250 likes | 256 Vues
Module 1. Server Management in Windows Server 2012 . Module Overview. What's New in Server Manager Windows PowerShell and Server Core Enhancements What’s New in Active Directory Dynamic Access Control Introducing IP Address Management. Lesson 1: What's New in Server Manager.
E N D
Module 1 Server Management in Windows Server 2012
Module Overview • What's New in Server Manager Windows PowerShell and Server Core Enhancements What’s New in Active Directory Dynamic Access Control Introducing IP Address Management
Lesson 1: What's New in Server Manager • Administering Servers with Server Manager Adding Roles and Features
Administering Servers with Server Manager Using Server Manager, you can: • Manage multiple servers from one instance of Server Manager • Deploy roles and features to remote servers • Generate Windows PowerShell scripts for actions performed in Server Manager • Group servers • View the status of all servers from a single location • Determine whether roles on the network are functioning efficiently.
Adding Roles and Features • Remotely deploy roles and features • Add roles and features to virtual hard disks even if the virtual machine is turned off.
Demonstration: Exploring Server Management in Windows Server 2012 In this demonstration you will: • Start the Server Manager console. • Add a server role or feature. • View role related events. • Run the Best Practice Analyzer for a role. • List the tools available from Server Manager. • Open the Start Menu. • Log off the currently logged on user. • Restart Windows Server 2012. Recorded Demo - Configuring Server Manager.wmv
Lesson 2: Windows PowerShell and Server Core Enhancements • Using Windows PowerShell in Windows Server 2012 Removing the Graphical Interface
Using Windows PowerShell in Windows Server 2012 The new PowerShell Integrated Scripting Engine (ISE) provides: • Integrated help – enables you to search for Windows PowerShellcmdlets if you know a few characters in their name. • IntelliSense - which suggests values as you type and prompts you for parameter values.
Removing the Graphical Interface • Benefits of Using Server Core • Reduced update requirements. • Reduced hardware footprint. • Graphical shell is now a feature. Can be turned off and back on again • Server Core Installation Options • Server Core. The standard deployment of Server Core. It is possible to convert to the full version of Windows Server 2012. • Server Core with Management. This works the same as a deployment of Windows Server 2012 with the graphical component, except that the graphical components are not installed
Lesson 3: What’s New in Active Directory • Key New Features Deploying Domain Controllers Virtualization-Safe Technology Group Managed Service Accounts
Key New Features New features of AD DS: • New deployment methods • Simplified administration • Virtualized domain controllers • Clone a Domain Controller • Active Directory Administration Center • Active Directory module for PowerShell • Windows PowerShell History Viewer • Active Directory Federated Services • Active Directory Based Activation
Deploying Domain Controllers • All configuration of domain controllers can be done through a wizard in Server Manager • AD DS binaries can be installed using PowerShell • Dism.exe is more complex to use • Dcpromo is only supported in Unattended mode
Virtualization-Safe Technology You can safely clone existing virtual domain controllers by: • Creating a DcCloneConfig.xml file and storing it in the AD DS database location. • Taking the VDC offline and exporting it. • Creating a new virtual machine by importing the exported VDC. DcCloneConfig.xml to AD DS database location Import the VDC Export the VDC
Group Managed Service Accounts • Group Managed Service Accounts provide: • Automatic password and SPN management to multiple servers in a farm • A single identity for services running on a farm Farm server1 Farm server2 Group managed service account Farm server3
Lesson 4: Dynamic Access Control • Introduction to Dynamic Access Control What are Claims? Using Central Access Policies and Rules Classifying Objects Using Resource Properties
Introduction to Dynamic Access Control • Dynamic Access Control provides : • Data Identification • Access Control to files • Auditing of access to files • RMS protection integration • Give users access to file system objects based on their attributes in Active Directory and the Classification of the file system object Finance Finance
What are Claims? • Claims are statements made by AD DS about specific user orobject in AD DS • AD DS in Windows Server 2012 supports : • User claims • Device claims • Can be based on existing Active Directory attributes • Typical implementation might use Department • Department: Sales • Level: 5 • Site: Berlin • Role: Manager
Using Central Access Policies and Rules • Central Access Rules define access based on user attributes (claims) and resource properties • Central Access Rules are grouped into Central Access Policies • Central Access Policies are pushed to file servers using group policies • A Central Access Policy has three configurable parts : • Applicability. • Access conditions. • Exception.
Classifying Objects Using Resource Properties • You manage Resource Property objects in Resource Properties container in Dynamic Access Control node In ADAC • There is a new Classification tab for file system object Properties in FSRM • The Classification tab allows you to add classifications to files and folders
Lesson 5: Introducing IP Address Management • Introducing IP Address Management Server Discovery Address Space Management
Introducing IP Address Management IPAM has the following functionality: • Address Planning • Address Allocation • Usage Tracking • Troubleshooting • Auditing Key Prerequisites: • The IPAM servermust not be a domain controller • You must log on to the IPAM server using a domain account DHCP IPAM DNS
Server Discovery • Agentless discovery • Server connects to DHCP servers, DNS servers, domain controllers, and Network Policy Servers • Client connects to IPAM server to view data • Client connects to DHCP and DNS servers to perform updates Update Query DHCP,DNS,NPS,Domain Controllers IPAM Client IPAM Server AgentlessDiscovery
Address Space Management • Address blocksContiguous range of IP addresses • Address rangesSub-division of address block forinternal allocation • IP addressesIndividual IP addresses