Running head: WINDOWS SERVER DEPLOYMENT PROPOSAL
WINDOWS SERVER DEPLOYMENT PROPOSAL
Student Name
Course Name
Professor Name
University Name
June 30, 2016
1
WINDOWS SERVER DEPLOYMENT PROPOSAL
2
WINDOWS SERVER DEPLOYMENT PROPOSAL
ORGANIZATION BACKGROUND/OVERVIEW
For the given scenario, Global Advertising Inc. or GAI wants to implement the
Windows Server 2012 for their network infrastructure. It is an innovative and fresh
advertising company has now hiring the workforces, developing the two office sites. The
Corporation has requirement to make its internal system network configured with the new
Windows Server 2012 deployment. Hence, being an IT consultant I recommended the most
promising solution for deploying the best features of Windows Server 2012 to make more
robust, secure and stable windows server network that assist the company in managing the
two locations presently they are working on. I give utmost recommendations in terms of costeffective and efficient solution for the configuration and reliable implementation of the GAI
central IT services. The company already has established the security measures like firewalls,
IPsec security mechanisms for ensuring the confidentiality, authenticity and data integrity of
the organization within the financial and other department e.g. production department of the
organization. However, the cost is not the first concerned from the management side,
therefore, the best implementation practices are considered and recommended to implement
in the given case scenario for the GAI Corporation.
Introduction
The paper offers a comprehensive solution for the GAI Corporation infrastructure
upgrade to provide the appropriate deployment of Windows Server 2012 R2 that enables an
efficient server environment. The paper gives you with the proposal to support the installation
of Windows Server 2012 R2 to upgrade and design the new network infrastructure for the
GAI Corporation in order to change the ad-hoc network environment to more secure and
comprehensive Windows Server environment for the different locations of it. The new
infrastructure and upgraded network outline comprises with the Windows Server 2012 R2
WINDOWS SERVER DEPLOYMENT PROPOSAL
3
edition that replaces all the domain controller Windows Server 2008 set up from each of the
workstations at the company’s two sites to the configuration of Active Directory and domain
controllers. The new design and proposed infrastructure in form of Windows Server 2012
help you in managing the services to the clients and collaborating effectively with the site
active directory settings to access the services offered by the Server 2012. It provides you
with more cost-effective and manageable solution to enable your existing network with more
scalability and robustness. Windows Server deployment on various sites of the company
establishes the domain controllers with Windows Server 2012 AD services. The solution
provides you with the assistance in managing the resources by utilizing the AD services
offered by the Server deployment and new updated network design structures. You will
become more efficient and flexible to perform the current operations performed on Windows
Server 2008 edition that is less reliable and slow in implementing the domain controller and
AD services within the network. The infrastructure involves “Virtual Machine Manager
Services” or VMSS with the automated DNS name resolution service configuration and
DHCP facility to the over-all network of the company such that it incorporates its
collaboration with the other GAI location easily by the domain service.
DHCP configuration of the AD helps you providing the dynamic address allocation
like automated assigning of IP addresses to each of the zone’s PC or workstations as well as
servers at each of the site of the company. The network server infrastructure design offers
Windows Server 2012 R2 with the Active Directory services on each workstations and server
deployed for the network design and configuration that enhances the performance and
facilitates timely and cost-effective solution to the corporation. It likewise offers a scalable
group policy management and active directory topology which involves the designing of AD
of different office sites of GAI by maintaining the domain controllers. At the end, the most
crucial and significant feature of the network deployment and Windows infrastructure
WINDOWS SERVER DEPLOYMENT PROPOSAL
4
upgrade is its secure and protected remote access capability provided to the remote
employees and users who are trying to access it with the help of VPN. The new network
design and Windows Server 2012 deployment manage the direct and remote access to the
GAI AD services with the appropriate domain controllers at the remote site as a result of the
configured site-to-site VPN with provided secure and safe packet filtering services comes out
as a compatible and protected Direct Access and multisite Remote Access solution to the
organization.
NEW FEATURES OF WINDOWS SERVER 2012
Windows Server 2012 for the GAI network infrastructure arrives as a host of
innovative features that prominently increase the functionality of the GAI new operating
system. The GAI make use of these new and advanced features of the Windows Server 2012.
These are the following that GAI can make the best out of them:
Improved and innovative storage, BYOD, remote access, networking, server management
features create the Server R2 edition advancement or upgrade.
WORK FOLDERS
Work Folders carry the functionality of featured Dropbox to business servers. Connect this
role or part on a “Windows Server 2012 R2” framework system that will get you with a fully
well-designed, secure data file duplication service.
DESIRED STATE CONFIGURATION
This feature assembled into “Windows Server 2012” R2 edition that marks it imaginable to
programmatically launch a baseline of features and roles, then update and monitor any system
that will not counterpart the wanted state. “Desired State Configuration” necessitates
WINDOWS SERVER DEPLOYMENT PROPOSAL
5
“PowerShell 4.0” that delivers a number of novel cmdlets to complete both the administration
and the monitoring of exact states.
STORAGE TIERING
This could be the solitary most stimulating fresh feature in “Windows Server 2012”. In core,
Storage Tiering is the capability to apathetically move masses of warehoused data amid
different programs of storage, like as slower and fast SSDs with hard drives.
Information deduplication as in Windows Server 2012 is a good feature, however one object
it cannot implement is deduplicate executing virtual machines.
DEPLOYMENT AND SERVER EDITIONS
The total two servers of the Windows Server 2012 R2 edition is used by the GAI
Corporation for the deployment at the two sites with the single forest domain AD configured
settings. Designing the new network for your company require to upgrade the outdated and
legacy servers configured with the active domain controllers and replace them with the
Windows Server 2012 R2 edition. The standard Enterprise Edition of Windows Server 2012
R2 is used for the one core office location. The server core is also incorporated and used at
one site of the GAI. Another site is using the Datacenter Edition of the Server 2012 R2. You
need to employ the Server 2012 on each of the site where the data centers of the company are
present. Since the new network require to place and configure the server 2008 with 2012 R2
version with the Active Directory Services on each workstation client. The new site of the
GAI need to configure with the same domain controller which should be mounted with the
same Windows Server 2012 AD services activated to access the main office domain AD
services with ease and security. The environment in which you deploy the Server on each
client machine of the different site require upgradation of the old servers and effective
infrastructure handle with the roles and services involving DNS, DHCP, Print and File
WINDOWS SERVER DEPLOYMENT PROPOSAL
6
Services. These services configured for each server domain controller through placement of
domain controllers at each site of GAI Corporation. The new infrastructure often provides a
handling mechanism for roles and services including the domain name resolution and
dynamic host configuration settings for the company’s network requirements to manage the
file operations and services. The two servers at the sites of GAI will be configured
automatically using WUSU updating service. A WSUS server can be the overhaul hotspot for
different WSUS servers inside of the association. The WSUS server that goes about as a
redesign source is called an upstream server (Thomas, 2014).
ACTIVE DIRECTORY
An organized way to deal with Active Directory plan makes venture scale catalogue
administration arrangement clear and straightforward. This aide consolidates business and
specialized direction to minimize the time and exertion required to execute the Active Directory
administration. Picking the proper forest/domain model for the arrangement of Active
Directory for the "window server 2012" working framework deployment:
SINGLE DOMAIN MODEL FOR GAI
A solitary domain model or approach is the most effortless to control and the slightest
costly to keep up. It comprises of a forest that comprises a solitary domain. Such domain is the
"forest root domain", also it consists of every client and gathering accounts in the domain.
A single forest domain model diminishes administrative complication by providing the
subsequent advantages:
•
Each "domain controller" can validate any client in the forest.
•
Each and every domain/space controllers can be worldwide inventories, so you don't
have to get ready for worldwide inventory server arrangement.
WINDOWS SERVER DEPLOYMENT PROPOSAL
7
In a solitary space domain, all registry information is recreated to every single geographic area
that host area controllers. While this model is the least demanding to oversee, it likewise makes
the most replication movement of the two space models. Apportioning the catalogue into
numerous spaces restricts the replication of items to particular geographic areas yet brings
about more authoritative overhead. It is superior to minimize the quantity of domain spaces
that you convey in your forest. This lessens the general many-sided quality of the sending and,
accordingly, decreases complete expense of proprietorship. The accompanying table records
the regulatory expenses connected with including provincial domains. (technet.microsoft.com,
n.d.)
Selecting the Forest Root Domain for the Active Directory Configuration
The principal domain space that you convey in an Active Directory woodland is known
as the forest root space. This area remains the "forest root domain" for the complete life cycle
of this "AD DS arrangement". The "forest root domain" contains the Schema Admins and
Enterprise Admins bunches. These administration manager gatherings are utilized to oversee
backwoods level operations, for example, the expansion and evacuation of spaces and the usage
of changes to the mapping. Selecting the forest root space/domain includes figuring out
whether one of the Active Directory areas in your space configuration can work as the
WINDOWS SERVER DEPLOYMENT PROPOSAL
8
backwoods root space or in the event that you have to convey a devoted forest root area.
(technet.microsoft.com, n.d.)
“Domain Controller Placement and RODC Considerations in the domain controller
placement”
Regarding position of a read-just space controller (RODC) in a site, consider how the
RODC will recreate planned overhauls. A RODC can recreate overhauls of the area segment
just from a writable space controller running Windows Server 2008 in the same area. The
RODC can imitate different allotments, including application registry segments and worldwide
inventory segments, from any writable area controller that runs "Windows Server 2012". A
RODC can't be an origin domain area controller for some other domain space controller since
it can't perform outbound replication. A RODC must imitate the space allotment from a
writable area controller running "Windows Server 2012" in light of the fact that just a writable
space controller that runs "Windows Server 2012" can implement the "Password Replication
Policy (PRP)" for a RODC. To recreate the space parcel to the RODC, you regularly put a
writable area controller running "Windows Server 2012" in the closest site in your system
topology to the site that contains the RODC. The closest site in this sense is characterized as
the site that has the least cost site join for the site that contains the RODC.
WINDOWS SERVER DEPLOYMENT PROPOSAL
9
The given diagram displays how to place the “domain controller of active directory”:
Active Directory back-up plan
"Windows Server 2012" conveys numerous new elements to "Active Directory", two
of which significantly affect your reinforcement and recuperation arranges: the innovative
"Windows Server Backup utility" and the capacity to bring and work with "Volume Shadow
Copy Service" previews of Active Directory. This go down arrangement for the AD includes
some hard group policy configuration settings such as:
Group Policy Settings
"Windows Server Backup" gives a few "Group Policy settings" that give you some
restricted control over how reinforcements take a shot at your servers. With these reinforcement
WINDOWS SERVER DEPLOYMENT PROPOSAL
10
approaches, you can alleviate a portion of the dangers connected with individuals performing
unapproved reinforcements to acquire access to unapproved information. The choices include:
•
“Disallow Network as Backup Target”: This setting usually does not permit moving
down to any system share.
•
“Disallow Optical Media as Backup Target”: When that is all set, "Windows Server
Backup" can't go down to any optical gadget, for example, "a recordable DVD drive".
•
“Disallow Run-Once Backups”: Such setting will not permit "Windows Server
Backup" to run unscheduled, impromptu reinforcements. Just reinforcements that are
booked through the "Windows Server Backup MMC snap-in" are permitted to run.
FSMO ROLES PLACEMENT
•
It portrays the position of "Active Directory Flexible Single-Master (FSMO)" parts in
the domain space along with the forest for operations that are best performed on a
solitary area controller. In a registry that has numerous area controllers, the default
situation may not be the best suit for your system.
•
It is less demanding to monitor FSMO parts in the event that you have them on less
PCs.
•
Place parts on area controllers that are can be gotten to by the PCs that need access to
a given part, particularly on systems that are not completely directed. For instance, to
get a present or "standby RID pool", or perform go through verification, everything
DCs need system access to the “PDC and RID role holders” in their particular spaces.
DNS AND DHCP
DHCP is an indispensable administration on a company network system. Without it,
customers can't acquire IP locations and data, for example, DNS servers. Therefore, DHCP is
often sent in an exceptionally accessible way so that in the event that one server gets to be
WINDOWS SERVER DEPLOYMENT PROPOSAL
11
distracted, another can assume control. Designing the highly available DHCP provides you
two advantages, first it offers the dynamic DHCP services at each instant of time as well as
when in case of failure of DNS server or it is no longer present, enable the clients to increase
their lease by associating with another DHCP server to tolerate the DHCP failure or fault
occurs in the server. When planning and scheming an extremely obtainable DHCP solution,
you must consider whether to arrange for failover clustering or split-scope DHCP (microsoft,
n.d.).
Split scope empowers activity to be part among partaking servers while likewise
giving excess to local and remote users if one of the two servers come up short. Be that as it
may, users acknowledge the main DHCP reaction they get, so you can't promise from which
server users will get a DHCP reaction. On the off chance that the servers are part over a
system limit, you have to design a DHCP hand-off operators on a switch and present a
deferral by then in order to keep the auxiliary server from reacting before the essential server.
A fresh feature of “Windows Server 2012”, DHCP failover infers that two servers are
designed with the similar DHCP configuration. Maintenance of a required DHCP database
includes backing up as well as restoring the database. DHCP is an essential administration on
a venture system. Without it, customers can't get IP locations and data, for example, DNS
servers. Consequently, DHCP is habitually sent in an exceptionally accessible way so that on
the off chance that one server gets to be distracted, another can assume control.
DHCP interoperability offers the association between DHCP as well as other
Microsoft technologies like as Network Access Protection (NAP), Active Directory Domain
Services (AD DS), Routing and Remote Access, and other interrelated technologies,
relatively than interoperability amid the DHCP implementation and Microsoft DHCP
implementation from supplementary vendors. The DHCP server can easily update both the
host address (A) and pointer (PTR) record for the client user. Failover bunching empowers
WINDOWS SERVER DEPLOYMENT PROPOSAL
12
both servers to allot DHCP data by having the same DHCP database on a mutual stockpiling
area. DHCP separating arranges how the server reacts to customers by utilizing join layer
MAC addresses. The DHCP server part in Windows Server 2012 accommodates repetition
with split degree, failover through hot standby and burden sharing, and failover bunching.
Hot standby failover empowers a server to assume control ought to its partner come up short.
Load-sharing failover empowers both servers to allot DHCP data. The DHCP
Management Pack, some portion of System Center Operations Manager, empowers checking
and reporting of the DHCP administration service. DHCP clients can record dynamic DNS
access records upon address allocation. The DHCP database is put away on the document
framework and should be accommodated sporadically to evacuate stale sections. You can
effectively back-up and restore the DHCP database through Actions present at the server
stage in DHCP Manager. Therefore you can configure and manage the network devices like
printers and database with DHCP solution (microsoftpressstore, n.d.).
Name resolution characteristically comprises Domain Name System (DNS) however can
likewise contain “Windows Internet Name Service (WINS)”. You have to remember a few
things when planning an intricate name resolution procedure at the organization level. These
incorporate organizing security while in the meantime giving a solid and powerful framework
for the association. A few elements of Windows Server 2012 can be utilized to make this this
reliable and robust design and configuration.
"Domain names spaces or DNS" utilized as a part of this specific business situation is
identified with the arrangement of the "DNS server" alongside the settings of the area of the
"window server 2012". We suggest that you enlist DNS names for the top-most inner and
outside DNS namespaces with an Internet recorder. This incorporates the backwoods root
space of any particular "Active Directory forest" unless such names are sub-areas of DNS
WINDOWS SERVER DEPLOYMENT PROPOSAL
13
names that are enrolled by your association name. When you enlist your DNS names with an
Internet recorder, that permits the Internet DNS servers resolve your space now or sooner or
later over the life span of your "Active Directory Forest". DNSSEC sets up a sequence of
trust with a trust grapple at the root zone that empowers a chain of trust to be worked to
guarantee that reactions are reliable. Along these lines, when wanting to utilize DNSSEC,
you have to decide the area for the trust stays. This additionally implies the legitimacy of
individual asset records can be checked, as well as the genuine server itself can be confirmed
just like the right definitive server.
•
The DNS service handles configurations to improve security comprising DNS socket
pool, DNSSEC, and cache locking.
•
DNS socket pool efficiently randomizes the source or foundation port for cache
locking DNS queries prevents cached accesses from being over-composed for a
definite percentage of their “Time to Live (TTL)” value.
•
Microsoft’s DNS execution supports separate namespaces, in which the particular
DNS name suffix differs from the “Active Directory Domain Services (AD DS)”
domain name suffix.
•
DNS Zone delegation allows a dissimilar server to be commanding for a specified
zone. This, attached with application partitions and zone hierarchy, permits difficult
name service designs for an organization (Ferrill & Ferrill, 2014).
"DNS (domain name framework)" is a plan for the distinguishing proof of PCs and
system administrations which is prearranged into areas order. Basic and common server
center is required to interface distinctive branches of the organization. This DNS strategy for
namespace resolution strategy, we recommend this one for the second site of the GAI
Corporation. The DNS would be utilized in the naming and addressing section of the
WINDOWS SERVER DEPLOYMENT PROPOSAL
14
illustrated arrangement or outline plan of the organization. The "Domain Name System
(DNS)" is a various leveled circulated naming framework for PCs, administrations, or any
asset associated with the Internet or a private system network (microsoft, n.d.).
APPLICATION SERVICES
GROUP POLICY FOR APPLICATION DEPLOYMENT
"Group Policy" is an administrator's best instrument for client administration in an "Active
Directory environment" particularly in the "window server 2012" as it offers more information
answering to find organization issues. Bunch/Group Policy is an application framework that
permits you to determine oversaw designs for clients and PCs through Group Policy settings
and Group Policy Preferences. To design Group Policy settings that influence just a
neighbourhood PC or client, you can utilize the "Local Group Policy Editor". You can oversee
"Group Policy settings" and "Group Policy Preferences" in an "Active Directory Domain
Amenities (AD DS) environment" through the "Group Policy Management Console (GPMC)".
Bunch/Group Policy administration instruments likewise are incorporated into the "Remote
Server Administration" Tools pack to give an approach to you to oversee "Group Policy
settings" from your desktop (technet.microsoft.com, n.d.).
The application software suites used with the server 2012 include the Virtual desktop or
VMWare applications, Windows Server applications with the help of group policy settings.
FILE AND PRINTER SHARING
For the GAI Corporation, file and print services incorporates advancements that offer
you set some assistance with up and oversee one or more record servers, which are servers that
give focal areas on your system where you can store records and impart them to clients. On the
off chance that your clients need access to the same records and applications, or if brought
together reinforcement and document administration are imperative to your association, you
WINDOWS SERVER DEPLOYMENT PROPOSAL
15
ought to set up one or more servers as a document server by introducing the file services part
and the fitting part benefits.
IMPLEMENTING SHARE QUOTAS ON WINDOWS SERVER
By using FSRM to generate a quota generally for a size or file, you can bound the disk
storage space that is allotted for such case. The quota boundary smears to the complete file
subtree. To control what occurs when the quota boundary methods, you can organize
notification beginnings. In some bags, you influence need to route a script that increases the
quota edge routinely when a verge is stretched.
FSRM CONFIGURATION
Segments of the records in the server will be managed and secured using the FSRM for GAI.
"File Server Resource Manager" is an arrangement of components that permit you to direct and
order information that is put away on record servers. FSRM incorporates the accompanying
components:
•
File Management: The record administration errands empowers you to apply a
restrictive strategy or activity to documents in light of their grouping. The states of a
record administration errand incorporate the document area, the order properties, the
date the document was made, and the last altered date of the record, along with the last
time the document was gotten to.
•
Storage/Capacity Reports: Storage reports are utilized to offer you some assistance
with identifying patterns in circle use and how your information is grouped. You can
likewise screen a chose gathering of clients for endeavours to spare unapproved records.
“DECIDING
WHETHER
IMPLEMENTED?”
THE
DFS
(DISTRIBUTED
FILE
SYSTEM)
BE
WINDOWS SERVER DEPLOYMENT PROPOSAL
16
Associations of any size, with any number of record servers, can profit by executing DFS.
DFS is particularly useful for associations in which any of the accompanying conditions exist:
•
The association arrangements to send extra document servers or combine existing
record servers.
•
The association has information situated on servers in various destinations and needs
customers to interface with the nearest servers.
•
Clients experience delays when getting to document servers amid top use periods.
•
Clients require continuous access to record servers.
You can prepare arrangements to execute DFS without quickly planning your whole
namespace. You don't have to send DFS all at one time; you can include as much or as meagre
of your association's physical stockpiling as you have to the DFS namespace, at a pace that
works with your general movement. (technet.microsoft.com, n.d.)
CONCLUSION AND RECOMMENDATIONS
The Windows Server 2012 R2 proposal for the GAI Corporation as an advertising
firm provides the brief detailed elements used in the deployment of the technical business
solution for the company so that you will continue working and delivers the cloud services to
its clients locating on different sites in cost-effective and efficient manner. It is appreciably
recommended to you to adopt and deploy the server 2012 R2 edition on each client and
server PCs to enhance the network services and easy manageable facility for the clients.
WINDOWS SERVER DEPLOYMENT PROPOSAL
17
Works Cited
Ferrill , P., & Ferrill, . (2014). Designing and Implementing a Server Infrastructure.
Microsoft.
microsoft. (n.d.). Namespace planning for DNS: Domain Name System(DNS). Retrieved from
microsoft: https://technet.microsoft.com/en-us/library/cc759036(v=ws.10).aspx
microsoft. (n.d.). What Is DHCP?: Dynamic Host Configuration Protocol (DHCP). Retrieved
from microsoft: https://technet.microsoft.com/en-us/library/cc781008(v=ws.10).aspx
microsoftpressstore. (n.d.). Design and Implement Network Infrastructure Services. Retrieved
from microsoftpressstore:
https://www.microsoftpressstore.com/articles/article.aspx?p=2224361
technet.microsoft.com. (n.d.). Deciding Whether to Implement DFS in window server 2012
R2. Retrieved from technet.microsoft.com: https://technet.microsoft.com/enus/library/cc782456%28v=ws.10%29.aspx
technet.microsoft.com. (n.d.). Deploy Active Directory Domain Services (AD DS) in Your
Enterprise. Retrieved from technet.microsoft.com: https://technet.microsoft.com/enus/library/hh472160.aspx
technet.microsoft.com. (n.d.). Group policy . Retrieved from technet.microsoft.com:
https://technet.microsoft.com/en-us/library/cc754948%28v=ws.10%29.aspx
Thomas, O. (2014). Training Guide Administering Windows Server 2012 R2 . Computers
Publications.
Purchase answer to see full
attachment