Deployment and Server Editions
Windows Server 2016 is Microsoft’s operating system (OS) that is used by businesses, IT professionals and users from across the world. Windows Server 2016 is a versatile OS that was developed alongside Windows 10, Azure and System Center to establish a tightly knit ecosystem (Meloski & Svidergl, 2018) . Windows Server 2016 can deliver seamless Microsoft integration and experience by bridging familiar technologies such as virtualization and active directory with modern infrastructure concepts like federated services, containerization, and cloud-based services. Windows Server 2016 can assimilate local on-premise resources with both the public and private cloud infrastructures thus providing greater manageability of various computing environments while keeping it seamless for organizations and users to be productive (Meloski & Svidergl, 2018) .
In the provisioning of Microsoft’s Windows Server 2016 as well as the infrastructure for World Wide Advertising Inc (WAI), a total of 9 servers’ roles will be needed . The following roles will be required . However, some of them can be combined on one powerful server through virtualization to reduce cost and maximize the computing power of the available infrastructure:
Delegate your assignment to our experts and they will do the rest.
Active Directory Domain Services – Data Center
Application - Data Center
Web Servers - Data Center
DNS and DHCP - Data Center
File Services - Data Center
Print Server - Data Center
Windows Deployment Services - Data Center
Windows Server Update Services - Data Center
Mail – Data Center
VOIP – Unix
The data center edition of Windows Server 2016 will be deployed as this edition will allow WAI to run multiple nodes on a single instance of the Windows Server installation. The data center edition comes fully packed with light-weight Hyper-V containers which are more lightweight when compared to traditional virtual machines (VMs) (Meloski & Svidergl, 2018) . Windows Server 2016 Data Center will allow for the creation of a hybrid environment for WAI with the ability to use most of the services on Microsoft’s Azure cloud platform such as storage paces direct, networking and storage services. Several Windows Server instances are going to be virtualized using Hyper-V to make better use of the existing hardware by virtualizing multiple operating systems to run on one physical server simultaneously. Server roles such as Application and Print, WDS, WSUS and File, ADDS, DNS and DHCP will be combined and accessed through Virtua Machines from the New York site (Stanek, 2016) . These roles however on independent physical machines from the Los Angeles Office because of the workloads that they are going to be handling.
The server and network infrastructure will first be commissioned at the Los Angeles office by Staring with the Active Directory, DNS/DHCP, and the exchange server. Other roles such as file , print, application, and web servers are also going to be deployed on the Los Angeles data center before proceeding to the New York office (Stanek, 2016) . The New York office will house a back-up active directory server for replication that will be clustered to the main AD server in Los Angeles. The New York office will only have the exchange and print server as a stand-alone server while other services such as file , print, web, and application will be accessed from Los Angeles through multilayered protocol switching.
Active Directory
To deploy an active directory domain, the top-level domain for WAI (wai.com) which is registered to the company will be used . The domain controller (DC) is going to act as a security boundary for WAI. When creating the forests for both the Los Angeles and New York sites two domain names are going to be used : wai.com and corp.wai.com . There will be no need to set up child domains and having a forest root at the headquarters when setting up the DC. WAI will have a single domain that will span across multiple sites with domain controllers set up at each site (Los Angeles and New York). This is going to be achieved through the use of the Active Directory Sites and Services. To ensure that AD services can replicate properly , the KCC (Knowledge Consistency Checker) service run on all DCs and will automatically establish the connection between individual domain controllers on the same site after every three hours (Stanek, 2016) . The KCC available in AD logically links sites DCs in a ring topology. The ring topology defines the pats that directory updates are to use when travelling from one domain controller to another. It is the responsibility of the KCC to ensure that there is a maximum of two paths of replication between the domain controllers so that if one DC is down, replication can continue on the other (Moskowitz, 2015) .
WAI will need an RODC which will hold only a read-only copy of the active directory database. RODC will be deployed at the branch office which will be located in New York. The reasons why need an RODC at WAI is because:
Physical security is not always guaranteed at the branch offices, and this is why RODCs are preferred instead of writable DCs. If a person with malicious intent gets hold of an RODC , they will not only be able to make any changes to it as it only holds a read-only copy of the active directory databases (Moskowitz, 2015) . However, if they manage to change any record from the database, this will not compromise the integrity of the whole AD database because the changes made from the RODC are not replicated to writable DCs.
An RODC is preferred because there are a lot of untrained staff at branch offices. The RODC is only used for the authentication of users, and there is no need for maintenance requirements which consists of hardware changes, software updates and upgrades, site-link and user credentials changes (Moskowitz, 2015) .
Many at times, branch offices have poor network connectivity with the headquarters (Moskowitz, 2015) . The RODC deployed at the branch office is needed so that users need not authenticate themselves from a writable DC over the Wide Area Network Link (WAN). This reduces the amount of time required for users to log on at branch offices (Moskowitz, 2015) .
By default, account credentials are not cached locally on the RODC as it has to communicate with the writable DC (Francis, 2017) . Account credentials can be cached locally by adding users to an RODC allowed password replication group. Similarly, this happens to privileged accounts by being added to the denied RODC password replication group (Francis, 2017) .
File and Printer Sharing
Based on as need basis and the use, the following share will be needed by WAI:
Antivirus Share - For the storage of antivirus applications
File Share – Storage of WAI documents based on departments
OS Share – Storage of operating systems for easy access and deployments
Microsoft SharePoint – Sharing of files on the company’s intranet and based on the OUs created for different groups.
OneDrive – Microsoft’s cloud storage app that will enable users access files on demand giving then anywhere and anytime access.
FSRM is a Windows Server service role that enables administrators to classify and manage the data that is tired on file servers. FSRM consists features such as file management tasks, quota management, file screening management, file classification infrastructure and storage reports (Dauti, 2017) . There are two types pf quotas that can be configured in Windows Server 2016; soft quotas and hard quotas. When soft quotas are applied, disk space limitations are not enforced and hence a user will be allowed to go over the quota and will not be prevented from adding any additional data. Soft quotas are the best for monitoring usage as well as generating reports (Dauti, 2017) . A hard quota is used when disk space limits are enforced, thus a user will not be allowed to store data beyond what has been allowed in the quota. Hard quotas are mainly used for controlling disk space usage where clients pay for a set of storage.
Storage reports are important as they aid in the identification of the trends in disk usage as well as monitor the attempts unauthorized files for a selected group of users or all users. Storage reports for WAI will be scheduled and generate on demand from the storage reports management MMC (Microsoft Management Console) node on the File Resource manager to schedule a report that will run every Friday at midnight generating a report that will include the most recently accessed files from previous three days (Dauti, 2017) . The report will also be able to identify all of the duplicate files in a file volume on the file server and run a report that analyzes how individual users make use of the shared storage resources. The file screening management console on the file resource manager will be used to create file screens that will be responsible for the control of files that users can be able to save and generate notifications when users try to save unauthorized files.
Distributed File System (DFS) is a role in Windows Server that enables shared folders located on different servers to be grouped into logically structured name spaces. When users view or access the folders, the seem to be residing in a single hard disk drive of a server while they’re located on different servers (Francis, 2017) . A DFS namespace will be implemented at the HQ in Los Angeles. DFSN simplifies the end user’s experience and helps system administrators in the decommissioning/ consolidation of file servers.
References
Dauti, B. (2017). Windows Server 2016 Administration Fundamentals: Deploy, set up, and deliver network services with Windows Server . Birmingham: Packt Publishing
Francis, D. (2017). Mastering Active Directory: Understand the Core Functionalities of Active Directory Services Using Microsoft Server 2016 and PowerShell . Birmingham: Packt Publishing
Moskowitz, J. (2015). Group Policy: Fundamentals, Security, and the Managed Desktop . Berkeley, California: Sybex
Svidergol, B., & Meloski, V. (2018). Mastering Windows Server 2016 . Berkeley, California: Sybex
Stanek, W. (2016). Windows Server 2016: The Administrator's Reference . California: CreateSpace Independent Publishing Platform.
