2640 12299 Itu Notes Windows Server 2012 Installation and Configuration
Uploaded by
Faarah Adam2640 12299 Itu Notes Windows Server 2012 Installation and Configuration
Uploaded by
Faarah AdamCopyright 2013 IT University Online All rights reserved. www.ituniversityonline.
com
Course Outline
Planning, Installing, and Conguring Windows Server 2012
Installing and Conguring an Active Directory Domain Controller
Administering Active Directory Objects
Automating Administrative Tasks
Conguring IPv4
Conguring IPv6
Installing and Conguring DHCP
Installing and Conguring DNS
Conguring Storage Spaces and File and Print Services
Conguring Group Policy
Securing Windows Servers
Installing and Conguring Virtual Servers and Clients
OV 1 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Planning, Installing, and Conguring
Windows Server 2012
Introduction to Windows Server 2012
Describe Windows Server 2012 Management
Plan and Install Windows Server 2012
Congure Windows Server 2012
OV 1 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Networking Environments
Local clients and servers
Cloud services (public, private, or both)
OV 1 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Server 2012 Server Roles
Active Directory Certicate Services (AD CS)
Active Directory Domain Services (AD DS)
Active Directory Federation Services (AD FS)
Active Directory Lightweight Directory Services (AD LDS)
Active Directory Rights Management Services (AD RMS)
Application Server
DHCP Server
DNS Server
Fax Server
File and Storage Services
OV 1 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Server 2012 Server Roles (Cont.)
Hyper-V
Network Policy and Access Services
Print and Document Services
Remote Access
Remote Desktop Services
Volume Activation Services
Web Server (IIS)
Windows Deployment Services (WDS)
Windows Server Update Services (WSUS)
OV 1 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Server 2012 Features
Windows BitLocker Drive Encryption
Failover Clustering
Group Policy Management
Ink and Handwriting Services
Internet Printing Client
Network Load Balancing (NLB)
Remote Assistance
Remote Server Administration Tools
Simple Mail Transfer Protocol (SMTP) Server
Telnet Client, Telnet Server
Windows PowerShell
Windows Server Backup
Windows System Resource Manager (WSRM)
Wireless Local Area Network (LAN) Service
Windows on Windows (WoW) 64 Support
OV 1 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
New Features in Windows Server 2012
Command auto-completion
Enhanced storage
Features on Demand
IP Address Management (IPAM) Server
New cmdlets
Resilient File System (ReFS)
Revised Task Manager
User interface
Windows BranchCache
OV 1 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Comparing Server Roles and Features
Server Roles
Programs that congure a server to perform a specic function for users and/or
computers on the network. Users typically access servers that are hosting server
roles.
Examples: The DHCP Server role leases IP addresses to clients and devices; the DNS
Server role congures the server to nd the IP address for a given FQDN.
Features
Applications that increase the functions the server can perform. In general, users do
not access features.
Examples: You use Windows Server Backup to back up the server, not clients. The
Wireless LAN Service enables you to connect the server to the network wirelessly.
OV 1 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Server 2012 Editions
Windows Server 2012 Datacenter
Designed for large organizations that need highly virtualized private and hybrid cloud network
environments.
Designed for use by large organizations.
Includes all features of Windows Server 2012 and unlimited virtual machine instances.
Windows Server 2012 Standard
Designed for network environments with minimal virtualization needs.
Includes all features of Windows Server 2012 and two virtual machine instances.
Windows Server 2012 Essentials
Designed for use by small businesses with a maximum of 25 users and 50 network devices.
Tailored to the needs of a small organization with no more than 25 users.
Includes a streamlined interface, conguration for connecting to cloud services, and no support for
virtualization.
Windows Server 2012 Foundation
Designed for very small organizations with up to 15 users.
Includes general-purpose server functionality and no support for virtualization.
OV 1 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Server 2012 Licensing
Windows Server 2012 Datacenter
Processor license for each CPU in the server.
Client access license (CAL) for each user or device that connects to the server.
Windows Server 2012 Standard
Processor license.
CAL per user or device.
Windows Server 2012 Essentials
Server license that supports a maximum of two server CPUs.
Maximum of 25 users.
Windows Server 2012 Foundation
Server license that supports only one CPU in the server.
Maximum of 15 users.
OV 1 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Administrative Tools and Tasks
Server Manager
Add and congure server roles.
Examine and congure services.
Monitor events.
Congure server and network settings such as name, domain, and IP addresses.
Evaluate servers and the network (Best Practices Analyzer).
Windows PowerShell
Perform nearly all tasks that can be managed in the GUI.
Bulk administer objects.
Active Directory Users and Computers; Active Directory Administration
Center
Create and manage Active Directory objects.
Group Policy Management
Create and congure group policies.
Performance Monitor
Monitor server and network performance.
OV 1 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Administrative Tools and Tasks (Cont.)
Task Manager
Monitor server and network functionality, and performance.
Resource Monitor
Monitor server resources.
Task Scheduler
Create and schedule administrative tasks to run automatically.
Various MMCs, such as the DNS console
Perform server-role specic tasks.
Remote Desktop
Perform remote management.
WinRM
Perform remote management from a command-line interface.
OV 1 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Introduction to Server Manager
Manage conguration of multiple servers.
Review server event logs.
Install and congure additional roles.
Manage Windows services on each server.
Launch PowerShell for command-line administration.
OV 1 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Server Manager Interface
OV 1 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Multi-Server Management
Shows all servers running a particular service in the domain
Gives quick statistics about each server and service
Can open the management console for each service on each server
Can open other management tools:
RDP
PowerShell
Add Roles and Features
Computer Management
NIC Teaming
Performance Counters
Shut Down
OV 1 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Dashboard Pane
Top section displays a list of steps for conguring a server.
Bottom section displays birds eye view thumbnails of servers.
OV 1 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
All Servers Pane
View a series of sections:
Servers
Events
Services
Best Practices Analyzer
Performance
Roles and Features
OV 1 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The File and Storage Services Pane
When selected, displays a second level of options:
Servers
Volumes
Disks
Storage Pools
Shares
iSCSI
OV 1 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The File and Storage Services Pane (Cont.)
OV 1 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Server 2012 System
Requirements
Hardware Component Minimum Requirement Recommended Hardware
Processor 1.4 GHz 64-bit processor 3.1 GHz or faster
RAM 512 MB 16 GB or more
Disk space 32 GB 128 GB or larger
DVD drive
Super VGA (800x600) or higher resolution monitor
Keyboard and mouse
Internet access
Additional hardware needed:
OV 1 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Server 2012 Installation
Methods
Optical media such as a DVD
USB drive
Network share
Mounted ISO image
Windows Deployment Services (WDS)
System Center Conguration Manager (SCCM)
Virtual Machine Manager templates
OV 1 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Installation Types
Fresh install
Upgrade
Migration
OV 1 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Installation Modes
Server Core
Server with the graphical user interface (GUI)
Server with the Minimal Server Interface
OV 1 - 23
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Upgrade Paths for Windows Server 2012
Current Version of Windows Server Can Upgrade To
Windows Server 2008 Standard with SP2 or Windows
Server 2008 Enterprise with SP2
Windows Server 2012 Standard, Windows Server 2012
Datacenter
Windows Server 2008 Datacenter with SP2 or
Windows Server 2008 R2 Datacenter with SP1
Windows Server 2012 Datacenter
Windows Web Server 2008 or Windows Web Server
2008 R2
Windows Server 2012 Standard
Windows Server 2008 R2 Standard with SP1 or
Windows Server 2008 R2 Enterprise with SP1
Windows Server 2012 Standard, Windows Server 2012
Datacenter
OV 1 - 24
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Migrating to Windows Server 2012
You must migrate the following services from an older server to a Windows
Server 2012 server:
Active Directory Federation Services
Health Registration Authority
Hyper-V
IP Conguration
Network Policy Server
Print and Document Services
Remote Access
Windows Server Update Services
OV 1 - 25
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Installation Planning Worksheet
OV 1 - 26
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
O"ine Images
Create and deploy server image using DISM
Create image le
Create answer le
Modify image le
OV 1 - 27
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Server Core Conguration
Assign a static IP address to the server.
Change the computer name and domain membership.
Implement network adapter teaming.
Enable Remote Desktop.
Activate the server.
OV 1 - 28
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Windows Server GUI Interface
Advantages of the full server with the graphical interface:
Contains all graphical administrative utilities.
Supports local and remote installation, conguration, and removal of server roles.
Provides use of MMC to create additional graphical consoles.
Disadvantages of the full server with the graphical interface:
Is less secure.
Uses more disk space.
Consumes more RAM.
OV 1 - 29
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Full Server with GUI Conguration
Perform the same tasks as with conguring Server Core:
1. Assign a static IP address to the server.
2. Change the computer name and domain membership.
3. Implement network card teaming.
4. Enable Remote Desktop.
5. Activate the server.
OV 1 - 30
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Congure Server with a Static IP Address
Assign a static
IP address,
subnet mask,
and default
gateway
Assign at least
one DNS server
address
OV 1 - 31
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Computer Name/Domain
Changes Dialog Box
OV 1 - 32
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Network Card Teaming
OV 1 - 33
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Enable Remote Desktop
OV 1 - 34
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. In what scenario do you think its best to install Windows Server 2012
Server Core?
2. After conguring a server, why should you consider switching it from the
GUI version of Windows Server 2012 to the Server Core version?
OV 2- 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Installing and Conguring an Active
Directory Domain Controller
Overview of Active Directory
Install an Active Directory Domain Controller
OV 2- 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Active Directory Physical Hierarchy
Fuller.loca
l domain
Rochester
.fuller.loc
al domain
Boston.
fuller.loca
l domain
Each domain contains
domain controllers,
users, computers,
printers, and so on
OV 2- 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Active Directory Logical Hierarchy
Fuller.loca
l domain
Rochester
.fuller.loc
al domain
Boston.
fuller.loca
l domain
OU = Headquarters
OU = Rochester
OU = Boston
OU =
Sales
OU =
Accounting
OU = Admin
OU = Bookstore
Site = Rochester
Site = Boston
OV 2- 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Active Directory Components
Domain controllers
Data store
Global catalog servers
Read-only domain controllers (RODCs)
Domain
Domain tree
Forest
Site
OU
Partition
Schema
OV 2- 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Active Directory Containers
Forest
Tree or domain tree
Domain
Site
Organizational unit
OV 2- 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Domain Controllers
Domain controllers perform these tasks:
Store a copy of the AD DS database in the NTDS.dit le.
Host a copy of the SYSVOL folder.
Authenticate users for log on purposes and also for access to resources.
Synchronize the SYSVOL folder using either File Replication Service (FRS)
or Distributed File Service (DFS) replication.
OV 2- 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Global Catalog Server
Global catalog servers perform these functions in the forest:
Contain a copy of the global catalog, which has references to every object
in the forest.
Enable users and administrators to search for objects such as computers
and printers distributed throughout the forest.
Support cross-domain searches.
OV 2- 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Operations Master Roles
Domain controllers can also host forest-wide or domain-level operations
master roles:
Schema master: Is responsible for updates to the schema.
Domain naming master:
Processes domain name changes.
Adds or removes domains or application directory partitions to or from the forest.
Adds replicas of application directory partitions to other domain controllers.
Adds or removes cross-reference objects to or from external directories.
RID master: Allocates blocks of relative identiers (RIDs) to every domain
controller in the domain.
Infrastructure master: Updates references to objects in its own domain
that point to objects in other domains, and also updates references to its
local objects.
PDC emulator:
Supplies the correct time to the domain.
Stores the most-recent password changes.
Administers Group Policy and Distributed File System (DFS).
OV 2- 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. What are the advantages of using Active Directory Domain Services?
2. Which types of installations do you expect to perform most often in your
working environment?
OV 3 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Administering Active Directory Objects
Design and Create an Active Directory Hierarchy
Manage Users
Manage Computers
Manage Groups
Delegate Administrative Tasks
OV 3 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Types of Active Directory Design
Geographical location
Organizational chart
Functional structure
Hybrid structure
OV 3 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Active Directory Structure:
Geographical Design
Create domains and organizational units based on geographic locations for
your organization.
fuller.local
us.fuller.local eu.fuller.local
paris.eu.fuller.loca
l
london.eu.fuller.loca
l
rochester.us.fuller.loc
al
atlanta.us.fuller.local
Root Level
Domain
Country Domains
City Domains
OV 3 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Active Directory Structure: Organizational
Chart Design
Create domains and organizational units based on the organizations
organizational chart.
fuller.local
marketing.fuller.loc
al
production.fuller.loc
al
paris.production
.fuller.local
rochester.productio
n
.fuller.local
rochester.marketing.
fuller.local
atlanta.marketing.
fuller.local
Root Level
Domain
Departmental
Domains
City Domains
OV 3 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Active Directory Structure: Functional
Design
fuller.local
publishing.fuller.loc
al
administrative.fuller.loc
al
sales.fuller.local accounting.fuller.local
Root Level
Domain
Functional Domains
Create domains and organizational units based on the organizational
chart structure.
OV 3 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Active Directory Structure: Hybrid Design
fuller.local
publishing.fuller.loc
al
admin.fuller.local sales.fuller.local accounting.fuller.local
Root Level
Domain
Functional Domains
Create domains and organizational units based on the organizational
chart structure.
Atlanta
Location Domains
or Organizational
Units
Rochester Rochester Rochester Rochester Boston
Atlanta
Boston
OV 3 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Fuller & Ackerman Wide Area
Network
OV 3 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Active Directory Administrative Tools
Graphical Administrative Tools
Active Directory Users and Computers
Active Directory Sites and Services
Active Directory Domains and Trusts
Active Directory Schema
Remote Server Administration Tools (RSAT)
Active Directory Administrative Center
Windows PowerShell Commands
Add-ADGroupMember
Disable-ADAccount
Get-ADDomain
Move-ADObject
New-ADGroup, New-ADOrganizationalUnit, New-ADUser
Remove-ADGroup, Remove-ADGroupMember, Remove-ADUser
Command-Line Utilities
Dsadd, Dsget, Dsmod
Dsmove, Dsquery, Dsrm
OV 3 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Tools for Creating User Accounts
Active Directory Users and Computers
Active Directory Administrative Center
PowerShell command New-ADUser
Command-line utility Dsadd.exe
OV 3 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
User Proles
User proles contain the information necessary to establish the users
desktop environment:
The Prole Path
Location where desktop settings are stored.
Also referred to as a roaming prole.
Logon Scripts
Batch les that map drive letters to network resources.
Home Folder Location
A folder you create to store the users folders and les.
OV 3 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Default Active Directory Objects
Builtin
Computers
Domain Controllers
ForeignSecurityPrincipals
Managed Service Accounts
Users
OV 3 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
User Account Templates
Reduces workload of creating users.
Has all non-user specic congurations including group memberships.
Best practices:
Create the user account with an underscore at the beginning of the name.
Leave the account disabled.
Never let anyone use the template to log on.
Dont congure template with information that is user-specic.
OV 3 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Computers Container
Default system container in Active Directory.
New computer accounts are created here by default.
Cannot have group policy directly applied to it.
Has a relative distinguished name of CN=Computers.
Redircmp.exe can be used to change the default computer container.
Best practices:
Specify another container as you create the computer account.
Move computer accounts out of this default container into real OUs.
OV 3 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Location Conguration
A best practice is to create OUs specically to hold computer accounts.
It is common to create parent OUs by geography or department.
Child OUs can be for desktops or laptops.
Other child OUs can be for users, administrators, and resources.
Separate computers into OUs to delegate control and apply policy.
OV 3 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Permissions Management
By default, the following have permissions to create computer objects:
Enterprise Admins
Domain Admins
Administrators
Account Operators
You should restrict membership to administrator groups.
Delegate control over an OU by using the Delegate Control wizard.
OV 3 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Secure Channels
Like users, computers log on to the domain.
Ordinarily there is no need to manually reset a computer account.
If for some reason the computer cannot access its own account, you may
have to perform a secure channel reset.
You can reset a computer account using the following tools:
Active Directory Users and Computers
DSmod
netdom
NLTest
PowerShell
OV 3 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Types of Groups
Security
Distribution
OV 3 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Scopes
Local
Domain Local
Global
Universal
OV 3 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Default Management Groups
Schema Admins
Enterprise Admins
Domain Admins
Administrators
Server Operators
Account Operators
Backup Operators
Print Operators
OV 3 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Active Directory Domain Services
Permissions
You can assign permissions to Active Directory objects:
Users
Computers
Groups
It is a best practice to delegate control to an entire OU.
E#ective permissions are cumulative from individual permissions and
group membership.
OV 3 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. Do you foresee using user account templates in your organization?
Why or why not?
2. Do you think you will delegate control to OUs in your organization?
Why or why not?
OV 4 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Automating Administrative Tasks
Introduction to Windows PowerShell
Use Windows PowerShell to Manage Active Directory Objects
Use Command-Line Tools to Administer Active Directory
Use Bulk Operations
OV 4 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Common PowerShell Uses for
Administrators
Add and remove Windows Server roles and features.
Manage services.
List processes.
Create, list, and manage le systems.
View event logs.
Manage the Windows registry.
Manage monitoring tools.
Add, delete, and manage AD DS objects.
OV 4 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows PowerShell Features
Simplied syntax
Updated help
Enhanced module discovery
Session recovery
The show command
Web access
Delegated administration
Safety
OV 4 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
PowerShell Get-Help Command
OV 4 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Update Help
Download the latest help le.
If Update Help cannot contact the Microsoft site, you can cancel and
continue.
OV 4 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Get-Help Service
OV 4 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Common Cmdlet Verbs
Add
Backup
Clear
Close
Disable
Enable
Install
Get
New
Set
Show
Stop
Suspend
Uninstall
Rename
Note: some words such as backup or new are treated as single
verbs in PowerShell.
OV 4 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Common Event Viewer Cmdlets
Get-EventLog
Show-EventLog
Clear-EventLog
Limit-EventLog
OV 4 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Get-EventLog Command
Get-EventLog retrieves log entries.
Must include the name of the event log le.
-Newest <number> gives most recent entries only.
OV 4 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Service Cmdlets
Start-Service
Get-Service
Stop-Service
Suspend-Service
Resume-Service
Set-Service
Restart-Service
OV 4 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Process Cmdlets
Start-Process
Get-Process
Stop-Process
Wait-Process
Debug-Process
OV 4 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
An Advanced PowerShell Cmdlet
Get-Counter Counter \Processor(_Total)\% Processor Time
SampleInterval 10 MaxSamples 100
OV 4 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The -Whatif Parameter
-WhatIf shows what would happen without actually doing it.
OV 4 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The -Conrm Parameter
The -Conrm parameter executes a command with conrmation.
Note: PowerShell will still ask you to conrm if the action will be taken
on more than one object.
OV 4 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
PowerShell ISE
OV 4 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
PowerShell ISE Scripting Pane
The Scripting pane is available on the toolbar.
OV 4 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Execution Policies
Restricted Scripts will not execute.
RemoteSigned Locally created scripts will run; downloaded scripts
must be digitally signed.
AllSigned Scripts signed by a trusted publisher will run.
Unrestricted Any script, signed or unsigned, will run.
Set-ExecutionPolicy Unrestricted
OV 4 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
User Management PowerShell Cmdlets
Get-AdUser
New-ADUser
Set-ADUser
Enable-ADAccount
DisableADAccount
Remove-ADUser
Unlock-ADAccount
Set-ADAccountPassword
Set-ADAccountExpiration
OV 4 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Parameters for User Account
Management
AccountExpirationDate<DateTime>
AccountPassword<securestring>
CannotChangePassword<Boolean>
ChangePasswordatlogon<Boolean>
Department<String>
DisplayName<String>
HomeDirectory<String>
ProlePath
EmailAddress
OV 4 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Display All User Accounts
Get-ADUser lter *
OV 4 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
View User Properties
Get-ADUser Tracy White Properties *
OV 4 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Users Home Folder Set Up in PowerShell
Set-ADUser Tracy White HomeDirectory \\Users\tracywhitehomedir
OV 4 - 23
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Inactive and Disabled Accounts
Right-click an account in Active Directory Users and Computers to enable
or disable it.
PowerShell examples:
Get-ADUser lter department eq Training | Enable-ADAccount
$90Days = (get-date).adddays(-90)
Get-ADUser -lter {(lastlogondate -le $90Days) -and (enabled -eq $true)} | Disable-
ADAccount
OV 4 - 24
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Management Cmdlets
Perform individual operations.
Create scripts to perform bulk operations.
Windows PowerShell Cmdlet Description
Get-ADGroup Displays property values for groups
New-ADGroup Creates new groups
Set-ADGroup Modies group properties
Remove-ADGroup Deletes groups
OV 4 - 25
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Parameters for Group Management
Groups have over 40 properties.
Get-ADGroup identity Users Property * Returns all properties
Parameter Description
Name Denes the group name.
GroupScope Denes the group scope as domain local, global, or universal. You must
include this parameter.
DisplayName Denes the Lightweight Directory Access Protocol (LDAP) display name.
ManagedBy Denes a user or group that can manage the group.
Path Denes the organizational unit (OU) in which the group is created.
SamAccountName Denes a name that is backward compatible with older operating
systems.
OV 4 - 26
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Viewing Group Properties in PowerShell
Get-ADGroup identity Users Returns most common properties
OV 4 - 27
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Verifying Group Creation
New-ADGroup -Name "BusinessAnalysts" -Path
"ou=marketing,dc=Fuller,dc-local" -GroupScope Global -
GroupCategory Security
OV 4 - 28
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Member and Membership Cmdlets
Add-ADGroupMember
Get-ADGroupMember
Remove-ADGroupMember
Add-ADPrincipalGroupMembership
Get-ADPrincipalGroupMembership
Remove-ADPrincipalGroupMembership
Examples:
Get-Adgroupmember -Identity administrators#
Get-Adgroupmember -Identity Enterprise Admins recursive
Add-ADGroupMember BusinessAnalysts -Members "TracyWhite"
OV 4 - 29
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Computer Account Management
Cmdlets
Get-ADComputer
New-ADComputer
Set-ADComputer
Test-ComputerSecureChannel
Reset-ComputerMachinePassword
Remove-ADComputer
Parameters
Name
Path
Enabled
OV 4 - 30
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
OU Management
Cmdlets
Get-ADOrganizationalUnit
New-ADOrganizationalUnit
Set-ADOrganizationalUnit
Remove-ADOrganizationalUnit
Parameters
Name
Path
ProtectedFromAccidentalDeletion
OV 4 - 31
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Viewing OU Information
Get-ADOrganizationalUnit
OV 4 - 32
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Creating an OU
New-ADOrganizationalUnit -Name Philanthropy -Path
"ou=Marketing,dc=Fuller,dc=Local"
OV 4 - 33
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Modifying OU Properties
Set-ADorganizationalunit -Identity "OU=Marketing,
DC=Fuller,DC=Local" -Country "US" StreetAddress
"2111 Main Street" -City Seattle -State WA -PostalCode 30022
OV 4 - 34
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
CSVDE
Export basic syntax:
Csvde f <lename>
Import basic syntax:
Csvde i f <lename>
OV 4 - 35
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
CSV File
Can be .csv or .txt
First line contains attribute names
OV 4 - 36
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
LDIFDE
Syntax like CSVDE
Can be used to modify objects in place:
Use Changetype line
OV 4 - 37
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DS Commands
DSadd
DSget
DSquery
DSmod
DSrm
DSMove
Examples:
DSadd user CN=Sally Green,OU=Sales,DC=fuller,DC=local
DSmod user CN=Sally Green,OU=Sales,DC=fuller,DC=local dept Marketing
OV 4 - 38
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Bulk Operations
Three primary ways to perform bulk operations:
Graphical tools
Command-line tools
Scripts
OV 4 - 39
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Querying Objects
SearchBase Search path in AD hierarchy
SearchScope Depth or at what level search should be performed
ResultSetSize Maximum number of objects returned in a query
ResultPageSize Maximum number of objects for each page returned
Properties Which properties to display
OV 4 - 40
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Global Search
OV 4 - 41
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Object Conguration
Pipe output of Get command to input of Set command
Get-ADUser | Set-ADUser
Example:
Get-ADUser Filter lastlogondate lt September 1, 2012 | Disable-ADAccount
OV 4 - 42
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. In what ways do you think PowerShell can help you to perform daily
administrative tasks in your environment?
2. Do you foresee a need to use bulk operations to manage user accounts in
your environment? Why or why not?
OV 5 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Conguring IPv4
Overview of the TCP/IP Protocol Suite
Describe IPv4 Addressing
Implement Subnetting and Supernetting
Congure and Troubleshoot IPv4
OV 5 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The TCP/IP Protocol Suite
OV 5 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The OSI Model and the TCP/IP Suite
Comparing the OSI and TCP/IP models
OV 5 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv4 Packet
OV 5 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
TCP/IP Applications
Protocol Description
HTTP
HyperText Transfer Protocol. Used for communication between web browsers
and web servers.
HTTPS
HTTP Secure. Uses encryption for communication between web browsers and
web servers.
POP3 Post O"ce Protocol 3. Retrieves email messages from an email server.
SMTP Simple Mail Transfer Protocol. Transfers mail over the Internet.
FTP File Transfer Protocol. Transfers les between FTP servers and clients.
SMB
Server Message Block. Used for le and print sharing between servers and
clients.
DNS Domain Name Service. Converts domain names to IP addresses.
RDP
Remote Desktop Protocol. Allows remote control of a Windows operating
system over a network.
DHCP
Dynamic Host Conguration Protocol. Dynamically assigns IP addresses to
network clients.
OV 5 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
TCP/IP Sockets
A Windows TCP/IP socket consists of three components:
The transport protocol used by the application, either TCP or UDP
The TCP or UDP port number used by the application
The IP address (IPv4 or IPv6) of the source and destination host connection
Well-known port numbers:
Port Transport Protocol Application Service
80 TCP HTTP
443 TCP HTTPS
110 TCP POP3
25 TCP SMTP
20, 21 TCP FTP
445 TCP SMB
53 UDP DNS name lookups
53 TCP DNS zone transfers
OV 5 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv4 Addresses
Allow for network layer data routing of IP datagrams from one IP device
connection (source) to another (destination).
Each networked device must be congured with a unique IP address.
To make IPv4 addresses easier for humans to manage, IPv4
addressformatting expresses binary bit values as dotted decimal
notation.
Each octet converts to a decimal number between 0 and 255.
OV 5 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Subnet Masks
Identies which part of the IPv4 address is the network ID and which part is
the host ID.
In its simplest implementation, the default subnet mask is either 255 or 0.
Octets with a value of 255 identify the network ID part of the address, and a
value of 0 identies the host part of the address.
For the IP address 192.168.1.100 and the subnet mask 255.255.255.0, the
network ID is 192.168.1.0 and the host connection ID is 0.0.0.100.
OV 5 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Default Gateway
Usually a router, provides a default route used by TCP/IP hosts to
forward packets to hosts on remote networks.
On a local subnet, you congure the local hosts with the IP address of the
router, which is the default gateway, to enable local hosts to
communicate with hosts on another network.
Congure the default gateway:
In the GUI in the properties of the network adapter
Command line
netsh interface ipv4 set address
PowerShell
For new IP address: new-netipaddress
Changing an IP address: set-netipaddress
OV 5 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Public and Private IP Addresses
Public IP address:
Public IPv4 addresses, managed by IANA, must be unique
Distributed by IANA
ISP distributes to businesses and individuals
Used to traverse the Internet
Private IP address:
Reserved by IANA
Can be used internally by businesses and individuals
Does not route to the Internet
Must be NATed to allow businesses or users to connect to the Internet
Private IPv4 address ranges established by IANA:
10.0.0.0/8 10.0.0.0 - 10.255.255.255
172.16.0.0/12 172.16.0.0 - 172.31.255.255
192.168.0.0/16 192.168.0.0 - 192.168.255.255
OV 5 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Binary Values and Dotted Decimal
Notation
OV 5 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Subnetting
Provides a means to divide your network into smaller, discrete networks
that better serve theneeds of your organization.
Enables you to divide the 32 bits of an IPv4 address to createthe number
of subnets you need as well as the number of host addresses you need
for that subnet.
OV 5 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Benets of Subnetting
Segment a large network to increase administrative e#ciency.
Reduce network congestion by limiting host broadcasts to smaller
network segments.
Increase security by isolating some hosts to a specic segment or
limiting internetwork communication using rewall access controls.
Enable proactive capacity planning based on projected growth of an
organization.
OV 5 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Subnet Address Determination
Determine how many subnets you need.
Use that to determine how many bits to move the subnet mask.
Number of
Bits (n)
Number of Subnets
(2n)
1 2
2 4
3 8
4 16
5 32
6 64
7 128
OV 5 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Subnet Address Determination (Cont.)
Binary Bits for Network
Number
Decimal Value of Network
Number
172.16.00000000.00000000 172.16.0.0
172.16.00100000.00000000 172.16.32.0
172.16.01000000.00000000 172.16.64.0
172.16.01100000.00000000 172.16.96.0
172.16.10000000.00000000 172.16.128.0
172.16.10100000.00000000 172.16.160.0
172.16.11000000.00000000 172.16.192.0
172.16.11100000.00000000 172.16.224.0
OV 5 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Host Address Determination
To determine the host bits in a subnet mask, you need to know the
number of hosts you will support on a subnet.
You use the standard formula of 2n-2, in which n represents the number
of bits when calculating host bits.
In classful addressing two host IDs are reserved, which is why you
subtract two from the initial calculation.
Number of
Bits (n)
Number of Hosts
(2n-2)
2 2
3 6
4 14
5 30
6 62
7 126
8 254
OV 5 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Host Address Range Determination
Network Host Address Range
172.16.0.0/19 172.16.0.1-172.16.31.254
172.16.32.0/19 172.16.31.1-172.16.63.254
172.16.64.0/19 172.16.64.1 - 172.16.64.254
172.16.96.0/19 172.16.96.1 - 172.16.96.254
172.16.128.0/19 172.16.128.1 - 172.16.128.254
172.16.160.0/19 172.16.160.1 - 172.16.160.254
172.16.192.0/19 172.16.192.1 - 172.16.223.254
172.16.224.0/19 172.16.224.1 -172.16.255.254
OV 5 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Supernetting
Supernetting performs the opposite operation of subnetting.
Combine multiple small contiguous networks into a single large network.
Supernetting, also known as classless interdomain routing (CIDR), allows
you to create a logical network for the number of hosts you require.
OV 5 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Supernetting (Cont.)
Combine the following networks:
Network Network Range
192.168.14.0 192.168.14.1 - 192.168.14.255
192.168.15.0 192.168.15.0 - 192.168.15.255
192.168.16.0 192.168.16.0 - 192.168.16.255
192.168.17.0 192.168.17.0 - 192.168.17.254
Here is the resulting supernet:
Network Supernet Mask Network Range
192.168.14.0/21 255.255.252.0 192.168.14.1 - 192.168.17.254
OV 5 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv4 Manual Conguration
Servers need static IPv4 congurations to enable clients to connect to
them consistently.
You can maintain current and accurate documentation of the IPv4
addresses used for various services on your network.
Congure them using TCP/IP properties, netsh, or PowerShell.
OV 5 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv4 Automatic Conguration
Dynamic Host Conguration Protocol (DHCP) server enables you to
congure TCP/IP addresses and other conguration options dynamically
for large numbers of hosts on a network.
DHCP servers are congured with a scope or range of IPv4 addresses.
Clients send out a broadcast request to a DHCP server to obtain an IPv4
address automatically.
DHCP servers also may be congured with additional conguration
settings a client may require.
Windows Server 2012 and Windows clients use automatic private IP
addressing (APIPA), which is a reserved address range of 169.254.0.0 to
169.254.255.255.
OV 5 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv4 Troubleshooting Tools
IPcong
Ping
Tracert
Pathping
Route
Telnet
Netstat
Resource Monitor
Network Diagnostics
Event Viewer
OV 5 - 23
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
TCP/IP Troubleshooting Process
Identify the communication problem
Does it a#ect only one or all hosts?
If one host, it is likely a conguration problem on the host.
If all hosts, it is likely a server conguration problem.
Remote connectivity could be server conguration, network conguration, or
network device failure.
For a local problem
Verify that the local hosts TCP/IP information is congured properly.
Ping the loopback address: 127.0.0.1.
Ping the local hosts router.
Ping a remote host check rewall policies, router conguration.
OV 5 - 24
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Best Practices for Implementing IPv4
Plan the subnet schema carefully and factor in future growth.
Congure servers with static IPv4 conguration settings, and document
services running on specicservers as well as IPv4 settings.
Deploy DHCP servers for dynamic addressing for clients.
If designing the IPv4 address space for a new network, map out the
address ranges and subnets based on specic purposes and locations.
OV 5 - 25
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. What benets do you see in using private IP addresses for your
corporate network?
2. Do you expect to use subnetting or supernetting at your workplace?
OV 6 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Conguring IPv6
Overview of IPv6
Implement IPv6 Addressing
Implement IPv6 and IPv4
Transition from IPv4 to IPv6
OV 6 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv6 Overview
Solves the problem of shrinking IP address pools
Solves many administrative ine"ciencies cause by manual conguration
OV 6 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv6 Benets
Extended address space
Hierarchical addressing and router e"ciency
Stateless and stateful address auto-conguration
Eliminates broadcasts
Integrated security (IPSec)
Integrated QoS
Eliminates need for NAT
OV 6 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Comparing IPv4 and IPv6
Characteristic IPv4 IPv6
Addresses 32 bit 128 bit
IPSec support Optional Required
QoS Header does not include packet ow info for
QoS
Header includes ow label eld for QoS
Checksum Included Not included
Packet
fragmentation
Both sending and receiving host fragment Sending host determines packet size
IGMP IGMP used to manage multicast membership Multicast Listener Discovery (MLD)
determines multicast group membership
Router discovery Optional ICMPv6 Router Solicitation and Router
Advertisement messages
Broadcasting Broadcast addresses used to send tra"c to all
hosts on a subnet
Broadcasting replaced by multicasting
ARP Resolves IP address to MAC address Multicast neighbor solicitation
Conguration Manual or DHCP Auto-conguration
Resource records Host (A) IPv6 Host (AAAA)
OV 6 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv6 Address Space
IPv4 address bit order, expressed as decimal and binary:
IPv6 uses 128-bit addresses 4 times the length of IPv4.
Separated into eight 16-bit blocks:
OV 6 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv6 Address Space (Cont.)
Converting from binary to hexadecimal for IPv6:
1. Take the rst 16-bit block and break it into four groups of four bits as
shown:
0010 0000 0000 0001
2. Convert each bit in a group from right to left, with 0 converting to 0, and
1 converting to its position value:
2001
3. Separate each converted block with a colon:
2001:0DB8:0000:2F3B:02AA:00FF:FE28:9C5A
OV 6 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Hexadecimal Numbering System
Base 16 numbering system
0 through 9, A through F
Binary Decimal Hexadecimal
0001 1 1
0010 2 2
0011 3 3
0100 4 4
0101 5 5
0110 6 6
0111 7 7
1000 8 8
1001 9 9
1010 10 A
1011 11 B
1100 12 C
1101 13 D
1110 14 E
1111 15 F
OV 6 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Zero Compression
Allows reduction of notation
Adjacent zeros are compressed
One or more blocks of zeros can be written as ::
Only one set of :: in an address
Single block of zeros can also be written as 0
Example:
2001:0DB8:0000:0000:02AA:00FF:FE28:9C5A
After dropping lead 0s and using zero compression:
2001:DB8::2AA:FF:FE28:9C5A
OV 6 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv6 Prexes
Network part of address
Can be aggregated for route summarization
Category Prex Hex Value Prex Binary Value
Reserved - 0000 0000
Global unicast address 2 or 3 001
Link-local unicast addresses FE8 1111 1110 1000
Unique local unicast
addresses
FD 1111 1100
Multicast addresses FF 1111 1111
OV 6 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Unicast Addresses
Global unicast address
Public, routable, from an ISP
Link-local unicast addresses
Automatically generated
Non-routable
Similar in function to IPv4 APIPA addresses
Unique local unicast addresses
Routable within an organization
Not routable on the Internet
Similar in function to IPv4 private addresses
OV 6 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Zone ID
Relative to sending host
Identies the interface that is transmitting
Syntax is address%zone_ID
OV 6 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv6 Address Auto-conguration
Automatic for IPv6-enabled hosts
Stateless
Host auto-assigns link-local address
Checks to see if link-local address is a duplicate
Collects all valid prexes advertised by adjacent routers
Creates a global IPv6 address within each advertised /64 IPv6 prex
Uses either EUI-64 format or pseudo-random host ID as specied by RFC
Stateful
Obtained from DHCPv6
Combination of stateless and stateful
OV 6 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Node Types
IPv4 only
IPv6 only
IPv6/IPv4 Uses both IPv4 and IPv6
IPv4 Uses IPv4; can be congured for IPv6
IPv6 Uses IPv6; can be congured for IPv4
OV 6 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
IPv6 over IPv4
Used in Windows 2008 and Windows 2012
Also called 6over4
A transition mechanism
Does translations from IPv4 to IPv6
Uses multicast; both nodes and routers
OV 6 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Dual-Layer Architecture
Microsoft has dual IP layer
Not dual IP stack
Both IPv4 and IPv6 share same information in same TCP/IP stack
Single shared implementation of TCP and UDP
OV 6 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Requirements
Required for both IPv4 and IPv6
IPv4 Host record (A)
IPv6 Host record (AAAA)
PTR
OV 6 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Tunneling
ISATAP
The 6to4 protocol
Teredo
OV 6 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
ISATAP
Transmits packets on top of IPv4
Treats IPv4 infrastructure as a non-broadcast multi-access network
IPv6 address auto-conguration
Queries DNS for address of ISATAP router
ISATAP router encapsulates IPv6 into IPv4 packets
Not NAT friendly
OV 6 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The 6to4 Protocol
Unicast connectivity between IPv6 across IPv4
IPv6 encapsulated in IPv4
Address format2002:WWXX:YYZZ:Subnet_ID:Interface_ID
Not NAT friendly
OV 6 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Teredo
A NAT traversal technology
Full IPv6 connectivity to IPv6 hosts that are on an IPv4 network
Encapsulates IPv6 in IPv4 UDP messages
Clients are assigned an IPv6 address that starts with (2001:0::/32)
Teredo server initially congures Teredo tunnel
Teredo relay remote end de-encapsulates Teredo tunnel
OV 6 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
PortProxy
Transition mechanism
Application gateway
Proxies TCP tra"c between IPv4 and IPv6 nodes
Connection can be forwarded using the same or another protocol to the
specied port number
Allows you to run IPv4 only services (like terminal services) over IPv6
The following nodes can access each other:
An IPv4-only node can access an IPv4 node.
An IPv4 node can access an IPv6 node.
An IPv6 node can access an IPv6 node.
An IPv6 node can access an IPv4 node.
OV 6 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Migration Considerations
Application support
Current routing infrastructure
DNS infrastructure needs
Supporting nodes
Preparation and baselines
Monitoring steps
OV 6 - 23
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. Which benets of IPv6 would be most important to your network? Which
ones are not important to your network?
2. Would you run IPv4 and IPv6 concurrently? If so, which technology seems
like a good choice for your network?
OV 7 - 1
Installing and Conguring DHCP
Install the DHCP Server Role
Congure DHCP Scopes
Manage a DHCP Database
Secure and Monitor a DHCP Server
OV 7 - 2
Benets of Automatic TCP/IP
Conguration
Automatic IP addressing and other TCP/IP conguration settings
The assurance of client congurations
Flexible leasing durations
Multiple conguration options
Optional integration with other technologies such as DNS and Network
Policy Server
Active Directory Domain Services (AD DS) authorization on AD DS
domains
Automatic database backup
Auditing and event monitoring
OV 7 - 3
PXE Boot Clients
Client boots from the network.
Some clients do not yet have an operating system.
DHCP starts the process of obtaining an operating system by providing
an IP address lease.
Computers could be thin clients with no hard drive, or bare-metal boxes.
OV 7 - 4
DHCP Lease Process
The DHCP client broadcasts a DHCP discover packet.
A DHCP server responds with a DHCP o"er packet or a DHCP relay agent
forwards the packet to a DHCP server.
The client receives the DHCP o"er packet from the DHCP server(s).
The client accepts the DHCP o"er packet from the rst DHCP server.
The DHCP server assigns the client address, stores the client IP
information in its database, and issues the client a DHCP ACK
(acknowledgement) message.
If the client does not get a response from a DHCP server:
The client >= Windows 2000, it congures automatic private IP addressing (APIPA) in
the 169.254.0.0./16 range.
The client is not a Windows client or <= Windows 2000, it will continue to broadcast
the DHCP discover packet until it receives a DHCP o"er packet from a DHCP server.
OV 7 - 5
DHCP Relay Agents
Allows DHCP services to extend across multi-segmented IP networks.
Routers block broadcasts, but RFC 1542compliant routers can be
congured as BOOTP/DHCP relay agents to listen for DHCP requests and
relay them to DHCP servers on di"erent subnets.
You can congure a DHCP relay agent in Windows Server 2012 in Routing
and Remote Access. Add the Remote Access role to any server that is not
a DHCP server.
You cannot use the relay agent on a server that is running Network
Address Translation (NAT) with automatic addressing enabled, or with
Internet Connection Sharing (ICS).
OV 7 - 6
DHCP Server Authorization
For security, the DHCP Server service is integrated with Active Directory
to require authorization for DHCP servers.
A DHCP server congured on a domain controller or that is a member of
an AD DS domain queries Active Directory for a list of authorized servers
identied by IP address.
If the server's IP address is not on the list, the DHCP server stops its startup
sequence and shuts down.
A server that is congured with Windows Server 2012 and hosts a DHCP
server, but that is not joined to the Active Directory domain can still be
authorized.
The DHCP server on the standalone machine queries the Active Directory root
domain for the list of authorized servers, and if it is authorized, it starts the DHCP
service.
OV 7 - 7
DHCP Scopes
IPv4 scope properties:
The scope name
The IP addresses available for lease
The subnet mask
The lease duration
Exclusions, which are addresses not o"ered for lease
Reservations, which predene the relationship between an IP address and a
machine's media access control (MAC) address
Ensures that a DHCP client always receives the same address for which it is reserved
Options, which may be congured to provide information to specic clients
IPv6 scope properties:
The scope name and description
The IPv6 prex
Exclusions, which are addresses not o"ered for lease
Preferred lifetime, which is the lease duration
Options, which may be congured to provide information to specic clients
OV 7 - 8
DHCP Reservations
Predenes relationship between an IP address lease and the devices MAC
address
Ensures the device will always receive the same IP address from DHCP
OV 7 - 9
DHCP Options
Server level options apply to all scopes dened on a DHCP server.
Scope level options apply to all clients that receive a lease from a specic
scope.
Class level options apply only to those clients identied as a specic user
or vendor class.
Reservation level options apply to one reserved DHCP client.
Option Code Name
1 Subnet Mask
3 Router
6 DNS Server
15 DNS Name
31 Router Discovery
33 Static Route
44 WINS Server
46 WINS/NetBIOS Node Type
47 NetBIOS Scope ID
OV 7 - 10
Policy Address Assignment
Windows Server 2012 includes a new policy-based IP address assignment
feature for DHCP server.
This feature, which is integrated with Network Policy Server, enables you
to group DHCP clients and dene them based on a set of attribute criteria
to customize IP address leasing and conguration settings to that group.
You can use the address assignment policies to di"erentiate between
client types.
Address assignment policies are set at the server level and scope level.
OV 7 - 11
The DHCP Database
OV 7 - 12
DHCP Database Backup
Two methods:
Automatic backup runs at 60-minutes intervals (synchronous)
Manually performed by a network administrator (asynchronous)
Both methods back up the entire database:
All scopes
Leases
Reservations
Options at all levels: server, scope, reservation, and class
Registry keys and other pertinent conguration settings such as audit log
settings and folder locations that have been set in DHCP server
properties:
Settings are stored in the following registry subkey: HKEY_LOCAL_MACHINE\System
\CurrentControlSet\Services\DHCPServer\Parameters
OV 7 - 13
DHCP Database Restoration
Restore a DHCP backup using the DHCP management console.
If no backup exists, youll have to rebuild the scope, delete any client
leases, and force all clients to reboot.
OV 7 - 14
DHCP Database Reconciliation
Reconciling the database can x scope inconsistencies such as an
incorrect conguration for a DHCP client IP address that is stored in
scope information.
The DHCP Server service stores summary and detailed IP address
information in the DHCP database.
When the server reconciles scopes it compares the summary and detailed
entries to nd inconsistencies.
After reconciliation of any scope inconsistencies, the DHCP server either
restores the IP addresses to the original lease owners, or creates a
temporary reservation for those addresses.
Reconcile DHCP on a per-scope basis by right-clicking the scope and
selecting Reconcile.
OV 7 - 15
Move a DHCP Database
Back up the DHCP database and restore it on the other server.
Use the netsh dhcp command to export and import the settings:
netsh dhcp server export <le_name>.txt all
netsh dhcp server import <file_name>.txt all
OV 7 - 16
DHCP Security Concerns
An unauthorized (rogue) DHCP server could give clients improper leases.
Unauthorized clients could obtain a DHCP lease from a server and access
the network.
A DHCP server could run out of available addresses, e"ectively halting
service availability.
OV 7 - 17
DHCP Activity and Audit Logs
Enable DHCP logging for suspicious activities.
Analyze logs regularly.
Server logging requires Administrator permissions or membership in the
DHCP Administrators group.
View logs in %systemroot%\System32\dhcp.
Logs have the name DhcpSrvLog-<day-of-week>.log.
OV 7 - 18
Audit Log Fields
Audit Log
Field
Description
ID DHCP server event ID
Date Date of log entry on the DHCP server
Time Time of log entry on the DHCP server
Description Description of the DHCP server event
IP Address IP address of the DHCP client
Host Name Host name of the DHCP client
MAC Address MAC address of client's network adapter
OV 7 - 19
Common Event Codes
DHCP server audit logs are located by default in the %systemroot
\System32\dhcp folder.
Event ID Description
00 The log started.
01 The log stopped.
02 The log was temporarily stopped due to low disk space.
10 A new IP address was leased to a client.
11 A lease was renewed by a client.
12 A lease was released by a client.
13 An IP address was found in use on the network.
14
A lease request could not be satised because the address pool of
the scope was exhausted.
15 A lease was denied.
20 A Bootstrap Protocol (BOOTP) address was leased to a client.
OV 7 - 20
Network Access Protection and DHCP
Network Access Protection (NAP) is an infrastructure that requires clients
to prove system health before they are permitted to connect to the
network.
DHCP can be congured to be a NAP enforcement point on a per-scope
basis, refusing to grant an IP lease to a non-compliant client.
Congure DHCP for NAP enforcement in the scope properties.
OV 7 - 21
Client Conguration Settings for NAP
Setting Whats Important
NAP Agent Service This service must be running in order for a client to be NAP-
capable.
IP Address Conguration The client must be congured to obtain an IPv4 address
automatically.
DHCP Enforcement Client This is enabled through policy settings, either group policy or the
local policy settings. If both settings are congured, group policy
settings take precedence.
System Health Agents No conguration is necessary to use Windows System Health
Validators (SHVs).
OV 7 - 22
Unauthorized Servers
An unauthorized server is considered to be a rogue server that must be
located on the network and either be disconnected from the network or
have the DHCP service disabled.
Ensure the DHCP server is authorized and check its IP address against the
list of valid IP addresses.
If the IP address used by server is not on the list, decommission the
server on the network.
OV 7 - 23
DHCP Administration Delegation
Restrict membership of the DHCP Administrators group as much as
possible.
Any DHCP administrator can manage the DHCP Server service.
Those who require only read access should be assigned membership in
the DHCP Users group.
OV 7 - 24
Reective Questions
1. In your environment, do you envision needing more than one DHCP
scope?
2. In your environment, do you envision yourself using DHCP as a NAP
enforcement point? Why or why not?
OV 8 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Installing and Conguring DNS
Overview of DNS
Install and Congure the DNS Server Role
OV 8 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Introduction to Name Resolution
Converts alphanumeric computer names to IP addresses.
Clients rely on the Domain Name System (DNS) to locate computers and
services on the network.
DNS forms a logical tree structure hosted by and distributed across
physical servers.
On an internal network, DNS integrates with Active Directory.
Active Directory mirrors the hierarchical DNS logical structure called the
DNS namespace.
OV 8 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Computer Names
The term "computer names" is a catchall used to talk about the name you
assign to a computer.
A NetBIOS name is a 16-character (byte) name that identies NetBIOS
resources on the network:
The rst 15 characters of the name identify the computer name, such as
wkstnsales1.
The sixteenth character identies the resourcesuch as an applicationthat is
written to work with NetBIOS.
NetBIOS names form a at namespace in which every name must be di"erent.
The host name is the rst label of a fully qualied domain name (FQDN),
which is a DNS name that uniquely identies a computer in the DNS
namespace
A valid FQDN must adhere to specic rules:
Use up to 255 characters.
Use any combination of letters A-Z, a-z.
Use any numbers from 0 to 9.
Use hyphens (-) and periods.
Use dots (.) to identify domain levels in an FQDN.
OV 8 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
What Is DNS?
DNS is a hierarchical distributed naming system for computers, services,
or any resources connected to the Internet or a private network. DNS
forms a logical tree structure hosted by and distributed across physical
servers.
DNS translates domain names to IP addresses.
OV 8 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Domain Name Levels
Logical structure:
Name Description
Root level The top of the namespace hierarchy, represented on the Internet by a dot (.).
Top level
Represents a type of domain name. The Internet uses .com, .gov, .edu, .org, .biz, as
well as extensions for other organizational entities and countries.
Second level
Represents domain names for organizations (for example, microsoft.com,
logicaloperations.com).
Subdomain
Represents additional names appended to the second-level domain name to identify
an organization's departments or geographic locations.
Host
Represents a leaf in the DNS name tree and refers to a specic computer on an
organization's network.
OV 8 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Zones
A DNS zone is a specic, contiguous portion of the DNS namespace. A
DNS database can be partitioned into multiple zones.
The zone on a DNS server contains resource records, which contain
information about all of the network host names that end with the zone's
root domain name.
A DNS zone is responsible for responding to queries for resource records
in a specic domain.
OV 8 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Forward Lookup Zones
OV 8 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
New Zone Wizard
OV 8 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reverse Lookup Zones
OV 8 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Creating a Reverse Lookup Zone
OV 8 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Resource Records
Resource Record
Type
Description
Start of Authority
(SOA)
Indicates the DNS server that either created the record or that currently is the
authoritative server for the zone.
Host (A)
Contains the name of the host and its IP address. Used to resolve a host name
to an IP address. The most common resource record found in a forward lookup
zone.
Name Server (NS) Identies the name servers listed in the DNS database for a specic zone.
Service (SRV) Species which resources perform a service.
Mail Exchanger (MX)
Species the resources available for Simple Mail Transport Protocol (SMTP).
Allows for mail exchange.
Pointer (PTR) Used in reverse lookup operations to map an IP address to a host name.
Canonical (CNAME)
Species an alias name. These records allow you to use more than one name
to point to a single host.
AAAA Maps an IPv4 IP address into a 128-bit address.
OV 8 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Name Resolution Process
1. A network client sends a query to its local DNS server for the IP address
of a web server.
2. The local DNS server checks its zone records and then its local cache to
see if it has the record.
3. If the local DNS server does not have the record, it checks to see if it is
congured to use a forwarder (another DNS server).
4. If it is congured to use a forwarder, it forwards the client query to the
forwarder.
5. If it is not congured to use a forwarder, it checks to see if it has root
hints (a list of root DNS servers).
6. If it has root hints, it begins an iterative search of the DNS tree, starting
at the root, working its way down the tree, until if nds the desired
record.
7. Upon nding the record, the DNS server returns the record to the client,
caching a copy for future use.
OV 8 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Components
DNS server
A server service that resolves names to IP addresses.
It responds to resolver queries, providing the record if it has it, or fetching the record
from other DNS servers if it does not.
DNS resolver
A DNS client that needs to resolve a name to an IP address, and so queries a DNS
server for the information.
A DNS server can also be a resolver, querying other DNS servers on behalf of the
client.
OV 8 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Zone Types
Primary zone
Secondary zone
Stub zone
Active Directoryintegrated zone
OV 8 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Primary Zones
A primary zone on a DNS server contains a writeable (master) copy of
all zone data.
OV 8 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Secondary Zone
A secondary zone is a read-only copy of the DNS zone.
It replicates on a regular interval with either the primary or another
secondary DNS server.
OV 8 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Stub Zone
A stub zone is a tiny, non-authoritative representation of a zone.
It contains records of authoritative nameservers, and refers clients to
those nameservers.
The stub zone replicates with the authoritative zone, receiving updates
the nameserver records, but no host records.
OV 8 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Active DirectoryIntegrated Zone
A zone hosted on Active Directory domain controllers.
Each copy of an Active Directory-Integrated zone is writeable (multi-
master).
Active DirectoryIntegrated zones can be congured for Secure Dynamic
Updates, requiring hosts to authenticate before they can register their
records in DNS.
The zone replicates as part of Active Directory replication.
The zone is stored in the Active Directory database, protecting it from
unauthorized access or tampering.
OV 8 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Dynamic Updates
DNS clients can register and update their resource records with a DNS
server whenever changes occur.
The Dynamic Host Conguration Protocol (DHCP) client service performs
registration updates for clients with a leased IP address from a DHCP
server and for clients with static IP congurations.
Clients register when certain events occur:
When a client's IP address is added, congured, or changed.
When the client starts and the DHCP client service starts.
OV 8 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Queries
DNS queries are lookup requests for specied DNS resource records
An authoritative response means that the DNS server returns an answer it
knows to be correct because the DNS server has a copy of the zone
A non-authoritative response means that the DNS server must query
other DNS servers and cache the response
DNS servers use forwarders, conditional forwarders and root hints to nd
records that they do not already have
Recursive queries usually are performed by resolvers that need a name
resolved fully in the response.
Iterative queries require the DNS server either to return the best answer
available based on its zone and cache information or to respond with a
referral, which is a pointer to a DNS server that may have the correct data.
OV 8 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Root Hints
Root hints is a le that contains the names and IP addresses of the DNS
root servers.
If you choose to simulate the Internet in a lab, you should designate one
DNS server to be the root, and then on all the other DNS servers remove
all the root hints and add your own.
On the designated root, create only a single standard primary zone with
the name "."
Any DNS server congured to be a root will automatically have its Root
Hints tab disabled.
The safest way to modify the original root hints le, cache.dns, is in the
DNS server Properties on the Root Hints tab.
OV 8 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Forwarding
If a resolver sends a query that a DNS server cannot resolve locally, the
DNS server can send the query to a DNS server congured as a forwarder.
A DNS server congured to use a conditional forwarder forwards DNS
queries according to the query's DNS domain name.
OV 8 - 23
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
DNS Caching
When a DNS server resolves a DNS name query successfully, it caches the
name and IP information for future use.
OV 8 - 24
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The DNS Server Role
Windows Server 2012 does not install the DNS Server role as part of the
operating system's initial conguration setup.
It is a simple procedure to install the DNS service via the Server Manager
console using the Add Roles and Features Wizard.
You can add the DNS Server role when you install AD DS and promote the
server to a domain controller, or you can install the DNS Server role using
the following PowerShell command:
Install-WindowsFeature DNS
OV 8 - 25
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. In your environment, do you foresee the need to use stub zones? Why or
why not?
2. In your environment, will you congure your DNS server to use a
forwarder? Why or why not?
OV 9 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Conguring Storage Spaces and File and
Print Services
Design and Implement Storage Spaces
Secure Files and Folders
Congure O"ine Files and Shadow Copies
Implement Network Printing
OV 9 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Disk Types
IDE
EIDE
SATA
SCSI
SAS
SSD
OV 9 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Network Storage Devices
Direct attached storage (DAS)
Network attached storage (NAS)
Storage area networks (SANs)
OV 9 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
RAID Types
RAID 0: Striping
RAID 1: Mirroring
RAID 3 and 4: Striping with dedicated parity
RAID 5: Striping with distributed parity
RAID 6: Striping with dual parity
RAID 0+1: Striping and mirroring disk sets
RAID 1+0 (or RAID 10): Mirroring and striping
OV 9 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Partition Table Formats
Master Boot Record (MBR) partition tables
GUID partition table (GPT)
OV 9 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Basic and Dynamic Disks
Basic disks support traditional partitions:
Up to four primary partitions
One extended partition with logical drives
Dynamic disks can host volumes that span or are striped across multiple
disks:
Simple volume
Spanned volume
Striped volume (RAID 0)
Mirrored volume (RAID 1)
Striped volume with parity (RAID 5)
OV 9 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Required Volumes for Server 2012
System volume contains the Windows operating system
Boot volume stores les necessary to begin the boot process
OV 9 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Partition Types
Primary
Extended
Active
Logical
OV 9 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
File Systems
FAT
FAT32
NTFS
ReFS
OV 9 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
What Is ReFS?
Resilient File System
New for Windows Server 2012
Advantages include:
Metadata integrity with checksums
Integrity streams with user data integrity
Allocation on write transactional model
Large volume, le, and directory sizes (2
78
bytes with 16-KB cluster size)
Storage pooling and virtualization
Data striping for performance and redundancy
Disk scrubbing for protection against latent disk errors
Resiliency to corruptions with recovery
Shared storage pools across machines
OV 9 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Mount Points
A physical location in the directory structure on which you graftor
mountthe root directory of another volume.
A mount point is an empty folder that is used as a link to another volume.
It has its own le system, permissions, and quotas.
Mount points are useful when:
Youre running out of disk space and you would like to add space without modifying
the folder structure or the disk structure, so you congure a folder to point to
another hard disk.
You are running out of available letters to assign partitions or volumes, so instead
you use a directory name.
You need to separate disk I/O within a folder structure. Perhaps you have an
application that needs to be within a particular directory structure but requires an
intensive amount of disk I/O.
OV 9 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Links
Another name for a le or directory
Similar to, but not exactly the same as, a shortcut
Can be understood by applications that do not understand shortcuts
Can be created using the mklink command
OV 9 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Volume Size Management
Extend or shrink NTFS volumes
Extend, but not shrink, ReFS volumes
Can modify the volume using these tools:
Disk Manager
Diskpart.exe
Resize-Partition cmdlet
OV 9 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Storage Management and Advanced
Options
Virtualize storage using Storage Spaces.
Select any type of available physical disks and add them to a storage
pool.
Create virtual disks from storage pools.
Storage can be allocated dynamically.
OV 9 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Storage Spaces
OV 9 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
NTFS Permissions
For les:
Read
Write
Read & execute
Modify
Full control
Special permissions
For folders:
Read
Write
Read & execute
Modify
Full control
List folder content
Special permissions
OV 9 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Permissions Inheritance
NTFS permissions ow down from parent to child.
To block inheritance, select This folder only on the parent.
Top level permissions are set at the volume level.
If Allow or Deny check boxes are shaded, the permissions have been
inherited.
OV 9 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
E#ective Permissions
Permissions are cumulative:
Adds all permissions from all of a
users group memberships
Deny overrides all.
OV 9 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Shared Folders
Allows users and groups to have access to a folder and its contents, or to
an entire drive.
SMB or NFS.
Share a folder or an entire drive.
Has an access control list.
Share permissions are generally broader and more permissive.
NTFS permissions rene and narrow the share permissions.
OV 9 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Access-Based Enumeration
First available as a downloadable package for Windows Server 2003
Now included with Windows Server 2012
Displays only the les and folders that a user has permissions to access
Only active when viewing les in a shared folder, not on the local le
system
OV 9 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Conguring Access-Based Enumeration
OV 9 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
O"ine Files
Enables users to access network les even when a network connection is
not available, or is slow or inconsistent
Creates a local copy of the network le
O"ine Mode is activated when:
Always O"ine Mode is enabled.
The server is unavailable.
The network connection is slower than a congurable threshold.
The user selects the Work O"ine button in Windows Explorer.
OV 9 - 23
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Shadow Copies
Provides a copy of a shared folder or le at a specic point in time
Can have multiple shadow copies of the same folder or le
Enables users to:
Recover accidentally deleted les.
Recover accidentally overwritten les.
Compare versions of a le to view the changes that have been made.
OV 9 - 24
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Easy Print
Proxy for every print job
Redirects all printing-related jobs back to the users local machine
No need to install any print drivers on the RDP server
Converts legacy GDI print jobs to XPS
Can be congured in client printer properties
Can also be congured using Group Policy
OV 9 - 25
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Network Printing
Local print device physically attached to a computer
Network print device set up for remote access over the network
OV 9 - 26
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Printer Pooling
Combines multiple physical printers into a single logical unit
Increases availability and scalability
Requires that all printers use the same driver
Requires that all printers are in the same location
Works best when all printers are like models and have like congurations
OV 9 - 27
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Branch O$ce Direct Printing
Enables clients to print directly to network printers shared on a
centralized print server
Print job is sent directly to branch o$ce printer
Requires Windows Server 2012 and Windows 8
OV 9 - 28
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. Do you expect to use shadow copies in your work environment?
Why or why not?
2. How will Windows Server 2012 printing options help your network?
What is more useful to you: Branch O$ce Direct Printing or printer
pooling?
OV 10 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Conguring Group Policy
Create Group Policy Objects
Group Policy Processing
Implement a Central Store
OV 10 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
What Is Group Policy?
Conguration settings that enable you to modify registry settings on
computers in an Active Directory domain.
Settings are combined into Group Policy Objects (GPOs).
Applied to users, groups, and computers by linking the GPO to an OU.
OV 10 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Policy Management Console
OV 10 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Policy Management Editor
OV 10 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Policy Management from
Active Directory Management
OV 10 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Policy Storage
Group Policy templates
Group Policy containers
OV 10 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Creating a New GPO
OV 10 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
GPO Scope
OV 10 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Congure GPO Settings
OV 10 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Registry Key Permissions
OV 10 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
GPO Context Menu
OV 10 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
GPO Linking
A GPO must be linked to an Active Directory container to take e"ect.
You can use the GPMC or PowerShell to link GPOs.
Child containers and objects inherit Group Policy settings from the parent
container.
OV 10 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Detecting GPO Status
OV 10 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Policy Preferences
Extensions that expand congurable settings
Are not enforced
Can be used to create and manage items on the targeted computer
OV 10 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Default Domain Controllers Policy
OV 10 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Starter GPOs
OV 10 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
GPO Delegation
OV 10 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
GPO Processing
GPO settings are applied to a computer at startup.
GPO settings are applied to a user at logon.
Most GPO settings are refreshed in the background:
Every 90 minutes on clients
Every 5 minutes on domain controllers
Policies are applied in order:
Local Policy
Site
Domain
OU
Child OU
Conicting settings are overwritten as policies are processed.
OV 10 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Policy Filtering
GPO requires two permissions to apply:
Allow Read
Allow Apply Group Policy
You can set permission to Deny Apply to exempt a user, group, or
computer from receiving the permissions.
OV 10 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Policy Modeling Wizard
OV 10 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Group Policy Modeling Wizard Report
OV 10 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
The Central Store
A single location to keep GPO templates
Simplies GPO management for administrators who edit from their own
workstations
OV 10 - 23
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Central Store Creation
Physically copy the PolicyDenitions folder and all its contents from C:
\Windows\PolicyDenitions on a client.
Copy the templates to C:\Windows\SYSVOL\sysvol\<domain_name>
\Policies on the domain controller.
The central store will be automatically detected and used by clients.
OV 10 - 24
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Administrative Templates
Composed of ADMX and ADML les.
Contain the registry settings to be modied by Group Policy.
Each new version of a Microsoft operating system introduced its own
administrative templates.
OV 10 - 25
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Managed and Unmanaged Policy Settings
Managed policy settings:
Controlled by Group Policy service
Removed if out of scope
Have a locked UI
Shown by default in the GPME
Unmanaged policy settings:
Not controlled by Group Policy service
Not removed if out of scope
Do not have a locked UI
Hidden by default in the GPME
OV 10 - 26
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. How do you think using GPOs for rewall settings would
improve security in your network?
2. Will creating and ltering GPOs to rene who they are applied
to help you as a network administrator? Why?
OV 11 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Securing Windows Servers
Analyze Security
Congure Windows Server User Security
Congure Windows Server Software Security
Congure Windows Firewall
OV 11 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Security Risks
Condentiality an unauthorized person might access data.
Integrity unauthorized changes might be made to the data.
Availability data might not be available when needed.
OV 11 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Security Measures
Individual rewalls
Access control lists
Backup and restore procedures in place
Physical security
Training
OV 11 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Best Practices
Apply patches in a timely manner.
Use the principle of least privileges.
Restrict console logon.
Restrict physical access.
OV 11 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
User Rights
Determine the actions a user can perform within the operating system.
Use secpol.msc to set user rights locally.
Use Group Policy to set user rights in a domain.
Common user rights:
Add workstation to domain
Allow log on locally
Allow log on through Remote Desktop Services
Back up les and directories
Change the system time
Force shutdown from a remote system
Shut down the system
OV 11 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Security Tools
secpol.msc
secedit.exe
GPMC
Security Templates
Security Conguration and Analysis
Security Conguration Wizard (SCW)
Security Compliance Manager (SCM)
OV 11 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
UAC
UAC prompts the user for administrator credentials.
By default, both standard users and administrators run applications as a
standard user.
There is no UAC prompt if you are logged in as the built-in administrator.
OV 11 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
User Account Control Settings
OV 11 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Account Policies
Password policy
Account lockout policy
Kerberos policy
OV 11 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Local Security Policy
OV 11 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Restricted Groups
Manages group membership automatically.
You dene who should and should not be a member of the group.
If someone else changes the membership, it gets changed back on policy
refresh.
OV 11 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Security Templates
Three default security templates in Windows Server 2012:
Detbase.inf
Detsvc.inf
Detdc.inf
You can create a blank template and congure:
Account policies
Local policies
Event Log
Restricted Groups
System Services
Registry
File System
OV 11 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Security Template Distribution
secedit.exe
Security Template snap-in
Security Conguration Wizard
Group Policy
Security Compliance Manager
OV 11 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Auditing
Log security-related events.
View events in the Security log of Event Viewer.
OV 11 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Dynamic Access Control
Automatically or manually classify les.
Tag data in le servers across the organization.
Control access to les by deploying Central Access Policies.
Apply Rights Management Services (RMS) to automatically encrypt
sensitive Microsoft O"ce documents.
OV 11 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Software Restriction Policies
OV 11 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Software Restriction Policy Conguration
OV 11 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
AppLocker
Applies Application Control Policies
New capabilities to control how users can access and use executables
AppLocker rules are dened based on:
Publisher name
Product name
File name
File version
OV 11 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Dening AppLocker Settings
OV 11 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
AppLocker Enforcement
OV 11 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Firewall with Advanced Security
Stateful, host-based rewall that allows or blocks network tra"c
Provides enhancements to the original Windows Firewall:
Separate inbound and outbound rules that the administrator can congure
Integrated rewall ltering and IPSec protection settings
Network locationaware proles
The ability to import and export policies
Can be congured using a number of tools:
Windows Firewall with Advanced Security console in Server Manager Tools
Windows Firewall with Advanced Security MMC snap-in
secpol.msc
Group Policy
netsh advrewall command
PowerShell *-NetFirewall* cmdlets
OV 11 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Windows Firewall with Advanced
Security Console
OV 11 - 23
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Inbound and Outbound Rules
OV 11 - 24
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
New Connection Security Rule Wizard
OV 11 - 25
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Firewall Proles
Domain
Public
Private
OV 11 - 26
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. In what ways do you think User Account Control enhances security?
2. Will AppLocker benet your network's security, and if so, how?
OV 12 - 1
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Installing and Conguring Virtual
Servers and Clients
Identify Virtualization Solutions
Implement Hyper-V
Congure Hyper-V
Manage Virtual Networking
OV 12 - 2
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Hyper-V Benets
Invisible to users
Di"erent operating systems for guest machines
More e#cient use of hardware
Simplied server deployment
Virtual machine templates
OV 12 - 3
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
MED-V and Compatibility Mode
OV 12 - 4
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
VDI
Runs desktop in a server-based virtual machine
Makes it easy to deploy new desktops, complete with software
O"ers the following benets:
Includes a scenario deployment tool that you can use to automate the conguration
and deployment of virtual machines and sessions
Standardizes and helps you automate common VDI maintenance tasks such as
updates and patching
Provides simplied single sign-on that reduces the number of password prompts
for each user
Creates a historic view of resources assigned to users, along with the ability to
change or edit properties of published resources
Includes Windows PowerShell scripts that you can use to automate deployment and
conguration tasks
OV 12 - 5
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
VDI and Remote Desktop
OV 12 - 6
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Presentation Virtualization
Allows you to keep data in a central location, not on the PCs
Many technologies available:
Remote Desktop Services
Full Desktop with RDC
Application using RemoteApp
Remote Access through Remote Desktop Gateway
Terminal Services
OV 12 - 7
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Application Virtualization
Very similar to desktop virtualization.
Only a single application is virtualized.
O"ers the following benets:
Application isolation
Application portability
Application versions on one computer
OV 12 - 8
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Hyper-V Overview
Hardware virtualization role in Windows Server 2012.
Can run on full GUI or Server Core.
Guest virtual machines run as child partitions on the host.
Requires x64 platform that supports virtualization.
Provides the following virtual hardware:
BIOS
RAM
Processor
IDE Controller 0
IDE Controller 1
SCSI Controller
Network Adapter
COM 1
COM 2
Diskette drive
OV 12 - 9
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Dynamic Memory
Hyper-V allows memory needed by VMs to be allocated and de-allocated
dynamically.
Smart Paging uses disk space when there isnt enough physical RAM for a
guest VM restart.
OV 12 - 10
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Start and Stop Actions
You can congure the following Hyper-V start actions:
Do nothing.
Automatically start if it was running when the VM service stopped.
Always start the VM.
You can congure the following Hyper-V stop actions:
Save the state of the VM.
Turn o" the VM.
Shut down the virtual operating system.
OV 12 - 11
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Integration of VMs and Hosts
Install integration services in the guest OS.
Installed already in Windows Server 2012 and Windows 8.
The following can be integrated:
Operating system shutdown
Time synchronization
Date exchange
Heartbeat
Backup (volume snapshot)
OV 12 - 12
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Hyper-V Memory Management
OV 12 - 13
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Virtual Hard Disks
New VHDX format
Can still use VHDs
Can convert VHDs to VHDX
OV 12 - 14
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Di"erencing Disks
Stores changes only from original disk.
Saves space.
Base disk (aka master or parent) provides a read-only, sysprepped OS.
Have a di"erencing disk for every di"erent VM on top of the base.
Changes to the parent will change all the children.
OV 12 - 15
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
VM Snapshots
Point-in-time copy of a virtual machine
Used to roll a VM back to a previous state
Can be exported from one VM and imported to another VM
OV 12 - 16
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Pass-Through Disks
Physical disk the guest VM can directly access
Can be directly attached or a SAN LUN
Must be placed in an o$ine state from the host servers perspective
Cannot be dynamically expanded
Cannot have snapshots
Cannot use di"erencing disks
OV 12 - 17
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Resource Metering
Monitor Hyper-V resources.
Create cost-e"ective, usage-based billing solutions.
You can monitor:
Average GPU use
Memory use (average, minimum, and maximum)
Maximum disk space allocation
Incoming network tra#c for a network adapter
Outgoing network tra#c for a network adapter
OV 12 - 18
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Network Virtualization
Isolate VMs that share the same host.
Each VM has two addresses:
Customer IP address assigned to the VM by customer
Provider IP address assigned to VM by provider for management
Virtualization can be congured as:
Virtual switches, connecting di"erent VM adapters to the switches
VLANs to extend segmentation to hardware switches that support VLANs
OV 12 - 19
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Types of Virtual Switches
External shares a physical network adapter
Internal communicate between the VMs and the host
Private communicate between the VMs, but not with the host
OV 12 - 20
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
MAC Addresses
Uniquely identify the network card
Must not be duplicated
Are automatically generated
Can easily be changed manually on a VM interface
OV 12 - 21
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Virtual Network Adapters
Network adapter:
Formerly known as a synthetic network adapter
Specically designed for VMs to signicantly reduce CPU overhead during network
I/O
Uses shared memory on the VM bus for more e#cient data transfer
Has signicantly better performance than the legacy adapter
Legacy adapter:
Formerly known as an emulated network adapter
Simulates a hardware network interface card
May be required to boot VM from network
OV 12 - 22
Copyright 2013 IT University Online All rights reserved. www.ituniversityonline.com
Reective Questions
1. Consider how MED-V would improve your networks security
and administrative e#ciency. Would your end users benet
from virtual desktops they could access from anywhere within
the network?
2. Consider your network needs.Is a cloud solution like Azure
best for your network? If so, how would you implement the
cloud? What things would you want to virtualize in the cloud?
You might also like
- Cisco CCNA Routing and Switching Training Notes PDF73% (11)Cisco CCNA Routing and Switching Training Notes PDF97 pages
- 6th Central Pay Commission Salary Calculator100% (436)6th Central Pay Commission Salary Calculator15 pages
- COEN 3423: Computer System AdministrationNo ratings yetCOEN 3423: Computer System Administration55 pages
- Microsoft Official Course: Deploying and Managing Windows Server 2012100% (1)Microsoft Official Course: Deploying and Managing Windows Server 201238 pages
- Technical Overview: Vinod Unny Enterprise Infotech Microsoft RD - MVPNo ratings yetTechnical Overview: Vinod Unny Enterprise Infotech Microsoft RD - MVP47 pages
- Lecture Notes Unit 4 Network AdministrationNo ratings yetLecture Notes Unit 4 Network Administration44 pages
- Microsoft Official Course: Deploying and Managing Windows Server 2012No ratings yetMicrosoft Official Course: Deploying and Managing Windows Server 201254 pages
- Exam Prep: Microsoft Technology Associate 98-366: Windows Server Administration FundamentalsNo ratings yetExam Prep: Microsoft Technology Associate 98-366: Windows Server Administration Fundamentals43 pages
- Windows Server 2012 - Deploying and ManagingNo ratings yetWindows Server 2012 - Deploying and Managing38 pages
- Lecture - 1 - Introducing Windows Server 2012 R2No ratings yetLecture - 1 - Introducing Windows Server 2012 R263 pages
- 6419A: Configuring, Managing and Maintaining Windows Server 2008 ServersNo ratings yet6419A: Configuring, Managing and Maintaining Windows Server 2008 Servers36 pages
- ITP4406 - Lab01 (Install Windows Server 2012R2) v4No ratings yetITP4406 - Lab01 (Install Windows Server 2012R2) v412 pages
- 2640 12299 Itu Notes Windows Server 2012 Installation and ConfigurationNo ratings yet2640 12299 Itu Notes Windows Server 2012 Installation and Configuration306 pages
- Microsoft Official Course: Deploying and Managing Windows Server 2012No ratings yetMicrosoft Official Course: Deploying and Managing Windows Server 201230 pages
- Enterprise Network Setup With VPN and Other SERVER Services: Submitted By:-Navdeep Kaur 1507106No ratings yetEnterprise Network Setup With VPN and Other SERVER Services: Submitted By:-Navdeep Kaur 150710615 pages
- System and Network Administration Lab ManualNo ratings yetSystem and Network Administration Lab Manual97 pages
- Newws501 - Installation, Configuration and Management of Window ServerNo ratings yetNewws501 - Installation, Configuration and Management of Window Server166 pages
- Microsoft Official Course: Deploying and Managing Windows Server 2012100% (1)Microsoft Official Course: Deploying and Managing Windows Server 201244 pages
- Understanding Windows Server Administration - Level 100 - DocumentNo ratings yetUnderstanding Windows Server Administration - Level 100 - Document137 pages
- Chapter Six - Introducing Windows ServerNo ratings yetChapter Six - Introducing Windows Server71 pages
