Computer Enterprise: January 2014

27 Jan 2014

Top Hyper-V PowerShell cmdlets for basic tasks

The Microsoft Hyper-V management console and System Center Virtual Machine Manager (SCVMM) are great tools for managing virtual machines (VMs), hosts and tasks. As with most graphical user interface (GUI) tools, however, these programs have customization and administration limitations. But PowerShell can fill in these Hyper-V management gaps.

SCVMM and Hyper-V PowerShell cmdlets open up new capabilities that help streamline virtual environment administration. In this tip, I focus on my favorite Hyper-V PowerShell cmdlets and commands. If you don't have a copy of SCVMM, you can still use PowerShell to perform most tasks, including getting basic information, creating new VMs and performing live migrations.

First, download and install the Hyper-V Powershell module. (You may have to change PowerShell's execution mode so the module works correctly. It can run properly on Windows Server 2008, but in Windows 7, you may need to change the execution policy to unrestricted or bypass. It's not optimal, but be aware that you may have to loosen the execution policy.)

After installing the Hyper-V PowerShell module, it's time to try out some basic functions. As you get more comfortable with these PowerShell cmdlets and commands, you can combine them to form more complex and valuable scripts. It's not as simple as Hello World, but let's walk before we run.

Get-VM. This cmdlet is the basis for many scripts, and it's pretty self explanatory. Get-VM retrieves information about VMs and provides a quick view of VMs on a particular host. I use this command often:

Get-VM --Server

Note that you must focus on a particular server using the -Server syntax, as you would in the Hyper-V management console.
New-VM, Set-VMMemory, Set-VMCPUCount, Add-NewVirtualHardDisk. This group of Hyper-V PowerShell cmdlets provisions new VMs. The wizard-based GUI of Hyper-V Manager may be easier to use, but if you need to create multiple VMs at once, this method is the way to go.

With these commands, a slight modification allows you to add or modify multiple VMs at one time.

New-VM -Server Host1 -Name RobTest2,RobTest3,RobTest4 -Path d:

Set-VMMemory -Server Host1 -VM RobTest2,RobTest3,RobTest4 1024

Set-VMCPUCount -Server Host1 -VM RobTest2,RobTest3,RobTest4 4

Add-NewVMHardDisk -Server Host1 -VM RobTest2,RobTest3,RobTest4 -Size 24GB

As you can see, simultaneously creating multiple VMs saves time.

Start-VM, Stop-VM, Save-VM, Shutdown-VM. Controlling the state of VMs is also valuable. In some instances where the GUI was not available, I used these commands to control VM shutdowns or save states as a troubleshooting step. Similar to creating and modifying multiple VMs, you can also change the state of multiple VMs at once.

         Start-VM -Server Host1 -VM RobTest2,RobTest3,RobTest4
    Stop-VM -Server Host1 -VM RobTest2,RobTest3,RobTest4
    Save-VM -Server Host1 -VM RobTest2,RobTest3,RobTest4
    Shutdown-VM -Server Host1 -VM RobTest2,RobTest3,RobTest4

Note: You must have Hyper-V integration components installed to use the Shutdown-VM command.

Move-VM. PowerShell can also help with Hyper-V cluster tasks. I have used the following command as a troubleshooting option to move VMs when Failover Cluster Administrator did not work properly. You can also use the cluster.exe command to move VMs between nodes, but I use this PowerShell command more.

Move-VM -Server Host1 -VM RobTest2 -Destination Host2 --force

It's possible to move multiple VMs, but it must be done sequentially.

Move-VM -Server Host1 -VM RobTest2,RobTest3,RobTest4 -Destination Host2 --force

Or with wildcard, you can move all VMs on Host1 that start with RobTest to Host2.

Move-VM -Server Host1 -VM RobTest% -Destination Host2 --force

(Note: To avoid the "WARNING: Cluster commands not loaded. Import-Module FailoverClusters and tr y again" message and use PowerShell's cluster functionalities, load the Failover Cluster module by entering Run, Import-Module FailoverCluster.)

After you're comfortable with these PowerShell cmdlets and commands, try the commands in the PowerShell Management Library for Hyper-V manual. The manual may put you to sleep, but as you read along and experiment with new Hyper-V PowerShell commands, you'll notice that they share a common syntax. In time, you should be able to orchestrate more complex and productive tasks with PowerShell, which is faster than using Hyper-V wizards to administer VMs.

In part two of this series, I demonstrate SCVMM's extended PowerShell capabilities and share scripts that have helped me in day-to-day, Hyper-V administration tasks.

Windows Server 2012 (WS 2012)

Windows Server 2012, formerly codenamed Windows Server 8, is the latest version of Windows Server. The successor of Windows Server 2008 R2, its improvements include overall upgrades in cloud computing and storage infrastructure.

Windows Server 2012 include enhancements to the following:

Graphical user interface (GUI) - Windows Server 2012 was created with the Metro design language so it has the same look and feel as Windows 8 unless installed in Server Core mode. Administrators can switch between Server Core and the Server with a GUI options without a full reinstallation.
Address management - Windows Server 2012 has an IP address management (IPAM) role for discovering, monitoring, auditing and managing the network's IP address space.
Hyper-V- Hyper-V 3.0 offers a scalable, virtual extensible switch that allows a virtual network to extend its functionality in ways that were difficult or impossible to achieve in previous versions.
Active Directory - Several changes have been made to Active Directory. The PowerShell-based Deployment Wizard can work remotely, allowing administrators to promote cloud-based servers to domain controllers without the Wizard running on the server itself. Following the completion of this process, PowerShell scripts containing copies of commands used in the process can assist with the automation of additional domain controllers, allowing for large-scale Active Directory deployments.
File System - Addition of ReFS (Resilient File System) for file servers.
Storage migration - Live storage migration is permitted and shared storage will no longer be required for virtual machine (VM) migration when using Hyper-V Replica.
Clustering. Cluster-aware updating will be automated, which will allow the entire cluster to stay online during the updating process with little to no loss in availability.
NIC teaming. This is the first version of Windows Server with built-in network interface card (NIC) teaming. This feature allows administrators to team together NICs for failover and bandwidth aggregation, creating server resiliency built into the operating system.

Windows Server PKI improvements admins should know

Public key infrastructure has given rise to entire sections within the security industry devoted to the upkeep and improvement of every facet involved with PKI technology. Everything from Root Certificate Authorities to X.509 certificates spawned efforts geared toward successfully guarding server infrastructure and the data therein.

This is especially true with Microsoft server infrastructure, considering the roles and services available within the modern Windows Server environment. These services and roles exist specifically for Windows Server PKI deployment -- not the least of which is the Active Directory Certificate Services (AD CS) role.

As the security apparatus in Windows Server infrastructure improves, Windows administrators should stay up to speed on improvements and vulnerabilities within their respective environments. Let's delve into some of the improvements Windows Server 2012 brings to the table in terms of public key infrastructure as compared to previous Windows Server versions.

Windows Server PKI increases PowerShell functionality

One improvement that has no doubt caught the attention of Windows Server administrators is the increased functionality Windows PowerShell can have in terms of AD CS. Prior to Windows Server 2012, PowerShell only played a role in the configuration of a Certificate Authority. With the release of Windows Server 2012, PowerShell is built with a rich assortment of methods that can be called upon when deploying AD CS. This is especially useful when Windows administrators want to save time by scripting the deployment of any AD CS role or service.

For example, if an administrator wants to script the Network Device Enrollment Service installation within a domain that uses a remotely located Root Certificate Authority, the Install-AdcsNetworkDeviceEnrollmentService cmdlet in Windows Server 2012 can do this. Furthermore, this ability to script has the potential to save ample amounts of time when administering enterprise networks dispersed across different geographic locations.

AD CS role services in Windows Server 2012

As any experienced Windows administrator can tell you, not all versions of the same operating system are the same. For example, Windows Server 2008 Web Edition is different from the Standard Edition, which is different from the Enterprise Edition. In terms of Windows Server PKI, the differences could be infuriating when dealing with an edition that wasn't a premium version.

Fortunately, in terms of AD CS all of this changed in Windows Server 2012. For example, in the Windows Server 2008 Standard Edition, the Certificate Authority component (now called a role service) was available, but the Network Device Enrollment Service mentioned previously was not available. In Windows Server 2012, all six AD CS role services are available across all Windows Server 2012 editions. This was really a common sense move on Microsoft's part, and many in the industry are happy to see the company come around on this issue.

For those operating in Windows environments, Microsoft looks to be moving in a direction that more robustly integrates PKI into Windows Server domains. Each new Windows Server rollout appears to drastically improve upon its predecessor. While the PKI improvements listed above should not in any way be construed as being an exhaustive list of additional features, they illustrate the dedication of the creators of Windows Server 2012 to advancing PKI and securing the enterprise.

How Windows Server 2012 R2 will change storage management

Microsoft Corp. revealed its forthcoming Windows Server 2012 R2 at this month's TechEd conference. Although a preview build won't be available for download for a few weeks, Microsoft has given us a tantalizing glimpse into what we can expect from the new operating system.

As you probably know, the original Windows Server (WS) 2012 release was jam-packed with hundreds of new features, the bulk of which were related to storage and virtualization. Microsoft's Windows Server 2012 R2 continues this trend by focusing on improvements to the storage subsystem and server virtualization.

Native tiered storage feature

With regard to storage, the biggest improvement in WS 2012 R2 is the inclusion of a native tiered storage feature that's an enhancement to Windows Storage Spaces. The idea behind this feature is that if an administrator adds both solid-state drives (SSDs) and hard disk drives (HDDs) to a storage space, the storage space engine will automatically differentiate between the two types of storage. In doing so, Windows will move hot blocks (blocks of storage that are read more frequently than other storage blocks) to SSD storage, while cooler blocks will remain on HDD storage. Remember, there's a very distinct trade-off between SSDs and HDDs. While SSDs are very fast, they're expensive and have comparatively low capacities. On the other hand, HDDs have plenty of capacity and are relatively inexpensive, but don't offer the performance of SSDs.

The storage tiering feature should greatly boost read performance on Windows servers. This will be especially true for servers acting as virtual desktop infrastructure (VDI) hosts, since VDI images are often identical to one another and share many common storage blocks when deduplicated.

The nice thing about storage tiering is that it will be simple to implement. Although this could potentially change by the time Windows Server 2012 R2 is released, the current build provides the option to create a storage tier within the New Virtual Disk Wizard. When an administrator creates a virtual disk, he can select a checkbox to enable storage tiering for the virtual disk. If storage tiering is enabled, the movement of hot and cold blocks between SSD and HDD storage becomes automatic. Furthermore, the option to tier or not to tier storage for individual virtual hard disks (VHDs) means you won't waste valuable SSD resources on VHDs for which performance isn't a high priority. Microsoft even provides an option to specify the size of each tier on a per-virtual disk basis.

Write-back caching

WS 2012 R2 can also use SSDs for persistent write-back caching. The idea here is that write operations can be cached to an SSD and then later written to HDD storage. This can help to improve overall storage performance.

Fault tolerance

Microsoft is offering some new fault-tolerant options. A dual parity option now creates a logical disk structure that is similar to RAID 6. There's also an option in the New Virtual Disk Wizard to create a three-way mirror.

Data deduplication

One of the big draws of Windows Server 2012 was native deduplication that could be applied on a per-volume basis without the use of third-party software. However, Microsoft placed a number of restrictions on the types of volumes that could be deduplicated. More importantly, Microsoft stated that Hyper-V hosts and VDI virtual hard disks weren't good candidates for deduplication.

WS 2012 R2 supports running virtual machines (VMs) on deduplicated storage. It's common for VMs to share a common set of storage blocks and, because deduplication tracks the location of storage blocks, VM performance generally improves when the underlying storage is deduplicated. For example, in a demo shown during the opening keynote at TechEd, five VMs were booted from non-deduplicated storage while an identical set of VMs was booted from deduplicated storage. The VMs booting from deduplicated storage booted in less than half the amount of time than their counterparts.

As you can see, Windows Server 2012 R2 offers some promising enhancements to storage management. Features such as storage tiering and new fault-tolerant mechanisms should provide SAN-like capabilities to organizations that don't have a SAN.

Running PowerShell scripts can ease Windows virtualization tasks

Windows Server 2012 R2 is in general availability, and with it comes a new version of PowerShell. Right now, the only way to get PowerShell 4.0 is to grab and work with the Windows Management Framework 4.0.

One of the most helpful and useful ways to put PowerShell to work is on Windows virtualization tasks. There's already a huge library of materials available on the Internet for this subject, most notably in a five-part series of TechNet blogs. Amidst this wealth of information, you can find a lot of details and ready-to-run PowerShell scripts to automate a number of virtualization set-up, configuration and maintenance tasks.

TechNet series offers insight to running PowerShell scripts

The information covered in the TechNet series provides an excellent overview of what PowerShell is good for in the virtualization world. The series includes an overview of the Graphical PowerShell Interface and provides scripts to map worker process IDs to VMs, how to create scripts for creating a virtual hard disk (VHD) using PowerShell WMI, how to retrieve the IP address of a Hyper-V VM, how to shut down a guest VM in Hyper-V and how to create a complete virtual network in Hyper-V.

Given some time and a desire to put PowerShell to work, you can do a lot with the toolset. The real benefits come, of course, when you can automate recurring tasks. The leverage increases with the frequency of repetition.

CodePlex provides Hyper-V scripts

Following the introduction of Windows Server 2012, and even more so in Windows Server 2012 R2, the extensible switch makes it easier to work with virtualized infrastructures than in earlier versions. Switch extensions also mean you don't have to replace older definitions with brand-new ones. Instead, you can apply updates and enhancements without having to reinvent the wheel.

There's no place better for providing fodder for such activities than the CodePlex PowerShell Management Library for Hyper-V, where you'll find over 100 cmdlets organized by tasks that include finding and connecting to a VM, discovering and manipulating machine states, backing up or exporting VMs and working with VHD files, just to name a few.

Hyper-V has its own collection of cmdlets

Hyper-V 3.0 and higher ship with over 150 PowerShell cmdlets. You can use PowerShell to show what's available and how to run and use those scripts by typing Get-Command –Module Hyper-V in the normal PowerShell runtime environment

The help system will provide additional details about any cmdlet you need, and you can search the collection by appending -Name *search* to the preceding input line; where the asterisk characters are wildcards, you'd replace search with the particular string you might like to find, such as add, find and so forth. The Get-Help cmdlet takes cmdlet names as input and can be managed using the -Examples (for code examples), -Detailed (for verbose output) and -Full (for all information) switches. Thus, Get-Help Add_VMNetworkAdapter -Examples shows sample PowerShell scripts to add network adapters to a virtual machine.

To access the Hyper-V module in PowerShell, you have to enable that feature, which requires entering this command:

Add-WindowsFeature Hyper-V -IncludeManagementTools

You must also run the PowerShell Console as administrator to interact with and manage Hyper-V, so be sure to follow these simple steps to get up and going.

Group Policy settings alter Windows 8 configuration, user interface

There are several new Group Policy settings in Windows 8.1 that can affect how users interact with enterprise desktops. In my previous article, I described updated and new Windows 8 Group Policy settings for the Control Panel, Start Menu and taskbar. Here are more settings for system configuration and SkyDrive.
Windows 8 configuration for computers and users

The Edge user interface (UI) template under Windows Components contains policies related to the edge panes on the Windows 8.1 desktop, specifically the Switcher at the left edge of the screen and Charms Bar at the right edge. Windows 8.1 adds four new policies to this template in the User group. One of these policies, Disable help tips, is also included in the Computer group. As the name suggests, the policy disables the tips that Windows shows to the user.

The other three policies have equally descriptive names, so you should be able to readily glean their meaning.

Do not show recent applications when the mouse is pointing to the upper left corner of the screen.
Search, Share, Start, Devices and Settings don't appear when the mouse is pointing to the upper right corner of the screen.
Prevent users from replacing the Command Prompt with Windows PowerShell in the menu they see when they right-click the lower left corner or press the Windows logo key + X.

Windows 8.1 settings and Search

The Search template in the Computer group includes five new policies. The first two are Don't search the Web or display Web results in Search policy and Don't search the Web or display Web results in Search over metered connections. Not surprisingly, the policies control whether the Search feature can include the Web in regular searches or searches over metered connections, respectively. By default, users can choose whether their searches include the Web, but these policies override that option.

Another new policy is Do not allow locations on removable drives to be added to libraries. The policy prevents folders on removable drives from being included in a library, which is a window that provides a view of folders stored in different locations so a user can easily browse them.

If you want to control the SafeSearch setting used when performing a search, you can enable the Set the SafeSearch setting for Search policy. SafeSearch can filter out adult content from search results, depending on which setting you select within the policy. You have three choices: Strict, Moderate or Off.

In addition, you can use the Set what information is shared in Search policy to control which data (such as user and location information) is shared with Bing when performing a search.

Windows 8 SkyDrive configuration

Windows 8.1 adds three SkyDrive-related policies to the Computer group. The Prevent the usage of SkyDrive for file storage policy prevents apps and features from working with files on SkyDrive. If the policy is enabled, SkyDrive doesn't appear in File Explorer and SkyDrive files aren't kept in sync with the cloud. Also, users can't access SkyDrive from the SkyDrive app or file pickers, and they can't automatically upload photos and videos from the camera roll folder.

Another policy related to Windows 8 SkyDrive is Save documents and pictures to the local PC by default. If this policy is enabled, apps and users can still save files on SkyDrive. They can also use the SkyDrive app and file pickers to open and save files on SkyDrive. However, if this policy is disabled or not configured, files are saved to SkyDrive by default for users with connected accounts.

The third new policy is Prevent SkyDrive files from syncing over metered connections. The policy does exactly what the name suggests.

Plenty more new Group Policy settings

There are more policies for Microsoft's latest OS revision. Other administrative templates and Windows 8.1 Group Policy settings include some related to Windows Update, user profiles and work folders. In addition, Windows 8.1 also includes numerous policies specific to Internet Explorer 11.

Desktop admins who familiarize themselves with the new Group Policy options for Windows 8 configuration will be better able to respond to users who could be affected.

What's new for Windows 8 integration with SharePoint?

Does Windows 8 offer any sort of integration with SharePoint?

Organizations that heavily depend on SharePoint may wonder if Windows 8 offers any sort of integration with SharePoint. On the surface, native SharePoint support within Microsoft's latest desktop operating system appears to be nonexistent. However, there is more than first meets the eye.

You may have heard that Microsoft made some changes to the File Explorer in Windows 8.1. Libraries are hidden by default and a link to SkyDrive appears in its place. If you choose to unhide the Libraries, you'll notice that the Libraries folder contains two Documents folders. One of these folders corresponds to the local PC while the other points to SkyDrive.

The point behind all of this is that Microsoft is trying to encourage end users to save documents on SkyDrive rather than on their local computer. Of course, SkyDrive is a consumer-oriented option for cloud storage.

Microsoft's enterprise alternative to SkyDrive is SkyDrive Pro, which is based around the use of SharePoint document libraries. These libraries can exist on-premises or through Office 365. There are several ways to get Windows to use SkyDrive Pro, including Group Policy settings and a SkyDrive Pro app that's available in the Windows Store (for apps).

Speaking of the Windows store, Microsoft recently created a SharePoint Newsfeed app for Windows 8. This app allows Windows 8 end users to connect to their SharePoint 2013 or to their Office 365 social network on the go. The app will allow end users to view posts and comments from other end users, create new posts, respond to existing posts and even upload pictures.

The interesting thing about the SharePoint Newsfeed app is that it does not provide full integration with SharePoint or full SharePoint functionality. Time will tell whether the app will prove useful since end users could just as easily connect to SharePoint from their browser and get the full SharePoint experience. Microsoft envisions the app being used on the go and snapped to the side of the screen so end users can watch SharePoint social networking feeds while working on other things.

Weighing the benefits of a Windows Server 2012 migration

When Microsoft delivered Windows Server 2012, it also shipped a message: Cloud computing is the future. The first major release of an operating system since Windows Server 2008 R2's release in 2009, Windows Server 2012 offers a bundle of feature enhancements that are attractive to IT departments looking to move some workloads out of data centers.

IT administrators say they are optimistic about Windows Server 2012 yet hesitant about moving too quickly. While shops are reticent to jump onboard with a Windows Server 2012 migration -- development and applications often come first -- admins like what they are seeing in terms of features.

Then there's Microsoft's messaging about this being the "Cloud OS." Many admins are quick to reject the idea of moving all or even part of their back end to Microsoft or third-party hosting services. While those who maintain that on-premises is the way to go, Microsoft's iterations bring to data centers what the company has learned in the cloud running its Azure services.

But the jump to the latest offerings may not be the right decision -- at least not right away. Individual organizations need to determine the proper pace for migration based on their need for advanced features, on their virtualization platform preferences, and on their cloud aspirations, among other factors.

Cloud-optimized features

Windows Server 2012 brings with it a variety of features to the data center, making it possible for admins to deploy highly available cloud applications. And with features such as PowerShell 3.0, the improved virtualization hypervisor, Hyper-V, SMB 3.0 and more, the potential benefits of the latest release are irrefutable, even if some IT shops aren't ready to take advantage of them today. Let's consider some of these features in turn.

PowerShell 3.0 added an additional 2,300 cmdlets, allowing for more granular control over the operating system. PowerShell remoting allows wider control of a data center by executing commands from a remote computer.

Virtualization has made notable strides in Hyper-V 3.0, which supports 64 processors and 1 TB of memory. Introduced with Windows Server 2012, the VHDX format has a larger disk capacity and is more resilient than its predecessor.

One such feature catching admins' attention is Server Core, which allows for command-line administration. While it isn't new, it is improved. Server Core allows for remote administration, and has greater security than running the graphical user interface (GUI) environment. New in Server 2012, users can switch between the Server Core view and the GUI Server Manager view by installing a role.

These features may make Windows Server 2012 an attractive choice for enterprises looking to get more out of their server hardware.

Best practices for migration

Admins looking to upgrade in place from an older version of Windows Server should note Microsoft's requirements. If they are running 64-bit versions of Windows Server 2008 SP2 Standard or Datacenter, or Windows Server 2008 R2 SP1 Standard or Datacenter versions, admins can upgrade domain controllers in place.

There are, however, important exceptions to this. For one, Microsoft has noted a known issue that Server Core installations of Windows Server 2008 R2 will fail during an upgrade to Windows Server 2012. As a result, Microsoft recommends installing a new domain controller running Windows Server 2012.

An in-place upgrade is dependent on a number of other factors, as well. There are important hardware requirements to properly perform an in-place upgrade. An upgrade requires a 1.4 GHz processor, 512 MB minimum RAM and 32 GB of free disk space. During an in-place upgrade, Microsoft recommends right sizing because of errors that could result from not having enough free space to upgrade the Active Directory files.

Some IT shops forgo the in-place upgrade for building up a new domain controller and migrating data. For administrators like Alan Pratt, senior Windows administrator at Western Refining, an oil refinery owner based in El Paso, Texas, the better option was to use a new domain controller and migrate data.

The benefit to doing that, Pratt said, is that there was no downtime in running an install.

Pratt currently runs Windows Server 2012 as a primary domain controller on two databases and an Exchange 2013 installation. Aside from a bug where some users' logon scripts would not function, Pratt says that, in the six months since installation, his Windows Server 2012 machines have run without a hitch.

Pratt said he won't install new versions of operating systems in a production environment right away, because of potential bugs that can bite early adopters. "I don't mind [testing new versions] in a lab environment," Pratt said, noting that thousands of employees rely on smoothly running servers. Downtime, he said, is unacceptable.

Since installing Windows Server 2012, Pratt said he has dropped use of the GUI and relies on Server Core for remote management, using new PowerShell remoting cmdlets. By skipping the GUI, Pratt avoids having to use Microsoft's new user interface, which he sees as out of place in a server OS.

Pain, then gain?

The jump from Windows Server 2008 to Windows Server 2012 can create friction. Inevitable downtime during the upgrade will be bothersome, and application compatibility troubles will need to be solved. Organizations willing to make that switch, however, will be glad. Microsoft promises that they will find their next upgrade to be not nearly so painful.

Interestingly, that upgrade may come sooner rather than later. Just eight months after shipping Windows Server 2012, Microsoft previewed Windows Server 2012 R2, due out by the end of 2013. Billed as a completely new build of the server product, it packs a bunch of new features. Among them is Hyper-V Network Virtualization, which helps enterprises implement a software-defined network and can bridge apps to the cloud. Improvements to Storage Spaces will allow applications to run on different storage disk types.

With most Microsoft shops just now testing Windows Server 2012, many question this new rapid release strategy. Even with the load of attractive features, many admins are using Windows Server 2008 or Windows Server 2008 R2, and some even Windows Server 2003.

When Windows Server 2008 R2 went 64-bit only, many enterprises were left behind in the upgrade process until they made a decision to move to new hardware.

Despite this, Microsoft is confident in its more rapid release cadence.

"We want to give our customers the opportunity to deploy our capabilities whenever, as fast as possible," said Jeff Woolsey, principal program manager of the server and cloud division at Microsoft.

At the same time, Woolsey says the company is working to ease the upgrade process with features like Hyper-V Live Migration, which promises no downtime during a VM upgrade from Windows Server 2012 to 2012 R2.

For administrators , a more seamless migration process would be welcome news. In fact, Pratt says he would consider doing a live migration from Windows Server 2012 to Windows Server 2012 R2 sometime after it ships in late 2013.

26 Jan 2014

Windows Server 2012 R2 Work Folders enable BYOD synchronization

Work Folders is a new feature in Windows Server 2012 R2 that allows users to synchronize data across multiple devices for offline use. A user might synchronize a folder with her laptop and tablet to edit documents in that folder while working offline. The changes are synchronized the next time the user connects.

You can enable the Work Folders feature, a component of the File and Storage Services Role, through Server Manager or through PowerShell. Once enabled, you can configure Work Folders using the steps outlined below.

How to configure Work Folders

The first steps in configuring Work Folders involve setting aside some New Technology File System storage to store synchronized data and create a new sync share.

To create a sync share, select the New Sync Share option from the Tasks dropdown. This will launch Windows' New Sync Share Wizard. Click Next to bypass the wizard's Welcome screen.

The next screen will ask you to select the server on which you'll create the sync share (Figure 1), then choose an existing file share or to enter a local path.

The next screen asks you to choose a format to name the folder. You have two options:

Use user aliases, which are helpful if you already have a folder structure in place based on user aliases.
Use a user@domain format. This is often best for organizations with multiple domains because it eliminates the possibility of a conflict with multiple users from different domains having identical aliases.

This screen also contains a checkbox to specify subfolders you want to synchronize (Figure 2).

Synchronization occurs on a per-user basis, which is why the sync share can use either user aliases or email addresses. Work folders only serve as a mechanism for making a user's files available to him to work offline. Work folders can't be used for collaboration, although Microsoft has hinted that this capability may be coming.

Click Next, and you'll be prompted to enter a sync share name. You can also enter an optional description to document the purpose of the sync share.

The following screen asks you to specify the users or groups who need access. The most noteworthy thing on this screen is a checkbox labeled Disable Inherited Permissions and Grant Users Exclusive Access to Their Files. This box is selected by default, but it may be a good idea to deselect it. Otherwise, the administrator won't have access to user files.

Click Next and you'll be taken to the Specify Device Policies screen, which provides two check boxes: Encrypt Work Folders and Automatically Lock Screen and Require a Password. You can enable or disable these options with the checkboxes.

Click Next to get a confirmation screen. Assuming everything looks good, click Create to create the sync share.

How a user will connect to a designated work folder will depend on the type of device that user works from. Client connectivity is built into Windows 8.1, but users with other device types will likely have to download a client from the app store.

The client component requires the user to enter his address and URL for the work folder. IIS is also installed when you install the Work Folders server role, which is why a work folder URL is used.

Windows Server 2012 R2 is still in preview release, so it remains to be seen how well the feature works in the final release or which client platforms it will support. Some at Microsoft have indicated it will eventually support Windows 8.1, Windows RT 8.1, Windows 7 and iOS.