Saturday, February 28, 2015

Monitor Workloads with System Center Operations Manager on Microsoft Virtual Academy (MVA) course

There is a new recorded Microsoft Virtual Academy (MVA) course is talked about monitor by using System Center 2012 R2 Operations Manager. The course is hosted by Symon Perriman, 5 nine software Vice President of Business Development, and Gordon Mckenna, Microsoft MVP and Inframon Chief Executive Officer. This course will give you some best practices to monitor different environment like SQL, Exchange, Microsoft Azure and so on. Let's watch this course to get some ideas for monitor by System Center Operations Manager.


This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: , ,

Sunday, February 15, 2015

Configuring Cloud Witness on Windows Server 2016 (Technical Preview version)

In Windows Server Technical Preview (vNext), there is a new Failover Cluster quorum option, Cloud Witness. Administrators can configure a cluster to save a quorum to Microsoft Azure. Cloud Witness can apply to many scenarios like Exchange DAG, Multi-Site Cluster and so on. To use cloud witness, there are some requirements.
  • Microsoft Azure Account (We need to create a Azure Storage Account under the Microsoft Azure Account)
  • Windows Server Technical Preview (This is a new option for Windows Server Technical Preview)
  • Make sure the cluster can access Internet (The cloud witness is saved at Microsoft Azure, cluster nodes must connect to Internet)

Lab environment
  • Microsoft Azure account
  • 1 domain controller is installed Windows Server Technical Preview named DC01
  • 4 member servers are installed Windows Server Technical Preview named Node01 to Node 04 and joined tlslab.local domain
  • 2 cluster were created and named "Cluster01" and "Cluster02"
  • All settings will be performed by Domain Administrator


Goals
Configure Cloud Witness for Cluster01 and Cluster02 by Failover Cluster Manager and Powershell

Steps
1. Log in your Microsoft Azure account on www.azure.com.
2. On Azure Portal, select "Storage".
3. Select your storage account on Microsoft Azure, click "Manage Access Keys".


4. On "Manage Access Keys", copy "STORAGE ACCOUNT NAME" and "PRIMARY ACCESS KEY" by clicking the icon and then paste it to notepad.


5. Click "Tick" icon.

Now, we got the "STORAGE ACCOUNT NAME" and "PRIMARY ACCESS KEY" to access the Azure Storage Account. We can configure the Cloud Witness on "Cluster01" and "Cluster02".

6. On Node01, log in as Domain Administrator.
7. Launch "Failover Cluster Manager".
8. Right-click "Cluster01", select "More Actions > Configure Cluster Quorum Settings".


9. On "Before You Begin" window, click "Next".
10. On "Select Quorum Configuration Option" window, select "Select the quorum witness".


11. Click "Next".
12. On "Select Quorum Witness" window, select "Configure a cloud witness".


13. Click "Next".
14. On "Configure cloud witness" window, next to "Azure storage account name", paste "STORAGE ACCOUNT NAME" of your Azure account from notepad.
15. Next to "Azure storage account key", paste "PRIMARY ACCESS KEY" of your Azure account from notepad.


16. Click "Next".
17. On "Confirmation" window, click "Next".


18. On "Summary" window, click "Finish".


The Cloud Witness has been configured on "Cluster01".



After configuring Cloud Witness, your Azure Storage Account also created "msft-cloud-witness".

19. On Node03, log in as Domain Administrator.
20. Launch "PowerShell" as administrator.
21. Perform Set-ClusterQuorum -Cluster Cluster02 -CloudWitness -AccountName <Azure Storage Account Name> -AccessKey <PRIMARY ACCESS KEY of your Azure account> to configure Cloud Witness for Cluster02.



After configuring Cloud Witness on both clusters, there are 2 records in containers of msft-cloud-witness.

Remark: If you regenerate the "Manage Access Keys" on the Azure Storage Account after configuring Cloud Witness. Make sure you apply a new key on Clusters which are applied the previous key. If the new key isn't applied to Clusters, The status of Cloud Witness changes to "Failed" and you get the event ID 1659 on Cluster Events.



This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: , , , , ,

The management and remote access connectivity of Windows 10

Speaker: Michael Niehaus, Senior Product Marketing Manager

In the last few days, I attended Tech.Days Hong Kong 2015.


In this event, I attended 2 Windows 10 sessions which are "Windows 10: Remote Access Connectivity and Windows 10 Management Technologies: What's New". After attending Windows 10 sessions, it seems that Microsoft tends to use more Microsoft Intune and System Center Configuration Manager to manage Windows 10 or later operating systems. I'm going to explain this.

In Windows 10, we can join the Windows 10 device to Azure Active Directory (AAD).


There is no group policy on AAD. To apply the security settings to Windows 10 device which is joined to AAD, administrators can configure Microsoft Intune on the cloud to integrate with Azure Active Directory. When a device is joined to the Azure Active Directory, it will automatically applied the company policies through Microsoft Intune. Many security settings can be through Microsoft Intune to configure it. If there isn't enough option for administrators to configure it, administrators can upload the PowerShell script to Microsoft Intune. The next version of Microsoft Intune supports WMI bridge and PowerShell configuration. administrators can also upload PowerShell script though Microsoft Intune to apply to the device. Honestly, Microsoft Intune for management desktop isn't robust enough to compare with Group Policy but Microsoft will add more options based on market trend.

The next version of System Center Configuration Manager will be integrated with Microsoft Intune. administrators can use one portal to manage mobile and desktop devices


The next version of Microsoft Intune is not only for applying security settings to Windows 10 device but also apply a new feature to Windows 10 device like "Per-application VPN". "Per-application VPN" is a new feature on Windows 10 to control which applications can be connected to the corporate network. For an example, your company only allows Internet Explorer to connect to your corporate web site through VPN. Apply "Per-application VPN" to a Windows 10 device which is enrolled Mobile Device Management (MDM) by Microsoft Intune. The user still can use other browsers like Chrome to access other web sites but the chrome browser cannot access the corporate web site.

In Windows 10, Microsoft works with other VPN vendors like Cisco, F5 and so on to change the configuration method of VPN. Users can be through Windows Store to download and install VPN plug-in from supported vendors. After that, users can set up a VPN connection at "Add a VPN connection" Wizard.


After installing other VPN plus-in from Windows Store, we can select it from "VPN provider". It's easy for us to set up a VPN connection from any vendor.

Eventually, there are some new management solutions in Windows environment. The old management solution like Group Policy will be phased out in the future.

This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: , , ,

Wednesday, February 4, 2015

Learn Windows Server 2012 R2 Failover Clustering from a Microsoft Virtual Academy (MVA) course

There is a new recorded Microsoft Virtual Academy (MVA) course is talked about Windows Server 2012 R2 Failover Clustering. The course is hosted by Symon Perriman, 5 nine software Vice President of Business Development, and Elden Christensen, Microsoft Principal Program Manager Lead. This course was given an introduction of Failover Clustering and talk Cluster deployment, networking, storage and so on. Let's watch this MVA to learn some best practices.


This posting is provided “AS IS” with no warranties, and confers no rights!
Posted by at No comments:
Labels: , ,
Subscribe to: Comments (Atom)