Archive for the ‘Windows Server 2012’ Category

Windows Server 2012 R2 Best Practices Analyzer #BPA #winserv

Did you know that the BPA is build-in in windows server 2012. In the old days you need to download al the BPA

http://www.microsoft.com/en-us/download/details.aspx?id=15556

But now in 2012 the BPA is build-in this is a great feature but did you know this I see al lot of items and some IT admins did not know the BPA feature.

You can check the BPA in powershell or in the GUI

The gui verson :

Go to the service manager and check local server  ( this is my test demo server so plenty of errors here )

image     image

Click on task ans click the BPA scan. and the output will be a nic listing of config items.

image

 

 

 

 

 

But there is more did you know you can do this with powershell .

Find the BPA Models are available

image

Get-BpaModel | Select Id

Id

Microsoft/Windows/ADRMS
Microsoft/Windows/CertificateServices
Microsoft/Windows/DHCPServer
Microsoft/Windows/DirectoryServices
Microsoft/Windows/DNSServer
Microsoft/Windows/FederationServices
Microsoft/Windows/FileServices
Microsoft/Windows/Hyper-V
Microsoft/Windows/LightweightDirectoryServices
Microsoft/Windows/NPAS
Microsoft/Windows/RemoteAccessServer
Microsoft/Windows/TerminalServices
Microsoft/Windows/UpdateServices
Microsoft/Windows/VolumeActivation
Microsoft/Windows/WebServer

 

SO all these models can be run on your server build-in easy and quick some scans are quick and some take a little time.

Invoke-BpaModel Microsoft/Windows/WebServer

 

image

 

 

 

 

 

View a summary of the BPA results by Severity

Get-BpaResult Microsoft/Windows/DNSServer| Group Severity

imageYou will see a list with all the items in the console.

 

 

 

 

 

 

 

 

View the details for all results with “Warning” severity level :

Get-BpaResult Microsoft/Windows/DNSServer| ? Severity -eq "Warning"

 

image

 

 

 

 

 

 

 

 

and if you want to exclude items

Set-BPAResult -IdSpecified Model Id-Exclude $true

 

these are just samples on how to start more options are available

yes easy if you know all the Command lets.

it is not that hard to start

get-comand *bpa*

image

 

 

 

 

 

these are all the commands you can use for BPA.

Cmdlet          Get-BpaModel                                      BestPractices
Cmdlet          Get-BpaResult                                      BestPractices
Cmdlet          Invoke-BpaModel                                 BestPractices
Cmdlet          Set-BpaResult                                      BestPractices

 

But what about remote computer ?

easy enter :

Enter-PSSession Yourcomputer -Credential administrator

the line is change now and will start with the server you used.

[mvpdc01]: PS C:UsersAdministrator.000Documents> Get-BpaModel

The Cloud OS: It’s Time! Today is the date that Windows Server 2012 R2 is GA (General Availability) #winserv #hyperv

You could already download windows server 2012 R2 from teched or msdn but now the R2 product is general availability

At the heart of the Microsoft Cloud OS vision, Windows Server 2012 R2 brings Microsoft’s experience delivering global-scale cloud services into your infrastructure. Windows Server 2012 R2 offers exciting new features and enhancements across virtualization, storage, networking, virtual desktop infrastructure, access and information protection, and more.

These are new Posters for Windows Server 2012 R2 including Hyper-v 3.0

 

Microsoft Windows Server 2012 R2 Hyper-V Component Architecture Poster and Hyper-V Mini-Posters

 

  • Generation 2 Virtual Machines GA
  • Hyper-V and Failover Clustering GA
  • Session Modes GA
  • Upgrading Your Private Cloud GA
  • Live Migration GA
  • Hyper-V Storage GA
  • Hyper-V Virtual Hard Disk Sharing GA
  • Windows Server 2012 R2 Hyper-V Component Architecture GA

 

Hyper-V Server is a dedicated stand-alone product that contains the hypervisor, Windows Server driver model, virtualization capabilities, and supporting components such as failover clustering, but does not contain the robust set of features and roles as the Windows Server operating system. As a result, Hyper-V Server produces a small footprint and requires minimal overhead. Organizations consolidating servers where no new Windows Server licenses are required or where the servers being consolidated are running an alternative OS may want to consider Hyper-V Server.

 

What’s New in Windows Server 2012 R2

This content focuses on changes that will potentially have the greatest impact on your use of this release.

Deploy an Active Directory Detached Cluster OR DNS Cluster OR non domain joined Windows Server 2012R2 Cluster one way ticket #winserv

In Windows Server 2012 R2 , you can deploy a failover cluster without dependencies in Active Directory Domain Services (AD DS) for network names. This is referred to as an Active Directory-detached cluster. Using this deployment method enables you to create a failover cluster without the previously required permissions for creating computer objects in AD DS or the need to request that computer objects are prestaged in AD DS.

When you create an Active Directory-detached cluster, the cluster network name (also known as the administrative access point) and network names for any clustered roles with client access points are registered in Domain Name System (DNS). However, no computer objects are created for the cluster in AD DS. This includes the computer object for the cluster (also known as the cluster name object or CNO) and computer objects for any clustered roles that would typically have client access points in AD DS (also known as virtual computer objects or VCOs).

To deploy an Active Directory-detached cluster, you must use Windows PowerShell. You cannot use Failover Cluster Manager. To create the failover cluster, start Windows PowerShell as an administrator, and then use the New-Cluster cmdlet with the –AdministrativeAccessPoint parameter set to a value of Dns.

But how to create such a cluster

New-Cluster SQLCL02 –Node mvpsql021,mvpsql022 –StaticAddress 10.255.255.12 -NoStorage –AdministrativeAccessPoint Dns

image

 

 

 

 

 

 

New-Cluster SQLCL02 –Node mvpsql021,mvpsql022 –StaticAddress 10.255.255.12 -NoStorage –AdministrativeAccessPoint Dns

the key is in the –AdministrativeAccessPoint

The option gives you the cluster you want.

PARAMETERS
    -AdministrativeAccessPoint <AdminAccessPoint>
        Specifies the type of administrative access point that the cmdlet creates for the cluster. The acceptable
        values for this parameter are:

        — ActiveDirectoryAndDns. The cmdlet creates an administrative access point for the cluster. The
        administrative access point is registered in DNS and enabled in Active Directory Domain Services.
        – Dns. The cmdlet creates an administrative access point for the cluster. The administrative access point is
        registered in DNS but is not enabled in Active Directory Domain Services.
       — None. The cmdlet does not create an administrative access point for the cluster. Some clustered roles and
        functionality might not be available for a cluster that does not have an administrative access point. Also,
        you cannot use Failover Cluster Manager to manage a cluster that does not have an administrative access point.

       

There is only one way to show the state of the cluster

(Get-Cluster).AdministrativeAccessPoint

image

 

 

 

 

 

 

But is a non domain joined CNO any usefull ?

Well I see no good reasons why you would do this.

You can set the type of administrative access point only when you create the cluster. You cannot change it after the cluster is deployed.

SO If you build a SQL cluster and later you think oh I need Kerberos there is NO PowerShell option

set-cluster –AdministrativeAccessPoint ActiveDirectoryAndDns

You will have to rebuild your cluster !

 

Cluster Workload Supported/Not Supported More Information

SQL Server

Supported

We recommend that you use SQL Server Authentication for an Active Directory-detached cluster deployment.

File server

Supported, but not recommended

Kerberos authentication is the preferred authentication protocol for Server Message Block (SMB) traffic.

Hyper-V

Supported, but not recommended

Live migration is not supported because it has a dependency on Kerberos authentication.

Quick migration is supported.

Message Queuing (also known as MSMQ)

Not supported

Message Queuing stores properties in AD DS.

In addition, be aware of the following issues for this type of cluster deployment:

  • BitLocker Drive Encryption is not supported.
  • Cluster-Aware Updating (CAU) in self-updating mode is not supported.
  • Tag