Sie sind auf Seite 1von 14

Expert Reference Series of White Papers

Twelve Fantastic
Features You Need to
Know about Windows
Server 2012

1-800-COURSESwww.globalknowledge.com
Twelve Fantastic Features You Need to
Know about Windows Server 2012
Randy Muller, MCT, MCTS, MCSE, CEH, Global Knowledge Instructor

Introduction
The latest, and perhaps the most significant version of Windows Server was released in September 2012. What
makes this release so significant is not just the new interface and default installation, but the enhanced Win-
dows PowerShell, support for new hardware (which means increased performance, reliability, scalability, security,
and storage options). The new virtualization enhancements have greatly increased not only the scalability of
Hyper-V but performance and enterprise adoptability as well. In short, Windows Server 2012 helps you trans-
form your IT operations to reduce costs and deliver a whole new level of business value has hundreds of new
features and enhancements spanning networking, storage, user experience, cloud computing, and more.

1. PowerShell 3.0
PowerShell is a command-line scripting language used for administration and management of Windows Server
2012 (as well as other products such as Exchange, Lync, SharePoint, SQL, and System Center). PowerShell en-
ables IT professionals to control, automate, and perform bulk administration of Windows operating system and
applications that run on Windows. Windows PowerShell 3.0 is backwards-compatible with PowerShell 2.0 and
its associated cmdlets. Some of the new windows features in PowerShell include:

Disconnected Sessions. These are user-managed, persistent sessions (PSSessions) that are created by using
the New-PSSession cmdlet. The PSSessions are saved on the remote computer and are no long dependent on the
session in which they were created.

Module Auto-Loading. All functions and modules that are installed on the computer will be loaded even if
the module is not imported into the current session.

PowerShell ISE. Features include auto-save, block copy, brace-matching, Intellisense, recent items list, Show-
command window, support for writing Windows PowerShell script workflows, and a unified Console Pane.

Updatable Help System. You can use the Update-Help cmdlet to identify, download, unpack ad validate new
help files from the internet.

Windows PowerShell Workflow. Windows PowerShell workflows are sequences of administrative or man-
agement actions that can be applied against multiple computers. These actions can be frequent, long-running,
repeatable and uninterruptible. Users and administrators can write workflows in XAML.

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 2


Windows PowerShell Web Access. Administrators and users can run PowerShell commands and scripts in a
web-based console.

2. Hyper-V Scalability
Hyper-V (or Hypervisor) enables you to create a virtualized server computing environment. Virtualization with
Hyper-V enables you to improve the efficiency of your computing resources by utilizing more of your hardware
resources. Hyper-V was first released with Server 2008 and has seen substantial improvements ever since.
Windows Server 2012 introduces several new and greatly enhanced features that puts in on par with the best
hypervisors available.

Resource Hyper-V on Windows Hyper-V on Windows


Server 2012 Server 2008 R2
Active Virtual Guests per host 1024 384
Logical Processors per host 320 64
Memory per guest session 1 TB 64 GB
Physical Memory (per host) 4 TB 1 TB
Virtual CPUs per virtual guest session 64 4
Maximum number of nodes in a cluster 64 16

Table 1. Scalability in Windows Server 2012 Hyper-V

3. Hyper-V Replicas
Hyper-V Replica provides asynchronous replication of virtual machines (VMs) from a Hyper-V host or cluster to
a remote Hyper-V host or cluster to provide business continuity and fail-over recovery. This new, built-in feature
tracks write operations on the source Host or cluster and replicates them to the destination host or cluster
so that both VMs are in constant lockstep. If the local VM fails (or if an administrator manually fails-over) the
remote replica assumes its place. All of this happens without having any specialized storage or networking
hardware requirements.

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 3


Figure 1. Hyper-V Replica
Courtesy of Microsoft, Server Virtualization Windows Server 2012 White Paper

VHDX Disk. The VHDX disk format is new to Hyper-V 3 and adds new capabilities and enhancements over
previous versions:
• A VHDX virtual hard disk can be as large as 64 TB.
• S upport for larger block sizes in VHDX virtual disks. This provides support for dynamic and differential
disks, which in turn, allows for lets these disks attune to the needs of the workload.
• A 4-KB logical sector virtual disk for applications and workloads that support 4KB sectors.
• Conversion from a VHD to VHDX and back.

4. Live Migration
Live Migration is now built into Windows Server 2012 (whereas before, you only had this capability when you
used System Center Virtual Machine Manager with Quick Storage Migration). Live Migration in Windows Server
2012 enables an administrator to migrate live VMs between stand-alone Hyper-V 3 hosts without requiring the
use of any shared storage. The benefit of this is that the VMs can be moved while keeping the VMs online and
available to clients, thus ensuring no downtime. You can perform a live migration through a GUI interface or
through a PowerShell cmdlet.

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 4


Figure 2. Live Migration GUI

Figure 3a. PowerShell cmdlet Emable VMMigration

Figure 3b. PowerShell cmdlet Emable Network Migration

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 5


As part of the live migration process, you can move different VM components to new locations on the destina-
tion host. This gives you a great deal of flexibility when performing a live migration

5. Windows Server Message Block (SMB) 3.0


New to Server 2012 is the Server Message Block (SMB) 3.0 protocol. The SMB 3.0 protocol provides access to
files, printers, and serial ports, as well as handling the transfer of files between different systems. SMB is not
backwards-compatible – the best performance obtained is between Windows Server 2012 servers or with Win-
dows 8. One great feature of SMB is when using it with clustering and replication. Clustering in Widows Server
2012 can now be done with SMB which means you no longer have to use a Storage-area Network (SAN).

• SMB Direct. SMB Direct (SMB over Remote Direct Memory Access [RDMA]) is a new transport pro-
tocol for SMB in Windows Server 2012. It enables direct memory-to-memory data transfers between
servers with low latency. Only clients and servers that support SMB 3.0 can use SMB Direct.
• S
 MB Directory Leasing. SMB Directory Leasing reduces the response time seen by branch office us-
ers accessing files over high-latency WAN networks.
• S
 MB Encryption. Only clients and servers that support SMB 3.0 can use SMB encryption, which pro-
tects data in-flight from eavesdropping and tampering attacks by providing end-to-end encryption.
• S
 MB Multichannel. Aggregates available bandwidth, allowing server applications to take full advan-
tage of all available network capacity and can provide for a more resilient network
• SMB PowerShell. SMB now has its own PowerShell cmdlets.
• S
 MB Scale Out. When using Clustered Share Volumes the Continuously Available property is set and
you can create file shares that provide simultaneous access to data files. Only clients and servers that
support SMB 3.0 can use SMB Scale Out.
• S
 MB Transparent Failover. You can perform maintenance (hardware or software) on nodes in a
cluster file server without causing interruptions on server applications.
• V
 SS for SMB file shares. This is an easy feature to implement as it leverages any existing VSS soft-
ware or applications.

6. Dynamic Access Control (DAC)


Dynamic Access Control is new to Windows Server 2012 and is used to further augment file system security,
which has been a challenging part of file system security since the Windows NT days. Prior to the release of
DAC, administrators would use the NTFS file system and Access Control Lists (ACLs) to grant or limit access
to resources on the network. Permissions were determined based on user accounts and group memberships,
whereas now we can also specify a conditional access (you would still need to meet normal NTFS user/group
permissions and meet a specific attribute setting as well).

Using Dynamic Access Control, you can set conditional access to a resource. Administrators can set centralized
access policies for file-servers throughout the entire organization. Access control can be enabled or disabled
based on users or groups. You can classify and tag data either manually or by doing a keyword assessment and

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 6


tag application. Tags can be applied through identification of keyword data looking for specific words, format,
or patterns. In short, you can enable or disable access based on attribute values on user or resource objects.
Dynamic Access Control has six major components.

Access-denied assistance. This can be used in troubleshooting access to a resource. This can be accom-
plished through:
• Self-Assistance
• Assistance by the data owner
• Assistance by the file server administrator

Central Access Policies. An administrator can create and deploy centrally administered policies to meet
compliance and other requirements. Access policies contain conditional expressions that are used to determine
access based on users, groups, user claims and resource properties. Central Access Policies contain:
• Applicability. What data is this policy applicable
• Access Conditions. What ACEs (access control entries) are used to determine who can access resources
• Exceptions. Other ACE entries that may be used as an exception.

Central Audit Policies. Policies that are applied to ensure regulatory compliance, reporting and forensics
analysis. Central Audit policies are typically applied at one of four levels:
• Business policy
• Departmental Policy
• Information Security
• Organizational policy

Claim Type. A condition or property that must be met – such as membership in a specific group or a setting in
a user account such as country

Classification. Rules that are used to determine the classification properties of resources. The file classification
infrastructure is claims aware and the classification properties are assigned to the metadata this is associated
with the resources.

Resource Property. These are labels or properties that are downloaded by servers and used to classify files.

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 7


Figure 4. DAC Control
Courtesy of Introduction to Windows Server 2012 Dynamic Access Control

7. Windows Server 2012 Remote Access


New in Windows Server 2012 is the Unified Remote Access (URA) role. In Windows Server 2008 R2, DirectAccess
and Routing and Remote Access Service (RRAS) were two separate roles. In fact, they could not be collocated on
the same server. In Windows Server 2012, DirectAccess and RRAS can be collocated, allowing for what is now
legacy remote access VPN client connectivity (L2TP/IPsec, PPTP, and SSTP). This means that the Unified Remote
Access provides DirectAccess, Remote access VPN and site-to-site VPN, and can now serve as your complete
remote access solution.

Some of the new features in Windows Remote Access include:


• S
 upport for Server Core. From a security perspective, it makes a lot of sense to run DirectAccess on
Server Core
• S
 implified management and infrastructure. You no longer need a Public Key Infrastructure (PKI),
nor do you need to have Forefront UAG to support IPv6 (Windows Server 2012 has built-in support for
NAT64 and DNS64).
• N
 AT support. Prior to Windows Server 2012, DirectAccess could not be deployed behind a NAT and
required two public IPv4 addresses. Now it can be deployed behind a NAT and can even be used with a
single network adapter.
• PowerShell. You can use PowerShell to fully automate and manage your DirectAccess deployment.
• U
 ser Monitoring. Administrators now have the capability for increased user and server health moni-
toring. The Monitoring Dashboard allows the administrator to view resource usage, server loads, user
activity, and DirectAccess clients and connections.
• N
 etwork Access Protection (NAP) Integration. Prior to Windows Server 2012, administrators
had to manually configure each Group Policy. Now NAP health check policies can be created directly
through the setup user interface and the whole process is automated.

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 8


Figure 5a. Remote Access Monitoring Dashboard

Figure 5b. Remote Access Management Console

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 9


8. New Windows Server 2012 Default Installation: Core
Server
The Server core installation option is not a new feature to Windows Server 2012, as it was introduced in Server
2008 and 2008 R2. What is new, though, are the greatly enhanced features and capabilities introduced in Server
Core. Server core is a minimal installation option; management tasks on Server Core can be performed locally
from the command line (and PowerShell) or from another computer. Some of the new features for Windows
Server Core includes: A straight forward method for switching between Server Core and a GUI interface, a GUI
with a minimal interface, support for a much broader array of roles than was available in previous versions and
support for SQL 2012

One interesting thing to note about Server Core is that it is the default installation for Windows Server 2012
though you can change it at a later time. In Windows Server 2008 there was no method to upgrade to a GUI
version. Now, you can install a GUI in Windows Server Core, in fact, there are three available levels of GUI in
Server 2012.
• Full GUI
• Minimal Server Instance (MinShell)
• Server Core installation (no GUI)

Upgrading to a GUI version is straight forward and as easy as using a single command and a reboot. How you ini-
tially installed Windows Server will determine what method you must use to change the interface for Server Core.

9. Windows Server 2012 Core Server: New Roles


Windows Server Core 2012 can now host numerous roles, including Branch Cache, Telnet Server and Active
Directory Rights Management Server (ADRMS) which was unavailable in previous versions. SQL Server 2012 can
now be installed on Windows Server Core. You can add/remove supported roles using Ocsetup in the command-
line or using PowerShell (once the source files are available) Add-WindowsFeature Server-GUI-Shell.
• Active Directory Certificate Services,
• Active Directory Domain Services
• Active Directory Lightweight Directory Services (AD LDS)
• Active Directory Rights Management Server
• DHCP Server
• DNS Server
• File and Storage Services (including File Server Resources Manager).
• Hyper-V
• IIS and Web Server
• Print and Document Services
• Remote Access Server
• Windows Server Update Services

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 10


SCONFIG.CMD is a utility that can be used to configure Windows Server Core.. The SCONFIG.CMD command-
line menu can be used to perform most common administrative server tasks.
• Add a Local Administrator
• Computer name, Network Settings
• Configure Domain and Workgroup information
• Configure Remote Management
• Windows Activation
• Windows Updates

You can use Windows PowerShell and sconfig.cmd (as well as remote GUI shells) to fully administer a Win-
dows Server 2012 Core installation.

Figure 6. Screen shot of Sconfig

10. Server Manager and Server Groups


The Server Manager in Windows Server 2012 has been redesigned, received a new interface, and has new and
increased functionality. With Server Manager, you can easily manage multiple remote servers. Using Windows
Server 2012 Server Manager, you can remotely provision roles and features quickly on a server from a central
computer. You can use the new Server Manager dashboard to view, install, and remove server roles and server
groups (or you can use PowerShell Install-WindowsFeature or Remove-WindowsFeature. Prior to this

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 11


you had to either use a Remote Desktop Connection or physically access the computer to provision new roles.
You can also install the Remote Server Administration Tools (RSAT) for Windows 8 and use a Windows 8 com-
puter to manage Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, and even Windows
Server 2003.

Another new feature in Windows Server 2012 is Server Groups. A Server Group is a collection of user-defined
servers as opposed to a grouping of servers that may share a specific role or purpose. With Server Groups, you
can perform role-based administrative tasks against a group of servers with common attributes. For example, a
server group containing all machines running DNS or DHCP could be managed.

Figure 7. Server Manager Dashboard

11. Resilient File System (ReFS)


Windows Server 2012 heralds in the new Resilient File System (ReFS), which is the replacement to the venerable
NTFS, first introduced in 1993 with NT 3.1. The Resilient File Systems has a high degree of compatibility with
NTFS and inherits many of its features. It also has new resiliency and scalability features that go beyond what
NTFS could provide, including data verification and auto correction, as well as support for larger file and direc-
tory sizes (really large files – up to 2^64-1 bytes), disk scrubbing, data striping for improved performance, and
enhanced virtualization support.

Other key features of ReFS include [http://technet.microsoft.com/en-us/library/hh831724.aspx]:


Integrity. ReFS stores data in a way that protects it from many of the common errors that can normally cause
data loss. When ReFS is used in conjunction with a mirrored Storage Space, detected corruption – both metada-

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 12


ta and user data, when integrity streams are enabled – can be automatically repaired using the alternate copy
provided by Storage Spaces. In the event of a system error, ReFS quickly recovers from the error with no loss of
user data.

Availability. ReFS prioritizes the availability of data. Historically, file systems were often susceptible to data
corruption, which would require the system to be taken offline for repair. With ReFS, if corruption occurs, the
repair process is both localized to the area of corruption and performed online, requiring no volume down-time.
Although rare, if a volume does become corrupted, or you choose not to use mirrored Storage Spaces, ReFS
implements salvage, a feature that removes the corrupt data from the namespace on a live volume and good
data is not adversely affected by non-repairable corrupt data. In addition, there is no chkdsk with ReFS.

Scalability. ReFS is designed to work well with extremely large data sets, petabytes and larger, without per-
formance impact. While practical concerns surrounding system configurations (such as the amount of memory),
limits set by various system components and the time taken to populate data sets or backup times may define
practical limitations.

Proactive Error Identification. The integrity capabilities of ReFS are leveraged by a data integrity scanner,
which is known as a scrubber. A scrubber periodically scans the volume, attempting to identify latent corruption,
and then proactively triggering a repair of that corrupt data.

12. Storage Spaces


Storage Spaces is one of the unique storage features of Windows Server 2012. By taking advantage of low-cost
commodity storage hardware (in this case, think of a JBOD (Just a Bunch of Disks). Using Storage Spaces, you
create a virtual storage pool. You combine these disks into storage pools by combining unallocated space on
physical disks. These storage pools can then be divided into spaces and used just as you would a regular disk.
You can add or remove disks to a storage pool, thereby provisioning storage as needed. Storage Spaces are
designed to work with the new Resilient File System (ReFS).

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 13


Figure 8. Server Manager Storage Spaces

Learn More
To learn more about how you can improve productivity, enhance efficiency, and sharpen your competitive edge,
Global Knowledge suggests the following courses:
MCSA: Windows Server 2012 Boot Camp
Installing and Configuring Windows Server 2012 (M20410)
Administering Windows Server 2012 (M20411)
Configuring Advanced Windows Server 2012 Services (M20412)
Upgrading Your Skills to MCSA Windows Server 2012 (M20417)

Visit www.globalknowledge.com or call 1-800-COURSES (1-800-268-7737) to speak with a Global


Knowledge training advisor.

About the Author


Randy Muller (MCT, MCTS, MCSE, CEH) is an instructor with Global Knowledge, specializes in teaching Microsoft
Lync, Exchange, SCCM as well as Windows Server.

Copyright ©2012 Global Knowledge Training LLC. All rights reserved. 14