Hi Folks -

My list of Top 10 Features in Windows Storage Server 2012 R2 included Work Folders, a new feature in Windows Server 2012 R2 and Windows Storage Server 2012 R2. In this post, I’ll take a closer look at Work Folders, how it compares to other Microsoft synchronization technologies, and how you can benefit from it.

Work Folders: They Reside on Your Own Infrastructure and Can Appear in Multiple Locations

Work Folders gives users access to files on a company file server while allowing organizations to maintain control over that data. It works by syncing the data between end-user devices and the file server, which means you can use all the familiar file server management tools to manage and secure that data. Windows 8.1, which is releasing later this month has the new Work Folders feature built into the Control Panel and it looks like this:

After you configure Work Folders you will see the folder appear inside your file explorer, like this:

In simple terms, you can think of Work Folders as folders that reside on your own infrastructure, contain files you need to work on, and can appear in multiple locations—enabled through synchronization. The following table shows how Work Folders compares to other Microsoft sync technologies, including Offline Files, SkyDrive, and SkyDrive Pro.

Configure and Deploy Work Folders from Within Server Manager

Work Folders setup requires three basic steps:

1. Deploy and configure the Work Folders role on your server
2. Publishing Work Folders to Internet-connected devices using the Web Application Proxy (or through any reverse proxy solution)
3. Provisioning devices to use Work Folders.

With Windows Storage Server 2012 R2, you can easily setup Work Folders using Server Manager. Here is a screenshot of Server Manager that shows the new “Work Folders” role, which is located under File and Storage Services.

After Work Folders has been deployed, users can securely access a copy of their data on supported devices while still empowering the IT department to help protect corporate data using these “must-have” security features:

• Authentication via integration with Active Directory Federation Services (AD FS) enables you to verify Work Folders are only installed on devices that are authenticated by your Active Directly, and the devices can be domain-joined or not and ADFS allows filtering out devices which are not workplace joined. You can easily integrate multi-factor authentication, such as www.phonefactor.com, which is now Windows Azure Multi-Factor Authentication.
  
  
• Encryption of Work Folders files on the device’s storage media, which can be configured by system administrators. Of course, files are always encrypted during synchronization.
  
  
• File Classification Infrastructure on the file server enables you to automatically classify documents on the file server and apply information rights management policies using Active Directory Rights Management Services (RMS). So, if a user saves a document that has confidential information detected, it will automatically be protected on the file server and soon after, on each of the synchronized devices.
  
  
• Data Wipe, which can be used to render Work Folders inaccessible from the user’s device when the user leaves the company or if the device is lost–without having to do a full device reset.

One of the cool features in Work Folders is that there is no conflict resolution UI. That’s right, if you are editing a file on three different devices at the same time, Work Folders will automatically save all copies of the document and append the date and the machine name to the file so you know exactly which doc has the particular edits.

If Work Folders sounds interesting and you’d like to learn more, here are some additional resources:

• What’s New in 2012 R2: People-centric IT in Action - End-to-end Scenarios Across Products
• Work Folders Overview
• Work Folders Test Lab Deployment
• Work Folders Certificate Management

Work Folders will make information workers very happy and it’s a great gift for the holidays! They get to have their critical data available on their devices, and IT administrators get confidence knowing that the data is secure on the server, the device and across the internet. The way I look at it, you can now securely deploy terabytes of synchronized data in your own private cloud for a fraction of the cost of buying cloud storage.

Cheers,
Scott M. Johnson
Senior Program Manager
Windows Storage Server
@supersquatchy

Wow!  It is finally here!  It has been a labor of love for me and I am very pleased to announce the availability of Windows Storage Server 2008. We have been working on the engineering to produce these editions of Windows for over two years and it is mind-boggling just how many details and thousands of hours of testing that go into it. This is going to be an exciting release and I can’t wait to see the new storage appliances rolling off the factory floors from our OEM partners.  The bits are available now for partners that build on top of the platform.  Next week we will release the RTM media to MSDN subscribers for evaluation and development.

Over the next few weeks, we will post a series of blogs highlighting the new features and some tips and tricks manufacturers can use to configure and get the system running at its full potential.

Here is quick rundown of the features that make appliances built on Windows Storage Server 2008 so compelling:

Single Instance Storage (SIS) v2
Reduce disk space consumption by eliminating duplicate files on data volumes. The savings that can be realized are completely based on the data on the volume, the quantity and size of the duplicates. I have personally seen savings from 7% all the way up to 70% for specific environments like build servers that hold hundreds of copies of the same file. The new version includes official support for 128 volumes (V1 was 6 volumes), a remote-able command-line interface, WMI support, improved clustering, ability to remove single instancing (without using xcopy) and improvements to make it more resilient to outages. We tested SIS on volumes with 5.6 million files and 2.3 million duplicates while simultaneously reading and writing 35,000 files. This is ready for prime-time. SIS has good read performance for a de-duplication product that works on primary storage and once somebody starts writing to their copy of the file, we create a new copy of the file automatically for them. The write performance has the same characteristics as a normal file after it is removed from the common store. If you use DPM 2007 to backup your Windows Storage Servers, the VSS support enables the backup to preserve the single instancing instead of trying to copy every file. Most people only use de-duplication in a backup environment, but with SIS, you can start saving space immediately. 

File Server Optimization
Optimized by default for the file server role for around 8% gain over standard settings. We remove file-system aliasing and the old-school 8.3 name creation routines that add overhead to the file-system drivers.  Using these settings along with the others in the Performance Tuning Guidelines for Windows Server 2008 can lead to improved gains. OEMs that also set their Interrupt-Affinity Policy (download the IntPolicy tool from Interrupt-Affinity Policy Tool website) and also consider setting proper disk alignment so that writes efficiently use the disk sectors can expect to make a storage solution that can be over 27% faster than a general purpose server. See the DiskPart tool website for information about the align parameter (Expand DiskPart and look for Create partition primary)

Remote Administration in Heterogeneous Environments
This is a really cool feature that enables a full-screen remote-desktop by just going to http://server/desktop. Being able to remotely manage storage appliances like you are sitting at the keyboard makes doing those storage tasks from the beach a real option. In the Windows\WebRDP directory we have included a new Web RDP package that enables anybody running Windows and Internet Explorer (Using the Active-X control) or a Linux/Unix distribution running Firefox to instantly get a full-screen remote desktop. The new SSL-enabled Java remote administration applet was written by the Microsoft Terminal Services team and was tested with Red Hat and SUSE using a Java runtime and a Firefox browser.

Improved Failover Clustering
Failover clustering in Windows Server 2008 builds redundancy into your network and eliminates single points of failure.

Windows File Sharing
High-performance SMB 2.0 for Windows and all the improvements made by the remote file protocol and NTFS teams. Checkout this speed test by Tom’s Hardware for an understanding of just how much faster it is than SMB1.0

Network File System (NFS)
Improved performance, NFS and SMB interoperability.

File Server Resource Manager
Directory quota, file screening, and reporting.

DFS Namespace and DFS Replication
Efficient file replication over WANs.

BitLocker™ Drive Encryption
BitLocker prevents a thief from breaking system protections or performing offline viewing of the files stored on the protected drive.

Windows PowerShell™
A task-based command-line shell and scripting language designed especially for system administration. Control and automate the administration of the Windows operating system and applications that run on Windows.

Windows Server Backup
A basic backup and recovery solution to back up all volumes, selected volumes, or the system state. Perform a system recovery onto a new hard disk, by using a full server backup and the Windows Recovery Environment.

OOBE, MMC and Server Manager
Common user experience across Windows-based products

Full Text Search
Fast and effective search on remote network shares accessed using Windows XP and later. Windows Storage Server 2008 supports Search 4.0, which end-users can download and add to their storage appliances or just load SP2 for Windows Storage Server 2008 and the latest version is included.

Product Differentiation
Windows Storage Server branding and editions can be programmatically targeted.

Competitive Licensing
OEM Embedded licensing that includes great pricing and no CALs are required to deploy these servers in any environment.

Comprehensive Setup
OEM-extensible out-of-the-box experience to guide user through initial setup and configuration.

Here are the editions and features:

(1)Basic: WINS, MPIO and DFSR were cut from a server standard build
(2)Workgroup: WINS, MPIO were cut from a server standard build
(3)Standard: WINS was cut from a server standard build.
(4)Enterprise: WINS was cut from a server enterprise build.
All SKUS had Hyper-V removed.

Here are some links to launch information;

• We announced Windows Storage Server 2008 and the new site today.  You can check it out at: http://www.microsoft.com/storageserver
• Beginning May 7th, you can learn more with the on-demand TechNet Webcast: “Introducing Windows Storage Server 2008”  http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032410705
• See more of the community coverage on the STB Newsbyte Blog at: http://blogs.technet.com/stbnewsbytes/default.aspx
• Windows Storage Server 2008 partners: http://www.microsoft.com/windowsserver2008/en/us/wss08/partners.aspx
• Windows Server blog: http://blogs.technet.com/windowsserver/archive/2009/05/05/windows-storage-server-2008-is-here.aspx 
• Jason Buffington's blog: http://blogs.technet.com/jbuff/archive/2009/05/05/announcing-windows-storage-server-2008-waa-hoo.aspx
• Details on Single Instance Storage (SIS): http://www.microsoft.com/windowsserver2008/en/us/WSS08/SIS.aspx
• Details on the Microsoft iSCSI Software Target 3.2: http://www.microsoft.com/windowsserver2008/en/us/WSS08/iSCSI.aspx
• Want to become an OEM?  See this site:  http://www.microsoft.com/windowsserversystem/solutions/specializedservers/
• OEMs, IHVs and ISVs can evaluate the product on MSDN or contact an account manager to get access to evaluations.

Well, I am sure glad we have released this product and I can’t wait until the next post for Windows Storage Server 2008. If you have any requests for blog posts or you have a feature wish, drop me a note and I’ll do what I can.

Cheers,
Scott M. Johnson
Program Manager
Windows Storage Server
Single Instance Storage
OEM Embedded NAS Appliances

I Windows Storage Server!!  Happy (belated) Valentine’s day! 

It’s a day late, but here is a little love for all the people in the field that need to solve storage problems. A new whitepaper is now available that will answer a ton of questions about Windows Storage Server 2008 R2 and the new iSCSI Software Target 3.3.

This white paper describes the features and technologies in Windows Storage Server, and how to create secure, extensible, scalable, and highly-available storage solutions, including file services, iSCSI block input/output (I/O), Web services, and print services workloads. This white paper is intended for IT professionals who design, deploy, and operate storage solutions.

Check it out here:  http://www.microsoft.com/downloads/en/details.aspx?FamilyID=b8a8edb3-832c-4bf0-a177-1bac8963d3fd

My favorite part of this paper are the new SMB testing numbers that have been released that show how our SMB2 protocol can handle many thousands of simultaneous users on a single system. Oh and with SMB 2.1, performance almost doubled on the same hardware just by moving from the Windows Server 2008 codebase to the Windows Server 2008 R2 codebase.  The combination of improvements in SMB2.1 and the new networking and storage stacks in 2008 R2 have really made a difference.

Cheers,
Scott M. Johnson
Program Manager

Checkout the PC-Pro review that just came out for the latest StorageWorks X1500, which is a Windows Storage Server 2008 R2 appliance. See the entire review here:   

HP StorageWorks X1500 G2 4TB review

This is another great HP offering bringing unified storage solutions for SMBs. The article highlights some of the capabilities that really make this solution rock. My favorite part is the fact that this can scale up to almost 3/4 of a Petabyte of storage! 

“Designed to provide NAS shares and application hosting over IP SANs, they’re ideal for those with limited expertise with network storage.

Built on top of a standard HP ProLiant ML330 G6 server. It comes with a quartet of 1TB SATA drives, and the hot-swap bays at the front have four empty slots ready for more. They’re managed by a Smart Array P410 PCI Express card that supports all eight bays, so you can add more drives as required.

If a potential 16TB of raw capacity isn’t enough, the server can take up to three Smart Array P812 PCI Express cards. When used to attach external HP storage arrays, these can boost capacity to a breathtaking 664TB”

I think this will be a popular system, reliable storage at great prices is the new trend. 

Cheers,
Scott Johnson
Program Manager
Windows Storage Server

Microsoft released the iSCSI Software Target 3.3 on the download center in April. I have seen many people download, try it out, and gave great feedback. We had a question raised about the policy for supporting iSCSI Target with initiator clusters using MPIO configurations. The support statement and relevant articles have been updated to remove this restriction. This blog will demonstrate a lab exercise that sets up a 2-node cluster with MPIO using iSCSI Target as the shared storage.

Test topology

I setup the following topology for testing:

Initiators are connected to the iSCSI Software Target using MPIO. To setup the entire topology, here are some good references:

1. Configure iSCSI Target and provide shared storage to the iSCSI initiators
2. Configure a failover cluster
3. Configure MPIO
4. Understand the MPIO feature
5. This whitepaper provides end to end clustering creation using iSCSI Target

How to setup MPIO

I followed the steps described in the guide to setup MPIO on both cluster nodes. Note: The only difference is that, each node already had 2 NICs, so I didn’t need to go through the steps in section “Setting a second IP on my hosts”.

How to verify MPIO setup on the iSCSI Initiator

To verify all the disks have two paths, I opened the iSCSI Initiator control panel applet, and checked the device path:

As you can see each disk listed in the Devices pane had 2 paths associated with it, as well as the MPIO policy. You can change the policy by click the dropdown box on the Device details page.

There is also a report you can generate by:

• Open Microsoft iSCSI Initiator, and then click the Configuration tab.
• Click Report.
• Enter the file name, and then click Save.

My report file looks like:

 

iSCSI Initiator Report
=======================
List of Discovered Targets, Sessions and devices
==================================================
Target #0
========
Target name = iqn.1991-05.com.microsoft:svr1-target
Session Details
===============
Session #1 <= first session to the target
===========
Number of Connections = 1
Connection #1
==============
Target Address = 10.10.0.51
Target Port = 3260
#0. Disk 2
========
Address:Port 3: Bus 0: Target 0: LUN 0
#1. Disk 4
========
Address:Port 3: Bus 0: Target 0: LUN 1
#2. Disk 5
========
Address:Port 3: Bus 0: Target 0: LUN 2
Session #2 <= second session to the target
===========
Number of Connections = 1
Connection #1
==============
Target Address = 10.10.0.51
Target Port = 3260
#0. Disk 2
========
Address:Port 3: Bus 0: Target 1: LUN 0
#1. Disk 4
========
Address:Port 3: Bus 0: Target 1: LUN 1
#2. Disk 5
========
Address:Port 3: Bus 0: Target 1: LUN 2

How to verify MPIO setup on the iSCSI Target

To view the session/connection information on the Target server, you need to use WMI. The easiest way to execute WMI queries is the WMIC.exe in the commandline window.

C:\>wmic /namespace:\\root\wmi Path WT_HOST where (hostname = "T2") get /format:list

Where T2 is my target object name.

A sample output is listed below with minor formatting changes. Comments have been added to help understand the output and a prefixed with “<=”:

instance of WT_Host
{
    CHAPSecret = "";
    CHAPUserName = "";
    Description = "";
    Enable = TRUE;
    EnableCHAP = FALSE;
    EnableReverseCHAP = FALSE;
    EnforceIdleTimeoutDetection = TRUE;
    HostName = "T2";
    LastLogIn = "20110502094448.082000-420";
    NumRecvBuffers = 10;
    ResourceGroup = "";
    ResourceName = "";
    ResourceState = -1;
    ReverseCHAPSecret = "";
    ReverseCHAPUserName = "";
    Sessions = {
instance of WT_Session    <= First session information from initiator 10.10.2.77
{
    Connections = {
instance of WT_Connection    <= First connection information from initiator 10.10.2.77, since the iSCSI Target supports only one connection per session, you will see each session contains one connection.
{
    CID = 1;
    DataDigestEnabled = FALSE;
    HeaderDigestEnabled = FALSE;
    InitiatorIPAddress = "10.10.2.77";
    InitiatorPort = 63042;
    TargetIPAddress = "10.10.2.73";
    TargetPort = 3260;
    TSIH = 5;
}};
    HostName = "T2";
    InitiatorIQN = "iqn.1991-05.com.microsoft:svr.contoso.com";
    ISID = "1100434440256";
    SessionType = 1;
    TSIH = 5;
}, 
instance of WT_Session    <=  Second session information from initiator 10.10.2.77 (multiple sessions from the same initiator as above
{
    Connections = {
instance of WT_Connection
{
    CID = 1;
    DataDigestEnabled = FALSE;
    HeaderDigestEnabled = FALSE;
    InitiatorIPAddress = "10.10.2.77";
    InitiatorPort = 63043;
    TargetIPAddress = "10.10.2.73";
    TargetPort = 3260;
    TSIH = 6;
}};
    HostName = "T2";
    InitiatorIQN = "iqn.1991-05.com.microsoft:svr.contoso.com";
    ISID = "3299457695808";
    SessionType = 1;
    TSIH = 6;
}, 
instance of WT_Session    <= First session information from initiator 10.10.2.69
{
    Connections = {
instance of WT_Connection
{
    CID = 1;
    DataDigestEnabled = FALSE;
    HeaderDigestEnabled = FALSE;
    InitiatorIPAddress = "10.10.2.69";
    InitiatorPort = 60063;
    TargetIPAddress = "10.10.2.73";
    TargetPort = 3260;
    TSIH = 10;
}};
    HostName = "T2";
    InitiatorIQN = "iqn.1991-05.com.microsoft:svr2.contoso.com";
    ISID = "2199946068032";
    SessionType = 1;
    TSIH = 10;
}, 
instance of WT_Session    <= Second session information from initiator 10.10.2.69

{
    Connections = {
instance of WT_Connection
{
    CID = 1;
    DataDigestEnabled = FALSE;
    HeaderDigestEnabled = FALSE;
    InitiatorIPAddress = "10.10.2.69";
    InitiatorPort = 60062;
    TargetIPAddress = "10.10.2.73";
    TargetPort = 3260;
    TSIH = 11;
}};
    HostName = "T2";
    InitiatorIQN = "iqn.1991-05.com.microsoft:svr2.contoso.com";
    ISID = "922812480";
    SessionType = 1;
    TSIH = 11;
}};
    Status = 1;
    TargetFirstBurstLength = 65536;
    TargetIQN = "iqn.1991-05.com.microsoft:cluster-yan03-t2-target";
    TargetMaxBurstLength = 262144;
    TargetMaxRecvDataSegmentLength = 65536;
};

As you can see in the above session information, each node (as the iSCSI initiator) has connected to the target with 2 sessions. You may have also noticed both sessions are using the same network path. This is because, when you configure iSCSI initiator, by default, it will pick the connection path for you. In the case of one path failure, another path will be used for the session reconnection. This configuration is easy to setup, and you don’t need to worry about the IP address assignment. It is good for failover MPIO policy.

If you want to use specific network paths, or want to use both network paths, you will need to specify the settings when you connect the initiators. You can do this by going to the “Advanced” setting page.

This configuration allows you to use specific IPs, and can utilize multiple paths at the same time with different MPIO load balancing policies.

A word of caution on using the specific IP for Initiator and Target, if you are using DHCP in the environment, and if the IP address changes after the reboot, the initiator may not be able to reconnect. From the initiator UI, you will see the initiator is trying to “Reconnect” to the target after reboot. You will need to reconfigure the connection to get it out of this state:

1. Remove the iSCSI Target Portal
2. Add the iSCSI Target Portal back
3. Connect to the discovered iSCSI Targets

Closing

This blog demonstrated setting up an initiator cluster with MPIO using a standalone iSCSI Target server. It is also possible to setup the iSCSI Target failover cluster. I am working on another blog to describe this configuration. Meanwhile, you can try it out yourself.