Presentation is loading. Please wait.

Presentation is loading. Please wait.

Longhorn Academy Server Management Dave & Sebastian.

Similar presentations

Presentation on theme: "Longhorn Academy Server Management Dave & Sebastian."— Presentation transcript:

1 Longhorn Academy Server Management Dave & Sebastian

2 Agenda Current Situation Infrastructure Optimization Initiative Server Management Overview Setup & Initial Configuration Tasks Server Core Server Roles SML Server Manager Print Management Server Deployment (WDS) Powershell Remote Management Group Policies

3 Issues Faced By Administrators Today What steps do I need to perform to configure my Windows Server machine? If Im installing a component, what are its dependencies and how do I install them? What tools do I use to manage installed components and where do I find them?

4 Business Results & New Value End User Productivity Customer Connection Keep Business Up & Running Security Competition Technology Change Regulatory Compliance Cost Reduction More Pressure than Ever on IT

5 Application failure 40% Operator error 40% Other 20% Untested application Change management Overloaded Weak problem detection Forgot something Lack of procedures Backup errors/security Hardware/platform Network Power and disaster Gartner Group Operations When IT Services Go Wrong People and Process Play a Major Part Causes of Downtime

6 Web Server Management Configuration and Role Management Policy Based Networking Enhanced Scripting and Task Automation More Control Windows PowerShell Windows Server Manager, Server Core Windows Firewall IIS 7 Spend Less Time on Everyday Tasks

7 Technology framework to help maximize the value of your IT investments Structured way to drive cost reduction, security & efficiency gains and boost agility Based on industry analyst and academic work Provides guidance and best practices for step- by-step implementation Infrastructure Optimization

8 Server Management Overview Initial Configuration Tasks Server Roles Server Roles Available Server Management Console Alternative Management Methods Printer Management Server Modeling Language Additional Methods

9 Windows Server 2003 setup Post-Setup security updates Manage your server Configure your server wizard Add/Remove components Computer Management Security Configuration Wizard Operating system setup Initial Configuration Tasks Server Manager Windows Server 2003 Windows Server 2008 Windows Server Setup Process

10 Initial Configuration Tasks Administrator password Network IP address Domain membership Computer name Windows Updates Windows Firewall

11 Server Core Installation Active Directory, AD Lightweight Directory Services, DHCP Server, DNS Server, File Services, Print Services, Windows Media Services, Windows Virtualization Services Server Core Installation Active Directory, AD Lightweight Directory Services, DHCP Server, DNS Server, File Services, Print Services, Windows Media Services, Windows Virtualization Services Benefits of Server Core Reduced maintenance Reduced attack surface Reduced management Less disk space required Benefits of Server Core Reduced maintenance Reduced attack surface Reduced management Less disk space required Server Core

12 Publish cmd.exe using Terminal Services RemoteApp to allow you to run cmd.exe in a window on your local machine rather than in a full terminal services client Implement Server Core whenever possible Minimize administrative access to the system Ensure physical security of the server Implement BitLocker Drive Encryption Server Core - Recommendations

13 Server Core provides a minimal installation option Server Core supports the following roles: AD Domain Services, AD Lightweight Directory Services, DHCP Server, DNS Server, File Services, Print Services, Windows Media Services, and Windows Virtualization Services Server Core is managed: Locally and remotely through the command line Remotely via MMC Remotely via Terminal Services Remotely via Windows Remote Shell Server Core provides a script for configuring settings that cannot be configured through a command-line or MMC snap-in Server Core provides a minimal installation option Server Core supports the following roles: AD Domain Services, AD Lightweight Directory Services, DHCP Server, DNS Server, File Services, Print Services, Windows Media Services, and Windows Virtualization Services Server Core is managed: Locally and remotely through the command line Remotely via MMC Remotely via Terminal Services Remotely via Windows Remote Shell Server Core provides a script for configuring settings that cannot be configured through a command-line or MMC snap-in Server Core - Summary

14 Server Roles A role is logical grouping of a set of components based on User scenarios Typical server workloads Dependencies Examples of roles are Windows Media Services, Terminal Services

15 Server Roles RoleDescription Active Directory Certificate Services (AD CS) Enables creation and management of digital certificates for users, computers, and organizations as part of a public key infrastructure. Active Directory Domain Services (AD DS) Stores information about objects on the network and makes this information available to users and network administrators. Uses domain controllers to give network users access to permitted resources anywhere on the network. Active Directory Federation Services (AD FS) Provides simplified, encrypted identity federation and Web single sign- on (SSO) capabilities. Active Directory Lightweight Directory Services (AD LDS) Provides a store for application-specific data, for directory-enabled applications that do not require the infrastructure of Active Directory Domain Services. Multiple instances of AD LDS can exist on a single server, each of which can have its own schema. Active Directory Rights Management Services (AD RMS) Information protection technology that works to help safeguard digital information from unauthorized use. Application Server Provides central management and hosting of high-performance distributed business applications such as those built with Enterprise Services and.NET Framework 3.0. Dynamic Host Configuration Protocol (DHCP) Server Enables the central provisioning, configuration, and management of temporary IP addresses and related information for client computers. Domain Name System (DNS) Server Translates domain and computer DNS names to IP addresses. DNS is easier to manage when it is installed on the same server as Active Directory Domain Services. Fax Server Sends and receives faxes and allows you to manage fax resources such as jobs, settings, reports, and fax devices on this computer or on the network.

16 RoleDescription File Services Provides technologies for storage management, file replication, distributed namespace management, fast file searching, and streamlined client access to files. Network Policy & Access Services Provides support for routing LAN and WAN network traffic, creating and enforcing network access policies, and accessing network resources over VPN and dial-up connections. Print ServicesProvides access to and manages network printers and printer drivers Terminal Services Provides technologies that enable access to a server running Windows-based programs or the full Windows desktop. Users can connect to a terminal server to run programs, save files, and use network resources on that server. UDDI Services Provides Universal Description, Discovery, and Integration (UDDI) capabilities for sharing information about Web services within an organizations intranet or between business partners on an extranet. Organizes and catalogs Web services and other programmatic resources. A UDDI Services site consists of a UDDI Web Application connected to a UDDI Database. Web Server (IIS)Provides a reliable, manageable, and scalable Web application infrastructure. Windows Deployment Services (WDS) Provides a simplified, secure means of rapidly deploying Windows operating systems to computers by using network-based installation, without the need for an administrator to work directly on each computer, or install Windows components from CD or DVD media. Windows SharePoint Services Helps organizations increase productivity by creating Web sites where users can collaborate on documents, tasks, and events and easily share contacts and other information. Server Roles

17 How Server Manager uses the concept of Roles List of roles displayed maps 1x1 to the list of role models Hierarchy within a role is captured from its model Settings and defaults are captured in the role specific model Information is then submitted to SML Platform infrastructure to make updates to the server

18 SML – Service Modeling Language Service Modeling Language (SML) ( is the XML Schema based modeling language that provides a rich set of constructs for modeling complex IT services and systems Service Modeling Language ( – An XML Schema based language providing constructs for modeling the elements in complex IT services and systems, their relationships and constraints Profile of XML Schema 1.0 is used for defining structural aspects Profile of Schematron is used for defining constraints – Schematron is an ISO/IEC standard ( _ISO_IEC_ _2006(E).zip)

19 Server Manger tool in Windows Server 2008 – SML models of in the box server roles are used for installation, configuration, and on-going management of these roles via Document Collection processing Desired Configuration Monitoring (DCM) feature in SCCM (ConfigMgr) 07 – SML models are used to define and verify the desired configuration of machines via Document Collection processing Configuration Management Database in Service Manager v1 – Uses the SML-based Microsoft Model Library and the SQL store for defining and storing the past, present, and future planned configuration of IT assets in an enterprise Much other work in development SML – Service Modeling Language

20 An SML model of a role captures: – Structure of the service: components and relationships, eg IIS Role Hierarchy – Desired configuration, eg Default Settings – Constraints, eg Domain Joined Requirement – Management information such as events and performance counters, rules for determining the operational health of the service, etc. SML Based Role Models

21 Functional Behaviour With Dependencies

22 New MMC snap in. Provides consolidated view of server including: Configuration Status of Installed Roles Links for adding/removing installed roles and features Starting and Stopping Services managing local user accounts determining server status identifying critical events analyzing and troubleshooting configuration issues or failures. Server Manager


24 Print Management Print Management provides centralized administration of all of the printers in the organization from any computer running: Windows Server 2003 R2 Windows Vista Windows Server 2008 operating systems. Windows XP clients (x86 and x64). Print Management can: Up-to-the-minute details about the status of all printers and print servers on the network from one console. Help find printers that have error conditions Send notifications or run scripts when a printer or print server needs attention. On printer models that provide a Web interface, it can access this additional data allowing information such as toner and paper levels to be managed easily.

25 To facilitate scripting and unattended role deployment/removal scenarios, the ServerManagerCmd.exe command line tool can be used. ServerManagerCmd exposes the key functions of Server Manager, such as installation/removal of roles, role services and features, command validation, and querying the current state of the machine. ServerManagerCmd also allows for: installation/removal of multiple server roles, role services and features together using XML answer files supports a set of command-line arguments to allow additional control over how the answer file should be executed. Full listing of the available ServerManagerCmd commands: ServerManagerCmd –help (or -?) Servermanagercmd.exe (command line interface)

26 -query [ ] (Short form: -q) Display a list of all roles, role services, and features available, and shows which are installed. If is specified, the information is also saved to a query.xml file -install (Short form: -i) Install the role, role service, or feature that is specified by the parameter. -allSubFeatures (Short form: -a) Used with the -install parameter to install all subordinate role services and features along with the role. role service, or feature named with the -install parameter. -remove (Short form: -r) Remove the role, role service, or feature that is specified by the parameter. -restart Restart the computer automatically, if restarting is necessary to complete the operation. -logPath (Short form: -l) Specify the non-default location for the log file (ServerManager.log). Servermanagercmd Commands

27 MMC 3.0 A new pane called the actions pane is available; it displays available commands for the selected node Provides Windows forms hosting capability Full integration with WinForm, unlike the older OCX views in MMC 2.0 Standard Visual Studio® designer and design guidelines available for view design Possible to isolate process and application domains Functionally rich views can be created using one of the four available view types: list, Windows Forms, HTML, and message Increased Reliability Improved detection and reporting of snap-in problems Because actions are logged, it is easier to debug and incrementally improve snap- in code Ability to isolate suspended snap-ins from the console

28 Task Scheduler 2.0 Isolating user actions in separate sessions Credentials managements using new security services (S4U and CredMan) Removed limitations on the number of registered tasks API additions: Scripting Support: Interfaces are now derived from IDispatch providing full support for scripted development Task Scheduler Schema: Allows you to create/manage tasks through XML-formatted docs. New Triggers: New time/calendar/event triggers. All triggers support repetition, delay, start, and stop. Task Settings: Can now prioritize tasks, define multiple instance policies, starting a task only if the network is available, reset on failure, execution time limit, etc. New actions: Send an message, show a message box, start an executable, or fire a COM handler.

29 Boot from the CD and install – Supported since the original Windows NT days – Sadly, still a very common way of installing Windows Server – Some have enhanced the process with unattended answer files and customized CDs Server Deployment – The Past

30 Remote Installation Services – Released with Windows 2000, February 17, 2000 – Supports PXE boot to perform unattended installations of Windows (RISETUP), or installation of simple images (RIPREP) – Simple menu creation and customization capabilities – Remember the RIS Menu Editor from 3Com? Enabled RIS to boot floppy disk images – Primarily used for desktop Oses – Can boot Windows PE with some effort Server Deployment – The Past

31 Automated Deployment Services – Released as an add-on to Windows Server 2003 in 2003 – Required a Windows Server 2003 Enterprise or Datacenter license – First Microsoft tool to use true images Images could be mounted – Supported PXE boot, multicast – Used virtual DOS boot floppies and could boot Windows PE – Supported task sequencing for increased automation – Used as core of Virtual Server Migration Toolkit (P2V) – Updated version 1.1 released in 2005, with x64 support Server Deployment – The Past

32 Windows Server Deployment Solution Accelerator – Released in September 2003 – Built from the Business Desktop Deployment Solution Accelerator version 1.0 – Uses ADS for image creation and deployment Server Deployment – The Past

33 Automated Purposing Framework (APF) – Released in 2000, updated in 2003 – Can be used with ADS or standalone – Script-based deployment process – APF Explorer for configuring hierarchical settings – Used as part of the Microsoft Solution for Windows- based Hosting – Largest current uses are with Microsoft UK and partners such as 1E Server Deployment – The Past

34 Branch Office Infrastructure Solution (BOIS) – Released in 2005 – Includes the Automated Deployment Toolkit, a derivative of APF – Could leverage ADS for image capture and deployment – Includes scripts for installation of some server roles Server Deployment – The Past

35 Vista and Longhorn change the landscape – New image format and image-based installation process – New core deployment tools provided in Windows Automated Installation Kit (WAIK) – Products need to be updated (or replaced) – Guidance and tools need to be updated (or replaced) – Customers and partners will need to do some reengineering of processes Server Deployment – The Present

36 Windows Deployment Services – Released in November 2006 – The next generation of RIS, with support for image deployment, Windows PE 2.0, and PXE – Available for Windows Server 2003 SP1 as a hotfix, part of SP2 and Longhorn Server – A partial replacement for ADS Server Deployment – The Present

37 SMS 2003 OS Deployment Feature Pack – Released in November 2004, updated in 2006 to support Vista/Longhorn deployment and image format – While server deployment can be performed, there are limitations resulting in restricted support Server Deployment – The Present

38 Windows Deployment Services – New features in Longhorn Server version: Multicast with an improved algorithm Improved TFTP performance EFI support Server Deployment – The Future

39 System Center Configuration Manager 2007 (SCCM) – To be released in Q3 CY07 – A service pack or hotfix will be required to support LH Server deployment, available weeks after LH Server RTM – Significant investments in OS deployment capabilities, task sequencing, integration with WDS – Improves on the SMS 2003 OS Deployment Feature Pack – Picks up most of the functionality from ADS Server Deployment – The Future

40 Windows Server Deployment Solution Accelerator – To be released shortly after Longhorn Server – Built on top of BDD 2007 (which will continue supporting Vista and XP deployments, also with SMS 2003 OSD), so consistent tools for client and server – Provides guidance and tools for deploying Windows Server 2003 and Longhorn Server – Leverages and extends capabilities of WDS and SCCM 2007, while also offering Lite Touch functionality that requires no management infrastructure Server Deployment – The Future

41 Guidance Tools WSD LTI SCCM 2007 OSD WDS and WAIK tools GoodBetterBest WSD ZTI WSD Methodology and Best Practices

42 Rapidly deploy Windows operating systems Updated and redesigned version of Remote Installation Services (RIS) Server components Client components Management components Windows Deployment Services provides several enhancements to RIS Windows Vista Windows Server 2008 Windows Deployment Services (WDS)

43 WDS - Components Server Components Pre-Boot Execution Environment (PXE) server Trivial File Transfer Protocol (TFTP) server shared folder and image repository containing boot images installation images files that you may need specifically for network boot Client Components Graphical user interface Management Components a set of tools that you use to manage: the server operating system images client computer accounts

44 WDS - Enhancements Use the Windows Deployment Services snap-in to create a "capture image" that can create a custom image from a computer that has been prepared with Sysprep.exe Use the Windows Deployment Services Capture Wizard to create and add an image prepared with Sysprep.exe Use the Windows Deployment Services snap-in to associate unattended installation files with Windows images Associate one or more language packs with an image, eliminating your need for unique images for each language your organization supports Use the Windows Deployment Services snap-in to create a "discover image" for use with computers that do not support PXE boot

45 New Command-line shell & Scripting Language Futures Improves productivity & control Accelerates automation of system admin Easy-to-use Works with existing scripts Will ship in Windows Admin GUIs layered over PowerShell One-to-many remote management using WS-MGMT Partners Powershell

46 Hundreds of Scripts Books & Training Materials Community Support MS MVPs PowerShell Team Blog Active Newsgroup Channel 9: DFO Show Manning Publications OReilly Media Sapien Press & others… TechNet ScriptCenter Exchange Server 2007 Terminal Server WMI, Registry, Hardware, etc. Community-Submitted scripts More Control Powershell

47 What is Powershell? Revolutionary new interactive shell and scripting language Based on.NET New set of built-in tools (+120) New language to take advantage of.NET A new object-pipeline system view Can continue to use current tools Can continue to use current automation (COM)

48 Benefits Automate administration of multiple servers through a task-oriented scripting language Accelerate script authoring, testing and debugging and write customer tools in a new command shell environment Utilize new scripts and Cmdlets Manage command-line services, processes, registry, and WMI data Manage and/or automate administration tasks for server roles such as IIS and Active Directory Automate Terminal Server configuration changes by means of PowerShell scripts, and examine configuration similarities and differences across a Terminal Server farm. Manage an Internet Information Services 7.0 environment. Remotely manage servers.

49 Do I need to learn.NET before I can use PowerShell? – No - you can continue to use existing tools. Do I need to rewrite all my existing tools? – No - existing tools will run just fine. Do I need to learn the new language? – No - You can easily run existing commands without modification. Learning the new – Online help is full of examples that are ready to use – The new language elements make interacting with.NET a snap. – Using.NET can help you where new tools dont exist and opens a vast space of productivity – Learn at your own pace, PowerShell will be ready for you No Fear, Uncertainty or Doubt

50 CMDlets A cmdlet (pronounced "command-let") is a single-feature command that manipulates objects in Windows PowerShell. You can recognize CMDlets by their name format – a verb and noun separated by a dash (-), Get-Help Get-Process Start-Service.

51 Dont throw away any existing scripts or batch files – they can still be used! Start using Windows PowerShell immediately! Dont forget the power of the wildcard, such as * Dont deploy Windows PowerShell on any machine where it is not actually needed Centrally-Control Windows PowerShell security settings through GPOs – do it now! Powershell - Recommendations

52 Windows Remote Management Remote Hardware Management Winrm.cmd Prerequisites Benefits Remote Management

53 Installation and Configuration Remote Management Architecture Scripting in Windows Remote Management Authentication for Remote Connections Remote Management

54 Remotely connect WMI instrumentation for asset and configuration management Manage PCs in restricted environments (e.g. DMS, Internet, through firewalls/NATs) Execute remote scripts or command-line utilities with Windows Remote Shell Monitor PC health by forwarding events to a central collector Usage Scenarios

55 Group Policies FeatureDescriptionBenefit XML-based policy definition filesAdministrative template files are replaced by an XML-based file format that incorporates multilanguage support and strong versioning. Group Policy tools display in the administrator's operating system language Managing registry-based policy settings while accommodating automated or fully manual change management processes Central store of ADMX filesThe central store is a domain- wide directory created in the Sysvol. Reduces the need for additional storage and greater replication traffic resulting from increasing numbers of GPOs Group Policy administrative tools read both ADMX and ADM files Group Policy administrative tools use the core operating system ADMX files from the local machine before the creation of the central store. In addition, the administrative tools can read any other ADM file stored locally or in a GPO Ensures interoperability with earlier platforms for administering Group Policy

56 To manage roles from a command prompt, use xx For multiple server administration, use Windows xx For single server administration, use xx For Remote Management, use xx (based on xx Standard) Use xx to collect Event Viewer logs from multiple servers Use xx for enterprise-wide management General Recommendations

57 Q/A

Download ppt "Longhorn Academy Server Management Dave & Sebastian."

Similar presentations

Ads by Google