MENU
Storage Spaces Direct: Enabling S2D work with unsupported device types (BusType = NVMe, RAID, Fibre Channel). Part 1: Registry hack
Posted by Taras Shved on February 10, 2017
5/5 (4)

Introduction

Microsoft Storage Spaces Direct is a new storage feature introduced in Windows Server 2016 Datacenter that significantly extends the software-defined storage stack in Windows Server product family and allows users to build highly-available storage systems using directly attached drives.

Storage Spaces Direct or S2D helps to simplify the deployment and management of software-defined storage systems as well as to open the use of more classes of disk devices like SATA and NVMe drives. Previously it was not possible to use these types of storage with clustered Storage Spaces with shared disks.

Storage Spaces Direct can use drives that are locally attached to nodes in a cluster or disks that are attached to nodes using enclosure. It aggregates all the disks into a single Storage Pool and enables the creation of virtual disks on top.

Storage Spaced Direct stack

Learn More

Please rate this

Fighting Azure AD Connects custom installer
Posted by Gary Williams on February 8, 2017
5/5 (2)

I’ve recently been spending more and more time looking into various cloud technologies such as AWS and Azure. One of the projects I’ve been working on required the on-premises active directory to be extended to Azure to allow for a future introduction of various Office365 elements.
The process for doing this is fairly easy as it’s just a matter of installing the Azure Active Directory Connect tool onto a server, creating the domain in the Azure portal and then waiting for Azure AD connect to Sync.

Microsoft Azure AD connect setup

Learn More

Please rate this

Windows Server 2016 Nano Server – Installation and Management
Posted by Mikhail Rodionov on February 7, 2017
5/5 (2)

Goal pic

Time to continue our conversation about that “scaled down even further” Server 2016 installation option. In my previous article, I covered general concepts around Nano Server, now I want to switch gears and talk about more practical aspects: installation and management. At the end of the day, you would agree that the best way to learn new technology it is trying to use it – this way you will be exposed to its strengths and weaknesses directly, and can get the real understanding of whether it works for you or not. Though at this point even Microsoft admits that despite all its greatness, at the moment, Nano Server has quite limited utility as it supports only a small subset of roles and features out of those which you can find in full GUI version of Windows Server.

Learn More

Please rate this

Specialize Windows Server Hyper-V guest OS automatically
Posted by Romain Serre on February 6, 2017
No ratings yet.

Last year I have written a topic on Starwind to create VMs from PowerShell. That enables to automate the creation process without using a GUI, either from Virtual Machine Manager or Hyper-V Manager. But a VM deployment is not finished when the VM is created but when the application is deployed. Before deploying the application, the OS must also be installed and specialized. This topic shows you the method I use to deploy and specialize a VM without a single click.

Specialize OS from unattended file

If you read this documentation (Implicit Answer File Search Order section), you can see that we can specialize the OS from unattended file. This unattended.xml file will be placed in C:\Windows\Panther\Unattend. To prepare the unattended file, I use ADK (Assessment Deployment Kit). When you install the ADK, select Deployment Tools. Then you can open Windows System Image Manager.

Windows System Image Manager

Learn More

Please rate this

Upgrade your CA to SKP & SHA256. Part II: Move from a CSP to KSP provider
Posted by Didier Van Hoye on February 3, 2017
5/5 (1)

Move from a CSP to KSP provider

Once you have moved to a least Windows Server 2008 R2 you can take this step. Any version below doesn’t allow for this and should be considered the end of life. Many haven’t made the move from a CSP to KSP provider yet, even when they are already running Windows Server 2012 or 2012 R2 for a few reasons. There were some issues with older clients like Windows Server 2003 and Windows XP. These were fixed with a hotfix but in all seriousness, if you’re still on those OS versions you need to move a.s.a.p. and if not there’s nothing we can do to help you. A modern and secure PKI will be the last of your worries I’m afraid. For a Microsoft reference, see Migrating a Certification Authority Key from a Cryptographic Service Provider (CSP) to a Key Storage Provider (KSP).

PKI Certifivate general

Learn More

Please rate this

[Azure] Container Service, how to start correctly?
Posted by Florent Appointaire on February 2, 2017
5/5 (2)

Azure Container Service

Azure Container Service is a new technology, on Microsoft Azure, and that help you to deploy quickly and in production, with the ARM technology, a Docker cluster, orchestrated by Marathon and DC/OS, Docker Swarm, or Kubernetes to give your applications highly available, but also to deploy many nodes quickly and without any problems. The Microsoft’s documentation is available here: https://docs.microsoft.com/en-us/azure/container-service/container-service-intro

Learn More

Please rate this

Upgrade your CA to SKP & SHA256. Part I: Setting the Stage
Posted by Didier Van Hoye on January 31, 2017
4.75/5 (4)

Introduction

Many Certificate Authority servers that were installed on Windows Server 2003 never got upgraded until Microsoft ceased the support of Windows 2003. Some of those are still out there running today. A massive amount of them got set up in an era when Wi-Fi in the SME market became very popular and CA servers were deployed to easily secure access to it. To be fair, a lot of administrators didn’t wait for Windows Server 2003 support to expire and made sure their CA was more or less up to date by upgrading them in place. That alone is something to commend. However, the operating system version only introduces the capability of using modern more secure providers and algorithms. It doesn’t upgrade the ones used by the PKI automatically for you. So many of these upgrade PKI servers are still using an old cryptographic provider, the “Microsoft Strong Cryptographic Provider” (SCP) and an old hash algorithm (SHA1) that’s been deprecated (see SHA1 Deprecation: What You Need to Know) or even banned.

Max Pixe

Learn More

Please rate this

Installing Exchange Server 2016 on Windows Server 2016
Posted by Nicolas Prigent on January 30, 2017
5/5 (4)

Exchange server 2016

On October 1st, Microsoft Exchange Team released the new Exchange Server 2016. Microsoft has been testing and improving on millions of mailboxes in their Office365 environment before releasing the product on-premises. I will describe in this article a step-by-step guide for the installation of Microsoft Exchange Server 2016. The installation considers:

  • a single server deployment of Exchange Server 2016 with the Mailbox role on a new Windows Server 2016
  • Windows Server 2016 forest functional level
  • Exchange Server 2016 with the latest Cumulative Update 4

Because Windows PowerShell is a powerful tool that every sysadmin would know, I will use PowerShell to perform the installation. But If you prefer the graphical interface, you can use it!

Learn More

Please rate this

Encryption of VMware vSphere 6.5 virtual machines and vMotion migrations. And their performance
Posted by Alex Samoylenko on January 26, 2017
5/5 (1)

As many admins of virtual infrastructures know, for the first time ever, VMware vSphere 6.5 received the long awaited encryption feature of both virtual disks content and vMotion hot migrations.

The VMs encryption works based on AES-NI algorithm, and the key management is carried out based on KMIP 1.1 standard. When I/O operation comes to the disk of the virtual machine, it is immediately encrypted on-the-fly, which provides complete security against data security attack.

Virtual machine Encryption How it works

Learn More

Please rate this

Design a ROBO (Part 1): Introduction and high-level design
Posted by Andrea Mauro on January 25, 2017
5/5 (3)

What is a ROBO scenario?

A Remote Office / Branch Office (ROBO) is an office located in a different site or a remote geographical area from another office (usually the headquarter or the main office). Several organizations have one (or more) main office, as well as remote offices in another city, country or continent.

Many organizations today have in each remote office some local IT infrastructure, usually for data locality, but also for service local services.

ROBO scenario

Learn More

Please rate this