Any good networking operating system should offer ways to simplify the job of keeping one server or one thousand servers up and running. The server should also stay up and running with the smallest amount of effort possible on the part of the humans doing the server administration. No one operating system has the answer for server administration, but Windows Server has gotten a bit better in 2012 R2 with some useful new tools.
Server Manager
Prior to Windows Server 2008, when an administrator had to configure and maintain a server, the administrator would have to use many different tools. Windows Server 2008 changed all that by introducing Server Manager, a one-stop shop for all of your configuration and management tools.
In Windows Server 2012 R2 Microsoft has expanded this functionality even further. Server Manager now lets administrators manage multiple servers (virtual or physical/local or remote) as long as they are no older than Windows Server 2003.
[caption id="" align="alignnone" width="794"]
Management Tools[/caption]Adding roles and features in Server Manager has gotten even smarter. As you make your your selections the Add Roles and Features Wizard dynamically changes. The wizard assists you in deciding which subset of tools and features are needed for the requested role.
Server Manager has a new dashboard that can show you if problems exist using color-coded boxes. If, for example, an error occurred from within the DNS event log, the DNS box on the dashboard would turn red. This is an excellent tool for troubleshooting your server, and since the dashboard is the fi rst thing you see when you log in, you can’t miss it.
Speaking of troubleshooting your server, Server Manager has a host of new troubleshooting tools that we will show you more about in Chapter 2. These tools are all inside the role, inside
Server Manager, so you do not have to open multiple applications like Event Viewer or Performance Analyzer to see the results—they’re all in one spot!
You can read more about Server Manager :
The Remote Tools: WinRM and WinRS
It’s the case all too often that new operating systems include some really important and useful features that go largely unnoticed. Windows Server 2012 R2 contains one of those neat but largely unknown features in a new network protocol called Windows Remote Management (WinRM). To understand why WinRM is a great feature, let’s consider what WinRM is intended to replace: a protocol known as the Remote Procedure Call (RPC).
Even if you've never heard of RPC, chances are that you've been using it for years. RPC’s job is to allow one program to talk to another program, even if those programs are running on different computers. For example, if you’ve ever started up Outlook to read your email on an Exchange Server instance, then you've used RPC: it’s how Outlook can tap Exchange on the shoulder and say, “Can I have my email, please?” Or if you’ve ever used an MMC snap-in like DNS, DHCP, or Computer Management to remotely control those functions on a remote
computer from your desktop, you’ve used RPC.
RPC is a protocol that has provided much service over the years, but it has one big problem: it’s hard to secure. Microsoft invented RPC back in the days when there was no Internet, and the vast majority of LANs extended no farther than the distance from the fi rst fl oor to the top floor in an office building, so security wasn't all that big a concern. Years later, when security became a big concern, Microsoft tried to retrofit security onto RPC with some optional changes wrought fi rst by XP SP2, but by that point the horse was out of the barn, and requiring RPC security would just end up breaking hundreds or perhaps thousands of RPC-dependent applications.
Clearly, the time had come for a change in how Windows programs talk to each other, so Microsoft decided to adopt a protocol that did the same sort of thing that RPC did, with a few changes:
◆ It’s not proprietary but is standards-based and platform-independent—there are similar implementations popping up on Linux and Mac OS.
◆ It’s a modifi ed form of HTTPS.
◆ Its communications are encrypted.
◆ It requires authentication to use.
Components of Windows 2012 R2 that use WinRM include event log collection; the ability to use the new Server Manager snap-in on remote servers; and my personal favorite, a secure remote command shell called Windows Remote Shell, or winrs. If you need a secure, low bandwidth
remote-control tool, look to winrs. Read more about WinRM , “Remote Server Administration.”
Remote Desktop Services
In Windows Server 2012 R2 Microsoft has made large strides in improving the user and management experience. Microsoft intended to improve the user experience regardless of the kind of device being used to connect. They wanted to make sure connecting through a WAN
or LAN (to virtual desktops, RemoteApp programs, or session-based desktops) provides a rich experience to the user. Microsoft also wanted to make the remote desktop management experience better. We agree that they did make it better by adding a centralized console so administrators can manage Remote Desktop Services from a single location. You can read more about Remote Desktop Services
Group Policy Object Improvements
What got better? Plenty. Managing Group Policy objects (GPOs) got easier with the built-in Group Policy Management Console. In previous Windows versions, one problem that administrators had was manually forcing a GPO to update. Even though GPOs automatically update every 90 minutes, there are times when you need a GPO to take effect immediately.
Administrators had to remote in to the specific computer and run gpupdate.exe from the command line to manually update a GPO.Now if an administrator wants to manually force a GPO update, the administrator can use the context menu for an OU in the Group Policy Management Console and schedule gpupdate.exe to run on multiple computers at the same time. Administrators can also achieve this by using the PowerShell utility and the new Invoke-GPUpdate cmdlet.
Here are some additional changes to Group Policy in Windows Server 2012 R2:
◆ When dealing with monitoring replication issues at the domain level, you no longer need to download and run separate tools.
◆ For devices running Windows RT, you can now confi gure local Group Policy. By default it is disabled, and the service must be started and set to automatic.
◆ Group Policy has been upgraded to support Internet Explorer 10.
You can read more about Group Policy, “Group Policy: AD’s Gauntlet and Active Directory Delegation.”
File and Print Sharing
Back before we ran web or email services on our Windows servers, we only used Server to share two things: big hard drives and expensive printers. File and print are the oldest services offered by Microsoft networks, but apparently they’re not too old to learn a few new tricks.
BranchCache
BranchCache is a technology that optimizes WAN bandwidth by copying content from either your main location or cloud server to your branch office. Once content is copied to the branch, users can access it locally rather than over the WAN. Having the ability to cache files will conserve bandwidth and improve security. BranchCache can support any size office and is not limited to how many it can service. BranchCache can be deployed with just a single Group Policy object (GPO). This technology uses the Windows fi le server to divide fi les into small encrypted pieces. The cool thing about dividing the files into smaller pieces is that client computers can download only the pieces that changed. BranchCache will also check for duplicate content and only download one instance of the content, saving disk space.
Post a Comment