Windows Server 2012 has several new characteristics and betterments over the old versions of Windows Server that will greatly heighten GAI’s networking ability. Some of these new characteristics and betterments include sweetenings to Active Directory. updated Group Policy. improved File and Storage Services. enhanced DNS and DHCP server functionality. every bit good as betterments to the Hyper-V functionality. These betterments will supply GAI the ability to better keep the security of their web by commanding user histories. every bit good as user and computing machine entree. They will besides supply more streamlined DNS and DHCP procedures and let the organisation to make and pull off an improved virtualized environment. Active Directory is a centralised database that provides services to pull off and command user histories and computing machines. command entree and supply hallmark. every bit good as implement and enforce security policies.
These services are Active Directory Domain Services ( AD DS ) . Active Directory Certificate Services ( AD CS ) . Active Directory Federation Services ( AD FS ) . Active Directory Lightweight Directory Services ( AD LDS ) . and Active Directory Rights Management Services ( AD RMS ) . AD DS. provides the agencies to make scalable. secure. and manageable substructures for user and resource direction ( AD DS Overview. 2013 ) . AD CS provides services for publishing and pull offing digital certifications for coding digitally subscribing paperss ( AD CS Overview. 2013 ) . AD FS provides clients with a agencies to firmly entree internal sites and resources AD FS Overview. 2013 ) . AD LDS provides informations storage and entree for directory-enabled applications ( AD LDS Overview. 2012 ) .
Ad RMS uses tools such as certifications. encoding and hallmark. to supply the ability for the organisation to make information security solutions ( AD RMS Overview. 2012 ) . Group Policy is used to put up constellation scenes that can be applied to objects such as users or computing machines ( What’s New in Group Policy in Windows Server. 2014 ) . There are many different policies you can use with Group Policy. some common 1s are Account Policies. Local Policies. File System Policies. every bit good as Software Restriction Policies. With Account Policies. you can put the parametric quantities that must be met for history watchword length. complexness demands. the maximal and minimal sum of clip a watchword can be used. and lockout continuances for wrong watchword. With Local Policies. you can command what ability a user has on a computing machine. such as accessing the web. endorsing up files. or closing down the computing machine.
You can besides utilize Local constabularies audit events such as log on and off events. With File System Policies you can configure file and booklet entree permissions on multiple computing machines. You would utilize Software Restriction Polices to place allowed and denied package. every bit good as restrict package use to peculiar users or groups. File and Storage Services provide the tools need to pull off shared file waiters. The File and Storage Services characteristic Work Folders allows users to entree work files stored on the file waiters from their personal devices ( File and Storage Services Overview. 2013 ) . You can utilize the Storage Spaces characteristic to deploy high handiness storage that is resilient and scalable by utilizing industry-standard discs. Another utile characteristic is the Server Manager characteristic. which allows decision makers the ability to pull off multiple file waiters from one interface. The File and Storages function Distributed File System ( DFS ) Replication provides the agencies to retroflex file and booklet informations across multiple sites and file waiters.
The overall functionalities of both DNS and DHCP waiters were greatly improved with Windows Server 2012 over the old versions of Windows Server. DNS Security Extensions ( DNSSEC ) support in Windows Server 2012 now supports the updated DNSSEC criterions. it supports Active Directory-integrated DNS scenarios such as dynamic updates in DNSSEC zones. and trust ground tackle distribution through Active Directory is now automatic. every bit good as easier deployment and direction of DNS waiters through PowerShell ( What’s New in DNS Server in Windows Server. 2014 ) . One betterment to DHCP waiters include DHCP failover. which provides the ability to portion IP references and constellations between two DHCP waiters so they both can supply IPs from the same range. This will supply uninterrupted handiness in instance one of the waiters fail ( What’s New in DHCP Server in Windows Server. 2014 ) . Another bettering to DHCP waiter functionality is now the waiter can measure DHCP petitions against constabularies that have been antecedently defined. The defined policies can include what seller type. user category. and MAC references.
Hyper-V allows you to make and pull off a virtualized machines. Some of the characteristics that are new or were updated with Windows Server 2012 are client hosted Hyper-V. improved dynamic memory and storage migration. With client Hyper-V. you can run Hyper-V in a desktop operating system. which means you no longer hold to put in a waiter OS to run host Hyper-V. The dynamic memory betterments include the ability to configure the minimal memory scenes. This will better hardware allotment when hosting multiple practical machines on one computing machine. With the new storage migration ability. you can now travel practical difficult discs from one physical location to another while the practical machine is running. This allows for easier direction of the physical storage locations irrespective of the province of the practical machine ( What’s New in Hyper-V for Windows Server. 2012 ) . Deployment and Server Editions
There will be a sum of 11 waiters needed for the web. There will be 7 waiters in the LA part and 4 waiters in the New York part. LA Region: There will be a sphere accountant ( LADC ) with the AD DS. DNS. File and Storage services. Print and Documents Services roles installed. This waiter will supply the Active Directory sphere accountant map to pull off the web users and devices in the LA part. It will besides supply the DNS function which will supply name declaration. intending it will map IP references to hostnames or frailty versa. There will be a file waiter ( LAFileServer ) with the File and Storage services. Print and Documents Services roles installed. This will be he shared file waiter for LA part. There will be a DHCP waiter ( LADHCP1 ) with the DHCP waiter function installed. This waiter will supply the DHCP services for the LA part. The DHCP waiter will automatically supply IP addresses to the clients that connect to the web. There will besides be a 2nd DHCP waiter ( LADHCP2 ) with the DHCP waiter function installed.
This waiter will supply mistake tolerance in the event the first DHCP waiter is unavailable. There will be a Web waiter ( LAWeb ) with the Web Server ( IIS ) . AD CS. Print and Document Services roles installed. This waiter will host the organization’s web site. It will besides supply certification hallmark for users who entree the site. There will be a Windows deployment waiter ( LAWDS ) with the Windows Deployment Services ( WDS ) Role installed. This waiter will be used to deploy Windows Operating Systems to freshly add devices. There will be a Windows update waiter ( LAWSUS ) with the Windows Server Update Services ( WSUS ) function installed. This waiter will be used to put in needed updates on web devices. New York Branch:
Due to the limited IT staff at the New York subdivision. there will be a read merely domain accountant ( NYDC ) with the read merely AD DS. read merely DNS. File and Storage services. Print and Documents Services roles installed. The sphere accountant LADC will retroflex the sphere database to this waiter and this waiter will maintain a read merely transcript. significance this waiter can non compose to Active Directory. Another benefit of adding a read merely domain accountant is that users in New York will hold quicker logon times thanks to credential caching. There will be a file waiter ( NYFileServer ) with the File and Storage services. Print and Documents Services roles installed. This will be he shared file waiter for New York subdivision. Due to security concerns with broadcast medium DHCP packets over the WAN. there will be a DHCP waiter ( NYDHCP1 ) with the DHCP waiter function installed. This waiter will supply the DHCP services for the New York subdivision. To supply mistake tolerance for the New York subdivision a 2nd DHCP waiter ( NYDHCP2 ) will besides be installed. What edition of Windows will be used for each waiter?
Both Windows Server 2012 Standard and Datacenter back up up to 64 CPU sockets and 4 Terbium of RAM. waiter bunch and Server Core installing. Both support unlimited LAN connexions. limitless coincident Routing and Remote Access ( RRAS ) connexions. and limitless coincident Remote Desktop ( RD ) connexions. The difference between the two is the Standard merely hosts two virtualized machines on one licence with Hyper-V and with Datacenter you can host limitless practical machines. Another consideration is to maintain in head is that Datacenter is significantly more expensive than Standard. With that said. unless the company plans to host many practical machines. the Standard edition will be equal. Will Server Core be used on any waiters?
With Server Core there is no GUI. no direction tools. merely the bid line. It is designed to be used on waiters that do non hosts waiter applications or waiters with comparatively small activity other than their primary function. It is used to supply better stableness. simpler direction and care. and can supply a more secured installing over a Full installing. Server Core will be used on the file waiters. the DHCP waiters. and the read merely domain accountant. Active Directory
In this web. there is one root sphere ( LA ) and a kid sphere ( New York ) . To better pull off the company’s resources. the company will be divided into five Organizational Unit of measurements ( OUs ) based on the sections in the organisation. Executive ( Executives ) . Acct-Sales ( Accounting and Gross saless Department ) . Creative-Media ( Creative. Media and Production section ) . HR-Finance ( Human Resources and Finance ) . and IT ( IT staff ) . Security groups will be used to let users entree to section files and curtail other users who do non necessitate entree. Group Policies will be implemented based on the responsibilities performed and the sum of entree required by each section. DNS and DHCP
Assuming the company will be utilizing private IP addressing. the subnet for the LA part will be 192. 168. 0. 0 /24. The DCHP range scope will be from 192. 168. 0. 1 to 192. 168. 0. 254. An exclusion will be set up for IPs 192. 168. 0. 1 to 192. 168. 0. 39 so that these IPs can be statically assigned to waiters and pressmans in the web. The subnet for the New York part will be 192. 168. 1. 0 /25 and the DHCO range scope will be 192. 168. 1. 1 to 192. 168. 1. 126 with an exclusion in topographic point for the IPs 192. 168. 1. 1 to 192. 168. 1. 9 so those Information sciences can be statically assigned to waiters and pressmans. For mistake tolerance. DHCP failover will be implemented at both sites. utilizing both DHCP waiters at each site. GIACorp. com will be used as the root sphere name for the LA part and NewYork. GIACorp. com will be used as the New York subdivision sphere name ( Figure 1 ) . On the LA DNS waiter. an Active Directory-integrated DNS zone will be used and the New York DNS waiter will be used set up as a secondary DNS waiter. This manner the LA DNS waiter will retroflex zone informations down to the New York DNS waiter. Application Servicess
Software deployment will be done through Group Policy. To put up package deployment. we must foremost obtain the package installing bundle and topographic point it in a distribution point that is accessible to the computing machines throughout the web. Once that is complete. we so must put up a Software Installation Policy and take to either Assign. which will put in the package automatically. or Publish. which will do the package available in the Add/Remove Programs check on the computing machine and the user can put in the package if needed. Once the policy is set up. you can so delegate it users or computing machines in the OU that requires it. Given the nature of the company. package such as Microsoft Office. Adobe. and exposure redacting package may be needed and can be distributed this manner. File and Printer Sharing
FSRM quotas will be used on the file waiters to pull off the infinite bounds for the different sections. Soft quotas will be used as the company is get downing up to supervise the sum of informations being stored on the waiters. This manner the IT staff can have presentments when a section goes over the assigned bound and can do accommodations to the size allotted. Given that there will be at least one user from each of the sections at both sites. shared booklets for each of the sections will be used for the users to portion files. DFS will be used to make a domain-based namespace. NTFS file permissions for users and groups will be used. but to turn to the concerns of some sections desiring their informations to stay private from other sections. access-based numbering ( ABE ) will besides be used to curtail user entree to files they do non hold entree to.
Active Directory Domain Services Overview ( August 7. 2013 ) . Retrieved July 29. 2014 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/hh831484. aspx Active Directory Certificate Services Overview ( June 24. 2013 ) . Retrieved 29 July. 2014 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/hh831740. aspx Active Directory Federation Services Overview ( November 1. 2013 ) . Retrieved July 29. 2014 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/hh831502. aspx Active Directory Lightweight Directory Services Overview ( February 29. 2012 ) . Retrieved July 30. 2014 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/hh831593. aspx Active Directory Rights Management Services Overview ( February 8. 2012 ) . Retrieved July 30 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/hh831364. aspx What’s New in Group Policy in Windows Server ( July 3. 2014 ) . Retrieved July 30. 2014 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/dn265973. aspx # BKMK_GP2012 File and Storage Services Overview ( September 9 2013 ) . Retrieved July 30. from
hypertext transfer protocol: //technet. microsoft. com/en-us/library/4cb00829-8d05-4499-8adc-7506e159f857 # BKMK_NEW What’s New in DNS Server in Windows Server ( July 3. 2014 ) . Retrieved 30 July. 2014 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/dn305898. aspx # BKMK_DNS2012
What’s New in DHCP in Windows Server ( July 3. 2014 ) . Retrieved July 30. 2014 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/dn305900. aspx # BKMK_DHCP2012 What’s New in Hyper-V for Windows Server 2012 ( June 6. 2012 ) . Retrieved July 30. 2014 from hypertext transfer protocol: //technet. microsoft. com/en-us/library/hh831410. aspx # BKMK_storagemigration