Category: Windows Server

Recent KB Hotfixes for Windows Server 2008 R2 Failover Clustering

I’m catching up after my Norway vacation and the recent Intune roadshow in Ireland.

KB2462468: Unable to manage cluster using failover cluster manager. Error Received: "Connection to the cluster is not allowed since you are not an administrator on the cluster node(s) "

While managing cluster using failover cluster management console we receive the following error:
Error
The operation has failed.
An error occurred connecting to the cluster ‘.’.
[Expanded Information]
An error occurred trying to display the cluster information.
Connection to the cluster is not allowed since you are not an administrator on the cluster node(s) (Node name)

Collapse this imageExpand this image

error that we get when we try to manage cluster

or
When you run the Cluster validation you recieve the following error:
Unable to determine if you have administrator privileges on server "Node name" . Please ensure sure that the server service and remote registry services are enabled, and that the firewall is properly configured for remote access.
Managing cluster using command prompt will still work and will be able to list groups (cluster group), resources (cluster . res) and even be able to do failover of groups (cluster group "cluster group" /move) but will error out while managing cluster using GUI (Failover Cluster Management console).
Note: Command to list group & resources, move group are given in bracket.

This issue occurs if you have server service not started on the node which is shown in the error. Please expand the error to check node name.
Additionally, you may get above mentioned issue due to incorrect protocol enabled which are required for Microsoft clustering.

Open services console and start the Server service.
Ensure the cluster network has both the mentioned below protocol checked:
1. Client for Microsoft networks
2. File and printer sharing for Microsoft networks

KB2008795: Unable to access ClusterStorage folder on a passive node in a server 2008 R2 cluster

On a Windows Server 2008 R2 cluster with Cluster Shared Volume(CSV) feature enabled, a user may be unable to access a CSV volume from a passive (non-coordinator) node. When clicking on a CSV volume, explorer may hang. One or all of the following events may be displayed:

Event ID: 5120
Source: Microsoft-Windows-FailoverCluster
Level: Error
Description: Cluster Shared Volume "volume_name" is no longer available on this node because of "STATUS_BAD_NETWORK_PATH(c00000be)’. All I/O will temporarily be queued until a path to the volume is re-established.

Event ID: 5120
Source: Microsoft-Windows-FailoverCluster
Level: Error
Description: Cluster Shared Volume "volume_name" is no longer available on this node because of ‘STATUS_CONNECTION_DISCONNECTED(c000020c)’. All I/O will temporarily be queued until a path to the volume is reestablished.

Event ID: 5120
Source: Microsoft-Windows-FailoverCluster
Level: Error
Description: Cluster Shared Volume "volume_name" is no longer available on this node because of ‘STATUS_MEDIA_WRITE_PROTECTED(c00000a2)’. All I/O will temporarily be queued until a path to the volume is reestablished.

Event ID generated: 5142
Source: Microsoft-Windows-FailoverCluster
Description: Cluster Shared Volume "volume_name" (‘Cluster Disk #’) is no longer accessible from this cluster node because of error ‘ERROR_TIMEOUT(1460)’. Please troubleshoot this node’s connectivity to the storage device and network connectivity.

When accessing a CSV volume from a passive (non-coordinator) node, the disk I/O to the owning (coordinator) node is routed through a ‘preferred’ network adapter and requires SMB be enabled on that network adapter. For SMB connections to work on these network adapters, the following protocols must be enabled:

  • Client for Microsoft Networks
  • File and Printer Sharing for Microsoft Networks

Review each cluster node and verify the following protocols are enabled the network adapters available for Cluster use

  • Client for Microsoft Networks
  • File and Printer Sharing for Microsoft Networks

1. Click Start , click Run , type ncpa.cpl , and then click OK .
2. Right-click the local area connection that is associated with the network adapter, and then click Properties .
3. Verify that the above protocols appear in the This connection uses the following items box. If either is missing, follow these steps:
a. Click Install , click Client , and then click Add .
b. Select the missing protocol, click OK , and then click Yes .
4. Verify that the check box that appears next to Client for Microsoft Networks is selected.

Personal Note: Those two articles are closely related.  It appears that people are incorrectly unbinding the 2 required networking protocols for CSV: Client for Microsoft Networks & File and Printer Sharing for Microsoft Networks.

KB2637197: CSV LUNs fail if you use a VSS hardware provider to back up virtual machines on a Windows Server 2008 R2-based cluster

Consider the following scenario:

  • You configure a failover cluster that consists of servers that are running Windows Server 2008 R2.
  • You create a cluster shared volume (CSV) that includes some virtual machines that are owned by different cluster nodes.
  • You back up the virtual machines by using a Volume Shadow Copy Service (VSS) hardware provider. For example, you back up a protection group in Microsoft System Center Data Protection Manager (DPM) 2010.
  • The owner of the CSV changes during the backup process.

In this scenario, the CSV logical unit numbers (LUNs) enter a failed state, and do not come online on the next cluster node. Therefore, the backup process fails.
Notes

  • This issue does not occur if you do not use a VSS hardware provider to back up the virtual machines.
  • This issue does not occur if the change of owner of the CSV is not triggered during the backup process.

This issue occurs because the Cluster service incorrectly accesses stale information to determine whether a CSV LUN is in the correct state to start the backup process.

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

Mark Your Calendar: February 29th

Earlier this evening, both Mary Jo Foley and Paul Thurrott blogged that they thought the announcement of the Windows 8 beta (aka Customer Preview) would be happening at Mobile World Conference in Barcelona on February 29th. 

My guess was February 27th … to coincide with MVP Summit 2012.  But I get the mobile tie in with ARM tablets.

I expected MSFT to stay quiet, but the MS Press twitter account said at around 7:20pm (Irish time):

@MicrosoftPress: Just received confirmation that the availability date of the Windows 8 Consumer Preview is February 29th!

And lo and behold, it isn’t a beta, it is a Customer Preview as Mary Jo said it would be several weeks ago.

Odds are it’ll be announced at around 6am Seattle time.  I’ll be in a hotel in the suburb (or “city”) of Bellevue at the time, waiting with a USB 3.0 stick to prep a Windows To Go build and get cracking.  Hopefully my lab will have arrived by then, and I can VPN into work and start building a lovely 10 GB networking Windows Server 8 Hyper-V environment.  Hopefully.

I wonder if MS Press was supposed to tweet that …

Technorati Tags:

Windows Server 8, Core Installation, Server Graphical Shell, and Minimal Server Interface

Another post appeared on the Server & Cloud Platform team blog last night, describing the various ways we can install Windows to get different administration interfaces.  We’re getting:

  • Full installation: all the bells and whistles with a full GUI there all of the time.
  • Minimal Server Interface: there is a GUI that allows “most” local administration tasks.  You won’t have Internet Explorer, the desktop, Windows Explorer, Metro-style application support, multimedia support, or Desktop Experience.
  • Server Core: By default, no GUI at all, just the command prompt and PowerShell.

Microsoft Corporate is recommending (as always) that you use the Server Core installation by default (obviously not for RDS session hosts Smile).  We should be remotely managing the machines using the Remote Server Administration Toolkit (or whatever RSAT will be called when Win8 is RTM).  You probably know my thoughts on that up to now: phooey!  It’s a nightmare to do troubleshooting and we can do stuff quickly with a few mouse clicks in the GUI instead of googling for 30 minutes to find obscure command prompt or POSH commands, which we then need to figure out.  “Learn PowerShell” … yes, once I’ve learned Windows 8 server and desktop, the new Hyper-V, and the 8 or so System Center products that are on the way … and find some time to do the day job.  And learning POSH does nothing to use 3rd party hardware management tools on the servers themselves, e.g. hardware diagnostics that use IE.

I’m not a shouting-at-the-trees-crazy-man vocal minority on this one.  Most people I know who have tried Server Core switch to full installations very quickly, as I did (my first Hyper-V cluster pilot was Core).  And to be a bit more scientific, the Great Big Hyper-V Survey of 2011 backs me up:

  • Hyper-V Server: 15.93%
  • Full Windows Server installation: 71.08%
  • Server Core installation: 12.99%

So there’s a compromise (an improvement) in Windows 8.  Apparently, with a command (probably a PowerShell cmdlet) and a reboot we can install a GUI (looks like either Minimal Server Interface or the full Server Graphical Shell if I’ve read the post correctly) on Server Core.  OK, that isn’t a bad start.  I’d like to see the reboot replaced by a logoff/logon.  But it’s a step forward to making Server Core more acceptable.  I’ll hold off judgement until the beta comes out (end of February) and have a play with it but it’s a good step forward by the looks of it.

Windows Server 2008 R2 and 10 GbE

If you’re taking full advantage of some of the great new hardware that is out there, then you’ll need to invest in 10 Gigabit networking.  192+ GB of RAM is a lot of VMs to live migrate, backup, etc.  In fact, 1 GbE is not enough to Live Migrate (or VMotion for that matter) that much RAM from one host to another in a realistic time frame.

I wish I could say that I’ve got a lot of material for you on this topic – but I haven’t the equipment.  But Didier van Hoye has done the work and shared his findings on his blog.  Out of the box, he found he couldn’t use the full capacity of the network.  With some tuning, he got much more throughput.  With the tweaks that Didier has documented, you can get the same results on Windows Server 2008 R2.

Where is My Windows 8 Tech Documentation?

It seems like some people have started to write tech guides for Windows 8 already.  Me being an avid blogger, you’d expect to see me at it too.  Not yet.  And here’s why.

What we have now is a Developer Preview.  It isn’t even a beta.  We know squat about how things work under the hood.  We know even less about best practice.  Heck, the product is buggy (as one should expect at this stage of the development and test cycle) and probably isn’t feature complete or locked.

If I write something on Windows 8 then I want to give you as much valid information as possible.  My SEO (by no skill or knowledge) is not bad so when I write a doc or a guide, it tends to score well on the search engines.  That means the content sticks around and is referenced.  Therefore I will be waiting a while until we have a more complete product, we do know more about how things work, and we have figured out some best practices.

Until then, have fun playing with the pre-beta release, but be aware than the Server Core group are still hard at work and are still listening to feedback.  Things will change and so will your plans.

What Event Will Windows 8 RTM Be Announced At?

Please forgive me while I take off my tinfoil (aluminium) hat; the aliens have taken a break from trying to read my thoughts.

I previously stated that I believed that Windows 8 would release before July 2012 because of how Microsoft’s financial year works (think EA Sports game titles) and their fear of the number 13.

Mary-Jo Foley and Paul Thurrot stated on Windows Weekly that they think an early RTM is coming – we have the developer preview, there will be 1 beta and 1 RC before RTM, and they think Microsoft is aiming to have GA for the lucrative back-to-school timeframe in August/September.

Microsoft won’t do an RTM without a big event to go along with it.  It just so happens that TechEd Europe is moving back to Amsterdam and Summer in 2012.  To be precise, it will be held on the week of June 25th, 2012.  That allows Microsoft to call the server product “Windows Server 2012”, and it allows them time to start the OEM build up for August and September.  I’d expect actual launch events in early September.

OK, that’s done and I can hear the aliens, it’s time to don my protective cover once again.

Technorati Tags:

Building Continuously Available Filer Server NAS Appliances

Speakers are Gene Chellis and Cristian Teodorescu

A file server NAS could be a fine appliance for SQL Server or Hyper-V file storage.  This is the last of the sessions in the storage track.

Why is NAS Relevant?

  • Customers like them according to sales figures. Sales rising steeply for last 2 year and into future, whereas file servers sales growing slowly now and in future (after 2 years of big drop)
  • Simple deployment (appliance)
  • Supports virtualisation and private cloud
  • Storage optimized hardware

Requirements of NAS

  • Support heterogeneous environments: Windows/Unix and File/Block
  • Support multiple workloads: client and server
  • Designed for end-to-end storage performance
  • Designed for continuous availability
  • Integrated software/hardware/packaging (appliance)
  • Simplified setup, configuration, and management (appliance experience)

New for Unified Storage on Windows Server 8

  • iSCSI target continuous availability
  • NFS v3 server continuous availability
  • NFS 4.1 server

End-to-End Storage Performance

Requirements vary by workload.  Some OEMs have not considered that and sometimes have a bottleneck that prevents high end-end performance.

Long demo of a virtualised pre-packaged NAS/cluster appliance with lots of wizards to set it up.

Technorati Tags: ,

Designing Systems for Continuous Availability – Multi-Node with Remote File Storage

The speakers are Jim Pinkerton and Claus Jorgensen

Topic is on using SMB for remote storage of application files. Servers access their files on UNC file paths. Example: VM VHDs, SQL Server database and log files. Easier to provision and manage shares than LUNs. More flexible with dynamic serer relocation. No need for specialised hardware/netwok knowledge or infrastructure. LOWER cost.

Basic idea of architecture: some shared stord (e.g. Storage Spaces), file server cluster with shares, Hyper-V cluster hosts, SQL, or other servers store files on those shares.

Transparent Failover
In W2008 R2 a failover is not transparent. There is brief downtime to take down, move over, bring up the clustered service or role. 99% uptime at best

Failover in W8 is transparent to the server application. Supported planned and unplanned failovers, e.g. maintenance, failures, and load balancing. Requires Windows Failover Cluste, and both server and client must be running Windows Server 8. All operations, not just IO, must be continuous and transparent – transparent for file and directory operations.

This means we can have an application cluster that places data on a back end file server cluster. Both can scale independently.

Changes to Windows Server 8 to make transparent failover possible:
– New protocol: SMB 2.2
– SMB 2.2 Client (redirector): client operation replay, end-to-end for replay of idempotent and non-idempotent operations
– SMB 2.2 Server: support for network stte persistence, singles share spans multiple nodes (active/active shares – wonder if this is made possible by CSV?), files are always opened write-through.
– Resume Key – used to failover to: resume handle state after planned or unplanned failover, fence handle state information, mask some NTFS issues. This fences file locks.
– Witness protocol: enables faster unplanned failover because clients do not wait for timeouts, enables dynamic reallocation of load (nice!). Witness tells the client that a node is offline and tells it to redirect.

SMB2 Transparent Failover Semantics:
Server side: state persistence until the client reconnects. Example: delete a file. The file is opened, a flag is set to delete on close, and you close the file -> it’s deleted. Now you try to delete the file on a clustered file share. A planned failover happens. The node closes the file and it deletes. But after reconnect the client tries to close the file to delete it but its gone. This sort of circumstance is handled.

In Hyper-V world, we have “surprise failover” where a faulty VM can be failed over. The files are locked on file share by original node with the fence. A new API takes care of this.

SMB2 Scale Out
In W2008 R2 we have active-pasive clustered file shares. That means a share is only ever active on 1 node, so its not scalable. Windows Server 8 has scale out via active-active shares. The share can be active on all nodes. Targeted for server/server applications like SQL Server and Hyper-V. Not aimed at client/server applications like Office. We also get fewer IP addresses and DNS names. We only need one logical file server with a single file system namespace (no drive letter limitations), and no cluster disk resources to manage.

We now have a new file server type called File Server For Scale-Out Application Data. That’s the active/active type. Does not support NFS and certain role sevices such as FSRM or DFS Replication. The File Server for General Use is the active/passive one for client/server, but it also supports transparent failover.

VSS for WIndows Server 8 File Shares
Application consistent shadow copyof server application data that is stored on Windows Server 8 file shares. Bckup agent on the application server triggers backup. VSS on app server acts with File Share Shaow Copy Provider. It hits the File Share Shadow Copy Agent on the file server via RPC, and that then triggers the VSS on the file server to create the shadow copy. The backup server can read the snapshot directly from the file server, saving on needless data transfer.

Performance for Server Applications
SMB2.2 makes big changes. Gone from 25% to 97% of DAS performance. MSFT used same DAS storage in local and file share storage with SQL Server to get these numbers. NIC teaming, TCP offloads and RDMA improved performance.

Perfmon counters are added to help admins troubleshoot and tune. IO size, IO latency, IO queue length, etc. Can seperately tune SQL data file or log file.

Demo:
Scale-out file server in the demo. 4 clients accessing 2 files, balanced across 2 nodes in the scale out file server cluster. A node in the cluster is killed. The witness service sees this, knows which clients were using it, and tells them to reconnect – no timeouts, etc. The clients do come back online on the remaining node.

Platforms
– Networking: 2+ interfaces … 1 GbE, 10 GbE optionaly with RDMA, or Infiniband with RDMA
– Server: 2+ servers … “cluster in a box” (a self contained cluster appliance) or 2+ single node servers.
– Storage: Storage Spaces, Clustered PCI RAID (both on Shared JBOD SAS), FC/iSCSI/SAS fabric (on arrays)

Sample Configurations
– Lowest cost: cluster in a box with shared JBOD SAS using 1 GbE and SAS HBA. Or use the same with Cluster PCI RAID for better performance instead of the SAS HBA. An external port to add external storage to scale out. Beyong td that look at 10 GbE
– Discreet servers: 1/10 GbE with SAS HBA to Shared JBOD SAS. Or use advanced SANS.

Note: This new storage solution could radically shake up how we do HA for VMs or server applications in the small/mid enterprise. It’s going to be cheaper and more flexible. Even the corporations might look at this for low/mid tier services. MSFT did a lot of work on this and it shows IMO; I am impressed.

Designing Systems for Continuous Availability and Scalability.

Extra session where I ran to in this slot after previous one ended very early.  This one is on storage pools and spaces.  Speaker has a Dell 1U server with a bunch of internal unallocated disks.  Uses PSH to:

  1. New-StoragePool (Get-StorageSubsystem and Get-PhysicalDisk)  The command pools all un-pooled disks.  The disks appear from Disk Manager because they are pooled.
  2. A space (which is a virtual disk) is created: New-VirtualDisk
  3. Initialize-Disk is run to initialise it.
  4. New-Partition formats the disk which is visible in disk manager and can be explored.  Note that it has a drive letter.

Optimized Space Utilisation

  • On-demand provisioning with trim (h/w command that gives space back to the pool when files are deleted) support – for NTFS, Hyper-V, and apps like SQL.
  • Elastic capacity expansion by just adding more disks.  You’ll get alerts when nearly full.
  • Defrag optimized to work with Storage Pools

Resiliency:

  • Mirrored spaces and Parity Spaces with integrated journaling supported.
  • Per-pool hot spare disk supported
  • Application driven intelligent error correction: SQL and Exchange should be able to take advantage of this.

Not very well explained – sorry. 

Demo: he plays a video that is stored on a resilient space and pulls a disk from it.  The video is uninterrupted. 

Spaces have granular access control.  Could be good for multi-tenant deployment – I’m hesitant of that because it means giving visibility of the back end system to untrusted customers (rule #1 is users are stupid).

You can base SLA on the type of disks in your JBOD, e.g. SSD, 15K or SATA.  Your JBOD could be connected to a bunch of servers.  They can create spaces for themselves.  E.g. a file server could have spaces, and use the disk space to store clustered VMs.

Questions to sfsquestions@microsoft.com

Build Windows: Windows Server 8

This is an IT pro session featuring Bill Laing (Corporate Vice President Server & Cloud Division) and Mike Neil (General Manager Windows Server) are the speakers.  This will be jam packed with demos.

“Windows Server 8 is cloud optimized for all business” – Bill Laing.  For single servers and large clusters.  The 4 themes of this server release:

  • beyond virtualisation
  • The power of many servers, the simplicity of one
  • Every app, any cloud
  • Modern work style enabled

Hyper-V headline features:

  • network virtualisation
  • Live storage migration
  • multi-tenancy
  • NIC teaming
  • 160 logical processors
  • 32 virtual processors
  • virtual fiber channel
  • Offloaded data transfer (between VMs on the same storage)
  • Hyper-V replicat
  • Cross-premise connectivity
  • IP address mobility
  • Cloud backup

Did they mention cloud yet?  I think not: apparently this release is cloud optimized.

A VM can have up to 32 vCPUs.  RAM can be up to 512 GB.  VHDX supports up to 16 TB of storage per vDisk.  Guest NUMA is where VMs are now NUMA aware … having 32 vCPUs makes this an issue.  A VM can optimize threads of execution VS memory allocation on the host.  A guest can now direct connect to a fibre channel SAN via a virtual fibre channel adapter/HBA – now the high end customers can do in-VM clustering just like iSCSI customers.  You can do MPIO with this as well, and it works with existing supported guest OSs.  No packet filtering is done in the guest.

Live Migration.  You can now do concurrent Live Migrations.  Your limit is the networking hardware.  You can LM a VM from one host to another with “no limits”.  In other words, a 1 Gbps connection with no clustering and no shared storage is enough for a VM live migration now.  You use the Move wizard, and can choose pieces of the VM or the full VM.  Live Storage Migration sits under the hood.  It is using snapshots similar to what was done with Quick Storage Migration in VMM 2008 R2. 

On to Hyper-V networking.  What was slowing down cloud adoption?  Customers want hybrid computing.  Customers also don’t like hosting enforced IP addressing.  The customer can migrate their VM to a hosting company, and keep their IP address.  A dull demo because it is so transparent.  This is IP Address Mobility.  The VM is exported.  Some PowerShell is involved in the hosting company.  Windows Server 8 Remote Access IPsec Secure Tunnel is used to create a secure tunnel from the client to the hosting company.  This extends the client cloud to create a hybrid cloud.  The moved VM keeps its original IP address and stays online.  Hosted customers can have common IP addresses.  Thanks to IP virtualisation, the VMs internal IP is abstracted.  The client assigned in-VM address is used for client site communications.  In the hosting infrastructure, the VM has a different IP address.

VLANs have been used by hosting companies for this in the past.  It was slow to deploy and complicates networking.  It also means that network cannot be changed – EVER … been there, bought the t-shirt. 

Cross-network VM live migration can be done thanks to IP virtualisation.  The VM can change it’s hosted IP address, but the in-VM address does not change.  Makes the hosting company more flexible, e.g. consolidate during quiet/maintenance periods, network upgrades, etc.  There is no service disruption, so the customer has no downtime, and the hosting company can move VMs via Live Migration as and when required.  This works just as well in the private cloud.  Private cloud = hosting company with internal customers.

More:

  • Extensible virtual switch
  • Disaster recovery services with Hyper-V replicat to the cloud
  • Hybrid cloud with Hyper-V network virtualisation
  • Multi-tenant aware network gateway
  • Highly available storage appliances

And more:

  • SMB transparent failover
  • Automated cluster patching
  • Online file system repairs
  • Auto load balancing
  • Storage spaces
  • Thin provisioning
  • Data de-duplication
  • Multi-protocol support
  • 23000 PowerShell cmdlets
  • Remote server admin
  • Knowledge sharing
  • Multi-machine management

Server Manager is very different.  Very pretty compared to the old MMC style UI.  It has Metro Live Tiles that are alive.  Task/Actions pane is gone.  Selecting a server shows events, services, best practices analyser, performance alerts, etc.  You can select one, or event select a number of VMs at once.  A new grid control allows you to sort, filter, filter based on attribute, group, etc.  Makes cross-server troubleshooting much easier.  You can select a role, and you’ll see just the servers with that role.

Once again …”starting with Windows 8 the preferred install is Server Core”.  We’ll be the judge of that Winking smile  We ruled against MSFT on Server 2008 and Server 2008 R2 on that subject.  New add/remove roles wizard.  You can install a role to a live server or to a VHD!  This is offline installation of roles for pre-provisioning native VHD or VM VHD images.  You can even choose to export the settings to an XML file instead of deploying.  That allows you to run a PowerShell cmdlet to use the XML to install the role(s).  PowerShell now has workflows.  It converts a PSH function into a workflow that can work across multiple machines.  For example, deploy IIS (using install-windowsfeature & the XML file), deploy content, test content (invoke-webrequest), across many machines in parallel – big time saver instead of doing 1 machine at a time.  Great for big deployments, but I really see s/w testers really loving this.

Data Deduplication allows you to store huge amounts of data on a fraction of the disk space by only storing unique data.  We see a demo of terabytes of data on 4% of the traditionally required space.  This is single instance storage on steroids.  Only unique blocks are written by the looks of it. 

Native NIC teaming has come to Windows Server.  No more third party software required for this, increasing stability and security, while reducing support complexity.  In a  demo, we see a file share stored SQL VM with perfmon monitoring storage performance.  The host has 2 teamed NICs.  One is busy and one is idle.  The active NIC is disabled.  The idle NIC takes over automatically, as expected.  There is a tiny blip in storage performance … maybe 1-2 seconds.  The VM stays running with no interruption. 

Now we see a  high availability failover of a VM using a file share for the shared storage. 

On to applications:

  • Symmetry between clouds
  • Common management
  • Common developer tools
  • Distributed caching
  • Pub/Sub messaging
  • Multi-tenant app container
  • Multi-tenant web sites
  • Sandboxing and QoS
  • NUMA aware scaling for IIS
  • Open Source support
  • Support for HTML5

Note: I can’t wait to do a road show on this stuff back in Ireland. 

  • Greater density with IIS8
  • Scalable apps for public/private clouds
  • Extension of programming tools
  • Websocket extensions

Work style improvements:

  • Remote sessions, VDI or apps.
  • USB devices support
  • Simplified VDI management: badly needed
  • RemoteFX for WAN!
  • User VHDs
  • RDP 3D graphics and sound
  • Claims based file access
  • And more

Controlling access to data, discretionary access controls (DACLs) that we use up to now are difficult.  Dynamic Access Control allows you to specify AD attributes that dictate what objects can access a resource: e.g. AD object with “Accounts” in a department attribute gets access to the Accounts file share.  Done in Classification tab for the folder.  Who populates to attributes?  Doesn’t a user have a lot of control over their own object?  Good thing: it is very flexible compared to DACLs.

When a user is denied access to content, they can click on Request Access but to ask an admin for access.  No need for helpdesk contact. 

Automatic classification can search content of data to classify the data in case it is accidentally move to a wrong location.  It removes the human factor from content security.

Next up: RDP.  Metro UI with touch is possible with 10 touch points, rather than 30.  Lovely new web portal has the Metro UI appearance.  RemoteApp is still with us.  Favourite RDP sessions are visible in Remote Desktop.  Locally cached credentials are used for single sign-on.  3D graphics are possible: we see a 3D model being manipulated with touch.  We see a Surface fish pond app with audio via RDP and 10 touch points.  Seriously IMPRESSIVE!  You can switch between RDP sessions like IE10 tabs in Metro.  You can flip between them and local desktop using Back, and use live Side-by-Side to see both active at the same time.