MCT USE ONLY.

STUDENT USE PROHIBITED

1-2 Installing, upgrading, and migrating servers and workloads

Lesson 1
Introducing Windows Server 2016
Knowing the capabilities of the Windows Server 2016 operating system enables you to use it effectively
and take full advantage of what it can offer your organization. Some of the many improvements to
Windows Server 2016 include increased scalability and performance; improved virtualization; improved
management tools; and additional deployment options. This lesson explores these new features and
capabilities in Windows Server 2016, in particular those in the computer and storage space, along with
the various installation options available.

Lesson Objectives
After completing this lesson, you will be able to:

• Select a suitable Windows Server 2016 edition.

• Describe the hardware requirements for Windows Server 2016.

• Describe installation options for Windows Server 2016.

• Describe the tools available for remotely managing Windows Server 2016.

• Explain how to use Windows PowerShell 5.0 to manage servers.

• Describe the new and improved features of Windows Server 2016.

Selecting a suitable Windows Server 2016 edition

You can choose one of several editions of
Windows Server 2016. These editions allow
organizations to select a version of Windows
Server 2016 that best meets their needs, rather
than pay for features they do not require. When
deploying a server for a specific role, system
administrators can save substantially by selecting
the appropriate edition. The following table
describes the Windows Server 2016 editions.

Edition Description

Windows Server 2016 Windows Server 2016 Essentials edition is designed for small businesses. It
Essentials edition corresponds to Windows Small Business Server from earlier versions of
Windows Server. This edition allows up to 25 users and 50 devices. It
supports two processor cores and up to 64 gigabytes (GB) of random
access memory (RAM). It does not support many of the features of
Windows Server 2016, including virtualization.
 MCT USE ONLY. STUDENT USE PROHIBITED
Installation, Storage, and Compute with Windows Server 2016 1-3

Edition Description

Windows Server 2016 Windows Server 2016 Standard edition is designed for physical server
Standard edition environments with little or no virtualization. It provides many of the roles
and features available for the Windows Server 2016 operating system. This
edition supports up to 64 sockets and up to 4 terabytes (TB) of RAM. It
includes licenses for up to two virtual machines.

Note: You can run two virtual machines on one physical host,
using one standard license, as long as the physical host is only
used for hosting and managing the virtual machines. If the
physical host is used to run other services, such as DNS, you can
only run one virtual machine. For more information about
Windows licensing, speak with a Microsoft licensing specialist.

Windows Server 2016 Windows Server 2016 Datacenter edition is designed for highly virtualized
Datacenter edition infrastructures, including private cloud and hybrid cloud environments. It
provides all of the roles and features available for the Windows Server 2016
operating system. This edition supports up to 64 sockets, up to 640
processor cores, and up to 4 TB of RAM. It includes unlimited Windows
Server-based virtual machine licenses for virtual machines that run on the
same hardware. It also includes new features such as Storage Spaces Direct
and Storage Replica, along with new Shielded Virtual Machines and
features for software-defined datacenter scenarios.

Microsoft Hyper-V Acts as a stand-alone virtualization server for virtual machines, including all
Server 2016 the new features around virtualization in Windows Server 2016. The host
operating system has no licensing cost, but virtual machines must be
licensed separately. This edition supports up to 64 sockets and up to 4 TB
of RAM. It supports domain joining. It does not support Windows
Server 2016 roles other than limited file service features. This edition has no
GUI but does have a UI that displays a menu of configuration tasks.

Windows Storage Acts as an entry-level unified storage appliance. This edition allows 50
Server 2016 users, one processor core, and 32 GB of RAM. It supports domain joining.
Workgroup edition

Windows Storage Supports up to 64 sockets but is licensed on a two-socket, incrementing

Server 2016 Standard basis. This edition supports up to 4 TB of RAM. It includes two virtual
edition machine licenses. It supports domain joining. It supports some roles,
including Domain Name System (DNS) and Dynamic Host Configuration
Protocol (DHCP) server roles, but does not support others, including Active
Directory Domain Services (AD DS), Active Directory Certificate Services
(AD CS), or Active Directory Federation Services (AD FS).
 MCT USE ONLY. STUDENT USE PROHIBITED
1-4 Installing, upgrading, and migrating servers and workloads

Hardware requirements
The hardware requirements needed to support
Windows Server 2016 depend on the services that
the server is hosting, the load on the server, and
how responsive you want the server to be. The
services and features of each role put a unique
load on network, disk I/O, processor, and memory
resources. The following table shows the absolute
minimum required for a Server Core installation
on a physical machine.

Component Requirement

Processor architecture 64-bit

Processor speed 1.4 gigahertz (GHz)

RAM 512 MB

Hard drive space 32 GB

Virtualized deployments of Windows Server 2016 must match the same hardware specifications as those
required for physical deployments. However, during installation you will need to allocate extra memory to
the VM, which you can then deallocate after installation, or you will need to create an installation partition
during the boot process.

Desktop Experience
If you want to install Windows Server 2016 with the Desktop Experience installed, the hard drive space
requirement is approximately 4 GB greater.

Other hardware requirements

In addition to the previously referenced requirements, there are a variety of other hardware requirements
to keep in mind, depending on your specific organizational needs and installation scenarios:

• Greater disk space is required for network installations or for computers with more than 16 GB
of RAM.

• Storage and network adapters must be PCI Express compliant.

• A Trusted Platform Module (TPM) 2.0 chip is required for certain features such as BitLocker Drive
Encryption.
 MCT USE ONLY. STUDENT USE PROHIBITED
Installation, Storage, and Compute with Windows Server 2016 1-5

Overview of installation options

When you install Windows Server 2016, you can
select one of three installation options:

• Windows Server 2016 with Desktop

Experience. This is a full server installation and
includes a complete graphical management
interface. This installation option supports all
Windows Server roles.

• Windows Server 2016. This is the equivalent

of Server Core in earlier versions of Windows
Server and provides for a command-line
management interface. This installation
option has a reduced hardware footprint but
does not support all Windows Server roles.

Note: Installing Server Core is covered in detail in the next lesson.

Managing servers remotely

Performing the interactive management of
Windows Server is not the best practice. With
Server Core, your local management options are
limited. After you have configured the network
and firewall settings of Server Core, you must
perform other management tasks remotely or by
using the Command Prompt window and the
Windows PowerShell command-line interface.
When you install a role or feature, you will receive
a prompt to install the appropriate administrative
tools. The best practice is to manage servers
remotely by using the Remote Server
Administration Tools (RSAT) available for Windows 10. RSAT includes the full set of administrative tools,
including Server Manager, the Active Directory Administrative Center, and management consoles. You can
later choose to disable the tools by using Turn Windows features on or off in Control Panel.

Note: For a full list of all the tools included in RSAT for Windows 10, refer to: “Remote
Server Administration Tolls (RSAT) for Windows Client and Windows Server (dsform2wiki)” at:
http://aka.ms/hz53ry
To download Remote Server Administration Tools, see http://aka.ms/wzpq0j

Server Manager
Server Manager is part of the Windows Server 2016 Desktop Experience, or you can run it from a
Windows 10 workstation when installed as part of RSAT. Server Manager is the primary GUI tool to
manage computers running Windows Server 2016. The Server Manager console can manage both local
and remote servers. You can also manage servers as groups, allowing you to perform the same
administrative tasks quickly across multiple servers. You can also use Server Manager to run the Best
Practices Analyzer to determine if the roles are functioning properly on the servers in your network.
 MCT USE ONLY. STUDENT USE PROHIBITED
1-6 Installing, upgrading, and migrating servers and workloads

Windows PowerShell remoting and PowerShell Direct

You can use Windows PowerShell to run Windows PowerShell commands or scripts against correctly
configured remote servers if the script is hosted on the local server. With Windows PowerShell remoting,
where necessary, you can also load Windows PowerShell modules locally, such as those that are part of
Server Manager, and run the cmdlets available in that module against appropriately configured remote
servers. In Windows Server 2016, you also have the option of using PowerShell Direct to run PowerShell
scripts or cmdlets on virtual machines from a Hyper-V host.

Note: More information about PowerShell Direct is provided in Module 5, “Installing and
configuring Hyper-V and virtual machines.”

Remote Shell
Windows Remote Shell (WinRS) is a command-line tool that allows you to execute remote commands on
a target server that supports Windows Remote Management (WinRM). WinRM is a collection of
standards-based technologies that enables administrators to manage server hardware when signed in
directly or over the network. Server Manager and Windows PowerShell remoting also rely on WinRM in
Windows Server 2016.

Remote desktop
You can connect to a remote server computer that is running the Server Core installation or the full
installation by using Remote Desktop. On Server Core, you must enable Remote Desktop by using
Sconfig.cmd.

Group Policy
You can use Group Policy to manage Server Core and full installations of Windows Server 2016, just like
you can manage any other computer running Windows.

Firewall settings
Microsoft Management Console (MMC) and some other tools used for remote server management rely
on the Distributed Component Object Model (DCOM). Even Server Manager, when managing servers
running Windows Server 2008 without the Windows Management Framework updates installed, depends
on DCOM. DCOM, unlike WinRM, requires Windows Firewall on the computer running the remote
management tools to be configured to allow exceptions to multiple rules. These exceptions include:

• COM+ Network Access (DCOM-In)

• Remote Event Log Management (NP-In)

• Remote Event Log Management (RPC)

• Remote Event Log Management (RPC-EPMAP)

Additional Reading: For more information about configuring firewall settings to support
remote management, refer to the procedure: “To configure MMC or other tool remote
management over DCOM” in the topic “Configure Remote Management in Server Manager” at:
http://aka.ms/eyxjjf
 MCT USE ONLY. STUDENT USE PROHIBITED
Installation, Storage, and Compute with Windows Server 2016 1-7

Using Windows PowerShell 5.0 to manage servers

Windows PowerShell 5.0 is a scripting language
and command-line interface that is designed to
assist you in performing day-to-day administrative
tasks. Windows PowerShell cmdlets execute at a
Windows PowerShell command prompt or
combine into Windows PowerShell scripts. You
can also use Windows PowerShell to manage
servers remotely. A headless server has no
graphical user interface and there is no capability
for local sign-in.

Importing modules
Some Windows PowerShell cmdlets are not
available in the default Windows PowerShell library. When you enable some Windows features or want to
administer particular environments, you must obtain additional Windows PowerShell functions. These
additional functions are packaged in modules.

Windows PowerShell remote management

You can use Windows PowerShell to remotely run cmdlets on other Windows systems. This is called
remoting. Windows PowerShell remoting depends on the WinRM service running on the target systems.
This service can be enabled manually or by running the Enable-PSRemoting cmdlet on the target.

The simplest way to use remoting is one-to-one remoting, which allows you to bring up an interactive
Windows PowerShell session on the remote system. After the connection is established, the Windows
PowerShell prompt displays the name of the remote computer.

PowerShell Direct
Many administrators choose to run some or all of their servers running Windows Server in virtualized
environments. To enable a simpler administration of Windows Server Hyper-V virtual machines,
Windows 10 and Windows Server 2016 both support a new feature called PowerShell Direct.
PowerShell Direct enables you to run a Windows PowerShell cmdlet or script inside a virtual machine from
the host operating system without regard to network and firewall configurations, and regardless of
remote management configuration.

Note: You must still authenticate to the virtual machine by using guest operating system
credentials.

To use PowerShell Direct, from your host, run the following Windows PowerShell cmdlet:

Enter-PSSession -VMName

You can then run the same cmdlets that you normally run in the same way as with any other remote
Windows PowerShell situation.
 MCT USE ONLY. STUDENT USE PROHIBITED
1-8 Installing, upgrading, and migrating servers and workloads

Windows PowerShell Desired State Configuration (DSC)

Windows PowerShell DSC is a set of Windows PowerShell extensions, cmdlets, and resources that support
configuring and managing remote computers in a scalable and standardized manner by pushing or
pulling declarative configurations.

Note: Windows PowerShell DSC is covered in detail in Module 12, “Managing, monitoring,
and maintaining virtual machine installations.”

What’s new since Windows Server 2008 was released?

Windows Server 2016 provides many new features
and a number of significant improvements over
earlier versions of Windows Server. Some of these
features and improvements were first introduced
in Windows Server 2012 or Windows Server 2012
R2, whereas others are new to Windows Server
2016.

New features and improvements

introduced in Windows Server 2012 or
Windows Server 2012 R2
The following features and feature improvements
in Windows Server 2016 were first introduced in
Windows Server 2012 or Windows Server 2012 R2:
• Work Folders. Provides a mechanism for both domain-joined computers and those that are not
domain joined to access and synchronize corporate data files.

• DHCP failover. Enables you to deploy two DHCP servers containing overlapping DHCP scopes. If a
DHCP server goes offline, DHCP client computers can renew their IP configurations from the failover
DHCP server.

• IP Address Management (IPAM). Provides administrative and monitoring capabilities for the IP
address infrastructure within your organization’s networks. With IPAM, you can monitor, audit, and
manage servers running DHCP and DNS.

• Dynamic Access Control. This claims-based authorization platform enables you to control access to
file resources within your organization. This is in addition to any folder or shared folder permissions
already protecting the resource. Dynamic Access Control enables you to apply access control
permissions based on rules that can include the sensitivity of the resources, the job or role of the user,
and the configuration of the device that is used to access these resources.

• Data deduplication. Involves finding and removing duplication within data. By segmenting files into
small, variable-sized pieces; identifying duplicate pieces; and maintaining a single copy of each piece,
data deduplication enables you to store more data in less space.

• Storage Spaces. Enables cost-effective, highly available, scalable, and flexible storage for critical
deployments. Storage Spaces are based on virtual disks that are created from free space in a storage
pool. Storage pools are collections of physical disks that enable you to aggregate disks, expand
capacity in a flexible manner, and delegate administration.

• Storage tiers. Automatically moves frequently accessed data to faster storage and less-frequently
accessed data to slower storage.
 MCT USE ONLY. STUDENT USE PROHIBITED
Installation, Storage, and Compute with Windows Server 2016 1-9

• Better support for domain controller virtualization. Although many organizations have virtualized
domain controllers for several years, potential issues can affect the reliability of this configuration.
A feature known as GenerationID changes whenever the virtual machine experiences an event that
affects its position in time. During startup and normal operations, a virtual domain controller
compares the current value of GenerationID against the expected value. A mismatch is interpreted
as a rollback event, and the domain controller employs safeguards to prevent the virtual domain
controller from creating duplicate security principals.

• The ability to clone virtual domain controllers. Enables you to deploy new virtual domain controllers
by cloning existing ones.

Note: This is not a complete list of all the new or improved features in Windows Server
2012 or Windows Server 2012 R2.

New features and improvements introduced in Windows Server 2016

The following features and feature improvements were introduced in Windows Server 2016:
• Windows Server containers and Hyper-V containers. Containers enable you to isolate your apps from
the operating system environment. This improves security and reliability. Windows containers are
isolated from one another but run on the host operating system. Hyper-V containers are further
isolated, because they run within a virtual machine.

• Docker. Docker is a technology for managing containers. Although Docker is usually associated with
Linux, Windows Server 2016 provides support for Docker for managing Windows containers and
Hyper-V containers. The latest version of Docker, Docker Enterprise Edition for Windows Server 2016,
is freely available for all Windows Server 2016 installations, and it enables easier installation of Docker
on Windows Server 2016.

• Rolling upgrades for Hyper-V and storage clusters. These upgrades enable you to add Windows
Server 2016 nodes to an existing Windows Server 2012 R2 failover cluster. The cluster continues to
operate at a Windows Server 2012 R2 functional level until all the nodes are upgraded.

• The ability to hot add and hot remove virtual memory and network adapters from virtual machines. In
Hyper-V in Windows Server 2016, you can now add or remove virtual memory and network adapters
while the virtual machines are running.
• Nested virtualization. In Hyper-V in Windows Server 2016, you can enable nested virtualization,
enabling you to run Hyper-V virtual machines within a virtual machine.

• Shielded virtual machines. Shielding your virtual machines enables you to help protect the data on
them from unauthorized access.

• PowerShell Direct. This feature enables you to run Windows PowerShell commands against a guest
operating system in a virtual machine without handling security policies, host network settings, or
firewall settings.

• Windows Defender. Windows Defender is provided to help protect your server against malware.
Although the Windows Defender interface is not installed by default, the antimalware patterns are
automatically kept up-to-date.

• Storage Spaces Direct. This feature enables you to build highly available storage with directly
attached disks on each node in a cluster. The Server Message Block 3 (SMB3) protocol provides
resiliency.

• Storage Replica. This feature enables you to synchronously or asynchronously replicate volumes at the
block level.
 MCT USE ONLY. STUDENT USE PROHIBITED
1-10 Installing, upgrading, and migrating servers and workloads

• Microsoft Passport. This service replaces passwords with two-factor authentication that consists of
an enrolled device and a Windows Hello (biometric) or PIN. This helps provide a more secure and
convenient sign-in experience.

• Remote Desktop Services. You can now use an Azure SQL database to create a high availability
environment for Remote Desktop Connection Broker.

• Active Directory Domain Services (AD DS). AD DS improvements include support for privileged access
management (PAM), support for Azure AD Join, along with support for Microsoft Passport.

Note: Windows Server 2016 includes many other improvements to existing features. For a
full list of all the changes in Windows Server 2016, refer to: “What's New in Windows Server 2016”
at: http://aka.ms/S4u2tt

Windows Server Servicing Channels

Windows 10 introduced a method of delivering
new features and functional changes. This method
is known as Windows-as-a-Service. This is a major
change from the past, when new versions of
Windows operating systems released about every
three years. Windows-as-a-Service uses the
servicing model to introduce updates. The
updates were called branches initially, and the
three branches were Current Branch, Current
Branch for Business, and Long-Term Servicing
Branch. Subsequently, Microsoft introduced this
servicing model to Microsoft Office 365 and
System Center 2016 Configuration Manager.

Starting in 2017, Windows Server 2016 also started following a similar servicing model. The update
servicing model nomenclature has changed from branches to channels. Windows Server 2016 has two
channels; the Semi-Annual Channel and the Long-Term Servicing Channel (LTSC). Security and driver
updates or design flaws will not change based on these channels; these updates automatically become
available for all editions. The distribution and methods for each are as follows:

• Semi-Annual Channel. This is acquired with a Software Assurance (SA) agreement with Microsoft. The
Semi-Annual Channel releases about every six months, and you can identify it by using a YYMM
construct. For example, the first Windows Server 2016 Semi-Annual Channel release was version 1709,
for September of 2017. The Semi-Annual Channel for Windows Server 2016 only comes in Server
Core or a Nano Server that is running in a Windows container. This channel offers new or updated
features that are not available on LTSC.

• LTSC. Windows Server 2016, as released in late 2016, is the LTSC. The LTSC does not receive new or
updated features through the update service channel. Basically, LTSC will not add or change within its
own version. New features for the LTSC rolled out about every three years, which is the same as the
rollout of new Windows Server versions in the past. You can install LTSC either as Windows Server
Core or Server with Desktop Experience.
Microsoft expanded the Windows Insider Program to include Windows Insider Program for Business,
which includes preview versions of Windows Server Semi-Annual Channel updates, so that administrators
and IT professionals can preview the Semi-Annual Channel versions before they release. You can enroll
your Microsoft or organizational account into the Windows Insider Program for Business and download
 MCT USE ONLY. STUDENT USE PROHIBITED
Installation, Storage, and Compute with Windows Server 2016 1-11

and install the preview builds. You can also send feedback on the preview builds to Microsoft through the
same program. Note that preview builds can’t upgrade to production builds, because using these requires
an SA agreement with Microsoft.

As part of the change to the channel servicing model, Microsoft used a considerable amount of customer
feedback to change the modes of both the Semi-Annual Channel and LTSC. Support for Nano Server as a
virtual machine or a boot-to-vhd infrastructure server is no longer available. Nano Server only deploys in
a Windows container, and it functions primarily as an application host. Microsoft recommends moving
any Nano Server infrastructure roles over to Windows Server 2016 in the Server Core or Desktop
Experience mode.

Note: This course does not cover the Semi-Annual Channel or Windows Insider Program
versions of Windows Server 2016.

Question: Verify the correctness of the statement by placing a mark in the column to the right.

Statement Answer

Docker is a container that enables you to run an app in an isolated and

portable operating environment.

Question: What new features in Windows Server 2016 do you think will be useful in your
organization?