O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Mastering Windows Server 2016

Book Description

A comprehensive and practical guide to Windows Server 2016

About This Book

  • In-depth coverage of new features of Windows Server 2016
  • Gain the necessary skills and knowledge to design and implement Microsoft Server 2016 in enterprise environment
  • Know how you can support your medium to large enterprise and leverage your experience in administering Microsoft Server 2016,
  • A practical guide to administering Windows server 2016

Who This Book Is For

The book is targeted at System Administrators and IT professionals who would like to design and deploy Windows Server 2016 (physical and logical) Enterprise infrastructure. Previous experience of Windows Server operating systems and familiarity with networking concepts is assumed. System administrators who are upgrading or migrating to Windows Server 2016 would also find this book useful.

What You Will Learn

  • Familiarize yourself with Windows Server 2016 ideology, the core of most datacenters running today
  • New functions and benefits provided only by the new Windows Server 2016
  • Get comfortable working with Nanoserver
  • Secure your network with new technologies in Server 2016
  • Harden your Windows Servers to help keep those bad guys out!
  • Using new built-in integration for Docker with this latest release of Windows Server 2016
  • Virtualize your datacenter with Hyper-V

In Detail

Windows Server 2016 is the server operating system developed by Microsoft as part of the Windows NT family of operating systems, developed concurrently with Windows 10. With Windows Server 2016, Microsoft has gotten us thinking outside of the box for what it means to be a system administration, and comes with some interesting new capabilities. These are exciting times to be or to become a server administrator!

This book covers all aspects of administration level tasks and activities required to gain expertise in Microsoft Windows Server 2016. You will begin by getting familiar and comfortable navigating around in the interface. Next, you will learn to install and manage Windows Server 2016 and discover some tips for adapting to the new server management ideology that is all about centralized monitoring and configuration.

You will deep dive into core Microsoft infrastructure technologies that the majority of companies are going to run on Server 2016. Core technologies such as Active Directory, DNS, DHCP, Certificate Services, File Services, and more. We will talk about networking in this new operating system, giving you a networking toolset that is useful for everyday troubleshooting and maintenance. Also discussed is the idea of Software Defined Networking. You will later walk through different aspects of certificate administration in Windows Server 2016. Three important and crucial areas to cover in the Remote Access role -- DirectAccess, VPN, and the Web Application Proxy -- are also covered.

You will then move into security functions and benefits that are available in Windows Server 2016. Also covered is the brand new and all-important Nano Server!

We will incorporate PowerShell as a central platform for performing many of the functions that are discussed in this book, including a chapter dedicated to the new PowerShell 5.0. Additionally, you will learn about the new built-in integration for Docker with this latest release of Windows Server 2016. The book ends with a discussion and information on virtualizing your datacenter with Hyper-V.

By the end of this book, you will have all the ammunition required to start planning for and implementing Windows Server 2016.

Style and approach

This book offers a practical and wide coverage of all features of brand new Microsoft Server 2016 along with tips on daily administration tasks.

Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.

Table of Contents

  1. Mastering Windows Server 2016
    1. Table of Contents
    2. Mastering Windows Server 2016
    3. Credits
    4. About the Author
    5. About the Reviewer
    6. www.PacktPub.com
      1. eBooks, discount offers, and more
        1. Why subscribe?
        2. Instant updates on new Packt books
    7. Preface
      1. What this book covers
      2. What you need for this book
      3. Who this book is for
      4. Conventions
      5. Reader feedback
      6. Customer support
        1. Piracy
        2. Questions
    8. 1. Getting Started with Windows Server 2016
      1. What is the purpose of Windows Server?
      2. It's getting "cloudy" out there
        1. Private cloud
      3. An overview of new features
        1. The Windows 10 experience
        2. Software-Defined Networking
        3. PowerShell 5.0
        4. Built-in malware protection
        5. Soft restart
        6. Nano Server
        7. Web Application Proxy
        8. Shielded virtual machines
      4. Navigating the interface
        1. The new Start menu
        2. The hidden Admin menu
        3. Using the Search function
        4. Pin programs to the taskbar
          1. The power of right-click
      5. Using the new Settings screen
        1. Two ways to do the same thing
          1. Creating a new user through the Control Panel
          2. Creating a new user through the Settings menu
      6. Task Manager
      7. Task View
      8. Summary
    9. 2. Installing and Managing Windows Server 2016
      1. Installing Windows Server 2016
        1. Burning that ISO
        2. Installing from USB
        3. Running the installer
      2. Installing roles and features
        1. Installing a role using the wizard
        2. Installing a feature using PowerShell
      3. Centralized management and monitoring
        1. Server Manager
        2. Remote Server Administration Tools
        3. Azure Server Management Tools
        4. Does this mean RDP is dead?
          1. Remote Desktop Connection Manager
      4. Sysprep enables quick server rollouts
        1. Installing Windows Server 2016 onto a new server
        2. Configuring customizations and updates onto your new server
        3. Running sysprep to prepare and shut down your master server
        4. Creating your master image of the drive
        5. Building new servers using copies of the master image
      5. Summary
    10. 3. Core Infrastructure Services
      1. What is a domain controller?
      2. Using AD DS to organize your network
        1. Active Directory Users and Computers
          1. User accounts
          2. Security Groups
          3. Prestaging computer accounts
        2. Active Directory Domains and Trusts
        3. Active Directory Sites and Services
        4. Active Directory Administrative Center
          1. Dynamic Access Control
        5. Read-only domain controllers
      3. The power of Group Policy
        1. The Default Domain Policy
        2. Create and link a new GPO
        3. Filtering GPOs to particular devices
      4. DNS overview
        1. Different kinds of DNS records
          1. Host record (A or AAAA)
          2. Alias record – CNAME
          3. Mail Exchanger record
          4. Name Server record
          5. Ipconfig /flushdns
      5. DHCP versus static addressing
        1. The DHCP scope
        2. DHCP reservations
      6. Back up and restore
        1. Schedule regular backups
        2. Restoring from Windows
        3. Restoring from the disc
      7. MMC and MSC shortcuts
      8. Summary
    11. 4. Certificates in Windows Server 2016
      1. Common certificate types
        1. User certificates
        2. Computer certificates
        3. SSL certificates
          1. Single-name certificates
          2. Subject Alternative Name certificates
          3. Wildcard certificates
      2. Planning your PKI
        1. Enterprise versus standalone
        2. Root versus subordinate
        3. Can I install the CA role onto a domain controller?
      3. Creating a new certificate template
      4. Issuing your new certificates
        1. Publishing the template
        2. Requesting a cert from MMC
        3. Requesting a cert from the Web interface
      5. Creating an autoenrollment policy
      6. Obtaining a public authority SSL certificate
        1. Creating a Certificate Signing Request (CSR)
        2. Submitting the certificate request
        3. Downloading and installing your certificate
      7. Exporting and importing certificates
        1. Exporting from MMC
        2. Exporting from IIS
        3. Importing onto a second server
      8. Summary
    12. 5. Networking with Windows Server 2016
      1. Intro to IPv6
      2. Networking toolbox
        1. Ping
        2. Tracert
        3. Pathping
        4. Test-Connection
        5. Telnet
        6. Packet tracing with Wireshark or Netmon
        7. TCPView
      3. Building a routing table
        1. Multihomed servers
        2. Only one default gateway
        3. Building a route
          1. Adding a route with Command Prompt
          2. Deleting a route
          3. Adding a route with PowerShell
      4. Software-Defined Networking
        1. Hyper-V Network Virtualization
          1. Private clouds
          2. Hybrid clouds
          3. How does it work?
            1. System Center Virtual Machine Manager
            2. Network Controller
            3. Generic Routing Encapsulation
            4. Microsoft Azure virtual network
            5. Windows Server Gateway
      5. Summary
    13. 6. Enabling Your Mobile Workforce
      1. DirectAccess – automatic VPN!
      2. The truth about DirectAccess and IPv6
      3. Prerequisites for DirectAccess
        1. Domain joined
        2. Supported client operating systems
        3. DirectAccess servers get one or two NICs?
          1. Single NIC mode
          2. Edge mode with two NICs
          3. More than two NICs?
        4. To NAT or not to NAT?
          1. 6to4
          2. Teredo
          3. IP-HTTPS
          4. Installing on the true edge – on the Internet
          5. Installing behind a NAT
        5. Network Location Server
        6. Certificates used with DirectAccess
          1. SSL certificate on the NLS web server
          2. SSL certificate on the DirectAccess server
          3. Machine certificates on the DA server and all DA clients
        7. Do not use the Getting Started Wizard!
      4. Remote Access Management Console
        1. Configuration
        2. Dashboard
        3. Operations Status
        4. Remote Client Status
        5. Reporting
        6. Tasks
      5. DirectAccess versus VPN
        1. Domain-joined versus non-domain-joined
        2. Auto versus manual launch
        3. Software versus built-in
        4. Password and login issues with VPN
      6. Web Application Proxy
      7. Requirements for WAP
      8. Server 2016 improvements to WAP
        1. Preauthentication for HTTP Basic
        2. HTTP to HTTPS redirection
        3. Client IP addresses forwarded to applications
        4. Publishing Remote Desktop Gateway
        5. Improved administrative console
      9. Summary
    14. 7. Hardening and Security
      1. Windows Defender
        1. Installing Windows Defender
        2. Exploring the user interface
        3. Disabling Windows Defender
      2. Windows Firewall – no laughing matter
        1. Two Windows Firewall administrative consoles
          1. Windows Firewall settings
          2. Windows Firewall with Advanced Security
        2. Three different firewall profiles
        3. Building a new Inbound Rule
        4. How to build a rule for ICMP?
        5. Managing WFAS with Group Policy
      3. Encryption technologies
        1. BitLocker and the Virtual TPM
        2. Shielded VMs
        3. Encrypting File System
        4. IPsec
          1. Configuring IPsec
            1. Server policy
            2. Secure Server policy
            3. Client policy
            4. IPsec Security Policy snap-in
            5. Using WFAS instead
      4. Advanced Threat Analytics
      5. Lightweight Gateway
      6. General security best practices
        1. Get rid of perpetual administrators
        2. Use distinct accounts for administrative access
        3. Use a different computer to accomplish administrative tasks
        4. Never browse the Internet from servers
        5. Role-Based Access Controls
        6. Just Enough Administration
        7. Device Guard
        8. Credential Guard
      7. Summary
    15. 8. Tiny Servers
      1. Why Server Core?
        1. No more switching back and forth
      2. Interfacing with Server Core
        1. PowerShell
          1. Cmdlets to manage IP addresses
          2. Setting the server hostname
          3. Joining your domain
        2. Server Manager
        3. Remote Server Administration Tools
        4. Accidentally closing Command Prompt
      3. Roles available in Server Core
      4. Nano Server versus Server Core
        1. Sizing and maintenance numbers
        2. Accessibility
        3. Capability
        4. Installation
      5. Setting up your first Nano Server
        1. Preparing the VHD file
        2. Creating a virtual machine
      6. Nano Server Image Builder
      7. Administering Nano Server
        1. Nano Server Recovery Console
        2. Remote PowerShell
        3. Windows Remote Management
        4. Other management tools
      8. Summary
    16. 9. Redundancy in Windows Server 2016
      1. Network Load Balancing
        1. Not the same as round-robin DNS
        2. What roles can use NLB?
        3. Virtual and dedicated IP addresses
        4. NLB modes
          1. Unicast
          2. Multicast
          3. Multicast IGMP
      2. Configuring a load balanced website
        1. Enabling NLB
          1. Enabling MAC address spoofing on VMs
        2. Configuring NLB
        3. Configuring IIS and DNS
        4. Test it out
        5. Flushing the ARP cache
      3. Failover clustering
        1. Clustering Hyper-V hosts
        2. Scale-Out File Server
      4. Clustering tiers
        1. Application layer clustering
        2. Host layer clustering
        3. A combination of both
        4. How does failover work?
      5. Setting up a failover cluster
        1. Building the servers
        2. Installing the feature
        3. Running the Failover Cluster Manager
        4. Running cluster validation
        5. Running the Create Cluster wizard
      6. Clustering improvements in Windows Server 2016
        1. Multi-Site clustering
        2. Cross-domain or workgroup clustering
        3. Cluster Operating System Rolling Upgrade
        4. Virtual Machine Resiliency
        5. Storage Replica
          1. Stretch Cluster
          2. Cluster to Cluster
          3. Server to Server
          4. Storage Spaces Direct
      7. Summary
    17. 10. Learning PowerShell 5.0
      1. Why move to PowerShell?
        1. Cmdlets
        2. PowerShell is the backbone
        3. Scripting
        4. Server Core and Nano Server
      2. Working within PowerShell
        1. Launching PowerShell
        2. Default Execution Policy
          1. Restricted
          2. AllSigned
          3. RemoteSigned
          4. Unrestricted
          5. Bypass
        3. Using the Tab key
        4. Useful cmdlets for daily tasks
        5. Using Get-Help
        6. Formatting the output
          1. Format-Table
          2. Format-List
      3. PowerShell Integrated Scripting Environment
        1. PS1 file
        2. Integrated Scripting Environment
      4. Remotely managing a server
        1. Preparing the remote server
          1. WinRM service
          2. Enable-PSRemoting
          3. Allowing machines from other domains or workgroups
        2. Connecting to the remote server
          1. Using –ComputerName
          2. Using Enter-PSSession
        3. Testing it with Server Core and Nano Server
      5. Desired State Configuration
      6. Summary
    18. 11. Application Containers and Docker
      1. Understanding application containers
        1. Sharing resources
        2. Isolation
        3. Scalability
      2. The differences between hypervisors and containers
      3. Windows Server Containers versus Hyper-V Containers
        1. Windows Server Containers
        2. Hyper-V Containers
      4. Starting a container with PowerShell
        1. Preparing your container host server
        2. Starting a Windows Server Container
      5. What is Docker?
        1. Docker on Windows Server 2016
        2. Docker Hub
      6. Docker Trusted Registry
      7. Summary
    19. 12. Virtualizing Your Datacenter with Hyper-V
      1. Designing and implementing your Hyper-V Server
        1. Installing the Hyper-V role
      2. Using virtual switches
        1. External virtual switch
        2. Internal virtual switch
        3. Private virtual switch
      3. Creating a new virtual switch
      4. Implementing a new virtual server
        1. Starting and connecting to the VM
        2. Installing the operating system
      5. Managing a virtual server
        1. Hyper-V Manager
        2. Settings menus
          1. Checkpoints
        3. Hyper-V Console, RDP, and PowerShell
      6. Shielded VMs
        1. Encrypting the VHDs
      7. Hyper-V Server 2016
      8. Summary
    20. Index