MCT USE ONL
Y. STUDENT USE PROHIBITED
O F F I C I A L M I C R O S O F T L E A R N I N G P R O D U C T
20414B
Implementing an Advanced Server
Infrastructure
MCT USE ONL
Y. STUDENT USE PROHIBITED
ii Implementing an Advanced Server Infrastructure
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links may be provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein.
© 2012 Microsoft Corporation. All rights reserved.
Microsoft and the trademarks listed at
http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US.aspxare trademarks of the Microsoft group of companies. All other trademarks are property of their respective owners
Product Number: 20414B Part Number: X18-77024 Released: 04/2013
MCT USE ONL
Y. STUDENT USE PROHIBITED
MICROSOFT LICENSE TERMS
MICROSOFT INSTRUCTOR-LED COURSEWARE
These license terms are an agreement between Microsoft Corporation (or based on where you live, one of its affiliates) and you. Please read them. They apply to your use of the content accompanying this agreement which includes the media on which you received it, if any. These license terms also apply to Trainer Content and any updates and supplements for the Licensed Content unless other terms accompany those items. If so, those terms apply.
BY ACCESSING, DOWNLOADING OR USING THE LICENSED CONTENT, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT ACCESS, DOWNLOAD OR USE THE LICENSED CONTENT. If you comply with these license terms, you have the rights below for each license you acquire. 1. DEFINITIONS.
a. “Authorized Learning Center” means a Microsoft IT Academy Program Member, Microsoft Learning Competency Member, or such other entity as Microsoft may designate from time to time.
b. “Authorized Training Session” means the instructor-led training class using Microsoft Instructor-Led Courseware conducted by a Trainer at or through an Authorized Learning Center.
c. “Classroom Device” means one (1) dedicated, secure computer that an Authorized Learning Center owns or controls that is located at an Authorized Learning Center’s training facilities that meets or exceeds the hardware level specified for the particular Microsoft Instructor-Led Courseware.
d. “End User” means an individual who is (i) duly enrolled in and attending an Authorized Training Session or Private Training Session, (ii) an employee of a MPN Member, or (iii) a Microsoft full-time employee. e. “Licensed Content” means the content accompanying this agreement which may include the Microsoft
Instructor-Led Courseware or Trainer Content.
f. “Microsoft Certified Trainer” or “MCT” means an individual who is (i) engaged to teach a training session to End Users on behalf of an Authorized Learning Center or MPN Member, and (ii) currently certified as a Microsoft Certified Trainer under the Microsoft Certification Program.
g. “Microsoft Instructor-Led Courseware” means the Microsoft-branded instructor-led training course that educates IT professionals and developers on Microsoft technologies. A Microsoft Instructor-Led
Courseware title may be branded as MOC, Microsoft Dynamics or Microsoft Business Group courseware. h. “Microsoft IT Academy Program Member” means an active member of the Microsoft IT Academy
Program.
i. “Microsoft Learning Competency Member” means an active member of the Microsoft Partner Network program in good standing that currently holds the Learning Competency status.
j. “MOC” means the “Official Microsoft Learning Product” instructor-led courseware known as Microsoft Official Course that educates IT professionals and developers on Microsoft technologies.
k. “MPN Member” means an active silver or gold-level Microsoft Partner Network program member in good standing.
MCT USE ONL
Y. STUDENT USE PROHIBITED
l. “Personal Device” means one (1) personal computer, device, workstation or other digital electronic device that you personally own or control that meets or exceeds the hardware level specified for the particular Microsoft Instructor-Led Courseware.
m. “Private Training Session” means the instructor-led training classes provided by MPN Members for
corporate customers to teach a predefined learning objective using Microsoft Instructor-Led Courseware. These classes are not advertised or promoted to the general public and class attendance is restricted to individuals employed by or contracted by the corporate customer.
n. “Trainer” means (i) an academically accredited educator engaged by a Microsoft IT Academy Program Member to teach an Authorized Training Session, and/or (ii) a MCT.
o. “Trainer Content” means the trainer version of the Microsoft Instructor-Led Courseware and additional supplemental content designated solely for Trainers’ use to teach a training session using the Microsoft Instructor-Led Courseware. Trainer Content may include Microsoft PowerPoint presentations, trainer preparation guide, train the trainer materials, Microsoft One Note packs, classroom setup guide and Pre-release course feedback form. To clarify, Trainer Content does not include any software, virtual hard disks or virtual machines.
2. USE RIGHTS. The Licensed Content is licensed not sold. The Licensed Content is licensed on a one copy per user basis, such that you must acquire a license for each individual that accesses or uses the Licensed Content.
2.1 Below are five separate sets of use rights. Only one set of rights apply to you. a. If you are a Microsoft IT Academy Program Member:
i. Each license acquired on behalf of yourselfmay only be used to review one (1) copy of the Microsoft Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End User who is enrolled in the Authorized Training Session, and only immediately prior to the commencement of the Authorized Training Session that is the subject matter of the Microsoft Instructor-Led Courseware being provided, or
2. provide one (1) End User with the unique redemption code and instructions on how they can access one (1) digital version of the Microsoft Instructor-Led Courseware, or
3. provide one (1) Trainer with the unique redemption code and instructions on how they can access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid license to the Licensed Content,
iv. you will ensure each End User attending an Authorized Training Session has their own valid licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized Training Session,
v. you will ensure that each End User provided with the hard-copy version of the Microsoft Instructor-Led Courseware will be presented with a copy of this agreement and each End User will agree that their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to denote their acceptance of this agreement in a manner that is enforceable under local law prior to their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Authorized Training Session has their own valid licensed copy of the Trainer Content that is the subject of the Authorized Training Session,
MCT USE ONL
Y. STUDENT USE PROHIBITED
vii. you will only use qualified Trainers who have in-depth knowledge of and experience with the Microsoft technology that is the subject of the Microsoft Instructor-Led Courseware being taught for all your Authorized Training Sessions,
viii. you will only deliver a maximum of 15 hours of training per week for each Authorized Training Session that uses a MOC title, and
ix. you acknowledge that Trainers that are not MCTs will not have access to all of the trainer resources for the Microsoft Instructor-Led Courseware.
b. If you are a Microsoft Learning Competency Member:
i. Each license acquired on behalf of yourselfmay only be used to review one (1) copy of the Microsoft Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End User attending the Authorized Training Session and only immediately prior to the
commencement of the Authorized Training Session that is the subject matter of the Microsoft Instructor-Led Courseware provided, or
2. provide one (1) End User attending the Authorized Training Session with the unique redemption code and instructions on how they can access one (1) digital version of the Microsoft Instructor-Led Courseware, or
3. you will provide one (1) Trainer with the unique redemption code and instructions on how they can access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid license to the Licensed Content,
iv. you will ensure that each End User attending an Authorized Training Session has their own valid licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized Training Session,
v. you will ensure that each End User provided with a hard-copy version of the Microsoft Instructor-Led Courseware will be presented with a copy of this agreement and each End User will agree that their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to denote their acceptance of this agreement in a manner that is enforceable under local law prior to their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Authorized Training Session has their own valid licensed copy of the Trainer Content that is the subject of the Authorized Training Session,
vii. you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is the subject of the Microsoft Instructor-Led Courseware being taught for your Authorized Training Sessions,
viii. you will only use qualified MCTs who also hold the applicable Microsoft Certification credential that is the subject of the MOC title being taught for all your Authorized Training Sessions using MOC, ix. you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and x. you will only provide access to the Trainer Content to Trainers.
MCT USE ONL
Y. STUDENT USE PROHIBITED
c. If you are a MPN Member:
i. Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End User attending the Private Training Session, and only immediately prior to the commencement of the Private Training Session that is the subject matter of the Microsoft Instructor-Led Courseware being provided, or
2. provide one (1) End User who is attending the Private Training Session with the unique redemption code and instructions on how they can access one (1) digital version of the Microsoft Instructor-Led Courseware, or
3. you will provide one (1) Trainer who is teaching the Private Training Session with the unique redemption code and instructions on how they can access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid license to the Licensed Content,
iv. you will ensure that each End User attending an Private Training Session has their own valid licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Private Training Session, v. you will ensure that each End User provided with a hard copy version of the Microsoft Instructor-Led
Courseware will be presented with a copy of this agreement and each End User will agree that their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to denote their acceptance of this agreement in a manner that is enforceable under local law prior to their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Private Training Session has their own valid licensed copy of the Trainer Content that is the subject of the Private Training Session,
vii. you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is the subject of the Microsoft Instructor-Led Courseware being taught for all your Private Training Sessions,
viii. you will only use qualified MCTs who hold the applicable Microsoft Certification credential that is the subject of the MOC title being taught for all your Private Training Sessions using MOC,
ix. you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and x. you will only provide access to the Trainer Content to Trainers.
d. If you are an End User:
For each license you acquire, you may use the Microsoft Instructor-Led Courseware solely for your personal training use. If the Microsoft Instructor-Led Courseware is in digital format, you may access the Microsoft Instructor-Led Courseware online using the unique redemption code provided to you by the training provider and install and use one (1) copy of the Microsoft Instructor-Led Courseware on up to three (3) Personal Devices. You may also print one (1) copy of the Microsoft Instructor-Led Courseware. You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control. e. If you are a Trainer.
i. For each license you acquire, you may install and use one (1) copy of the Trainer Content in the form provided to you on one (1) Personal Device solely to prepare and deliver an Authorized Training Session or Private Training Session, and install one (1) additional copy on another Personal Device as a backup copy, which may be used only to reinstall the Trainer Content. You may not install or use a copy of the Trainer Content on a device you do not own or control. You may also print one (1) copy of the Trainer Content solely to prepare for and deliver an Authorized Training Session or Private Training Session.
MCT USE ONL
Y. STUDENT USE PROHIBITED
ii. You may customize the written portions of the Trainer Content that are logically associated with instruction of a training session in accordance with the most recent version of the MCT agreement. If you elect to exercise the foregoing rights, you agree to comply with the following: (i)
customizations may only be used for teaching Authorized Training Sessions and Private Training Sessions, and (ii) all customizations will comply with this agreement. For clarity, any use of
“customize” refers only to changing the order of slides and content, and/or not using all the slides or content, it does not mean changing or modifying any slide or content.
2.2 Separation of Components. The Licensed Content is licensed as a single unit and you may not separate their components and install them on different devices.
2.3 Redistribution of Licensed Content. Except as expressly provided in the use rights above, you may not distribute any Licensed Content or any portion thereof (including any permitted modifications) to any third parties without the express written permission of Microsoft.
2.4 Third Party Programs and Services. The Licensed Content may contain third party programs or services. These license terms will apply to your use of those third party programs or services, unless other terms accompany those programs and services.
2.5 Additional Terms. Some Licensed Content may contain components with additional terms, conditions, and licenses regarding its use. Any non-conflicting terms in those conditions and licenses also apply to your use of that respective component and supplements the terms described in this agreement.
3. LICENSED CONTENT BASED ON PRE-RELEASE TECHNOLOGY. If the Licensed Content’s subject
matter is based on a pre-release version of Microsoft technology (“Pre-release”), then in addition to the other provisions in this agreement, these terms also apply:
a. Pre-Release Licensed Content. This Licensed Content subject matter is on the Pre-release version of the Microsoft technology. The technology may not work the way a final version of the technology will and we may change the technology for the final version. We also may not release a final version. Licensed Content based on the final version of the technology may not contain the same information as the Licensed Content based on the Pre-release version. Microsoft is under no obligation to provide you with any further content, including any Licensed Content based on the final version of the technology. b. Feedback. If you agree to give feedback about the Licensed Content to Microsoft, either directly or
through its third party designee, you give to Microsoft without charge, the right to use, share and commercialize your feedback in any way and for any purpose. You also give to third parties, without charge, any patent rights needed for their products, technologies and services to use or interface with any specific parts of a Microsoft software, Microsoft product, or service that includes the feedback. You will not give feedback that is subject to a license that requires Microsoft to license its software,
technologies, or products to third parties because we include your feedback in them. These rights survive this agreement.
c. Pre-release Term. If you are an Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, MPN Member or Trainer, you will cease using all copies of the Licensed Content on the Pre-release technology upon (i) the date which Microsoft informs you is the end date for using the Licensed Content on the Pre-release technology, or (ii) sixty (60) days after the commercial release of the technology that is the subject of the Licensed Content, whichever is earliest (“Pre-release term”). Upon expiration or termination of the Pre-release term, you will irretrievably delete and destroy all copies of the Licensed Content in your possession or under your control.
MCT USE ONL
Y. STUDENT USE PROHIBITED
4. SCOPE OF LICENSE. The Licensed Content is licensed, not sold. This agreement only gives you some
rights to use the Licensed Content. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the Licensed Content only as expressly permitted in this
agreement. In doing so, you must comply with any technical limitations in the Licensed Content that only allows you to use it in certain ways. Except as expressly permitted in this agreement, you may not:
access or allow any individual to access the Licensed Content if they have not acquired a valid license for the Licensed Content,
alter, remove or obscure any copyright or other protective notices (including watermarks), branding or identifications contained in the Licensed Content,
modify or create a derivative work of any Licensed Content,
publicly display, or make the Licensed Content available for others to access or use,
copy, print, install, sell, publish, transmit, lend, adapt, reuse, link to or post, make available or distribute the Licensed Content to any third party,
work around any technical limitations in the Licensed Content, or
reverse engineer, decompile, remove or otherwise thwart any protections or disassemble the Licensed Content except and only to the extent that applicable law expressly permits, despite this limitation.
5. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly granted to
you in this agreement. The Licensed Content is protected by copyright and other intellectual property laws and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the Licensed Content.
6. EXPORT RESTRICTIONS. The Licensed Content is subject to United States export laws and regulations.
You must comply with all domestic and international export laws and regulations that apply to the Licensed Content. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting.
7. SUPPORT SERVICES. Because the Licensed Content is “as is”, we may not provide support services for it. 8. TERMINATION. Without prejudice to any other rights, Microsoft may terminate this agreement if you fail
to comply with the terms and conditions of this agreement. Upon termination of this agreement for any reason, you will immediately stop all use of and delete and destroy all copies of the Licensed Content in your possession or under your control.
9. LINKS TO THIRD PARTY SITES. You may link to third party sites through the use of the Licensed
Content. The third party sites are not under the control of Microsoft, and Microsoft is not responsible for the contents of any third party sites, any links contained in third party sites, or any changes or updates to third party sites. Microsoft is not responsible for webcasting or any other form of transmission received from any third party sites. Microsoft is providing these links to third party sites to you only as a
convenience, and the inclusion of any link does not imply an endorsement by Microsoft of the third party site.
10. ENTIRE AGREEMENT. This agreement, and any additional terms for the Trainer Content, updates and
supplements are the entire agreement for the Licensed Content, updates and supplements.
11. APPLICABLE LAW.
a. United States. If you acquired the Licensed Content in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.
MCT USE ONL
Y. STUDENT USE PROHIBITED
b. Outside the United States. If you acquired the Licensed Content in any other country, the laws of that country apply.
12. LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws
of your country. You may also have rights with respect to the party from whom you acquired the Licensed Content. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.
13. DISCLAIMER OF WARRANTY. THE LICENSED CONTENT IS LICENSED "AS-IS" AND "AS AVAILABLE." YOU BEAR THE RISK OF USING IT. MICROSOFT AND ITS RESPECTIVE
AFFILIATES GIVES NO EXPRESS WARRANTIES, GUARANTEES, OR CONDITIONS. YOU MAY HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT AND ITS RESPECTIVE AFFILIATES EXCLUDES ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
14. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM MICROSOFT, ITS RESPECTIVE AFFILIATES AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO US$5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.
This limitation applies to
o anything related to the Licensed Content, services, content (including code) on third party Internet sites or third-party programs; and
o claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
It also applies even if Microsoft knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.
Please note: As this Licensed Content is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French.
Remarque : Ce le contenu sous licence étant distribué au Québec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en français.
EXONÉRATION DE GARANTIE. Le contenu sous licence visé par une licence est offert « tel quel ». Toute
utilisation de ce contenu sous licence est à votre seule risque et péril. Microsoft n’accorde aucune autre garantie expresse. Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues
consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualité marchande, d’adéquation à un usage particulier et d’absence de contrefaçon sont exclues.
LIMITATION DES DOMMAGES-INTÉRÊTS ET EXCLUSION DE RESPONSABILITÉ POUR LES
DOMMAGES. Vous pouvez obtenir de Microsoft et de ses fournisseurs une indemnisation en cas de dommages
directs uniquement à hauteur de 5,00 $ US. Vous ne pouvez prétendre à aucune indemnisation pour les autres dommages, y compris les dommages spéciaux, indirects ou accessoires et pertes de bénéfices.
Cette limitation concerne:
tout ce qui est relié au le contenu sous licence, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers; et.
les réclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilité stricte, de négligence ou d’une autre faute dans la limite autorisée par la loi en vigueur.
MCT USE ONL
Y. STUDENT USE PROHIBITED
Elle s’applique également, même si Microsoft connaissait ou devrait connaître l’éventualité d’un tel dommage. Si votre pays n’autorise pas l’exclusion ou la limitation de responsabilité pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l’exclusion ci-dessus ne s’appliquera pas à votre égard.
EFFET JURIDIQUE. Le présent contrat décrit certains droits juridiques. Vous pourriez avoir d’autres droits
prévus par les lois de votre pays. Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre pays si celles-ci ne le permettent pas.
MCT USE ONL
Y. STUDENT USE PROHIBITED
MCT USE ONL
Y. STUDENT USE PROHIBITED
xii Implementing an Advanced Server Infrastructure
Acknowledgments
Microsoft Learning wants to acknowledge and thank the following for their contribution toward
developing this title. Their effort at various stages in the development has ensured that you have a good classroom experience.
Stan Reimer-Subject Matter Expert
Stan Reimer is president of S. R. Technical Services Inc., and he works as a consultant, trainer, and author. Stan has extensive experience consulting on Active Directory® and Exchange Server deployments for some
of the largest companies in Canada. Stan is the lead author for two Active Directory books for Microsoft®
Press®. For the last nine years, Stan has been writing courseware for Microsoft Learning, specializing in
Active Directory and Exchange Server courses. Stan has been a Microsoft Certified Trainer (MCT) for 12 years.
Conan Kezema-Subject Matter Expert
Conan Kezema, B.Ed, Microsoft Certified Solutions Associate (MCSE), MCT, is an educator, consultant, network systems architect, and author who specializes in Microsoft technologies. As an associate of S.R. Technical Services, Conan has been a subject-matter expert, instructional designer, and author on numerous Microsoft courseware development projects.
Andy Schan-Subject Matter Expert
Andy Schan is an IT infrastructure consultant and author with 15 years experience focusing on architecting and deploying Microsoft technologies for enterprise customers, primarily with Microsoft Exchange (starting with Exchange 4.0 and MS Mail), Windows Server® (starting with Windows NT 3.51), and identity
and access management technologies, including Active Directory Domain Services (AD DS), Active Directory Rights Management Services (AD RMS), Active Directory Federation Services (AD FS), and Microsoft Forefront® Identity Manager. He co-authored the Exchange Server 2010 Best Practices book
published by Microsoft Press, as well as an Exchange Server 2007 study guide published by Sybex. Andy has architected and deployed some of the largest Rights Management Services deployments in the world, and participated on an AD RMS case study published by Microsoft. He also presented at NetPro's
Directory Experts Conference and Quest's The Experts Conference on large-scale AD RMS deployments and customizing AD RMS. He also has designed and deployed AD FS for large private and public-sector customers, including as part of Microsoft's Technology Adoption Program for Windows Server 2008. Andy currently is employed by Microsoft Consulting Services as an infrastructure consultant.
Vladimir Meloski-Subject Matter Expert
Vladimir is an MCT, a Most Valuable Professional (MVP) on Exchange Server, and a consultant who provides unified communications and infrastructure solutions based on Microsoft Exchange Server, Microsoft Lync® Server, and Microsoft System Center. Vladimir has 16 years of professional IT experience,
and has been involved in Microsoft conferences in Europe and the United States, as a speaker, moderator, proctor for hands-on labs, and technical expert. He also has been involved as a subject matter expert and technical reviewer for several Microsoft Official Curriculum (MOC) courses.
Dave Franklyn-Subject Matter Expert
Dave Franklyn, MCT, MCSE, Microsoft Certified IT Professional (MCITP), Microsoft MVP Windows Expert-It Pro, is a Senior Information Technology Trainer and Consultant at Auburn University in Montgomery, Alabama. He's been teaching for 15 years. He's been working with computers since 1976, when he started out in the main-frame world, and then moved early into the networking arena. Before joining Auburn University, he spent 22 years in the U.S. Air Force as an electronic communications and computer systems specialist, retiring in 1998. He is president of the Montgomery Windows IT Professional Group.
Ronnie Isherwood-Subject Matter Expert
Ronnie Isherwood, MCITP, MCT, Member British Computer Society (MBCS), has been working in the IT industry for more than 15 years. He has 13 years of experience working as a systems engineer and as a
MCT USE ONL
Y. STUDENT USE PROHIBITED
Implementing an Advanced Server Infrastructure xiii
consultant delivering server-based solutions. Additionally, he has eight years of experience working mainly with virtualization technologies. He has contributed to multiple System Center community education programs, has presented at Microsoft Private Cloud community events, participated in Microsoft Learning betas, and has presented at the E2E Virtualization conference. His technical passion is virtualization and virtualization management. Ronnie is cofounder of a local Windows user group and a committee member of the Chartered Institute for IT. Prior to becoming a systems engineer, he learned to program in basic and Microsoft Visual Basic®, delivering solutions to the financial services industry.
Telmo Sampaio-Subject Matter Expert
Telmo Sampaio is the Chief Geek at MCTrainer.NET in Miami, FL specializing in System Center, Microsoft SharePoint®, Microsoft SQL, and .NET. Telmo wrote his first application in 1984, which he with the intent
of demonstrating physics concepts to his fellow classmates. His passion for technology and teaching made him a self-taught developer from early age. In 1989, he moved to Wellesley, MA when his father was transferred to work in Boston for a year. He kept developing applications to demonstrate science and math concepts, and decided to remain in the U.S. after his family left. In 1991, he moved back to Brazil and studied Systems Analysis at Pontif'cia Universidade Católica do Rio de Janeiro. When Microsoft extended their Microsoft Certified Professional program to Brazil, Telmo was one of the first in the country to become certified. In 1994, he started delivering Microsoft classes. Soon he was managing the largest training center in Latin America. To date, he has been certified in over 20 different Microsoft products, passing more than 80 exams. After moving back to the U.S. in 2003, Telmo became a contributor to several Microsoft certification exams, an author for official courseware and books, and a speaker at events such as TechEd, PASS, and MMS. Telmo lives in Miami, FL with his wife Joanne, and spends his weekends with his three boys: Marco, Rafael, and Enzo. That is, when he is not traveling the world delivering training.
Damir Dizdarevic-Subject Matter Expert and Content Developer
Damir Dizdarevic is an MCT, MCSE, MCTS, and a Microsoft Certified Information Technology Professional (MCITP). He is a manager and trainer of the Learning Center at Logosoft d.o.o., in Sarajevo, Bosnia and Herzegovina. Damir has more than 17 years of experience on Microsoft platforms, and he specializes in Windows Server, Exchange Server, security, and virtualization. He has worked as a subject-matter expert and technical reviewer on many MOC courses, and has published more than 400 articles in various IT magazines, such as Windows ITPro and INFO Magazine. He's also a frequent and highly rated speaker on most of Microsoft conferences in Eastern Europe. Additionally, he is a Microsoft MVP for Windows Server Infrastructure Management.
Christian Booth-Technical Reviewer
Christian Booth, a MCSE: Private Cloud, MCTS in multiple products, and MCITP: EA, is the Director and Lead Technical Architect for Denali Advanced Integration in Redmond, WA. Christian has more than 16 years of experience on Microsoft platforms, and specializes in System Center, Windows Server, and Virtualization. Christian has worked as a subject-matter expert, exam-item writer, training designer, and technical reviewer on many Microsoft MOC courses. He also is a frequent and highly rated speaker in most of Microsoft and Partner conferences in the Western United States, evangelizing System Center and virtualization. Christian facilitates technical deep dives for Microsoft customers, develops learning engagements, runs the Private Cloud Users Group, and blogs on System Center-related topics. Additionally, he is a Microsoft MVP in System Center Cloud and Datacenter Management.
MCT USE ONL
Y. STUDENT USE PROHIBITED
xiv Implementing an Advanced Server Infrastructure
Contents
Module 1: Overview of Management in an Enterprise Data Center
Lesson 1: Overview of the Enterprise Data Center 1-2
Lesson 2: Overview of the Microsoft System Center 2012 Components 1-12
Lab: Considerations for Implementing an Enterprise Data Center 1-24
Module 2: Planning and Implementing a Server Virtualization Strategy
Lesson 1: Overview of System Center 2012 2-2
Lesson 2: Integrating System Center 2012 and Server Virtualization 2-10
Lesson 3: Planning and Implementing a Server Virtualization Host Environment 2-15
Lab: Planning and Implementing a Server Virtualization Strategy 2-25
Module 3: Planning and Implementing Networks and Storage for Virtualization
Lesson 1: Planning a Storage Infrastructure for Virtualization 3-2
Lesson 2: Implementing a Storage Infrastructure for Virtualization 3-10
Lesson 3: Planning and Implementing a Network Infrastructure for Virtualization 3-15
Lab A: Planning and Implementing Virtualization Networks and Storage 3-25
Module 4: Planning and Deploying Virtual Machines
Lesson 1: Planning Virtual Machine Configuration 4-2
Lesson 2: Preparing for Virtual Machine Deployments with VMM 4-14
Lesson 3: Deploying Virtual Machines 4-25
Lab A: Planning and Implementing a Virtual Machine Deployment and
Management Strategy 4-34
Module 5: Planning and Implementing a Virtualization Administration Solution
Lesson 1: Planning and Implementing System Center 2012 Administration 5-2
Lesson 2: Planning and Implementing Self-Service Options in System Center
2012 5-10
Lesson 3: Planning and Implementing Automation with System Center 2012 5-17
Lab A: Planning and Implementing an Administration Solution for Virtualization 5-23
Module 6: Planning and Implementing a Server Monitoring Strategy
Lesson 1: Planning Monitoring in Windows Server 2012 6-2
Lesson 2: Overview of System Center Operations Manager 6-9
Lesson 3: Planning and Configuring Management Packs 6-22
Lesson 4: Planning and Configuring Notifications and Reporting 6-28
Lesson 5: Configuring Integration with VMM 6-33
MCT USE ONL
Y. STUDENT USE PROHIBITED
Implementing an Advanced Server Infrastructure xv
Module 7: Planning and Implementing High Availability for File Services and Applications
Lesson 1: Planning and Implementing Storage Spaces 7-2
Lesson 2: Planning and Implementing NLB 7-12
Lab A: Planning and Implementing High Availability for File Services and
Applications 7-16
Module 8: Planning and Implementing a Highly Available Infrastructure by Using Failover
Clustering
Lesson 1: Planning an Infrastructure for Failover Clustering 8-2
Lesson 2: Implementing Failover Clustering 8-11
Lesson 3: Integrating Failover Clustering with Server Virtualization 8-17
Lesson 4: Planning a Multisite Failover Cluster 8-27
Lab A: Planning and Implementing a Highly Available Infrastructure by
Using Failover Clustering 8-32
Module 9: Planning and Implementing a Server Update Infrastructure
Lesson 1: Planning and Implementing a WSUS Deployment 9-2
Lesson 2: Planning Software Updates with System Center 2012
Configuration Manager 9-11
Lesson 3: Planning and Implementing Updates in a Server Virtualization
Infrastructure 9-21
Lab A: Planning and Implementing an Update Remediation Infrastructure 9-27
Module 10: Planning and Implementing a Business Continuity Strategy
Lesson 1: Overview of Business Continuity Planning 10-2
Lesson 2: Planning and Implementing Backup Strategies 10-10
Lesson 3: Planning and Implementing Recovery 10-16
Lesson 4: Planning and Implementing Virtual Machine Backup and Recovery 10-24
Lab A: Implementing a Virtual Machine Backup Strategy with Data
Protection Manager 10-30
Module 11: Planning and Implementing a Public Key Infrastructure
Lesson 1: Planning and Implementing Deployment of a Certification Authority 11-2
Lesson 2: Planning and Implementing Certificate Templates 11-15
Lesson 3: Planning and Implementing Certificate Distribution and Revocation 11-21
Lesson 4: Planning and Implementing Key Archival and Recovery 11-28
Lab A: Planning and Implementing an AD CS Infrastructure 11-32
Module 12: Planning and Implementing an Identity Federation Infrastructure
Lesson 1: Planning and Implementing an AD FS Server Infrastructure 12-2
Lesson 2: Planning and Implementing AD FS Claim Providers and Relying Parties 12-15
Lesson 3: Planning and Implementing AD FS Claims and Claim Rules 12-20
MCT USE ONL
Y. STUDENT USE PROHIBITED
xvi Implementing an Advanced Server Infrastructure
Module 13: Planning and Implementing an Information Rights Management Infrastructure
Lesson 1: Planning and Implementing an AD RMS Cluster 13-2
Lesson 2: Planning and Implementing AD RMS Templates and Policies 13-16
Lesson 3: Planning and Implementing External Access to AD RMS Services 13-25
Lesson 4: Planning and Implementing AD RMS Integration with DAC 13-36
Lab A: Planning and Implementing an AD RMS Infrastructure 13-42
Lab Answer Keys
Module 1 Lab: Considerations for Implementing an Enterprise Data Center L1-1 Module 2 Lab: Planning and Implementing a Server Virtualization Strategy L2-3 Module 3 Lab: Planning and Implementing Virtualization Networks
and Storage L3-9
Module 4 Lab: Planning and Implementing a Virtual Machine Deployment
and Management Strategy L4-19
Module 5 Lab: Planning and Implementing a Virtualization Administration
Solution L5-27
Module 6 Lab: Implementing a Server Monitoring Strategy L6-37 Module 7 Lab: Planning and Implementing High Availability for File Services
and Applications L7-47
Module 8 Lab: Planning and Implementing a Highly Available Infrastructure
Using Failover Clustering L8-57
Module 9 Lab: Planning and Implementing an Update Remediation
Infrastructure L9-73
Module 10 Lab: Implementing a Virtual Machine Backup Strategy with Data
Protection Manager L10-87
Module 11 Lab: Planning and Implementing an AD CS Infrastructure L11-93 Module 12 Lab: Planning and Implementing an AD FS Infrastructure L12-105 Module 13 Lab: Planning and Implementing an AD RMS Infrastructure L13-119
MCT USE ONL
Y. STUDENT USE PROHIBITED
About This Course xvii
About This Course
This section provides a brief description of the course-20414B: Implementing an Advanced Server Infrastructure, and includes details about the audience, suggested prerequisites, and course objectives.
Course Description
Audience
This course is intended for Information Technology (IT) professionals who are responsible for planning, designing and deploying a physical and logical Windows Server® 2012 enterprise and Active Directory®
Domain Services (AD DS) infrastructure that includes network services. Candidates typically would have experience with previous Windows Server operating systems and have Windows Server 2012 certification Microsoft Certified Solutions Associate (MCSA) or equivalent skills.
The secondary audience for this course will be candidates are IT professionals who are looking to take the exam 70-414: Implementing an Advanced Enterprise Server Infrastructure, as a standalone certification, or as part of the requirement for the Microsoft Certified Solutions Expert (MCSE) certification.
Student Prerequisites
In addition to their professional experience, students who attend this training should have technical knowledge that includes an understanding of:
• TCP/IP and networking concepts.
• Windows Server 2012 and AD DS, including planning, designing and deploying AD DS and network infrastructure.
• Using scripts and batch files.
• Security concepts, such as authentication and authorization. • Deployment, packaging, and imaging tools.
• Working on a team or with a virtual team.
• Creating proposals and making budget recommendations.
• Students should have achieved the Windows Server 2012 MCSA certification, as well as completed Course 20413B: Designing and Implementing an Enterprise Server Infrastructure, or have equivalent knowledge.
Students who attend this training can meet the prerequisites by attending the following courses, or obtaining equivalent knowledge and skills:
• 20410B: Installing and Configuring Windows Server 2012 • 20411B: Administering Windows Server 2012
• 20412B: Configuring Advanced Windows Server 2012 Services
• 20413B: Designing and Implementing an Enterprise Server Infrastructure
Course Objectives
After completing this course, students will be able to:
• Describe the considerations for managing an enterprise data center.
MCT USE ONL
Y. STUDENT USE PROHIBITED
xviii About This Course
• Plan and Implement networks and storage for virtualization. • Plan and deploy virtual machines.
• Manage a virtual machine deployment.
• Plan and implement a server monitoring strategy.
• Plan and implement high availability for file services and applications.
• Plan and implement a highly available infrastructure by using Failover Clustering. • Plan and implement a server-updates infrastructure.
• Plan and implement a business continuity strategy. • Plan and implement a public key infrastructure (PKI). • Plan and implement an Identity Federation Infrastructure
• Plan and implement an Information Rights Management (IRM) infrastructure.
Course Outline
The course outline is as follows:
Module 1, Overview of Management in an Enterprise Data Center Module 2, Planning and Implementing a Server Virtualization Strategy
Module 3, Planning and Implementing Networks and Storage for Virtualization Module 4, Planning and Deploying Virtual Machines
Module 5, Managing a Virtual Machine Deployment
Module 6, Planning and Implementing a Server Monitoring Strategy
Module 7, Planning and Implementing High Availability for File Services and Applications
Module 8, Planning and Implementing a Highly Available Infrastructure by Using Failover Clustering Module 9, Planning and Implementing a Server Updates Infrastructure
Module 10, Planning and Implementing a Business Continuity Strategy Module 11, Planning and Implementing a Public Key Infrastructure
Module 12, Planning and Implementing an Identity Federation Infrastructure
MCT USE ONL
Y. STUDENT USE PROHIBITED
About This Course xix
Course Materials
The following materials are included with your kit:
• Course Handbook: A succinct classroom learning guide that provides the critical technical information in a crisp, tightly-focused format that is essential for an effective in-class learning experience.
• Lessons: These sections guide students through the learning objectives, and provide the key points that are critical to the success of their in-class learning experience.
• Labs: These provide a real-world, hands-on platform for students in which they can apply the knowledge and skills they learn in the module.
• Module Reviews and Takeaways: These provide on-the-job reference material to boost knowledge and skills retention.
• Lab Answer Keys: These provide step-by-step guidance for lab solutions.
Course Companion Content on the http://www.microsoft.com/learning/companionmoc
website: This provides searchable, easy-to-browse digital content with integrated premium online
resources that supplement the Course Handbook.
• Modules: These include companion content, such as questions and answers, detailed
demonstration steps, and additional reading links, for each lesson. Additionally, they include Lab Review questions and answers, and Module Reviews and Takeaways sections, which contain the review questions and answers, best practices, common issues and troubleshooting tips (with answers), and real-world issues and scenarios with answers.
• Resources: These include well-categorized additional resources that give you immediate access to the most current premium content on TechNet, MSDN®, or Microsoft Press®.
• Course evaluation: At the end of the course, students will have the opportunity to complete an online evaluation to provide feedback on the course, training facility, and instructor.
• To provide additional comments or feedback on the course, students can send an email to [email protected]. To inquire about the Microsoft Certification Program, send an email to [email protected].
MCT USE ONL
Y. STUDENT USE PROHIBITED
xx About This Course
Virtual Machine Environment
This section provides the information for setting up the classroom environment to support the course’s business scenario.
Virtual Machine Configuration
In this course, you will use Microsoft Hyper-V® to perform the labs.
Important: At the end of each lab, you must close the virtual machine, without saving any changes. To
close a virtual machine without saving the changes, perform the following steps:
1. On the virtual machine, on the Action menu, click Close.
2. In the Close dialog box, in the What do you want the virtual machine to do? list, click Turn off and delete changes, and then click OK.
The following table shows the role of each virtual machine that this course uses:
Virtual machine �Role
20414B-
LON-Host1, LON-Host2
A Windows Server 2012 host machines (boot to vhd file)
20414B- LON-DC1
A domain controller in the Adatum.com domain
20414B-
LON-SVR1, LON-SVR2, LON-SVR3
Member servers in the Adatum.com domain
20414B- LON-VMM1
A System Center Virtual Machine Manager (VMM) 2012 server
20414B- TOR-SVR1
A member server in the Adatum.com domain, in a branch office location
20414B- TOR-SS1
A Windows Server 2012 with iSCSI targets preconfigured
20414B- LON-OM1
A System Center Operations Manager 2012 (Operations Manager) server
20414B- LON-OR1
A System Center Orchestrator (Orchestrator) server
20414B- LON-DM1
A System Center Data Protection Manager 2012 (Data Protection Manager) server
20414B- LON-WSUS
A Windows Server Update Services server.
20414B- LON-CA1
MCT USE ONL
Y. STUDENT USE PROHIBITED
About This Course xxi
Virtual machine �Role
20414B- LON-CL1
A client computer with Microsoft® Office 2010 in the Adatum.com domain
20414B- LON-CORE
A standalone server running the Windows Server 2012 Server Core installation option.
20414B- PRS-DC1
A domain controller in the TreyResearch.net domain
20414B- PRS-CL1
A client computer with Microsoft® Office 2010 in the TreyResearch.net domain
Software Configuration
The following software is installed on each virtual machine: • Windows Server 2012
• Microsoft Windows 8
• Microsoft System Center 2012 SP1 • Microsoft SQL Server® 2008 R2
Classroom Setup
Each classroom computer will have the same virtual machine configured in the same way.
Course Hardware Level
To ensure a satisfactory student experience, Microsoft Learning requires a minimum equipment configuration for trainer and student computers in all Microsoft Certified Partner for Learning Solutions (CPLS) classrooms in which Official Microsoft Learning Product courseware is taught.
These courses will require Hardware level 7. The additional resources are required because of the inclusion of Windows System Center 2012. All virtual machines will be built and run in Hyper-V in Windows Server 2012. The host machine for this course is provided in a Boot From VHD (Native Boot) configuration. Hardware Level 7 is as follows:
• 64 bit Intel Virtualization Technology (Intel VT) or AMD Virtualization (AMD-V) processor (2.8 gigahertz [Ghz] dual core or better recommended).
• Dual 500 gigabyte (GB) hard disks 7200 RPM SATA or faster (striped). • 16 GB random access member (RAM).
• DVD: dual layer recommended. • Network adapter
• Sound card
• Video adapter: Supports 1440X900 resolution
MCT USE ONL
MCT USE ONL
Y. STUDENT USE PROHIBITED
1-1
Module 1
Overview of Management in an Enterprise Data Center
Contents:
Module Overview 1-1
Lesson 1: Overview of the Enterprise Data Center 1-2 Lesson 2: Overview of the Microsoft System Center 2012 Components 1-11 Lab: Considerations for Implementing an Enterprise Data Center 1-23
Module Review and Takeaways 1-25
Module Overview
For most many large companies, the enterprise data center hosting most of the IT services has changed dramatically over the last several years. One of the biggest significant changes is in the introduction of virtualization. In many cases, the default deployment for new servers is as a virtual machine rather than as a physical machine. Data centers have gone through other changes, as organizations need to deal with changing business requirements.
These changes have meant that the enterprise data center is now more complex than it used to be, and needs to be much more responsive to changes. Managing the data center has become more complex as organizations seek to optimize performance and provide features like self-service. These requirements have driven the need for a new set of management tools to manage the data center.
This module describes some of the changes and new requirements that organizations are experiencing in their data centers. The module then describes how you can use Microsoft® System Center 2012 to
manage this environment.
Objectives
After completing this module, you will be able to: • Describe the enterprise data center.
MCT USE ONL
Y. STUDENT USE PROHIBITED
1-2 Overview of Management in an Enterprise Data Center
Lesson 1
Overview of the Enterprise Data Center
Many large organizations have deployed one or more central data centers to provide most of the IT services for the organization. These data centers have had to adapt to address changing business requirements. This lesson describes some of the changes that organizations have made to their data center, and how new requirements for IT processes and tools have evolved from these changes.
Lesson Objectives
After completing this lesson, you will be able to: • Describe an enterprise data center.
• Describe the importance of virtualization in the data center. • Describe the tools needed to manage and monitor the data center.
• Describe the requirements and options for providing security in the data center. • Describe the importance of providing monitoring and reporting in the data center.
• Describe options for implementing high availability and business continuity in the data center. • Describe options for automating the data center.
What is an Enterprise Data Center?
The simplest definition of an enterprise data center is that it is a centralized location from which organizations provide the IT services required to accomplish the organization’s business requirements and goals. Most enterprise data centers provide a similar set of core services, including:• Infrastructure services. Enterprise data centers provide a core set of services that are
required for all other services to operate. These include the core network infrastructure and network services such as Dynamic Host
Configuration Protocol (DHCP) and Domain Name System (DNS).
• Authentication and security services. Most organizations use Active Directory® Domain Services (AD
DS) to provide a central security database for user authentication and authorization. Organizations may also need to provide additional security services for authenticating users to applications that are not AD DS integrated or for authenticating users who do not have AD DS accounts.
• Central storage of data. Almost all enterprise data centers provide centralized storage of data. This data may be stored on shared folders on file servers, in databases, or on web sites. Users throughout the organization need secure access to this data.
• Messaging and collaboration services. In many organizations, email is an essential part of the business processes. In some organizations, other collaboration tools such as instant messaging, desktop conferencing and other interactive web based tools are becoming more important. The enterprise data center provides access to these services.
MCT USE ONL
Y. STUDENT USE PROHIBITED
Implementing an Advanced Server Infrastructure 1-3
• Server-based applications. The enterprise data center provides access to a wide variety of server based applications. These applications may include web-based applications, database applications, remote desktop based applications or even virtual machines that users can access.
There have not been significant changes in the core set of services that enterprise data centers provide, but the way in which IT organizations provide these services has changed radically. Traditionally, the services that enterprise data centers provide, and the clients who consume the services, have been easy to predict and manage. Initially, most services data center were for internal users, who connected to the services by using desktop computers connected to a wired network. Organizations deployed services on physical servers, and IT departments generally understood how to deploy and manage new services that the organization required. The data center’s boundary data center and the clients that it supported were easily definable and fairly static.
However, in the last 10 years, the way in which an enterprise data center works and provides its services has changed data center significantly. Data centers now need to provide services to a large variety of clients, including mobile devices, who still connect to the data center from networks internal to the organization, but also from locations and networks outside the organization. This means that
organizations now need to provide access to internal services from the Internet, while providing much higher levels of security. Organizations have become much more conscious of the cost and the environmental impact of running large data centers, so IT departments are asked to optimize the performance and utilization of all data center components. Successful organizations generally can adapt rapidly to changing business requirements, and IT departments must be able to roll out new services rapidly and efficiently that changing business requirements necessitate. As organizations diversify and expand their boundaries with respect to who can access the IT services, it is becoming increasingly important that these services are available always, and that the organization has a highly effective business continuity plan.
Virtualizing an Enterprise Data Center
One of the central features of an enterprise data center is virtualization, especially servervirtualization. In most organizations except for the smallest, almost all new servers are deployed as virtual machines. Managing an environment that is almost completely virtualized provides a great deal of benefit.
• Proper utilization of hardware. The primary benefit that most organizations experience with virtualization is that they can fully utilize server hardware. Organizations can deploy a smaller number of virtualization hosts as
physical machines and then deploy multiple virtual machines to each host. This enables organizations to fully utilize the hardware resources, rather than having multiple physical machines deployed with very low utilization. Because they deploy fewer physical machines, organizations can experience very significant decreases in data center power and cooling requirements.
• Business agility. The second important benefit organizations experience with virtualization is the ability to respond very rapidly to changing business requirements. In a virtual environment, a request from a business group to have a new server, new set of servers, or new application deployed can be addressed in hours rather than days or weeks. If a server needs to be moved to different location, it is a simple matter of copying files across a network.
MCT USE ONL
Y. STUDENT USE PROHIBITED
1-4 Overview of Management in an Enterprise Data Center
• Options for high availability. Server virtualization also provides important new options for implementing high availability. You can use the same high availability options in a virtual
environment as you can in a physical environment. For example, you can deploy virtual machines that use network load balancing (NLB), failover clustering or application high availability. Virtualization also enables the option of making the virtual machine highly available so that you can provide high availability for services and applications that do not natively support high availability and so you can provide additional options for high availability for all applications.
• Options for administrative delegation, self-service, and automation. Virtual environments provide many more options for enhancing the management processes within a data center. In a virtual environment, you can easily give business users access to only one or two virtual machines. With the right management tools and processes, you can create processes that will enable these users to manage their small part of the data center, including options for creating additional servers or services.
While deploying a virtual environment can provide very significant benefits, it also adds a level of
complexity to the management processes. Managing a virtual environment requires that you manage the physical or host layer as well as the virtual layer. The layers can be managed separately to a great extent, but there is still a strong dependency between the layers. If you mismanage the physical layer and a physical host shuts down accidentally, you may impact many business groups whose virtual machines were running on that host. If you mismanage virtual machines, and one virtual machine begins to consume too many host resources, other virtual machines may be affected.
Virtualization provides very significant benefits for almost all organizations. To properly manage the virtual environment, you need to implement processes and tools that can maximize the benefits of virtualization while minimizing the management complexity.
Tools for Managing and Monitoring the Data Center
As the enterprise data center has changed, sohave requirements for tools to manage the data center. In the traditional data center, you could manage most components by using specialized tools for that particular component, with little concern for how that management tool interacted with the data centers other components.
As data centers have become more complex, the need for more integrated management tools has grown. Some examples of how tool requirements have changed include:
• Tools need to be optimized for managing
virtual environments. In today’s data center, almost all new servers deploy as virtual machines; many applications deploy as virtual applications using presentation virtualization, application virtualization or desktop virtualization. Any tool that you use to manage a data center must be able to manage all components of the virtualized data center.
• Tools need to manage both virtual and physical components of the data center. Although most new servers and applications will be virtualized, all data centers still require a physical computing layer. This might include servers and applications still running on physical hardware, but will definitely include the host layer for the virtualized environment. The management tools should be able to manage both the physical layer and the virtual layer using the same administrative consoles and management processes.
MCT USE ONL
Y. STUDENT USE PROHIBITED
Implementing an Advanced Server Infrastructure 1-5
Note: Choosing the right operating system to run within virtual machines and on the physical hosts is an important part of the planning process. Windows Server® 2012 is designed to
optimize integration with the management solutions like Microsoft System Center 2012 Service Pack 1 (SP1).
• Tools need to provide options for delegating administrative functions, including self-service. One of the key features in a data center is the ability to respond quickly and effectively to changing business requirements and situations. In this environment, having a single group of enterprise administrators manage all components may be inefficient. To enable a rapid response to a changing situation, the management tools should enable the efficient and secure delegation of tasks to other administrators, or enable the delegation of self-service to business units who can address changing requirements without any interaction with the enterprise administrators who configured the tools.
• Tools need to provide means for automating processes. In order to enable features like self-service, and to enable efficient and error free management of the data center components, the management tools need to provide a means to automate many of the management tasks. The tools should enable these tasks to run automatically on a scheduled basis; when a user action initiates them; or in
response to a monitoring alert. The tasks that an automated process triggers may interact with one or many data center components.
• Tools need to enable monitoring and reporting of all components in the data center. As the complexity of the data center increases, the importance of monitoring all components in the data center and of providing intelligent reporting of the current state of all components also increases. Administrators cannot monitor all components individually; they required tools that can capture monitoring information from all components, but that report on only the relevant information about each component. Since many components will have dependencies on other components, the monitoring tools need to understand the relationship between the components.
• Tools need to provide the means to ensure business continuity. In the enterprise data center, some services and components need to be available all the time. Any unscheduled downtime in these components may have a very significant business impact. The management tools need to provide the means to apply updates to services and components without impacting the service availability. They also need to provide the means to recover a service in the event of a service failure.
Providing Secure Services in the Data Center
In a traditional data center, AD DS provides mostof the functionality that is necessary for internal users to sign on to the network and to enable secure access to network services and
applications. If all users have AD DS accounts, and only sign on to the network using internal computers that are members of the same AD DS environment, it is easy to provide secure access to data center services and applications. However, many organizations now require that many different types of users will access resources in the data center, and these users will be using a wide
variety of devices to access those resources. Users who need access to data center resources may include employees who are traveling and who are working from home. They also can include users who are not employees, but who are customers or who work for partner organizations. Users may be using a managed
