Cover image for Windows Server 2008: The Definitive Guide

Book description

This practical guide has exactly what you need to work with Windows Server 2008. Inside, you'll find step-by-step procedures for using all of the major components, along with discussions on complex concepts such as Active Directory replication, DFS namespaces and replication, network access protection, the Server Core edition, Windows PowerShell, server clustering, and more. All of this with a more compact presentation and a tighter focus on tasks than you'll find in bulkier references. Windows Server 2008: The Definitive Guide takes a refreshing approach. You won't find the history of Windows NT, or discussions on the way things used to work. Instead, you get only the information you need to use this server. If you're a beginning or intermediate system administrator, you learn how the system works, and how to administer machines running it. The expert administrators among you discover new concepts and components outside of your realm of expertise. Simply put, this is the most thorough reference available for Windows Server 2008, with complete guides to:

  • Installing the server in a variety of different environments

  • File services and the Windows permission structure

  • How the domain name system (DNS) works

  • Active Directory, including its logical and physical structure, hierarchical components, scalability, and replication

  • Group Policy's structure and operation

  • Managing security policy with predefined templates and customized policy plans

  • Architectural improvements, new features, and daily administration of IIS 7

  • Terminal Services from both the administrator's user's point of view

  • Networking architecture including DNS, DHCP, VPN, RADIUS server, IAS, and IPSec

  • Windows clustering services --- applications, grouping machines, capacity and network planning, user account management

  • Windows PowerShell scripting and command-line technology

With Windows Server 2008: The Definitive Guide, you to come away with a firm understanding of what's happening under the hood, but without the sense that you're taking a graduate course in OS theory. If you intend to work with this server, this is the only book you need.

Table of Contents

  1. Windows Server 2008: The Definitive Guide
    1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
    2. Preface
      1. Audience
      2. Organization and Structure
      3. Conventions Used in This Book
      4. Using Code Examples
      5. We'd Like to Hear from You
      6. Safari® Books Online
      7. Acknowledgments
    3. 1. Introducing Windows Server 2008
      1. The Biggest Changes
        1. Server Core
        2. IIS Improvements
      2. Networking Improvements
        1. TCP/IP Stack Enhancements
        2. Changes to Terminal Services
        3. Active Directory: Read-Only Domain Controllers
      3. Security Improvements
        1. Operating System File Protection
        2. BitLocker
        3. Device Installation Control
        4. Windows Firewall with Advanced Security
        5. Network Access Protection
      4. Manageability Improvements
        1. Server Manager
        2. Windows Deployment Services
      5. Performance and Reliability Upgrades
      6. Windows Server 2008 Editions
      7. Hardware Requirements
      8. The Last Word
    4. 2. Installation and Deployment
      1. Installing Windows Server 2008
      2. Initial Configuration Tasks
        1. Understanding Product Activation
      3. Deployment
        1. Windows Imaging Format
        2. Windows PE
        3. Windows Deployment Services
        4. Installing and Configuring Windows Deployment Services
        5. The Boot Menu
        6. Creating and Modifying Images
          1. Creating and modifying boot images
          2. Creating install images
          3. Sysprep: the system preparation tool
        7. Configuring and Performing Unattended Installations with Scripts
      4. The Last Word
    5. 3. File Services
      1. File and Print Server Features
      2. Setting Up File Sharing Services
        1. Creating a Share Manually
        2. Default Shares
        3. Publishing Shares to Active Directory
      3. NTFS File and Folder Permissions
        1. Standard and Special Permissions
        2. Setting Permissions
        3. Inheritance and Ownership
        4. Determining Effective Permissions
        5. Access-Based Enumeration
        6. Auditing
      4. The File Server Resource Manager
        1. Configuring the FSRM
        2. Configuring Quotas with the FSRM
        3. Screening for File Types
          1. Defining a file group
          2. Creating a file screen
          3. Creating an exception to a screen
        4. Generating Storage Reports
      5. Disk-Based Quotas
        1. Setting Default Disk Quotas
        2. Configuring Individual Quota Entries
      6. Using Offline Files and Folders
        1. Enabling Offline Files
        2. Points to Remember
      7. Using Previous Versions
        1. Enabling Previous Versions
        2. Altering the Previous Versions Schedule
      8. The Distributed File System
          1. Creating a namespace
          2. Adding and managing folders and folder targets in a namespace
          3. Creating a replication group for a folder
      9. Command-Line Utilities
        1. Using Shares
        2. FSUTIL
        3. Managing Offline Folders
        4. VSSADMIN
      10. The Last Word
    6. 4. Domain Name System
      1. Nuts and Bolts
      2. Zones Versus Domains
        1. Zone Files
        2. Forward and Reverse Lookup Zones
      3. Resource Records
        1. Host (A) Records
        2. Canonical Name (CNAME) Records
        3. Mail Exchanger (MX) Records
        4. Nameserver (NS) Records
        5. Start of Authority (SOA) Records
        6. Pointer (PTR) Records
        7. Service (SRV) Records
      4. Using Primary and Secondary Nameservers
        1. Full and Incremental Zone Transfers
      5. Building a Nameserver
        1. Enabling Incremental Transfers
        2. Creating a Forward Lookup Zone
        3. Entering A Records into a Zone
        4. Controlling Round-Robin Balancing
        5. Entering and Editing SOA Records
        6. Creating and Editing NS Records
        7. Creating and Editing CNAME Records
        8. Creating and Editing MX Records
        9. Generating a Reverse Lookup Zone
        10. Creating and Editing PTR Records
        11. Configuring a Secondary Nameserver
        12. Upgrading a Secondary Nameserver to Primary
        13. Manually Editing Zone Files
        14. Controlling the Zone Transfer Process
      6. Subdomains and Delegation
        1. Delegating a Domain
        2. Creating the Subdomain
      7. Dynamic DNS
        1. Scavenging
        2. Preventing Dynamic DNS Registration
      8. Active Directory-Integrated Zones
        1. Replication Among Domain Controllers
      9. Forwarding
        1. Slaving
        2. Conditional Forwarding
      10. The Split DNS Architecture
        1. Stub Zones
        2. Security Considerations
      11. Backup and Recovery
      12. Command-Line Utilities
        1. DNSCmd
        2. DNSLint
      13. The Last Word
    7. 5. Active Directory
      1. Active Directory Domain Services Objects and Concepts
        1. Domains
        2. Organizational Units
        3. Sites
        4. Groups
          1. Nesting
        5. Trees
        6. Forests
          1. Transitive forest root trusts
          2. The dedicated forest root model
        7. Shared Folders and Printers
        8. Contacts
        9. Global Catalog
      2. Building an AD DS Structure
        1. The First Domain
        2. Using AD DS Tools
        3. Adding Another Domain Controller to a Domain
        4. Adding Another Domain
        5. Managing Users and Groups
          1. Creating users and groups
          2. Performing common administrative tasks
          3. Using LDAP to create users
          4. Delegation
      3. Understanding Operations Master Roles
        1. Schema Master
        2. Domain Naming Master
        3. RID Master
        4. PDC Emulator
        5. Infrastructure Master
        6. Transferring and Seizing Roles Manually
      4. Understanding Directory Replication
        1. Within a Site: Loops and Meshes
        2. Time Synchronization
        3. Replication Topologies
        4. Handling Update Conflicts
        5. Update Sequence Numbers
          1. Breaking the loop: originating USNs and UTD vectors
        6. Managing Replication Using REPADMIN
          1. Running the KCC
          2. Viewing up-to-date vectors
          3. Viewing replication partners
          4. Viewing highest USNs
          5. Pressing the "Big Red Button"
        7. Among Sites: Spanning Trees and Site Links
          1. Site links
        8. Read-Only Domain Controllers
          1. DNS considerations for read-only domain controllers
      5. Active Directory Troubleshooting and Maintenance
        1. Auditing Activities in Active Directory Domain Services
        2. Restarting AD Domain Services
        3. Troubleshooting AD with DNSLint
        4. Offline Defragmenting of NTDS Database
        5. Cleaning Directory Metadata
      6. The Last Word
    8. 6. Group Policy and IntelliMirror
      1. An Introduction to Group Policy
      2. Group Policy Implementation
        1. Introducing the Group Policy Management Console
          1. Creating and editing Group Policy Objects
          2. Group Policy Preferences
          3. Starter Group Policy Objects
          4. Filtering and commenting
          5. Disabling portions of policies
          6. Refreshing computer policies
          7. Policy enforcement over slow network connections
        2. The Scope of Group Policy Objects
        3. Enforcement and Inheritance
        4. WMI Filters
        5. Resultant Set of Policy
          1. Planning mode
          2. Logging mode
          3. Using RSoP without the GUI
        6. Other Administrative Tasks
          1. Searching for GPOs
          2. Backing up, copying, importing, and exporting GPOs
          3. Managing GP across multiple forests
          4. Delegating administration of GPs
      3. Local Group Policy
        1. Security Templates
        2. Creating a Custom Security Template
        3. Compiling the Security Database
      4. Domain Group Policy
        1. Security Settings
          1. Restricted groups
          2. Filesystem and Registry policy
        2. IntelliMirror: Software Installation
          1. Packaging software
          2. An example deployment
          3. Deployment properties
          4. Redeploying and removing software
          5. Deploying service packs using GP
        3. IntelliMirror: Folder Redirection
          1. Redirecting folders based on group membership
          2. Removing a redirection policy
        4. Software Restriction Policies
        5. Scripts
      5. Deployment Considerations
      6. Troubleshooting Group Policy
        1. Resolving DNS Problems
        2. Analyzing Inheritance
        3. GPO Distribution and Synchronization
        4. Getting More Detailed Logs
        5. Identifying Client Side Extension GUIDs
        6. Locating GPT Files on Domain Controllers
      7. Other Group Policy Management Tools
      8. Command-Line Utilities
        1. GPUpdate
        2. GPResult
      9. The Last Word
    9. 7. Windows Security and Patch Management
      1. Understanding Security Considerations
        1. Principles of Server Security
      2. Locking Down Windows
        1. Password Policies
          1. Granular password policies
        2. Account Lockout Policies
        3. Local Options
          1. Anonymous access
          2. Shutdown without logon
          3. Automatic logoff
          4. Digitally signing communication
          5. Requiring the three-keystroke salute at logon
          6. Last username display
          7. Password expiration prompt
        4. Network Options Via Group Policy
          1. Viewing the default domain policy
          2. Viewing the default domain controller security policies
          3. Viewing a domain controller's effective security policy
          4. Final words: organizing policy layout
      3. Using Auditing and the Event Log
        1. Recommended Items to Audit
        2. Event Logs
          1. The Event Viewer
      4. The Last Word
    10. 8. Internet Information Services 7
      1. Major Improvements
      2. The New Architecture
        1. New: The Windows Process Activation Service
      3. Roles
      4. Managing IIS Graphically
        1. Creating a Site
        2. Adjusting Site Properties
        3. Virtual Directories
        4. Application Pools
        5. Enabling Centralized Configuration
        6. Using the Web Management Service
      5. Managing IIS from the Command Line
        1. AppCmd.exe: One-Stop Configuration
        2. XML Configuration
      6. The Last Word
    11. 9. Windows Server 2008 Server Core
      1. The Lack of a Shell
      2. Realistic Deployment Scenarios
      3. No Managed Code
      4. Few Third-Party Software Applications
      5. Installation
      6. Initial Configuration
        1. Setting an Administrator Password
        2. Configuring Date, Time, and Location Options
        3. Installing and Applying Hardware Drivers
        4. Setting Up Network Connections
        5. Naming the Server and Joining a Domain
        6. Enabling Automatic Updates
        7. Activating the Server
        8. Enabling Remote Desktop Services
      7. Administering Windows Server 2008 Server Core Machines
        1. Installing Active Directory Domain Services on Server Core
        2. Windows Remote Shell
        3. Controlling Server Core Via Group Policy
      8. The Last Word
    12. 10. Terminal Services
      1. The Remote Desktop Protocol
      2. Adding the Terminal Server Role
      3. Enabling Remote Desktop
      4. On the User's Side
        1. Using the RDP Client
        2. Configuring a User's Environment
        3. Alternative RDP Clients
      5. Terminal Services Administration
        1. Terminal Services Manager
          1. Connecting to a session
          2. Disconnecting a session
          3. Logging off a session
          4. Resetting a session
          5. Viewing session information
          6. Sending a message to a user
          7. Taking control of a session
        2. Terminal Services Configuration
          1. Creating a new connection listener
          2. Restricting Terminal Services connections
          3. Encryption levels
          4. Remote control permissions
      6. Terminal Services RemoteApp
      7. Terminal Services Web Access
      8. Terminal Services Gateway
      9. Command-Line Utilities
      10. The Last Word
    13. 11. DHCP and Network Access Protection
      1. Dynamic Host Configuration Protocol
        1. How It Works
        2. Installing a DHCP Server
        3. Creating a New DHCP Scope
        4. Authorizing a DHCP Server
        5. Reservations
        6. Understanding Classes
        7. Superscopes
        8. Conflict Detection
        9. DHCP Implications for DNS
      2. Network Access Protection
        1. How It Works
        2. Enforcement Mechanisms
        3. Implementing NAP in Phases
        4. Configuring Network Access Protection
        5. Benefits and Drawbacks
      3. The Last Word
    14. 12. An Introduction to Clustering Technologies
      1. Network Load-Balancing Clusters
        1. NLB Terminology
        2. NLB Operation Styles and Modes
          1. Single card in each server in unicast mode
          2. Multiple cards in each server in unicast mode
          3. Single card in each server in multicast mode
          4. Multiple cards in each server in multicast mode
        3. Port Rules
        4. Creating an NLB Cluster
        5. Adding Other Nodes to the Cluster
        6. Removing Nodes from the Cluster
        7. Performance Optimization
      2. Server Clustering
        1. Cluster Terminology
        2. Types of Services and Applications
        3. Planning a Cluster Setup
        4. Creating a True Server Cluster
        5. Using the High Availability Wizard
      3. Command-Line Utilities
        1. Managing Individual Nodes
        2. Managing the Cluster Service Itself
      4. The Last Word
    15. 13. PowerShell
      1. Why PowerShell?
      2. Installing PowerShell
      3. PowerShell and Security
      4. Starting Up PowerShell
      5. Cmdlets: The Heart of PowerShell
      6. Getting Help with PowerShell
      7. Using Data Stores and PowerShell Providers
      8. The Pipeline
      9. Formatting Basics
      10. Variables
      11. Writing Scripts
      12. Objects: .NET, WMI, and COM
      13. Advanced PowerShell
      14. Learning More About PowerShell
      15. The Last Word
    16. 14. Hyper-V
      1. How It Works
        1. High Availability
      2. Getting Started with Hyper-V
        1. Installing the Hyper-V
        2. Getting Acquainted with Hyper-V Management Tools
        3. Removing Hyper-V
      3. Virtualization Strategy
      4. The Last Word
    17. About the Author
    18. Colophon
    19. SPECIAL OFFER: Upgrade this ebook with O’Reilly