The Infrastructure Planning and Design team is pleased to announce that the System Center 2012 - Virtual Machine Manager guide is now available for download.

Download the guide now: http://go.microsoft.com/fwlink/?LinkId=245473

This guide outlines the elements that are crucial to an optimized design of Virtual Machine Manager. It leads you through a process of identifying the business and technical requirements for managing virtualization, designing integration with Operations Manager if required, and then determining the number, size, and placement of the VMM servers. This guide helps you to confidently plan for the centralized administration of physical and virtual machines.

Infrastructure Planning and Design streamlines the planning process by:

• Defining the technical decision flow through the planning process.
• Listing the decisions to be made and the commonly available options and considerations.
• Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.
• Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

Tell your peers about IPD guides! Please forward this mail to anyone who wants to learn more about Infrastructure Planning and Design guides.

Download the guide now: http://go.microsoft.com/fwlink/?LinkId=245473

Join the IPD Beta Program
Subscribe to the IPD beta program and we will notify you when new beta guides become available for your review and feedback. These are open beta downloads. If you are not already a member of the IPD Beta Program and would like to join, follow these steps:

1. Go here to join the IPD beta program:
   https://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14
   If the link does not work for you, copy and paste it into the web browser address bar.
2. Sign in using a valid Windows Live® ID.
3. Enter your registration information.
4. Continue to the IPD program beta page, scroll down to Infrastructure Planning and Design, and click the link to join the IPD beta program.

Stay tuned for other System Center 2012 guides releasing for beta feedback!

Already a member of the IPD beta program? Go here to get the latest IPD beta downloads:https://connect.microsoft.com/content/content.aspx?ContentID=6556&SiteID=14

Related Resources
Check out all the Infrastructure Planning and Design team has to offer! Visit the IPD page on TechNet,http://www.microsoft.com/ipd, for additional information, including our most recent guides.

The Microsoft® Private Cloud Fast Track Program is a joint effort between Microsoft and its hardware partners. The goal of the program is to help organizations decrease the time, complexity, and risk of implementing private clouds. The program provides:

1. Reference implementation guidance: Lab-tested and validated guidance for implementing multiple Microsoft products and technologies with hardware that meets specific, minimum, hardware vendor-agnostic requirements. Customers can use this guidance to implement a private cloud solution with hardware they already own or purchase. The guidance set consists of the following downloadable documents:
   • Reference Architecture Guide: This guide details a reference architecture that incorporates many Microsoft product and consulting team best practices. The architecture is the foundation for a highly available, scalable, secure, and manageable private cloud with high performance. While all organizations will find it of value, it will prove most useful to medium through large enterprise environments.
   • Reference Deployment Guide: This guide provides detailed installation and configuration steps to deploy the physical architecture detailed in the reference architecture guide.
   • Reference Operations Guide: This guide includes many of the operational tasks that are often executed in a private cloud environment.
2. Reference implementations: Microsoft hardware partners define physical architectures with computing, network, storage, and value-added software components that meet (or exceed) the minimum hardware requirements defined in the reference implementation guidance. Each implementation is then validated with Microsoft and made available for purchase to customers. Further details can be found by reading the information at Private Cloud How To Buy.

The customer has the choice of building the solution by using the reference implementation guidance or purchasing a reference implementation from a Microsoft hardware partner that couples the guidance with optimized hardware configurations. Although both options decrease the time, cost, and risk in implementing private clouds, purchasing a reference implementation from a Microsoft hardware partner will result in the fastest, lowest-risk solution. This is because in this option, all of the hardware and software best practice implementation choices have been determined by Microsoft and its hardware partners’ engineering teams. As a result, this will often also prove to be the most inexpensive option.

The private cloud model provides much of the efficiency and agility of cloud computing in addition to the increased control and customization that is achieved through dedicated private resources. With the Microsoft Private Cloud Fast Track Program, Microsoft and its hardware partners can help provide organizations with the control and flexibility required to reap the potential benefits of the private cloud.

http://technet.microsoft.com/en-us/jj572811

Overview

The Microsoft Assessment and Planning Toolkit (MAP) is an agentless, automated, multi-product planning and assessment tool for quicker and easier desktop, server and cloud migrations. MAP provides detailed readiness assessment reports and executive proposals with extensive hardware and software information, and actionable recommendations to help organizations accelerate their IT infrastructure planning process, and gather more detail on assets that reside within their current environment. MAP also provides server utilization data for Hyper-V server virtualization planning; identifying server placements, and performing virtualization candidate assessments, including ROI analysis for server consolidation with Hyper-V. Learn more.
MAP is one of the tools provided by the Microsoft Solution Accelerators team. The Microsoft Assessment and Planning Toolkit, Microsoft Deployment Toolkit, and Security Compliance Manager provide tested guidance and automated tools to help organizations plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. All are freely available, and fully-supported by Microsoft. Learn more.
The MAP Toolkit includes the following components:

• Microsoft_Assessment_and_Planning_Toolkit_Setup.exe. Installation package containing the tool, release notes, Getting Started Guide and toolkit help (chm file).
• readme_en.htm. Available as a separate download. Provides information to read before installing the MAP Toolkit, including installation prerequisites and known issues.
• Getting_Started_Guide.en.doc. Provides information about toolkit installation, environment preparation, and assessment scenarios supported by toolkit wizards and the UI.
• MAP_Sample_Documents.zip. Available as a separate download. Contains sample reports and proposals.

http://www.microsoft.com/en-us/download/details.aspx?&id=7826

I installed Win8 RTM last night on my primary work machine, a Samsung 700T tablet.

I did all my customizations, installed Office and such…and then went out to the store to grab all the apps I had already installed previously (Win8 does a really nice job of keeping track of this for you…install a new machine, login with your live credentials and it ‘knows’ what you’ve already downloaded on that or other machines…).  I found this Flight Aware app…for those that spend any amount of time in the airports, you’ll appreciate this one too.  It will at least give you something sorta fun and relevant to do while your delayed somewhere. 

Check it out:

One of the great new features in Windows Server 2012 is Data Deduplication.   There’s a cool tool that allows you to see what kind of savings you’d get on a particular volume.  You can see more details on dedup, including this feature here:

http://technet.microsoft.com/en-us/library/hh831700.aspx

When the deduplication feature is installed, the DDPEval.exe tool is automatically installed to the \Windows\System32\ directory. This tool can be copied from any Windows Server® 2012 installation and then run on Windows 7, Windows Server 2008 R2, or Windows Server 2012 systems to determine the expected savings that you would get if deduplication was enabled on a particular volume.

DDPEval.exe can be run using the following command syntax for any given folder. DDPEval.exe supports local drives and also supports evaluating mapped or unmapped remote shares.

One folder that you’d want to try this one for sure is your VMM Library.  Here’s what happened with mine.  Definitely something to think about as you start installing Server 2012 and System Center 2012.  Since VMM 2012 SP1 requires installation on Server 2012, you might want to consider a dedicated volume for the VMM library (if you don’t do that already) and enable dedup.

In my case, I have almost 100GB in my library.  Dedup optimized that to around 16GB at a 82% space savings!

Infrastructure Planning and Design Guide for System Center 2012 - Operations Manager

The Infrastructure Planning and Design team is working on a new guide:System Center 2012 - Operations Manager. Get the beta by visiting the Connect website athttps://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14.

This guide outlines the infrastructure design elements that are crucial to a successful implementation of Operations Manager. It guides you through the process of designing components, layout, and connectivity in a logical, sequential order. You’ll find easy-to-follow steps on identification and design of the required management groups, helping you to optimize the management infrastructure.

Download the Beta!Get theInfrastructure Planning and Design Guide for System Center 2012 - Operations Managerby visiting the Microsoft Connect website athttps://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14.

Tell us what you think! Download and review the beta guide and then send your feedback toIPDfdbk@microsoft.com byAugust 29th, 2012. We would especially appreciate feedback in the following areas:

• Usefulness– Is the technical depth of this guide sufficient for the topics covered? Will this guide be useful to you on a day-to-day basis? What portions of the guide are the most useful to your organization?
• Usability– Is the structure or flow of this guide effective? Is the information presented in a clear and logical manner? Can you easily find key content?
• Impact– Do you anticipate that this guide will save you time and accelerate deployment of Microsoft products in your organization? Has this guide had a positive influence on your opinion of the Microsoft technologies it addresses?

Benefits for participation:

• You get an early look at the guide.
• You will be listed on the acknowledgments page for providing usable feedback.

We look forward to hearing from you! Your input helps to make each guide as useful as possible. Thanks in advance for taking the time to review theInfrastructure Planning and Design Guide for System Center 2012 - Operations Manager.

Infrastructure Planning and Design streamlines the planning process by:

• Defining the technical decision flow through the planning process.
• Listing the decisions to be made and the commonly available options and considerations.
• Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.
• Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

Tell your peers about IPD guides!Please forward this mail to anyone who wants to learn more about Infrastructure Planning and Design guides.

Join the Beta Program

Subscribe to the IPD beta program and we will notify you when new beta guides become available for your review and feedback. These are open beta downloads. If you are not already a member of the IPD Beta Program and would like to join, follow these steps:

1. Go here to join the IPD beta program:
   https://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14
   If the link does not work for you, copy and paste it into the web browser address bar.
2. Sign in using a valid Windows Live ID.
3. Enter your registration information.
4. Continue to the IPD program beta page, scroll down to Infrastructure Planning and Design, and click the link to join the IPD beta program.

Already a member of the IPD beta program? Go here to get the latest IPD beta downloads:https://connect.microsoft.com/content/content.aspx?ContentID=6556&SiteID=14

Related Resources

Check out all that the Infrastructure Planning and Design team has to offer! Visit the IPD page on TechNet,www.microsoft.com/ipd, for additional information, including our most recent guides.

Hello Partners!

Make sure that you check out the Partner Learning Plans site and register for all the Server 2012 on-demand training for Windows Server 2012.

http://www.microsoftlearningplans.com/

Click on a link below to launch an interactive guided lab that will help you evaluate the Microsoft private cloud core capabilities of Infrastructure Management, Service Delivery & Automation, and Application Management.

The following guided labs require Silverlight.

Guided Labs

Lab 1: Provide Resources through self-service requests

This demo addresses creating and publishing new requests for cloud capacity resources in a service catalog and requesting new cloud resources with the service request form.
View Lab 1 as .wmv | View Lab 1 script as .pdf

Lab 2: Drive consistent service delivery

This demo addresses showing a request being routed to the Virtual Machine Manager administrator for fulfillment, demonstrating integration to drive systems automation, and showing process management for delivery of service.
View Lab 2 as .wmv | View Lab 2 script as .pdf

Lab 3: Provision additional cloud infrastructure

This demo addresses performing a bare-metal deployment of a Microsoft Hyper-V host, creating a new logical network and IP pool, and adding a new host to an existing cluster.
View Lab 3: as .wmv | View Lab 3: script as .pdf

Lab 4: Delegate cloud resources

This demo addresses creating private cloud resources and creating and modifying a user role.
View Lab 4 as .wmv | View Lab 4 script as .pdf

Lab 5: Create consistency through service templates

This demo addresses creating a virtual machine template, adding an application, and creating a service template with Service Designer, a component of Microsoft System Center 2012.
View Lab 5 as .wmv | View Lab 5 script as .pdf

Lab 6: Perform a standardized application deployment to test

This demo addresses configuring a service deployment and deploying the service.
View Lab 6 as .wmv | View Lab 6 script as .pdf

Lab 7: Stage application resources

This demo addresses using the App Controller component of Microsoft System Center 2012 to manage application resources.
View Lab 7 as .wmv | View Lab 7 script as .pdf

Lab 8: Self-service deployment of an application to a production environment

This demo addresses deploying a new application and exploring dynamic, on-demand configuration options.
View Lab 8 as .wmv | View Lab 8 script as .pdf

Lab 9: Gain insight and visibility through reporting

This demo addresses accessing reports in Service Manager and creating and sharing reports.
View Lab 9 as .wmv | View Lab 9 script as .pdf

Lab 10: Monitor infrastructure

This demo addresses network monitoring and visualization and reporting.
View Lab 10 as .wmv | View Lab 10 script as .pdf

Lab 11: Taking corrective actions in the infrastructure

This demo addresses seeing a holistic view of cloud and network health and performing an automated remediation.
View Lab 11 as .wmv | View Lab 11 script as .pdf

Lab 12: Reduce time to resolution with application performance monitoring

This demo addresses configuring application performance monitoring, creating a dashboard, and gaining deeper application insight.
View Lab 12 as .wmv | View Lab 12 script as .pdf

Lab 13: Deploy an update to service instance

This demo addresses modifying a service template and applying an in-place update.
View Lab 13 as .wmv | View Lab 13 script as .pdf

Lab 14: Explore creating dashboards

This demo addresses creating private cloud resources and creating and modifying a user role.
View Lab 14 as .wmv | View Lab 14 script as .pdf

Next Steps

Build a Microsoft private cloud using free trial software

Review licensing and purchasing options

How to buy a Microsoft private cloud

Well, here it is.  Grab it now!!

For those of you who are already running Windows Server 2012 – don’t forget that you can preview the Azure Online Backup Feature for free for 6 months.

Here’s how you get started:

Open Windows Server Backup and click on the “continue” button which will launch a page that gets you to create a Azure Active Directory Account:

From here, set up your account.

Once you get logged in, you’ll see your Azure Online Backup Account being provisioned:

Once that’s done (just takes a few minutes…) click ‘manage’ and get started.

From here you’ll download the agent and install on the server/servers that you want to backup:

You’ll notice that you get a healthy 300GB of storage to use.

Once you download the agent and get it installed, restart Windows Backup and You’ll see some new stuff in there. 

Just follow the directions to register your server, generate a passphrase, enter your credentials and you’re ready to go.

From here, you can start doing backups!  You can set schedules and you also get an option to back them up at a point in time should you need to.

You also get the ability to throttle the network if you need to do that.

Have fun!

We released some new management packs (MPs) last week for Operations Manager to monitor Windows Server 2012.

REMINDER: Windows Server 2012 can only be monitored by an Operations Manager 2012 or 2012 SP1 agent please refer to this blog post for more information.

http://blogs.technet.com/b/momteam/archive/2012/09/05/windows-server-2012-system-center-operations-manager-support.aspx

System Center Monitoring Pack for Windows Server Operating System (6.0.6989.0)

http://www.microsoft.com/en-us/download/details.aspx?id=9296

System Center 2012 Monitoring Pack for Microsoft Windows Server 2012 Internet Information Service 8

http://www.microsoft.com/en-us/download/details.aspx?id=34767

System Center 2012 Monitoring Pack for Microsoft Windows Server 2012 AD RMS

http://www.microsoft.com/en-us/download/details.aspx?id=34766

System Center 2012 Monitoring Pack for Microsoft Windows Server AD CS 2012

http://www.microsoft.com/en-us/download/details.aspx?id=34765

I had a few Partners I was working with tell me that they were having some problems figuring out how to get Azure Connect working.  Specifically, they wanted to connect a physical or VM on-premise to a VM in Azure and allow them to communicate by IPV6 or hostname.  Now, turns out this isn’t all that complicated but the documentation that exists assumes you know your way around Visual Studio and how that interfaces with Azure.  For those of us that don’t know VS and don’t have a lot of experience with Azure…but just want to get this working…this is for you. :)

NOTE: Now, this blog post isn’t the place to go deep into all the various connectivity options available in Azure, but essentially you have some hardcore VPN type capabilities so that you can get broader access – similar to how you would setup a remote office for example.  Azure Connect is a client based mechanism which allows you to create groups of computers – either physical or VM…and on-premise and in Azure that can ‘talk’ to each other via IP and hostname.  Before you get too much further, Azure Connect is 100% IPV6.  So, make sure that you have that running and enabled at least on the endpoints that you are going to be working with otherwise none of this will work properly.

This Video, in about 3 minutes, will help you better understand the Azure VPN/Connectivity Options

Easy VPN – Using Azure Connect to Create a Secure Network Connection between two on-premise machines

If you read some of the instructions, it seems to be pretty straightforward.  THIS is probably the best documentation on how to do this that I’ve seen thus far – except it assumes that you know how to finesse a Visual Studio Azure Cloud Project, which many folks trying to do this task – hard core infrastructure folks – don’t have much or any experience with.

So, without re-doing then entire TechNet article I just referred you to – I’ll fill in a few of the blanks as I’ll admit, I’m not a Visual Studio guy either…so I just had to bang my head against it a little and eventually figured out the one check-box I needed to uncheck to make everything work perfectly.

GETTING STARTED:

First thing – you obviously need access to an Azure subscription and you have to enable the VM Preview.  I walk through that as well as how to interface Azure VM’s with System Center App Controller in THIS post.  At the time I published this, the most current System Center release is the SP1 Beta.  You have a few options – you can setup the 90 day free trial OR if you have a MSDN subscription you get access to Azure, which is what I’m using.

Most of where you are setting this up is in the old-school Azure Management Console (not the new preview console) and in Visual Studio.  I used Visual Studio 2012 and the downloaded the Azure SDK.  The Azure SDK’s can be found here.

If you’re not sure how to get back to the old-school GUI you simply click on the green “PREVIEW” button in the new console and it will give you the option to go back:

I have a MSDN subscription, so I used the “Ultimate” SKU but you can use less than that.  The SDK installation is pretty straightforward and probably the biggest obstacle I faced was figuring out how to get started with an Azure Cloud Service Project from the “New Project” wizard.  The GUI defaults to .NET Framework 4.5…and no Azure stuff shows up in there.  You have to pull that drop down at the top and select .NET Framework 4…Ah, now you see it!

From there, I choose the Visual Basic (I tried it with C#, works as well) Worker Role.  Notice that if you want to rename the worker role (and you probably do) to something more identifiable then you have to click the pencil icon in this GUI to make that change:

Now, once your in the project there’s only a few things that you have to do before publishing it.

First, Import your Azure Subscription into VS.  The process is pretty self-explanatory – just go into your Azure Management Console (the old school one) and copy/paste your subscription ID into VS.

Once you do this – VS will enumerate the VM’s that you have created in Azure.  I’ve underlined a few key areas that you have to pay attention to here.  First of all highlight your VM in the server explorer and then in the Solution Explorer double click or right click for properties on the WorkerRole that you created for this project.  It will bring up what you see in the middle here.

UNCHECK THE DIAGNOSTICS.  You don’t need it to create this service and you’ll get warnings/errors when the project builds/publishes.

The other thing that you’ll have to do in here is in the properties of the WorkerRole (middle of the screen) you need to click down to the Virtual Network settings.  From here, you need to get the activation token from your Azure Management Console.

Here’s where you get the activation token that you’ll paste into that field.  When you click the icon, it will give you the code to paste.

If you did that last part right, when you click back to the “Settings” tab in the WorkerRole, you should now see your Token:

Now you can publish your service to Azure.  Just go to the BUILD menu and choose PUBLISH for your Azure Project – it will start the process and you’ll eventually see it in Azure.

OK, NOW WHAT?

Go back and follow the directions in the TechNet Guide I referenced as far as how to setup the local endpoints, etc…  It’s spot on there.  But basically, in the Azure Management Console –> Virtual Network you’ll see the “Install Local Endpoint” icon.  You will want to install this on both the on-premise physical or virtual machine as well as the Azure VM. 

Once you do, you’ll see them populate in the GUI:

The next step, and this is also well documented in the TechNet article is to create the Group so that everything can communicate with each other.

You click on the “Create Group” icon in the screen above to do this.  From here you add the endpoints that Azure sees – in my case ‘labmgmt.virt.lab’ is my domain joined machine running on-premise and knlazurevm is, well, the Azure VM.  You’ll want to check the box to allow connections between endpoints in the group and then of course you add in your Azure roles that you created in Visual Studio and published to Azure.

What will happen at this point is that you should see your Azure connect tray icons lighten up.  If you’re impatient like I am, you can right-click on the icon and choose the ‘refresh policy’ and it should come to life.

Now, you should be able to ping FROM on-premise TO Azure using the Role Instance ID’s.

You’ll get an IPV6 reply:

Now FROM the Azure VM TO the on-premise physical/VM you should be able to ping by hostname or FQDN:

FROM the on-premise physical/VM TO the Azure VM you can ping by name as well:

Now you could create, for example, a SharePoint instance in Azure and connect that using the FQDN of the SQL Server that will backend that running on-premise.

CONNECTING AZURE VM’S TO ACTIVE DIRECTORY ON-PREMISE:

Now, if you want to make it real fun – connect your Azure VM’s to your on-premise AD.  To do this, you’ll need to install that local endpoint from the Azure Management GUI to one of your domain controllers.  Now, you’ll see it show up in the endpoints screen we talked about above.  You now need to go in and EDIT your endpoint group and then add in your domain controller so that it can talk to everyone as well.

In the Azure VM, you’ll need to make one change to the IPV6 DNS so that it can see your on-premise DC.

In the Azure VM – do a ping to the FQDN of your DC.  Copy that IPV6 address and in the network properties of your NIC change the default IPV6 DNS server to the one that matches your on-premise DC.

Now, you’ll be able to add your Azure VM’s to your on-premise Active Directory!

Here’s a fun screenshot – my Azure VM that’s domain joined, logged in as a domain administrator and using some AD tools:

Something else that’s kinda fun is the ability to now (with on-premise computers that have Azure Connect installed and are added to the same group) use on-premise Server Manager to connect and manipulate VM’s in Azure.  In my case, I setup a new group called “AZURE SERVERS” and was able to add the ‘knlazurevm’ by hostname.  Now I can manage my Server 2012 instances in the ‘cloud’ the same way I do my on-premise.  Nice!

Good stuff!   

Have fun and enjoy!

We are pleased to announce that System Center 2012 Update Rollup 3 (UR3) has been released.  Keeping with our currently schedule of releasing update rollups quarterly, Update Rollup 3 provides updates for issues that have been reported to Microsoft.

This update contains updates for Service Manager, Data Protection Manager, and Operations Manager.  This also marks the first time that Data Protection Manager and Operations Manager updates have been released via Microsoft Update (MU).

Issues that are fixed in Update Rollup 3 for System Center 2012

Update Rollup 3 for System Center Operations Manager 2012 (KB2750631)

Get-BPAModel is not recognized as the name of a cmdlet.

Issue 3
When you try to change a URL in the "web application availability monitoring" template instance, the change is not applied.

Update Rollup 3 for System Center Service Manager 2012 (KB2750615)

You can find more details and instructions for obtaining and installing the update rollup on the associated KB article here:

http://support.microsoft.com/kb/2756127

Thank you all for your feedback on these issues.  Please continue to create support cases for issues that you encounter so they can be triaged for inclusion in future cumulative updates or service packs.

http://technet.microsoft.com/en-US/evalcenter/jj659306.aspx?wt.mc_id=TEC_133_1_7

Windows Server 2012 Essentials (formerly Windows Small Business Server Essentials) is a flexible, affordable, and easy-to-use server solution designed and priced for small businesses with up to 25 users and 50 devices that helps them reduce costs and be more productive. Windows Server 2012 Essentials is an ideal first server, and it can also be used as the primary server in a multi-server environment for small businesses.

Windows Server 2012 Essentials enables small businesses to protect, centralize, organize and access their applications and information from almost anywhere using virtually any device.

Need more information? See the product details page .

StorSimple is the most adopted storage solution with Windows Azure. StorSimple offers:

• An appliance that connects Windows Servers to Windows Azure storage
• Automatic archiving with Windows Azure storage
• Elastic storage with Windows Azure
• Backup and restore with Windows Azure data protection

Offer Details

The offer includes two components: a Windows Azure storage discount and a solution from StorSimple at no additional cost.

$100K Offer and a $50K Offer

• Special Priced Windows Azure Storage:
  • $100K/year on Azure EA for storage
    • Covers 100TB of Azure storage through StorSimple appliance for most use cases
    • Note: This is an approximate amount of storage. This varies based on discounts, Azure storage type selected (local vs. geo replicated) and usage of other Azure services
• Free StorSimple Solution
  • Option-1: 7020 Appliance
    • Gold support for 3 years with NBD parts
  • Option-2: 7520 Appliance
    • Gold support for 1 year with NBD parts
• Additional Costs
  • Option-1 – 7020 with 3 years of support
    • Additional $7,500 for upgrade to platinum support for 3 years
    • Additional $10,000 for upgrade from 7020 to 5520
  • Option-2 – 7520 with 1 year of Gold Support
    • $7,500 per year for Gold support in yrs. 2 & 3
    • Additional $2,500 per year for upgrade to platinum support
  • Note: Xyratex will charge the customer directly

• Special Priced Windows Azure Storage:
  • $50K/year on Azure EA for storage
    • Covers 50TB of Azure storage through StorSimple appliance for most use cases
    • Note: This is an approximate amount of storage. This varies based on discounts, Azure storage type selected (local vs. geo replicated) and usage of other Azure services
• Free StorSimple Solution
  • 7020 Appliance
  • Gold support for 1 year with Next Business Day (NBD) parts
• Additional Costs
  • $5,000 per year for Gold support in yrs. 2 & 3
  • Additional $2,500 per year for upgrade to platinum support
  • Additional $10,000 for upgrade from 7020 to 5520
  • Note: Xyratex will charge the customer directly

NOTE: This offer is available for a limited time until March 31, 2013.

The IT Pro Evangelism team, Microsoft Learning and the Microsoft Virtual Academy are pleased to announce the next Jump Start course Microsoft Tools for VMware Integration & Migration on Thursday, March 14^th from 8am – 12pm PST. 

This is a live, public, free, online event so ask your customers to sign up today: http://aka.ms/vmtools.  This event will be recorded and available on the Microsoft Virtual Academy (MVA) several weeks later, so even if you cannot make the live event, sign up so that you receive a notification once the course is available on the MVA.

This course is designed for IT professionals who need to manage, monitor and automate VMware in their datacenter using System Center 2012 SP1.  During this half-day Jump Start, Microsoft Technical Evangelist Symon Perriman (MCSE and VMware Certified Professional) will be joined by four different Microsoft and VMware experts during the team-taught learning experience.  First, Eric Winner will share how Virtual Machine Manager (VMM) and App Controller can run VMware infrastructure, hypervisor and VMs.  Next Michael Stafford from Veeam will show how the Veeam Management Pack for Operations Manager monitors and reports on the VMware infrastructure.  Third, Justin Incarnato demonstrates how VMware can be integrated and automated using Orchestrator.  Finally, Anupama Vedapuri walks through the Microsoft Virtual Machine Converter (MVMC), a free Solution Accelerator that converts VMware-based VMs and disks to Hyper-V.

Agenda

·         8am – 9am | Manage VMware with SC2012 SP1 Virtual Machine Manager

·         9am – 10am | Monitor VMware with SC2012 SP1 Operations Manager and Veeam

·         10am – 11am | Automate VMware with SC2012 SP1 Orchestrator

·         11am – 12pm | Migrate VMware VMs using Microsoft Virtual Machine Converter (MVMC)

Tweet: Free #MSJumpstart course on #Microsoft tools for #VMware integration & migration on 3/14 Register http://aka.ms/VMtools  #VMM #SC2012

Also check out previous virtualization Jump Start events which are now available on the MVA:

·         “Introduction to Hyper-V” Jump Start (with Symon Perriman and Jeff Woolsey) 

·         “Microsoft Virtualization for VMware Professionals” Jump Start (with Symon Perriman and Matt McSpirit)

I seem to be getting a lot of requests for these reports lately so I thought I’d document the URL to find these for reference on this blog.

http://www.microsoft.com/en-us/server-cloud/datacenter/virtualization-enterprise-applications.aspx

Most recently, the addition of Exchange 2013 performance on Hyper-V was just posted:

Summary of the testing is:

ESG Lab performed hands-on testing of a virtualized tier-1 Exchange 2013 application workload. The workload used was designed to emulate thousands of Exchange users performing typical activities including sending and receiving e-mails, making calendar entries, updating contacts, and managing to-do lists. The storage activity of up to 48,000 typical Exchange users was tested using a single physical server hosting up to twelve Windows Server 2012 Hyper-V virtual machines.

Key findings included:

· Windows Server 2012 with Hyper-V supported the needs of 48,000 emulated Exchange mailboxes.

· Performance scaled linearly from two to 12 virtual machines on a single server, as sustained IOPS reached a maximum of 5,894—over 60% more than the targeted IOPS rate of 3,600.

· Response times remained manageably low reaching a maximum of 15.31 milliseconds. This was well under the Microsoft maximum threshold guideline of 20 milliseconds for Exchange database reads.

· The I/O efficiency improvements in Exchange 2013 reduce the cost of delivering e-mail support in mixed virtual server environments. ESG Lab supported up to 48,000 mailboxes on 12 virtualized Exchange servers on a single Dell M620 blade server.

ESG Lab confirmed that the improved IOPS performance efficiency of Exchange 2013 and the manageably low IOPS overhead of Microsoft Server 2012 with Hyper-V can be used to consolidate tier-1 e-mail application workloads with confidence. A single server hosting a virtualized Exchange infrastructure deployed within twelve Hyper-V virtual machines supported the I/O requirements of up to 48,000 simulated Exchange users with excellent response times.

I'm not a Linux guy...know very little but was able to pretty quickly get a CentOS 6.5 VM managed by both SCCM and SCOM 2012 R2. I did run into a few 'gotcha's' and thought I'd share here to hopefully save some of you the same experience...

You can use Kevin Holman's Blog post here as a backdrop for the basic steps.

http://blogs.technet.com/b/kevinholman/archive/2012/03/18/deploying-unix-linux-agents-using-opsmgr-2012.aspx

You need to create the Linux Resource Pool, certificate stuff (in my lab I have only 1 management server so that part is easy - you just run the export command in the blog post...and that's it) and then run the discovery process.

One important thing I missed up front is that the Linux VM needs to be able to resolve via DNS.  There is an IP lookup in the discovery wizard, but you need to have A and PTR records associated with the machine in DNS.  In my case, I created a static A record pointing the hostname I assigned during the CentOS setup to the OS with it’s IP address.  I clicked the checkbox to create the associated PTR record.  If you don’t create the PTR record you’ll get an error during the discovery (meaning, it won’t find anything).

A couple things you’ll need to do to the VM:

1) Make sure SSH is running.  That’s how you will connect to it via SCOM.

2) You may run into a firewall issue – you’ll either want to disable it (lab) or poke holes.  SCOM needs ports 22 and 1270 open to communicate with the VM for discovery/management.

3) OpenSSL needs to be installed/running as well.

The one thing you will have to do is make sure you have the latest/greatest Linux/UNIX MP's installed.

http://www.microsoft.com/en-us/download/details.aspx?id=29696

Click the download link and make sure you scroll down a bit to pull the R2 bits down.

You will then import these MP’s into SCOM 2012 R2.  You should get to this version.  The key for CentOS is getting the Universal MP’s installed.  I went ahead and installed others as well…future proofing myself.   1021 is the version that you’ll get from the above download.

After a successful discovery you’ll click the “MANAGE” link and it will install the agent and put the OS under management.

By the way, if you are interested in getting this working with SCCM (2012 R2 agent installed and managed by SCCM) – there is a great tutorial here. 

http://www.windows-noob.com/forums/index.php?/topic/9357-how-can-you-manage-linux-based-clients-in-system-center-2012-r2-configuration-manager/

I finally got around to doing this in my lab last week.  Overall, pretty straightforward install, especially if you follow the blog post authored by Anders HERE.

Another good link from TechNet here – including links to the Web Platform Installer to get WAP started.  http://technet.microsoft.com/en-us/library/dn296439.aspx

Azure Pack setup success!!

A few things worth noting from my experience (and I’ll update this blog as I add more too my lab setup)

• You can get WAP and SPF on the same server.  No issues there.
• The SPF install comes off the Orchestrator Install media.  Mount the Orchestrator R2 ISO image and navigate to the SPF folder and click the setup.exe

• In my case, I ran VMM on a separate server (you’ll need to VMM console installed on the SPF/WAP server) and that VMM server manages a Hyper-V host that I’m using to deploy VM’s.
• IMPORTANT:  Make sure you get everything updated to System Center 2012 R2 UR2.  INCLUDING SPF!!  There’s a separate update specifically for SPF.  I had an issue that was a pain to troubleshoot (thanks to the product team dev folks for the quick assist) because I had not installed the SPF UR2 update to the WAP/SPF server.  I had installed the UR2 for Orchestrator web service but that was not needed/required.  Also make sure that you don’t forget to apply the SQL script for UR2 to the VMM database.  You won’t be able to provision VM’s if you don’t do that.

Otherwise, the install is pretty straightforward.  Just make sure you read through the setup guide first to prepare for any steps that you need to do in advance or can do in parallel to save you some time.

One thing that’s worth doing is getting your VM setup with Server 2012 R2, latest updates, get Azure Pack installed but not configured as well as SPF with the appropriate updates and then create a checkpoint on the VM.  It was nice to have that checkpoint available to go back to when I messed up my configuration the first time and didn’t have to spend a half hour again on those installation steps.

Next step is getting RD Gateway going (required for RDP connections), some add-ons, connecting with Service Manager and whatever else I can find. 

Here’s the main System Center 2012 R2 UR2 link.  You can download all the packages there for install.  If your servers are set for automatic updates, they’ll get pulled down there too so check first to see if they are already installed.

http://support.microsoft.com/kb/2932881

Have fun!!

I wanted to provide a walk-through of what the current set of tools provides in terms of setting up and sharing documents via RMS.  For more detailed information on RMS check out the TechEd 2014 session delivered by Enrique Saggese, a Program Manager on the RMS team.

Deploying RMS for Cloud-Friendly and Cloud-Reluctant Organizations

First thing you need to do is go to the Azure RMS Portal and download the latest RMS application for your device.   https://portal.aadrm.com/  If your company is already using RMS, either on premise or in the the cloud with Azure RMS you will be able to ‘connect’ the RMS client to your existing templates.  The RMS client also seamlessly integrates with the Office 2013 suite.

Outlook Integration:

Office Apps (Word, Excel, etc…) integration:

With the RMS client, you can connect to existing templates created by your administrators either on Windows Servers running the RMS feature or Azure RMS.

In my case above, I have an O365 tenant I demo from and I’ve configured the templates using Azure RMS.  The first time you open the RMS client you’ll see the option to ‘connect to RMS service…’ in the place where you see my existing templates.  Once it’s made the connection from that point on, you’ll see the actual templates available when you use the RMS client.

Now, lets go to the RMS portal and setup our account and download the client.  If your organization is already using Azure Active Directory, then you won’t need to setup a new account – the RMS client will simply start working with your existing RMS setup.

If your organization is already configured to work with Azure AD, then you might see a message like this after entering your email address:

In which case, once you click ‘NEXT’ you will be prompted to authenticate with your credentials associated with that email (assuming it’s a corporate login for example) and you’ll see the following screen where you can download the RMS client to your computer:

Now, if you don’t already have and account you’ll still see a similar screen – you just won’t see the few previous screens that tell you that your company is already configured for RMS.  But still, you’ll be able to download the RMS client to your machine and start using the service.

Once the RMS client is installed you’ll see new context menus when you right click on items.  Let’s create a document in Word and save it on the desktop.  The first option is to “Share Protected” which essentially launches the RMS client and allows you to enter email addresses (LiveID’s, gmail, yahoo, outlook.com, etc… are not accepted at this time) and assign permissions to the recipient.

RMS will protect the document then open Outlook to send the email.

When the recipient receives the email one of a couple things will happen.  If their user account is already in Azure AD (let’s say they are an existing O365 customer which would be the most common scenario), then they will be able to open the document in Word without having to set anything else up.

If the email domain of the recipient is not in Azure AD, then per the email they will be sent out to the sign-in page to create an account.

After they sign-up they will receive an email asking them to continue on to complete the sign-in process.

The recipient will then fill in a few pieces of information:

It takes a few seconds to provision the account then the recipient is passed along to the page where they can download the appropriate RMS client for their platform.

Now when the recipeient opens the protected document they are prompted for the credentials they just created for the RMS client:

The recipient now has ‘view’ only access as given using either the RMS client reader or Word 2013.

Ah, what a beautiful site this is!  With RRAS on Server 2012 R2 and Azure – it’s never been easier to get a Site-to-Site VPN up and running!  Here’s how…

I setup a S2S VPN using this configuration in my lab today and thought I’d throw a quick post together walking through the current configuration for 2012 R2.  I did some searching around on my own for a quick tutorial but wasn’t able to find anything current.  So, here we go.

First things first.  You need the right kind of connectivity from your RRAS internet endpoint to Azure.  Specifically some UDP ports and IP Protocol Type=ESP (value 50).  If these aren’t open on your RRAS internet IP address then the connection won’t work.  So, if you are running this off your home network for a lab like I am – make sure that your internet provider supports this before you get too far down the path.  For me, I’m using ATT Gigapower and have a small subnet of static IP’s.  I assigned one of the static IP’s to the internet facing adapter on my RRAS VM and away it went.

Here’s a good article on what ports you need for VPN for various scenarios.

One tool that I found quite helpful for determining what ports were open/listening was PortQuery GUI.

PortQuery is dead simple to use and effective.  You’ll just want to make sure that the UDP ports are open and listening.

A good utility to use to troubleshoot connectivity from the RRAS server is WireShark.  It’s similar to Network Monitor – but a little easier to use.  If you’re not familiar with packet/network analyzer tools it might be a little much – but it can/will provide some useful information to anyone that is helping you troubleshoot any connectivity issues you might be facing.

Step 1:

• Install Windows Server 2012 R2.
  • You don’t need to install the RRAS components.  The script you will download from Azure later will do all of that for you.  Just get WS2012 R2 running, get all the updates, etc…
  • Configure your network adapters for RRAS.  You will need to two of course.  I simply labeled them “WAN” and “LAN”. 
  • You will want to remove the default gateway from the LAN side interface.  This will ensure any traffic hitting that interface gets routed out the WAN vs going back to your default gateway.  Now, there are other ways to accomplish this – for example, if your existing default gateway has the ability to assign static routes…but for a lab scenario like I have – it was easier to just remove the gateway and configure static routes on all my hosts to point to the RRAS LAN interface when they hit the IP range out in Azure.
  • You will also want to remove some of the ‘bad things’ off the WAN network adapter that can get you into trouble.  Get rid of Client for MSFT Networks and FPR Sharing.   You will also want to go into the TCP/IP IPv4 advanced tab and disable NETBIOS over TCP/IP.  

Step 2:

• Configure your affinity group in Azure.  Azure is a globally dispersed hosting service – where do you want your VM’s to ‘live’?  In the Azure context, these are defined as “datacenters” in “regions”.
• In order to tie VM’s with virtual networks – Azure uses the Affinity Group.  An Affinity Group ties those resources to a specific region.  You probably want to pick the one closest to you if you don’t have a specific preference.
• In Azure on the left hand side menu – click “SETTINGS”.  Now click “Affinity Group” on the menu bar:

• Now we need to define a “Local Network”.  A local network defines the properties of the network where your RRAS server resides – specifically the “LAN” side.
  • In my case, I was using the 192.168.1.0/24 for my LAN. 
  • “1.1.1.1” would represent the WAN IP interface on your RRAS server.

• Now you’ll want to add the hostname/IP address of a DNS server that you want to use.  This DNS server will be added to the VM’s that come online the Azure virtual network we’ll create in a bit.  The significance of this of course is that your Azure VM’s will be able to resolve hostnames across the VPN.  This could be the IP address of an AD Domain Controller across the VPN and/or you could of course bring up a VM in Azure and make it a domain controller in which case you’d make an entry here once you did that so that your Azure VM’s would look to the DC in Azure first for name resolution.

• If you want to install DC’s in Azure – be sure to read this. 

• Now we’ve got the CorpNet side under control as far as Azure is concerned.  Next, we need to configure the Azure Virtual Network.  This diagram is basically what we are going for.  I’ll copy my exact configuration from Azure that I used as well for reference and to match it up to the Visio network diagram.

• Here is my configuration on the Azure side.  You can do something similar or come up with your own.  I just wanted to put it here so you could match it up with the Visio diagram:

• You are going to click NEW –> Networks –> Virtual Network –> Custom Create:

• Now we’re going to set any DNS servers we want our Azure VM’s to connect to (this will be a drop down box and all the DNS servers you created earlier will populate there) and we also want to enable S2S VPN.  Select the local network you created in the drop down.          

• The sky is the limit here.  Do whatever works best for you.  You can create a huge address space and then create any number of custom subnets.  You will need to click the button to add the gateway subnet as well.  This will be the default gateway IP address in your Azure VM’s you assign to this vNet.

• The next step is to create your gateway.  I forgot to take a pre-screen shot so you’ll see the option here to DELETE mine, but yours will say “CREATE”.  :)  It takes some time for the gateway to complete – so now is a good time to grab lunch, pound through some email, whatever…

• Once your gateway is created, you’ll see the gateway IP in big bold on your dashboard.

• Next step is grabbing your shared key.  Use the copy button to get it on the clipboard when needed.

• The next thing you’ll want to do is create a VM that gets placed into the vNet you just created.  You have to be a bit careful here because you need to place the VM in the right virtual network for it to be able to access resources via the VPN we are creating.  You can’t just put it anywhere and expect it to be able to communicate across the VPN.

• The final piece here is finalizing your RRAS configuration.  We’ve already got our server running, dual-homed, with the proper network configuration.  Now we just need to get RRAS installed and get the S2S VPN configured.  Luckily, there’s a script for that. :)  From your S2S VPN dashboard – look in the lower right corner.  You’ll see a link to download the VPN device script.

• Choose Microsoft/RRAS/Server 2012 and download the file.

• This is going to download a .cfg file.  The easiest way I found to edit this is to simply open it in PowerShell ISE.  You can also use something like Notepad++ to make editing easier.
• You’ve got a few variables that you need to play with here.  You’ll have to copy/paste in a few things custom to your environment to make the VPN configuration on RRAS work properly.
• I opted for the find/replace all option in PowerShell ISE.  You don’t need the brackets <> – you can remove those when you paste the IP addresses into the script.

• Here are your variables you’ll need to grab the IP info for:

• <SP_AzureGatewayIpAddress>: This is the BIG number on the dashboard for your S2S VPN in Azure.
• <SP_AzureVnetNetworkCIDR>:100: This one you have to be careful with.  Azure uses a few more addresses in a standard subnet than usual.  Let’s say in a /24 or 255.255.255.0 subnet – you get to use 252 of those address.  Azure takes 3 addresses, not just two.  So, the 252 is really 251.  This is the number you use in place of the “100” that they show in the sample variable in the script.  So, to find this – go to the ‘configure’ tab in your S2S VPN and take a look at what you have in the first line of the address space.  This is what you’ll use to populate this in the script.  In this specific example it would be:

• IPv4Subnet @("10.0.0.0/24:251")

• -SharedSecret <SP_PresharedKey>: This is an easy one.  Just copy and paste the shared key we created back a few steps ago.
• Now, save the script and run it.  You will probably see the same error message as I did – it just means that you need to go to the RRAS console and start the service on the server.  For whatever reason in my script – it didn’t restart it.  No biggie.

• Now from the RRAS console, you should see the S2S VPN connection named for your IP Gateway in Azure.  Right-click and choose CONNECT.

• Now, come back over to the Azure portal and go back to your S2S VPN dashboard and click CONNECT on the bar at the bottom of the screen: (mine says disconnect but you get the idea…)

• Once that is done you should see the connection come up on both sides and you can start moving traffic across the VPN!!
• One easy way to test connectivity is to log into your Azure VM that you created in the S2S VPN network and ping the LAN IP address of your RRAS server.  If you can’t ping that – then you’ve got something messed up somewhere. 
• Your Azure VM’s will pickup the DNS IP you assigned earlier so provided communication is working and firewalls are configured properly, you will be able to domain join those VM’s since they will have name resolution to your DNS servers as soon as they boot up.

One thing to be aware of.  Depending on your setup, you may need to configure a static route for other computers on your network to see across to Azure.  For example, if an Azure VM with an IP of 10.0.0.4 tries to ping across the VPN to a machine with an IP address of 192.168.1.50, without a static route on 192.168.1.50 to tell it how to get back over to 10.0.04 – the ping will time out.

On the 192.168.1.50 machine you’d need to add a persistent route with the command:

route add –p 10.0.0.0 netmask 255.255.255.0 192.168.1.1

Of course, 192.168.1.1 is the LAN IP of the RRAS server or any other router that you may have that knows the route to get over to the 10.0.0.0/24 network.

GOOD LUCK!!

I’m in the process of building out new scenario’s for my EMS focused lab.  RemoteApp seemed to be a natural fit here – especially the “hybrid” scenario which leverages your Azure AD/Hybrid Identity.  The endgame here is to be able to access your published applications on any device (iPad, BYOD Windows or MAC machine, etc…) using your AD credentials (ie; SSO).  In my lab, I’m even using the MFA features available in Azure so I can force multi-factor authentication on users access applications via RemoteApp. 

To whet the appetite…here’s an example – I’ve published the SCCM console via RemoteApp.  Since the deployment is Hybrid – these apps can now talk back to my on-premises services via a dedicated site-to-site VPN you’ll configure as a part of the RemoteApp configuration process.  I’m now able to download the Remote Desktop App for the iPad and connect to my applications.

Let’s get started…

• You’ll need to sign up for the RemoteApp preview if you haven’t already.  As of now, it won’t just show up in your Azure subscription.  It may take some time to get approved so don’t plan on clicking it and starting this process within a few minutes…

• http://azure.microsoft.com/en-us/services/preview/

• The next thing you want to make sure you have a handle on is what Azure AD is the default directory for your subscription.  This is what RemoteApp will use in the hybrid scenario.  This is important because, as you’ll see, the users that you will want to give access to the RemoteApp’s that you publish will come from your Azure AD.  If you are – or are planning – to do directory synchronization from your on-premises AD to Azure then it’s important that you ensure that Azure AD is the default.

• To do this – navigate to the settings section (left hand side of Azure admin portal at the bottom) and click on subscription.  The click on the “edit directory” at the bottom of the page to see which Azure AD your subscription is pointing to.  If it’s not pointing to the one where your users are – then you’ll need to change it.

• Next, for the hybrid scenario you’ll need to make sure that your environment can support a site-to-site VPN connection from Azure.  If you are building this out in a lab like I am (ie; your house/residential internet) then you’ll need to make sure you have the right ports open to make this work.  I am running mine out of my home network as well – but I use ATT Gigapower and I have a small subnet of static IP’s that allowed me to create a RRAS server and pin up a VPN to Azure with no issues.  You can check out my recent post on how to configure a S2S VPN using RRAS and Azure.

• There’s a link in the early part of the above blog post that shows the ports you need to have open as well as some tools you can use to ensure the right ports/protocols are working remotely.  It’s easiest to use an Azure VM to test from since its obviously outside your network and can simulate accurate remote connectivity.

Alright, let’s get started on the RemoteApp configuration in Azure…

• These parts have been pretty well covered and I’ll link a couple other blog posts here to follow their step-by-step instructions since they are well done and accurate. (no need to recreate the wheel here).  I just wanted to make sure that everyone understood that there are VPN considerations here as well as understanding which AD RemoteApp will point to and how to change that if it’s not set to how you require for your hybrid configuration to work properly.

• Step-by-Step Part 1
• Step-by-Step Part 2
• Official RemoteApp Hybrid site on Azure

• The Azure Team recently announced a new high performance VPN gateway.  Details here:

  http://azure.microsoft.com/blog/2014/12/02/azure-virtual-network-gateway-improvements/

  The net of it is – you get ~200Mbs and 30 S2S tunnels vs ~80Mbs and 10 S2S tunnels compared to the standard VPN gateway.

  One thing to note – you’ll likely need the latest version of Azure PowerShell for this command to work properly.

  You can get that here:  Azure PowerShell 0.8.12 

  If you already have Azure PowerShell installed, this will upgrade that installation.

  Once that’s installed – the commands are easy.

  1) Use the 'add-azureaccount' to add your Azure credentials for  your subscription where the S2S gateway you want to upgrade is configured. 

  2) run the following command – obviously editing the name of the S2S VPN for yours.  The process will take a while so don’t get worried if it doesn’t complete immediately.  I quit watching mine after about 5 minutes and it still wasn’t done and didn’t look again until about 30 minutes later.  So somewhere between 5 and 30 minutes. :)

  

  That’s it!  Have fun!

Provides a visual reference for understanding key Hyper-V technologies in Windows Server “8” Beta and focuses on Hyper-V Replica, networking, virtual machine mobility (live migration), storage, failover clustering, and scalability.

http://www.microsoft.com/download/en/details.aspx?id=29189