Popular Tags:

Cloning Windows Server 2016 Domain Controllers

March 26, 2017 at 4:52 pm

Cloning

Overview

Using virtualization technologies certainly sounds exciting when it comes to your Domain Controllers in a Windows Server 2016 environment. After all, think about scalability. You need more of it, just clone an existing Domain Controller and add the additional clone to your infrastructure.

The Steps

To ensure cloning is a success, Microsoft outlines a process for us and provides us with some new tools.

Step 1: On the virtual machine you want to clone (the source VM), run the Get-ADDCCloningExcludedApplicationList cmdlet. This shows you services and applications you might have installed on the Domain Controller that do not support cloning. Uninstall any that are true concerns.

Step 2: Rerun Get-ADDCCloningExcludedApplicationList with the -GenerateXml and -Path arguments in order to create an allow list XML file.

Step 3: Add your source VM you want to clone to the Cloneable Domain Controllers group. You can use the Add-ADGroupMember cmdlet or the GUI for this.

Step 4: Shut down your source VM and duplicate it to create your clone.

Step 5: Create a cloning configuration file for your new system. This XML file provides parameters like computer name and IP address for the new virtual machine. The easiest way to create this file is to use the PowerShell cmdlet of New-ADDCCloneConfigFile cmdlet.

Step 6: Mount the virtual hard disk file and copy your DCCloneConfig.xml file to the %windir%\ntds folder.

Step 7: Boot your cloned Domain Controller!

Transferring and Seizing Operations Master Roles

March 16, 2017 at 9:37 pm

 MCSA

Overview

Here is a section from my dear friend Ben Finkel’s upcoming text – MCSA 70-742 Cert Guide: Identity with Windows Server 2016

Remember, if you need a refresher on the FSMO roles, see my post here.

Transferring and Seizing Operations Master Roles

The Flexible Single Master Operations (FSMO) roles described earlier in this blog are important pieces for a functioning AD DS deployment. Occasionally you may need to transfer the role from one DC to another. For example, if a controller is being retired or shutdown you will want to transfer the role to another DC prior to that. If the need arises to move these roles from their current DC, there are different management tools required for each role. The following summarizes the tools:

  • RID: Active Directory Users and Computers
  • PDC: Active Directory Users and Computers
  • Infrastructure Master: Active Directory Users and Computers
  • Domain Naming Master: Active Directory Domains and Trusts
  • Schema Master: Active Directory Schema Snap-In

To change the RID, PDC, or Infrastructure Master role you need to “seize” it from the current master:

  1. Log onto the domain controller that you wish to host the role.
  2. Start Server Manager from either the Start Menu or the Taskbar.
  3. From the navigation menu on the left choose AD DS.
  4. Right-click your server in the contents pane and click Active Directory Users and Computers. NOTE: This ensures you are launching Active Directory Users and Computers on the domain controller you want to transfer the role to.
  5. Right-click the domain in the left-hand pane and select Operations Masters…
  6. On the Operations Masters dialog, choose the tab for the role you wish to seize (RID, PDC, and Infrastructure are available).
  7. Note the current master is listed, and the current machine name is in the second text box. To seize the role click Change…
  8. Click Yes to confirm.
  9. Once the transfer is complete click OK.

To change the Domain Naming Master you need to “seize” it from the current master:

  1. Log onto the domain controller that you wish to host the role.
  2. Start Server Manager from either the Start Menu or the Taskbar.
  3. From the navigation menu choose AD DS.
  4.  Right-click the server and click Active Directory Domains and Trusts.
  5.  Right-click the Active Directory Domains and Trusts in the left-hand pane and select Operations Masters… (Note:  Right-click on the top-level node that reads Active Directory Domains and Trusts, not on the domain itself).
  6. Note the current master is listed, and the current machine name is in the second text box. To seize the role click Change…
  7. Click Yes to confirm.
  8.  Once the transfer is complete click OK.

To change the Schema Master you will first need to activate the Schema snap-in:

  1. Log onto the domain controller that you wish to host the role.
  2. Open a command prompt.
  3. Type regsvr32 schmmgmt.dll and press Enter.
  4. Click OK on the success dialog.
  5.  At the command prompt type mmc.exe and press Enter.
  6.  The MMC window will launch. Click File then select Add/Remove Snap-in…
  7.  Select the Active Directory Schema snap-in from the list of Available snap-ins on the left then click Add >
  8. Click OK.
  9. On the MMC window click to select the Active Directory Schema snap-in. Two folders, classes and attributes, should show up on the right.
  10. Right-click the Active Directory Schema and select Operations Master… (Note: You might need to right click and choose
  11. first to ensure you are configuring the correct DC)
  12.  Note the current master is listed, and the current machine name is in the second text box. To seize the role click Change…
  13. Click Yes to confirm.
  14. Once the transfer is complete click OK.

InformIT (Pearson Education)

ReFS versus NTFS in Microsoft Windows

March 15, 2017 at 6:17 pm

ReFS

Here is an excerpt on ReFS from my book – MCSA 70-740 Cert Guide: Installation, Storage, and Compute with Windows Server 2016 (Certification Guide) 1st Edition

ReFS Overview

It is interesting that NTFS is no longer the only realistic option for file formats. Microsoft now provides a new and improved version 2 of the Resilient File System (ReFS). ReFS first appeared in Windows Server 2012. Microsoft certainly had sights initially on this file system becoming the next generation of their file system. Let us examine the current advantages and disadvantages in detail. One or more of these fine points is very likely to rear its head in a Certification Exam environment.

ReFS Advantages

ReFS has some distinct advantages over NTFS that you should be aware of:

  • ReFS gives Accelerated VHDX options in Hyper-V; these options permit massive performance increases when creating and extending a virtual hard disk, when merging checkpoints, and when performing backups.
  • A block cloning approach is key to excellent checkpoint performance.
  • Use of a 64 KB block size allows optimal performance in Hyper-V, with partition alignment handled automatically by Hyper-V.
  • When your Storage Spaces pool uses ReFS as the underlying on-disk format, it leverages new features to greatly improve the repair process.
  • ReFS v2 uses the concept of cluster “bands” to group multiple chunks of data together for efficient I/O; this really helps with your use of data tiering[md]specifically in moving data between tiers.
  • Automatic integrity checking exists in ReFS.
  • ReFS features new data scrubbing techniques.
  • ReFS offers better protection against data degradation.
  • It features built-in drive recovery and redundancy.
  • ReFS supports up to 1 trillion terabytes.
  • You can create new volumes faster with ReFS.

ReFS Disadvantages

There are also some disadvantages to ReFS that you should be aware of:

  • It cannot replace NTFS in all scenarios.
  • You cannot use it with Clustered Shared Volumes.
  • There is no conversion capability between NTFS and ReFS.
  • There is no file-based deduplication.
  • There are no disk quotas.
  • There are no object identifiers.
  • There is no encryption support.
  • You cannot use named streams.
  • There is no transaction support.
  • There are no hard links.
  • There is no support for external attributes.
  • There is no support for 8.3 filenames.

Pearson Education (InformIT)