Like TechNet UK on Facebook
TechNet Team Blogs
This post is brought to you by Ed Baker, Windows Server Instructor at Firebrand Training
Prior to Windows Server 2008, to allow different groups of users to have different password requirements or lockout policies, the user would have to implement multiple domains or password filters. Both of which were complex and costly.
In the 2008 flavour of the Operating System, Microsoft provided a work-around to this. This was also complex and convoluted, to say the least. It was almost as if it had been grudgingly allowed, but was so difficult to implement that most of us wouldn’t bother trying.
The R2 implementation added some ease-of-use functionality, but with Server 2012 Microsoft has finally embraced the concept as a day-to-day admin requirement.
Well, for a large organisation with many levels of user and security, it is often necessary to set different requirements for the password complexity and for the lockout policy. For example, the office admin assistant may not require the same levels as the research and development department.
The solution in Windows Server 2012 is implemented entirely through the Active Directory Administrative Center (ADAC). ADAC was available in Server 2008 R2 but was generally ignored by ‘true admins’. It is essentially a GUI front-end to PowerShell Cmdlets - allowing creation, editing and deletion of any Active Directory object in the ntds.dit database.
ADAC is back, and it’s on a mission. The tool is now the only place to carry-out several important administrative functions (apart from PowerShell version 3.0, where you can now do just about everything to do with Server management and administration).
To implement Fine-Grained Passwords you have to deploy a Windows Server 2012 Domain Controller, with the domain functional level set at Windows Server 2008 or above. You can now accomplish this task in ADAC (provided you ‘run as administrator’).
To be able to develop your skills in this area, it is also best practice to create a number of test groups and users, so that any changes you make do not impact on your day-to-day work. It’s better to test this on a sandbox set up, but if one is not available, having test accounts, groups and OUs will prevent any disasters.
In the scenario below, I have set-up FGP_User1, FGP_User2, FGP_GP1, FGP_GP2 - you can name yours as you choose. This can be done in AD Users and Computers, in ADAC or in PowerShell 3.0.
In the application, select Tools and ADAC. In the ADAC window select Tree View (easier to see what’s important), then select the domain you want to work with. Expand the tree until you can select the System container, expand that and select Password Settings Container.
Right-click and select: New à Password Settings.
The Create Password Settings window opens. There are several mandatory selections, most of which are pre-selected - you have to enter name and precedence. (Note: the lower the precedence number, the higher its priority!)
Here you can amend all the settings for this password object (Length, Lockout etc. - see image below).
Best practice is to enter a description of the policy, then click Add in the Directly Applies To area. Select your previously created group from the AD, and make sure that your policy has all the correct settings which relate to the password and lockout.
In this example I have added my User to a group with two FGP policies applied with different precedence settings
To determine which the valid password setting object is, select the user concerned, and right-click:
Choose View resultant password settings... This opens the policy that is active. For those of us who lived with the old way – this is a huge leap forward in usability.
Editing a policy is as simple as expanding the AD tree and selecting the correct policy within the Password Settings container. Right-click Properties; or double-click opens the policy for editing.
To delete a policy (not forgetting that by default AD objects are protected against accidental deletion) remove the check from the Protect From Accidental Deletion box. Save the policy, then right-click it and select Delete.
Unlike Users, it is not possible to enable or disable a policy. If it exists, it is active for any object that it is directly applied to. Don’t forget you can apply Policies to users or groups, as can be seen in the following image. This also allows you to see what will be affected when you delete the policy.
This is set to be one of the Windows Server 2012 ‘Big Five’ areas of functionality. The ability to add and remove Fine-Grained Passwords at will - with little difficulty or deep-down AD knowledge - is a huge boost to those who have asked for the feature year-on-year.
To refresh your memory, when this feature was first implemented in Windows Server 2008, it was necessary to use ADSIEDIT to create the new Password Settings Object AND all the attributes of that object (in this case Length of Password, Lockout details, etc.). It was also necessary to set the ‘applies to’ objects in ADSIEDIT. Not a friendly tool at the best of times.
Microsoft has implemented a much-wanted feature and developed a tool that now has much more usability than its first few variants.
And remember, ALL of these steps can be carried out with PowerShell 3.0, with relative ease.
We have just got the initial details of the Windows Server 2012 technical launch event that is due to happen here in the UK. Get into your diaries and save the date! 25th September 2012!!! Trust me you NEED to be there! I’m still twisting arms to get the details of where this event will be but for now get the date in your diary.
To go along with this event we are running a couple of competitions. The first is a bit of a geeky design competition and I think it’s right up your alley! Here’s why…
We have 29 HP ProLiant MicroServer’s to give away in association with Servers Plus at the Windows Server 2012 Launch event in association with Servers Plus for attendees at the launch event on 25th September 2012 (Terms & Conditions available here). But that’s not all!!! There’s a second competition!!!
It’s summer time and everything should be bright and fun -that includes the MicroServer! That’s where the design competition comes in!!! You will need all your design skills to the ready as you will need to personalise, pimp or otherwise customize the server! Be as wicked and wild with your designs as you like!
Here are the judging criteria for the design:
To help you with creating your design we have a template that provides you with the dimensions that you are designing for. Here’s the template (PDF). The design here was one used by Servers Plus from a competition they ran last year and submitting it does not count as an entry!
To enter the competition:
You can also share your amazing designs with one another on our Facebook Page or on Twitter.
You can use the MicroServer for your own testing and personal use. Why not install Windows Server 2012 either standard or the bare metal version. Try setting up a virtual server host and guest, create a storage pool or simply familiarize yourself with the new management console. If you are feeling a little daring try your hand at some PowerShell with the new PowerShell console and one of the many new commandlets.
So get designing now! And remember to sign up for the technical launch event to claim your prize in person and see who wins machines with your design on them!
Windows Server 2012 Design Competition Terms & Conditions
1. ELIGIBILITY. This promotion is open to any person resident in the United Kingdom who is eighteen (18) years of age or older at the time of entry. Employees of Microsoft or its affiliates, subsidiaries, advertising or promotion agencies are not eligible, nor are members of these employees’ families (defined as parents, children, siblings, spouse and life partners).
2. ENTRY. Visit http://blogs.technet.com/b/uktechnet/archive/2012/08/01/announcing-the-windows-server-2012-uk-technical-launch-event-amp-competition.aspx and submit a link to your design, name and email address.
To the extent that entry requires the submission of user-generated content such as photos, videos, music, artwork, essays, etc., entrants warrant that their entry is their original work, has not been copied from others, and does not violate the privacy, intellectual property rights or other rights of any other person or entity.
Entries will be ineligible for the prize draw if they:
· are incomplete;
· exceed the maximum number of entries allowed per person;
· violate the rights of any other person or entity; or
· are received outside of the Promotion Period set out below.
Only one (1) entry per person will be accepted. No purchase necessary to enter the promotion. Entry constitutes full and unconditional acceptance of these Terms and Conditions. Microsoft is not responsible for lost, corrupted or delayed entries. Microsoft reserves the right to disqualify anyone who violates these Terms and Conditions.
3. TIMING. This promotion runs from 12.01:00 am GMT on Start date, 1st August 2012 until 11.59:59 p.m. GMT on End date, 26th August 2012 (inclusive) (the “Promotion Period”).
4. USE OF YOUR ENTRY. Personal data which you provide when you enter may be used for future Microsoft marketing activity if you indicate your consent on the entry form (if applicable). Otherwise your personal data will be used by Microsoft and agents acting on Microsoft’s behalf only for the operation of this promotion.
5. SELECTION OF WINNERS. All valid entries will be judged as a finalist.
Winning entries will be determined by a panel of judges with at least one independent judge on 27th August 2012. Judging will be based on:
· Originality & Uniqueness of entry
· Inspirational, amusement and entertainment of entry
· Cleverness of incorporating aspects of Windows Server 2012 into the design
A maximum of one prize per eligible entry is allowed. Winners will be notified by email to the address provided by the potential winner by 25th September 2012. If a potential winner has not confirmed receipt of the notification within TEN (10) days after the first attempt, an alternative winner will be selected on the same basis as described above (either at random for prize draws or according to the same judging criteria for competitions). Winners may be asked to provide identification proving their eligibility before they are entitled to receive the prize. Winners may be required to participate in further publicity or advertising.
6. PRIZE(S). There will be one prize in total. The prize will be as follows:
· One HP ProLiant MicroServer with winners design printed on decal (£230 approximate value)
Prizes are as stated and are not transferable. No cash alternatives available. Microsoft reserves the right to substitute the prizes with prizes of equal or greater value. All prizes will be sent by Microsoft or its agent no later than 28 days after the prize draw has been made by Microsoft. Unless otherwise stated, all prizes are subject to their manufacturer's warranty and/or terms and conditions.
Prizes may be considered as a taxable benefit to the winners. Winners will be directly responsible for accounting for and paying to HMRC, or other relevant tax authority, any tax liability arising on their prize. Please contact firstname.lastname@example.org for any query related to the taxable amount for reporting to HMRC, or other relevant tax authority.
7. WINNERS LIST. Each winner consents to his/her surname being made publicly available upon request. Winners names will be available for a period of 28 days after the selection of winners by written request to email@example.com.
8. OTHER. No correspondence will be entered into regarding either this promotion or these Terms and Conditions. In the unlikely event of a dispute, Microsoft’s decision shall be final. Microsoft reserves the right to amend, modify, cancel or withdraw this promotion at any time but only before the delivery of prizes, without notice.
Participants in this promotion agree that Microsoft will have no liability whatsoever for any injuries, costs, damage, disappointment or losses of any kind resulting in whole or in part, directly or indirectly from acceptance, misuse or use of a prize, or from participation in this promotion. Nothing in this clause shall limit Microsoft’s liability in respect of death or personal injury arising out of its own negligence or liability arising out of Microsoft’s fraud.
Microsoft cannot guarantee the performance of any third party and shall not be liable for any act or default by a third party.
9. SPIRIT OF THE COMPETITION. If an entrant attempts to compromise the integrity or the legitimate operation of this promotion by hacking or by cheating or committing fraud in ANY way, we may seek damages from that entrant to the fullest extent permitted by law. Further, we will disqualify that entrant’s entry to this promotion and may ban the entrant from participating in any of our future promotions, so please play fairly.
Promoter: Microsoft Limited (“Microsoft”), Microsoft Campus, Thames Valley Park, Reading, RG6 1WG, England
Guest Post by Julie Caulfield who works for Veeam who won the 2012 Partner of the Year for Management and Virtualisation.
I was lucky enough to attend Microsoft Tech-Ed this year in Amsterdam and was very impressed with the new functionality Microsoft has managed to cram into its new release of Server 2012. It has massive scalability advancements such as with the new VHDX file format, lots of new hardware interaction and plenty of DR focused features to keep your private\public cloud floating. At the same time I was pleased to see that they hadn’t forgotten about the SMB IT shops that run a small number of servers but are also looking to benefit from virtualisation. Options like shared nothing live migrations and the use of CSV file servers to host virtual disks for the Hyper-V hosts themselves will allow SMBs to fully embrace virtualisation without massive hardware costs.
It is the use of virtualisation in the SMB space that makes me stop and take note because it is critical to make tools available in this market to ensure that virtualisation adoption is readily available, no matter what size your organisation may be. This new functionality from Microsoft fits right in with the Veeam Essentials bundle which has recently been simplified to offer enterprise class data protection, monitoring and reporting for use on up to 3 physical hosts (6 CPU sockets) purchased in 2 socket bundles. With Windows Server 2012 offering so many great virtualisation benefits a SMB could now just as easily run an enterprise class infrastructure with high-speed backup and replication with very minimal investment.
Windows Server 2012 coupled with Veeam Essentials will help to deliver the essential toolkit of virtualisation - a cost-effective solution that is easy to use and intuitive, allowing IT to build a functioning virtual data centre as well as a spontaneous data protection solution on a shoestring budget. The Veeam on-host proxy gives the added benefit of using the Hyper-V hosts as backup servers pushing Veeam data moving services into the Hyper-V kernel itself reducing the infrastructure footprint.
Ease of use and affordability screams out – make things simple and affordable – Veeams agentless technology means no need to install anything into the virtual servers themselves. Veeam Essentials leverages storage based snapshots and integrates with VSS to give the IT manager transaction consistent backups directly across the SAN fabric to any location on their network as a backup repository. The inline block level de-duplication and compression of VHD files minimises the size of the resulting backup files and in turn minimises storage usage on the repository.
The graphical user interface is easy to use; additionally all functionality is accessible via PowerShell scripts for automation of tasks. Restoring couldn’t be easier or quicker with the ‘Instant restore’ feature allowing you to run a virtual machine directly from a backup file bringing restores down to a few minutes and then running a full restore behind the scenes.
But the ultimate cherry on the cake or should I say the final tool in the SMB toolkit comes with the Veeams bundle including a monitoring and reporting solution for your Hyper-V deployment giving you real-time alerting on CPU, memory, network and disk performance which is hardware agnostic. The monitoring and reporting dashboards allow you to identify bottlenecks and trends in your virtual environment so you can resolve them quickly and before they cause service outages.
Try it for Free
Matthew Hughes is an Independent SharePoint Consultant and the Director or SP365 Ltd. He runs various SharePoint related websites such as sp365.co.uk and is the founder of the Office 365 UK User Group who hold their first physical meeting in London on the 4th September 2012. He is a MCTS, MCITP, MOS in SharePoint and can be found on tweeting regularly @mattmoo2. An advocate of the SharePoint and Office 365 products he can be found regularly speaking at conferences and User Groups around the world.
What a difference a couple of months make, if you didn't get excited in July when the Office 365 Preview hit the web (as well as a subtle mention of a certain SharePoint 2013) you will undoubtedly have gotten a little more excited when the powers that be over at Microsoft HQ mentioned the imminent arrival of Windows 8.
Of course the Windows 8 Consumer Preview has been out for a little while but the RTM (Release To Manufacture) version was due on the 15th August to Technet / MSDN and Software Assurance customers, so imagine my excitement when I was able to go and grab the latest version of what promises to be Microsoft's most daring OS release since the crazy days of Windows Vista (it wasn't that bad if you had good hardware).
Now this is not another blog post about all the wonderful features of Windows 8 as we all know, there are plenty of them, however, this is a post about one specific feature namely, the addition of a traditionally Windows Server only feature called Hyper-V.
So you have been hiding under a rock since the release of Windows Server 2008 and you missed the addition of Hyper-V it is worth explaining exactly what it is?
Hyper-V is a Microsoft Role or Feature that allows you to create a Virtual Environment inside of your Physical Environment, this is to say that you can create a fully featured Server or desktop environment (guest) inside of your current physical hardware (the host).
Hyper-V requires your hardware to support Virtualisation or more to the point it requires you processor to support hardware virtualisation, whilst most newer CPU’s have this it is worth checking before you go getting all excited about the prospect of virtualising machines. Brad Rutkowski provides a short post about this on Technet.
Excited? Ready to go? Let’s take a look at how to get started with Hyper-V on Windows 8.
After installing Windows 8 you will not be able to find Hyper-V anywhere in the Metro style UI.
Hyper-V runs as a Windows Service so we wouldn’t want all of the, soon to be, millions of Windows 8 customers, having a service running that not everyone will utilise, therefore, we need to add the service via the “Turn Windows features on or off” in the usual way we have been accustomed to in the last couple of Windows Operating Systems. Given that it is a service the feature will ask you to restart.
Tip: You can also use this method to add just the Hyper-V Management Tools, which allows you to manage Hyper-V remotely.
Excellent, so now we have the feature we can open up the Management Tool and see what we can do.
In the screenshot above I have created three virtual machines a DC, SQL Server and SharePoint Server, these machines or guests, are now all running inside my host machine.
Also in the screenshot you can see I have the Virtual Switch Manager which allows me to create a private network for these machines perfect for separating them on their own network avoiding potential conflicts, alternatively I can set a network that connects them directly to the internet.
For IT Pros, Developers and Power Users the options prior to the inclusion of Hyper-V in Windows 8 were Virtual PC, VMWare Workstation, Virtual Server, Box and various other 3rd party Vitualisation products, now that this has become an additional feature to Windows 8, you can simple add the feature and you are ready to setup your development environments.
Of course, you will need to have a good level of hardware to support a couple of couple of virtual machines but laptops and desktops with 4GB – 8GB of RAM are becoming more common place as well as processors that support Virtualisation.
I mentioned that Hyper-V is a service so remember to shut down those guests when you’re not using them, it is easy to close the Hyper-V manager and assume that means the guests shut down too, this is not the case and they will continue to consume valuable resources unless you shut them down in the usual way.
I hope you find this article useful and welcome any feedback via my twitter account or email matt at sp365 dot co dot uk.
Does my CPU support hardware virtualization (Hyper-V)
Gareth Hewitt is the Product Director for WhiteSky Studio, a configurable Platform as a Service that allows business users to rapidly and easily create their own applications. Gareth founded WhiteSky Studio in June 2011 and is now focused on growing the product through allowing partners to create, market and sell their own applications using this revolutionary platform. Gareth can be contacted on firstname.lastname@example.org and @whiteskystudio.
The key to the future of web based services, and applications, is scalability. You need the comfort of knowing as your system grows in users, processing requirements, data size, etc. that you have a platform that supports this scalability. Re-engineering your system for each new scalable requirement is simply not an option. Windows Azure provides the technical infrastructure to support this, but as always you have to design with this in mind from the beginning – you can’t just copy your existing SQL database over to the Cloud and expect the database and services to be instantly scalable.
WhiteSky Studio is a revolutionary Cloud-based RAD tool that can be used by business analysts to build flexible and scalable systems without technical knowledge – you just need the business knowledge to design the functionality. We provide a cost and time effective alternative to traditional RAD based tools, industry specific packages, and online Cloud solutions. We have successfully configured applications for HR, Timesheets & Expenses, Retail Customer Records & Stock Control, CRM, Portfolio and Property Management, Financial Analysis, and many more. Such a diverse range of users, data sizes, processing requirements, peak demand times and performance requirements, means we needed a solid, proven technology that could scale to meet these challenges. Windows Azure not only provided the infrastructure but enabled us to provide value for money competitive offerings to our Clients demanding performance, scalability, resilience, and security.
Windows Azure provides services to support your system in a scalable fashion; there are many options to consider, including:
WhiteSky initially implemented Web and Worker Roles, caching, a mixture of SQL Azure and Storage Blobs and automatic scaling of the servers depending on work load and demand. We have now implemented federated databases (sharding) which has provided both security and performance benefits and look forward to improved features in the next release.
SQL Azure – Federations
Within four months of starting the Company we had Clients in 7 different sectors, ranging from 5 to 100 users and accessing applications from 4 countries. Windows Azure successfully provided the entire infrastructure we needed, and our next task was to ensure continuing scalability by implementing federated databases. Our first decision was whether to create an in-house implementation or to wait and use SQL Azure Federations. As with any architectural decision there is no single right answer that works for everyone, but with all the pros and cons, there were two features of SQL Azure that made our decision easy to choose SQL Azure Federations:
The biggest concern in using a custom solution was that no matter what implementation we created it was going to be technically difficult, if not impossible, to provide the ability to split a live database into two smaller ones without significant downtime. This was a major requirement for us, and we couldn’t see an easy way of providing it and meeting our performance and up-time SLA’s. SQL Azure Federations comes with such a guarantee, functionality we felt was at the core of any scalable model. The development roadmap for SQL Azure includes the ability to add database merging which will enable us to auto-scale the merging/splitting of the databases according to performance or demand requirements – much like the auto-scaling of the web and worker roles that we already have in place.
The SQL Server gateway service is a service Microsoft added to ensure you can still use the advantage of connection pooling within your existing code. This provides an incredible performance boost over a custom implementation which would require us to hold connections across several different databases. Whenever we make a call to a federated database the gateway service routes the call to the correct federated database without the need to create a new connection.
Any one of these features was enough to choose SQL Azure Federations over a custom approach, but both made it a no-brainer.
SQL Azure Federations – Implementation
To migrate our existing database to SQL Azure Federations a few structural changes were required. The first, and most likely issues developers come across, is that you cannot use the following table column types:
Both of these restrictions arise from the simple fact that SQL Federations has no way of guaranteeing a unique auto-increment field or timestamp without getting all of the federated databases communicating with each other – something that presumably would come with a large performance overhead. The first thing we had to do was add globally unique identifiers in place of auto-increment fields, and to replace our timestamp columns.
The auto-increment columns we were replacing were our primary keys and would be forming part of our new primary key in the federated table. We chose to implement the uniqueidentifiers in SQL with a default value of “CAST(CAST(NEWID() AS BINARY(10)) + CAST(GETDATE() AS BINARY(6)) AS UNIQUEIDENTIFIER)” as described in “The Cost of GUIDs as Primary Keys” article, avoiding much of the fragmentation and performance issues we would get if we adopted a completely new GUID. Versioning wasn’t such an issue for us as we didn’t require the uniqueness that a timestamp guaranteed, so a simple conversion to a date was sufficient.
We had to write our own custom migration application to update all our relationships, but that was an easy process to automate. We then created all the new tables and migrated our data into our new tables without the incompatible column types. This way we had a backup we could refer to in case any of our relationship updates were incorrect.
After updating our server and client code to reflect the database changes, all that remained was the migration of the data into a Federated Database structure. We used the excellent SQL Azure Migration Wizard (Federation Version) to upload the data into five pre-prepared shards in our new database. When this process was complete we were live on a platform that now meets all of our scalability needs.
SQL Azure Scalability
It would have been impossible for us to offer the revolutionary capabilities of WhiteSky Studio without the scalable infrastructure of Azure. The up-front costs in both time and resources would have been too great. The platform-as-a-service offering of Azure allowed us to only pay for what we used as we grew our offering and started scaling the system. The advantage of automatically scaling our servers meant we weren’t paying to maintain the system’s performance during periods of low demands. It is this service based approach that is giving us a competitive and technological edge over competing products. We can offer a fully customizable and scalable enterprise wide business solution based on the custom requirements of any Client at the fraction of a cost for a similar hosted, packaged or bespoke solution.
As with most new technologies it is agile start-up companies that take the innovative steps and create a step change in the way services are delivered. WhiteSky takes advantage of Azure’s ground breaking technical ability to provide a value for money business orientated RAD tool with a global reach and scalable performance.
Thomas Lee is a UK IT Pro, with over 40 year’s experience in the IT field. He’s presently a PowerShell MCP and is very busy doing writing, consulting and training around some of the key Microsoft technologies including PowerShell, Lync and Windows Server/client. In his spare time, he lives in a small cottage with wife, daughter, a nice wine cellar and a large collection of Grateful Dead live recordings.
Hyper-V is Microsoft’s virtualization solution. It was first released with Server 2008 and improved with Server 2008 R2. The latest version comes with both Server 2012 and Windows 8. The inclusion of Hyper-V in both the client and server version is a great step forward and for me, at least, it means the end of 3rd party virtualization products I needed to use in the past.
PowerShell is Microsoft’s strategic task automation platform which has been significantly upgraded to Version 3. PowerShell Version 3 is included in all versions of Windows Server 2012, and Windows 8. A downloadable version will also be made available at some point for Windows 7, Server 2008 and Server 2008 R2. Beta versions of PowerShell v3 are available in the mean time for down-level operating systems, but you’ll want the full V3 once that’s available.
The cool thing, or should I say one of the many cool things, about Hyper-V and Server 2012 is that you can manage Hyper-V using PowerShell. There is a new Hyper-V module that ships, in the box!, for both Windows 8 and Server 2012. However, the module and the Hyper-V features are neither installed by default. On Windows 8, you need to bring up Control Panel, click Programs, then click Turn Windows feature on or off and then select Hyper-V. For Windows Server 2012, you can use Server Manager GUI, or the Server Manager PowerShell Module and use the Add-Windows Feature cmdlet. Personally, I find the latter quicker in most cases.
On a Windows 8 and Server 2012 systems, you can install the Hyper-V software itself and the management tools (i.e. the PowerShell module) separately. This enables you to manage a set of VMs remotely.
The Hyper-V module contains a huge number of cmdlets, 164 in total. That’s a lot of cmdlets – but there’s a lot to manage in Hyper-V! The first thing to remember about this module – you need to be in an elevated prompt in order for the cmdlets to work. I got a bit of a fright when I ran the Get-VM cmdlet on my windows 8 box (which had a number of VMs) and had it return nothing (not even an error).
The Hyper-V module allows you to manage all aspects of the virtualization package. You can manage VMs, VHDs, network witches, network adapters and other fundamental objects. You can also manage all aspects of running Hyper-V in a clustered environment with SANs, ,etc.
To create a VM, using the Hyper-V module, you just use the New-VM cmdlet, as shown here:
As you can see from this screen shot, there are just three cmdlets to run in order to create a simple VM: New-VM (to create a new VM and VHD virtual disk drive), Set-VmDvdDrive to add a DVD into the VM (in this case the Server 2012 installation DVD), then Start-VM to start up the virtual machine. If you then run the Virtual Machine Connection applet, you see the following
Now if I’d been clever, I could have done a whole lot more, including injecting a floppy disk into the VM containing the unattend.xml file that would automagically configure the installation, in this case, of Windows Server 2012.
Once the server has been started, I can go back to PowerShell and view the VM using the Get-VM cmdlet, as follows:
This screen shot shows the Get-VM and some of the properties of the newly created VM (there are a total of 54 separate properties you can make use of!
I’ve been using the Hyper-V module throughout the Server 2012 beta period to create and manage VMs. Most of the VMs I’ve created are server VMs, but I’ve also created several Windows 8 Beta VMs. I can’t be bothered to create an unattend.xml file, so I’ve been just creating a basic VM as you see it, using the VMC applet to just ‘next-next-next’ through the installation. Once I have a basic VM created, I can run a Configure-VM.ps1 script that configures the system (changes hostname, updates the IP configuration etc). I have further scripts that do further configuration. I can now setup a 5vm ‘farm’ including a DC/DNS/CA system, a SQL server system, an Exchange server plus a couple of additional basic servers all in around half an hour.
I’ve found the Hyper-V module great for most things, but there are a few omissions. For example, I cannot create a virtual floppy disk on a host machine and write directly to it (then remove it from the host and add it to the vm. This makes unattended setups harder than I’d like.
There are a lot of cmdlets in the module and they operate at a fairly basic level. I found it took a few hours of playing around to find all the things I needed. But having said that, it isn’t that difficult – I found myself writing scripts as I went along and by the end of a few days playing, I had a wealth of provisioning scripts that will keep me in good stead.
For many of you, PowerShell is still a bit of an unknown quantity. If so, consider coming on the Windows PowerShell PowerCamp weekend training course I’m running over the weekend of October 27/28. For fuller details, see my blog at http://tfl09.blogspot.com. The PowerCamp, which will be held in Microsoft’s Cardinal Place offices, is intended to take you through the basics of PowerShell V3 and I plan to spend some time looking at the Hyper-V module.
While not perfect, the module is a lot faster, for me, than using the GUI, especially given the number of VMs I regularly create. For some users, the Hyper-V module might be a good alternative to using a VM management tool such as System Center Virtual Machine Manager. You could write all the scripts to create/manage VMs, do VM Checkout, etc!
All in all, the combination of Hyper-V, Windows 8/Server2012 is a great set of virtualization and virtualization management software.
Skipton Building Society needed a self-service portal for development environments for its mortgage services division HML. Its IT Shared Service Centre was tasked with finding a solution that would allow HML to provision virtual machines to keep pace with its agile development requirement. By deploying Hyper-V virtualisation technology, along with the Microsoft System Center 2012 suite of products, the firm avoided a £42,000 expenditure on a proof of concept and licences from the incumbent vendor.
With more than 8,000 employees, Skipton Building Society is the fourth-largest building society in the United Kingdom (U.K.). Established in 1988, mortgage servicer HML—a Skipton subsidiary—currently manages around £44 billion of assets for more than 50 blue-chip clients in the U.K. and Ireland.
Skipton was looking for ways to streamline and accelerate the deployment of new business services through cloud computing. David Miskell, Solutions Architect, Skipton IT Shared Service Centre, says: “With a mainly manual process, it would have taken our team three weeks to deploy new service requests, but HML needed a faster process.”
Around 80 per cent of the server estate in the Skipton IT Shared Service Centre is virtualised. Miskell says there would have been an extra cost of around £42,000 for deploying the capability required by HML from the incumbent vendor’s technology. On-going costs would also have risen as the solution was scaled up.
The Skipton IT Shared Service Centre had established a strong working relationship with Microsoft and Risual, a Microsoft Partner that holds gold and silver competencies, including the gold level competency in management and virtualisation.
Miskell says: “We took the view that with its latest releases of Microsoft System Center 2012, the Microsoft offering had matured significantly. But we still required peace of mind that the product would achieve the business goals we’d set out for the project.”
The Skipton IT Shared Service Centre decided to use Windows Server 2008 R2 with Hyper-V and the Microsoft System Center 2012 suite of products. Craig Hartwell, Commercial Sales Director, Risual, says: “We first engaged with the Skipton IT Shared Service Centre to assist the team with making savings and increasing automation in its data-centre environment. We then worked on providing a solution that would deliver the self-service portal project and reduce time to market to deliver new services.”
Risual made a high-level proposal to deliver a self-service capability using Hyper-V technology with the Virtual Machine Manager and App Controller components of Microsoft System Center 2012. Hartwell says: “A vital distinction was that Microsoft didn’t charge the customer for the proof of concept, whereas the incumbent supplier asked for £12,000.”
Miskell says: “In addition to the technology aspect, we chose the Microsoft solution because it was cost-effective and presented a lower risk as there was no cost associated with delivering the proof of concept.”
Risual also advised the Skipton IT Shared Service Centre on how to make the most of its Microsoft licensing model. The Microsoft Software Developer Network (MSDN) licences could be used during the proof of concept phase—then, once moved into production, Skipton could use its Enrolment for Core Infrastructure (ECI).
Hartwell says: “These form part of the Skipton Microsoft Enterprise Agreement, helping customers license the Windows Server operating systems and the System Center suite in a simple way, and providing scalability with no added costs. As the usage of this platform grows, there will be no incremental penalty to Skipton.” Having started the proof of concept in January 2012, the solution went into production in July 2012.
Microsoft Partner Risual has helped Skipton Building Society cut its licensing costs significantly and improve the time to market of new financial services based on a virtualised self-service development portal. By deploying Hyper-V and Microsoft System Center 2012, its IT Shared Service Centre has increased business agility and no longer relies on manual workload processes to develop server-based applications.
Skipton gains agility with virtualisation solution. By deploying the self-service portal project with Hyper-V and System Center 2012, Skipton has identified a lower cost alternative for its virtualisation strategy. It gives the business the agility it needs to keep pace with market demands.
Firm saves £42,000. The engagement with Microsoft Partner Risual meant Skipton no longer had to spend £42,000 on a proof of concept and licensing. Hartwell says: “Microsoft licensing through ECI means that the cost of delivering a virtualised environment is significantly lower than competing offerings.”
High-level advice helps make best use of existing Microsoft licences. Software licensing specialist Risual showed Skipton how it will save money in the medium and long terms by making full use of its existing Microsoft Enterprise Agreement. Miskell says: “The Microsoft Software Developer Network licences were part of our existing agreement, and ECI provided a scalable licensing model that didn’t increase costs as the project grew.”
Skipton looks forward to lower long-term management costs for the entire virtualised server estate. In the medium term, Skipton will look to use the Virtual Machine Manager component of Microsoft System Center 2012 to manage the entire virtual machine estate. It has the ability to interoperate with non-Microsoft technologies to provide a single management point.
System Center 2012:Try System Center 2012 Cloud and Datacenter
With Hyper-V, it is now easier than ever for organisations to take advantage of the cost savings of virtualisation, and make the optimum use of server hardware investments by consolidating multiple server roles as separate virtual machines that are running on a single physical machine. Use Hyper-V to efficiently run multiple operating systems, Windows, Linux, and others, in parallel, on a single server. Windows Server 2012 RC extends this with more features, greater scalability and further inbuilt reliability mechanisms.
Significant improvements have been made across the board, with Hyper-V now supporting increased cluster sizes, a significantly higher number of active virtual machines per host, and additionally, more advanced performance features such as in-guest Non-Uniform Memory Access (NUMA). This ensures customers can achieve the highest levels of scalability, performance and density for their mission-critical workloads.
This paper will focus on comparing Windows Server 2012 Release Candidate (RC) Hyper-V, with the standalone VMware vSphere Hypervisor, also known as ESXi, and vSphere 5.0, across 4 key areas:
Why Hyper-V - Competitive Advantages of Windows Server 2012 RC Hyper-V over VMware vSphere 5.0
Don’t forget about the free Azure Developer Camp we have running in Edinburgh next Thursday.
Here’a a video to give you a feel for what a camp is like.
And here is a complete synopsis.
We run 2 types of camp for Windows Azure; one aimed at the developer and one aimed at the IT Pro. The developer camp concentrates on the Platform-as-a-Service (PaaS) features of Windows Azure. Mostly this means Windows Azure Cloud Services, Windows Azure Storage, Windows Azure Active Directory Access Control Service, Windows Azure Service Bus and Windows Azure SQL DB, and Windows Azure Websites. The IT Pro camp concentrates on the Infrastructure-as-a-Service features; Virtual Machines and Virtual Networks.
Depending on the venue, there are usually between 30 and 70 attendees. As an attendee, you are expected to bring a wireless-enabled laptop with certain pre-requisite software already installed. For the developer camp this includes Visual Studio, SQL Server and the Windows Azure Tools/SDK. For the IT Pro camp, this includes Powershell. You are expected to follow this set up before you arrive on the camp. Setup details are provided below. It cannot be stressed enough how poor an experience you will have if your laptop is not correctly configured when you arrive. If you tie-up the time of an instructor with questions about your machine setup, you are denying another delegate who has arrived with a correctly configured machine the help they need. Please be respectful of the other delegates who have followed these instructions.
Have you ever turned up to a training day/presentation where every delegate except you seemed to have done certain preparatory work in advance? Did there come a point at which all the eyes in the room were on you and you had to say “…well, err, ummm, I haven’t done that stuff…”? Was that the point you wished you had read the material before you’d turned up? Don’t be the one who has to create some last-minute excuse while the eyes of all the other delegates are on you – simply make sure you read this and follow the instructions. You will be expected to have installed and configured your machine to work on a Windows Azure Camp.
You will need a working Windows Azure subscription and you need to have applied for and successfully been granted access to:
· Windows Azure Web Sites - for the developer camp.
· Windows Azure Virtual Machines and Virtual Networks - for the IT Pro camp.
There is a video that describes how to apply for these features here.
Any working subscription is suitable; paid or free. You can get a free trial subscription. This grants you access to certain resources free for 90 days. You will need a Windows Live ID and a Credit Card to register. The spending limit on the free trial account is set at £0.00. When the free trial period of 90 days has passed you will be asked if you’d like to remove the spending limit and from that point on treat it as a standard paid subscription. If you use more than the free allocation of resources in a month, you will also be asked if you’d like to remove the spending limit. There is no perpetually free subscription available for Windows Azure. There are also free trial subscriptions available to certain MSDN subscribers, BizSpark partners and MPN members.
Details of the free trial accounts are here:
· To get a free trial subscription go to http://bit.ly/azureforfree. . To register for this offer, you need a credit card to activate it, but the spending limit on the subscription is set to £0.00 so you won’t be charged.
· To add Windows Azure benefits to your existing MSDN subscription, go to http://www.windowsazure.com/en-us/pricing/member-offers/msdn-benefits/
· To add Windows Azure benefits if you are a BizSpark customer, go to http://www.windowsazure.com/en-us/pricing/member-offers/bizspark-benefits/
· To add Windows Azure benefits if you are an MPN member go to http://www.windowsazure.com/en-us/offers/ms-azr-0002p
It can’t be stressed enough how much of a dead-end it can be if you leave it till the last minute and attempt to activate a subscription while on the camp. A common example is the BizSpark delegate who tries to activate a subscription only to find a different employee has already activated the subscription. He/she wasn’t expecting that and it means they will be unable to complete the lab work. We will be entirely unable to help in situations such as this. Another example is the delegate who has an active subscription but hasn’t yet applied for access to the preview features such as Virtual Machines or Windows Azure Web Sites. As it may take several hours for the application to be processed, they will be unable to complete lab-work until the facilities are available.
09:00 – 09:30
09:30 – 10:30
Windows Azure Compute: Windows Azure Datacentres, IaaS, PaaS, SaaS, Web Role, Worker Role, Scalability, Service healing, Windows Azure Storage, App development.
10:45 – 12:15
Lab: Web, Worker and Storage
12:15 – 12:45
12:45 – 13:15
Windows Azure SQL DB
Lab: Windows Azure SQL DB
Access Control Service and Service Bus
Windows Azure Active Directory Access Control Service
16:45 – 17:00
Wrap-up and Review
Note: Because you can leave your Windows Azure service deployed and you will have all the code and projects etc. on your laptop when you leave the developer camp, any unfinished labs can be completed at home/in the office.
09:30 – 10:00
The Windows Azure Platform
10:00 – 10:30
Windows Azure Virtual Machines
10:30 – 10:45
10:45 – 11:15
Lab: Windows Azure Virtual Machines
11:15 – 11:45
Windows Azure Virtual Networks
11:45 – 12:15
Lab: Windows Azure Virtual Networks
Active Directory in the Cloud: Windows Azure Active Directory, Running a DC in Windows Azure
Lab: Running an Active Directory Domain Controller in Windows Azure
14:15 – 15:00
SQL Server and Sharepoint in the Cloud
15:00 – 15:15
15:15 – 16:45
Lab: Running a complete infrastructure in the cloud (Sharepoint, SQL Server, Active Directory)
Note: Because you can leave your Windows Azure service deployed and you will have all the configuration and projects etc. on your laptop when you leave the developer camp, any unfinished labs can be completed at home/in the office.
Developer Camp pre-requisites If you're a developer who uses a laptop, you'll almost certainly have most of these development components already installed. Please pay particular attention to the SQL Server setup - you'll need to use the same account during the labs as the account that was used to install whichever version of SQL Server you decide on from the pre-requisites list.
· A working Windows Azure subscription – see details above.
· A wireless-enabled 64-bit laptop with Windows Vista, Windows 7, Windows Server 2008 R2 or Windows 8 RTM. The camp is written with Windows Vista/Windows 7/Windows Server 2008 R2 users in mind. If you are using Windows 8 there will be variations in the way the UI is described.
· Bring the power supply: you will be using the laptop all day.
· A basic knowledge of programming concepts and familiarity with Visual Studio
· A basic knowledge of web-programming and how Internet applications work
· An understanding of the Microsoft web-stack (Windows Server, IIS, .Net, basic security etc.)
· Perform the following software setup. Allow 1½ hours to complete the setup.
To check that you won’t have any time-consuming machine-set-up problems on the Windows Azure camp, perform the following steps to check the installed software works as advertised. This step is important because there isn’t enough time to do troubleshooting on the camp for a failing installation.
1. Right-click Visual Studio and select Run as administrator. If prompted click Yes at the UAC prompt.
a. Visual Studio opens.
2. Select File|New| Project.
a. The New Project dialogue opens.
3. In the frameworks dropdown list, ensure .NET Framework 4 is selected.
a. In the Installed Templates pane, select Visual C#|Cloud and click OK.
i. The New Windows Azure Project dialogue opens.
b. Select ASP.Net Web Role then click the “>” button. And click OK.
i. It takes a few seconds but eventually a Windows Azure ASP.Net project appears in the Solution Explorer.
c. Press the F5 key to run the naked Windows Azure ASP.Net solution in the local Compute and Storage Emulators.
i. After a short time the default ASP.Net template appears in the web browser.
d. If errors occur at this stage, fix them before you attend the Windows Azure Camp. Almost all problems with lab work on the Windows Azure Developer Campare related to laptop setup. It can take a long time to fix these errors and you will therefore lose useful coding time. It is therefore best to fix any setup errors before you attend the Windows Azure Camp. The most common errors are to do with the Storage Emulator and the SQL Server setup. SQL Server is used as the store for the Storage Emulator. The most likely errors are that the Storage Emulator is confused by which instance of SQL Server it should use. If there are multiple instances of SQL Server this is very common.
Try some of the following commands to fix the problem:
e. Open the Windows Azure Command Prompt by right-clicking and selecting run as administrator.
i. If you have multiple instances of SQL Server (including SQL Express) installed, the Storage Emulator needs to be initialised to use the correct instance of SQL Server. It is preferable to use SQL Server Express. The following commands are ways to set the Storage Emulator up to point to the correct instance. It is likely that the syntax of one of the following commands will fix the problem. Notice that you may need to provide your own SQL Server <instance_name>.
1. dsinit /sqlinstance:.\SQLEXPRESS
2. dsinit /sqlinstance:\SQLEXPRESS
3. dsinit /sqlinstance:.
4. dsinit /sqlinstance:
5. dsinit /sqlinstance:.\MSSQL
6. dsinit /sqlinstance:.\<instance_name>
7. dsinit /sqlinstance:<instance_name>
· The first two commands are syntactical variations that set SQL Express up as the database for the Windows Azure Storage emulator. In theory, either one should work, in practice, if one fails, try the other.
· Commands 3 and 4 are syntactical variations that set the default SQL instance up as the database for the Windows Azure Storage emulator. In theory, either one should work, in practice, if one fails, try the other.
· Command 5 should set up the default SQL instance named MSSQL as the database for the Windows Azure Storage emulator.
· Commands 6 and 7 are syntactical variations that set the <instance_name> (you need to provide the SQL Server instance name) up as the database for the Windows Azure Storage emulator. In theory, either one should work, in practice, if one fails, try the other.
4. Once the errors are fixed – your machine is ready for the Windows Azure Developer Camp. If as a result of step 1 you have had to fix the SQL Server setup, please go back to step 1 in “Checking the Setup” and retry the creation of a project to make sure you have no errors.
You will need administrative access to SQL Server.
Note: Of all the problems we get on this camp, delegates not having administrative access to the SQL Server they have installed on their laptop is the biggest. For example:
· If the laptop is domain-joined and an administrator from the domain installed it, that is a problem that is impossible to fix in the camp and you are guaranteed a wasted trip if you were hoping to complete hands-on labs on your laptop.
· If you are using a domain account (with cached credentials) that doesn’t have administrative access to the laptop, you will be unable to de-install/re-install SQL Server from your machine. Again, you are guaranteed a wasted trip if you were hoping to complete hands-on labs on your laptop.
· If you have no knowledge of the password for a local administrative account on your laptop, you will similarly be unable to de-install/re-install SQL Server and yet again, you are guaranteed a wasted trip if you were hoping to complete hands-on labs on your laptop.
It is not possible to stress enough how much of a dead-end it is to be a delegate on the camp who has a machine on which he/she cannot complete the lab work because of permission issues.
As an IT Pro who uses a laptop, you’ll almost certainly have the required software already installed. You will need:
· A working Windows Azure subscription – see details above. You need to have successfully applied and been granted access to the Windows Azure Virtual Machines preview.
· A basic knowledge of the Windows infrastructure stack (Windows, Windows Server, Active Directory, Web, Security, SQL Server etc) to the level required by an IT Pro.
· Perform the following software setup:
How much do I need to know about Windows Azure to attend this Camp? You don’t need any prior experience or knowledge about Windows Azure to attend this Camp. The purpose of the event is to provide you with the basic skills and knowledge to get started with learning about Windows Azure.
Who can attend the Camps? Students, developers, technologists, IT Pros, architects, hobbyist, technology enthusiasts. Everyone is welcome! All we ask is that you are ready and keen to learn about Windows Azure.
How much does it cost to attend this Camp? Your luck's in - it's free.
What do I need to prepare in advance to make the most of the Camp? There are a basic set of things you should prepare before attending the Camp, listed above. Please make sure you are prepared so you can make the most of your day at the Camp.
What if I have registered already and cannot make it on the day? Please let us know as soon as you can if you can’t make the camp as there’ll be plenty of people who are keen to take your spot. Please respect the trainers and your fellow delegates by turning up if you have registered and committed. Thanks!
Now’s the time to get Hyper-V certified fast. Or get your hands on one of the brand new MCSA or MCSE certifications.
Firebrand is offering 30% discount on all Microsoft courses. Act fast - this offer must end Friday 14 September 2012.
Firebrand is an official Microsoft Gold Partner.
Get your 30% discount now.