Author: rlevchenko

TOTD: Lync Server 2013, Skype4B and AlwaysON Availability Groups

Does Lync Server 2013 support AlwaysON AG?

Officially, Lync Server 2010/2013 doesn’t support AlwaysOn AG as BackEnd. *whispered* But it works.

Your options: use Failover Clustering/Mirroring (not supported in LS 2010)

Note: Mirroring is now officially deprecated

Is Microsoft going to add AlwaysOn as supported BackEnd for Lync Server?

At the Lync Conference, Las Vegas, February 2014 , Microsoft announced that support for AlwaysOn Availability Groups would be forthcoming in a future update (Q3, 2014). As I know, Microsoft changed these plans and moved AG support to Skype For Business. It’s very hard to say will ever be released update for Lync Server 2013. I predict , it won’t. MS has changed focus and will focus on Skype4B.

Are there any requirements/limitations in Skype4B + AlwaysON?

Skype for business supports SQL Server 2008 R2 SP2/ 2012 SP1 and 2014 . If you want to implement AlwaysON you have to use 2012 SP1 or 2014 Enterprise Editions and keep in mind that Skype4B:

  • supports having replicas only in the same subnet
  • supports only the synchronous-commit mode
  • supports the Automatic Failover mode
  • don’t support for read access on the secondary replicas
  • don’t support for having an off-site replicas in Azure

TOTD: Non-administrators access in Hyper-V, AzMan, FAQ

What is AzMan and why should I know about it?

AzMan (azman.msc) is the Windows Authorization Manager. AzMan was the preferred method to provide granular access to the Hyper-V functions to non-administrators .

Unfortunately, it was deprecated in Windows Server 2012 and it doesn’t work in Windows Server 2012 R2.

How to use AzMan?

Enter to Hyper-V host, win+r and type AzMan.msc  -> open configuration store (C:\ProgramData\Microsoft\Windows\Hyper-V\InitialStore.xml)

Then create new scope (optionally), role and tasks definition and then assign user to this role. That’s it.

Untitled

Err..What about Server 2012 R2?

You may notice AzMan.msc and InitialStore.xml are still existed in 2012 R2. But…it doesn’t really work. In Server 2012 R2 Hyper-V uses simple authorization. It’s just a group “Hyper-V Administrators”.

2

So , if you want to provide Full Access  to Hyper-V you simply add users/groups to this built-in group. There is no RBAC (Role-Based Access Control).100% RBAC is available only in VMM.