries as full version
Windows directory
Full: 6 GB, 35K files
Core: 1.5 GB 13K files
Less patch management
Windows 2003 40% of patches applied to removed
components
Reduced attack surface
Smaller memory and disk footprints
Runs supported server roles and features
Not an application platform
No .NET
3rd Party Tools
Coreconfigurator.exe
Browsing the Web!
Hardware on Server Core
Plug and Play is included in Server Core
If you add hardware with an inbox driver, PnP will “silently”
install the driver
If the driver is not included, but you have a PnP
driver for the hardware
Copy the driver files to the Server Core box
Pnputil –i –a driverinf
To list installed drivers
sc query type= driver
To remove a driver
sc delete service_name
Control Panel in Server Core?
Limited functionality for specific scenarios
Time zone, to change
Control timedate.cpl
Keyboards and/or language, to change
Control intl.cpl
Server Core – The Basics!
Deploying Active Directory!
AD Preparation with ADPrep
Command
Domain Controller
adprep.exe /forestprep Schema Master
adprep.exe
Infrastructure Master
/domainprep
adprep.exe
Infrastructure Master
/domainprep /gpprep
adprep.exe /rodcprep * Domain Naming Master
•Tip: Update PKI template to allow RODC’s to enroll for domain controller certificates if you
use smartcards
•After preparing your Active Directory for Windows Server 2008 be sure to check the
process.
•Breadcrumbs to failures may be found in the event viewer, but real men will check the
adprep.log files.
AD Installed on Server Core!
Preparing to DCPromo
Perform any configuration setting that you require (tasks such
as changing computer name etc.
After changing the required server configuration, make sure
that for the task of creating it as a DC – you have the following
requirements in place:
A partition formatted with NTFS (you should, it's a server…)
A network interface card, configure properly with the right
driver
A network cable plugged in
The right IP address, subnet mask, default gateway
And most importantly, do not forget:
The right DNS setting, in most cases, pointing to an existing
internal DNS in your corporate network
Manual DC Installation…
All in one command:
dcpromo /unattend
/SafeModeAdminPassword=Panda12
/ReplicaOrNewDomain=Domain /NewDomain=Forest
/NewDomainDNSName=bigfirm.com /domainlevel=3
/skipautoconfigdns /forestlevel=3
/rebootonsuccess=yes
Or get DCPROMO on a GUI system
to create a script for you and run
dcpromo /unattend:filename
DCPromo Export Settings
Cool New export option. Creates answer file.
DCPromo Answer File
Answer file – Forrest Level
dcpromo /unattend:<path of the
answer file>
[DCINSTALL]
InstallDNS=yes
NewDomain=forest
NewDomainDNSName=petrilab.local
DomainNetBiosName=petrilab
SiteName=Default-First-Site-Name
ReplicaOrNewDomain=domain
ForestLevel=3
DomainLevel=3
DatabasePath="%systemroot%\NTDS"
LogPath="%systemroot%\NTDS"
RebootOnCompletion=yes
SYSVOLPath="%systemroot%\SYSVOL"
SafeModeAdminPassword=P@ssw0rd1
Domain & Forrest Levels
DomainLevel - This entry is based on the levels that exist in the
forest when a new domain is created in an existing forest.
Value descriptions are as follows:
0 = Windows 2000 Server native mode
2 = Windows Server 2003
3 = Windows Server 2008
ForestLevel - This entry specifies the forest functional level
when a new domain is created in a new forest as follows:
0 = Windows 2000 Server
2 = Windows Server 2003
3 = Windows Server 2008
Deploying Active Directory via a Unattend.txt file.
Upgrading to Windows Server 2008
No Upgrade for Server Core Except from RC1 to RTM
In-place GUI upgrading - Windows Server 2003 and Windows
Server 2003 R2 can both be upgraded in-place to Windows
Server 2008
Transitioning - Migrating this way means adding Windows
Server 2008 Domain Controllers to your existing Active
Directory environment.
Restructuring - A third way to go from Windows Server 2003
Domain Controllers to Windows Server 2008 Domain
Controllers is restructuring your Active Directory environment.
This involves moving all your resources from one (Windows
Server 2003) domain to a new and fresh (Windows Server 2008)
domain. Tools like the Active Directory Migration Tool (ADMT)
are priceless in these kind of migrations.
Gotchas!
Your servers do not meet the required patch level for in-place
upgrading (The Windows Server 2003 patch level should be at least
Service Pack 1)
You want to upgrade across architectures (between x86, x64 and/or
Itanium)
You're running Windows Small Business Server 2003 or Windows
Small Business Server 2003 R2 (upgrade scenarios for Small Business
Server are uncertain at this moment)
You want to switch Windows Server edition (to obtain clustering for
instance)
Standard Edition can be upgraded to both Standard and Enterprise Edition
Enterprise Edition can be upgraded to Enterprise Edition only
Datacenter Edition can be upgraded to Datacenter Edition only
You want your Windows Server 2008 Domain Controllers to be Server
Core installations of Windows Server 2008. Upgrading to Server Core
is not possible
More Gotchas!
Your Windows Server 2003 Domain Controllers are
equipped with a boot drive which has less than
14062 MB of free space.
Windows Server 2003 Domain Controllers do not
meet the Windows Server 2008 (recommended)
System requirements.
Applications on your existing Domain Controllers
are not tested with or certified for usage on Windows
Server 2008.
Applications or installed components on your
Windows Server 2003 have known problems when
upgrading in-place to Windows Server 2008.
Powershell and thus Exchange Server 2007are such
programs!
2008 Forest Benefits
Enhanced Active Directory Features
Granular Password Policies
Restartable Active Directory
Advanced Encryption Services (AES 128 and 256) support for
Kerberos
Freshly-created Server 2008 forests shift to Server 2008FL
automatically
Last Interactive Logon
SYSVOL Replicates with DFS-R (RDC) rather than the File
Replication Services
Does NOT support NT4
No Support for ADMT 3 (New version out now!)
Managing Active Directory
Virtualization Update!
Microsoft Virtualization
From the Datacenter to the Desktop
Profile
Virtualization
Document Redirection
Offline files
Server Virtualization
Presentation
Virtualization
Management
Desktop
Virtualization
Windows Vista Enterprise
Centralized Desktop
Application
Virtualization
Windows Server 2008 with
Hyper-V Technology
A role of Windows Server 2008 (Std, EE, DC)
Can be installed on both Windows Server 2008 Full and
Core
Production servers can be configured as a minimal
footprint Server Core role
Hyper-V Core standalone Version – Free!! (PPVM+
Hypervisor based architecture
Flexible and dynamic virtualization solution
Managed by the Microsoft System Center family of
products
Gotha! No Drag & Drop (Like in VPC)
Hyper-V Versions (Licensing)
Hyper-V Server – Free (Pay Per VM)
Standard (1 Physical & 1 VM)
Enterprise (1 Physical & 4 VMs)
Data Centre (1 Physical & Unlimited VMs)
Provided by:
Hyper-V Architecture
ISV / IHV / OEM
OS
Microsoft Hyper-V
Parent
Partition
Microsoft / Citrix (XenSource)
Child Partitions
WMI Provider
VMMS
Applications
Applications
Applications
Applications
Supported
Windows OS
NonHypervisor
Aware OS
Xen-Enabled
Linux Kernel
VM Worker
Processes
Windows
Server 2008
Windows
Kernel
VSP
Windows
Kernel
Linux
VSC
VSC
IHV
Drivers
VMBus
VMBus
VMBus
Emulation
User Mode
Ring 3
Kernel Mode
Ring 0
Hypercall Adapter
Windows hypervisor
“Designed for Windows” Server Hardware
Ring -1
Application Planning! The Gotcha
Determine Application Compatibility
Processor architecture requirements
Number of required processors
Memory requirements
Graphics adapter requirements
Test the application in a VM
Hyper-V
Up to 3.6 GB virtual memory
Runs on Server 2008
32-bit
Requires Intel VT or AMD-V
Single virtual CPU
No USB devices
Exchange 2007
Candidate app
Candidate app
Candidate app
Exchange 2007
Virtual Server 2005
Candidate app
Installing Hyper-V
ocsetup Microsoft-Hyper-V
Tips on Deploying Hosts
Hyper-V RTM is a free download. DO NOT USE THE
BINARIES ON THE W2008 MEDIA!
Install KB951308 after installing Hyper-V on hosts
and management.
Deploy by hand: For a few hosts.
Deploying using unattended: Slipstream Hyper-V
using WAIK and deploy using WDS.
SYSPREP: Requires some post install work http://tinyurl.com/6xjq65.
SCVMM 2008
Hyper-V & Laptops
No support for wireless networking
(http://tinyurl.com/5p9yq8)
Can’t sleep/hibernate system
Use multiple spindles
Disk for system
Disk for virtual machines
Intel Note: Santa Rosa Chipset and
later
Supports 4 GB and greater
Creating Virtual Hard Disks
VM Disks
IDE or SCSI?
Dynamically Expanding, Fixed Size,
Differencing or Pass-Through*?
Virtual Disk: Snapshots, differencing,
dynamically expanding. 2TB limit per disk.
4 IDE or 256 SCSI per VM.
Pass-Through: Up to 256TB. No virtual disk
features. 4 IDE or 256 SCSI per VM.
Networking
VM’s connect to the network via a Virtual Switch.
A Virtual switch is mapped to a host machine NIC.
You should have at least 2 NIC’s in the host.
Might be best with 4 or more: Parent (1), clustering
(1), Virtual Network(2).
3 types of virtual network: External, Internal and
Private. Be careful: Internal and Private do not
span hosts.
No native NIC teaming in the virtual switch. As
before, we rely on the OEM teaming driver. No
support yet from the OEM’s.
Creating Virtual Machines
Name
Location
Memory
Network
Virtual Hard Disk
Operating System
Managing Virtual Machines
Managing Running Virtual Machines
Installing SCVMM 2008 - Tips
Pre install WAIK
SQL Server 2005 Express edition & .NET V3
installed as part of Setup!
Can only be installed in an AD Integrated
Environment
Fixed IP Address
Machine must be a clean install
Difficult to Remove!!
Install SCVMM Update for RC1
SCVMM Can run on a VM
Installing SCVMM 2008
Creating Virtual Machines
Steps:
1. Create virtual machine
2. Install guest operating system & latest SP
3. Install integration components
4. Install anti-virus
5. Install management agents
6. SYSPREP
7. Add it to the SCVMM Library
Windows Server 2003
Create vms using 2-way to ensure an MP HAL
Don't Forget!
Windows 7 Beta Available at TechEd & PDC
App-V (Application Virtualization)
Physical to Virtual Migration!
Coming in Hyper-V V2
Live Migration
Hardware “Hot Add!”
Physical to Virtual Migration!
Conclusions!
Getting to Know Server Core?
Managing a Server Core Box
AD Deployment
Hyper-V Update
System Centre Virtual Machine Manager
Conclusions
Thank you for attending this TechNet Event
Find these slides at:
http://www.microsoft.com/uk/technetslides
Thank you for attending