What’s new in Windows Server 2012Alex de Jong@alexdejongcomalex@alexdejong.com

Domain Controller cloning, Enhanced Direct Access, Safe Domain controller virtualizationRID pool enhanced Management, Enhanced logging, PowerShell 3.0, PowerShell Workflow, PowerShell history, Kerberos CBAC, Compound identity, Remote FX, IP Address Management, DHCP HADA object recovery GUIiSCSI Target, Windows NIC teaming, virtualization, 32 virtual processors per VM1TB virtual machine memoryNew 64TB VHDX format, RDMA support in SMB, Scale-out file server, Multi-channel SMBVirtual NIC monitor modeStorage PowerShell, Network PowerShell, Multi-Tenancy, Port ACLs / Firewall, Storage metering, Storage SpacesSMI-S support inbox, Virtual NUMA support, CPU metering

This session is about…

Server ManagementDynamic Access ControlHyper-V 3.0

TOP FEATURES OF STORAGE TO MEET CUSTOMER CHALLENGES

StorageEfficiency, performance, and innovation through diverse storage choices

Continuous availability through new features that preserve uptime

Cost efficiency through storage, management, and other capabilities

Offloaded data transfer

6

Transparent failover

7

NFS support

8

iSCSI target

9

Storage management

10

Storage spaces

1

File system improvements

2

Thin provisioning

3

Cluster Shared Volume

4

SMB 3.0 for workloads

5

TOP FEATURES OF WEB AND APPLICATION PLATFORM TO MEET CUSTOMER CHALLENGES

Web and application platformFlexibility through hybrid and symmetrical applications

Increased scalability and elasticity for applications

Enhanced support for open frameworks and open source

Centralized SSL management

6

“Just works” with PHP and node.js

7

Embracing web standards

8

Application symmetry

9

Comming Development Platform

10

Website density and mutlitenancy

1

Application Initialization

2

Dynamic IP Restrictions

3

CPU Throttling

4

NUMA-Aware Scalability

5

TOP FEATURES OF NETWORKING TO MEET CUSTOMER CHALLENGES

NetworkingEasy to connect users to IT resources

Efficient management of datacenters and private clouds

Ability to link your infrastructure with Public Cloud Services

Dynamic Virtual Machine Queue

6

IP Address Management (IPAM)

7

Quality of Service (QoS)

8

BranchCache

9

SMB Direct and Multichannel

10

NIC Teaming

1

Network virtualization

2

DHCP server failover

3

Single Root I/O Virtualization (SR-IOV)

4

Resource Metering

5

TOP FEATURES FOR MANAGEMENT AND AUTOMATION TO MEET CUSTOMER CHALLENGES

Management and automationIncreased management efficiency

Simplified deployment and virtualization

Resilient and simple automation

Windows PowerShell Workflow

6

Windows PowerShell Web Access

7

Windows PowerShell ISE

8

Script Sharing

9

Syntax Simplification and IntelliSense

10

Multiserver management

1

Role and feature deployment

2

Integrated console

3

2,400 cmdlets

4

Disconnected Sessions

5

Easy to switch Windows Server 2012

Server CoreMinimal Server

InterfaceGUI

Desktop Experience

Graphical Management Tools and Infrastructure Server Graphical Shell Desktop ExperienceAdd/remove

Feature

PowerShellInstall-WindowsFeature

Uninstall-WindowsFeatureServer-Gui-Mgmt-Infra Server-Gui-Shell Desktop-Experience

The N x M Problem

IT Pro IT Developer Solution Developer

Storage Exchange DevicesDiskManaged Objects

…

The Solution• Maximizing the value of leveraging the windows management

framework

WMF

IT Pro IT Developer Solution Developer

Storage Exchange DevicesDiskManaged Objects…

The Solution• Maximizing the value of leveraging the windows management

framework

Standard Protocols (WS-Man, REST, HTTP, PSRP)

Standard APIs (MIClient, PowerShell, OData)

Standard Models (CIM Schema, SMI-S)

IT Pro IT Developer Solution Developer

Storage Exchange DevicesDisk Managed Objects

WM

F

PowerShell Investments Themes

Simple and Easy• Enhanced PowerShell_ISE• Intellisense• Simplified syntax• Aliases for OS commands

Deal with a messy world• Robust connections• Integrated workflow• Remote Connect / Disconnect• Scheduling jobs• Remoting enabled by defaultCoverage, coverage,

coverage2400+ cmdletsSupport thriving community

New ways to write Cmdlets: WMI, WorkflowScript Library & Explorer

V3 is a better V2150+ Connect issues fixedOn-the-fly compilation allows PowerShell scripts to run up to 6x fasterStream redirection for Verbose, debug, warning streamsTail support for Get-ContentTab completion for hidden directories

Windows PowerShell 3.0 Features• Windows PowerShell Workflow• .NET Framework 4 support• Add-Member improvements• Computer cmdlets• CSV handling improvements• Get-ChildItem attributes• Get-Command improvements• Get-Content -Tail• Better history support• Security cmdlet fixes• Select-Object optimizations• Select-String improvements• Tee-Object -Append• Disconnected sessions• Idle timeout & server buffering control• Invoke-Command in disconnected

sessions• Disconnected jobs• STA mode by default• Run with PowerShell context menu• Updated console font & branding• Console host start perf improvements• ETW logging and tracing• Module logging• New Group Policy settings• Output redirection for all streams• Dynamic types & formats• Word wrap• Default properties on custom objects

Updatable help systemMethod overload discoveryHelpUri attribute supportHelpFile property on FunctionInfoNew parser built on DLRSimplified Where and ForEachRemoting local variables via $usingArray syntax for scalarsCustom parameter value defaultsGeneric method invocationTypecasting deserialized objectsImproved method overload selectionNew objects from hash tablesOrdered hash tablesTypecasting for parameter values$PSScriptRoot and $PSCommandPathImproved module discovery & importNew module manifest keysPublic abstract syntax treePipeline paging APIsNested pipeline APIsRunspace pool cleanup APIPublic tab completionWindows RT API supportObsolete cmdlet attributeVerb & noun on FunctionInfoWeb & REST cmdletsJSON cmdlets

CIM cmdlet authoring from WMI v2CIM .NET APIsCore CIM cmdletsRuntime script compilationEngine reliability improvementsBetter Get-ChildItem network perfCmdlet definition filesCertificate provider improvementsCredentials for FileSystem providerAlternate NTFS data stream supportMove-Item across drivesRemote module discovery & importRemote session autodisconnect & retryTransport options for remote sessionsRunAs and SharedHost supportScheduled jobsJob integration with Task SchedulerAlternate credential support for jobsSession configuration filesModule autoloadingCommand discovery improvementsSpecial character handlingLiteralPath support for core cmdletsImproved tab completionIntellisenseWindows Management Framework 3.0WinPE supportWindows RT support

Windows PowerShell Web AccessWindows PowerShell Web ServicesXAML-based workflowsScript-based workflowsControl Panel cmdletsUnblock-File cmdletWorkflow helpCmdlet to activity conversionWorkflow persistenceImproved WMI object formattingHeterogeneous object formattingWorkflow loggingWorkflow extensibilityCommon workflow parametersWorkflow execution environmentSnippetsISE Add-onsIntelliSense supportShow-CommandGet-Help -ShowWindowRestart Manager supportScript autosave supportOut-GridView -PassThruXML syntax highlightingBlock selectCollapsible regionsContextual F1 supportScript Explorer

Demo – Server Management

• Server Groups• Monitoring

Demo –Switch UI’s

• Server3 – Server Manager – remove UI and infrastructure, reboot

• Login, Powershell,add-windowsfeature –name user-interfaces-infra –includeallsubfeature

• Shutdown –r –t 0

TOP FEATURES FOR SECURITY & ACCESS

Security and accessProtection of corporate resources

Data access management and protection

Simplified deployment and management of identity infrastructure

Dynamic Access Control

1

Active Directory virtualization

6

Active Directory cloning

7

Kerberos constrained delegation

8

Private virtual LAN (PVLAN)

9

Multitenant security and isolation

10

Classification

2

DirectAccess

3

Simpler deployment of Active Directory

4

Domain Name System Security Extensions

5

Expression based access control• Manage fewer security

groups by using conditional expressionsFlexible access

control lists based on document classification and multiple identities (security groups).

Centralized access control lists using Central Access Policies.

Expression based access conditions

Country

Department

x 50

x 20

Sensitive

Make that 2000 groups

Expression based access control• Create Central Access

Policies that combine groups and classification

• Apply policies across servers

Flexible access control lists based on document classification and multiple identities (security groups).

Centralized access control lists using Central Access Policies.

Expression based access control

Data classification – identifying data• Classify data based on location

inheritance

• Classify data automatically

• Data Classification Toolkit

Data Classification

Classify your documents using resource properties stored in Active Directory.

Automatically classify documents based on document content.

Central Access Policy – let’s reviewIn Active Directory:• Create resource property

definitions• Configure central policiesOn File Server:• Classify information• Assign central policyAt Runtime:• User access is evaluated

Resource Property

Definitions

Access Policy

Windows Server 2012 Active Directory

Windows Server 2012File Server

Allow/Deny

End User

But wait – there’s more

User claimsUser.Department = Finance

User.Country = US

ACCESS POLICYApplies to: File.Country exists AND File.Department Exists

Allow | Read, Write | if (User.Department == File.Department) AND (User.Country == File.Country)

Device claimsDevice.Department = Finance

Device.Managed = True

File propertiesFile.Department = Finance

File.Country = US

Active Directory

File Server

Let’s reviewNo conditional expressions

Using groups with conditional expressions

Using user claims

FCI CLASSIFY PROTECTDYNAMI

C POLICY PROTEC

TOR

User Extending Dynamic Access Control for AD RMS

Windows Server 2012

DYNAMIC

POLICY MODUL

EDesktop

4

GigaTrust Dynamic Policy for AD RMS Protection

Configure User Claims, Resource Properties, and Central Access Policies.

1

Secure files with Dynamic Access Control policies based on properties and claims.

2

2

FCI invokes Dynamic Policy Protector to RMS protect with Policy and Resource Properties captured in the Issuance License.

3

4AD RMS Use License returned only if Dynamic Policy is satisfied by user claims.

1AD Admin Center

Access Policies

Claims

Properties

Dynamic Access Control

USE LICENSE

3

Claims-Aware Dynamic Access Control

+AD RMS Protection

Legend:

User Claims

Resource Properties

Access Policy

GigaTrust Product Component

GigaTrust Contact: ppainter@gigatrust.com

AD RMS

Windows Server 2012static

Central Audit Policy – let’s reviewIn Active Directory:• Create resource property

definitionsIn Group Policy:• Create global audit policyOn File Server:• Classify informationAt Runtime:• User access generates

targeted and contextual events

Event collection system• Collects events to a central

repository• Generates flexible reports

Resource Property

Definitions

Audit Policy

Windows Server 2012 Active Directory

Windows Server 2012File Server

Audit Yes/No

End User

Event collected to central repository for analysis and

reporting

Demo Enable DAC• Server1: AD Adm Ctr – Resource Properties• Laten zien

• Server3: Check properties – ps:> update-fsrmcla…check properties

• Example folder,file classifications, permissions• Central Access Rule example• Central Access Policy example• Gpmc, policy: comp,win,sec,filesystem

(rightclick)

• Server1: AD Adm Ctr – Central Access Rulescreate:

• Central Access Policiescreate: Sales Policy

• GPMC: Create Policycomputer settings – security settings – file server, rightclick, manage Central Access Policies.

• Server2: gpupdate /forcefolder security, Central Policy tab, select

Demo: DAC Central Management

Hardware offloading

6

Virtual Fibre Channel

7

Guest NUMA support

8

Runtime memory configuration

9

Hyper-V network switch

10

Hyper-V Network Virtualization

1

TOP FEATURES OF SERVER VIRTUALIZATION TO MEET CUSTOMER CHALLENGES

Server virtualizationComplete virtualization platform

Increased scalability and performance

Elastic and flexible—from the datacenter to the cloud

Shared-nothing live migration

2

Massive scale

3

Cluster enhancements

4

Hyper-V Replica

5

System Resource

Maximum number

Improvement factor

Windows 2008 R2

Windows Server 2012

Host

Logical processors on hardware 64 320 5×

Physical memory 1 TB 4 TB 4×

Virtual processors per host 512 1,024 2×

Virtual machine

Virtual processors per virtual machine

4 64 16×

Memory per virtual machine 64 GB 1 TB 16×

Active virtual machines 384 1,024 2.7×

Virtual disk size 2 TB 64 TB 32×

Cluster

Nodes 16 64 4×

Virtual machines 1,000 4,000 4×

Scale enhancements

Hyper-V Scale ComparisonMassive Scale in the Box

Windows Server 2008 Windows Server 2008 R2

Windows Server 2012

HW Logical Processor Support

16 LPs 64 LPs 320 LPs

Physical Memory Support

1 TB 1 TB 4 TB

Cluster Scale 16 Nodes up to 1000 VMs

16 Nodes up to 1000 VMs

64 Nodes up to 4000 VMs

Virtual Machine Processor Support

Up to 4 VPs Up to 4 VPs Up to 64 VPs

VM Memory Up to 64 GB Up to 64 GB Up to 1 TB

Live Migration Yes, one at a time Yes, one at a time Yes, with no limits. As many as hardware will

allow.

Live Storage Migration

No. Quick Storage Migration via SCVMM

No. Quick Storage Migration via SCVMM

Yes, with no limits. As many as hardware will

allow.

Servers in a Cluster 16 16 64

VP:LP Ratio 8:1 8:1 for Server12:1 for Client (VDI)

No limits. As many as hardware will allow.

Dynamic, High Performance Storage

• Live Storage Migration

• Virtual Fiber Channel

• Support for File Based

Storage on SMB 3.0

• New VHDX Format

• Online MetaOperations

• Live VHD Merge

• Live New Parent

• Native 4K Disk Support

• Offloaded Data Transfer

(ODX)

Offloaded Data Transfer (ODX)

Intelligent Storage Array

Virtual Disk

Virtual Disk

Actual Data Transfer

Offload Read Token Token

Offload Write

Token

Hyper-V ODX Support

• Secure Offload data

transfer

• Fixed VHD/VHDX Creation

• Dynamic VHD/VHDX

Expansion

• VHD/VHDX Merge

• Live Storage Migration

• Just one example…

Average Desktop

ODX0

50

100

150

200

Creation of a 10 GB Fixed Disk

Time (seconds)

<1 Second!

~3 Minutes

Hyper-V Storage No Limits & DynamicWindows Server 2008 Windows Server 2008

R2Windows Server 2012

Live Storage Migration

No. Quick Storage Migration via SCVMM

No. Quick Storage Migration via SCVMM

Yes, with no limits. As many as hardware will

allow.

VMs on File Storage No No Yes, SMB 3.0

Guest Fiber Channel No No Yes

Virtual Disk Format VHD up to 2 TB VHD up to 2 TB VHD up to 2 TBVHDX up to 64 TB

VM Guest Clustering Yes, via iSCSI Yes, via iSCSI Yes, via iSCSI or FC

Native 4k Disk Support

No No Yes

Live VHD Merge No, offline. No, offline. Yes

Live New Parent No No Yes

Secure Offloaded Data Transfer (ODX)

No No Yes

Availability Enhancements

• Windows NIC Teaming

• Continuously Available File Server (SMB) storage

• CSV 2.0 Integration with Storage Arrays for Replication &

HW snapshots out of the box

• Guest Clustering via Fiber Channel for HA

• Support for Concurrent Live/Live Storage Migrations

• Major Failover Cluster Enhancements…

Scale, Management, Policy & StorageFailover cluster

• Support for 64 nodes &

4000 VMs in a Cluster

• Cluster Aware Updating

• Cluster Shared Volumes

2.0

• VM Failover Prioritization

• Anti-Affinity VM Rules

• Cluster Wide Task Scheduling

• Inbox Live Migration Queuing

• SMB Support

• Hyper-V App Monitoring

• Guest Clustering via Fiber

Channel…

Guest Fiber Channel Architecture

• Up to four virtual HBAs assigned to each VM

• WWNs assigned to each VM

• Doesn’t require re-zoning

• NPIV utilized to surface VM ports

on the host

• Works with Live Migration

NPIV port(s)

Complete Redundancy In the Box

Disaster Recovery• Hyper-V Replica for Asynchronous Replication• CSV 2.0 Integration with Storage Arrays for Synchronous

Replication

Application/Service Failover

• Non-Cluster Aware Apps: Hyper-V App Monitoring• VM Guest Cluster: iSCSI, Fiber Channel• VM Guest Teaming of SR-IOV NICs

I/O Redundancy• Network Load Balancing & Failover via Windows NIC Teaming• Storage Multi-Path IO (MPIO)• Multi-Channel SMB

Physical Node Redundancy

• Live Migration for Planned Downtime• Failover Cluster for Unplanned Downtime

Hardware Fault • Windows Hardware Error Architecture (WHEA)/RAS

Manageability ComparisonWindows Server 2008 Windows Server 2008

R2Windows Server 2012

Hyper-V PowerShell No No Yes

Network PowerShell No No Yes

Storage PowerShell No No Yes

SCONFIG No Yes Yes

Enable/Disable Shell No(Server Core @ OS

Setup)

No(Server Core @ OS

Setup)

Yes, MinShell

VMConnect Support for RemoteFX

N/A No Yes

What is Microsoft Hyper-V Server?

• Enterprise-class, Microsoft hypervisor• Local Command Line

Interface• Does not include guest OS

licenses

• Standalone Hyper-V• Free ISO download from

Microsoft.com website • Designed for remote

management• Contains all Hyper-V

features

Great Reasons to use Hyper-V Server

• Linux VM Consolidation

• VDI platform

• Hoster virtualization platform

Microsoft Hyper-V Server 2008 R2 SP1->2012 MS Hyper-V Server 2008 R2 SP1 Microsoft Hyper-V Server 2012

Release Date: August 2011 Coming Soon

Cost: Free Download from:www.microsoft.com/hvs

Free Download from:www.microsoft.com/hvs

Physical Processor Support: Up to 8 processors(no core limitations)

Up to 64 processors(no core limitations)

Physical Memory Support: Up to 1 TB per server Up to 4 TB per server

Virtual Processors Up to 4 per VM Up to 64 per VM

Virtual Machine Memory Support: 64 GB of memory per VM(no memory tax)

1 TB of memory per VM(no memory tax)

Live Migration/High Availability: Yes Yes

Live Storage Migration: No Yes

Shared Nothing Live Migration: No Yes

RemoteFX: Yes More monitors, more resolutions

Storage Spaces: No Yes

VMs on File Based Storage No YesCustomer Driven: More Features, Scale, Availability, Mobility in every

release.

VMware ESXi 5.0 vs MS Hyper-V Server 2012

• Scale• Limited to 4 vCPUs in VM• Host RAM limited to 32 GB

• No Enterprise level features• No vMotion• No Storage vMotion• No High Availability• No Extensible Switch• No VM Replication

Microsoft Hyper-V Server 2012

• Scale• Up to 64 VPs per VM• Up to 4 TB of memory per Host RAM• Up to 1 TB of memory per VM

• Enterprise level features included• Shared Nothing Live Migration• Live Storage Migration• High Availability via Clustering• Hyper-V Replica (Unlimited VM

Replication)• Storage Spaces• …much more…

VMware ESXi 5.0 (Free Version)