Chapter 1: Deploying Servers

The study guide for 70-643 assigns an imprecise name to this topic, hence the chapter name doesn’t reflect the breadth of material that is presented within it. I will show you several technologies related to deploying large numbers of computers running Windows including Windows Deployment Server and Windows activation. I’ll also discuss the virtualization technology included with Windows Server 2008, Hyper-V. This is Microsoft’s first hardware-based hypervisor virtualization solution and it has tremendous potential to facilitate server consolidation and other capabilities. Then I’ll introduce the clustering and load-balancing features and finally the data storage technologies supported by the operating system (OS).

  • Deploy images by using Windows Deployment Services.
  • Configure Microsoft Windows activation.
  • Configure Windows Server Hyper-V and virtual machines.
  • Configure high availability.
  • Configure storage.

Deploy Images by Using Windows Deployment Services

Windows Deployment Services (WDS) in Windows Server 2008 replaces Remote Installation Services available in earlier versions of Windows Server. WDS has many improvements, some of the most significant include support for multicast data transmission, use of Windows PE as the boot operating system, and better Trivial File Transfer Protocol (TFTP) and Preboot Execution Environment (PXE) performance. An important limitation of WDS is that it does not support IPv6. After installing the WDS server role the process of deploying new computers is as follows:

  1. Copy Boot.wim from the Windows Server 2008 installation media to the WDS server.
  2. Copy Install.wim from the Windows Vista installation media to the WDS server.
  3. Create a custom image from the boot.wim file if desired.
  4. Install Windows Vista on a reference computer using install.wim or Windows Vista installation media.
  5. Customize settings and install other applications on the reference computer.
  6. Use Sysprep to ‘generalize’ the OS on the reference computer.
  7. Reboot the reference computer using a capture image.
  8. Use the Image Capture Wizard to recapture the OS and store it on the WDS server.

WDS is an important server role because when used effectively it drives down the cost of deploying and maintaining computers that run Windows. It improves the process of deployment by automating much of the work involved. WDS lowers maintenance costs by ensuring that new computers are configured identically so that you can be certain users have access to the applications they need and administrators can be confident that the initial system configuration is predictable and reliable. After deployment you need to use other technologies like group policy to ensure the computers remain configured as planned by the information technology team.

Installing WDS

The following are important prerequisites: the WDS server must be a member server or domain controller (DC) in an Active Directory Directory Services (AD DS) domain; there must be a functional DHCP server available; DNS must be available; the server must have an NTFS volume available for storing image files. Install the WDS server role using Server Manager on a computer in your practice lab. Install both role services, but note their differences:

  • Deployment Servers include all WDS functionality including image creation, management, and deployment. It requires the Transport Server role service.
  • Transport Servers only include a portion of WDS functionality such as the core networking components, they can be used to deploy images.

After the installation wizard completes open Windows Deployment Services from the Administrative Tools folder, expand the list of servers in the navigation pane, right-click on the new WDS server, select Configure Server, and use the wizard to complete the initial configuration of the server. You will add images to the WDS server in the next section.

Creating WDS Images

Think of WDS images, sometimes referred to as .wim files, as an entire operating system packaged into a single file. WDS uses two types of images:

  • Boot images are used to boot client computers and launch the operating system installation process. The Windows Server 2008 installation DVD has a boot image, \sources\boot.wim, that includes Windows PE and the WDS client.
  • Install images are the OS images that you deploy to clients. You can use the install.wim from the installation DVD or you can create your own.

To add the default images insert the Windows Server 2008 installation DVD into the server. Alternatively you can capture an ISO image of the installation DVD if you are using Virtual PC in your practice lab. Expand the server in the WDS MMC snap-in, right-click Boot Images in the navigation pane and select Add Boot Image. Specify the location of the boot.wim and follow the instructions to complete the wizard. Now insert a Windows Vista installation DVD right-click Install Images in the navigation pane, select Add Boot Image, and navigate to the boot.wim file on the DVD, to save space you may want to deselect all but one of the images as shown in figure 1. If you do not have a Windows Vista installation DVD you can use the Windows Server 2008 one instead.

Figure 1: Selecting WDS Images.

You are now prepared to deploy Windows Vista in your practice lab using WDS. You could create a new virtual machine (VM) in Virtual PC, boot it, and press f12 when prompted to allow the PXE boot to proceed, as shown in figure 2.

Figure 2: Selecting a PXE boot.

At that point the boot.wim file is downloaded to the client and Windows PE launches to walk you through selecting and installing an install image. Most organizations will want to customize the installation image at this point. Customize the reference computer as desired by installing applications and configuring settings as appropriate. Then you need to create a capture image by doing the following in Windows Deployment Manager on the WDS server:

  1. Expand Boot Images in the navigation pane.
  2. Right-click on the desired boot image and select Create Capture Boot Image
  3. Specify a location to save the image file and complete the wizard.
  4. Right-click on Boot Images and click Add Boot Image.
  5. Navigate to the new capture image and complete the wizard.

Now you need to ‘generalize the reference computer, that is, use sysprep to prepare the computer to be captured into a new image file. Do the following:

  1. Open a command prompt with administrative privileges on the referene computer.
  2. Navigate to \%systemroot%\System32\Sysprep and enter sysprep /oobe /generalize /reboot if the computer is running Windows Vista. If it was running Windows XP you would enter syssprep –mini –reseal –reboot instead.
  3. When the computer restarts boot from the network by pressing F12 when prompted.
  4. Select the capture image that you created earlier and click Next.
  5. Specify a drive for to capture then enter a name and description for the image, then click Next.
  6. Specify a folder where the capture image will be stored, enter a name for the image file, then click Save.
  7. Select Upload image to WDS server, enter the name of the server, and click Connect.
  8. Provide credentials if prompted, select an image group where the image will be stored and click Finish.

Your new, customized image is now ready to be deployed to PXE-enabled computers.

Note: Instead of using a capture image you can also use ImageX.exe to capture the image from a computer; however that is beyond the scope of the exam and this book. To learn more about using ImageX read the Windows Vista Deployment Step by Step Guide.

WDS in the Real World

Did you notice how large the image files can be? If you include a large number of client applications in your image files they may approach 10 gigabytes in size! WDS has to read these images and transmit them over the network to WDS clients. This means that WDS requires a lot of storage, reads a great deal of data from the storage volume, and transmits that data over the network. For a production environment I suggest that you install a high speed hard drive that is separate from the one containing the system volume, and use this disk for storing images. You could even configure a Redundant Array of Inexpensive Disks (RAID) array to improve performance. I also suggest that you build your WDS environment on an isolated network segment to minimize the impact on other network services. Although its not listed as a subject for the exam you should investigate leveraging multicast transmissions to improve WDS network performance.

Creating Discover Images

You can even use WDS with computers that do not support PXE. You create a discover image and burn it to a CD or DVD or store it on a flash drive then boot the target computer from this media. To create a discover image from Windows Deployment Services do the following:

  1. Expand Boot Images in the navigation pane.
  2. Right-click on the desired boot image and select Create Discover Boot Image
  3. Follow the instructions to complete the wizard.
  4. Install the Windows Automated Installation Kit (AIK).
  5. Open Windows PE Tools Command Prompt from the Start menu.
  6. Enter CopyPE <architecture> c:\winpe where <architecture> is the CPU architecture, either x86, amd64, or ia64.
  7. Enter Copy /y c:\<imagename>.wim c:\Winpe\ISO\Sources, where where <imagename> is the name of the .win image file you wish to use.
  8. Enter Cd C:\Program Files\Windows AIK\Tools\PETools.
  9. Enter Oscdimg -n -bc:\winpe\ISO\boot\etfsboot.com c:\winpe\ISO c:\<imagename>.iso, where <imagename> is the name of the .iso image file you wish to use.

Use your favorite CD or DVD burning tool to create a disc based on the .iso image you created in step 9. You can boot client computers using this disc and connect to the WDS server to download and install images.

 Configure Microsoft Windows Activation

Presumably you know what activation means with regards to Microsoft products. This part of the exam is focused on Windows Volume Activation, the technology Microsoft has created to help large organizations manage the activation process internally so that clients to not need to connect to the publicly accessible activation services that Microsoft hosts. There are two solutions available, one is Multiple Activation Key (MAK), the other is Key Management Services (KMS). MAK is used for a one-time activation with Microsoft’s activation services, the organization activates once and can reuse the MAK for as many clients as their license agreement allows. With KMS an organization deploys a KMS host on their internal network and clients activate by contacting it rather than Microsoft’s activation service. This section focuses on deploying KMS.

KMS will only activate clients after a certain number of physical computers have contacted it, called the activation threshold. Computers running Windows Server 2008 can start activating with KMS after five of them have registered with the KMS host. Computers running Windows Vista can activate after the KMS host has determined that at least twenty five computers with that OS are present. Virtual computers do not count, so it is unlikely that you will be able to get KMS fully operational in your practice lab. Clients find their KMS host by querying the internal DNS server to see if a KMS service (SRV) resource record (RR) has been created. If no such DNS record exists the clients will try to activate with Microsoft’s activation service.

KMS does not require a great deal of resources and therefore can be hosted on servers that are providing other services. Although KMS does not include virtual computers in the activation threshold count you can run KMS on a VM. A single KMS host can support an unlimited number of clients but organizations should deploy two in each location for failover purposes. The KMS host is included with Windows Server 2008, the KMS client is included with both Windows Server 2008 and Windows Vista.

If your DNS servers allow clients to automatically publish records via dynamic DNS (DDNS) then you do not need to create the KMS SRV record, but only the first KMS host will be able to create and update the record therefore you need to make sure that all of the KMS hosts have permissions to it. Create a global security group in Active Directory, add each of the KMS hosts to the group, and set permissions on the DNS server to allow that group to update records. If is not used you can manually create the SRV record in the forward lookup zone for the domain with the following information:

  • Service: _VLMCS
  • Protocol: _TCP
  • Port number: 1688
  • Host offering the service: <Hostname of the KMS host>

You can configure KMS to automatically publish records to multiple DNS domains by adding a multi-string registry value named DnsDomainPublishList to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SL registry key, enter a line-delimited list of each DNS domain suffix that KMS should publish to. After creating or changing this registry value restart the Software Licensing Service.

Tip: If you do not remember how to create DNS records review Configuring DNS for Active Directory to refresh your memory.

To install a KMS host you need to acquire a KMS key from Microsoft, configure the key on the computer, then activate it using Microsoft’s activation service. Computers running Windows Vista, Windows Server 2008, and Windows Server 2003 can all act as KMS hosts. Once you have the KMS key open a command prompt with administrative privileges and enter the following

cscript C:\windows\system32\slmgr.vbs /ipk <KmsKey>

Then, to activate online enter:

cscript C:\windows\system32\slmgr.vbs /ato

To activate over a telephone  enter:

slui.exe 4

Restart the Software Licensing Service after activation is complete. Oddly, the for guide for exam 70-643 lists “replicate volume license data” as a topic, yet KMS does not require backing up any data files or copying data between KMS hosts. Once you create a KMS host everything works automagically. If the KMS host fails and you lose all of the data it does not matter, set up a new KMS host, make sure the SRV record points to the new host, and everything will resume working.

 Configure Windows Server Hyper-V and Virtual Machines

Hyper-V is Microsoft’s hypervisor-based virtualization technology, the beta version of Hyper-V is included on the installation media of Windows Server 2008. A free update is available from Microsoft to install the final version, which was released in mid-2008. Hyper-V requires hardware-assisted virtualization and hardware-based Date Execution Protection (DEP), which is available on most recently manufactured server-class computers, and even many laptop and desktop systems. I have running Hyper-V on a Lenovo T61for 8 months, using alpha builds that were available months before the release of Windows Server 2008.

Installing Hyper-V

Before attempting to install the Hyper-V server role in your practice lab verify that the target computer has an x64-based processor that supports hardware-assisted virtualization, e.g. Intel VD or AMD Virtualzation, and DEP. Make sure that the settings for both hardware-assisted virtualization and DEP are enabled in the BIOS, check with the manufacturer to learn how to enable them if you are uncertain. After modifying these settings you should power down the computer and then reboot it, simply restarting the computer may not cause the changes to take effect. You need to install a 64-bit version of Windows Server 2008, Hyper-V is not available in the 32-bit versions. To upgrade to the final release of Hyper-V install the update described in Description of the update for the release version of the Hyper-V technology for Windows Server 2008. The update is also available through Windows Update.

You can install the Hyper-V server role using Server Manager just like any other server role, if you do so specify that you will configure virtual networking later. Hyper-V works great when installed on Windows Server 2008 server core, you can manage everything from a command prompt or manage the server remotely from a Windows Vista or a different Windows Server 2008 system. If you want to manage Hyper-V servers from a computer running Windows Vista you will need to install the Windows Server 2008 Remote Server Administration Tools for Windows Vista Service Pack 1. To install the Hyper-V server role from a command prompt enter the following:

Start /w ocsetup Microsoft-Hyper-V

 Configuring Hyper-V

The first thing to do after installing Hyper-V is to configure the virtual networks on the host computer, referred to as the parent partition. VMs running on the machine are also called child partitions. With Hyper-V all operating system instances including the host are virtualized. Open Hyper-V Manager from the Administrative Tools folder, right-click on the server in the navigation pane, and select Virtual Network Manager. You can three types of virtual networks. External networks bind to the physical network adapter installed on the host machine, when used VMs can access the network connected to the network adapater. Internal networks only allow communication between the all of the VMs running on the host and the parent partition. Private networks only allow communication between the VMs installed on the same machine. Create an external network by clicking Add, then enter a name for the network, select a physical adapter for the connection, and click OK, as shown in figure 3.

Figure 3: Creating a Virtual Network.

Now right-click on the server in the navigation pane, and select Hyper-V Settings. Use this dialog box to change the default location for storing virtual hard disks (VHD) and VM file. A VHD is a disk image, literally, a hard disk saved as a single file. The VM file that contains the configuration settings for the VM including the name and location of any VHDs used by that VM. You can change several other less significant settings in this dialog box.

 Managing Virtual Machines

Creating and managing VMs in Hyper-V is similar to working with them in Virtual PC, as described in Configuring DNS for Active Directory. To create a new VM and VHD right-click on the server in the navigation pane, select New, then select Virtual Machine. The wizard will prompt you to specify names for the VHD and VM files, how much memory to assign to the VM, and which virtual network to use, as shown in figure 4. You can create a new VHD or use an existing one. Complete the wizard.

Figure 4: Creating a New VM.

At this point you could boot the VM and install an operating system, rather than fill several pages with step-by-step instructions on how to install Windows Vista, the rest of this section will focus on features unique to Hyper-V. Right-click your new VM and select Connect. A new window appears that you use to manage the VM, many of the commands available in this window can also be accessed by right-clicking on the VM in Hyper-V Manager. Select Start from the Action menu to turn the VM on, the fact that no OS is installed is irrelevant at the moment. Click the Action menu again, notice the Insert Integration Services Setup Disk is now enabled, as shown in figure . If you were logged into an OS on the VM selecting this command would allow you to install the VM additions that enhance integration between the guess OS and Hyper-V. Also note the Snapshot command is enabled, snapshots replace the undo disks available in Virtual PC. A snapshot is a point-in-time copy of the VM, its useful but not as flexible as a backup created with Windows Server Backup. You can take a snapshot of a VM after you have configured it the way you want to and then revert to the snapshot version after hopelessly damaging the VM during testing. For production VMs you should use Windows Server Backup to help with disaster recovery.

Figure 5: Using and Configuring a VM.

Configure High Availability

High availability refers to the implementing technology and processes to increase the likelihood that a network service will remain accessible when one or more components fail. There are numerous ways to increase system availability; some can actually reduce costs by lowering operational expenses, e.g. an effective change and configuration regimen tends to lower operational costs while increasing service uptime. Systems administrators tend to dream of quickly implementing the latest products that improve availability but it is important to remember that good systems management is critical when striving to increase availability. Another approach is to increase the availability of a single system by installing backup components within it. For example, configuring a level 5 Redundant Array of Inexpensive Disks (RAID) ensures that the failure of a single disk will not cause any data to be lost. Computer vendors also offer servers that support multiple power supplies, hot-swappable components, teamed network interface cards, and other technologies to allow the computer to continue running after a part no longer functions. The test however, is likely to focus on two methods which involve deploying redundant servers, these are discussed in the subsections that follow.

Implementing Failover Clustering

A failover cluster, also called a high availability cluster, is a group of two or more servers that offer identical network servers. They monitor one another; typically by sending heartbeat signals on a private network, when one fails the others assume the load that had been carried by the server that is no longer online. There are many variations on this type of clustering, servers located in the same facility might share the same data storage device so that they both are always working with the same information. Geographically separated clusters must rely on data replication between sites to keep information up-to-date at each location. In an active-active cluster both servers provide network services and respond to client request whereas in a passive-active cluster one server responds to queries, the second only becomes active if it determines that its partner is no longer functioning. Failover clustering requires the application to support clustering, the application on the failover server has to initialize and has to complete some processes to become fully functional such as re-establishing connections with clients.

In Windows Server 2008 Failover Clustering is available as a feature in Server Manager. You can install it in your practice lab but you may not have access to hardware required to implement a cluster. A two-node file server cluster requires two nearly identical servers, network adapters, network cables, storage controllers, and a storage device shared by the servers. All of the components must be Certified for Window Server 2008. Some computer vendors offer complete solutions based on Microsoft’s Failover Clustering. You can build your own, but you must be diligent in ensuring that the hardware is compatible.

First deploy the hardware following the manufacturer’s instructions, then install Windows Server 2008, and then install Failover Clustering. To verify the configuration will work open Failover Cluster Management from the Server Tools folder and click Validate a Configuration in the details pane. This procedure launches a wizard that will test the system, as shown in figure 6.

Figure 6: Validating a Failover Cluster Configuration.

After validation succeeds click Create a Cluster to start another wizard that will walk you through the process of building the failover cluster. To configure a file server cluster click Manage a Cluster and do the following:

  1. Select the cluster to configure.
  2. Expand the cluster in the navigation tree, click Services and Applications, then click Configure a Service or Application in the actions pane to start the High Availability Wizard.
  3. Click Next on the first page, then click Select File Server from the list of services and applications, as shown in figure 7. Click Next.

Figure 7: Selecting the File Server Service.

  1. Provide a name for the cluster, enter any IP address information not being provided via DHCP, and specify what storage volumes the cluster will use. Complete the wizard.
  2. Now you can click Add a shared folder in the actions pane when Services and Applications is selected in the navigation pane. Provide the necessary information about the shared folder and complete the wizard.

The procedures for creating other types of clusters are similar, however the details will vary depending upon what service or application you specify. Clustering only makes sense for certain server roles, for example, its not necessary to cluster domain controllers because they are designed to continue operating should one fail in a domain. Web servers are another, instead of clustering load balancing is usually a better way to increase their availability. Load balancing is discussed in the next section. I doubt that you need to memorize all of the details of deploying and managing clusters in order to be successful when you sit for the exam, I think that it’s important you understand the capabilities and requirements of Failover Clustering in Windows Server 2008.

Tip: In my experience with clusters, the operating system and application are relatively easy to implement and operate, what is usually more difficult is acquiring the right hardware and deploying it correctly. If this topic is new to you and you are considering implementing server clusters I suggest that you contact several hardware vendors to learn what packaged solutions they offer. For additional information on clustering in Windows Server 2008 visit the links provided in the References section at the end of the chapter.

Deploying Network Load Balancing

Network load balancing is very different than clustering, it’s a technique for dividing work amongst two or more servers. The simplest form of load balancing is round robin DNS. In round-robin DNS the DNS record for a hostname resolves to multiple hosts, the DNS server cycles through the list one at a time when responding to queries so that each server is used by the same number of clients. This approach has a glaring weakness, if one of the servers targeted by round robin DNS fails the DNS server will continue sending clients to it, those clients will be unable to access the application they need. Another approach is to deploy a dedicated network device such as a DistributedDirector from Cisco. Generically speaking, a DNS record points to the network device, you enter the addresses of all of the servers to be load balanced and assign relative weights to them so that the most capable servers receive a larger portion of clients. The network device tracks active connections, should one of the servers go offline the device will redirect clients to other servers that are available. This approach works very well with applications where there is little or no state data maintained for each client, such as a simple website. If the server a client is using goes offline the next HTTP request is sent to a different one and the client continues browsing the website. Things get more complicated when state information is important, for example, a customer using a bank’s website to manage their account. When a server becomes unavailable the client may have to re-establish their SSL connection, then re-enter their account credentials, and then re-enter any information they were in the midst of providing. Application developers can overcome some of these issues by understanding the load balancing technology and maintaining state data for each user in such a way that users can quickly resume working after they establish a connection to a different server. For example, the bank website might store some user state data in a cookie on the user’s computer and the rest in a database accessible to any of the load-balanced web servers. Any web server could retrieve the cookie to see where in the database the rest of the state data is stored. With this approach it does not matter which web server the user connects to, any of them will be able to access all of the user’s session data.

Network Load Balancing (NLB) in Windows Server 2008 provides features similar a dedicated network device, however it is implemented and maintained by the operating system, there is no need to install additional hardware. All of the servers in an NLB cluster have distinct IP addresses, but they also share one, the address for the network service they are providing. NLB provides high availability by ensuring that other servers in the NLB cluster assume the load of one that fails. NLB also provides scalability because you simply add more servers to the NLB cluster to increase capacity. Install NLB by clicking Add Feature in Server Manager. To create a new cluster do the following:

  1. Click on Network Load Balancing Manager in the Administrative Tools folder.
  2. Right-click on Network Load Balancing Clusters in the navigation tree, then select New Cluster.
  3. Enter the hostname or IP address for the first server in the cluster, then select the network interface to be used by the cluster, as shown in figure 8, click Next.

Figure 8: Adding the First Server to an NLB Cluster.

  1. Accept the default values on the Host Parameters page of the wizard and click Next. The value of Priority (unique host identifier) specifies a unique ID for each host, the host with the lowest one processes all cluster traffic that is not covered by a port rule.
  2. Click Add to specify an IP address for the cluster, this is the address that will be shared by all of the servers, it is also the address to specify in the DNS record for the hostname used by clients to access the application. Click OK, then click Next.
  3. On the Cluster Parameters page, enter the host name that will be used to access the NLB cluster and click Next. The cluster operation mode for most applications will be unicast.
  4. Accept the defaults on the Port Rules page and click Finish.

In a production environment you would add at least one more server to the cluster by right-clicking on the cluster in the navigation tree and selecting Add Host to Cluster. You can skip this in your practice lab.

NLB port rules determine how the cluster functions. You can create port rules that specify how each port’s cluster traffic is processed. For example, assigning a higher load weight will cause more cluster traffic to be sent to that port. There are three filtering modes: Multiple hosts, Single host, and Disabled. The filtering mode can be applied to a range of ports. Each rule includes the following parameters:

·         The filtering mode: Multiple hosts, Single host, and Disabled.

·         The protocols to which it applies: TCP, UDP, or both.

·         A port range.

·         A virtual IP address.

·         Load weight.

·         Client affinity: None, Single, or Network. The first two ensure that all traffic from a specific client is sent to the same server in the NLB cluster. By default, all traffic not controlled by port rules is sent to the server with the highest host priority.

Caution: The number and type of rules must match all servers in the cluster. You will be unable to join a server to the cluster if it has a different number of rules.

Configure Storage

Windows Server 2008 includes direct support for a variety of storage technologies. For example, you can configure RAID arrays that combine multiple physical hard disks into a single, logical storage volume in order to increase performance and availability. You can use Storage Manager for SANs to create and manage logical unit numbers (LUNs) on your Storage Aread Network (SAN). It is important that you understand how implement and manage these storage technologies in order to succeed on exam 70-643, however, in my experience systems administrators usually end up becoming experts in the hardware-based solutions available from storage vendors. Why is this? While its good to have the option of implementing software-based RAID within Windows hardware based solutions tend to offer higher performance and a wider range of design options. SAN vendors usually direct their customers to use the management software included with their solutions, however, now that Windows Server 2008 has management capabilities built in perhaps this will change.

Note: A VM in Virtual PC can have up to three virtual disks, so you can perform some storage management tasks in your practice lab but you will not have access to some features such as RAID 5 arrays or SANs if you do not have Windows Server 2008 installed on a physical server with the appropriate hardware installed.

Managing Disk Storage 

In Windows Server 2008 new disks are automatically brought online unless they are on  a shared buss such as SCSI or Fibre Channel. You must bring a disk online before you can initialize it or create volumes on it. New disks must be initialized before you can use it, if you start Disk Management after installing a disk the Initialize Disk Wizard will guide you through the process. Disk Management is an MMC snap-in that is part of the Computer Management console in the Administrative Tools folder. Disk Management relies on the Virtual Disk Service (VDS), the system service that enables management of disks, volumes, partitions, and iSCSI initiators. It provides a single interface for administering disks locally and remotely. Windows includes built-in providers for managing many kinds of storage devices, hardware vendors can write additional providers to enable management of their solutions.

Disks can be dynamic or basic. With dynamic disks volumes can span multiple disks, whereas basic disks only support logical drives, extended partitions, and primary partitions. Disks can use a Master Boot Record (MBR) or a Globally Unique Identifier (GUID) partition table (GPT). MBR disks use the standard BIOS partition table while GPT disks use the extensible firmware interface (EFI) and they support more than four partitions as well as disks larger than 2 terabytes. To create a volume or change disk types right-click on the disk in the left column as shown in figure 9. If you right-click on the right column the commands to change disk types are not visible.

Figure 9: Configuring a Disk.

Windows Server 2008 supports several types of volumes:

  • Simple volumes are dynamic volumes consisting of space from a single dynamic disk.
  • Spanned volumes are dynamic volumes consisting of space from more than one physical disk, the risk of data loss is higher because if any disk fails the entire volume will be unusable.
  • Striped volumes, also called RAID-0 arrays, is a dynamic distribute data across multiple disks to improve performance however they increase the risk of data loss because if any disk fails the entire volume will be lost.
  • Mirrored volumes, also called RAID-1 arrays, copy data across two disks which means that no data will be lost if one of the disks fails.
  • RAID-5 volumes are striped disks with parity, data is written across multiple disks which improves performance but the risk of losing data is lost because parity information is stored. RAID-5 volumes require at least three disks, and the storage provided by one disk is required for the parity data.

When you create a new volume you can assign a driver letter to it or mount it in an empty NTFS folder on an existing volume, as shown in figure 10. The folder can be on a dynamic or basic disk, but it must be empty and the volume must be formatted with NTFS. Mount points can help you overcome the problem of running out of drive letters on a computer that hosts numerous  storage volumes.

Figure 10: Mounting  a New Simple Volume.

 Managing Storage Area Networks

Windows Server 2008 includes two other tools for managing disk storage. Storage Explorer is installed by default, you can find it in the Administrative Tools folder. Storage Manager for SANs is an optional feature that you can install from Server Manager. Storage Exporer is used to view and manage Fibre Channel and iSCSI fabrics available on the Storage Area Network (SAN) whereas Storage Manager for SANs is used to create and manage logical unit numbers (LUNs) on Fibre Channel and iSCSI storage subsystems. It may be helpful to define some terms:

  • Network Attached Storage (NAS) is a system connected to a network that provides file-based data storage to other devices on the network. Computers access NAS devices through file-based protocols such as Server Message Block (SMB) and file transfer protocol (FTP). NAS devices may be accessed directly by clients, or they might be accessed as shared folders via a file server.
  • A Storage Area Networks is an architecture for data storage devices connected to a network that appears to be locally attached. Theoretically any storage device could be used but usually a high capacity array of hard disks is employed. Clients do not connect directly to SANs, instead, servers connect to SANs and create volumes or volume mount points which can be used just like locally installed devices. SANs are expensive and therefore tend to only be found in enterprise environments.
  • iSCSI, is Internet Small Computer System Interface, a version of SCSI designed to operate over TCP/IP. iSCSI is used in TCP/IP-based SANs which can use standard network interface cards and cables.
  • Fibre Channel is a very high-speed network technology that requires specialized host bus adapters (HBAs) and fibre channel cables. It is commonly used for SANs.
  • Fabric, or switched fabric, is a network topology where network nodes are connected with one or more network switches. For example, in a Fibre Channel switch fabric, devices are connected through Fibre Channel switches, offering a highly scalable architecture.

These technologies are illustrated in figure 11. Any of the hosts on the network can access the NAS device directly. The hosts can only access the iSCSI storage through the iSCSI-capable server. The hosts can only access the storage on the Fibre Channel SAN through the servers that have the Fibre Channel hardware.

Figure 11: Storage Topology.

Summary

In this chapter you learned how to use WDS to install Windows on large numbers of computers by creating installation images. You also found out how to implement Windows activation on enterprise networks. The virtualization technology included with Windows Server 2008, Hyper-V was introduced. You were also shown how to configure failover clusters, NLB clusters, and storage devices. This chapter covers a broad range of material, I have tried to provide you with enough information to do well on exam 70-643, however I encourage you to study further by visiting the addresses provided in the References section.

Chapter Review

This section presents a list of review questions designed to help reinforce the knowledge presented earlier in the chapter. To persuade you to explore the management tools more deeply a few questions may require you to examine those tools further rather than rereading the chapter.

Questions

  1. You manage a network with two DCs and 400 client computers. The DCs also provide file and print sharing services for all of the users. When you use Reliability and Performance Monitor during business hours to monitor the DCs you observe that they are already very busy with CPU, RAM, and network utilization continuously at 75% or higher. You need to provide additional storage space for the users but cost is an important consideration, what should you do?
    1. Install additional hard drives in each user’s computer.
    2. Install additional hard drives and memory in each DC, upgrade the CPUs in each DC.
    3. Deploy a SAN, connect each DC to it, and move all shared folders to the SAN.
    4. Deploy a NAS device, configure the clients to connect directly to the new device.
  2. You have been using WDS to install Windows Vista on new computers for several weeks. You have several dozen older desktop computers that, while sufficiently powerful to run Windows Vista Business Edition, do not have PXE-capable network cards. You need to install Windows Vista and all of the business applications that you normally install on end-user computers. What should you do?
    1. Create a script to perform unattended, in place upgrades to Windows Vista, run the script on each computer.
    2. Purchase and install PXE-cable network cards in each computer, use WDS to deploy the standard installation image.
    3. Create a discover image, burn it to a DVD, and use WDS to deploy the standard installation image.
    4. Install Windows Vista and the applications from their respective installation media on each computer.
  3. Which of the following terms describes the kind of file that includes an operating system and applications deployed by WDS?
    1. Boot image.
    2. Discover image.
    3. Deployment image.
    4. Install image.
    5. ISO image.
  4. What tasks are required to create a customized install image? (pick 3)
    1. Create a capture image.
    2. Install Windows Vista and the desired applications on a reference computer.
    3. Create a custom Boot.wim file.
    4. Use sysprep.
    5. Install the WDS client on the reference computer.
    6. Install Windows Vista using Boot.wim.
  5.  How many computers must be detected by the KMS host before it will start activating those that are running Windows Vista?
    1. 0.
    2. 1.
    3. 5.
    4. 10.
    5. 25.
  6. What are the recommended methods for activating Windows in large organizations? (pick 2)
    1. Microsoft Activation Services.
    2. Key Management Services.
    3. Multiple Activation Key.
    4. DDNS.
    5. Windows Update.
  7. Hyper-V requires which of the following? (Pick 3)
    1. Windows Server 2008 Enterprise Edition.
    2. A 64-bit version of Windows Server 2008.
    3. Hypervisor.
    4. Hardware-assisted virtualization
    5. DEP.
    6. A multi-core processor.
  8. Which type of Hyper-V network allows child partitions to communicate with each other and the parent partition?
    1. VLANs.
    2. Private networks.
    3. Secure networks.
    4. Internal networks.
    5. External networks.
  9. Can you use BitLocker full volume encryption on Hyper-V parent partitions?
    1. Yes.
    2. No.
  10. Rank the following forms of high availability in terms of cost to implement.
    1. Failover clustering.
    2. RAID 5.
    3. Disk mirroring.
    4. NLB clustering.
  11. You manage a server which hosts an IIS-based application. You need to reduce the likelihood that users will be unable to access the application, which of the following is the best solution?
    1. Implement failover clustering.
    2. Implement NLB clustering.
    3. Install a RAID 5 storage array.
    4. Connect the server to a SAN.
  12. You manage a two-tier IIS-based application. The front-end consists of a series of programs that use ASP and require IIS 7 and the .NET Framework. The back-end is a database application that runs on Microsoft SQL server. You need to increase the availability of the of the application, what should you implement? (pick 2).
    1. Implement failover clustering.
    2. Implement NLB clustering.
    3. Implement disk striping.
    4. Connect the database server to a SAN.

Answers

  1. D is correct, a NAS device will be much less expensive than a SAN and installing one would move some of the load for file sharing services off of the DCs. Upgrading the DCs themselves could help, but it would probably be more costly. Installing more disks in the client computers is not ideal because managing data backups will be more difficult.
  2. C is correct, it’s the quickest and least expensive solution.
  3. D is correct. Boot images are used to boot client computers and initialize the operating system installation process; discover images are similar to boot images but they are used when PXE-capable network cards are not available; the term deployment image is not used in relation to WDS; and ISO images are the files that are burned to DVD and CD.
  4. A, B, and D are correct. Additional steps may be required, such as installing and configuring the WDS server and copying Boot.wim to the WDS server, however answer C is not necessary. Answers E and F are fictitious.
  5. E is correct, the KMS server will not start processing activation requests for Windows Vista clients until it has detected at least 25 unique physical computers running that OS. It requires 5 computers running Windows Server 2008 before it will process requests for that version of Windows.
  6. B and C are correct.
  7. B, D, and E are correct, Hyper-V is only available with 64-bit versions of Windows Server 2008. Hyper-V relies on hardware-assisted virtualization like Intel VD and Data Execution Protection (DEP) memory.
  8. D is correct.
  9. A is correct. I admit that I did not cover this issue in the chapter, but now you know! Microsoft even published a whitepaper explaining how to increase the security of virtual machines by using BitLocker on the parent partition. Note that you cannot use BitLocker on any of the child partitions because of the way in which the BitLocker software interacts with the Trusted Platform Module (TPM).
  10. C, B, D, and A is correct. You are likely to see exam questions where cost is an issue in deciding which of several valid solutions is the best one.
  11. B is correct, with so little information NLB is the best answer because you know that the application is based on IIS.
  12. A and B are correct. NLB clustering is probably the best solution for the IIS-based portion and failover clustering is appropriate for the database portion. Disk striping does nothing to increase availability. A SAN could be part of the failover cluster architecture but it does not have to be.

References

Windows Deployment Services.

Desktop Deployment.

Microsoft Volume Activation.

Hyper-V.

Hyper-V.

Availability and Scalability.

Designing Network Load Balancing.

Step-by-Step Guide for Storage Manager for SANS in Windows Server 2008.