Unbeatable virtualization solutions from Microsoft

Microsoft virtualization offerings span from the desktop to the datacenter and into the cloud. Regardless of where you plan to use Microsoft virtualization, we provide comprehensive and customer-centric solutions that give you more choice, flexibility, integration and cost savings than VMware.

Microsoft virtualization for the Datacenter

In the datacenter, Microsoft provides many capabilities that VMware does not and cannot offer.

This chart compares VMware vSphere 4 core features with Microsoft Windows Server 2008 R2 Hyper-V and System Center Management core features. As you can see, Microsoft is ahead in many of the areas required for a robust desktop to datacenter virtualization and management solution.

Microsoft virtualization for the Desktop

Microsoft provides more comprehensive, flexible virtualization solutions than VMware for desktop virtualization.

The chart below will clarify some of the feature differences between Microsoft and VMware’s desktop virtualization offerings. Notice that Microsoft’s solution is more scalable and flexible, while offering integrated management for both virtual desktops and physical computers.

Microsoft virtualization solutions for the Cloud

Microsoft provides comprehensive cloud computing solutions that traverse the entire stack - from public to private to hosted cloud infrastructures.

The chart below will clarify some of the capability differences between Microsoft and VMware’s cloud offerings. Notice that Microsoft’s cloud solution has better management, more choices for cloud deployments, and free solution accelerator toolkits.

DHCP and WINS server Migration

The following steps  will explain how to Export the DHCP database from a server that is running Microsoft Windows Server 2003 or Windows Server 2008 To move a DHCP database and configuration from a server that is running Windows Server 2003 or Windows Server 2008 to another server that is running Windows Server 2008.

Step: 1 - Export the DHCP database
1. Log on to the source DHCP server by using an account that is a member of the local Administrators group.

2. Click Start, click Run, type cmd in the Open box, and then click OK.

3. Type netsh dhcp server export C:\dhcp.txt all , and then press ENTER.

Note: You must have local administrator permissions to export the data.

Configure the DHCP server service on the server that is running Windows Server 2008

1. Click Start, click Administrative Tools, click Server Manager. If needed acknowledge User Account Control.

2. In Roles Summary click Add Roles, click Next, check DHCP server, and then click Next.

Step:2 - Import the DHCP database

1. Log on as a user who is an explicit member of the local Administrators group.

2. Copy the exported DHCP database file to the local hard disk of the Windows Server 2008-based computer.

3. Verify that the DHCP service is started on the Windows Server 2008-based computer.

4. Click Start, click Run, type cmd in the Open box, and then click OK.

5. At the command prompt, type netsh dhcp server import c:\ dhcp.txt all , and then press ENTER, where c:\ dhcp.txt is the full path and file name of the database file that you copied to the server.

Note: When you try to export a DHCP database from a Windows 2000/2003 domain controller to a Windows Server 2008 member server of the domain, you may receive the following error message:

Error initializing and reading the service configuration – Access Denied

Note You must have local administrator permissions to import the data.

6.To resolve this issue, add the Windows Server 2008 DHCP server computer to the DHCP Admins group at the Enterprise level and redo steps 4 & 5.

7. If the “access is denied” error message occurs after you add the Windows Server 2008 DCHP server computer to the DHCP Admins group at the Enterprise level that is mentioned in step 6, verify that the user account that is currently used to import belongs to the local Administrators group. If the account does not belong to this group, add the account to that group, or log on as a local administrator to complete the import and redo steps 4 & 5.

Step:3 - Authorize the DHCP server

1. Click Start, point to All Programs, point to Administrative Tools, and then click DHCP.

Note You must be logged on to the server by using an account that is a member of the Administrators group. In an Active Directory domain, you must be logged on to the server by using an account that is a member of the Enterprise Administrators group.

2.In the console tree of the DHCP snap-in, expand the new DHCP server. If there is a red arrow in the lower-right corner of the server object, the server has not yet been authorized.

3.Right-click the server object, and then click Authorize.

4.After several moments, right-click the server again, and then click Refresh. A green arrow indicates that the DHCP server is authorized.

If you still get error when you run netsh export/import  follow this tip

you needed to delete any settings you created when you installed DHCP the first time (in DHCP under the server options area) on you new Windows Server 2008 DC.

How to Migrate WINS:

1. On the Windows Server 2003 WINS server, if it has any replication partners, stop them. Remove replication partners from the list of WINS replication partners

2. Stop the WINS server on the Windows 2003 Server and on the target Windows Server 2008 computer. To do this, type the following: net stop wins

3. Copy the Wins.mdb file (in %systemroot%\System32\Wins folder) from the source to the WINS folder on Windows Server 2008 server

4. Start WINS on the target Windows Server 2008 server. Type the following:  net start wins

5. Take the source Windows 2003 server offline

6. On the target Windows Server 2008 server, use the WINS service to add any existing WINS servers as replication partners

Windows Server 2008 R2 Detailed Hyper-V Architecture

Beginning with Windows Server 2008, server virtualization using Hyper-V technology has been an integral part of the operating system. Windows Server 2008 R2 introduces a new version of Hyper-V.

Hyper-V in Windows Server 2008 R2 includes five core areas of improvement for creating dynamic virtual data centers:

• Increased availability for virtualized data centers
• Improved management of virtualized data centers
• Increased Performance and Hardware Support for Hyper-V Virtual Machines
• Improved Virtual Networking Performance
• A simplified method for physical and virtual computer deployments by using .vhd files

Increased Availability for Virtual Data Centers

One of the most important aspects of any data center is providing the highest possible availability for systems and applications. Virtual data centers are no exception to the need for consolidation, high availability and most of all sophisticated management tools.

Hyper-V in Windows Server 2008 R2 includes the much-anticipated Live Migration feature, which allows you to move a virtual machine between two virtualization host servers without any interruption of service. The users connected to the virtual machine being moved might notice only a slight slowing in performance for a few moments. Otherwise, they will be unaware that the virtual machine was moved from one physical computer to another.

Improved Management of Virtual Data Centers

Even with all the efficiency gained from virtualization, virtual machines still need to be managed. The number of virtual machines tends to proliferate much faster than physical computers because machines typically do not require a hardware acquisition. Therefore, management of virtual data centers is even more imperative than ever before.

Increased Performance and Hardware Support for Hyper-V Virtual Machines

• Hyper-V in Windows Server 2008 R2 now supports up to 64 logical processors in the host processor pool. This is a significant upgrade from previous versions and allows not only greater VM density per host, but also gives IT administrators more flexibility in assigning CPU resources to VMs.
• Also new, Hyper-V processor compatibility mode for Live Migration allows Live Migration across different CPU versions within the same processor family, (e.g.”Intel Core 2-to-Intel Pentium 4” or “AMD Opteron-to-AMD Athlon”) enabling migration across a broader range of server host hardware.
• The new Hyper-V also adds performance enhancements that increase virtual machine performance and power consumption. Hyper-V now supports Second Level Address Translation (SLAT), which uses new features on today’s CPUs to improve VM performance while reducing processing load on the Windows Hypervisor and new Hyper-V VMs will also consume less power by virtue of the new Core Parking feature implemented into Windows Server 2008 R2.

Improved Virtual Networking Performance

The new Hyper-V leverages several new networking technologies contained in Windows Server 2008 R2 to improve overall VM networking performance, including the Virtual Machine Queue (VMQ) feature.

Simplified Method for Physical and Virtual Computer Deployments

Historically, different methods have been used to deploy operating systems and applications to physical and virtual computers. For virtual computers, the .vhd file format has become a de facto standard for deploying and interchanging preconfigured operating systems and applications. Hyper-V in Windows Server 2008 R2 supports two important updates concerning .vhd files.

First, administrators can now add and remove vhd files, as well as pass-through disks attached to a virtual SCSI controller on a running VM, without requiring a reboot. This offers more flexibility when it comes to handling storage growth needs without requiring additional downtime. It also provides more flexibility in data center backup scenarios as well as new scenarios in complex Exchange and SQL Server deployments.

Windows Server 2008 R2 also supports the ability to boot a computer from a .vhd file stored on a local hard disk. This allows you to use preconfigured .vhd files for deploying virtual and physical computers. This helps reduce the number of images you need to manage and provides an easier method for test deployment prior to deployment in your production environment.

For Details Please visit our friendly Microsoft Site: http://www.microsoft.com/windowsserver2008/en/us/hyperv-overview.aspx

Certificate Service Migration From Windows 2003 to Windows 2008R2

Certificate Service Migration 

In this Scenario assume that we will migrate our Existing CA (Windows 2003) to new server (Windows 2008R2) keeping the same name and IP address. 

So the steps in short:

• Backup CA
• Backup registry key for CA
• Uninstall CA from the existing server
• Rebuild the server with Windows server 2008 R2 with same Name and IP address
• Install AD CS and then restore CA from the backup location
• Restore registry key

First Step:

Use the Certificate Authority snap-in to backup the CA database and private key and to perform the backup we will follow these steps:

• In the Certification Authority snap-in, right-click the CA name, click All Tasks, and then click Back up CA to start the Certification Authority Backup Wizard.
• Click Next, and then click Private Key and CA certificate.
• Click Certificate database and certificate database log.
• Use an empty folder as the backup location. Make sure that the backup folder can be accessed by the new server .
• Click Next. If the specified backup folder does not exist, the Certification Authority Backup Wizard creates it.
• Type and then confirm a password for the CA private key backup file.
• Click Next, and then verify the backup settings. The following settings should be displayed:
• Private Key and CA Certificate
• Issued Log and Pending Requests
• Click Finish.

Next we have to save the registry settings.  

To save the registry settings perform the following:

• Click Start, and then Run.  In the Run field type regedit and click Ok
• Locate and then right-click the following registry subkey, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration (While we are here,  take a screen shot, make sure they match up in the end)
• Click Export
• Save the Registry file in the CA Backup folder that was defined above

Now that we have the database, certificate and registry backed up the next step was to remove Certificate Services from the old computer. 

Remove Certificate Services from the old computer

·         Go into the Control Panel, Add/Remove Programs, Windows Components and remove the Tick from Certificate Authority. 

o   Note Be sure to remove the Certificate Authority from the old computer prior to deploying Certificate Services on the new machine .  If we deploy AD CS first the target CA will become unusable. 

·         Finally, rename the old server or permanently disconnect it from the network. 

asSecond Step :

     Deploy and restore the Certificate Services:

Log on with local or enterprise administrator permissions to the CA computer and perform the following:

• Launch the Service Manager for Windows 2008. 
• In the console tree, click Roles.
• On the Action menu, click Add Roles.
• If the Before you Begin wizard appears, click Next.
• In the list of available server roles, select the Active Directory Certificate Services check box, and click Next twice.
• Make sure that Certification Authority is selected, and click Next. (Note: If you are going to use Web Enrollment make sure to check this box.  You can always add it later but Why not add it now?  All the required roles will also be installed when you check this box since you will get a list of Add role service required)
• Select Enterprise and click Next.  (We are doing this because this is an Enterprise Root CA that will integrate with Active Directory.  Just like the one I decommissioned.  Best practice is to have a Standalone Root CA but given the size of this organization they are not too concerned with having a Standalone Root CA.)
• Specify Root  and click Next.  (If the CA you’re moving from was a Subordinate CA then we would want to tick the Subordinate CA option.  But since in my example this is a Root CA we are sticking with root.  Keep in main that if you’re coming from a Root CA or a Subordinate CA this option must match with what you’re coming from.)
• At this stage, you have a choice between creating a new private key or using an existing private key.  For a migration, on the Set Up Private Key page, select Use existing private key and choose Select a certificate and use its associated private key.

We should have something that looks like this:

Click Next and continue the steps below:

• If the CA certificate we backed up above has been installed on the computer, it will be listed in the Certificates box. Otherwise, click Import to import a certificate from the .pfx file created by exporting the CA certificate and private key from the source CA.
• Click Browse, and locate and select the file containing the certificate and private key exported from the source CA.
• Enter the password you selected when exporting the CA certificate and key from the source CA, and click OK.  Select the Certificate that was just imported and click Next
• When choosing your path you can either use defaults or browse to new ones.  Once done click Next
• Complete the installation of the AD CS
• Click Yes to accept the warning to overwrite AD DS. (This appears only if you are installing an enterprise CA.)

We have deployed Active Directory Certificate Services on Windows 2008.  There are still two more steps that must be completed.  This is the process of restoring the Certificate Authority Database that was backed up in the first section and restoring the registry component. 

To restore the registry simply locate the registry value that was saved above, right click the file and select merge.  This will import the Registry settings to the W2K8 server.  Next we have to restore the database.   We can check to make sure the settings were imported correctly by going to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration and verify your settings are there.  

To restore the database and log files perform the following:

• Open Server Manager on the Windows 2008 Server.
• Expand Roles and then Expand Active Directory Certificate Services.
• Locate the name of the CA you just deployed.
• Right Click the CA name and select Restore CA…
• You will get a warning message that the AD CS cannot be running to perform this action.  Simply click Ok to stop AD CS.  AD CS will begin to stop
• On the Wizard click Next
• On the Items to Restore screen check the box Certificate database and certificate database log only.  Click Browse to locate the database that was copied over above.  (Note: I need to point out here that you select the folder you backed up to.  i.e. if you backed up the database and logs to C:\Temp\CABackup then this will be the folder you will restore from.  The backup process will create a subdirectory that it will look for during Restore, if you go one folder too deep the restore will fail.)  Once you have located your backup click Next.
• On the completion screen click Finish and the restore will begin. 
• Once the restore is complete you will receive a action box that asks if you would like to restart the AD CS.  Simply click Yes.  

And now finally Certificate Service is migrated from Windows 2003 to Windows 2008 R2.

Domain Controller Upgrade From 2003 to 2008

Preparation of the Active Directory Environment prior to installing a 2008 DC

** Assign appropriate credentials to the users who are responsible for preparing the forest and domain for an Active Directory upgrade. By default Enterprise Administrator will perform the following task

o   Run adprep to prepare 2003 Active Directory environment for 2008.  It is a good idea to verify that each of these are completed and replicated before going to the next step. All of these will run on your 2003DC.  You can use replmon or repadmin to verify replication.  Recommendation is to let set for 24 hours for each command but this might be overkill for some.
o    Adprep.exe /forestprep - to verify this go to the registry key above in the Pre-installation list and verify that the Schema version is now 44 on your 2003DC
o    Adprep.exe /domainprep
o    Adprep.exe /domainprep /gpprep.
o    Verify all changes have been made by reviewing event logs and the dcpromo.log and the dcpromoui.log.
Install AD Services on New Windows 2008 DC (DCPROMO)

o    Install AD Services
o    Install DNS Service
o    Make sure to add this server to the existing domain and not as a new DC
o    Make the new DC a Global Catalog Server in NTDS Settings in Sites and Services Admin Tool Transfer FSMO roles to New Windows 2008 DC

o    Print out a copy of this Microsoft Tech document to walk through using the schmmgmt.dll for migrating fsmo roles (Installed and registered on Fiona).  This is for a 2003 DC but the procedures are the same for 2008 -  http://support.microsoft.com/kb/324801 .  Each role below should be moved to the new DC.
o    Schema Master Role
o    Domain Naming Master Role
o    RID Master/PDC Emulator/Infrastructure Master Roles
 

In-Place Upgrade:

Upgrade Steps

1.     On you Windows Server 2003 DC, insert the Windows Server 2008 DVD, and then open command prompt and run the following commands, make sure first to browse to the adprep directory inside the Windows 2008 DVD , in my case case, the F drive is the DVD Drive letter, so to browse to the adprep directory I would write the following inside cmd: cd f:\sources\adprerp

·       adprep/ forestprep

·       adprep/ domainprep

·       adprep/ rodcprep (Optional, if you plan to add a Read Only Domain Controller Later)

2.   If the Install Windows page did not auto run before the previous step, double click on your DVD drive where you have inserted the Windows Server 2008 DVD, then Click on Install now

3.   A please wait screen will be followed, then a page to decide what to do, either to go online and get the latest updates for installation or to skip going online by clicking on the Do not get the latest updates for installation option

I will perform the updates later, so for the purpose of this article, I will click on Do not get the latest updates for installation

4.   Enter the product key, click Next

5.   Accept the license terms and click on Next

6.   What we need to do is to upgrade our server, so click on the Upgrade option

7.   The compatibility report will be displayed telling you what hardware might not function once upgrade is completed , also to check with software vendors to check if their software are compatible with Windows Server 2008. click Next

8.   Upgrade is now in process

9.   The Server will be restarted automatically several times, the Upgrade process will continue with the remaining operations:

o   Expanding Files

o   Installing Features and updates

o   Completing Upgrade

After multiple restarts, the Upgrade process will be completed and you will be able to start using your Windows Server 2008.