Microsoft announced Windows Virtual Desktop and began a private preview. Since then, we’ve been hard at work developing the ability to scale and deliver a true multi-session Windows 10 and Office 365 ProPlus virtual desktop and app experience on any … Continue reading →
In my previous article, I explained how to install and configure Azure Backup Server. This article explains how to configure Azure Backup Server to help protect VMware Server workloads. I am assuming that you already have Azure Backup Server installed. … Continue reading →
Azure Backup is used for backups and DR, and it works with managed disks as well as unmanaged disks. You can create a backup job with time-based backups, easy VM restoration, and backup retention policies. The following table is a … Continue reading →
To migrate Office 365 Relying Party Trust from an existing ADFS Farm to new ADFS Farm, follow the step by step guide. Migrating Office 365 Relying Party Trust will incur a minor disruption to SSO environment. Prerequisites: Existing ADFS Farm … Continue reading →
The concept of Work Folder is to store user’s data in a convenient location. User can access the work folder from BYOD and Corporate SOE from anywhere. The work folder facilitate flexible use of corporate information securely from supported devices. … Continue reading →
Let’s paint a picture, you have an unique requirement to build multiple ADFS farms. you have a fully functional hybrid environment with EXO. you do not want to modify AAD connect and existing ADFS servers. But you want several SaaS applications use different ADFS farm with MFA but their identity is managed by the same Active Directory forest used by existing ADFS farm.
Here is the existing infrastructure:
1 single forest with multiple hybrid UPNs (domainA.com, domainB.com, domainC.com and many…)
2x ADFS servers (sts1.domainA.com)
2X WAP 2012 R2 cluster
1x AAD Connect
1X Office 365 Tenant with several federated domains (domainA.com, domainB.com, domainC.com and many….)
1x public CNAME sts1.domainA.com
Above configuration is working perfectly.
Now you would like to build a separate ADFS 2016 farm with WAP 2016 cluster for SaaS applications. This ADFS 2016 farm will be dedicated to authenticate these SaaS applications. you would also like to turn on MFA on ADFS 2016. Add new public authentication endpoint such as sts2.domainA.com for ADFS 2016 farm.
End goal is that once user hit https://tenant.SaaSApp.com/ it will redirect them to sts2.domain.com and prompt for on-prem AD credentials and MFA if they are accessing from public network.
New ADFS 2016 infrastructure in the same forest and domain:
2X ADFS 2016 Servers (sts2.domainA.com)
2X WAP 2016 Servers
1 X separate public IP for sts2.domainA.com
1X public CNAME for sts2.domainA.com
1X Private CNAME for sts2.domainA.com
Important Note: You have to prepare Active Directory schema to use ADFS 2016 functional level. No action/tasks necessary in existing ADFS 2012 R2 environment.
Guidelines and referrals to build new environment.
Hybrid Configuration Business Case. On-premises IRM- Information Rights Management (IRM) enables users to apply Active Directory Rights Management Services (AD RMS) templates to messages that they send. Antispam and malware protection- Mailboxes moved to Office 365 are automatically provided with antivirus … Continue reading →
This article will describe how to install new ADFS 2016 farm or upgrade existing AD FS Windows Server 2012 R2 farm to AD FS in Windows Server 2016. Prerequisites: ADFS Role in Windows Server 2016 Administrative privilege in both ADFS … Continue reading →
This article provides step by step guidelines to implement single sign on using ADFS 4.0 as the identity provider and Workday as the identifier and service provider. Important Note: Workday does not provide a service provider metadata XML file to … Continue reading →
The following procedures are tested on Windows Server 2016 TP4 and Windows 10 Computer. Step1: Basic Hyper-v Host Configuration Once Hyper Server 2016 is installed. Log on to Hyper-v host as administrator. You will be presented with command prompt. On … Continue reading →
VMware increases price again. As per VMware pricing FAQ, the following pricing model will be in effect on April 1, 2016. vSphere with Operations Management Enterprise Plus from US$4,245/CPU to US$4,395/CPU VMware vCenter Server™ Standard from US$4,995/Instance to US$5,995/Instance vSphere … Continue reading →
Changed and upgraded functionality of Hyper-v Server 2016.
Hyper-v cluster with mixed hyper-v version
Join a Windows Server 2016 Hyper-v with Windows Server 2012 R2 Hyper-v
Functional level is Windows Server 2012 R2
Manage the cluster, Hyper-V, and virtual machines from a node running Windows Server 2016 or Windows 10
Use Hyper-V features until all of the nodes are migrated to Windows Server 2016 cluster functional level
Virtual machine configuration version for existing virtual machines aren’t upgraded
Upgrade the configuration version after you upgrade the cluster functional level using Update-VmConfigurationVersion vmname cmdlet
New virtual machine created in Windows Server 2016 will be backward compatible
Hyper-V role is enabled on a computer that uses the Always On/Always Connected (AOAC) power model, the Connected Standby power state is now available
Production checkpoints, the Volume Snapshot Service (VSS) is used inside Windows virtual machines
Linux virtual machines flush their file system buffers to create a file system consistent checkpoint
Check point no longer use saved state technology
Hot add and remove for network adapters, virtual hard drive and memory
add or remove a Network Adapter while the virtual machine is running for both Windows and Linux machine
Adjust memory of a running virtual machine even if you haven’t enabled dynamic memory
Integration Services delivered through Windows Update
Windows update will distribute integration services
ISO image file vmguest.iso is no longer needed to update integration components
Storage quality of service (QoS)
create storage QoS policies on a Scale-Out File Server and assign them to one or more virtual disks
Hyper-v auto update storage policies according to storage policies
Virtual machine Improvement
Import virtual machine with older configuration version, update later and live migrate across any host
After you upgrade the virtual machine configuration version, you can’t move the virtual machine to a server that runs Windows Server 2012 R2.
You can’t downgrade the virtual machine configuration version back from version 6 to version 5.
Turn off the virtual machine to upgrade the virtual machine configuration.
Update-VmConfigurationVersion cmdlet is blocked on a Hyper-V Cluster when the cluster functional level is Windows Server 2012 R2
After the upgrade, the virtual machine will use the new configuration file format.
The new configuration files use the .VMCX file extension for virtual machine configuration data and the .VMRS file extension for runtime state data.
Ubuntu 14.04 and later, and SUSE Linux Enterprise Server 12 supports secure boot using Set-VMFirmware vmname -SecureBootTemplate MicrosoftUEFICertificateAuthority cmdlet
Hyper-V Manager improvements
Support alternative credential
Down-level management of Hyper-v running on Windows Server 2012, Windows 8, Windows Server 2012 R2 and Windows 8.1.
Connect Hyper-v using WS-MAN protocol, Kerberos or NTLM authentication
Guest OS Support
Any server operating systems starting from Windows Server 2008 to Windows Server 2016
Any desktop operating systems starting from Vista SP2 to Windows 10
FreeBSD, Ubuntu, Suse Enterprise, CentOS, Debian, Fedora and Redhat
9. ReFS Accelerated VHDX
Create a fixed size VHDX on a ReFS volume instantly.
Gain great backup operations and checkpoints
10. Nested Virtualization
Run Hyper-V Server as a guest OS inside Hyper-V
11. Shared VHDX format
Host Based Backup of Shared VHDX files
Online Resize of Shared VHDX
Some usability change in the UI
Shared VHDX files are now a new type of VHD called .vhds files.
12. Stretched Hyper-V Cluster
Stretched cluster allows you to configure Hyper-v host and storage in a single stretch cluster, where two nodes share one set of storage and two nodes share another set of storage, then synchronous replication keeps both sets of storage mirrored in the cluster to allow immediate failover.
These nodes and their storage should be located in separate physical sites, although it is not required.
The stretch cluster will run a Hyper-V Compute workload.
Hyper-V on Windows 10 doesn’t support failover clustering