Windows Server 8: Part 1—Active Directory

Slalom consultant and accomplished Microsoft systems developer Derek Martin sheds light on Windows Server 8 (WS8) through his insightful blog series focusing on his research within the technical preview documentation, personal experimentation with the product, and thoughts of how they can apply to the real world as soon as it is released to manufacturing (RTM).

One of the most stable and well designed pieces of software to come out of Microsoft–ever–is Active Directory. While its development was riddled with twists and turns (and the occasional run in with Novell), the identity platform for millions of businesses is a stalwart of stability. Few outside IT Administrators ever know of its existence–and that is the point. The basic ability to authenticate and gain access to corporate resources, be that a computer, a server or a file would not work without the consistent resiliency of this gorgeous database.

Slalom Consultant Derek Martin

Slalom Consultant Derek Martin is an accomplished Microsoft systems developer and integrator, experienced in developing and deploying SharePoint and CRM solutions, integrating line of business applications, and leveraging existing infrastructure investments.

The biggest advantages of Active Directory over other products is its ubiquity. Microsoft has spent untold sums making it accessible and secure to a variety of applications, the entire MSFT stack included. It also is the underpinning of major infrastructural components of many software packages including Exchange, Lync, SharePoint, and thousands of LoB applications. In recent versions, it has gained prominence in the realm of federation, enabling businesses to seamlessly federate their authentication and authorization stores using technologies like ADFS and Claims Authentication. The changes in WS8 around Active Directory continue to provide support for the major system components from previous versions (great backward compatibility) as well as the new features throughout Windows Server (describe later in this series) and support administrators by addressing common pain points. Here’s what’s new:

Simplified Deployment: Similar to Windows 8 Client where everything is touch first, in WS8 everything is PowerShell first! Deploying Active Directory is so much easier now that it can be accurately scripted.  All but the smallest companies have needs to deploy multitudes of AD servers.  In WS8, you can deploy Active Directory on multiple servers at once, export your graphical user interface  (GUI) based configuration to a series of PowerShell scripts and can clone brand new Domain Controllers (think sysprep on steroids) for rapid Active Directory forest topology builds.

Safer Virtualization Support: This exact issue has bitten me! What’s the cardinal sin with virtual machines and Active Directory? DON’T P2V a DC (without following very complex prescriptive processes). The dreaded rollback USN will bite you. Active Directory in WS8, however, recognizes that virtual domain controllers are what enterprises need, so they’ve built in additional replication logic to keep time synchronized with hosts and algorithms that keep things in check when they are virtualized.

These three updates with Active Directory, along with refined management experiences, new/simpler PowerShell commands will make administering your forest much easier. I’ll update this post as more information is learned about any of the underpinnings of Active Directory–I’m particularly interested to see if the schema has changed any!

Slalom Consulting’s Dallas office Slalom Consulting's Project & Cloud focus
Learn more about our Dallas office Learn more about Slalom Consulting Cloud

subscribe by emailSubscribe to follow new Cloud posts

An Ordinary Day with the Client

Slalom Consultant David Van De Somple

Slalom Consultant David Van De Sompele's expertise includes performance tuning, production DBA activities, data modelling, ETL processes and reporting. He's based in Slalom's Seattle office.

If a day with the client is so ordinary, what is there to write about?  That is a fair question and the answer to it is the topic of this article.

Dictionary.com defines the word ordinary as: common, mediocre and unexceptional. But if that is the value you are delivering to your client then you should consider a career other than consulting. As consultants we specialize in various technologies and methodologies.  Blending this expertise with creativity and innovation, we help companies solve complex business and technological problems.  Over time this becomes ordinary to us – it’s what we do – but this ordinary effort from the consultant should look like an extraordinary effort from the client’s perspective.

On rare occasions you may be presented with a particularly challenging situation: uncharted waters, or an unpredictable fluke for which no one has the answer.  And as a senior consultant you must be willing to dig deep and bring the entire breadth of your professional experience to bear in order to solve the problem.  To better illustrate this I’ll relate a recent experience I had.  It was one of those situations in which everything seemed to be going well until a very strange situation occurred and I was asked to jump in and solve the issue. Read more of this post

SQL Server Replication, Push vs. Pull. What is the difference?

Slalom Consultant David Van De Somple

Slalom Consultant David Van De Sompele's expertise includes performance tuning, production DBA activities, data modelling, ETL processes and reporting. He's based in Slalom's Seattle office.

Replication is a very useful method of copying data from production systems to standby servers, reporting servers, and downstream data relay points.  Unfortunately, it is an often misunderstood and/or overlooked technology, even among experienced DBAs.  In my professional career, I have often seen replication misused in an attempt to achieve a goal for which it was not intended.  When it is determined that replication is the correct solution (making that determination will be the subject of a future article), you must install and configure three basic components (these are extremely simplified definitions):

  1. Publisher:  This is the source database or databases containing the information you want to replicate.
  2. Distributor:  This is the database and set of jobs responsible for queuing replicated data from the publisher.
  3. Subscriber:  This is the destination database or databases for data coming from the publisher.

Push and Pull, as named in the title of this article,are the two methods available for Read more of this post

A Microsoft Renaissance

Slalom Consultant Greg Martin

Greg Martin is a member of the Slalom National Mobility team which incubates emerging technology solutions in areas such as mobility, user experience and alternative application hosting.

It seems to me that Microsoft is going through a bit of a renaissance as of late.  Microsoft is a company that I feel no matter where your technology preferences lie, you’ve got to give them their due respect for, frankly, creating the industry we work in everyday.  Over the last 10 years or so it has seemed to me that Microsoft hasn’t been able to catch a break in a world of Googles and iPhones, but here we are in 2010, and to me, it looks like they are turning it around.

Search

Google hasn’t had much of a competitor in the search space for a while, and I’ll admit, when I first heard Microsoft’s latest effort was going to be called “Bing” I assumed it was yet another re-branding effort that wouldn’t amount to much.  Well I was wrong about that, at least if you look at their market share numbers which have been increasing steadily since launch.  I use Bing Travel all the time, I had been a fan of the technology since it launched originally as Seattle based startup Farecast, and their iPhone app is really quite good.

Windows

Windows Vista received a lot of criticism when it launched.  Many IT departments simply refused to adopt it, sticking with their tried & true Windows XP.  Windows 7 appears to have Read more of this post

OCS Ethical Walls

Slalom Consultant Derek Martin

Slalom Consultant Derek Martin is an accomplished Microsoft systems developer and integrator, experienced in developing and deploying SharePoint and CRM solutions, integrating line of business applications, and leveraging existing infrastructure investments.

I do a lot of work with OCS 2007 and its R2 friend.  One of the challenges that I’ve come in contact with is the prevention of certain users from contacting other users (perhaps those higher up the food chain).  Contrary to some beliefs, not everyone should be able to just IM the CEO of a Fortune 100 company!  There was a great posting today that came across my Google Reader about ethical walls for school districts which can be found here from the UC Amigos.  Check it out, download the sample API tool and let me know if you have success!

The cousin of OCS, Exchange, just recently went 2010 flavor as I am sure you already know.  Ethical walls were introduced in EX 07 and have been GREATLY enhanced in 2010.  These walls can be set up for a variety of reasons, regulatory coming to mind quickly.  One good example of combining these EX walls with OCS walls gets into using your AD containers and OUs to match up with the walls you need to define.  That assumes, of course, that your AD is laid out well…another several blog posts later :)

OCS Auditing Made (Slightly) Easier

Slalom Consultant Derek Martin

Slalom Consultant Derek Martin is an accomplished Microsoft systems developer and integrator, experienced in developing and deploying SharePoint and CRM solutions, integrating line of business applications, and leveraging existing infrastructure investments.

Office Communications Server 2007 R2 is an unbelievable product.  There is literally nothing I don’t love about it.  Okay, maybe there are a few things – like redundancy, clustering, ease of installation, number of systems required – okay maybe there are more than a few things…BUT, overall – what a great product!  Software based phone systems are the wave of the future and I’ll be devoting an entire series of posts in the near future about OCS07R2 and how it can be used right now for SMBs and big boy enterprises alike.

One particular challenge of the OCS stack is auditing.  It is built in and works fantastically well.  You even have the opportunity to bring the entire OCS stack down if auditing fails – which is very important thing in a highly regulated environment.  Earlier today (like ten minutes ago) I talked about OCS Ethical Firewalls.  The enforcement of those firewalls is crucial to the success of many deployments, but you can’t prove out the system without auditing.  So there it all sits – every IM conversation (and more) you ever wanted, but the only way to get that data out was to A) query the db by hand (ewe) or B) use the Resource Kit which, if I may say, is … thick to say the least.

Read more of this post

Follow

Get every new post delivered to your Inbox.

Join 129 other followers

%d bloggers like this: