#TESIA312 Virtualization That Just Works • All Active Directory features work equally well in physical, virtual or mixed environments Simplified Deployment of.

Download Report

Transcript #TESIA312 Virtualization That Just Works • All Active Directory features work equally well in physical, virtual or mixed environments Simplified Deployment of. 

#TESIA312
Virtualization That Just Works
• All Active Directory features work equally well in physical, virtual or mixed environments
Simplified Deployment of Active Directory
•
•
•
•
Complete integration of environment preparation, role installation and DC promotion into a single UI
DCs can be deployed rapidly to ease disaster recovery and workload balancing
DCs can be deployed remotely on multiple machines from a single Windows 8 machine
Consistent command-line experience through Windows PowerShell enables automation of deployment tasks
Simplified Management of Active Directory
•
•
•
•
GUI that simplifies complex tasks such as recovering a deleted object or managing password policies
Active Directory Windows PowerShell viewer shows the commands for actions performed in the GUI
Active Directory Windows PowerShell support for managing replication and topology data
Simplify delegation and management of service accounts
Miscellaneous
Management
Simplified Deployment
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Virtualization-Safe
Technology
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Rapid Deployment
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory
Platform Changes
Group Managed Service
Accounts
Dynamic
Access Control
Miscellaneous
Simplified Deployment
Virtualization-Safe
Technology
Rapid Deployment
Active Directory
Platform Changes
Streamline the deployment process
… by integrating preparation and promotion
processes & automating pre-requisites in-between
Minimize odds of deployment failures
… by validating environment pre-requisites before
deployment
Minimize number of touch-points
… by providing remote capabilities for both
preparation and promotion processes
Optimize for common deployment paths
… by aligning the configuration wizard to the most
common deployment scenarios
Bring consistency with other Windows
Server roles deployment experiences
… by integrating the full deployment experience with
Server Manager
Gain UI-consistency by leveraging an
enhanced command-line experience
… by providing a deployment & configuration wizard
that is built on top of Windows PowerShell
http://microsoft.com
Miscellaneous
Simplified Deployment
Virtualization-Safe
Technology
Rapid Deployment
Active Directory
Platform Changes
USN rollback NOT detected: only 50 users converge across the two DCs
All others are either on one or the other DC
100 security principals (users in this example) with RIDs 500-599 have conflicting SIDs
Miscellaneous
Simplified Deployment
Virtualization-Safe
Technology
Rapid Deployment
Active Directory
Platform Changes
Miscellaneous
Simplified Deployment
Virtualization-Safe
Technology
Rapid Deployment
Active Directory
Platform Changes
…further details on this in the appendix of this deck
… further details on this in the appendix of this deck
… further details on each of these new controls in the appendix of this deck
Miscellaneous
Management
Simplified Deployment
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Virtualization-Safe
Technology
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Rapid Deployment
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Active Directory
Platform Changes
Group Managed Service
Accounts
Dynamic
Access Control
Management
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Group Managed Service
Accounts
Dynamic
Access Control
Management
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Group Managed Service
Accounts
Dynamic
Access Control
Management
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Group Managed Service
Accounts
Dynamic
Access Control
Management
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Group Managed Service
Accounts
Dynamic
Access Control
Management
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Group Managed Service
Accounts
Dynamic
Access Control
Management
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Group Managed Service
Accounts
Dynamic
Access Control
Management
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Group Managed Service
Accounts
Dynamic
Access Control
Management
Recycle Bin
User Interface
Active Directory Replication &
Topology Cmdlets
Active Directory PowerShell
History Viewer User Interface
Active Directory
Based Activation
Fine-Grained Password Policy
User Interface
Kerberos Enhancements
Group Managed Service
Accounts
Dynamic
Access Control
With this deployed…
... these features become available
•
+ First Windows Server 2012 domain-member
(or Windows 8 with RSAT installed)
•
•
•
•
•
•
+
First Windows Server 2012 DC
+ Windows Server 2012 DC holds PDC FSMO role
•
•
•
•
New Active Directory Administrative Center
• Windows PowerShell History Viewer
• Graphical Recycle Bin and FGPP management
Richer authorization through DAC & FCI
Active Directory-based Activation
• Requires Windows Server 2012 schema extensions
Active Directory Replication & Topology Cmdlets
AD FS (v2.1)
Simplified Deployment and Preparation
Dynamic Access Control policies and claims
• Kerberos Claims in AD FS (v2.1)
Cross-domain Kerberos Constrained Delegation
Group Managed Service Accounts
Virtualization-Safe for the Windows Server 2012 DC
• requires Hypervisor support for VM-Gen-ID
Rapid virtual DC deployment through DC-cloning
• requires Hypervisor support for VM-Gen-ID
#TESIA312
Hands-On Labs
DOWNLOAD
Windows Server
2012 Release
Candidate
DOWNLOAD
Microsoft
System Center
2012 Evaluation
microsoft.com/windowsserver
microsoft.com/systemcenter
http://europe.msteched.com
www.microsoft.com/learning
http://microsoft.com/technet
http://microsoft.com/msdn
http://europe.msteched.com/sessions
[email protected]
www.msmvps.com/UlfBSimonWeidner