Exchange Server 2013 preview

Microsoft announced Exchange Server 2013 Preview on Technet. There are some changes in it like "Exchange Administration Center". This a new management console of Exchange Server 2013 and it replaces the Exchange Management Console (EMC) and the Exchange Control Panel (ECP). Exchange Administration Center is the web-based management console in Microsoft Exchange Server 2013 Preview.

Reference:

Exchange Administration Center

http://technet.microsoft.com/en-us/library/jj150562(v=exchg.150)

The major architectural change of Exchange Server 2013 is the server roles has been reduced to two: the Client Access Server and the Mailbox Server.

Reference:
Client Access Server
http://technet.microsoft.com/en-us/library/dd298114(v=exchg.150)

If you would like to learn more, please visit the following web sites:

Download Microsoft Exchange Server 2013 Preview

http://technet.microsoft.com/en-us/evalcenter/hh973395

Exchange Server 2013 Preview

http://technet.microsoft.com/en-us/library/bb124558(v=exchg.150)

This posting is provided “AS IS” with no warranties, and confers no rights!

Configuring Folder Redirection

On some environment (Terminal Servers or Virtual Desktop Infrastructure), administrators may need to configure the folder redirection for users, because users may log on to different terminal servers or virtual machines.

Using folder redirection, administrators also can create quotas to limit the space of the users' folder.

Lab environment

• 1 domain controller named DC01 with file server role  is installed Windows Server 2008 R2 for contoso.com
• 2 workstations named W701 and W702 are installed Windows 7 ultimate joined contoso.com
• 1 workstation named XP01 is installed Windows XP professional joined contoso.com
• Create a OU named People in contoso.com
• Create 2 users named Peter and Mary under People OU

Goals
Configuring and testing folder redirection.

Configuring the folder permission for Folder Redirection
1. On DC01, log in as Domain Administrator.
2. Launch "Windows Explorer".
3. Navigate to C Drive, create a new folder named "Redirect".

4. Right-click "Redirect", select "Properties".
5. Select "Sharing" tab, click "Advanced Sharing".

6. Check "Share this folder".
7. Click "Permissions".
8. Check "Allow - Full Control" for "Everyone".

Remark: To enhance security, we need to create a new domain group for folder redirection users to assign "Allow - Full Control" permissions. On testing environment, I still use "Everyone" group.

9. Click "OK".

10. Under "Share name", add "$" at the end of "Redirect".

11. Click "OK".

12. Select "Security" tab.

13. Click "Advanced".

14. Click "Change Permissions".
15. Clear "Include inheritable permissions from this object's parent", and the click "Add".

To enhance security, we need to modify the permission on this folder.

16. Remove one of the Users in the Advanced Security Settings for Redirect.
17. Select the Users, click "Edit".
18. Next to "Apply to", select "This folder only".
19. Check "Allow - List folder / read data" and "Allow - Create folders /append data".

20. Click "OK".

21. Click "OK" twice.
22. Click "Close".

For more information to configure the permission on Folder Redirection:

Which minimum Share & NTFS permissions do you need for the use of Offline Files and Folder Redirection in Windows 2008 / 2008 R2
http://blogs.technet.com/b/netro/archive/2010/09/01/which-minimum-share-amp-ntfs-permissions-do-you-need-for-the-use-of-offline-files-and-folder-redirection-in-windows-2008-2008-r2.aspx

23. Launch "Share and Storage Management".
24. Right-click "Redirect", select "Properties".

25. Click "Advanced".
26. Check "Enable access-based enumeration".

27. Click "OK" twice.
28. Close "Share and Storage Management".

Remark: After configuring Access Based Enumerating, users only can see the folders or files which can be accessed. 

For more information:
Access-based Enumeration
http://technet.microsoft.com/en-us/library/dd772681(v=ws.10)

Windows 2008: Access Based Enumeration (ABE)
http://blogs.technet.com/b/hugofe/archive/2010/06/21/windows-2008-access-based-enumeration-abe.aspx?Redirected=true

Configure Folder Redirection on Group Policy
1. On DC01, log in as Domain Administrator.
2. Launch "Group Policy Management Console".
3. Expand "Forest: contoso.com > Domains > contoso.com > People".

4. Right-click "People", select "Create a GPO in this domain, and Link it here...".
5. Under "Name", type "Folder Redirection - GPO".

6. Click "OK".
7. Right-click "Folder Redirection - GPO", select "Edit".
8. Expand "User Configuration > Policies > Windows Settings > Folder Redirection".

Remark: Some settings under Folder Redirection cannot apply to Windows 2000, Windows 2000 Server, Windows XP and Windows Server 2003 operating systems.

For more information:
Folder Redirection Overview
http://technet.microsoft.com/library/cc732275.aspx

I will configure the Documents to redirect.

9. Right-click "Documents", select "Properties".

10. Next to "Settings", select "Basic - Redirect everyone's folder to the same location".

11. Under "Target folder location", select "Create a folder for each user under the root path".

12. Under "Root Path", type "\\DC01\Redirect".

Remark: You can configure "Advanced - Specify location for various user groups" to assign different group to different path.

13. Select "Settings" tab.

14. Check "Grant the user exclusive rights to Documents".

15. Check "Move the contents of Documents to the new location".

16. Check "Also apply redirection policy to Windows 2000, Windows 2000 Server, Windows XP, and Windows Server 2003 operating systems".

17. Next to "Policy Removal", select "Redirect the folder back to the local userprofile location when policy is removed".

Remark: After checked "Grant the user exclusive rights to Documents", administrators and other users don't have permission to access.

18. Click "OK".

19. Click "Yes".

20. Close "Group Policy Management Editor" and "Group Policy Management Console".

Test result

1. On W701, log in as Mary.

2. Click "Start" button, right-click "Documents", select "Properties".

3. Click "Cancel".

4. On W702, log in as Peter.

5. Click "Start" button, right-click "Documents", select "Properties".

Folder Redirection is functioning.

6. Click "Cancel".

7. Click "Start" button, enter "\\DC01\Redirect$".

Peter only can see the Peter's folder because Access Based Enumerating is enabled.

8. Log off Peter.

9. Back to W701, navigate to "Documents".

10. Create a document named "Mary's document".

11. Log off Mary.

12. Go to XP01, log in as Mary.

13. Click "Start > My Documents".

Folder Redirection is working on Windows XP and Windows 7 computers.

14. Create a document named "Company document".

15. Log off Mary.

16. Go to W701, log in as Mary.

17. Navigate to "Documents".

18. Go to DC01, log in as Domain Administrator.

19. Launch "Group Policy Management Console".

20. Expand "Forest: contoso.com > Domains > contoso.com > People".

21. Right-click "Folder Redirection - GPO", clear "Link Enabled".

22. Back to W701, launch "Command Prompt".

23. Perform "gpupdate".

24. Log off and log on Mary.

25. Click "Start" button, right-click "Documents", select "Properties".

26. Click "Cancel".

27. Navigate to "Documents".

All documents which are created moved to the local user document because "Redirect the folder back to the local userprofile location when policy is removed" is selected.

As a result, the settings of Folder Redirection is functioning.

This posting is provided “AS IS” with no warranties, and confers no rights!

Configuring Hyper-V replica on standalone Hyper-V servers in the same Active Directory domain

On Windows Server 2012, one of the new features of Hyper-V is Hyper-V replica. Using Hyper-V replica, administrators can replicate virtual machines from one Hyper-V host to another Hyper-V host. The virtual machines are replicated over IP networks asynchronously.

Goals

Configuring and testing Hyper-V replica on standalone Hyper-V servers in domain environment.

Lab environment

• 1 domain controller named DC01 under test.contoso.com
• 2 Hyper-V servers named HVSVR01 and  HVSVR02. HVSVR01 is the Primary Server. HVSVR02 is the Replica Server joined the test.contoso.com
• 1 VM named fs01.test.contoso.com.  fs01.test.contoso.com  is deployed in HVSVR01
• The IP address of  fs01.test.contoso.com is "10.5.0.2"
• All servers are under 10.0.0.0/8 network for testing

Configure Replication Configuration

1. On HVSVR01, log in as Domain Administrator.

2. Launch "Hyper-V Manager".

3. On the menu, click "Actions > Hyper-V Settings".

4. On left pane, select "Replication Configuration".

5. On right pane, check "Enable this computer as a replica server".

6. Under "Authentication and ports", check "Use Kerberos (HTTP)" and leave the "Specifc the port" to "80".

Remark: If Kerberos authentication setting is used, the data transmitted from the primary to the replica server is not encrypted.

Remark: Hyper-V replica supports replicate to other Hyper-V servers which is outside of Active Directory. To replicate to these Hyper-V servers, you can select "Use certificate-based Authentication (HTTPS)" for authentication.

7. Next to "Authorization and storage", select "Allow replication from the specified servers".

8. Click "Add".

9. Under "Specify the primary server", type "HVSVR02.test.contoso.com".

Remark: To configure the replica server to receive VMs from different server, you can enter wildcard character for the name (*.test.contoso.com).

10. Under "Specify the default location to store replica files", type "D:\".

11. Under "Specify the trust group", type "HV Group".

12. Click "OK".

13. Click "OK".

Remark: If you don't configure the "Replication Configuration" on the Primary Server, after failover, the role of the original primary server cannot receive the replication from the replica server.

14. Repeat steps 2 - 7 on HVSVR02.

15. Click "Add".

16. Under "Specify the primary server", type "HVSVR01.test.contoso.com".

17. Under "Specify the default location to store replica files", type "D:\HVSVR01".

18. Under "Specify the trust group", type "HV Group".

19. Click "OK".

20. Click "OK".

21. On HVSVR02, launch "Windows Explorer", navigate to "D:\".

The folders have been created automatically.

22. On HVSVR01, launch "Windows Firewall with Advanced Security".

23. Right-click "Inbound Rules", select "New Rule".

24. Select "Predefined > Hyper-V Replica HTTP".

25. Click "Next".

26. On "Perdefined Rules" windows, check "Hyper-V Replica HTTP Listener (TCP-In)".

27. Click "Next".

28. On "Action" windows, select "Allow the connection", click "Finish".

29. Repeat steps 22 - 28 on HVSVR02.

Enabling replication on the virtual machine

29. On Hyper-V Manager of HVSVR01, right-click "FS01.test.contoso.com", select "Enable Replication".

30. On "Before You Begin" window, click "Next".

31. On "Specify Replica Server" windows, next to "Replica server", type "hvsvr02.test.contoso.com".

32. Click "Next".

33. On "Specify Connection Parameters" window, leave default settings.

By default, the data is compressed before transmitting.

34. Click "Next".

35. On "Choose Replication VHDs" screen, you can select which Virtual Hard Disks to be replicated.

36. Click "Next".

37. On "Configure Recovery History" window, select "Only the latest recovery point".

Remark: You can keep more than 1 recovery point by selecting "Additional recovery points". The maximum additional recovery point is 15. By default, the recovery point is created every 1 hour. For application consistent, we can also check "Replicate incremental VSS copy every" option.

38. Click "Next".

39. On "Choose Initial Replication Method" window, select "Send initial copy over the network".

40. Next to "Schedule Initial Replication", select "Start replication immediately".

41. Click "Next".

42. Click "Finish".

43. On "Enable Replication for FS01.test.contoso.com" popup window, click "Settings".

At production environment, the production network and the DR network are different. Hyper-V supports configure the networking for Failover TCP/IP after administrators enabled replication on the VM, I will configure the  Failover TCP/IP  for VM.

44. Expand "Network Adapter > Failover TCP/IP".

45. Check "Use the following IPv4 address scheme for the virtual machine".

46. Provide the IP address, Subnet mask, Default gateway and Preferred DNS server for testing.

Remark: "Failover TCP/IP" requires the OS to be installed the latest Integration Services and  Synthetic Network Adapters.

The one of the following operations system supports "Failover TCP/IP": Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003 SP2 (or higher), Windows 7, Windows Vista SP2 (or higher) and Windows XP SP2 (or higher).

47. Click "OK".

The initial copy is sending to HVSVR02.

48. When sending the initial copy finished, right-click "FS01.test.contoso.com", select "View Replication Health".

You can verify the replication health on the window.

Testing failover on the virtual machine

49.  On Hyper-V Manager of HVSVR02, right-click "FS01.test.contoso.com", select " Replication > Test Failover".

50. Click "Test Failover".

51. Right-click "FS01.test.contoso.com - Test", select "Start".

Remark: Make sure the virtual switch to be assigned on "FS01.test.contoso.com - Test".



"Failover TCP/IP" worked on the VM.

52. Right-click "FS01.test.contoso.com", select "Replication > Stop Test Failover".

53. Click "Stop Test Failover".

Planned failover on the virtual machine

54. On Hyper-V Manager of HVSVR01, right-click "FS01.test.contoso.com", select " Replication > Planned Failover".

55. Click "Fail  Over".

The VM cannot be failover because the VM is running. To perform failover, the VM need to shut down.

56. Click "Close".

57. Click "Cancel".

58. Shut down "FS01.test.contoso.com".

59. Right-click "FS01.test.contoso.com", select " Replication > Planned Failover".

60. Click "Fail  Over".

61. When the failover completed, click "Close".

Remark: "Planned Failover" configures the reverse the replication direction automatically.

62. Right-click "FS01.test.contoso.com", select " Replication > View Replication Health".

Now, the primary server is changed to HVSVR02 and the replica server is change to HVSVR01.

Remark: After failover, you need to update the "Failover TCP/IP" settings because the primary is changed.

Unplanned failover on the virtual machine

Assuming HVSVR02 has been down and then fail over the VM on HVSVR01.

63. Shut down HVSVR02.

64. On Hyper-V Manager of HVSVR01, right-click "FS01.test.contoso.com", select "Replication > Failover".

65. Click "Fail Over".

After failover, the VM started automatically.

66. Right-click "FS01.test.contoso.com", select "Replication > View Replication Health".

The primary server has been changed to HVSVR01 but the replication is stopped because HVSVR02 has been downed.

I will power on HVSVR02 and then configure "Reverse Replication".

67.Power on HVSVR02.

68. Right-click "FS01.test.contoso.com", select "Replication >  Reverse Replication".

69. On "Before You Begin" window, click "Next".

70. Next to "Replica server", type "HVSVR02.test.contoso.com".

71. Click "Next".

72. On "Specify Connection Parameters" window, select "Use Kerberos authentication (HTTP)" and check "Compress the data that is transmitted over the network".

73. Click "Next".

74. On "Configure Recovery History" window, select "Only the latest recovery point".

75. Click "Next".

76. On "Choose Initial Replication Method" window, select "Send initial copy over the network" and "Start replication immediately".

77. Click "Next".

78. Click "Finish".

The new initial copy of "FS01.test.contoso.com" is sending to HVSVR02.

As a result, the data is replicated from HVSVR01 to HVSVR02.

Reference:

Hyper-V Replica Feature Overview

http://technet.microsoft.com/en-us/library/hh831716.aspx

Deploy Hyper-V Replica

http://technet.microsoft.com/en-us/library/jj134207

Understand and Troubleshoot Hyper-V Replica in Windows Server "8" Beta

http://www.microsoft.com/en-us/download/details.aspx?id=29016

For more information about Replication Health:
Interpreting Replication Health - Part 1
http://blogs.technet.com/b/virtualization/archive/2012/06/15/interpreting-replication-health-part-1.aspx

Interpreting Replication Health - Part 2
http://blogs.technet.com/b/virtualization/archive/2012/06/21/interpreting-replication-health-part-2.aspx

This posting is provided “AS IS” with no warranties, and confers no rights!