Windows Server 2012 R2 Evaluation Guide PDF

Windows Server
2012 R2
Evaluation Guide
Copyright Information
© 2013 Microsoft Corporation. All rights reserved. This document is provided "as-is."
Information and views expressed in this document, including URL and other Internet Web
site references, may change without notice.
Some examples depicted herein are provided for illustration only and are fictitious. No real
association or connection is intended or should be inferred.
You bear the risk of using it. This document does not provide you with any legal rights to any
intellectual property in any Microsoft product. You may copy and use this document for your
internal, reference purposes. You may modify this document for your internal, reference
purposes.
Published: 4 October 2013

Table of Contents
Using This Guide ....................................................................................................................... 1
Introduction to Windows Server 2012 R2 ................................................................................. 2
New Features and Highlights ........................................................................................................................ 2
Transforming Your Datacenter .................................................................................................. 7

Windows Server: Architecture of the Evaluation Environment .................................................................. 7
Windows Server Installation....................................................................................................................... 10
Windows Server Deployment ..................................................................................................................... 16
Capability Scenarios ................................................................................................................ 21

Windows Server Experiences...................................................................................................................... 21
Storage ........................................................................................................................................................ 23
Networking ................................................................................................................................................. 38
Server Virtualization ................................................................................................................................... 47
Server Management and Automation ........................................................................................................ 57
Virtualized Desktop Infrastructure ............................................................................................................. 68
Access and Information Protection............................................................................................................ 75
Server Essentials for Small Business ........................................................................................................... 84
Conclusion .............................................................................................................................. 97
Windows Server and the Datacenter.......................................................................................................... 97
Appendix: Advanced Windows Server Experiences .................................................................. 98

Server Essentials for Small Business ........................................................................................................... 98
Appendix: Windows Server Resources ................................................................................... 106

References for IT Professionals................................................................................................................. 106
3
Using This Guide
This guide gives you the necessary information to experience the datacenter built on System
Center 2012 R2 and powered by Windows Server 2012 R2. The objective is to help you build an
evaluation environment within your own datacenter and walk through the real-world guided
experiences described in this guide. In addition to the guided experiences, you’ll have the
flexibility to expand on the product functionality and learn more based on your business
requirements. Where indicated, some of the experiences are interdependent and build on
earlier experiences.
Architectural and installation guidance is provided with the minimum hardware requirements for
the evaluation environment. It is also possible to follow this guide and change the scenario to
your own environment and parameters.
Note: Some of the experiences in this guide have been created to showcase a
capability or feature of Windows Server 2012 R2 using methods designed for
streamlining the evaluation experience that may not be suitable for production. If
you plan to implement these features in production, follow the guidance found in
the corresponding pages on Microsoft TechNet.
Navigating the document on your terms

This document is designed to allow you to easily locate the information that is most relevant to
you. You will see buttons like the following throughout the guide, which enable you to link quickly
to the Table of Contents or the top of the main section you are reviewing.
Table of Capability
Contents Scenarios
Using This Guide 1

Introduction to
Windows Server 2012 R2
At the heart of the cloud datacenter, Windows Server 2012 R2 is the operating system that brings
Microsoft’s experience delivering global-scale cloud services into your infrastructure. Windows
Server 2012 powers many of the world's largest datacenters, enables small businesses around the
world, and delivers value to organizations of all sizes in between. The latest release includes new
features and enhancements across virtualization, storage, networking, and more.
Windows Server helps you build, deploy and scale applications and websites quickly, and with
more flexibility than ever before. Together with the Windows Azure public cloud and System
Center 2012 R2, it provides improved application portability between on-premises environment,
and public and service provider clouds, increasing capacity and effectiveness of your information
technology (IT) services.
Windows Server provides a scalable, highly available platform for mission-critical applications and
offers enhanced support for open standards, open source applications and various development
languages.
Reference Links
Windows Server 2012 R2 Find core content to evaluate, plan, deploy, manage,
troubleshoot, and support servers running Windows
Server 2012 operating system
New Features and Highlights

Using the new and enhanced features in Windows Server 2012 R2, you can improve performance
and more efficiently use datacenter capacity, helping you increase business agility.
Introduction to
Windows Server 2012 R2: New Features and Highlights 2
Windows Server delivers resilient, multi-tenant-aware storage and networking capabilities for a
wide range of workloads using industry-standard hardware. By automating a broad set of
management tasks, Windows Server 2012 simplifies the deployment of major workloads and
increases operational efficiencies.
Storage
Organizations face increasingly large amounts of data that must be managed cost effectively.
Windows Server helps you maximize your investments by getting better performance from your
existing storage area network (SAN) infrastructure. It also delivers the ability to build enterprise-
class storage infrastructure with commodity hardware.
Storage Spaces. Windows Server helps reduce costs and improve performance by consolidating
standard disks into pools that can be treated as standard drives within the operating system. The
logical disks, or Storage Spaces, can be configured for varying resiliency schemes and assigned to
different departments. As a result, organizations can simplify isolation and administration of the
storage infrastructure and improve performance, flexibility, scalability, and availability. With
Windows Server 2012 R2, data is automatically tiered across solid-state drives and hard-disk drives
based on usage patterns, to deliver the best performance for data that gets used the most.
Application support with Server Message Block (SMB) 3.0. By separating storage and compute
elements of virtual machines, organizations can move virtual machines without impacting storage
configurations. Windows Server enables this with SMB file shares for continuous availability using
standalone file servers and clustered file servers. Storage can be managed with Storage Spaces
and exposed as file shares for Hyper-V virtual machines and SQL databases. With SMB transparent
failover, even if one of the nodes goes down, SMB transparently fails over to another node
without downtime. Since SMB uses your existing network infrastructure, it also eliminates the
need for a dedicated network.
Data deduplication. A new storage efficiency feature of Windows Server 2012 R2 helps reduce
file storage requirements through variable-size chunking and compression. Windows Server will
automatically scan disks, identify duplicate chunks of data and store those chunks once.
Networking
Networking enhancements in Windows Server 2012 R2 make it easier to virtualize workloads,
improve security, provide continuous availability for applications, and get better performance out
of existing resources. Networking enhancements also bolster network isolation, which is key to
running multi-tenant environments. These enhancements can improve virtual machine density,
mobility, and availability.
Comprehensive approach to software-defined networking. Windows Server 2012 R2 delivers

several new capabilities for virtualized networks. With multi-tenant virtualization, datacenters can
isolate tenant resources without the need for expensive and complex changes to the physical
Introduction to
network infrastructure. Hyper-V Network Virtualization in Windows Server provides a layer of
abstraction between the physical networks that support the hosts, and the virtual networks that
support the virtualized workloads. As a result, datacenters can handle multiple virtual networks
with overlapping IP addresses on the same physical network and also move virtual machines
across virtual networks without having to reconfigure the underlying physical network.
Using the multi-tenant Hyper-V Network Virtualization gateway capabilities in Windows Server,
you can bridge virtualized networks with non-virtualized networks, service providers and Azure.
Hyper-V extensible switch. Window Server provides flexibility with advanced packet filtering and
routing. The Hyper-V extensible switch offers an open development framework for adding layer-2
functionality such as filtering, monitoring, and packet-level redirection required by the application
or tenant.
Network infrastructure enhancements. With automation, networks of virtualized data centers

and cloud environments become more agile, dynamically scalable and dispensable, and able to
enforce administrative controls. IP Address Management (IPAM) in Windows Server 2012 R2
implements several major enhancements, including unified IP address space management of
physical and virtual networks, as well as tighter integration with System Center 2012 R2 Virtual
Machine Manager (VMM). The IPAM feature provides granular and customizable role-based
access control and delegated administration across multiple data centers. IPAM provides a single
console for monitoring and managing IP addresses, domain names, and device identities. It also
supports advanced capabilities for continuous availability of IP addressing with Dynamic Host
Configuration Protocol (DHCP) failover, DHCP Policies, filters, and more.
Server virtualization
Organizations using Windows Server 2012 R2 gain increased flexibility for managing, moving and
replicating virtual machines and attached storage.
Live migration enhancements. Windows Server 2012 R2 delivers significant improvements for
moving virtual machines within the infrastructure. Admins can migrate virtual machines
simultaneously and use live storage migration capabilities to move the underlying virtual storage
while the virtual machine is running. With Shared Nothing Live Migration, administrators gain
complete control over virtual machine mobility; using only an Ethernet cable, they can move the
running state and the underlying virtual storage. In Windows Server 2012 R2, live migration with
compression makes it faster to move virtual machines by compressing virtual machine memory
before transferring it over the network. With Live Migration over SMB, the process of live
migration can be further accelerated by offloading the traffic processing to multiple RDMA-
capable network cards.
Enhanced Hyper-V Replica. Windows Server 2012 Hyper-V introduced a key disaster recovery
capability, Hyper-V Replica, for cost-effective virtual machine replication between hosts,
datacenters and clouds. In Windows Server 2012 R2, Hyper-V Replica offers more granular
Introduction to
replication frequencies. Organizations can choose from the existing five-minute frequency, a 30-
second frequency for near synchronous replication of mission critical workloads, or a 15-minute
frequency for less critical workloads. In addition, Hyper-V Replica now supports extended
replication, for replicating to a tertiary site, leading to multiple copies of important data and an
improved disaster recovery solution.
Online VHDX resize. With Windows Server 2012 R2, admins gain greater flexibility in their ability
to configure and manage the storage attached to virtual machines that are running. The online
VHDX resize capability enables admins to grow or shrink the virtual disk of a virtual machine
without downtime, providing improved flexibility and manageability.
Live virtual machine cloning. In previous releases, admins who wanted to clone a workload first
needed to shut down, then, export the virtual machines. With Windows Server 2012 R2, admins
can clone virtual machines that are running, including virtual machines with existing checkpoints.
These clones are useful for testing scenarios or troubleshooting an issue inside the guest
operating system, without the need for downtime.
Server management
New Windows PowerShell capabilities help you automate tasks to save time and effort.
Windows PowerShell 4.0. Every Windows Server administrative operation is now available
through the scriptable Windows PowerShell command shell interface. This support enables you to
automate repetitive tasks, freeing up resources.
Desired State Configuration. Desired State Configuration (DSC) is a Windows PowerShell

management platform that enables you to deploy and manage configuration data for software
services and the environment on which these services run. DSC provides a set of Windows
PowerShell language extensions, new cmdlets, and resources you can use to specify how you
want your software environment configured. It also provides a means for managing existing
configurations.
Find out more about how Windows Server helps organizations meet today's datacenter
challenges. Here are some of the new and enhanced features in Windows Server 2012 R2:
Storage Networking Server Virtualization
 Storage QoS  SMB Direct  Live migration using

 Storage Spaces (enhanced  Network Interface Card compression
to support storage tiering) (NIC) teaming  Live migration over RDMA
 Storage tiering  DHCP failover  Shared virtual hard disk
 Deduplication for Virtual  Extending to Azure  Online VHDX resize
Desktop Infrastructure
(VDI) virtual machines  Extending to service  Linux support
providers  Hyper-V Recovery Manager
 Resilient File System (ReFS)
 Multi-tenant Hyper-V
Introduction to
 Storage Management Network Virtualization  Extensible switch
Initiative Specification (SMI- gateway
 Multi-tenant Hyper-V Network
S) provides storage space  IP Address Management Virtualization gateway supports
provisioning for better
Server Management network virtualization using
integration with cluster and
System Center 2012 R2  Windows PowerShell 4.0 Generic Routing Encapsulation
Virtual Machine Manager isolation
 Desired State Configuration
 Virtual machine automatic
activation
Table of Capability
Contents Scenarios
Introduction to
Transforming Your Datacenter
This guide walks you through the steps to build a datacenter footprint with virtual machines, along
the way pointing you toward a rich set of resources available on the Microsoft TechNet website.
The virtual machines you create can be used to explore Windows Server and evaluate the hands-
on experiences that bring Windows Server capabilities to life.
As an option, you may choose to reduce the manual configuration effort by downloading a set of
Windows PowerShell scripts to help set up the virtual machines.
Windows Server: Architecture of the Evaluation Environment

This evaluation guide helps you explore some of the new capabilities of Windows Server 2012 R2.
To navigate through the evaluation experiences, we recommend you build an isolated
environment with two physical hosts running Windows Server to host the virtual machines
required.
Introduction to the evaluation environment

The following section presents a look at the architecture for the Windows Server evaluation
process.
For this evaluation, it is recommended that you use an isolated environment

that is not a part of your production network. The evaluation experiences in
this guide are designed to be performed on an isolated network as detailed in
Figure 1
Transforming Your Datacenter: Windows Server: Architecture of the Evaluation Environment 7

Figure 1: Evaluation environment for Windows Server 2012 R2
Prerequisites for the physical infrastructure
Hardware
The datacenter evaluation environment requires two host machines with at least two
physical NICs on each machine. The environment also requires hardware to support seven
virtual servers.
Physical servers
The following minimum physical servers are recommended to run the datacenter evaluation
environment, including the Windows Server experiences. Environments may differ, but this is the
minimum necessary to perform the tasks with decent performance:
Name CPU Memory Disk NICs

HOST1 2 sockets with 48 GB 1TB divided into a 120GB C: drive with 2
multiple cores the remainder as D: drive Physical
per socket NICs

Name CPU Memory Disk NICs
HOST2 2 sockets with 48 GB 1TB divided into a 120GB C: drive with the 2
multiple cores remainder as D: drive Physical
per socket 3x 120GB or greater unallocated NICs
HDD (required for the Storage and
Server Virtualization experiences)
Some important notes regarding the servers:
 The primary network adapter settings will be determined based on the current external
network environment.
 For the evaluation environment, the secondary network adapter uses a crossover cable to
direct- connect the two hosts on a private network. The subnet mask is 255.255.255.0. As
an alternative, you can also connect the secondary network adapters of both hosts to an
isolated switch environment.
Note: This set up will require some reconfiguration when running some
experiences.
 Both hosts should have static IPs.

 Reserve the IP ranges 192.168.1.0–192.168.1.99 for the isolated networking
environment.
 The servers need D:\ drives where the VMCreator.ps1 script will build the virtual
machines.
Software
You will be downloading evaluation versions of Windows Server 2012 R2 onto a test environment.
The evaluation software is not for production use. Following the evaluation period, you will need
to replace the operating system on your test computer and reinstall all your programs and data. It
is not possible to upgrade the evaluation to a licensed working version; a clean installation is
required.
Note: Hardware requirements include two hosts meeting the minimum

specification as detailed in this section under Hardware.
Operating System
Windows Server 2012 R2 http://technet.microsoft.com/en-
us/evalcenter/hh670538.aspx
Table of Transforming
Contents Your
Datacenter

Windows Server Installation
This evaluation guide helps you explore some of the new capabilities of Windows Server 2012 R2.
This section will describe the setup, configuration, and installation of the environment where you
will be performing the evaluation experience tasks.
Reference Links
Download Windows Server 2012 R2 Evaluation software
Installing Windows Server 2012 R2 Get information about installing the Windows
Server operating system, including any known
issues that you may need to work around
before starting an installation. It also provides
information that you can use to troubleshoot
problems that may occur during the
installation.
Install Active Directory Domain Services Get instructions on installing Active Directory
Domain Services (AD DS) through the new
Server Manager Wizard on Windows Server
2012.
Introduction to the evaluation scripts

To help you create virtual machines to support the evaluation experiences in this guide, you can
download evaluation scripts from the Microsoft website:
 Datacenter Evaluation Deployment Tool

You may use the evaluation scripts to build the six virtual machines required to support the
experiences in this guide, or you may create and configure the virtual machines manually. Using
the scripts can save hours of time and effort.
Note: The evaluation scripts build out the virtual machines to support the
included Windows Server experiences. You can edit the ExperiencesVariable.xml
file provided with the evaluation scripts to customize the configuration of the
virtual machines.
As an example, all scripts designate "Contoso.com" as the default domain and
"pass@word1" as the default password. To use another domain or password,
edit the scripts and replace "Contoso.com" and / or "pass@word1" with the new
domain name and password. In the following script files, initiate a Find and
Replace to replace "Contoso.com" and "pass@word1" with the new domain and
password.
 \ActiveDir\InstallNewForest.ps1
Transforming Your Datacenter: Windows Server Installation 10

 \ActiveDir\AddAccts.ps1
 ExperiencesVariable.xml
Setting up the environment requires two main steps:
1. Follow the manual steps to prepare the hosts.

2. Configure the virtual machines using one of the following two approaches:
 Deploy the evaluation virtual machines through manual configuration.
 Run the evaluation script VMCreator.ps1 to create and configure the virtual
machines.
This section walks you through the manual steps to prepare the physical hosts; the Windows
Server Deployment section will cover configuring the virtual machines.
Installation of the datacenter evaluation environment

Complete the following tasks to properly prepare the host computers for the evaluation
environment.
1. Set up host computers.

2. Create a virtual machine for the domain controller.
3. Configure the new domain controller.
4. Configure the two hosts.
5. Create VHDX Files.
TechNet articles are provided to assist in configuration processes.
Passwords
Important
All passwords in this evaluation guide are the same. For every account, use the password:
“pass@word1."
Set up host computers
The evaluation environment requires two hosts running Windows Server to support multiple
virtual machines. Setting up the host computers requires completing the following tasks:
 Install Windows Server 2012 R2.

 Add the Hyper-V role.
 Create a virtual switch.
 Configure the host network adapters.
Download and install Windows Server 2012 R2
Use these TechNet resources to install Windows Server on the two physical hosts.
 Download Windows Server 2012 R2

 System Requirements and Installation Information for Windows Server 2012 R2
Add Hyper-V roles
The Hyper-V role enables Hyper-V Manager, which is needed on both hosts to manage the virtual
machines. It is important that each host has identical virtual network settings. The environment
needs two virtual switches:
 Eval-External switch is a Hyper-V switch of type “external” that connects the two
hosts to your public-facing IPs.
 Eval-Internal switch is a Hyper-V switch of type “internal” that connects the virtual
machines to the Contoso domain through the internal isolated network or the domain
you choose to use for the experiences.
To add the Hyper-V role to both host computers and create virtual switches, see this TechNet
article:
 Install the Hyper-V Role and Configure a Virtual Machine
Note: Log onto each host and follow the directions in the article.
Create a virtual machine for the domain controller
You will first manually create the domain controller virtual machine on Host1, then run a script to
configure the domain controller virtual machine. To create the virtual machine, follow the
instructions in this TechNet Article: Install the Hyper-V Role and Configure a Virtual Machine (Step
2: Create a virtual machine).
1. Use the following data to manually create the domain controller on Host1:
a. Name: DC01.
b. Select the Store the virtual machine in a different location check box
and set the location to D:\VMs.
c. For Specify Generation, select: Generation 1.
d. Set Startup memory at 1024MB and select Use Dynamic Memory for
this virtual machine and set the maximum value to 2048.
e. Connection: the Eval-Internal Virtual Switch created when
configuring the hosts.
f. Under Connect Virtual Hard Disk, click Next.

g. Install Options: Install an operating system from a boot CD/DVD-ROM
and select Image File (.iso); then browse to D:\ISOs and select the ISO
for Windows Server 2012 R2.
h. Start the virtual machine and Install Windows Server 2012 R2.
i. Once Windows is fully installed and running, open System Properties and
rename the machine to DC01.
2. Set the DC01 IP address to 192.168.1.2.
Note: The ExperiencesVariable.xml sets the IP address for the DNS server to
192.168.1.2.
3. If you haven't already, click here to download the evaluation scripts, which will be
installed on your which will be installed on your C:/ drive unless you changed the
directory. The Datacenter Evaluation Deployment Tool.msi file downloads the
following scripts to the C:\temp\EvalScripts folder.
 An ActiveDir folder with scripts to help you set up the domain controller.
 VMCreator.ps1 is a script to build virtual machine
 ExperiencesVariable.xml contains settings used by the VMCreator.ps1
script to set up the virtual machines for the Windows Server experiences.
 You will also see, but not use,
 SysCenterVariable.xml file containing settings used to set up the virtual
machines for System Center experiences. (This script works with the
experiences in the System Center 2012 R2 Evaluation Guide.)
 Downloader.ps1 file to download the prerequisites needed to configure
System Center.
 Workflow.xml containing settings for the downloader script.
Note: If you are using the scripts, be sure to transfer the scripts to the host
before using, referencing the instructions in the following step.
4. Copy these scripts to the DC01 virtual machine: Using File Explorer, browse from DC01 to
Host1 and copy all of the scripts in C:\temp\EvalScripts\ActiveDir folder onto the DC01
virtual machine in the C:\Temp\EvalScripts\ActiveDir folder.
5. Open Windows PowerShell as Administrator, navigate to the directory and run scripts in
the following order. If you have changed the domain, be sure to adjust the last two
scripts.
 .\Add-ADPrereqs.ps1 – Note: This script will require a reboot when complete.
 .\Add-ADFeatures.ps1
 .\InstallNewForest.ps1– Note: This script will require a reboot when complete.
 .\AddAccts.ps1

Group policies
Once you create the domain controller and use the scripts, set up Group Policies using these
resources.
 Group Policy Overview

 Group Policy – Configuration for Firewall Policies
For this experience, create two Group Policy Objects (GPOs) at the domain level to enable and
disable settings:
 Create a GPO to disable the Windows Firewalls on the server machines on the Domain
Network.
 Create a GPO to enable remote desktop for easy access.
It is not necessary to disable Windows Firewall on all networks, just on the domain network. If you
choose not to create these GPOs, then you will need to manually disable the firewall rules for the
domain network and enable Remote Desktop on each machine.
Configure the two hosts
Connect the two hosts on Contoso domain or the domain you have chosen to use.
1. Either statically assign or reserve in DHCP the IP for NIC 01 of the hosts.
2. Subnet Mask for NIC 01 of the host is TBD based on user's environment.
3. Gateway for NIC 01 of the hosts is TBD based on user's environment.
4. Statically assign the IP NIC 02 of Host1 to 192.168.1.1.
5. Statically assign the IP NIC 02 of Host2 to 192.168.1.60.
6. Set the subnet mask of NIC 02 on both hosts to 255.255.255.0.
7. Leave the gateway of NIC 02 for both hosts blank.
8. Set the DNS Server addresses for both hosts to the DC01 IP of 192.168.1.2 for both NIC 01
and NIC 02.
9. Once complete, join the hosts to the Contoso domain or the domain you are using, which
will require a reboot of the host machines.
Set Remote Desktop properties
If necessary, set the Remote Desktop properties to allow users to remote to them. Share the
C:\Temp and D:\ folders from Host1.
The Windows Server open platform allows partners to extend the functionality beyond what is in
the platform.
Reference Links
Configure RemoteApp and Desktop Connection Properties

Create VHDX file
1. Download Convert-WindowsImage.ps1.
Note: The Convert-WindowsImage.ps1 file is available for download at

http://gallery.technet.microsoft.com/scriptcenter/Convert-
WindowsImageps1-0fe23a8f
2. Download the ISO files for Windows Server 2012 R2 .

3. Start File Explorer and create a VHD folder and VM folder on the D:\ drive on Host1.
4. Navigate to C:\temp folder and create a new directory with following name on
Host1: WindowsServer2012R2.
5. Use Convert-WindowsImage.ps1 to create the WS2012R2.vhdx file and place it in
\VHD folder on D:\ drive of Host1:
Note: Follow the directions on the Convert-WindowsImages1 page to run this

file on the host for the ISO. This creates the VHDX file in the D:\VHD folder.
6. Copy the D:\VHD folder on Host1 and paste on D:\VHD folder of Host2.
You are now ready to set up the virtual machines to help you explore the capabilities of Windows
Server 2012.
Contents Your
Datacenter

Windows Server Deployment
The process for building your datacenter infrastructure uses a combination of Hyper-V, failover
clustering, storage, and networking technologies to more easily create a Microsoft cloud
infrastructure. Windows Server 2012 R2 introduces a significant number of new features that
provide all of the required capabilities for building an effective cloud infrastructure in an open
platform. By taking advantage of automation, open-platform support, and a standards-based
approach, a Windows Server-based cloud infrastructure decreases the total cost of ownership and
reduces susceptibility to failures due to interoperability issues. The Windows Server open
platform allows partners to extend the functionality beyond what is in the platform.
References
Deploy Windows Server Find information that helps you deploy Windows Server 2012,
including:
2012
Server Core and Full Server Integration Overview
Configure and Manage Server Core Installations
Common Management Tasks and Navigation in Windows Server
2012
Virtual servers for the Windows Server evaluation experiences

If you haven't already, click here to download the evaluation scripts, which will be installed on
your desktop unless you changed the target directory.
Move the files to the C:\temp folder on Host1. You will be using these files to create and
configure the virtual machines for the experiences. The scripts work with Windows 8.1 and
Windows Server 2012 R2 operating systems.
Important
If you prefer to manually create the virtual machines and need instructions, see the Windows
Server Installation section of this guide, specifically Create a virtual machine for the domain
controller, and use the steps to create the virtual machines in Figure 2, modifying
specifications as needed.
Before you run the VMCreator.ps1 script, update the ExperiencesVariable.xml file included with
the scripts so that the secondary host name reflects the actual secondary host name. The
following is a segment of the ExperiencesVariable.xml file, in which you can see how you might
choose to adjust your domain credentials and target host.
Transforming Your Datacenter: Windows Server Deployment 16

<JoinDomain>
<Domain>contoso.com</Domain>
<Domain>contoso.com</Domain>
<Password>pass@word1</Password>
<Username>Administrator</Username>
</Credentials>
</JoinDomain>
<AdministratorPassword>pass@word1</AdministratorPassword>
</Default>
<VM Count="1">
<Host>Host2</Host>
<VMName>DB01</VMName>
<Memory>2048</Memory>
</VM>
<VM Count="2">
<Host>Host2</Host>
<VMName>Node01</VMName>
</VM>
<VM Count="3">
<Host>Host2</Host>
<VMName>Node02</VMName>
</VM>

<VM Count="4">
<Host>Host2</Host>
<VMName>Server1</VMName>
</VM>
<VM Count="5">
<Host>Host2</Host>
</VM>
<VM Count="6">
<Host>Host2</Host>
<Memory>
<Startup>8196</Startup>
<Minimum>8196</Minimum>
<Maximum>8196</Maximum>
<Buffer>20</Buffer>
</Memory>
</VM>
</VMs>
</Installer>
The VMCreator.ps1 script will create the virtual machines listed in Figure 2,
which includes the minimum hardware requirements for each virtual server
supporting the Windows Server 2012 R2 evaluation environment. The script sets

startup RAM for the virtual machines to 2GB (Server3 is the exception, with 8
GB). Memory is configurable through the ExperiencesVariable.xml to support
dynamic RAM.Note: The IP addresses are set in the ExperiencesVariable.xml file
and the VMCreator.ps1 script assigns each virtual machine a sequential IP
address. When deploying the infrastructure and working through the different
experiences, you may use your own IP addresses and better hardware. Modify
the ExperiencesVariable.xml file to change the starting IP address.
If you are working with different IP ranges, take into account that for some of the
experiences, you may need to change the ranges.
Name Main IP vCPU Dynamic Disk

memory
minimu
DB01 192.168.1.91 2 2m
GB 60 GB
Node01 192.168.1.92 2 2 GB 60 GB
Node02 192.168.1.93 2 2 GB 60 GB
Server1 192.168.1.94 2 2 GB 60 GB
Server2 192.168.1.95 2 2 GB 60 GB
Server3 192.168.1.96 2 8 GB 60 GB
Figure 2: Windows Server virtual machine specifications
Deploy the Windows Server evaluation environment

Deployment involves executing an evaluation script you downloaded and moved to the
C:\Temp\EvalScripts folder on Host1.
Open Windows PowerShell as Administrator, navigate to the following directory

C:\Temp\EvalScript and run the VMCreator.ps1 to create the virtual machines needed for the
evaluation.
 .\VMCreator –inputfile ExperiencesVariable.xml
Run VMCreator.ps1
The VMCreator script works with the ExperiencesVariable.xml to perform four different tasks:
1. Creates all the virtual machines needed to evaluate Windows Server.

2. Installs the appropriate operating system on the virtual machines.
3. Sets virtual machine IP addresses.
4. Joins the virtual machines to the Contoso domain (or the domain you are using).

Figure 3: Windows Server Experience virtual machines
After the script runs successfully, you will see the newly created virtual machines listed in Hyper-
V. Figure 3 shows a screen shot of the virtual machines on Host2. The Domain Controller, DC01, is
the only virtual machine on Host1.
At this point you will have the virtual machines set up for your evaluation environment and are
ready to test some of the experiences found in the Capability Scenarios section.
Contents Your
Datacenter

Capability Scenarios
With this guide you can discover new capabilities through a series of experiences based on the day-
to-day activities at a fictitious company, Contoso. Like other organizations, Contoso’s information
technology (IT) team is turning to a cloud datacenter environment to support the needs of its
internal customers. Among the team members at Contoso are Richard and Michael, who are
datacenter admins, and Sarani, a service admin. In the next pages, you’ll walk through a series of
business challenges and resolutions.
The experiences require the virtual machines specified in the Windows Server Deployment section
of this guide.
Windows Server Experiences

Storage
Experience: Build a storage infrastructure for your critical workloads
 Build an optimized file server using Storage Spaces and deduplication.

 Explore and configure highly available file servers.
 Create a Scale-Out File Server for SQL Server 2012.
Networking
Experience: Build a resilient network infrastructure
 Implement network teaming.

 Implement DHCP failover.
Server Virtualization
Experience: Build a virtualization infrastructure
 Create new virtual machines for use with live storage migration and Hyper-V Replica.
 Perform a live storage migration to Scale-Out File Server highly available share.
 Perform an online VHDX resize.
 Implement Hyper-V Replica.
Server Management and Automation

Experience: Use Server Manager and Windows PowerShell 4.0 to manage Windows Server
 Use Server Manager to manage multiple servers.

 Use Windows PowerShell to perform server management.
 Implement Windows PowerShell Web Access.
Capability Scenarios: Windows Server Experiences 21

Virtualized Desktop Infrastructure
Experience: Provide secure remote user access
Access and Information Protection

Experience: Provide secure document access
Server Essentials for Small Business

Experience: Windows Server Essentials management
 Enable the Essentials role.

 Manage users and groups in the dashboard.
 Manage devices in the dashboard.
 Configure health alerts and add-ins.
 Protect data.
Table of
Contents
Capability Scenarios: Windows Server Experiences 22

Storage
Get enterprise-class features on industry standard hardware
Roles: Technologies:
Infrastructure admin Windows Server 2012 R2
Features enabled in this capability
 Storage Spaces
 Storage tiering
 Data deduplication
 Scale-Out File Server
The demand for storage continues to grow each year. Organizations are challenged to keep up
with the demand while remaining within budget and are increasingly turning to enterprise-class
storage class solutions that run on industry-standard hardware.
The Contoso infrastructure administrator, Richard, needs a storage solution that's both fast and
resilient. He has been tasked with increasing the company’s storage capacity in order to
accommodate growth and potential acquisitions. He also needs to create a storage infrastructure
that will allow for continuous availability of virtual machines and can store critical apps, even
during mobility scenarios.
Capability Scenarios: Storage 23

Contoso has a significant investment in local storage, both iSCSI and Just a Bunch of Disks (JBOD),
and has not allocated a budget for more.
The company’s current storage hardware consists of multiple SAS and SATA drives acquired over
the years. These drives were manufactured by different vendors and have different capacities and
performance specifications. This hardware is physically located in different computer rooms and
offices throughout the company. Some drives are collocated with the departments that use them,
while others are remote.
Richard needs to:
 Implement storage tiering in order to optimize use of current storage and improve storage
performance.
 Separate storage and compute elements of virtual machines, gaining the ability to
move virtual machines without moving the storage.
 Avoid disruptions in application and data availability.
 Keep the administration of the increased storage infrastructure as simple and inexpensive as
possible.
By using Windows Server 2012 R2, Richard is able to maintain application and data availability on
the company’s current storage infrastructure without increasing costs. The storage tiering
capability of Windows Server automatically identifies hot data—the data that changes most often
on the disk—and moves it to Tier 1 (SSD) storage while keeping cold data on Tier 2 (SAS) storage.
Constantly monitoring data usage, Windows Server moves any hot data that turns cold to slower
storage, and vice versa, with no administrator intervention needed. As a result, Richard finds it
easier to access storage than in the past.
Storage Spaces gives Contoso the ability to consolidate its SAS and SATA disks—whether they are
SSDs or traditional HDDs—and consolidate them as storage pools. Once Richard has created these
pools, he can create logical disks from them, called Storage Space virtual disks, which Windows
applications recognize as standard drives. Next, he can assign storage pools to different
departments within Contoso to keep data isolated and administration easy. Storage Spaces
enables Richard to increase storage utilization for Contoso without having to buy more storage
devices, and it provides secure, reliable data backup.
The following experience shows you how to build a storage infrastructure for critical workloads.
Experience: Build a storage infrastructure for your critical workloads

Windows Server 2012 R2 introduces the ability to leverage SMB-based storage for server
applications such as SQL Server and Hyper-V. In this experience, you will explore and implement a
storage local area network (LAN). A storage LAN consists of a Windows Server file server cluster

which is configured for continuous availability, with transparent failover, and SMB Multichannel on
a dedicated IP subnet. Here are the tasks you will undertake:
 Build an optimized file server using Storage Spaces and deduplication.

 Explore and configure highly available file servers.
 Create a Scale-Out File Server for SQL Server 2012.
Prerequisites
This experience requires additional software setup and hardware may require augmentation.
 You will need two additional virtual network adapters for DB01.
 You will need to download and install SQL Server 2012 SP1.
Reference Links
For additional guidance, see the following TechNet article:
Installing the Failover Cluster Feature and Tools in Windows Server 2012
Creating a Windows Server 2012 Failover Cluster
Part 6. Setting up a Windows Server 2012 Cluster and Placing Virtual Machines into a Hyper-V
Cluster on Windows Server 2012
Before beginning this experience, create checkpoints of all your virtual machines.
To do this, right-click on the virtual machine and select Create Checkpoint. This
will enable you to restore to a clean environment if required. Checkpoints use up
resources and will impact system performance.
Build an optimized file server using Storage Spaces and deduplication
In this experience, you will walk through the creation of a new storage-optimized file server using
Storage Spaces and deduplication. Such tasks enable Richard to provide a robust and resilient
storage infrastructure using Industry-standard storage. Deduplication will enable Richard to
compress the actual storage used to the unique sectors on disk.
Create a Storage Space
In this task, you will create a Storage Space from four disks attached to the server computer. In
this experience you will be doing this with four additional virtual disks attached to a virtual
machine, in production you would do this using a JBOD disk array that is attached to a server
computer.
A Storage Space will allow you to take physical disks attached to a server and create a pool of
storage that you can then allocate to create virtual disks that support different types of parity for
resiliency, and flexibility.

To prepare for this task, you will need to create four unallocated VHDX disks and attach them to
the Node01 virtual machine under the virtual SCSI Controller Hardware as detailed in the
following steps.
1. Log into Host2 and bring up Hyper-V Manager.

2. Right-click on Node01 virtual machine and select Settings. If Node01 is running, shut
down the virtual machine prior to proceeding.
3. In settings, select SCSI Controller and Select Hard Drive, and click Add.
4. Under the Virtual hard disk selection click New.
5. On the Before you Begin page, click Next.
6. On the Choose Disk Format page, select VHDX and click Next.
7. On the Choose Disk Type page, select Dynamically Expanding, and click Next.
8. On the Specify Name and Location page, for Name enter Node01_Disk1 and for location
enter D:\VMs\Node01\Virtual Hard Disks\.
9. On the Configure Disk page, use the pre-defined defaults, and click Next.
10. On the Completing the New Virtual Hard Disk Wizard page, click Finish.
11. Repeat steps 3-10 till you have four SCSI VHDX disks attached to the server, naming
them Node01_Disk(disk number).
12. Once you have attached all four SCSI VHDX start the virtual machine.
13. Repeat steps 1-12 for Node02. Naming the disks Node02_Disk(disk number).
Create a resilient pool of disks
Begin this step logged on to Node01 as Contoso\Administrator using the password

pass@word1or the credentials for the domain you created.
1. Open Server Manager.
2. Select Manage from the top menu and select Add Roles and Features.
4. On the Select installation type page, select Role-based or feature-based installation and
click Next.
5. On the Select destination server page, Select Node01from the Server pool and click
Next.
6. On the Select server roles page, select the File and Storage Services role and check
the File and iSCSI Services role. Once you have selected the role, expand it, and
manually select the Data deduplication sub-feature and click Next.
7. On the Features page, click Next.
8. On the Confirm installation selections page, click Install.
9. Once the Role has been installed, click Close.
10. In the left navigation of Server Manager, click File and Storage Services, and then click
Storage Pools.

Note: Server discovery must complete before this area is populated with data.
This may take a few minutes.
11. Under Storage Spaces, click Primordial.

12. Right-click Primordial, and then select New Storage Pool.
14. On the Storage Pool Name page, in Name, type DAS-Pool, then select the Primordial disk
for Node01 and then click Next.
15. On the Physical Disks page, check the check boxes for PhysicalDisk1, PhysicalDisk2,
PhysicalDisk3, and PhysicalDisk4, and then click Next.
16. Click Create, and then click Close.
Richard has now used Storage Spaces to create a resilient pool of disks that he can leverage for his
virtual machines, SQL Servers, and file storage. These resources can now be shared by multiple
users or applications through SMB 3.
Create a deduplicated volume
Create a deduplicated NTFS volume
Richard wants to ensure that he is only using disk space for unique sectors of disk. With the
deduplication capability of Windows Server 2012, Richard can take data stored on disk and shrink
the space used to only unique sectors. This can save space for files at rest. Richard can also use
deduplication for VDI environments as well.

pass@word1 or the credentials for the domain you created.
1. In Server Manager, right-click DAS-Pool.

2. Click New Virtual Disk.
4. On the Storage Pool page, click DAS-Pool, and then click Next.
5. On the Virtual Disk Name page, in Name, type User-File-Storage, and then click Next.
6. On the Storage layout page, click Mirror, and then click Next.
7. On the Provisioning page, click Thin, and then click Next.
8. On the Size page, in Virtual disk size, type the size in GB you wish to make the Virtual
Disk, and then click Next.
9. Click Create, and then click Close.
11. On the Select the server and disk page, click Next.
12. On the Specify the size of the volume page, click Next.
13. On the Assign to a drive Letter or folder page, click Next.

14. On the Select file system settings page, in File System, select NTFS, and then click Next.
15. On the Enable data deduplication page, from the drop down menu, select Virtual
Desktop Infrastructure (VDI) server.
16. In the Deduplicate files older than (in days) box, type 0, and then click OK.
Create a new user file share
Use Server Manager to create a new file share to hold user files on the newly-created
deduplicated Storage Space.

1. In Server Manager, click Shares.
2. Click Tasks, and then click New Share.
3. On the Select the profile for this share page, select SMB Share – Quick and click Next.
4. On the Select the server and path for this share page, click Node01, and then in Select
by volume, click D: and then click Next.
5. On the Specify the share name page, in Share name, type User-Docs, and then click Next.
6. Click Next on all remaining screens, using the pre-defined defaults and then click Create.
7. Click Close.
8. Using Windows Explorer, navigate to \\Node01\User-Docs.
Test and validate deduplication
Place a large number of duplicate files on this new share, and ensure the files consume the
minimum required space by implementing deduplication and forcing a deduplication job.

1. In Windows Explorer, browse to \\Node01\User-Share and create a folder named User1.
2. In Windows Explorer, browse to \\Node01\User-Share and create a folder named User2.
3. On the taskbar, click Windows PowerShell.
4. Type the following commands, pressing ENTER after each one.
↪ Copy c:\Windows\System32\drivers \\Node01\user-docs\user1 -
Recurse
↪ Copy c:\Windows\System32\drivers \\Node01\user-docs\user2
- Recurse
↪ Enter-PSSession Node01
↪ Get-Command *Dedup*
↪ Get-DedupStatus
↪ Start-Dedupjob –Volume D: –Type Optimization

↪ Get-DedupJob
↪ Get-DedupStatus
Note: The deduplication has saved 63 MB of space.
↪ Exit-PSSession
With deduplication in Windows Server 2012, Richard has found a way to shrink storage utilization and
efficiently store data for his end users.
Delete your Storage Pool and remove your four attached SCSI drives from Node01
before moving on the next task.
Explore and configure highly available file servers
In this task, explore the configuration of a highly available file server configured to provide
services such as SMB Multichannel and SMB transparent failover, a feature that Richard can use to
keep databases and virtual machines available and online in case of network and server issues.
Richard will also use a new feature of Windows Server 2012 R2 to create shared VHDX files to
support a guest operating system cluster allowing Richard to truly separate the physical
infrastructure from his virtual infrastructure.
Prerequisites
This task requires additional hardware:
 On Host2, a minimum of three physical drives (which was detailed in the table describing
hardware recommended for the experiences), each with at least 120 gigabytes (GB)
capacity, are required to create a storage pool to represent a failover cluster using the
following steps.
Prepare infrastructure for failover cluster
Windows Server 2012 R2 introduces a new way to present shared storage to a Hyper-V guest for
failover clustering. This new method uses shared VHDX files as shared storage for the guest
cluster. For production environments, shared VHDX files can only be stored on a physical cluster’s
Cluster Shared Volume (CSV), or an exposed SMB share from a Scale-Out File Server due to
redundancy issues as described in this TechNet article, Virtual Hard Disk Sharing Overview.
Next, you will walk through the steps to configure a demo of shared VHDX using a physical
computer with three virtual machines: First, review the names, roles, and IP addresses for the
computers required:

Name Main IP vCPU Memory Disk
DB01 192.168.1.91 2 2 GB 60 GB
Node01 192.168.1.92 2 2 GB 60 GB
Node02 192.168.1.93 2 2 GB 60 GB
Server1 192.168.1.94 2 2 GB 60 GB
Server2 192.168.1.95 2 2 GB 60 GB
Server3 192.168.1.96 2 8 GB 60 GB
Important
For production environments, shared VHDX requires a physical cluster shared storage
provided through either a CSV, or Scale-Out File Server SMB Share. For demonstration
purposes, the shared storage capability on a single host is emulated as a substitute for a CSV
or Scale-Out File Server SMB Share.
Install required roles and features on Host2
To support shared VHDX, install the clustering feature on Host2 to ensure the proper drivers are
on the system.
Begin this step logged on to Host2 as Contoso\Administrator using the password

1. Install the Failover Cluster Feature and Tools on Host2 by referencing this
TechNet article: Installing the Failover Cluster Feature and Tools in Windows
Server 2012.
2. Repeat step 1 for Node01 and Node02.
Create volume E: using the unallocated HDDs
Pool the three unallocated disks that are physically attached to Host2 and create a Storage Space,
which you can then use to create the E:\ drive to store the shared VHDX files.

Create a storage pool using unallocated HDDs
Storage Pools.
2. Under Storage Spaces, click Primordial.

3. Right-click Primordial and select New Storage Pool.
5. On the Storage Pool Name page, in Name, type HostClusterPool, then select Primordial
disk for Host2 and click Next.
6. On the Physical Disks page, check the check boxes for PhysicalDisk1, PhysicalDisk2, and
PhysicalDisk3, and then click Next.
7. Click Create and click Close.
Create a virtual disk on the storage pool
Storage Pools.
2. Under Storage Spaces, click HostClusterPool.
3. Right-click HostClusterPool, and then select New Virtual Disk.
5. Select HostClusterPool from the available Storage Pools and click Next.
6. On the Specify the virtual disk name page, name the disk HostClusterVD and click Next.
7. On the Select the storage layout page, select Mirror and click Next.
8. On the Specify the provisioning type page, select Fixed and click Next.
9. On the Specify the size of the virtual disk page, select Maximum size and click Next.
10. On the Confirm selections page, click Create, and then click Close.
Create a volume on the virtual disk
Storage Pools.
2. Under Virtual Disks, click HostClusterVD.

3. Right-click HostClusterVD, and select New Volume.
5. On the Select the server and disk page, select HostClusterVD on Host2 from the
available Servers and Disks and click Next.
6. On the Specify the size of the volume page, use the default values populated (maximum
size) and click Next.
7. On the Assign to a drive letter or folder page, select Drive Letter and select E from
the drop- down menu and click Next.
8. On the Select file system settings page, select NTFS for the file system and Default
for the allocation Unit size, name the volume HostClusterVolume and click Next.

9. On the Enable Data Deduplication page, select Virtual Desktop Infrastructure (VDI)
server and leave the other fields at the default values, and click Next.
10. On the Confirm selections page, click Create, and then click Close.
Create shared VHDX files for the Scale-Out File Server cluster
Before you can create and attach the shared VHDX files, load the filter driver to allow the
experience environment to support the shared VHDX.
Important
In this storage experience, you will implement Shared VHDX, a new Windows Server 2012
R2 Hyper-V storage feature that allows you to simulate a shared SCSI bus for SAN storage.
Shared VHDX should only be used in a production environment with high-performance,
external JBOD SAS storage. In this experience, the SAS storage is simulated by local storage
due to resource constraints in the evaluation environment.
Manually load the filter driver for volume E:\
1. On the taskbar, right-click Windows PowerShell and run as administrator.

2. Type the following command, pressing ENTER at the end of the line
↪ fltMC.exe attach svhdxflt E:\
Note: Manual attach is not supported (test only) and is not saved across
reboot. You will have to re-issue the command after each reboot.

1. Open Hyper-V Manager.
2. Select New->Hard Disk from the Action pane on the right-hand side .
6. On the Specify Name and Location page, for Name enter HCSV_Disk1 and for location
enter E:\VHDs\.
7. On the Configure Disk page, set the size to 40GB, and click Next.
9. Repeat steps 2-10 untill you have seven SCSI VHDX created, naming them
HCSV_Disk(disk number)
Add the seven data VHDX files to each of the two virtual machines, with sharing option
enabled.

1. Log into Host2 and bring up Hyper-V Manager.
2. Right-click on Node01 virtual machine (if Node01 is running, shut down the virtual
machine prior to proceeding) and select Settings.
3. In settings, select SCSI Controller and Select Hard Drive, and click Add.
4. Under the Virtual hard disk selection click Browse.
5. Browse to E:\VHDs\ and select HCSV_Disk1 and click Open.
6. Under SCSI Controller for the hardware for Node01 settings, expand the Advanced
Features for HCSV_Disk1 and select the Enable Virtual Hard Disk Sharing check box.
7. Click Apply.
8. Repeat steps 3-6 for all seven VHDX disks for Node01.
9. Start Node02 logged in as Contoso\Administrator.
10. Open the Disk Manager by using the Windows Key + X and selecting Disk Management.
11. Right-click on each of the unallocated HDDs you see in the Disk Manager and bring them
Online and Initialize them.
12. Repeat for all of the unallocated drives.
13. Repeat steps 2-12 for all VHDX disks on Node02
Configure the Scale-Out File Server cluster
Now, with the shared VHDX files attached to Node01 and Node02, Richard can create the Scale-
Out File Server cluster which will provide the storage for his SQL Server in a resilient and highly
available manner.
Validate cluster

1. On the taskbar, right click Windows PowerShell and run as administrator.
2. Type the following command, pressing ENTER at the end of the line.
↪ Test-Cluster -Node Node01, Node02
Create cluster
Begin this step logged on to Node01as Contoso\Administrator using the password

1. On the taskbar, right click Windows PowerShell and run as administrator.

2. Type the following command, pressing ENTER at the end of the line.
↪ New-Cluster –Name VirtualCluster -Node Node01, Node02
- StaticAddress 192.168.1.31
Add storage pool to cluster shared volumes
Begin this step logged on to Node01as Contoso\Administrator using the password


1. Open Failover Cluster Manager and expand Storage.
2. Under Storage, select Pools, and select New Storage Pool from the Action Pane.
4. On the Specify a storage pool name and subsystem page, and type VirtualPool for the
name of the Pool and click Next.
5. On the Select physical disks for storage pool page, select all of the Physical Disks and click
Next.
6. On the Confirm selections page, click Create and then Close.
Create a Scale-out File Server for SQL Server 2012
In this experience, you will create a new virtual disk in the ClusterStoragePool that will be used as
the back end storage for a Scale-out File Server. The Scale-out File Server will host this virtual disk
as the back end of a continuous availability share, which you will use to store SQL Server 2012
user database files. The continuous availability share can be moved from one node to another
without going offline, which makes it ideal for SQL Server 2012 database files which have to stay
online during any mobility scenario of the virtual machine.
Create a new virtual disk for use in this experience

1. Open Hyper-V Manager and connect to Node01.

2. On Node01, open Server Manager.
3. Expand File and Storage Services, and verify you have a Storage Pool named VirtualPool.
4. Select VirtualPool, right-click on the Virtual Disks pane, and select New Virtual Disk.
5. Click Next.
6. Click Next.
7. Name the new virtual disk DB01_CSV and click Next.
8. Click Next to accept Simple resiliency.
9. Set the size to 15 GB and click Next.
10. Click Create, then click Close.
Initialize and format the DB01_Store disk
1. The New Volume Wizard should automatically start.

2. Click Next.
3. Select the virtual disk DB01_CSV and click Next.
4. Click Next on Size page, accepting predefined values.
5. Select Do Not Assign a Drive Letter and click Next.
6. For the Volume Label, type DB01_CSV and click Next.

7. On Data Deduplication page ,click Next.
8. When the format is done, click Close.
Create a new Scale-Out File Server
1. Start logged onto Node01 as Contoso\Administrator.

2. Open Server Manager, if it's not already open.
3. From the Tools menu, select Failover Cluster Manager.
4. From Failover Cluster Manager, expand Storage→Disks.
5. You should see DB01_CSV as available storage.
6. Right-click on DB01_CSV and select Add to Cluster Shared Volumes.
7. The disk should now indicate it's assigned to Cluster Shared Volumes.
8. Right-click on Roles and select Configure Role.
9. Click Next.
10. Select File Server and click Next.
11. Select Scale-Out File Server for Application Data and click Next.
12. Name it SOFS-SQL and click Next.
13. Click Next on confirmation page
14. Click Finish
15. Stay logged onto Node01 for the next task.
Note: You should now see SOFS-SQL in the roles. It may take a minute or two
for provisioning and propagation to Node02. Wait for the role to come online.
Note: Verify that the cluster object (VirtualCluster) has “create

computer” rights in the OU in which the cluster nodes and
objects reside.
Create a new Scale-Out File Server Share
1. Start logged onto Node01 as Contoso\Administrator with Failover Cluster Manager open.
2. Right-click on SOFS-SQL and select New File Share.
3. For the type, select SMB Share Applications and click Next.
4. For the Server, select SOFS-SQL and for the volume, select the 15GB CSV partition you just created
and click Next.
5. Name the share SQLData and click Next
6. Click Next on Configure Share Setting (Continuous Availability should already be selected).
7. Click Customize Permissions.
8. Click Add and then click Select a Principal.
9. Click Object Types.
10. Check the Computers check box, then click OK.
11. Type DB01 and then click OK.
12. If Multiple Names found, click DB01, and then click OK.

13. Check the Full Control check box, and then click OK.
14. Click OK to save ACL settings.
15. Click Next.
Configure SQL Server to use the Scale-Out File Server share for user database files

1. Open Hyper-V Manager and connect to DB01.
2. Logon to DB01 as Contoso\Administrator.
3. Run \\SOFS-SQL.
4. You should see the SQLData share.
5. Open SQL Server Management Studio (from the SQL Server 2012 tile group).
6. Attach to the database engine using your current credentials (Contoso\administrator).
7. Expand Databases.
8. Right-click on Databases and select New Database.
a. For the database name use: CA-Test.
b. For the data file path use \\SOFS-SQL\SQLDATA.
c. Click OK to create the database.
9. Run \\SOFS-SQL\SQLDATA and you should see the CA-Test database file.
10. Click New Query.
11. Type or paste in the following script and run it to create a table with a few rows of data
Use [CA-Test]
Go
Create Table tbl_CAtest (First Name varchar (10),

LastName varchar (10))
On [primary]
Go
Insert tbl_CAtest (FirstName, LastName) Values

('John','Doe')
Insert tbl_CAtest (ID, FirstName, LastName) Values
('Mary','Jane')
Insert tbl_CAtest (ID, FirstName, LastName) Values
('Mike','Smith')
12. Press F5 to run the statement.
13. Type in the following command to run a query that returns data from the CA-Test DB.
Select * from tbl_CAtest

14. Press F5 to run the query. If you hold the F5 key down it will continually run.
15. Keep your query window up and switch to Node01, Failover Cluster Manager.
16. Right-click on the SOFS-SQL role and select Move and move the SOFS-SQL role to Node02.
17. Go back to DB01 and verify that you can still query the data file.
Continue on to the Networking experience, which builds on your work in the Storage
section above. First, Merge the checkpoints into the respective virtual machines by
deleting the checkpoints made earlier.
Table of Capability
Contents Scenarios
Scenario

Networking
Build a resilient network infrastructure

System Center 2012 R2
Virtual Machine Manager
Windows Azure
 Network virtualization.
 NIC teaming.
 Advanced software-defined networking.

 Load balancing and failover (LBFO).

Networking is a crucial component of nearly all computing environments. The IT professional
faces increasing network demands driven by the exponential growth of data worldwide, and
private and public cloud implementations that reflect the expanding appetite of users for
streaming video, social media, virtual reality and games, or line of business applications and
databases. Networks today must support multiple tenants with conflicting IP addresses and offer
continuous availability.
Contoso’s IT department faces networking challenges based on growing pains. Its IT infrastructure
administrator, Richard, needs to merge the network of a newly-acquired company into the
Contoso network.
The acquisition company is located in another city, its network equipment is based on old
networking protocols, and its servers run on Linux rather than the Windows servers that Contoso
uses. The acquisition’s data protection system does not meet Contoso’s requirements, lacking both
failover protection and backup capability. Employees back up their data themselves manually onto
thumb drives. Also, the acquisition has a custom data application that runs on a company server,
but this application needs to access Contoso data maintained on servers at multiple Contoso
facilities.
Capability Scenarios: Networking 38

On the positive side, the new company’s network has more capacity than it needs. Richard wants
to take advantage of this and allocate the excess for use by the Contoso network.
With Microsoft Windows Server 2012 R2, Richard is able to merge the networks. The solution
helps him address networking challenges using a number of Windows Server features and
components:
 Windows Server reduces the complexity of network infrastructure and simplifies

migration across clouds with full IP portability.
 NIC teaming provides fault tolerance by enabling multiple network interfaces to work
together as a team, preventing connectivity loss if one network adapter fails. NIC
teaming also enables bandwidth aggregation, enabling IT to combine bandwidth from
multiple network adapters, a feature Richard uses to improve throughput. Richard can
also take advantage of the in-box NICs on his servers now to provide switch-
independent load balancing and failover.
 IP address management (IPAM) enables Richard to centrally manage IP addresses,
domain names and device identities across Contoso and its virtualized networks,
preventing conflict and resulting DNS issues.
 Advanced software-defined networking gives control over the network to an
application so that applications can request network resources.
 Hyper-V Network Virtualization integrates the two networks and enables the
acquisition network to use the Contoso failover and backup systems for protection,
making the custom application resilient to underlying hardware failure and maintaining
high service level agreements (SLAs).
Richard executes additional tasks with System Center 2012 R2 Virtual Machine Manager (VMM)
and Windows Azure. (Learn more about these technologies in the System Center 2012 R2
Evaluation Guide.)

 Windows Azure provides reliable, transparent cross-premise connectivity for
networking, allowing the Contoso and acquisition networks to share data and storage.
 System Center VMM manages the combined network, allowing Richard to give
Contoso employees access to the acquisition’s custom application.
Windows Server enables Richard to merge the acquisition network with Contoso’s, make
applications available across the combined network, and manage the combined network.
Take a look at one experience that can help you learn to build a resilient network infrastructure.
Experience: Build a resilient network infrastructure

In this experience, Richard will use technologies to create a more resilient network infrastructure.
 Implement network teaming

 Implement DHCP failover
Prerequisites
This experience builds on the steps in the Storage experience. Complete that section first.
Before beginning this experience, create checkpoints of all your virtual machines.
To do this, right-click on the virtual machine and select Create Checkpoint. This
will enable you to restore to a clean environment if required. Checkpoints use up
Implementing network teaming
Richard sets up network teaming to ensure his Hyper-V host servers remain online in the event of
a physical network fault or cable fault. The feature enables multiple network interfaces to work
together as a team, preventing connectivity loss. Windows Server 2012 includes a native network
teaming provider which can team adapters of any type from any vendor without need for vendor-
specific software or configuration.

2. Right-click on Server1, and select Settings. If the virtual machine is running shut it down before
proceeding.
3. From the Settings menu, select Add Hardware. From the list of available hardware to add to your
virtual machine, select Network Adapter and click Add.
4. In the Network Adapter settings dialog for your new adapter, select Eval-External for your Virtual
Switch and click OK.
5. Start the virtual machine.
6. Repeat steps 2-6 for Server2.

Create a new network team with Server Manager
In this step, you will create a network team on Server1 using the user interface.
Begin this step logged on to Server1 as Contoso\Administrator using the password


2. In Server Manager, click All Servers.
3. Right-click Server1, and then click Configure NIC Teaming.
4. In Adapters and Interfaces, highlight the two connected network adapters.
Note: The network adapters may be labeled differently depending on your

hardware. Names such as Local Area Connection or Ethernet are common.
5. Click Tasks, and then click Add to New Team.

6. In Team Name, type NIC-TEAM, and then click OK.
Note: Creating the NIC team will take about 30 seconds. This uses a remote
session, with a delay while the new IP address and DNS entries are completed
before the status updates. When performed locally, this takes seconds.
Create a new network team with Windows PowerShell
In this step, you will create a network team on Server2 using Windows PowerShell.

1. Open Windows PowerShell as Administrator.
2. Type the following command, and then press ENTER. Press A when prompted.
↪ New-NetLBFOTeam –Name NIC-TEAM –TeamMembers (Get-
NetAdapter |where status –eq ‘up’).Name
Note: The command may return a status of DOWN initially, but the fact that
the status was returned means it is actually UP. If you get an error, make sure
that you type the command exactly as written; for example, there are no
spaces in the string at the end of the command: “).Name”
3. Type the following command, and then press ENTER.

↪ Get-NetLBFOTeam
Note: Observe the status and members.
4. Close the Windows PowerShell command prompt.

Implement DHCP failover
Richard takes advantage of the in-box NICs on his servers to provide switch-independent load
balancing and failover. In this experience, you will add the DCHP Server role on Server1 and
Server2 and configure them as failover partners in hot-standby mode. You will use Server3 as the
DHCP client and demonstrate the replication and failover capabilities of DHCP Server in Windows
Server 2012.
Richard uses DHCP failover to ensure clients will be able to access network resources even if the
main DHCP server goes down.
Add the DHCP Server roles to both servers and authorize the servers for Contoso.com

2. Double-click Server1 to connect to it.
3. Open Server Manager on Server1.
4. Right-click on All Servers and select Add Servers.
5. Click the Active Directory tab.
6. Click the Find now button.
7. Select Server2 from the list, click the right arrow button to add to the managed server
pool, and click OK.
8. Select Server1 from the managed servers list.
9. From the Tools menu, select Add roles and features.
10. Click Next.
11. Click Next.
12. Select Server1 from the list and click Next to get to the server role selection screen.
13. In the Select server roles dialog, select DHCP Server, click Add features when prompted,
and then click Next.
14. In the Select features dialog, click Next.
15. On the DHCP Server screen, click Next , then click Install.
16. Allow the installation to complete, and then in the Results window, click the link for
Complete DHCP configuration.
17. In the DHCP Post-Install Configuration Wizard, click Next, then click Commit.
18. On the Summary page, click Close.
19. In the Add Roles and Features Wizard, click Close.
20. Repeat steps 10-18 for Server2. (This time, choose Server2.)

Create a DHCP address scope
Perform the following steps on Server1.
1. From Server Manager, select Tools→DHCP.

2. Right-click on IPV4 and select New Scope.
3. Click Next.
4. Name the Scope EvalScope.
5. For the range, use the following:
a. Start IP address: 192.168.1.115
b. End IP address: 192.168.1.125
c. Subnet mask: 24 bits (255.255.255.0)
6. Click Next.
7. Click Next to proceed with no address exclusions.
8. Click Next to accept the default lease duration value.
9. To configure options, click Next.
10. Set the Default Gateway to 192.168.1.1.
11. Set the DNS Servers to DC01 and click Resolve. This should set the DNS Server to
192.168.1.12.
12. Click Next in WINS Server.
13. Leave Yes selected and click Next to activate the scope.
14. Click Finish.
15. Restart the DHCP Server service by right-clicking on the server and selecting All
Actions→Restart.
Note: You authorized the server after the service was running, so you’re
restarting now to run in authorized mode.
16. From DHCP Manager, verify the scope is displayed and active. (You may need to refresh).
Configure Server1 in a failover partnership with Server2
Next, you will configure a failover relationship between Server1 and Server2 using the Configure
Failover wizard. Perform these steps from Server1.
1. If the DHCP Manager console is not open on Server1, open it now.

2. Right-click on DHCP and select Add Server.
3. Type in Server2 or select it from the authorized server list.
Note: You should now see both servers appearing in the console.
4. Expand DHCP→Server1 then right-click on IPv4 and select Configure Failover.

5. Click Next.
6. Type in Server2 under partner server in Specify the partner server to use for failover and
click Next.
7. On the Configure failover page, switch the mode from Load Sharing to Hot Standby.

8. Set the hash password in Shared Secret to pass@word1 and click Next.
9. Click Finish.
10. On Server2, open the DHCP console and view the available scopes under IPv4. Confirm that
the EvalScope from Server2 is replicated on Server2.
View the failover configuration properties
Once you have configured a failover relationship, you can view status by accessing the Failover tab
of the Scope Properties dialog. View and modify settings by accessing the Failover tab of the IPv4
Properties dialog.
1. On Server1, from the DHCP management console, right-click Scope [192.168.1.0]

EvalScope.
Note that a new menu item is now available called Deconfigure

Failover. This menu item indicates that failover is configured for this
scope.
2. Right-click Scope [192.168.1.0] EvalScope, click Properties, and then click the Failover tab.
Note that State of this Server and State of Partner Server are both
Normal.
3. Click OK.
4. Right-click Ipv4, click Properties, and then click the Failover tab. You can select any of the
failover relationships listed and click Edit or Delete.
5. Click Edit to view or modify the failover relationship you just created for WINSRV-DC1-
WINSRV-1.
6. Click Cancel to close the View/Edit Failover Relationship dialog box, and then click Cancel to
close Ipv4 Properties.
Demonstrate DHCP failover using Server3
Use the following procedures to demonstrate DHCP failover operation. Here are the steps:
 Obtain a new lease on Server3.

 Determine which server has provided a lease to Server3.
 Stop the DHCP service on Server1.
First, verify that Server3 can obtain a new lease from Server2 for the EvalScope.

1. Open Network and Sharing Center.
2. Click Change Adapter Settings.
3. Bring up the properties for the adapter linked to the Contoso.com domain.
4. Set the IPv4 address to Obtain Automatically.
5. Document the IP4 configuration of the following:

a. IP Address
b. Subnet Mask
c. DNS Servers
6. Set the IPv4 address to Obtain Automatically.
7. Click OK, then click Close.
8. Bring up an Administrative Command Prompt.
9. Run IPCONFIG /ALL.
Note: You should now be obtaining your address from Server1

(192.168.1.94 if you're using the recommended IP4 addresses).
10. Leave the command prompt open.
Stop the DHCP server service on one DHCP server
1. Stop the DHCP server service on Server1: right-click on Server1, point to All Tasks, and then
click Stop.
2. Confirm that the DHCP service is unavailable. The console will display the error message
Cannot find the DHCP Server.
3. Under Server2 in the DHCP Console, right-click WINSRV-DC1 Scope [192.168.1.0]
EvalScope, click Properties, and then click the Failover tab.
Note that State of this Server is now “Lost contact with partner,” and State
of Partner Server is “Not Available.” Click OK.
Verify failover operation
1. On Server3, from the command prompt window, type ipconfig /release and hit ENTER.
2. Type ipconfig /renew and hit ENTER.
3. Type ipconfig /all and hit ENTER.
4. Examine the address listed next to DHCP Server.
Note that Server3 has now obtained a lease from the remaining DHCP
server in the failover relationship.
Start the DHCP server service and examine events logged
Now you will restart the DHCP server service on the DHCP server that you stopped previously and
verify that it successfully rejoins the failover partnership.
1. On the DHCP server you stopped previously, launch the DHCP management console.
2. In DHCP console, right-click the server name, point to All Tasks, and then click Start.
3. Confirm that the DHCP service is now available. Expand IPv4, and select Scope [192.168.1.0]
ClassrScope.
4. Right-click Scope [192.168.1.0] Classroom, click Properties, and then click the Failover tab.
Note that State of this Server is now "Normal". Click OK.
5. From the Start screen, type Event, and then click Event Viewer. Expand Applications and

Services Logs, Microsoft, Windows, DHCP-Server.
6. Examine the events logged related to DHCP Failover creation and operation under Microsoft-
Windows-DHCP Server Events/Admin and Microsoft-Windows-DHCP Server
Events/Operational.
Deactivate the Scope and set Server3 back to static IP configuration
1. On Server1, from the DHCP management console, right-click Scope [192.168.1.0] EvalScope
and select Deactivate.
2. Open Network and Sharing Center.

3. Click Change Adapter Settings.
4. Bring up the properties for the adapter linked to the Contoso.com domain.
5. Set the IP4 configuration of the following (reference your notes from the task Demonstrate
DHCP failover using Server3, step 5.)
d. IP Address
e. Subnet Mask
f. DNS Servers
6. Click OK.
7. Click Close.
8. Bring up an Administrative Command Prompt.
9. Run IPCONFIG /ALL.
Note: You should now be back to the static IP configuration from the
beginning of experience.
Continue on to the Server Virtualization experience, which builds on your work in the
Storage and Networking sections. First, Merge the checkpoints into the respective
virtual machines by deleting the checkpoints made earlier.
Table of Capability
Contents Scenarios

Server Virtualization
Get flexible and cost effective virtualization technology
Infrastructure admin Windows Server 2012 R2 Hyper-V
 Network virtualization
 Extensible switch
 Live migration
 Live storage migration
 Online VHDX resize
 Hyper-V Replica
Virtualization technologies help IT organizations reduce costs and deliver greater agility and
economies of scale. New capabilities offer extensible solutions that enable secure multi-tenancy
environments.
At Contoso, a new development team working on a secretive project creates its own environment
with two development servers running on Windows Server 2012 R2 Hyper-V. Richard is asked to
support the team's needs.
The group requires continuous availability for its environment. Meanwhile, Contoso executives
express concerns about the need to maintain security and isolation.
 The environment must be isolated from everyone else on the corporate network,
although it must use existing network servers and storage.
 Migrating the servers from one Hyper-V host to another must be transparent, and not
disrupt the team or any other Contoso users.
 The Contoso customer support group must have access to the new environment once
the project becomes available to customers.
Capability Scenarios: Server Virtualization 47

Richard makes use of Windows Server virtualization technologies. Hyper-V Network
Virtualization and Hyper-V live migration enable him to implement a live migration scenario
that maintains isolation regardless of which host the team is using.
With Hyper-V Network Virtualization and Hyper-V extensible switch, Richard can create logical
networks that can be used to isolate business units, extend to cloud providers, and be easily
managed and extended through System Center Virtual Machine Manager. The virtual network
metadata is stored with the virtual machine configuration, which means mobility scenarios will
not require reconfiguration.
Richard will use the live migration function of Hyper-V to offer virtual machine mobility without
any downtime. Meanwhile, it also allows him to provide failover security and backup and to
increase storage space and other resources for the new team as the project grows.
 With SMB application shares, Richard sets up virtual machines as durable data storage. This
enables Richard to move resources from one node to another without having to take storage
offline.
 Richard also uses Hyper-V and failover clustering to make team resources and virtual
machines highly available and minimize disruptions. He can seamlessly migrate the virtual
machines to a different host in the cluster in the event of outage or to load balance without
impacting virtualized applications.
 Richard also makes use of Hyper-V Replica as a disaster recovery tool. The Hyper-V Replica
Replication Tracker encapsulates the replication state of a virtual machine and periodically
replicates updates to the virtual hard disks associated with the team's virtual machines to a
Replica server.
Windows Server enables Richard to create a multi-tenancy environment in which the small team
shares physical servers with the corporate Contoso network while maintaining isolation from the
larger network. Windows Server gives him the flexibility to change the level of isolation when the

customer support group needs access. His work also promotes productivity, by keeping team
resources highly available, and business continuity, via automated backups.
The following experience shows you how you can build a virtualized infrastructure.
Experience: Build a virtualization infrastructure

Windows Server 2012 R2 Hyper-V includes many enhancements specifically designed to create a
highly available, scalable, and powerful virtualization infrastructure. Richard uses Hyper-V and SMB
to make team resources and virtual machines highly available, minimize disruptions, and simplify
access to shared resources. He can seamlessly migrate the virtual machines to a different node
without having to take storage offline. In this experience, you will implement several of these
features, as follows:
 Create new virtual machines for use with live storage migration and Hyper-V Replica.
 Perform a live storage migration to a Scale-Out File Server highly available share.
 Perform an online VHDX resize.
 Implement Hyper-V Replica.
Reference Links
This experience builds on the steps in the Storage and the Networking experiences.
Complete both sections first.
Before beginning this experience, create checkpoints of all your virtual machines. To do
this, right- click on the virtual machine and select Create Checkpoint. This will enable
you to restore to a clean environment if required. Checkpoints use up resources and
will impact system performance.
Create new virtual machines for use with live storage migration and Hyper-V
Replica
In this step, you will create two new virtual machines that will be used for live storage migration
and Hyper-V replica testing.
Perform this task logged on to Host1 as Contoso\Administrator using the password


2. Right-click on Host1 in the Hyper-V Manager console and select New→Virtual Machine.

4. In Name, type Server4, and check the box to store the virtual machine in a different
location. Set the location to D:\VMs.
5. On the Specify Generation page, keep the default of Generation 1 and click Next.
6. On the Startup Memory page, check the box to use Dynamic Memory and click Next.
7. On the Configure Networking page, select Eval-Internal and then click Next.
8. On the Connect Virtual Hard Disk page, click Next.
9. On the Installation options page, click Install an operating system from a boot CD/DVD-ROM
and select the Image file (.iso) option, then browse to the Windows Server 2012 R2
Installation ISO, then click Next. If you don't have an ISO staged on Host1, you can select the
option to Install an Operating System Later.
10. Click Finish.
11. Repeat steps 1-11 to create a second virtual machine named HV-Rep.
Perform a live storage migration to Scale-Out File Server highly available share
One of the significant enhancements in Windows Server 2012 R2 is the ability to leverage highly
available SMB storage for Hyper-V. In this task, create a new SMB cluster, and then use it to store
the newly created virtual machine.
Create a new virtual disk for the Hyper-V data Scale-Out File Server

1. In Hyper-V Manager, right-click on Hyper-V Manager.

2. Click Add to Server, browse Host1 to connect with Hyper-V Manager.
3. Select Host1 and connect to Node01.
4. On Node01, open Server Manager.
5. Expand File and Storage Services, and verify you have a Storage Pool named VirtualPool.
6. Select VirtualPool, right-click on the Virtual Disks pane, and select New Virtual Disk.
7. Click Next.
8. Click Next.
9. Name the new virtual disk HVDATA_CSV and click Next.
10. Click Next to accept Simple resiliency.
11. For Provisioning Type, select Thin and click Next.
12. For the size, set it to 40 GB and click Next.
14. The New Volume Wizard should automatically start.
15. Click Next.
16. Select the virtual disk HVDATA_CSV and click Next.

17. Click Next.
18. Select Do Not Assign a Drive Letter and click Next.
19. For the Volume Label, type HVDATA_CSV and click Next.
20. When the format is complete, click Close.
21. Stay logged onto Node01 for the next task.
Create a new Scale-Out File Server for Hyper-V data

2. On Node01, open Server Manager, if it is not already open.
3. From the Tools menu, select Failover Cluster Manager.
4. From Failover Cluster Manager, expand Storage→Disks.
5. You should see HVDATA_CSV as available storage.
6. Right-click on HVDATA_CSV and select Add to Cluster Shared Volumes.
7. The disk should now indicate it's assigned to Cluster Shared Volumes.
8. Right-click on Roles and select Configure Role.
9. Click Next.
10. Select File Server.
11. Select Scale-Out File Server for Application Data and click Next
12. Name it HVDATA and click Next.
You should now see HVDATA in the roles. It may take a minute or two for
provisioning and propagation to Node02. Wait for the role to come online.
Create a new continuous availability share for Hyper-V data

2. Right click on HVDATA and select New Share.
3. For the type, select SMB Share for Applications and click Next.
4. For the Server, select HVDATA and for the volume, select the 40 GB CSV partition you just
created and click Next.
5. Name the share VMStorage and click Next.
6. Click Next on Configure Share Setting (CA should already be selected).
7. Click Customize Permissions.
8. Click Add and then click Select a Principal.
9. Click Object Types.
10. Check the Computers check box, then click OK.
11. Type Host1; Host2 (substitute actual host names) and then click OK.
12. Check the Full Control check box, and then click OK
13. Click OK to save ACL settings, then click Next.

15. Verify you can browse \\HVDATA\VMstorage from both hosts.
16. In the \\HVDdata\VMStorage share, create a new folder named Server4.
Perform a live storage migration to Scale-Out File Server share
With the ability to move the virtual machine’s storage from one location to another without
downtime, Richard gains the ability to rebalance his storage across his storage infrastructure and
the ability to move the virtual machine storage from a local disk, for example, to a highly resilient
Scale-Out File Server.
In this step, you will move the VHD storage for the new virtual machine to a highly available file
server cluster without incurring downtime on the virtual machine.


17. Start Server4: it will boot waiting for IFM install.
18. Right-click Server4, and then in the Actions pane, click Move.
19. Click Next.
20. On the Choose Move Type page, click Move the virtual machine’s storage, and then click
Next.
21. On the Choose Options for Moving Storage page, click Next.
22. On the Choose a new location for virtual machine page, click Browse.
23. In the Select Folder dialog box, in the Folder text box, type \\HVData\VMStorage\Server4,
and then click Select Folder.
24. On the Choose a new location for virtual machine page, click Next.
25. Click Finish.
Note: Wait for the move to complete before proceeding to the next step.
26. Verify the storage was moved by opening up virtual machine settings for Server4. The
virtual hard disk path should now be \\HVDATA\VMStorage\Server4\Virtual Hard
Disks\Server4.Vhdx as shown in the following screenshot.
Perform this task logged on to Node01 as Contoso\Administrator using the password

27. Open Failover Cluster Manager.

28. Navigate to Roles.
29. Right-click HVData, click Move, and then click Best Possible Node.
Note: The file server is moved to the other cluster node.
TIP: Use Hyper-V Manager to ensure Server4 did not reboot or go offline
during this move operation.
Perform an online VHDX resize
In this task, you will work with the new VHDX resize capability in Windows Server 2012 R2. This
capability allows you to expand VHDX files for generation 1 virtual machines (SCSI support only),
and the generation 2 virtual machines that the virtual machine is running. This improves
availability of mission critical virtual machines by allowing you to resize disks which the virtual
machine is online.
Add a SCSI disk to Server1 and expand it while the virtual machine is running
1. On Host1, open Hyper-V Manager.

2. Right-click on Hyper-V Host and select New→Hard Disk.
3. Click Next.
4. Select VHDX and click Next.
5. Select Dynamically Expanding and click Next.
6. Name the new Disk SCSI_VHD.vhdx.
7. Save the new SCSI_VHD.vhdx file in the D:\VHD folder.
8. Click Next to accept the default size (127 GB).
9. Click Next, then click Finish.
10. Right-click in Server1 and select Settings.
11. Click on SCSI Controller, click Hard Drive, and click the Add button.
12. Change the location to 1, browse the path to: D: \VHD\ SCSI_VHD.vhdx.
13. Click OK to save the settings.
14. Check the settings for Server1 to make sure the VHD shows up under the SCSI controller.
15. Start and connect Server1.
16. On Server1, open Disk Management.
17. Right-click on the new disk and select Online.
18. Right-click on the new disk and select Initialize.
19. Initialize the new disk (Disk 1) using MBR.
20. Right-click on the un-allocated space of Disk 1 and select New Simple Volume.

g. Take the default size (entire disk).
h. Take the default letter.
i. Make the volume label Resize.
j. Perform a Quick Format (NTFS).
k. Click Finish.
21. Close Disk Management.
22. Switch back to Hyper-V Manager.
23. From the Tasks pane, click Edit Disk.
24. Browse to D:\VHD\SCSI_Disk.vhdx.
25. Click Next.
26. Click Expand.
27. Expand the disk to 200 GB.
28. Switch back to Server1 and open Disk Management.
29. The new disk should now be 200 GB.
Implement Hyper-V Replica
Hyper-V Replica, introduced in Windows Server 2012, enables an organization to replicate a

virtual machine to another host for recovery capabilities in the event of a primary Hyper-V host
failure or disaster. Hyper-V Replica has been enhanced in Windows Server 2012 R2 to allow for
different syncing intervals as well as tertiary replication.
In this task, you will complete the steps required to implement Hyper-V Replica for your two
hosts. You will use the virtual machine, VM-REP. You will make a replica copy of VM-REP on the
replica server and test a planned failover. You will configure replication on both servers, and then
send the initial replica. First, you will enable Hyper-V Replica for the Primary Server. Perform this
step from the host identified as Host 1. To eliminate the need to jump between consoles, add both
Hyper-V hosts to one Hyper-V Manager console.
Before you begin

Document the server names in your evaluation lab:
Primary Server (Host 1): ____________________________
Replica Server (Host 2): ____________________________

Here is some background to help you:
 The Primary Server is the Hyper-V server that hosts the virtual machine under
normal operating conditions.
 The Replica Server is the Hyper-V server that has a replica stored on it for DR situations.
 The Primary Server replicates to the Replica Server.

 In this experience, you will create a new virtual machine on the primary server
named VM- REP. You will set up replication to the replica server and test failover.
Enable replication on HV-REP and send the initial replica
Perform this task logged on to Host1 (Primary Server) as Contoso\Administrator using the
password pass@word1 or the credentials for the domain you created.
1. Enable replication for HV-REP using Hyper-V Manager.

a. In Hyper-V Manager, right-click the HV-Rep virtual machine, and then click Enable
Replication.
b. In the Enable Replication Wizard, on the Before you Begin page, click Next.
c. On the Specify Replica Server page, type the computer name for Host2 and click
Next.
Note: If you see this error, “The specified replica server is not
configured to receive replication from this server,” click on Configure
Server and check Enable this computer as a Replication Server..
d. On the Specify Connection Parameters page, click Next.

e. On the Choose Replication VHDs page, click Next.
f. On the Replication Frequency page, select the default of 5 minutes and click Next.
g. On the Configure Recovery Points page, leave only the latest recover point selected,
then click Next.
h. On the Choose Initial Replication Method page, accept the defaults, then click Next.
i. On the Completing the Enable Replication wizard page, click Finish.
2. Right-click on HV-Rep and select Replication, then View Replication Health.
3. Wait for the replication to finish the first snapshot.
4. Open Hyper-V Manager on Host2.
5. You should see HV-REP with a state of OFF.
Execute a planned failover
1. Confirm you are working on Host1 (Primary Server).

2. Shut down the HV-REP (right click→Turn off).
3. Initiate a Planned Failover using Hyper-V Manager:
a. In Hyper-V Manager, right-click HV-Rep, then click Replication, and then click
Planned Failover.
b. In the Planned Failover dialog box, ensure that the Start the Replica virtual
machine after failover check box is selected, and then click Fail Over.
c. When the failover has completed, in the Planned Failover dialog box, click Close.
4. Verify successful failover using Hyper-V Manager on Host2. The HV-Rep virtual machine

should be running on the replica server.
Reverse the failover
1. Confirm that you are working on Host2 (Replica Server).

5. Shutdown the HV-REP virtual machine (right-click→Turn off).
6. Switch to Host1, in Hyper-V Manager.
7. Right-click VM, then Replication, and then select Cancel Planned Failover.
8. Verify cancellation of planned failover using Hyper-V Manager.
Merge the checkpoints into the respective virtual machines by deleting the checkpoints
made earlier.
Table of Capability
Contents Scenarios

Server Management and Automation
Automate maintenance tasks and processes
Role: Technologies:
Infrastructure admin Windows Server 2012 R2 Server Manager
Windows Server 2012 R2 PowerShell
 AD DS Deployment Automation
 Windows Remote Management 3
 IP Address Management (IPAM)
 Storage Spaces
IT departments face continually increasing demands. While IT budgets remain the same, the IT
team needs to deliver management capabilities and automation to help meet escalating needs.
At Contoso, there is a server farm at headquarters and a server in each regional office. Each office
has its own small HR and accounting groups, reporting back to the corporate human resources and
accounting departments at headquarters. The human resources and accounting applications are
installed on the server at each regional office. The data generated by these applications are
merged every two hours into the database residing on the headquarters servers. Each region also
has multiple sales facilities reporting to the regional office.
Capability Scenarios: Server Management and Automation 57

The multiple application copies are a maintenance issue. Each time a patch or update becomes
available, the Contoso IT staff manually installs it on each server. IT employees also manually check
the database update schedule on the regional servers, and monitor the available storage space on
the headquarters servers. This storage space fills up quickly. Also, HR and accounting do not
always work with current data, due to the update schedule. Contoso faces similar issues with the
sales facilities servers.
The Contoso infrastructure administrator, Richard, wants to improve server management and add
automation capability by giving the regional offices real-time access to the corporate HR and
accounting databases and by automating key functions, including software patch and update
installation, sales and inventory data uploads, and main server storage monitoring. He also wants
the flexibility of web access to administrative controls.
He implements these improvements by using Windows PowerShell and Server Manager in

Windows Server 2012 R2 and the following features:
 AD DS Deployment Automation
 PowerShell over DISM.EXE for servicing and automating the software update process
 Windows PowerShell Web Access and Windows Remote Management 3 (WinRM3) for
remote multi- server and downstream server management
 IPAM for centralized IP address space management to eliminate IP address conflicts
 Storage Spaces
Additionally, Windows Server helps Richard’s IT employees monitor the network more efficiently
because it enables them to assign the servers to functional groups and to manage the servers from
a single console.
Take a look at one experience that can help you learn to use Server Manager and Windows
PowerShell 4.0 to manage Windows Server.

Experience: Use Server Manager and Windows PowerShell 4.0 to manage
Windows Server
In this experience, you will learn how the Server Manager and Windows PowerShell framework in
Windows Server deliver an enhanced, multi-server management experience to help
infrastructure admins like Richard perform tasks such as multi-server management. You will also
explore new Windows PowerShell capabilities including new cmdlets and the Windows
PowerShell gateway.
After completing this experience, you will be able to:
 Use Server Manager to manage multiple servers.

 Use Windows PowerShell to perform server management.
 Implement Windows PowerShell Web Access.
Before beginning this experience, create checkpoints of all your virtual machines. To
do this, right- click on the virtual machine and select Create Checkpoint. This will
enable you to restore to a clean environment if required. Checkpoints use up
resources and will impact system performance..
Use Server Manager to manage multiple servers
In this task, use the new multi-server and remote server management capabilities of Server
Manager to deploy roles and features on multiple servers in your environment. While doing these
exercises, you may have to scroll left and right in Server Manager. Server Manager is optimal
when viewed with a minimum of 1366x768 screen resolution. You may wish to adjust your
resolution for this.
Create a new remote server group
Use Server Manager to create a new remote server group. Remote server groups enable you to
have a simplified focused view of configuration, events, alerts and performance of a related group
of servers that you define. Information is summarized in a tile, as well as viewable as a report.
Begin this step logged on to DC01 as Contoso\Administrator using the password


2. In Server Manager, click Add other servers to manage.
3. Click Find Now.
4. Click Node01, and then click the arrow to the right to add the computer.
5. Highlight Node01, Node02, Server1, and Server2, and then click the arrow to the right to
add the computers.
6. Click OK.

7. In Server Manager, click Dashboard, and then click Create a server group.
8. In the Server group name text box, type Infrastructure-Servers.
9. Highlight Node01, Node02, Server1 and Server2 then click the Add button.
10. Click OK.
11. In the left pane, click Infrastructure-Servers.
Note: You can view summarized information for just those servers.
Using dashboards
In this step, review the automatic dashboard tiles that Server Manager creates to provide overall
health of the servers.

1. In Server Manager, click Dashboard.

2. Scroll down and review Infrastructure-Servers.
3. In the Infrastructure-servers tile, scroll down and verify Services and Events.
Note: You can filter based on Startup types, Services, Service status and
Servers.
Note: It may take a few moments for any services to appear in the list.
4. Click Infrastructure-Servers.
5. Highlight NODE01 and NODE02.
Note: All events are filtered to those nodes.
6. Scroll down and review Roles and Features.
Note: All installed roles and features are listed.
Use remote management tools
In this step, use Server Manager to open a Windows PowerShell remote session.

1. In Server Manager, click All Servers, and then click Server1.

2. Right-click Server1, and then click Windows PowerShell.

Note: Windows PowerShell opens with a remote session on Server1.
3. Close the Windows PowerShell console.
Track performance using performance counters
In this step, use Server Manager to manage performance counters.

1. In Server Manager, navigate to All Servers, and then highlight Server1 and Server2.
2. Scroll down to Performance.
Note: After creating server group, it will take a few moments to display
the servers in the performance table.
3. Right-click Server1, and then click Start Performance Counters.

4. Right-click Server2, and then click Start Performance Counters.
Note: The status is Waiting for data. In a production environment, Server

Manager will show historical performance data for these servers after a
short time.
Perform a BPA scan on Infrastructure-Servers
In this step, use Server Manager to perform a Best Practices Analyzer (BPA) scan.

1. In Server Manager, click Local Server, and then scroll to Best Practices Analyzer.
2. In Tasks, click Start BPA scan.
Add roles and features to a remote server

1. In Server Manager, click Manage, and then click Add Roles and Features.
2. Click Next.
3. Accept the default of Role-based or Feature-based installation, and then click Next.
4. Click Server1, and then click Next.
5. In Roles, select Print and Document Services, and then click Add Features.
6. Click Next.

7. In Features, select Windows TIFF IFilter, and then click Next.
8. Click Next at each step in the wizard, and then click Install.
9. Click Close.
10. Click the Notification area (flag icon) to view the status of the installation.
11. When the installation is completed, click Refresh ( ) in Server Manager.
12. In the left pane, click Print Services.
Note: Server Manager allows you centrally view information on roles, even
if those roles are not installed on the local server.
13. Scroll to view information related the listed print and document servers.
Remove roles and features from a remote server
In this step, you will user Server Manager to remotely remove servers.

1. In Server Manager, click Print Services.

2. Click Manage, and then click Remove Roles and Features.
3. Click Next.
4. Click Server1.Contoso.com, and then click Next.
5. Clear the Print and Document Services check box, and then click Remove Features.
6. Click Next.
7. Click Next at each step in the wizard, and then click Remove.
8. Click Close.
9. Click the Notification Area to view the status of the removal.
Note: The Print Services tile and node are removed from the Server
Manager UI. If Print Services does not remove right away, click Refresh.
Use Windows PowerShell to perform server management
In this step, explore using the Windows PowerShell provider for Server Manager to deploy new
roles and features to multiple remote servers.
Explore the Windows PowerShell Provider for Server Manager
In this step, use some of the Windows PowerShell commands for Server Manager.

1. Open Windows PowerShell.

2. Type the following commands, pressing ENTER after each one. When prompted, type N,
and then press ENTER.
↪ Get-Command –Module ServerManager
↪ Get-Help Add-WindowsFeature
Note: Add-WindowsFeature is replaced with Install-WindowsFeature in this

version of Windows.
Note: You were not required to import the Server Manager module; all
modules are automatically available.
↪ Get-WindowsFeature
Note: The list of Windows Features is provided, with an (X) indicating which
features are installed.
↪ Get-WindowsFeature | Where Installed –eq $true
↪ Get-WindowsFeature –ComputerName Server1 | Where
Installed – eq $true
Note: Windows PowerShell 3.0 offers a simplified syntax, eliminating the
need for $_. And { }.
Use Windows PowerShell and Server Manager to convert a graphic user interface (GUI)
installation to a Server Core installation
In this step, use Windows PowerShell and Server Manager to remotely remove the GUI from a
server, converting it into a Server Core installation.
1. Log on to Server1 using the username Contoso\Administrator and the password

Note: Note the full Windows desktop is installed on this server.
2. Switch to DC01.
3. Go to Server Manager.
4. Click All Servers.
5. Right-click Server1, click Windows PowerShell.
6. Type the following commands, pressing ENTER after each one:
↪ Get-WindowsFeature –name User-Interfaces-Infra–
ComputerName Server1
↪ Remove-WindowsFeature –name Server-Gui-Mgmt-
Infra – ComputerName Server1
Note: Wait for the feature removal to complete before proceeding to the
next step.
7. Switch to Server Manager.

8. Click All Servers.
9. Right-click Server1, click Restart Server, and then click OK.
Important
Wait for the computer to restart, and then complete the feature removal. This will remove
the feature and all dependent features.
Note: You can view the console on Server1 to monitor the progress of this
job.
Note: Notice the Server Core Desktop
Important
After GUI removal, if you do not see the Windows logon screen on Server1, click on the
lower part of the desktop and drag upward.
11. At the command prompt, type MMC, and then press ENTER.
Note: MMC consoles are not available.
12. At the command prompt, type SCONFIG, and then press ENTER.
Note: SConfig is still available.
13. Type the number 15, and then press ENTER to return to the command prompt.
Use Windows PowerShell and Server Manager to convert a Server Core installation to a GUI installation
In this step, use Windows PowerShell and Server Manager to remotely add the GUI to the Server
Core computer.

1. At the command prompt, type PowerShell, and then press ENTER.

2. Type the following commands, pressing ENTER after each one:
↪ Install-WindowsFeature –Name Server-GUI-MGMT-Infra
↪ Restart-Computer
Important
Wait for the computer to restart, and then complete the feature installation. This will add

the Server GUI feature and all dependent features.

Note: Note the Server Core desktop.
4. Type ServerManager, and then press ENTER.
Note: Server Manager is available in a graphical form on Server Core.
5. Click Tools, and then click Computer Management.
Note: MMC-based administration tools function as expected.
6. Close Server Manager, and then close Computer Management.

7. Type MMC, and then press ENTER.
Note: You can also create custom MMC tools.
8. Close MMC.
Implement Windows PowerShell Web Access
Install and configure Windows PowerShell Web Access, and use it to manage multiple computers
from a browser session. Windows PowerShell Web Access allows you to use a browser-based
console to perform management of any server with remote management enabled by connecting
to a single gateway, which can be externally facing.
Install Windows PowerShell Web Access
In this step, install Windows PowerShell Web Access.

1. In Server Manager, click Dashboard.

2. Click Add roles and features.
3. Click Next twice, select DC01.contoso.com, and then click Next.
4. Click Next at each step of the wizard until you reach the Select features page.
5. Expand Windows PowerShell (Installed), check Windows PowerShell Web Access, click Add
Features, and then click Next.
6. Click Install.
7. When the installation has completed, click Close.
Configure Windows PowerShell Web Access

In this step, configure Windows PowerShell Web Access by installing the web application and
configuring a predefined gateway rule.
1. Click Windows PowerShell.

2. Type the following command, and then press ENTER:
↪ Install-PswaWebApplication –useTestCertificate
Note: This command will create the test certificate and the SSL binding
using that certificate. The certificate can be adjusted at any time using IIS
Manager.

↪ Get-PswaAuthorizationRule
Note: There are presently no users permitted to access Windows

PowerShell Web Access.

↪ Add-PswaAuthorizationRule –ComputerName * -
UserName * - ConfigurationName *
Note: This is a basic “allow-all” rule that relies on the user permissions and
individual server configuration. You can create a more restrictive rule for
production environments.

↪ Get-PSWAAuthorizationRule
Note: There is now a rule which grants all users access to Windows
PowerShell Web Access, and the ability to access any system on the
network, providing they have rights on the target system.
Perform remote management with Windows PowerShell Web Access
In this step, use Internet Explorer 10 to validate Windows PowerShell Web Access.

1. Click Start, and then right-click Internet Explorer.

2. Click Run as different user.
3. Log on as .\administrator with a password of pass@word1.
4. Navigate to https://DC01.
5. Click Continue to this website (not recommended), and then click OK.
Note: You receive this error because you are using a test certificate that

cannot be validated.
6. In the Username text box, type Contoso\Administrator.

7. In the Password text box, type pass@word1.
8. In the Computer name text box, type Server1, and then click Sign In.
9. Wait for the Windows PowerShell console to appear.
10. Type the following commands, pressing ENTER after each:
↪ HostName
↪ Get-Process
↪ Get-Service | where status –eq running
Note: You have full Windows PowerShell access via the browser.
Merge the checkpoints into the respective virtual machines by deleting the
checkpoints made earlier.
Capability
Table of Capability
Contents Scenarios

Virtualized Desktop Infrastructure
Enable modern work styles
Role: Technology:

 Session shadowing.
 Storage tiering and disk deduplication.
 Dynamic display handling and quicker reconnects.
 Improved RemoteApp experience.
As the enterprise adapts to more personally owned devices, IT needs a way to offer a consistent,
managed enterprise desktop to employees. Microsoft Virtual Desktop Infrastructure (VDI) enables
IT to deliver a corporate desktop and applications to employees that can be accessed from their
personal or corporate devices, from both internal and external locations. Centralized desktops and
apps hosted in the datacenter or cloud can be easily managed, and apps and data can be secured.
Richard is the infrastructure admin at Contoso. In the past, computers were all corporate-owned
Capability Scenarios: Virtualized Desktop Infrastructure 68

and Richard deployed a standard desktop image to the machines that included a standard set of
policies and applications. As more people move to using their own computers, laptops, and
tablets, often from non- corporate networks, Richard needs a way to enforce the same security
policies to protect data, while enabling access to applications on devices that his company no
longer directly manages.
IT needs a way to deploy a standard desktop solution that can be housed centrally in the
datacenter. These virtual desktops will be accessed from a variety of devices and locations, while
preserving the protection of the data, including limiting the ability to store the data on an
unmanaged device.
Note: For more information about the Microsoft strategy for People-Centric
IT, which enables the consumerization of IT without compromising
compliance, see the Enabling People Centric IT guide and the System Center
2012 R2 Configuration Manager resources.
Windows Server provides a VDI toolset that’s easy to deploy and configure, and it delivers a rich
user experience. The Microsoft solution gives IT the freedom to choose personal and pooled
virtual machine- based desktops, as well as session-based desktops. It also offers IT several storage
options, based on their requirements.
Windows Server continues to improve the options and user experience for deploying and
managing a VDI environment, as well as for improving users’ experience with remote desktops:
 Windows Server provides a single console to deploy, configure, and manage a VDI
deployment. Windows Server brings Session Shadowing to the administration console,
enabling help desk or IT staff to view and remotely control a user’s session.
 Windows Server supports SMB 3.0 and Storage Spaces for VDI storage, providing a high-
performance storage alternative to expensive SAN storage. Windows Server 2012 R2
further expands on this by supporting online disk deduplication, which reduces the
amount of space on disk that’s consumed by personal virtual machines. It also provides
support for storage tiering, enabling IT to use a mix of solid state and spinning disks to
create a storage volume that automatically optimizes locations of data across the disks
so that the most accessed data blocks are on the highest-performing disks.
The following experience shows you how to provide secure remote user access.
Experience: Provide secure remote user access

In this experience, configure a secure remote experience for employees of Contoso, Inc. This
experience uses both RemoteApp and VDI to allow those users to work securely on remote
applications from home computers.

Reference Links
For some additional guidance, see the following Microsoft articles:
Installing and Configuring DHCP role on Windows Server 2012
Installing IIS 8 on Windows Server 2012
In this experience, you will set up user access to a remote application via RemoteApp and Virtual
Desktop Infrastructure (VDI). VDI makes it possible for users to access your system from virtually
anywhere, providing a rich experience while ensuring enhanced data security and compliance.
The VDI implementation is based on session desktop using Remote Desktop Services. First enable
RemoteApp and publish Microsoft Office 2013 applications. Then configure the user with access
to a full desktop located on the corporate network.
Install and configure Remote Desktop Services
In this step, use Server Manager to establish session-based VDI and RemoteApp publishing.


2. On the dashboard, select Add other servers to manage.
3. Search for Server1 in the Name (CN) field.
4. Select Server1 from the list and click the sideways arrow to add it to the server pool.
5. Once added, return to the dashboard.
6. Click Add roles and features.
8. On the Installation Type page, click Remote Desktop Services installation, and then click
Next.
9. On the Deployment Type page, click Quick Start, and then click Next.
10. On the Deployment Scenario page, click Session-based desktop deployment, and then click
Next.
11. On the Server Selection page, click Server2.contoso.com in the Server Pool box, click Add
(the right arrow button), and then click Next.
12. On the Confirmation page, check the Restart the destination server automatically if

required check box, and then click Deploy.
Note: The installation and configuration will take approximately four

minutes. Wait for this to complete before proceeding.
13. When the installation has completed, click Close.
Create a self-signed certificate
In this step, you will create a certificate you can use to test secure remote access. A self-signed
certificate is an alternative to purchasing a certificate or creating a certificate authority in
instances for some use cases:
 On an intranet: When clients only have to go through a local intranet to get to the
server, there is virtually no chance of a man-in-the-middle attack.
 On an IIS development server: This eliminates the need to buy a trusted certificate
when you are developing or testing an application.
 On personal sites with few visitors: If you have a small personal site that transfers
non-critical information, there is very little incentive for someone to attack the
connection.
Note: When connecting to an IIS site that uses a self-signed certificate,

visitors will see a warning in the browser until the certificate is permanently
stored in the user's certificate store. Never use a self-signed certificate on
an e-commerce site or any site that transfers valuable personal information
like credit cards or social security numbers.

1. In the Server Manager, select IIS.

2. Select Server2 and right-click on Internet Information Services (IIS) Manager.
3. In the Connections column on the left, click and expand Server2.
4. Double-click on Server Certificates located in the center column.
5. In the Actions column on the right, click on Create Self-Signed Certificate.
6. Enter Server2Cert as the friendly name and Personal as the certificate store, then click OK.
7. You now have an IIS Self Signed Certificate valid for 1 year listed under Server Certificates.
8. Under your Server Certificates, select Server2Cert and from the Actions column, select
Export.
9. Export to: C:\ as Server2Cert.pfx and set the password to pass@word1 or the credentials
for the domain you created.
Configure a publishing certificate
Review the results of Quick Setup and configure a publishing certificate using a wildcard
certificate.

1. In Server Manager, click Remote Desktop Services.
Note: Server Manager is optimized for a minimum screen size of 1366x768.

If possible, you may wish to adjust your desktop resolution to this value.
2. In Server Manager, scroll through and review the installed roles and services for Remote
Desktop Services.
3. In left navigation, click Collections.
4. On the Collections Tasks menu, click Edit Deployment Properties.
5. In left navigation of Deployment Properties, click Certificates.

6. Under Manage certificates, click RD Connection Broker – Enable Single Sign-On.
7. Click Select existing certificate.
8. Click Browse and browse to C:\.
9. Click Server2Cert.pfx,, and then click Open.
10. In Password, type pass@word1 or the credentials for the domain you created.
11. Check the Allow the certificate to be added check box, and then click OK.
12. Click Apply.
13. Repeat steps 6 through 12 for RD Connection Broker – Publishing, and for RD Web Access.
14. Click OK.
Test RemoteApp publishing
In this step, test RemoteApp publishing to validate that it is functioning.

1. Open Internet Explorer.

2. Navigate to https://Server2.contoso.com/rdweb.
3. When you are prompted with a website stating that there is a certificate error, ignore the
message, and click the Continue to this site hyperlink.
4. Click Allow to run the RDS web add-on.
5. Check the This is a private computer check box.

6. Log on as Contoso\Administrator using the password pass@word1 or the credentials for
the domain you created.
7. Click WordPad, and then click Connect.
8. In the Connecting to Server2.Contoso.com window, click OK.
9. Close WordPad.
10. Close Internet Explorer.
Enable session-based VDI
Add session-based VDI to your Remote Desktop Services configuration. Because session-based VDI
and RemoteApp programs cannot co-exist on the same RDS server, you will first remove the
RemoteApp programs. If you wish to publish both session desktops and RemoteApp programs,
you can add a second RDS server to the deployment.

1. Switch to Server Manager.

2. Click Remote Desktop Services from left pane and click Collections..
3. In the Contents pane, right-click QuickSessionCollection, and then click RemoveCollection.
4. Click Yes.
5. On the Tasks menu, click Create Session Collection.
7. In Collection Name, in Name, type Session Desktops, then click Next.
8. Click Server2.contoso.com, click Add, then click Next.
9. In User Groups, use the pre-populated default settings, then click Next.
10. In User Profile Disks, in Location of user profile disks, type c:\UserDisks, then click Next.
11. Click Create.
12. When the process completes, click Close.
Test session-based VDI
In this step, test the session-based VDI configuration.
Begin this step logged on to DCO01 as Contoso\Administrator using the password

1. Open Internet Explorer.

2. Navigate to https://Server2.contoso.com/rdweb.
3. Click Allow to run the RDS web add-on.
4. Check the This is a private computer check box.
5. Log on as Contoso\Administrator using the password pass@word1.
6. Click Session Desktops, and then click Connect.
7. Click OK.

8. On the RDP control toolbar, click Close, and then click OK.
Merge the checkpoints into the respective virtual machines by deleting the checkpoints
made earlier.x`
Capability
Table of Capability
Contents Scenarios

Access and Information Protection
Enable consistent access to corporate resources
Role: Technologies:
System Center 2012 R2 Configuration Manager

this capability
 Single user identity across Active Directory and Windows Azure Active Directory.
 Conditional access policies through the Web Application Proxy and AD FS.
 Additional authentication using PhoneFactor.
 Secure remote access using Routing and Remote Access service (DirectAccess and
automatic (VPNs).
 Sync work files from a File Server to devices with Work Folders.
The prevalence, speed, and availability of affordable high-speed broadband and Wi-Fi networks
means that employees expect to be mobile and still get their work done. People expect to access
corporate resources in a consistent way across devices, and they expect that the technology
provided will be available on their schedule, from wherever they happen to be. This work-from-
anywhere paradigm requires the IT organization to change the way workers access resources such
as company tools, apps, data, and services.
Capability Scenarios: Access and Information Protection 75

Paul, a human resources manager at Contoso, considers himself a savvy consumer of technology.
As an early adopter of new mobile technology as it becomes available in the market, Paul now
finds that his personal device has outpaced the device provided for him at work. Paul wants to be
able to use his personal, more flexible and powerful device from home to review the résumés of
applicants prior to their job interviews.
Paul needs an easy way to access corporate apps and data from any device he chooses to use. The
IT organization needs an efficient way to provide Paul with consistent access to corporate
resources from his personal devices.
While the IT team at Contoso has previously forbidden the use of personal devices, it has recently
implemented a Microsoft solution for streamlined device management. When a user enrolls a
device for management, the company portal is installed on the device. This company portal is
consistent across devices, and it makes the latest corporate applications available to users.
Note: For more information about the Microsoft strategy for People-Centric
IT, which enables the consumerization of IT without compromising
compliance, see the Enabling People Centric IT guide and the System Center
2012 R2 Configuration Manager resources.
System Center 2012 R2 Configuration Manager enables users to self-provision applications:
 A company portal shows the applications users have permissions to install. Users
can view, install, and run corporate applications across devices.
 The IT team can specify which applications people can see in the company portal
based on a defined user role (for example, finance managers or group
managers) or groups within Active Directory. See the following diagram.

Work Folders, new in Windows Server 2012 R2, enable users to store the data they need for work in a
single place and make it easy for users to sync data across devices:
 Using Work Folders, employees can sync files stored in their Sync Share on a
corporate file server with their devices. This share can be integrated by the IT
team with Dynamic Access Control for automated classification and protection of
documents based on their content. These changes are replicated to the user’s
devices.
 The IT team controls access through Web Application Proxy, which publishes
resources with multi-factor authentication and conditional-access policies.
The following experience shows you how to provide secure remote user access.
Experience: Provide secure document access

In this experience, configure a secure remote experience for employees of Contoso, Inc. You will
grant those users access to secure files via Dynamic Access Control by modifying properties of the
user accounts.
Prerequisites
This experience requires additional software setup and configuration.
 Install and configure Active Directory-Rights Management Services on DC01.
 Create a new user account in Active Directory for BenSmith using this TechNet reference.
References
For some additional guidance, see the following Microsoft article:
Deploying and Configuring Information Rights Management

With Dynamic Access Control, Richard can ensure that remote users access only documents to
which they have permission, based on the attributes of the document and the attributes of their
user account. Review the specifics of the implementation before working with documents and
rules.
Create a new personally identifiable information (PII) rule
Create a new rule which grants access to files containing personally identifiable information (PII)
only to approved users. This rule is then applied to a user group called PII-Approved to grant them
read-only access.

1. In Active Directory Administrative Center, click Resource Properties.

2. Right-click Personally Identifiable Information (PII_MS), and then click Enable.
3. Click Central Access Rules.
4. In the Tasks pane, click New, and then click Central Access Rule.
5. In Name, type Contains-PII.
6. In Target Resources, click Edit.
7. Add the condition [Resource] [Personally Identifiable Information] [Exists]
8. Click OK.
9. In Permissions, click Use the following permissions as current permissions, and then click
Edit.
10. Double-click the entry Owner Rights, and then click Add a condition.
11. Add the condition [Resource] [Personally Identifiable Information] [Any of] [Value] [Not PII,
Public], and then click OK.
12. Click Add.
13. Click Select a principal.
14. Type PII_Approved, and then click Add a condition.
15. Add the condition [Resource] [Personally Identifiable Information] [Any of] [Value] [High,
Low, Moderate].
16. Check the Full Control check box, and then click OK.
17. Click OK.
18. Click OK.
19. Click Central Access Policies.
20. In New, click Central Access Policy.
21. Name as File-Server-Policy.
22. In Member Central Access Rules, click Add.
23. Click Contains-PII, click Add (>>), and then click OK.

24. Click OK to close File-Server-Policy.
Review manual file classification on Server1
Implement file classification on Server1 by classifying folders and testing the results of folder
classification.

Note: If available, you may log on directly to Server1, or you may use
Remote Desktop to connect to Server1. Interactive logon is required as the
property pages in question are only available locally.

2. Go to Server Roles and expand File and Storage Services.
3. Select File Server and File Server Resource Manager.
4. Click Next and Install.
↪ Gpupdate /force
↪ Update-FSRMClassificationPropertyDefinition
7. Open Windows Explorer.
8. Navigate to C:\Shares\CorpData.
9. Right-click CorpData, and then click Properties.
10. Click the Classification tab.
Note: The folder has been previously classified manually as United States
and Sales.
Note: Personally Identifiable Information classification has not been

configured.
11. Close all open windows.
Implement automatic classification for files containing PII
Configure an automatic classification rule which will search for files containing a US social security
number and then classify them as "High PII."


2. On the Tools menu, click File Server Resource Manager.

3. Expand Classification Management, and then click Classification Properties.
Note: Country, Department, and Personally Identifiable Information are all

deployed via Group Policy as part of the global properties stored in Active
Directory.
4. Click Classification Rules.

5. In the actions pane, click Create Classification Rule.
6. In General, in Rule name, type SSN Classifier.
7. In Scope, check the User Files check box, and then click Add.
8. In the Browse for Folder window, navigate to C:\Shares\CorpData, and then click OK.
9. In Classification, in Classification method, select Content Classifier.
10. In Property, in Choose a property to assign to files, select Personally Identifiable
Information.
11. In Specify a value, select High.
12. Click Configure.
13. On the Parameters tab, in the first entry, in the Expression field, type the following regular
expression, and then click OK.
↪ \d{3}-\d{2}-\d{4}
Note: This is a regular expression for a US SSN format.
14. In Evaluation Type, check the Re-evaluate existing property values check box, and then
select Overwrite the existing value.
15. Click OK.
16. In the Actions pane, click Configure Classification Schedule.
17. Check the Enable fixed schedule check box, and then check each of the seven weekdays.
18. Check the Allow continuous classification for new files check box.
19. Click OK.
20. Leave File Server Resource Manager open for use in the next step.
Validate Dynamic Access Control rules
Use the built-in Effective Access calculator to verify that only users with permissions can access
the CorpData folder based on Dynamic Access Control rules.


2. Navigate to C:\Shares\CorpData.
3. Right-click CorpData, and then click Properties.
4. On the Security tab, click Advanced.
5. Click Effective Access.
6. Click Select a user.

7. Type AliceCiccu, and then click OK.
8. Click View effective access.
Note: Alice is denied access because her user attributes do not match the
requirements for the folder.
9. Click Select a user.

10. Type BenSmith, and then click OK.
11. Click View effective access.
Note: Ben is allowed access, because his user account is configured with the
correct attributes, based on the new account you set up in Active Directory
as one of the prerequisites for this experience.
12. Close the Properties of the CorpData folder.
Test Dynamic Access Control with automatic classification
Test access to files using Dynamic Access Control and file classification from your DirectAccess-
connected computer.


2. Navigate to \\Server1\CorpData.
3. Using Microsoft Word, create and save a file named SecureData, with the following text in
the CorpData folder.
↪ My SSN is 111-22-3333
4. Wait approximately 10 seconds.
5. Open SecureData.docx.
Note: You are now denied access because of the Personally Identifiable
Information rule.
6. Switch to Admin, ensuring you are logged on as Contoso\Administrator.

8. Type the following command, and then press Enter.
↪ Add-ADGroupMember –Identify PII_Approved –Members BenSmith
9. Switch to Server3.
10. Log off and then log on as Contoso\BenSmith using the password pass@word1 or the
credentials for the domain you created.
11. Open the file \\Server1\CorpData\SecureDat.docx.
Note: You can now open the file because you have been approved to view
PII.

Implement Automatic Protection of PII Documents with Rights Management Services
Implement an Active Directory Rights Management Services (RMS) policy which prevents printing
of documents classified as PII. If you have installed Active Directory RMS on Server1 according to
the prerequisites, you will only have to create the RMS policies.
Note: Before you begin this task, be sure you have completed this pre-
requisite step, which was highlighted in the prerequisites for this
experience: Install and configure Active Directory-Rights Management
Services on DC01.


2. On the Tools menu, click Active Directory Rights Management Services.
3. Navigate to Server1.contoso.com\Rights Policy Templates.
4. In the contents pane, click Create distributed rights policy template.
5. Click Add.
6. In Name, type Do Not Print, and then in Description, type Prevent printing.
7. Click Next.
8. Click Add, click Anyone, and then click OK.
9. In Rights for ANYONE, check the following rights.
Export (Save As)
Reply
Reply-All
Forward
Note: Some rights will automatically include other prerequisite rights.
10. Click Next until you reach the end of the wizard, and then click Finish.
11. Click Add.
12. Close Active Directory Rights Management Services.
Include RMS in file classification
Modify the file classification process to include the Do Not Print RMS template when files contain
PII.


1. Switch to File Server Resource Manager.
2. Click File Management Tasks.
3. In the Actions pane, click Create File Management Task.
4. In Task name, type Apply RMS Policy for PII.
5. On the Scope tab, click Add, select C:\Shares\CorpData, and then click OK.
6. On the Action tab, in Type, select RMS Encryption.
7. In Select a template, click Do Not Print.
8. On the Condition tab, click Add.
9. Configure the condition [Personally Identifiable Information] [Equal] [High], and then click
OK.
10. Repeat steps 8 and 9 to add a condition for PII equal to Moderate and PII equal to Low.
11. On the Schedule tab, check each of the seven weekdays check boxes, and then check the
Run continuously on new files check box.
12. Click OK.
Test RMS Auto-Classification
Verify that files with a PII value of Low, Moderate, or High are automatically classified Do Not Print.

1. In File Server Resource Manager, click File Management Tasks.

2. In the Actions pane, click Run File Management Task Now.
3. Click Wait for the task to complete, and then click OK.
4. Switch to DAClient, and the log on as Contoso\BenSmith using the password pass@word1 or
the credentials for the domain you created.
5. Navigate to \\Server1\CorpData.
6. Open SecureData using Microsoft Word.
Note: Launching Microsoft Word will configure RMS.
Note: This file will have Do Not Print permissions.
Merge the checkpoints into the respective virtual machines by deleting the
checkpoints made earlier.
Table
Table of Capability
Contents Scenarios

Protect data and provide secure remote access
Role: Technologies:
Infrastructure admin Windows Server 2012 R2 Essentials
System Center 2012 R2 Configuration Manager
 Storage Spaces
 Windows Azure Backup

 Remote Web Access
Today’s small business owners face daily challenges in running their businesses, and one of the
more difficult challenges can include managing an IT infrastructure. However, the primary focus
for most business owners is on their core business competencies, not on becoming technology
experts. Because investments in technology directly impact the bottom line, there is a constant
need to achieve real business benefits and mitigate costs against a backdrop of time pressures and
limited technical skills. In addition to this pressure, many small businesses are now looking toward
cloud services and what they may offer—which can add even more apprehension in adopting
new technology.
Windows Server 2012 R2 Essentials is designed to help small businesses operate at the same
technology level as much larger organizations, without the added costs and complexities of
managing a complicated IT infrastructure. Windows Server Essentials also provides a high degree
of flexibility and choice that enables small businesses to leverage a combination of cloud-based or
traditional on-premises applications and services.
There are three primary capability areas Windows Server Essentials that meet many of the most
pressing needs of small businesses: 1) helping protect your data, 2) providing secure remote
access, and 3) integrating cloud services. In addition, there are two key new deployment options
available. The first is the ability to run as a Hyper-V host for the purposes of running Windows
Server Essentials as a virtual machine—it is no longer necessary to obtain Hyper-V separately. The
second is the implementation of the Windows Server 2012 R2 Essentials feature set as a role in
Capability Scenarios: Server Essentials for Small Business 84

the Standard and Datacenter editions of Windows Server. You can take a closer look at these new
capabilities in the sections that follow.
A cloud-enabled solution for small business

Windows Server Essentials incorporates best-of-breed capabilities to deliver a server
environment well suited for the vast majority of small businesses. Windows Server Essentials
enables you to:
 Protect your data. Windows Server Essentials leverages several new features available
in Windows Server 2012 to provide greatly improved data protection capabilities. The
new Storage Spaces feature allows you to aggregate the physical storage capacity of
disparate hard drives, dynamically add hard drives, and to create data volumes with
specified levels of resilience. Windows Server Essentials can perform complete system
backups and bare-metal restores of the server itself as well as the client computers
connected to the network—now with support for volumes larger than 2 terabytes. The
Windows Azure Backup service can also be used to protect your Windows Server files
and folders in a cloud-based storage service that is managed by Microsoft. Windows
Server Essentials also centrally manages and configures the new File History feature of
Windows 8 and Windows 8.1 clients, helping users to recover from accidentally deleted
or overwritten files without requiring administrator assistance.
 Provide secure remote access. Remote Web Access provides a stream-lined, touch-
friendly browser experience for accessing applications and data from virtually
anywhere you have an Internet connection and using almost any device. Windows
Server Essentials also provides an updated Windows Phone application and a new
modern application for Windows 8 and Windows 8.1 clients, allowing users to
intuitively connect to, search across, and access files and folders on the server. Files are
automatically cached for offline access and synchronized when a connection to the
server becomes available. Windows Server Essentials turns setting up virtual private
networking (VPN) into a painless wizard-driven process of just a few clicks, and
simplifies the management of VPN access for users. Client computers can leverage a
VPN connection to remotely join the Windows Server Essentials environment without
the need to come into the office.
 Integrate cloud services. Windows Server Essentials has been designed to allow
customers the flexibility to choose which applications and services run on-premises
and which run in the cloud. In previous versions, Windows Small Business Server
Standard included Exchange Server as a component product, which added expense
and complexity for customers who wished to leverage cloud-based messaging and
collaboration services. With Windows Server Essentials, customers can take
advantage of the same type of integrated management experience whether they
choose to run an on-premises copy of Exchange Server, subscribe to a hosted
Exchange service, or subscribe to Office 365.
 Monitor health. Windows Server Essentials monitors its own health status and the
status of client computers running Windows 7, Windows 8, Windows 8.1, and Mac OS
X version 10.5 and above. Health status notifies you of issues or problems related to
computer backups, server storage, low disk space, and more. Health reports can be

automatically generated on a scheduled basis and emailed directly to local
administrators or external partners.
 Provide extensibility. Windows Server 2012 Essentials builds on the extensibility
model of Windows SBS 2011 Essentials, which allows other software vendors to add
capabilities and features to the core product, and adds a new set of Web Services APIs.
It also maintains compatibility with the existing software development kit (SDK) and
add-Ins created for Windows SBS 2011 Essentials.
The Windows Server solution

Technology has always promised to solve problems, not create them. Windows Server 2012 R2
Essentials and the Windows Server Essentials Experience role deliver on that promise by
simplifying business technology, providing easier setup, installation, and migration experiences, a
simplified management experience, and better network-wide security features for the small
business customer. They incorporate the latest Microsoft technologies for management,
networking, data storage and backup, security, and document and printer sharing. Windows
Server Essentials provides integration capabilities for cloud-based applications and services,
allowing small business customers the flexibility to choose the best environment for their line-of-
business and collaboration solutions.
Windows Server Essentials allows small businesses to retain core infrastructure and security
features on their local networks, and also includes technologies to enable robust integration with
cloud-based services. This allows end-users to work in ways that are familiar to them, while at the
same time making it easier for small businesses to take advantage of the growing set of offerings
available in the cloud through platforms such as Microsoft Office 365 and Windows Azure.
Working with Microsoft Partners is also a great way to reduce complexity for businesses.
Windows Server Essentials makes it easier for partners to deliver value to customers through
simplified installation, administration and mitigated costs.
In the following experience, you will learn how to manage users, user groups and devices in the network.
Experience: Windows Server Essentials management

In this experience, use the Windows Server Essentials Dashboard to manage users, user groups,
and devices in the network:
 Enable the Essentials role.

 Manage users and groups in the dashboard.
 Manage devices in the dashboard.
 Configure health alerts and add-ins.
 Protect data.
Prerequisites

To ensure successful completion of this experience, you must add an additional network
adapter to a machine that has an external facing, Internet-capable IP as well as one additional
127GB SCSI VHDX. The following steps will walk you through creating these additional
components.
 Be sure to complete the prerequisite setup below.
Reference Links
For additional guidance, see the following TechNet articles:
Windows Server 2012 R2 Essentials and Windows Server 2012 Essentials
Getting started with Windows Server 2012 Essentials
Manage User Accounts in Windows Server 2012 Essentials
Complete the prerequisite setup


2. Right-click on Server3, and select Settings. If the virtual machine is running, shut it down
before proceeding.
3. From the Settings menu, select Add Hardware. From the list of available hardware to add to
your virtual machine, select Network Adapter and click Add.
4. In the Network Adapter settings dialog for your new adapter, select Eval-External for your
Virtual Switch and click OK.
5. From the Settings menu, select SCSI Controller. From the list of available hardware to add to
your virtual machine, select Hard Drive from the SCSI Controller pane on the right-hand side
and click Add.
6. In the Hard Drive properties page, select Virtual hard disk and click New.
10. On the Specify Name and Location page, for Name enter Server3_Disk1 and for location
enter D:\VMs\Server3\Virtual Hard Drives.
11. On the Configure Disk page, set the size to 127GB (default value), and click Next.
13. Start the virtual machine.

1. Start the Disk Management console, right-click on Disk 1 and select Online.
2. Select Disk 1 again, and right-click and select Initialize.

3. Once the disk is initialized, right-click on Disk 1 and create New simple volume.
4. Click Next on all the prompts, accepting the default values for each window, and Format
Disk 1 when complete.
Enable the Essentials role

1. From the Server Manager dashboard, select Add roles and features.
3. On the Select Installation type page, select Role-based or feature-based installation and
click Next.
4. On the Select destination server page, select Server3.contoso.com and click Next.
5. On the Select server roles page, select Windows Server Essentials Experience, and click
Next.
6. On the Add Roles and Features Wizard pop-up, click Add Features using the pre-populated
defaults.
7. On the Select features page, click Next, accepting the pre-populated defaults.
8. On the Windows Server Essentials Experience page, click Next.
9. On the Web Server Role (IIS) page, click Next.
10. On the Select role services page, click Next, accepting the pre-populated defaults.
11. On the Confirm installation selections page, click Install.
12. Once installation is complete, return to the Server Manager dashboard, and select
Notifications from the dashboard menu, and select Configure Windows Server Essentials.
13. On the Configure Windows Server Essentials page, click Configure.
Note: You may need to wait up to 30 minutes for this step to complete.
14. Reboot the server once configuration is complete.
Manage users and groups in the dashboard
The Windows Server Essentials Dashboard provides an easy way for user and user-group
management. In this task, create new user accounts and set the user access permissions. Then
create user groups and provide access permissions for the groups.
To create a new user account

1. From the desktop, open the dashboard.

2. On the navigation bar, click Users.
3. Select the Users sub tab.
4. In the Users Tasks pane, click Add a user account. The Add a User Account Wizard appears.

5. Enter the user's First Name as John and the Last name as Smith. The User Account Name
should be JohnSmith, and set the password to Passw0rd!
6. Set the Level of access to Standard User, and click Next.
7. On the Select Shared folder access for this user account page, select read/write and click
Next.
8. On the Enable Anywhere Access for this account, check all the check boxes except Server
Dashboard, and click Create Account.
To manage user access permissions
1. Open the Dashboard and on the navigation bar, click Users.

2. In the list of user accounts, select the user account to edit.
3. In the User Account Tasks pane, click View the account properties.
4. On the Properties for User Account, on the General tab, select User can view network
health alerts (if the user account needs to access network health reports).
5. On the Shared folders tab, set the appropriate folder permissions for each shared folder as
needed.
6. To allow a user to connect to the server using VPN, on the Anywhere Access tab, select the
Allow Virtual Private Network (VPN) check box.
7. To allow a user to connect to the server using Remote Web Access, on the Anywhere
Access tab, select the Allow Remote Web Access check box and the Access to Web Services
Applications check box.
8. On the Computer access tab, select the network computers to which you want to grant the
user access.

To create a new user group
1. From the desktop, open the dashboard.

2. On the navigation bar, click Users.
3. Select the User Groups sub tab.
4. In the User Groups Tasks pane, click Add a user group. The Add a New Group Wizard
appears.
5. Follow the instructions to complete the wizard.

To manage user group access permissions

1. Open the dashboard. On the navigation bar, click Users.

2. Click the User Groups sub tab.
3. In the list of user groups, select the user group to edit.
4. In the User Group Tasks pane, click View the user group properties.
5. On the Members tab, click Edit to select the user accounts that to add to or remove from
this user group.
6. In the Shared folders tab, set the appropriate folder permissions for each shared folder as
needed.
7. To allow all the users belong to this user group to connect to the server using VPN, on the
Anywhere Access tab, select the Allow Virtual Private Network (VPN) check box.
8. To allow all the users belonging to this user group to connect to the server using Remote
Web Access, select the Allow Remote Web Access and Access to Web Services Applications
check box.
9. On the Computer access tab, select the network computers to which you want to grant
group access.
Note: When you change access permissions for a user group and select the
User Account for this user group on the Users tab, you should see the
updated access level.

Manage computers in the dashboard
In the Windows Server Essentials Dashboard, you can view client computer status and configure
group policy settings for network joined computers.
The Devices page of the dashboard displays the following:
 A list of network computers with these details:

 The name of the computer.
 The status of the computer: Online, or Offline.
 The computer description.
 The Backup status of the computer.
 The Update status of the computer.
 The Security status of the computer.
 The Alerts status of the computer.
 Group Policy information for the computer.
 A details pane with additional information about a selected computer.
 A tasks pane with a set of device administrative tasks.

To view the status of network computers

1. Open the dashboard.

2. On the navigation bar, click Devices.
3. View status of all the computers in the network within the list pane.
Note: Currently only Server3 is managed by the Essentials role.
Configure health alerts and add-ins
In this step, you will configure health alerts and add-ins.

1. Open the dashboard and then click the Devices tab.
Note: All computer management is performed on the Devices tab. Here you
can view details of each computer joined to the network, including Mac
client computers. There are a number of alerts you can review in the lab
environment.

2. Click Server3, and then in the Tasks pane, click View the server properties, and then click
the General tab.
3. On the General tab, review the computer information, and then click the Backup tab.
Important
Depending on the elapsed time and the time of day, you may not see any backups in the
Server3 Properties dialog box, as the first automatic backup will take some time to
complete.
4. Select the first backup (if present), and then click View Details.
Note: You can view the computer's backup history, when the backups ran,
whether they were successful, and how many are currently stored on the
server. The automated client backup in Windows Server Essentials allows
you to restore individual files and folders, and even perform a complete
bare-metal restore if needed. If one of the employee’s machines had a
catastrophic failure, it can easily be restored using either a Recovery DVD or
USB key.
Note: For Windows 8 clients, there is an additional option to be able to

manage the File History settings.
5. Review the backup details (If present), and then click OK twice to return to the Devices page.
Note: By examining one of the latest backups you can see which volumes
are backed up and manage the lifecycle of this backup if required. By
default, a backup retention policy controls how long backups are kept.
Protect data
A key requirement for organizations of any size is the ability to protect data. Windows Server
2012 R2
Essentials helps Contoso avoid data loss and prolonged downtime due to hard drive crashes or
system failures for server and client computers. Although Windows Server Essentials has
automated client backups, the default schedule is between 6 P.M. and 9 A.M. While this is
sufficient for computers on the network; Richard wants to have a backup of Server3 immediately.
Windows Server Essentials leverages checkpoint backup technology, which allows fast, efficient
backups. By default, the server is backed up twice a day, but you can define a custom schedule to
meet the needs of your business. The first backup will capture all the data and system files, while
subsequent backups will only capture the changes and will be much faster.
In this step, you will start a backup so that you know Server3 is fully protected.

1. Open the dashboard, and in Devices, select Server3, and then in the Server3 Tasks pane, click
Set a backup for the server.
2. In the Backup Description for Server3, keep the default name, and then click OK.
Note: The backup can be named so that it can be easily identified.
3. Review the content of the Getting Started page, and then click Next.
Note: To implement server backup, you need to specify three things: a

backup destination disk (which can be internal, but external drives are
recommended), the items you wish to back up, and the schedule you want
to use
4. Check Show all drives that can be used as backup drives, check the Microsoft Virtual Disk
Drive#1 check box, and then click Next.
Note: Because this is the first time the backup has been configured, you will
need to specify the backup destination drive. When selecting a backup
destination drive for the first time, you will be prompted to format the
drive.
5. In the Set up Server Backup dialog box, click Yes.

6. In Microsoft Virtual Disk Drive #1, type Primary Server Backup, and then click Next.
Note: It is very helpful to provide a label for your backup destination and to
affix a matching label to the physical device. That way, you can easily
identify the desired device when performing subsequent backups or
restoring data.
7. Click Next, then Next again.
Note: You can specify which items you want to protect. In most cases, all
items will be selected.
8. Click Apply settings.

9. Click Close.
The server backup setup is completed, and now provides daily automated backup of both the
client computers and the server.
Client backup is only part of the story. For a full disaster recovery solution you also need server
backup. Windows Server Essentials provides full automated server backup for the OS, system files,
shared folders, as well as the client computer backups. This ensures that you can fully recover if
anything happens to the server.
Two advanced experiences are available in Appendix: Advanced Windows Server Experiences, if
you want to explore further.

 Configure Group Policy settings for network-joined computers.
 Health monitoring and reporting.
Scenarios
Table of Capability
Contents Scenarios

Conclusion
Windows Server and the Datacenter

On the pages in this guide, you have seen how Contoso resolves both common and unique
business challenges with Windows Server 2012 R2 features and capabilities. Perhaps you have
had an opportunity to step through some of the experiences in your evaluation environment.
As you have seen, Windows Server 2012 R2 can help you automate a broad set of management
tasks, simplifying the deployment of major workloads and increasing operational efficiencies. You
benefit from new levels of cross-platform support, as well as resilient, multi-tenant-aware storage,
and networking capabilities that handle a wide range of workloads using industry-standard
hardware. Together with Windows Azure and System Center 2012 R2, you get a datacenter
solution with support for modern, self- service applications, automation of repeatable tasks, and
the ability to more efficiently manage datacenter capacity, helping increase business agility.
For more information, see the videos and other resources in the Appendix: Windows Server
Resources. To understand and evaluate how System Center 2012 R2 adds a management layer to
enable at-scale management of major new Windows Server capabilities, including storage,
networking and server virtualization innovations, download the System Center 2012 R2 Evaluation
Guide. As with this guide, you can use the guide to build a System Center evaluation environment
and walk through some experiences.
Table of Capability
Contents Scenarios
Conclusion: Windows Server and the Datacenter 97

Appendix: Advanced Windows
Server Experiences
Two advanced experiences follow:
 Configure Group Policy settings for network-joined computers.

 Health monitoring and reporting.
Configure Group Policy settings for network joined computers
You can configure Group Policy settings and deploy them to computers in the Windows Server
2012 R2 Essentials network using the Dashboard. The Windows Server Essentials Group Policy
includes settings for Folder Redirection, Group Policy, and Security Policy Settings that impact
Windows Update, Windows Defender, and the Network Firewall.
To configure Group Policy in Windows Server Essentials

1. Open the Dashboard.

2. On the navigation bar, click Devices.
3. In the global Devices Tasks pane, click Implement Group Policy. The Implement Group Policy
wizard appears.
4. On the Enable Folder Redirection Group Policy page of the wizard, you can choose User
Folders to be redirected.
5. On the Enable Security Policy Settings page of the wizard, you can choose to select Group
Policy for Windows Update, Windows Defender, and the Network Firewall.
6. Click Finish to implement the Group Policy.
Appendix: Advanced Windows Server Experiences: Server Essentials for Small Business 98
Health monitoring and reporting
In this step, learn about the Windows Server Essentials health status monitoring and reporting. You
will open the Health Monitoring tab, manage Health alerts, and set up the Health report.
Open Health Monitoring tab
The server monitors its health status and the health of computers that are connected to it. It
generates an alert for issues that are related to computer backups, server storage, files system,
hard drives, and more. These issues are displayed as alerts in the Health Monitoring tab in the
Dashboard.
To view the Health Monitoring tab


2. On the menu bar, click any of the displayed alerts icons (Critical, Warning, or Informational)
and then click See more information.
3. You can also click HOME on the navigation bar and then click the Health Monitoring tab to
go there directly.
Managing health alerts
This task presents organizing, resolving, ignoring, and deleting alerts in the Dashboard.
Organizing alerts
You can organize alerts in the Health Monitoring tab and display them based on their severity level
(Critical, Warning, or Informational) or based on the computer name.
To organize health alerts


2. Click the Health Monitoring tab.
3. Right-click the empty space below the alerts and then do one of the following:
a. Select Group by Computer. This displays alerts grouped by computer name.
b. Select Group by Level. This displays alerts grouped by severity level.
To delete health alerts

3. Right-click the alert that you want to delete, and then click Delete.
The deleted alert is removed immediately. If you delete an alert and the server detects the
problem again in the health evaluation cycle, it generates a new alert. You can instantly refresh
the alerts list by clicking Refresh.
To ignore health alerts
1. Open the dashboard.

3. Select the alert that you want to ignore, and then in the Tasks section, click Ignore the alert.
You can ignore an alert if you prefer to respond to it later. When you ignore an alert, it is still
listed in the Health Monitoring tab, but it is in an inactive state.
Note: An ignored alert is not included in the overall health assessment of

the computers in the network.
You can activate the alert again if you would like to include it in the next network health
assessment cycle.
To activate health alerts

3. Select the alert that you want to activate, and then in the Tasks section, click Activate this
alert.
When you activate an alert that you have ignored, it becomes active, and it is included in the
overall health assessment of the computers in the network.
Health report
You can configure your server to notify you of alerts by email. The email alert notifications contain
the same information about the network issues and resolution steps that is displayed in the Health
Monitoring tab. In this task, find out how to generate a report on demand or on schedule,
customize Health report settings and configure SMTP on your server to send Health report email.
Generate a report on demand or on schedule

1. Open the Dashboard and on the navigation bar, click HOME.

2. Click the Health Report tab.
3. In the Health Report Tasks pane, click Generate a health report. After a health report is
generated, a new item is created in the list pane, identified by the date and time the report
was generated.
4. To open a report, you can double-click it in the list pane, or you can select it and then click
Open the health report in the task pane. The report will be displayed in a new window in
HTML format.
Customize Health Report settings
1. Open the Dashboard and on the navigation bar, click HOME.

2. Click the Health Report tab.
3. In the Health Report Tasks pane, click Customize Health Report settings.
4. On the Content tab, select or clear the check boxes for the content that you want to see in
the report.
5. On the Schedule and Email tab, set the health reporting schedule time.
Configure SMTP on your server to send Health Report email
To set up email for health reporting
1. Open the Dashboard and on the navigation pane, click HOME.

2. Click Health Report tab.
3. In the Health Report Tasks pane, click Customize Health Report settings.
4. Click the Schedule and Email tab, and then click Enable.
5. In the SMTP Settings window, do the following:
a. In the From text box, type an email address from which the email alerts will be
sent. This email address will be displayed as the sender’s address in the alert
notification email.
b. For SMTP server name, type the name of the SMTP server corresponding to the
email typed in step 5a. See Figure 4 for a list of some SMTP server names.
c. For SMTP port, type the port number that is used by the SMTP server to send and
receive email. (Refer to Figure 4 for the port numbers that are used by the some of
the SMTP servers).
d. Select This server requires a secure connection (SSL) if the SMTP server uses SSL.
See Figure 4.
e. Select This server requires authentication if the SMTP server requires a user name
and password information (see Figure 4). If you select this check box, type the user
name and password of the email address that you entered in the From email
address field in step 5a, and then click OK.
SMTP Server SSL Authenticatio Port Account Name/Login Name

Require n Number
d Required
smtp.gmail.com Yes Yes 587 Provide full email address with
domain name and password for
smtp.live.com Yes Yes 587 authentication.
Provide full email address with
smtp.comcast.net Yes No 587 authentication.
Provide full email address with
smtp.mail.yahoo.co No Yes 25 authentication.
Provide only the email address
m without a domain name for the user
name.
Figure 4: Examples of SMTP server settings
6. In Set up notification for alerts, for Email recipients, type the email addresses of the
persons that you would like to receive reports by email. Separate each email address with a
semicolon (;).
7. To verify that you have configured your SMTP server settings correctly to send email
notifications for alerts, click Apply, choose one health report, and then click Email the Health
Alert.
Table of Capability
Contents Scenarios
Appendix: Windows Server
Resources
References for IT Professionals
Take a look at tools especially for IT pros, including videos, podcasts, and educational sessions.
Posters and Guides
Windows Server Find posters and companion reference guides for key Hyper-V
Architecture technologies in Windows Server 2012.
Video and audio resources Details
TechNet Radio The podcast for anyone who is passionate about IT.
Weekly guests include IT peers and technical roles
inside Microsoft and industry experts.
TechNet Video Videos, screencasts, podcasts, and articles to help IT pros stay
up to date on the latest Microsoft products and technologies
The Edge Show (formerly Weekly news from Microsoft relevant for IT pros and a
TechNet Edge) technical dive into various products and scenarios like
Windows Server, Windows Azure, Private Cloud, and
TechEd 2013 Keynote Consumerization of IT.Microsoft
With Brad Anderson,
Presentation
TechEd 2013 Foundation With Jeffrey Snover and Jeff Woolsey, Microsoft
Session: Transform the
Datacenter with Server and
Management Innovations
from Microsoft
TechEd 2013 Foundation With Shawn Bice, Microsoft
Session: Big Data. Small Data.
Any Data
TechEd 2013 Foundation With Andrew Conway, Microsoft
Session: Enabling People-
Centric IT
TechEd 2013 Foundation With Scott Woodgate, Microsoft
Session – Building Modern
Business Applications
Appendix: Windows Server Resources: References for IT Professionals 106

MMS 2013 Keynote – Cloud With Brad Anderson, Microsoft
Optimize your Business with
Microsoft Management
Solutions
Event Resources
TechEd North America 2013, New Orleans, June 3-June 6
Build 2013, San Francisco, June 26-June 28
TechEd Europe 2013, Madrid, June 25-June 28
Microsoft Management Summit 2013, Las Vegas, April 8-April 12
Education
Microsoft Virtual Academy Courses – Windows Server
Microsoft Virtual Academy Courses – Windows Azure
Microsoft Virtual Academy Courses – SQL Server
Microsoft Learning – Private Cloud training
Microsoft Learning – Windows Server training
Microsoft Learning – SQL Server training
Microsoft Learning – Windows Azure training
Microsoft Jump Start series
Table of Capability
Contents Scenarios
Appendix: Windows Server Resources: References for IT Professionals 107

Windows Server 2012 R2 Evaluation Guide PDF

Uploaded by

Copyright:

Available Formats

Windows Server 2012 R2 Evaluation Guide PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Windows Server 2012 R2 Evaluation Guide PDF

Uploaded by

Copyright:

Available Formats

Windows Server

Published: 4 October 2013

Transforming Your Datacenter .................................................................................................. 7

Capability Scenarios ................................................................................................................ 21

Appendix: Advanced Windows Server Experiences .................................................................. 98

Appendix: Windows Server Resources ................................................................................... 106

Navigating the document on your terms

Using This Guide 1

New Features and Highlights

Comprehensive approach to software-defined networking. Windows Server 2012 R2 delivers

Network infrastructure enhancements. With automation, networks of virtualized data centers

Desired State Configuration. Desired State Configuration (DSC) is a Windows PowerShell

Storage Networking Server Virtualization

 Storage QoS  SMB Direct  Live migration using

Windows Server: Architecture of the Evaluation Environment

Introduction to the evaluation environment

For this evaluation, it is recommended that you use an isolated environment

Transforming Your Datacenter: Windows Server: Architecture of the Evaluation Environment 7

Prerequisites for the physical infrastructure

Name CPU Memory Disk NICs

Transforming Your Datacenter: Windows Server: Architecture of the Evaluation Environment 8

Some important notes regarding the servers:

 Both hosts should have static IPs.

Note: Hardware requirements include two hosts meeting the minimum

Transforming Your Datacenter: Windows Server: Architecture of the Evaluation Environment 9

Introduction to the evaluation scripts

 Datacenter Evaluation Deployment Tool

Transforming Your Datacenter: Windows Server Installation 10

Setting up the environment requires two main steps:

1. Follow the manual steps to prepare the hosts.

Installation of the datacenter evaluation environment

1. Set up host computers.

TechNet articles are provided to assist in configuration processes.

Set up host computers

 Install Windows Server 2012 R2.

 Download Windows Server 2012 R2

Add Hyper-V roles

 Install the Hyper-V Role and Configure a Virtual Machine

Create a virtual machine for the domain controller

Transforming Your Datacenter: Windows Server Installation 12

Transforming Your Datacenter: Windows Server Installation 13

 Group Policy Overview

Configure the two hosts

Set Remote Desktop properties

Transforming Your Datacenter: Windows Server Installation 14

Note: The Convert-WindowsImage.ps1 file is available for download at

2. Download the ISO files for Windows Server 2012 R2 .

Note: Follow the directions on the Convert-WindowsImages1 page to run this

Transforming Your Datacenter: Windows Server Installation 15

Virtual servers for the Windows Server evaluation experiences

Transforming Your Datacenter: Windows Server Deployment 16

Transforming Your Datacenter: Windows Server Deployment 17

Transforming Your Datacenter: Windows Server Deployment 18

Name Main IP vCPU Dynamic Disk

Figure 2: Windows Server virtual machine specifications

Deploy the Windows Server evaluation environment

Open Windows PowerShell as Administrator, navigate to the following directory

 .\VMCreator –inputfile ExperiencesVariable.xml

1. Creates all the virtual machines needed to evaluate Windows Server.