You are on page 1of 41

October 25th, 2012

Windows Server 2012

Richard Oertle
Subject Matter Expert / Instructor

Windows Server 2012
New Features and Certifications

• Certification Changes
• Microsoft Certified Solution Expert in Windows
Server 2012
• Microsoft Certified Solution Administrator in
Windows Server 2012
• Administration Changes
• Screen and Navigation changes
• PowerShell changes
• Version 3.0 with 2400 cmdlets

Starting from the beginning:
Become an MCSA
• Pass the following 3 tests to gain the
equivalent of passing the 70-417 test
• 70-410
• Installing and Configuring Windows Server® 2012
• 70-411
• Administering Windows Server® 2012
• 70-412
• Configuring Advanced Windows Server® 2012
• Then consider continuing on for an MCSE in the 3
previous categories of Desktop, Private cloud or
Server Administration

Upgrading from

• Must renew MCSE status every three years!
• MCITP upgrade test is 70-417 (course
• MCITP accepted certifications includes:
• Lync Administrator
• SharePoint Administrator
• Desktop Administrator
• Enterprise Messaging Administrator
• Windows Server 2008 Administrator

Pass the 70-417 upgrade test THEN: • Take and pass the specialist area tests shown below • Determine which of 3 MCSE specialist areas to focus on: • MCSE in Server Infrastructure • 70-413 Designing and Implementing a Server Infrastructure • 70-414 Implementing an Advanced Server Infrastructure • MCSE in Desktop Infrastructure • 70-415 Implementing a Desktop Infrastructure • 70-416 Implementing Desktop Application Environments .

Course 10751 (5 days) • 70-247 Configuring and Deploying a Private Cloud with System Center 2017. Course 10750 (5 days) . MCSE Information continued • MCSE in Private Cloud Infrastructure • 70-246 Monitoring and Operating a Private Cloud with System Center 2012.

Some of the New Administration features of Windows Server 2012 .

is a task-oriented tool based on Windows PowerShell . Active Directory Administrative Center.

Password Settings Objects You can use fine-grained password policies to specify multiple password policies within a single domain Fine-grained password policies: • Apply only to user objects (or inetOrgPerson objects) and global security groups • Cannot be applied to an OU directly • Do not interfere with custom password filters that you might use in the same domain .

Configuring Password Settings Objects Windows Server 2012 provides two tools for configuring PSOs • Windows PowerShell cmdlets • New-ADFineGrainedPasswordPolicy • Add-FineGrainedPasswordPolicySubject • Active Directory Administrative Center • Is a graphical user interface • Uses Windows PowerShell cmdlets to create and manage PSOs .

5.NET Framework 3. Managed Service Account Use to automate password and SPN management for service accounts used by services and applications • Requires a Windows Server 2008 R2 or Windows Server 2012 server installed with: • .x • Active Directory module for Windows PowerShell • Recommended to run with AD DS configured at the Windows Server 2008 R2 functional level or higher • Can be used in a Windows Server 2003 or 2008 AD DS environment: • With Windows Server 2008 R2 schema updates • With Active Directory Management Gateway Service .

Group Managed Service Accounts Group managed service accounts extend the capability of standard managed service accounts by: Enabling an MSA to be used on more than one computer in the domain Storing MSA authentication information on domain controllers Group MSA requirements: Must have at least one Windows Server 2012 domain controller Must have a KDS root key created for the domain .

The Central Store The Central Store: • Is a central repository for ADMX and ADML files • Is stored in SYSVOL • Must be created manually • Is detected automatically by Windows Vista or Windows Server 2008 ADMX files Windows Vista or Windows Server 2008 Domain controller Domain controller workstation with SYSVOL with SYSVOL .

or updated . Group Policy Preferences Group Policy preferences expand the range of configurable settings within a GPO Group Policy preferences: • Enable IT professionals to configure. deleted. replaced. deploy. and manage settings that were not manageable by using Group Policy • Are natively supported on Windows Server 2008 and Vista SP2 or newer • Can be created.

Comparing Group Policy Preferences and GPO Settings Group Policy Group Policy Settings Preferences Strictly enforce policy Are written to the normal settings by writing the locations in the registry that the settings to areas of the application or operating system registry that standard feature uses to store the setting users cannot modify Do not cause the application or Typically disable the user operating system feature to interface for settings that disable the user interface for Group Policy is managing the settings they configure Refresh preferences by using Refresh policy settings at the same interval as Group a regular interval Policy settings by default .

Group policy Management Editor • Allows editing of the ADMX file • Extends the functionality of GPMC .

Features of Group Policy Preferences Common Tab Targeting Features Is used to configure Determines to which users additional options that and computers a preference control the behavior of a item applies Group Policy preference item .

xml to AD DS database location Export the Import the VDC VDC . Deploying a Cloned Virtualized Domain Controller You can safely clone an existing virtual domain controller by: 1. Creating a new virtual machine by importing the exported VDC DcCloneConfig.xml file and storing it in the AD DS database location 2. Taking the VDC offline and exporting it 3. Creating a DcCloneConfig.

Overview of the Active Directory Module for Windows PowerShell The Active Directory module for Windows PowerShell provides full administrative functionality in these areas: • User management • Computer management • Group management • OU management • Password policy management • Searching and modifying objects • Forest and domain management • Domain controller and operations masters management • Managed service account management • Site replication management • Central access and claims management .

Windows PowerShell Web Access • Allows remote management of computers by running Windows PowerShell sessions in a web browser. • Powershell replaces tab completion with Visual Studio style drop down options • Many former scripts are now compiled into cmdlets .

Polls .

What Is NTDSUtil? With NTDSUtil you can: • Manage and control single master operations • Perform AD DS database maintenance • Perform offline defragmentation • Create and mount snapshots • Move database files • Maintain domain controller metadata • Reset Directory Services Restore Mode password .

and choose Connect to Domain Controller • Enter serverFQDN:port • View (read-only) snapshot • Cannot directly restore data from the snapshot • Recover data • Connect to the mounted snapshot. and export/reimport objects with LDIFDE • Restore a backup from the same date as the snapshot • Manually reenter data www.netcomlearning. . Creating AD DS Snapshots • Create a snapshot of Active Directory • NTDSUtil • Mount the snapshot to a unique port • NTDSUtil • Expose the snapshot • Right-click the root node of Active Directory Users and Computers.

Configuring the Active Directory Recycle Bin? • Active Directory Recycle Bin provides a way to restore deleted objects without AD DS downtime • Uses Windows PowerShell with Active Directory Module or the Active Directory Administrative Center to restore objects .

Dynamic Access Control Dynamic Access Control provides: • A safety net over all file server- based resources • Data identification • Access control to files • File access auditing • Optional RMS protection integration .

What Is FSRM? • FSRM Enables the following functionality: • Storage quota management • File screening management • Storage reports management • Classification management • File management tasks .

and Storage Reports What Is Quota Management? What Are Quota Templates? Monitoring Quota Usage What Is File Screening Management? What Are File Groups? What Are a File Screen Templates and File Screen Exceptions? What Are Storage Reports? What Is a Report Task? • Demonstration: How to Use FSRM to Manage . Using FSRM to Manage Quotas. File Screens.

Monitoring Quota Usage • You can monitor quota usage by: • Viewing quota information in the FSRM console • Generating a quota usage report • Creating soft quotas • Using the Get-FSRMQuota Windows PowerShell cmdlet .

File Screening Management File screen management provides a method for controlling the types of files that can be saved on file servers • File screen management consists of: • Creating file screens • Defining file screen templates • Creating file screen exceptions • Creating file groups .

or Property • Folders by Property • Large Files • Quota Usage • Least and most recently accessed files . Owner. Storage Reports Storage reports provide information about file usage on a file server • Types of storage reports include: • Duplicate Files • File Screening Audit • Files by File Group.

rpt Classification Property IsConfidential . Classification Management Classification management enables you to create and assign classification properties to files using an automated mechanism Classification Rule File Management Task Payroll.

Classification Properties A Classification Properties is a configurable value that can be assigned to a file • Classification properties can be any of the following: • Yes/No • Date/Time • Number • Multiple choice list • Ordered list • String • Multi-String .

Options for Storage Optimization in Windows Server 2012 Storage optimization features include: • Fileaccess auditing • Features on Demand • Data deduplication • NFS data stores .

Implementing IPAM What Is IPAM? IPAM Architecture Requirements for IPAM Implementation Managing IP Addressing Using IPAM IPAM Management and Monitoring • Considerations for Implementing IPAM .

What Is IPAM? IPAM facilitates IP management in organizations with complex networks by enabling administration and monitoring of DHCP and DNS .

Managing IP Addressing Using IPAM You can view and manage the IP address space using the following views: • IP address blocks • IP address ranges • IP addresses • IP inventory • IP address range groups You can monitor the IP address space using the following views: • DNS and DHCP servers • DHCP scopes • DNS zone monitoring • Server groups .

IPAM Management and Monitoring With IPAM. you can: • Monitor IP address space utilization • Monitor DNS and DHCP health • Configure many DHCP properties and values from the IPAM console • Use the event catalog to view a centralized repository for all configuration changes .

What Is iSCSI? iSCSI transmits SCSI commands over IP networks iSCSI client that TCP/IP protocol runs the iSCSI Initiator Storage Array iSCSI Target Server .

iSCSI Target Server and iSCSI Initiator .

such as Exchange Server and SQL Server administrators . • Design an appropriate security strategy for the iSCSI storage solution • Follow the vendor-specific best practices for different types of deployments • The iSCSI storage solution team must contain IT administrators from different areas of specialization • Design application-specific iSCSI storage solutions together with application specific administrators. Considerations for Implementing iSCSI Storage Consider the following when designing your iSCSI storage solution: • Deploy the solution on fast networks • Design a highly available network infrastructure for your iSCSI storage solution.

co m .NetComLearning.Thank You! Back to Rinchen Stick around for Raffle and Q&As www.