Migrating DHCP from a 32 bit W2k3 server to W2k8 64 bit server

This process is achieved by dumping the configuration of the 2003 server to a script and then executing the script on the 2008 server.

The commands to perform this task are:

 

Netsh dhcp server dump > dhcp-script.netsh on the 2003 server

 

And then

 

Netsh exec dhcp-script.netsh on the 2008 host site root server

 

 

 

 

 

The text script file will need to be edited by replacing the IP address of the 2003 server with the 2008 server IP address.

October 28, 2008 Posted by titn003 | Uncategorized | | No Comments Yet

RODC replication – some thoughts

Are changes instantly replicated from a domain controller ?

 Depends on the replication schedule set between sites. Generally, no.The time it takes to replicate changes to an RODC depends on where the changes have been made and how fast they get replicated to the RODC. Changes made on a distant site can take more time to replicate to the RODC than changes made in the same site/the site next to the RODC.

 Can the replication time be changed ?

AD Sites and Services will allow you to configure your replication topology, frequency and any other scheduling. The topology for AD Sites and Services is more or less the same as in Windows 2003

I order to reduce the amount bandwitdth used then the replication traffic should be configured to only allow inbound replication, no local changes, and therefore no outbound replication. RODCs can replicate from writeable DCs.

The most important aspect is replication of password changes. That is covered by this article:  

http://technet.microsoft.com/en-us/library/cc730883.aspx    

What operations fail if the WAN is offline, but the RODC is online in the branch office?

If the RODC cannot connect to a writable domain controller running Windows Server 2008 in the hub, the following branch office operations fail

• Password changes

• Attempts to join a computer to a domain

• Computer rename

• Authentication attempts for accounts whose credentials are not cached on the RODC

• Group Policy updates that an administrator might attempt by running the gpupdate /force command
  

  What operations succeed if the WAN is offline, but the RODC is online in the branch office?

  If the RODC cannot connect to a writable domain controller running Windows Server 2008 in the hub, the following branch office operations succeed:

• Authentication and logon attempts, if the credentials for the resource and the requestor are already cached.

•  Local RODC server administration performed by a delegated RODC server administrator.

 

October 1, 2008 Posted by titn003 | Uncategorized | | No Comments Yet

Group Policy Preferences – better than scripting

 

Short write-up about what Group Policy Preferences can do for you (which previously were done using scripting)

http://www.frickelsoft.net/blog/downloads/10%20things%20Group%20Policy%20Preferences%20does%20better.pdf

October 1, 2008 Posted by titn003 | Uncategorized | | No Comments Yet

DCPOMO on Core 2008 Server – then promote to a RODC

Here is how I demoted core domain controller server to a member server and then used the following unattended file to create a read only domain controller

dcpromo /AdministratorPassword:<password>

Unattend file to make it a RODC

[DCINSTALL]
AutoConfigDNS=Yes
CriticalReplicationOnly=No
DisableCancelForDnsInstall=no

UserDomain=<domain>UserName=administrator
Password=<password>
SafeModeAdminPassword=<password>

SiteName=Default-First-Site-Name

DatabasePath=”%systemroot%\NTDS” 
LogPath=”%systemroot%\NTDS”
SYSVOLPath=”%systemroot%\SYSVOL”

ConfirmGC=no

ReplicaDomainDNSName=<domain.com>ReplicaOrNewDomain=ReadOnlyreplica
ReplicationSourceDC=<servername.domain.com>

RebootOnCompletion=yes

September 16, 2008 Posted by titn003 | Microsoft | Server2008 | No Comments Yet

Upgrading Process for Windows Server 2008

 Verify the new server’s TCP/IP configuration has been pointed to the current DNS server.

2. Make the new server become a member server of the current Windows Server 2003 domain first.

3. Upgrade the Windows Server 2003 forest schema to Windows Server 2008 schema with the “adprep /forestprep” command on old server.

 

Please run the “adprep.exe /forestprep” command from the Windows Server 2008 installation CD on the schema master. For example:

 

Drive:\CMPNENTS\R2\ADPREP\adprep.exe /forestprep

 

4. Upgrade the Windows 2003 domain schema with the “adprep /domainprep” command on old server.

 

Drive:\CMPNENTS\R2\ADPREP\adprep.exe /domainprep

 

5. Run “dcpromo” on new server to promote it as an additional domain controller in existing Windows 2003 domain, afterwards you may verify the installation of Active Directory.

 

6. Verify the new server’s TCP/IP configuration has been pointed to current DNS server.

 

7. Insert Windows Server 2008 Installation Disc in the new server.

 

8. Run “dcpromo” on new server to promote it as an additional domain controller in existing Windows 2003 domain.

 

9. Install DNS component on new server and configure it as a new DNS Server (Active Directory Integrated-Zone is preferred). All the DNS configuration should be replicated to the new DNS server with Active Directory Replication.

 

To gradually remove old windows server 2003 server, here is some extra steps we should do:

================

 

1. Enable Global Catalog on new server and manually Check Replication Topology and afterwards manually trigger replication (Replicate Now) to synchronize Active Directory database between 2 replicas.

 

Please note: It will some time to replicate GC between DC, please wait some time with patience.

 

2. Disable Global Catalog on DC2.

 

3. Make all the clients change TCP/IP configuration to point to new server as DNS.

 

4. Transfer FSMO roles to the new server.

 

How to view and transfer FSMO roles

http://support.microsoft.com/kb/324801

 

5. Please check whether everything works normally with the new server. If so, you can run DCPROMO to demote old DC.

 

To migrate files to the new server:

========================

You can use Robocopy tool or FSMT to migrate files from old server to the new server with windows server 2008 without losing NTFS permissions.

 

More information about Robocopy:

http://technet2.microsoft.com/windowsserver2008/en/library/d4c6e8e9-fcb3-4a4a-9d04-2d8c367b63541033.mspx?mfr=true

September 12, 2008 Posted by titn003 | Uncategorized | | No Comments Yet

Hyper-V explained for ESX engineers

 

Excellent comparison from http://hyperinfo.wordpress.com/2008/08/27/hyper-v-for-the-esx-engineer/

 

• Hyper-V is paravirtualized – paravirtualized means the virtual machine is “aware” (Microsoft uses the term enlightened) that it is virtualized.  If the machine isn’t enlightened, it will run in emulation mode.  Emulation mode requires a lot of context switching between user mode and kernel mode.  This will understandably slow down performance.
• The Hyper-V “Service Console” is referred to as the Management Partition.  This is a Windows VM with privileges into the kernel that other VMs do not have.  This (at least on the surface) is similar to ESX’s Service Console.
• It is recommended to run Hyper-V on Windows Core (stripped down version with no GUI).  The core version will consume less resources, require less patches, etc.
• Server 2008 has “roles” that determine the functions on the server.  Hyper-V is recommended to be the only role on the server for production
• Hyper-V does not share memory pages
• Hyper-V has quick migration instead of VMotion.  Instead of a live migration, the machine is suspend and resumed on another host.  The amount of memory will have a direct impact on the amount of time required because the memory contents will written to the disk and then read from the disk on the new host.
• Hyper-V relies on Microsoft Clustering Services right now to provide multiple host functionality for SAN connected virtual machines.  This means that Enterprise Edition is the minimum required OS level for the host to perform Quick Migrations
• It is recommended that each LUN contain only one VM.  Space needed will be disk space required + virtual RAM assigned to the machine (for quick migrations) + room for snapshots of the virtual machine
• Live Backups of a VM are supported through VSS if the guest OS is VSS aware
• Virtual Hard Disk files are .vhd files instead .vmdk files for ESX
• Raw Device Mapping (RDM) in ESX is called Pass Through Disks in Hyper-V

Microsoft System Center and is called SCVMM (System Center Virtual Machine Manager).  Here are some points for this product.

• Since Distributed Resource Scheduling doesn’t exist today for Hyper-V, they support the idea of Intelligent Placement of a VM onto the farm.  This data is configurable but the SCVMM basically tracks performance of the hosts over a recent time period in an attempt to recommend the best placement of the new virtual machine on a host.
• The entire product is driven by Windows Power Shell and is completely customizable, exportable, etc.
• Upcoming version of the product will support ESX and well as Hyper-V.  In order to support ESX, an existing Virtual Center will be required for SCVMM to interface.  (Think single pane of glass for management).  I have my doubts on this one but I’m curious.
• Self Service Portal – End Users will be able to provision their own machines.  Again, I’d have to see this one.

August 29, 2008 Posted by titn003 | Uncategorized | | No Comments Yet

ESX Vs Hyper-V

Comparision table at http://www.vmware.com/products/esxi/facts.html.

 

From the vmware site, to date cannot find the same table on the microsoft site

August 26, 2008 Posted by titn003 | Uncategorized | | No Comments Yet

Step-by-Step Installing Hyper-V on Server Core

1. Enable CPU virtualisation assistance and DEP in the BIOS.
2. Install Windows Server 2008 Enterprise x64 (Core Installation).
3. Determine the NIC ID: netsh interface ipv4 show interfaces.
4. Set the IP address for NIC, let say for NIC #2: netsh interface ipv4 set address name=”2″ source=static address=192.168.1.3 mask=255.255.255.0 gateway=192.168.1.1.
5. Set the DNS: netsh interface ipv4 add dnsserver name=”2″ address=192.168.1.2 index=1.
6. Rename server: netdom renamecomputer %computername% /NewName:HyperSvr1.
7. Reboot for that to take effect: shutdown /r /t 0.
8. Join it to domain: netdom join %computername% /domain:admininfo.local /userd:administrator /passwordd:*.
9. Reboot for that to take effect: shutdown /r /t 0.
10. Copy CoreConfigurator onto the Core server and configured any users, groups, enabled RDP, firewall settings, etc…
11. Download and copy the Hyper-V update onto the server.
12. Install the Hyper-V update: wusa.exe Windows6.0-KB950050-x64.msu.
13. Install the Hyper-V role: start /w ocsetup.exe Microsoft-Hyper-V.
14. Reboot.
15. Download and install Remote Management for Windows Vista.

August 20, 2008 Posted by titn003 | Uncategorized | | No Comments Yet

Migrating AD from W2K3 to W2K8

The safest and simplest way to migrate is to start by adding a Windows 2008 Domain controller to your existing domain

First you need to Adprep your 2003 Domain by running
adprep /forestprep    and
adprep /domainprep   and
adprep /gpprep

do this by placing the from 2008 DVD in the Windows 2003 DC  - ADPREP is in the SOURCES folder on the DVD.

Once done you can run the setup program from the 2008 DVD and do an upgrade, or you can do a clean install on a new box and join the 2008 machine to the domain – the latter is my preferred option.

If you take the latter route you need to assign the 2008 new computer an IP address and subnet mask on the existing network. Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new 2008 machine to the existing domain as a member server

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select “Additional Domain Controller in an existing Domain”

Once Active Directory is installed then to make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand, Sites, Default first site and Servers. Right click on the new server and select properties and tick the”Global Catalog” checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

If necessary install DNS on the new server. Assuming that you were using Active Directory Integrated DNS on the first Domain Controller, DNS will automatically replicate to the new domain controller along with Active Directory.

If you want to transfer the FSMO roles to the 2008 machine (probably a good idea) then the process is as outlined at http://www.petri.co.il/transferring_fsmo_roles.htm

Netometer has a nice video – http://www.netometer.com/video/tutorials/windows-dc-2008-add-upgrade/index.php

August 20, 2008 Posted by titn003 | Uncategorized | | No Comments Yet

Site Recovery Manager

practical_guide_dr 

This VMware VMbook focuses on business continuity and disaster recovery (BCDR) and is intended to guide the reader through the step-by-step process to set-up a multisite VMware Infrastructure that is capable of supporting BCDR services for designated virtual machines at time of test or during an actual event that necessitated the declaration of a disaster, resulting in the activation of services in a designated BCDR site.

Index of contents

§ Chapter 1: Introduction

§ Chapter 2: Understanding and Planning for BCDR

§ Chapter 3: Virtualization and BCDR

§ Chapter 4: High-Level Design Considerations

§ Chapter 5: Implementing a VMware BCDR Solution

§ Chapter 6: Advanced and Alternative Solutions

§ Chapter 7: Service Failover and Failback Planning

§ Chapter 8: Service Failover Testing

§ Chapter 9: Network Infrastructure Details

§ Chapter 10: Storage Connectivity

§ Chapter 11: Storage Platform Details

§ Chapter 12: Server Platform Details

§ Appendix A: BCDR Failover Script

§ Appendix B: VMware Tools Script

August 16, 2008 Posted by titn003 | Uncategorized | | No Comments Yet