WINDOWS SERVER ADMINISTRATION

ITE 3205

PREREQ

JUNIOR STANDING

UNDERSTANG WHAT A SERVER DOES?

A server is a computer that is meant to be a dedicated

service provider, and a client is a computer that requests

services.

A network that is made up of dedicated servers and clients

is known as a client/server network.

A server-based network is the best network for sharing

resources and data, while providing centralized network

security for those resources and data.

WHAT IS SERVICES?

YOUR OS

When you access a web page over the Internet,

access your email, access a data file on another

computer, or access a printer that is connected to the

network, you are requesting services.

SERVER OS

-They can also request services from other computers.

-For example, they can access a web server locally or over

the Internet, access a software repository, or print to a

network printer.

DETERMINING HARDWARE AND SOFTWARE

Look at the role the computer needs to fill and the load the computer will be placed under.

Disaster recovery is a MUST!

Plan your server growth(3 to 5 years)

SERVER ROLES

A server role is a primary duty that a server performs

Server could have multiple roles.

• File services

• Print services

• Web services
• Remote access

• Application servers

• Email server

• Database server

• Monitoring servers

• Threat management servers

SERVER ROLES

A server role is a primary duty that a server performs

Server could have multiple roles.

• File services-centrally locate files to be accessed by multiple people(server message

block.

• Print services-hare an expensive heavy-duty, or fast, printer that supports advanced options

• Web services- users can access web pages using their browsers. (IIS,HTTP,HTTPS)

• Remote access- supports multiple inbound requests in connecting to the server or network.(VPN)

• Application servers -provides an integrated environment for deploying and running server-based

business application
• Email server -stores and manages electronic messages (email) among users.

• Database server

• Monitoring servers

• Threat management servers

Selecting Server Hardware

The server is designed to provide network services.

Server is usually much more powerful than most client PCs.

Choose hardware that is less prone to failure than a normal client PC and that has some redundancy

built in.

Create a plan so you know how to deal with these problems when they occur.

Selecting Server Hardware

These are the primary subsystems that make up a server:

• Processor

• Memory

• Storage
• Network

NOTE: If any of these fails, the entire system can fail.

Selecting Server Hardware

UNDERSTANDING THE PROCESSOR(multi-core)

They use other technologies to keep the processor working at peak efficiency, like using an

assembly line approach or trying to anticipate what needs to be done first so that the

pipelines are always clear for new tasks.

Selecting Server Hardware

UNDERSTANDING THE PROCESSOR(multi-core)

Having additional cores doesn’t always mean a linear

increase in performance.

Example:

Having two cores doesn’t always mean that you get double

the performance. In these cases,performance is limited by

how well the software is optimized to use both cores.

Selecting Server Hardware

UNDERSTANDING THE PROCESSOR(multo-core)

With more data in memory, a 64-bit processor can work

faster because it can access larger amounts of RAM

instead of swapping data back and forth with the much

slower disks.

Microsoft’s Hyper-V, which is Microsoft’s virtualization software, you need to have

processors and basic input/output systems (BIOS) that support virtualization technology.

Others that must be consider

RAM

STORAGE

NETWORK

CONNECTIONS

THE MOTHERBOARD

POWER SUPPLIES AND

CASES

PORTS

COMPARING SERVERS AND WORKSTATIONS

COMPARING PHYSICAL SERVERS AND VIRTUAL

SERVERS
bare-metal server,’ is a single-tenant computer

server, meaning that a specific physical server is

designated to a single user.

“multi-tenant” environment, meaning that

multiple VMs run on the same physical hardware.

LOCATING THE SERVER

Check the size of the rack

Selecting the Software

Selecting the Software

Selecting the Software

INTRODUCING SERVER ROLES IN WINDOWS

SERVER 2008 R2

INTRODUCING SERVER ROLES IN WINDOWS

SERVER 2008 R2

INTRODUCING SERVER ROLES IN WINDOWS

SERVER 2008 R2

COMPARING FULL VERSION AND SERVER CORE

Server Core installation provides a minimal

environment with no Windows Explorer shell for

running specific server roles and no Start button.

COMPARING FULL VERSION AND SERVER CORE

A Server Core machine can be configured for the following roles:

• Active Directory Lightweight Directory Services (ADLDS)

• DHCP Server

• DNS Server

• Domain controller/Active Directory Domain Services

• File Services (including DFSR and NFS)

• IIS 7 web server (but does not include ASPNET, .Net Framework, IIS

Management

Console, IIS Legacy Snap-In, and IIS FTP Management)

• Print Services

• Streaming Media Services

• Terminal Services including Easy Print, TS Remote Programs, and

TS Gateway
• Windows Server Virtualization

COMPARING FULL VERSION AND SERVER CORE

A Server Core machine can be configured for the following features:

• Backup

• Bitlocker Drive Encryption

• Failover Clustering

• Multipath IO

• Network Load Balancing

• Removable Storage

• Simple Network Management Protocol (SNMP)

• Subsystem for UNIX-based applications

• Telnet client

• Windows Internet Name Service (WINS)

WINDOWS SERVER ADMINISTRATION

ITE 3205

PREREQ

JUNIOR STANDING

Installing Windows Server 2008 R2

SYSTEM REQUIREMENTS

Performing Clean Installations

-it is installing the software from scratch on a

new drive or on a newly

reformatted drive.

Many people find that doing a clean install of

an operating system is the best way to go

because you are starting fresh.

Disadvantage

-the system and all of its software needs

to be reinstalled, patched, and configured and

data copied over, something that may take

hours or even days.

Note: click the load driver disk for SCSI and Raid

Performing an Upgrade

You can upgrade (using an upgrade installation) from the previous versions of Windows to Windows

Server 2008 R2

Note: you cannot perform an in-place upgrade from 32-bit to 64-bit architecture since all editions of

Windows Server 2008 R2 are 64-bit only.

Performing an Upgrade

GUIDELINES

•Verify that the current server will support Windows

Server 2008 R2. In addition, make sure you have the

appropriate drivers before installation.

• Update your antivirus program, run it, and then disable

it. After you install Windows, remember to re-enable the

antivirus program, or install new antivirus software that

works with Windows Server 2008 R2.

• Back up your files. You can back up files to an external

hard disk, a DVD or CD, or a network folder.

•Connect to the Internet. These updates include

security updates and hardware driver updates that can

help with installation.

Disk Cloning and System Preparation Tool

Cloning

It include the same parameters, including the same computer name and security identifier

(SID).

run the system preparation tool (Sysprep), which removes the security identifiers and all other

user-specific or computer-specific information from the computer before you run the disk

cloning software to make the cloned disk image.

c:\Windows\System32\sysprep or thec:\Windows\SysWOW64\sysprep

The /generalize prepares the Windows installation to be imaged.

Performing an Unattended Installation

an installation that requires little interaction to install.

To perform an unattended installation of Windows, you would use an answer file. An

answer file is an XML file that stores the answers for a series of graphical user interface

(GUI) dialog boxes.

The /generalize prepares the Windows installation to be imaged.

Using Windows Deployment Services(WDS)

a technology from Microsoft for network-based installation of Windows operating system

including Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008.

Windows Imaging Format (WIM)

-file-based imaging format that Windows Server uses for rapid installation on a new

computer.

Understanding Windows Licensing

The typical restriction limits you to use only one copy of the software per license and prohibits

you from distributing or copying the license in any way (except for backup purposes).

Licenses for enterprise-class server software (such as Microsoft Exchange or Microsoft SQL)

could also require a Client Access License (CAL) for each user that is to access the server

software.

Understanding Windows Activation

-is an anti-piracy technology designed to verify that software products are legitimately licensed.

-reduce software piracy through casual copying and hard drive cloning.

Understanding Windows Updates

-includes fixes, patches, service packs, and device drivers, and apply them to the Windows system.

-for stablity and security.

Understanding Windows Updates

-includes fixes, patches, service packs, and device drivers, and apply them to the Windows system.

-for stablity and security.

For small environments, you can configure your system to perform Auto Updates to ensure

that critical, security and compatibility updates are made available for installation automati_x0002_cally

without significantly affecting your regular use of the Internet.

Understanding Windows Updates

-If Windows update fails to get updates, you should check your proxy settings in Internet Explorer to

determine whether it can get through your proxy server (if any) or firewall.

Managing Windows Server 2008 R2

ITE 3205

PREREQ

JUNIOR STANDING

Managing Windows Server 2008 R2

Initial Configuration Tasks that

automatically launch when you

first log on to Windows.

activate Windows

set the time zone

configure networks

provide computer name and

domain

update Windows

add roles and features

enable remote desktop

configure the Windows Firewall

Using Control Panel

It is the main graphical utility to configure the

Windows environment and hardware devices.

Understanding User Account Control

Prevent unauthorized changes to your computer.

Designed to make sure that unauthorized changes are not made, especially by malicious software that

you may not know you are running.

Task w/out admin permission

Install updates from Windows Update

Install drivers from Windows Update or those that

are included with the operating system.

View Windows settings.

Pair Bluetooth devices with the computer

Reset the network adapter and perform other

network diagnostic and repair tasks

Understanding User Account Control

Changing Computer Name and Domain Settings

Every computer must have a unique computer name assigned to a network.

If two computers have the same name, one or both of the computers will have trouble communicating
on

the network.

A workgroup is usually associated

with a peer-to- peer network in

which user accounts are

decentralized and stored on each

individual computer.

Changing Computer Name and Domain Settings

A domain is a logical unit of

computers that define a security

boundary, and it is usually

associated with Microsoft’s Active

Directory

Configuring Remote Settings

You can access a computer running Windows with another computer that is connected to the

same network or over the Internet just as if you were sitting in front of the server

The /generalize prepares the Windows installation to be imaged.

Designed for support personnel to connect to an active login session to assist or troubleshoot a

problem

Configuring IP Address Settings

For a server to serve other clients, it will need connect to and communicate over the network.

Therefore, you need to know how to connect the server and configure the TCP/IP properties.

IP address and its corresponding subnet mask (uniquely identifies

the computer using a logical address)

Default gateway (nearest router that connects to the other

networks or the Internet)

One or more DNS servers provide name resolution (domain/host

name to IP address)

Configuring IP Address Settings

The IP address, subnet mask, default gateway, and DNS servers

can be configured manually or automatically via a DHCP server.

Proxy Server

s used to translate between public and private networks using Network Address Translation

(NAT).

A proxy server hides the internal addresses and allows you to have a multitude of private

addresses.

Managing Devices and Device Drivers

Device drivers are programs that control a device.

You can think of them as a translator between the device and the operating system and

programs that use the device.

Note :Because a computer running Windows Server 2008 R2

can have a wide array of devices, it can sometimes be a

challenge to make all devices operate correctly, especially

because servers often have nonstandard hardware that may

require you to manually install or update drivers.

Understanding Plug and Play Devices

- where you install or connect a device, and the device is automatically recognized and configured, and

the appropriate driver is installed.

System Resources

Interrupt request (IRQ) line numbers Interrupt request (IRQ) line numbers: A signal sent

by a device to get the attention of the processor when the device is ready to accept or send

information.

Direct memory access (DMA) channels: Memory access that does not involve the processor.

Input/output (I/O) port addresses: A channel through which data is transferred between a

device and the processor. The port appears to the processor as one or more memory addresses

that it can use to send or receive data.

Memory address ranges: A portion of computer memory that can be allocated to a device and

used by a program or the operating system. Devices are usually allocated a range of memory

addresses.

Understanding Signed Drivers

It help fight faulty drivers.

Although signed drivers will not fix a faulty driver, they make sure the publisher of the driver is

identified, the driver has not been altered, and the driver has been thoroughly tested to be reliable so
that it will not cause a security problem.

A device driver that includes a digital signature,

which is an electronic security mark that can

indicate the publisher of the software and

information that can show if a driver has been

altered.

Using Device Manager

provides you with a graphical view of the hardware (internal and exter- nal) that is installed on your

computer and gives you a way to manage and configure your devices.

Using Device Manager

Driver Details: Shows the driver file(s) and their location, the provider of the driver, the version of the

file, and the digital signer of the file.

Update Driver: Allows you to update the driver software for a device.

Roll Back Driver: Used to roll back a driver if problems exist when you update a device driver. If

there’s no previous version of the driver installed for the selected device, the Roll Back Driver button

will be unavailable.

Disable/Enable: Instead of uninstalling the driver, you can use the Device Manager to disable the

device.

Uninstall: Used to remove the driver software from the computer.

Using Microsoft Management Console and

Administrative Tools

-It provides a standard method to create, save, and open the various administrative tools provided by

Windows.

To start an empty MMC, go to the command prompt, Start Search box or

Run box, type mmc or mmc.exe

Using Microsoft Management Console and

Administrative Tools

Administrative Tools is a folder in the Control Panel that contains tools for system administra- tors and

advanced users.

• Component Services: Configure and

administer Component Object Model (COM)

components. Component Services is

designed for use by developers and

administrators.

Using Microsoft Management Console and

Administrative Tools

Administrative Tools is a folder in the Control Panel that contains tools for system administra- tors and

advanced users.
• Computer Management: Manage local or

remote computers by using a single,

consolidated desktop tool.

Using Computer Management, you can

perform many tasks, such as monitoring

system events, configuring hard disks, and

managing system performance.

Using Microsoft Management Console and

Administrative Tools

• Data Sources (ODBC): Use Open Database Connectivity (ODBC) to move data from

one type of database (a data source) to another.

• Event Viewer: View information about significant events, such as a program starting or

stopping, or security errors, that are recorded in event logs.

• iSCSI Initiator: Configure advanced connections between storage

Using Microsoft Management Console and

Administrative Tools

Administrative Tools is a folder in the Control Panel that contains tools for system administra- tors and

advanced users.

• Local Security Policy: View and edit Group Policy

security settings.

• Performance Monitor: View advanced system

information about the processor, memory,

hard disk, and network performance.

• Print Management: Manage printers and print servers

on a network and perform other

administrative tasks.

Using Microsoft Management Console and

Administrative Tools

Administrative Tools is a folder in the Control Panel that contains tools for system administra- tors and

advanced users.

• Security Configuration Wizard: A

wizard that walks you through how to

create a security policy that you can apply

to any server on the network.

Using Microsoft Management Console and

Administrative Tools

Administrative Tools is a folder in the Control Panel that contains tools for system administra- tors and

advanced users.
• Server Management: A console that allows

you to manage and secure multiple server roles

including managing the server’s identity,

system information; displaying server status;

identifying problems with the server role

configuration; and managing all roles

installed on the server.

Using Microsoft Management Console and

Administrative Tools

Administrative Tools is a folder in the Control Panel that contains tools for system administra- tors and

advanced users.

• Services: Manage the different services that run in the background on your computer.

• Share and Storage Management: A centralized location for you to manage folders

and volumes that are shared on the network and volumes in disks and storage

subsystems.

• Storage Explorer: View and manage Fibre Channel and iSCSI fabrics that are available

in your storage area network (SAN).

• System Configuration: Identify problems that might be preventing Windows from

running correctly.

• Task Scheduler: Schedule programs or other tasks to run automatically.

• Windows Firewall with Advanced Security: Configure advanced firewall settings on

both this computer and remote computers on your network.

• Windows Memory Diagnostics: Check your computer’s memory to see whether it is

functioning properly.

• Windows PowerShell Modules: A task-based command-line shell and scripting language

designed especially for system administration.

• Windows Server Backup: Back up and restore the server.

Using Computer Management Console and Server

Management Console

The Remote Server Administration Tools-allowing you to open and run management tools and snap-ins
to

manage roles, role services, or features on a remote computer.

Installing Programs, Roles, and Features

By default, most of the roles and features that are available for Windows Server 2008 must
be installed or enabled before you can use them. This is to reduce the surface attack that

hackers or malicious software can utilize.

A server role is a set of software programs that, when installed and properly

configured, enables a computer to perform a specific function for multiple users or

computers within a network.

Installing Programs, Roles, and Features

Managing Services-A service is a program, routine, or process that performs a specific system function to

support other programs or to provide a network service.

Installing Programs, Roles, and Features

Understanding the Registry-The registry is a central, secure database in which Windows stores all

hardware configu_x0002_ration information, software configuration information, and system security

policies.

Registry

HKEY_CLASSES_ROOT: Stores information about

registered applications, such as the file association

that tells which default program opens a file with a

certain extension.

• HKEY_CURRENT_USER: Stores settings that are

specific to the currently logged-in user. When a user

logs off, the HKEY_CURRENT_USER is saved to

HKEY_USERS.

• HKEY_LOCAL_MACHINE: Stores settings that are

specific to the local computer.

• HKEY_USERS: Contains subkeys corresponding to

the HKEY_CURRENT_USER keys for each user

profile actively loaded on the machine.

• HKEY_CURRENT_CONFIG: Contains information

gathered at run time. Information stored in this key is

not permanently stored on disk, but rather

regenerated at the boot time.

Managing Server Core

Server Core installation provides a minimal environment with no Windows Explorer shell for running
specific

server roles and no Start button

MANAGE A SERVER CORE SERVER USING AN

MMC SNAP-IN