You are previewing Windows Server® 2012 Inside Out.
O'Reilly logo
Windows Server® 2012 Inside Out

Book Description

Dive in—and discover how to really put Windows Server 2012 to work! This supremely organized reference packs the details you need to plan and manage a Windows Server 2012 implementation—including hundreds of timesaving solutions, troubleshooting tips, and workarounds. Learn how the experts tackle Windows Server 2012—and challenge yourself to new levels of mastery. Topics include:

  • Managing Windows Server 2012 systems

  • Storage and file systems

  • TCP/IP networking

  • DHCP and DNS

  • Active Directory

  • Group Policy

  • Security and access

  • Troubleshooting hardware

  • Performance monitoring and tuning

  • Backup and recovery

  • Table of Contents

    1. Dedication
    2. Introduction
      1. Conventions
      2. How to reach the author
      3. Errata & book support
      4. We want to hear from you
      5. Stay in touch
    3. 1. Windows Server 2012 Overview
      1. 1. Introducing Windows Server 2012
        1. Getting to know Windows Server 2012
        2. Windows 8 and Windows Server 2012
        3. Planning for Windows Server 2012
          1. Your plan: The big picture
          2. Identifying your organizational teams
          3. Assessing project goals
            1. The business perspective
            2. Identifying IT goals
            3. Examining the interaction between IT and business units
            4. Predicting network change
          4. Analyzing the existing network
            1. Evaluating the network infrastructure
            2. Assessing systems
            3. Identify network services and applications
            4. Identifying security infrastructure
            5. Reviewing network administration
          5. Defining objectives and scope
            1. Specifying organizational objectives
            2. Setting the schedule
            3. Shaping the budget
            4. Allowing for contingencies
            5. Finalizing project scope
          6. Defining the new network environment
            1. Impact on network operations
            2. Identify security requirements
            3. Changing the administrative approach
            4. Select and implement standards
            5. Change management
          7. Final considerations for planning and deployment
        4. Thinking about server roles and Active Directory
          1. Planning for server usage
          2. Designing the Active Directory namespace
          3. Managing domain trusts
          4. Identifying the domain and forest functional level
          5. Defining Active Directory server roles
        5. Planning for availability, scalability, and manageability
          1. Planning for software needs
          2. Planning for hardware needs
            1. Planning for support structures and facilities
            2. Planning for day-to-day operations
            3. Planning for deploying highly available servers
      2. 2. Deploying Windows Server 2012
        1. Getting a quick start
        2. Product licensing
        3. Preparing for a Windows Server 2012 installation
          1. Understanding installation options
          2. Determining which installation type to use
          3. Using Windows Update
          4. Preinstallation tasks
        4. Installing Windows Server 2012
          1. Installation on BIOS-based systems
          2. Installation on EFI-based systems
          3. Planning partitions
          4. Naming computers
          5. Network and domain membership options
            1. Protocols
            2. Domain membership
            3. Networking components
          6. Performing a clean installation
          7. Performing an upgrade installation
          8. Activation sequence
            1. Activate Windows over the Internet
            2. Activate Windows by telephone
            3. Using Managed Activation
        5. Performing additional administration tasks during installations
          1. Accessing a command prompt during installation
          2. Forcing disk-partition removal during installation
          3. Loading mass storage drivers during installation
          4. Creating, deleting, and extending disk partitions during installation
        6. Troubleshooting installation
          1. Start with the potential points of failure
            1. Setup refuses to install or start
            2. Setup reports a media or DVD-ROM error
            3. Setup reports insufficient system resources
          2. Continue past lockups and freezes
        7. Postinstallation tasks
      3. 3. Boot Configuration
        1. Boot from hardware and firmware
          1. Hardware and firmware power states
          2. Diagnosing hardware and firmware startup problems
          3. Resolving hardware and firmware startup problems
        2. Boot environment essentials
        3. Managing startup and boot configuration
          1. Managing startup and recovery options
          2. Managing System Boot Configuration
          3. Working with BCD Editor
        4. Managing the Boot Configuration Data store and its entries
          1. Viewing BCD entries
          2. Creating and identifying the BCD data store
          3. Importing and exporting the BCD data store
          4. Creating, copying, and deleting BCD entries
          5. Setting BCD entry values
          6. Changing Data Execution Prevention and physical address extension options
          7. Changing the operating system display order
          8. Changing the default operating system entry
          9. Changing the default timeout
          10. Changing the boot sequence temporarily
    4. 2. Managing Windows Server 2012 Systems
      1. 4. Managing Windows Server 2012
        1. Working with the administration tools
          1. Using Control Panel utilities
          2. Using graphical administrative tools
          3. Using command-line utilities
            1. Utilities to know
            2. Using Net tools
            3. Using Windows PowerShell
        2. Working with Server Manager
          1. Getting to know Server Manager
          2. Adding servers for management
          3. Creating server groups
          4. Enabling remote management
        3. Working with Computer Management
          1. Computer Management system tools
          2. Computer Management storage tools
          3. Computer Management Services And Applications tools
        4. Using Control Panel
          1. Using the Folder Options utility
        5. Using the System console
        6. Customizing the desktop and the taskbar
          1. Configuring desktop items
          2. Configuring the taskbar
            1. Changing the taskbar size and position
            2. Using Auto Hide and locking
            3. Combining similar taskbar items
            4. Pinning shortcuts to the taskbar
            5. Controlling programs in the notification area
        7. Optimizing toolbars
          1. Displaying custom toolbars
          2. Creating personal toolbars
        8. Using Remote Desktop
          1. Remote Desktop essentials
          2. Configuring Remote Desktop
            1. Enabling Remote Desktop on servers
            2. Permitting and restricting remote logon
            3. Configuring Remote Desktop through Group Policy
          3. Supporting Remote Desktop Connection clients
            1. Remote Desktop Connection client
            2. Running the Remote Desktop Connection client
        9. Tracking who’s logged on
      2. 5. Windows Server 2012 MMC Administration
        1. Using the MMC
          1. MMC snap-ins
          2. MMC modes
          3. MMC window and startup
          4. MMC tool availability
          5. MMC and remote computers
        2. Building custom MMCs
          1. Step 1: Creating the console
          2. Step 2: Adding snap-ins to the console
          3. Step 3: Saving the finished console
            1. Setting the initial console view before saving
            2. Setting the console mode before saving
            3. Setting the console icon before saving
            4. Saving the console tool
        3. Designing custom taskpads for the MMC
          1. Getting started with taskpads
          2. Understanding taskpad view styles
          3. Creating and managing taskpads
          4. Creating and managing tasks
            1. Creating menu command tasks
            2. Creating shell command tasks
            3. Creating navigation tasks
            4. Arranging, editing, and removing tasks
        4. Publishing and distributing your custom tools
      3. 6. Configuring Roles, Role Services, and Features
        1. Using roles, role services, and features
        2. Making supplemental components available
        3. Installing components with Server Manager
          1. Viewing configured roles and role services
          2. Managing server roles and features
            1. Adding server roles and features
            2. Removing server roles and features
          3. Managing server binaries
        4. Installing components at the prompt
          1. Going to the prompt for Server Management
          2. Understanding component names
        5. Tracking installed roles, role services, and features
          1. Installing components at the prompt
          2. Removing components at the prompt
      4. 7. Managing and Troubleshooting Hardware
        1. Understanding hardware installation changes
          1. Choosing internal devices
          2. Choosing external devices
        2. Installing devices
          1. Understanding device installation
          2. Installing new devices
          3. Viewing device and driver details
        3. Working with device drivers
          1. Device driver essentials
          2. Understanding and troubleshooting driver signing
          3. Viewing driver Information
          4. Viewing Advanced, Resources, and other settings
          5. Installing and updating device drivers
          6. Restricting device installation using Group Policy
          7. Rolling back drivers
          8. Removing device drivers for removed devices
          9. Uninstalling, reinstalling, and disabling device drivers
        4. Managing hardware
          1. Adding non–Plug and Play, legacy hardware
          2. Enabling and disabling hardware
          3. Troubleshooting hardware
          4. Resolving resource conflicts
      5. 8. Managing the Registry
        1. Introducing the registry
        2. Understanding the registry structure
        3. Registry root keys
          1. HKEY_LOCAL_MACHINE
            1. HKLM\BCD00000000
            2. HKLM\HARDWARE
            3. HKLM\SAM
            4. HKLM\SECURITY
            5. HKLM\SOFTWARE
            6. HKLM\SYSTEM
          2. HKEY_USERS
          3. HKEY_CLASSES_ROOT
          4. HKEY_CURRENT_CONFIG
          5. HKEY_CURRENT_USER
        4. Registry data: How it is stored and used
          1. Where registry data comes from
          2. Types of registry data available
        5. Registry administration
          1. Searching the registry
          2. Modifying the registry
            1. Modifying values
            2. Adding keys and values
            3. Removing keys and values
          3. Modifying the registry of a remote machine
          4. Importing and exporting registry data
          5. Loading and unloading hive files
          6. Working with the registry from the command line
        6. Backing up and restoring the registry
        7. Maintaining the registry
          1. Using the Microsoft Fix It Utility
          2. Removing registry settings for active installations that have failed
          3. Removing partial or damaged settings for individual applications
        8. Securing the registry
          1. Preventing access to the registry utilities
          2. Applying permissions to registry keys
          3. Controlling remote registry access
          4. Auditing registry access
      6. 9. Software and User Account Control Administration
        1. Software installation essentials
        2. Mastering User Account Control
          1. Elevation, prompts, and the secure desktop
          2. Configuring UAC and Admin Approval Mode
        3. Maintaining application integrity
          1. Application access tokens
          2. Application run levels
          3. Configuring run levels
          4. Controlling application installation and run behavior
      7. 10. Performance Monitoring and Tuning
        1. Tuning performance, memory usage, and data throughput
          1. Tuning Windows operating system performance
          2. Tuning processor scheduling
          3. Tuning virtual memory
          4. Other important tuning, memory, and data considerations
        2. Tracking a system’s general health
          1. Monitoring essentials
          2. Getting processor and memory usage for troubleshooting
          3. Getting information on running applications
          4. Monitoring and troubleshooting processes
          5. Monitoring and troubleshooting services
          6. Getting network usage information
          7. Getting information on user and remote user sessions
        3. Tracking events and troubleshooting by using Event Viewer
          1. Understanding the event logs
          2. Accessing the event logs and viewing events
          3. Viewing event logs on remote systems
          4. Sorting, finding, and filtering events
            1. Sorting the event logs
            2. Searching the event logs
            3. Filtering the event logs
          5. Archiving event logs
          6. Tracking events using Windows PowerShell
          7. Using subscriptions and forwarded events
      8. 11. Comprehensive Performance Analysis and Logging
        1. Establishing performance baselines
          1. Tracking per-process resource usage
            1. Getting an overview of resource utilization
            2. Tracking per-process CPU utilization
            3. Tracking per-process memory utilization
            4. Tracking per-process disk utilization
            5. Tracking per-process network utilization
          2. Tracking the overall reliability of the server
        2. Comprehensive performance monitoring
          1. Using Performance Monitor
          2. Selecting performance objects and counters to monitor
          3. Choosing views and controlling the display
          4. Monitoring performance remotely
        3. Resolving performance bottlenecks
          1. Resolving memory bottlenecks
          2. Resolving processor bottlenecks
          3. Resolving disk I/O bottlenecks
          4. Resolving network bottlenecks
        4. Performance logging
          1. Creating and managing data collector sets
            1. Creating and managing data collector sets
            2. Using data collector templates
            3. Collecting performance counter data
            4. Collecting performance trace data
            5. Collecting configuration data
          2. Viewing data collector reports
          3. Configuring performance counter alerts
          4. Monitoring performance from the command line
          5. Analyzing trace logs at the command line
    5. 3. Managing Windows Server 2012 Storage and File Systems
      1. 12. Storage Management
        1. Essential storage technologies
          1. Using internal and external storage devices
          2. Storage-management features and tools
          3. Storage-management role services
          4. Booting from SANs, and using SANs with clusters
          5. Working with SMB 3.0
        2. Installing and configuring file services
          1. Configuring the File And Storage Services role
          2. Configuring multipath I/O
            1. Adding and removing multipath hardware devices
            2. Managing and maintaining MPIO
          3. Meeting performance, capacity, and availability requirements
          4. Configuring Hyper-V
            1. Understanding Hyper-V
            2. Installing Hyper-V
            3. Creating virtual machines
        3. Configuring storage
          1. Using the Disk Management tools
          2. Adding new disks
          3. Using the MBR and GPT partition styles
            1. Working with MBR disks
            2. Working with GPT disks
            3. Using and converting MBR and GPT disks
          4. Using the disk storage types
            1. Working with basic and dynamic disks
            2. Using and converting basic and dynamic disks
          5. Creating and managing virtual hard disks for Hyper-V
          6. Converting FAT or FAT32 to NTFS
          7. Working with removable disks
        4. Managing MBR disk partitions on basic disks
          1. Creating partitions and simple volumes
          2. Formatting a partition, logical drive, or volume
          3. Configuring drive letters
          4. Configuring mount points
          5. Extending partitions
          6. Shrinking partitions
          7. Deleting a partition, logical drive, or volume
        5. Managing GPT disk partitions on basic disks
          1. ESP
          2. MSR partitions
          3. Primary partitions
          4. LDM Metadata and LDM Data partitions
          5. OEM or unknown partitions
        6. Managing volumes on dynamic disks
          1. Creating a simple or spanned volume
          2. Configuring RAID 0: Striping
          3. Recovering a failed simple, spanned, or striped disk
          4. Moving dynamic disks
          5. Configuring RAID 1: Disk mirroring
            1. Creating a mirrored set using two new disks
            2. Adding a mirror to an existing volume
          6. Mirroring boot and system volumes
            1. Mirroring boot and system volumes on MBR disks
            2. Mirroring boot and system volumes on GPT disks
          7. Configuring RAID 5: Disk striping with parity
          8. Breaking or removing a mirrored set
          9. Resolving problems with mirrored sets
          10. Repairing a mirrored system volume
            1. Rebuilding mirrored system volumes on MBR disks
            2. Rebuilding mirrored system volumes on GPT disks
          11. Resolving problems with RAID-5 sets
      2. 13. TPM and BitLocker Drive Encryption
        1. Working with trusted platforms
        2. Managing TPM
          1. Understanding TPM states and tools
          2. Managing TPM owner authorization information
          3. Preparing and initializing a TPM for first use
          4. Turning an initialized TPM on or off
          5. Clearing the TPM
          6. Changing the TPM owner password
        3. Introducing BitLocker Drive Encryption
          1. BitLocker essentials
          2. BitLocker modes
          3. BitLocker changes
        4. Using hardware encryption, secure boot, and Network Unlock
          1. Hardware encrypted drives
          2. Optimizing encryption
          3. Setting permitted encryption types
          4. Preparing BitLocker for startup authentication and secure boot
          5. Using Network Unlock
          6. Provisioning BitLocker prior to deployment
        5. Deploying BitLocker Drive Encryption
        6. Setting up and managing BitLocker Drive Encryption
          1. Configuring and enabling BitLocker Drive Encryption
          2. Determining whether a computer has BitLocker-encrypted volumes
          3. Enabling BitLocker on fixed data drives
          4. Enabling BitLocker on removable data drives
          5. Enabling BitLocker on operating-system volumes
          6. Managing and troubleshooting BitLocker
            1. Recovering data protected by BitLocker Drive Encryption
            2. Disabling or turning off BitLocker Drive Encryption
      3. 14. Managing File Systems and Storage
        1. Understanding the disk and file-system structure
        2. Using FAT
          1. File allocation table structure
          2. FAT features
        3. Using NTFS
          1. NTFS structure
          2. NTFS features
          3. Analyzing the NTFS structure
        4. Advanced NTFS features
          1. Hard links
          2. Data streams
          3. Change journals
          4. Object identifiers
          5. Reparse points
          6. Sparse files
          7. Transactional NTFS
        5. Using ReFS
          1. ReFS features
          2. ReFS structures
          3. ReFS advantages
          4. ReFS integrity streams, data scrubbing, and salvage
        6. Using file-based compression
          1. NTFS compression
          2. Compressed (zipped) folders
        7. Managing disk quotas
          1. How quota management works
          2. Configuring disk quotas
          3. Customizing quota entries for individual users
          4. Managing disk quotas after configuration
          5. Exporting and importing quota entries
        8. Automated disk maintenance
          1. Preventing disk-integrity problems
          2. Running Check Disk interactively
          3. Analyzing FAT volumes by using ChkDsk
          4. Analyzing NTFS volumes by using ChkDsk
          5. Repairing volumes and marking bad sectors by using ChkDsk
        9. Automated optimization of disks
          1. Preventing fragmentation of disks
          2. Fixing fragmentation by using Optimize Drives
          3. Understanding the fragmentation analysis
        10. Managing storage spaces
          1. Using and configuring offloaded transfers
          2. Working with available storage
          3. Creating storage pools and allocating space
          4. Creating storage spaces
          5. Creating a virtual disk in a storage space
          6. Creating a standard volume
          7. Configuring data deduplication
            1. Understanding data deduplication
            2. Selecting data for deduplication
            3. Interoperability with data deduplication
            4. Deduplicating volumes
            5. Monitoring deduplication
      4. 15. File Sharing and Security
        1. File-sharing essentials
          1. Understanding file-sharing models
          2. Enabling file sharing
          3. Using and finding shares
          4. Hiding and controlling share access
          5. Special and administrative shares
            1. C$, D$, E$, and other drive shares
            2. ADMIN$
            3. FAX$
            4. IPC$
            5. NETLOGON
            6. PRINT$
            7. SYSVOL
          6. Accessing shares for administration
        2. Creating and publishing shared folders
          1. Creating shares by using File Explorer
          2. Creating shares by using Computer Management
          3. Creating shared folders in Server Manager
          4. Changing shared folder settings
          5. Publishing shares in Active Directory
        3. Managing share permissions
          1. Understanding share permissions
          2. Configuring share permissions
        4. Managing access permissions
          1. File and folder ownership
          2. Permission inheritance for files and folders
            1. Changing shaded permissions and stopping inheritance
            2. Resetting and replacing permissions
          3. Configuring access permissions
            1. Basic permissions
            2. Special permissions
          4. Troubleshooting permissions
        5. Managing file shares after configuration
        6. Managing claims-based access controls
          1. Understanding central access policies
          2. Enabling dynamic controls and claims-based policy
          3. Defining central access policies
        7. Auditing file and folder access
          1. Enabling basic auditing for files and folders
          2. Enabling advanced auditing
          3. Specifying files and folders to audit
          4. Extending access policies to auditing
          5. Monitoring the security logs
        8. Shadow copy essentials
          1. Using shadow copies of shared folders
          2. How shadow copies work
          3. Implementing Shadow Copies for Shared Folders
        9. Managing shadow copies in Computer Management
          1. Configuring shadow copies in Computer Management
          2. Maintaining shadow copies after configuration
          3. Reverting an entire volume
        10. Configuring shadow copies at the command line
          1. Enabling shadow copying from the command line
          2. Create manual snapshots from the command line
          3. Viewing shadow copy information
          4. Deleting snapshot images from the command line
          5. Disabling shadow copies from the command line
          6. Reverting volumes from the command line
      5. 16. Managing File Screening and Storage Reporting
        1. Understanding file screening and storage reporting
        2. Managing file screening and storage reporting
          1. Managing global file-resource settings
            1. Configuring email notifications
            2. Configuring notification limits
            3. Reviewing reports and configuring storage report parameters
            4. Configuring report locations
            5. Configuring file-screen auditing
            6. Configuring classification
            7. Enabling access-denied assistance
          2. Managing the file groups to which screens are applied
          3. Managing file-screen templates
          4. Creating file screens
          5. Defining file-screening exceptions
          6. Scheduling and generating storage reports
      6. 17. Backup and Recovery
        1. Disaster-planning strategies
          1. Developing contingency procedures
          2. Implementing problem-escalation and response procedures
          3. Creating a problem-resolution policy document
        2. Disaster preparedness procedures
          1. Performing backups
          2. Repairing startup
          3. Setting startup and recovery options
        3. Developing backup strategies
          1. Creating your backup strategy
          2. Backup strategy considerations
          3. Selecting the optimal backup techniques
          4. Understanding backup types
          5. Using media rotation and maintaining additional media sets
        4. Backing up and recovering your data
          1. Using the backup utility
          2. Backing up your data
          3. Scheduling backups
          4. Performing a one-time backup
          5. Tracking scheduled and manual backups
          6. Recovering your data
            1. Recovering data stored on the current server
            2. Recovering data stored on another server
          7. Recovering the system state
          8. Restoring the operating system and the full system
        5. Backing up and restoring Active Directory
          1. Backup and recovery strategies for Active Directory
          2. Performing a nonauthoritative restore of Active Directory
          3. Performing an authoritative restore of Active Directory
          4. Restoring Sysvol data
          5. Restoring a failed domain controller by installing a new domain controller
        6. Troubleshooting startup and shutdown
          1. Resolving startup issues
          2. Repairing missing or corrupted system files
          3. Resolving restart or shutdown issues
    6. 4. Managing Windows Server 2012 Networking and Domain Services
      1. 18. Networking with TCP/IP
        1. Navigating networking in Windows Server 2012
        2. Using TCP/IP
        3. Understanding IPv4 addressing
          1. Unicast IPv4 addresses
            1. Class A networks
            2. Class B networks
            3. Class C networks
            4. Loopback, public, and private addresses
          2. Multicast IPv4 addresses
          3. Broadcast IPv4 addresses
        4. Special IPv4 addressing rules
        5. Using subnets and subnet masks
          1. Subnet masks
          2. Network prefix notation
          3. Subnetting
            1. Subnetting Class A networks
            2. Subnetting Class B networks
            3. Subnetting Class C networks
          4. Understanding IP data packets
        6. Getting and using IPv4 addresses
        7. Understanding IPv6
        8. Understanding name resolution
          1. Domain Name System
            1. Host names
            2. Domain names
            3. Fully qualified domain names
            4. Name resolution
          2. Windows Internet Naming Service
          3. Link-Local Multicast Name Resolution
      2. 19. Managing TCP/IP Networking
        1. Installing TCP/IP networking
          1. Preparing for installation of TCP/IP networking
          2. Installing network adapters
          3. Installing networking services (TCP/IP)
        2. Configuring TCP/IP networking
          1. Configuring static IP addresses
            1. Testing an IP address
            2. Configuring a static IPv4 or IPv6 address
          2. Configuring dynamic IP addresses and alternate IP addressing
          3. Configuring multiple IP addresses and gateways
          4. Configuring DNS resolution
            1. Basic DNS settings
            2. Advanced DNS settings
          5. Configuring WINS resolution
        3. Managing network connections
          1. Checking the status, speed, and activity for network connections
          2. Viewing network configuration information
          3. Enabling and disabling network connections
          4. Renaming network connections
        4. Troubleshooting and testing network settings
          1. Diagnosing and resolving network connection problems
          2. Diagnosing and resolving Internet connection problems
          3. Performing basic network tests
          4. Diagnosing and resolving IP addressing problems
          5. Diagnosing and resolving routing problems
          6. Releasing and renewing DHCP settings
          7. Diagnosing and fixing name-resolution issues
      3. 20. Managing DHCP
        1. DHCP essentials
          1. DHCPv4 and autoconfiguration
          2. DHCPv6 and autoconfiguration
        2. DHCP security considerations
        3. DHCP and IPAM
        4. Planning DHCPv4 and DHCPv6 implementations
          1. DHCPv4 messages and relay agents
          2. DHCPv6 messages and relay agents
          3. DHCP availability and fault tolerance
            1. Failover scope: Load sharing
            2. Failover scope: Fault tolerance
            3. Traditional split scopes
        5. Setting up DHCP servers
          1. Installing the DHCP Server service
          2. Authorizing DHCP servers in Active Directory
          3. Creating and configuring scopes
            1. Creating normal scopes for IPv4 addresses
            2. Creating normal scopes for IPv6 addresses
            3. Creating normal scopes using Netsh
          4. Activating scopes
          5. Scope exclusions
          6. Scope reservations
          7. Creating and using failover scopes
        6. Configuring TCP/IP options
          1. Levels of options and their uses
          2. Policy-based assignment
          3. Options used by Windows clients
          4. Using user-specific and vendor-specific TCP/IP options
          5. Setting options for all clients
          6. Setting options for RRAS and NAP clients
          7. Setting add-on options for directly connected clients
          8. Defining classes to get different option sets
            1. Creating the class
            2. Configuring clients to use the class
        7. Advanced DHCP configuration and maintenance
          1. Monitoring DHCP audit logging
          2. Binding the DHCP Server service to a network interface
          3. Integrating DHCP and DNS
          4. Integrating DHCP and NAP
          5. Enabling conflict detection on DHCP servers
          6. Saving and restoring the DHCP configuration
          7. Managing and maintaining the DHCP database
            1. Setting DHCP database properties
            2. Backing up and restoring the database
        8. Setting up DHCP relay agents
          1. Configuring and enabling Routing And Remote Access
          2. Adding and configuring the DHCP relay agent
      4. 21. Architecting DNS Infrastructure
        1. DNS essentials
        2. Planning DNS implementations
          1. Public and private namespaces
          2. Name resolution using DNS
          3. Understanding DNS devolution
          4. DNS resource records
          5. DNS zones and zone transfers
            1. Zones that aren’t integrated with Active Directory
            2. Zones that are integrated with Active Directory
          6. Secondary zones, stub zones, and conditional forwarding
          7. Integration with other technologies
        3. Security considerations
          1. DNS queries and security
          2. DNS dynamic updates and security
          3. External DNS name resolution and security
        4. Architecting a DNS design
          1. Split-brain design: Same internal and external names
          2. Separate-name design: Different internal and external names
          3. Securing DNS from attacks
      5. 22. Implementing and Managing DNS
        1. Installing the DNS Server service
          1. Using DNS with Active Directory
          2. Using DNS without Active Directory
          3. DNS setup
          4. Configuring DNS using the wizard
          5. Configuring a small network using the Configure A DNS Server Wizard
          6. Configuring a large network using the Configure A DNS Server Wizard
        2. Configuring DNS zones, subdomains, forwarders, and zone transfers
          1. Creating forward lookup zones
          2. Creating reverse lookup zones
          3. Configuring forwarders and conditional forwarding
          4. Configuring subdomains and delegating authority
          5. Configuring zone transfers
          6. Configuring secondary notification
        3. Deploying DNSSEC
          1. DNSSEC essentials
          2. Securing zones with digital signatures
          3. Signing a zone
        4. Adding resource records
          1. Host Address (A and AAAA) and Pointer (PTR) records
          2. Canonical Name (CNAME) records
          3. Mail Exchanger (MX) records
          4. Name Server (NS) records
          5. Start of Authority (SOA) records
          6. Service Location (SRV) records
        5. Deploying global names
        6. Maintaining and monitoring DNS
          1. Configuring default application directory partitions and replication scope
          2. Setting the aging and scavenging rules
          3. Configuring logging and checking DNS Server logs
        7. Troubleshooting the DNS client service
          1. Try reregistering the client
          2. Check the client’s TCP/IP configuration
            1. Checking IPv4
            2. Checking IPv6
          3. Check the client’s resolver cache
          4. Perform lookups for troubleshooting
        8. Troubleshooting the DNS Server service
          1. Check the server’s TCP/IP configuration
          2. Check the server’s cache
          3. Check replication to other name servers
          4. Examine the configuration of the DNS server
          5. Examine zones and zone records
      6. 23. Implementing and Maintaining WINS
        1. WINS essentials
          1. NetBIOS namespace and scope
          2. NetBIOS node types
          3. WINS name registration and cache
          4. WINS implementation details
        2. Setting up WINS servers
        3. Configuring replication partners
          1. Replication essentials
          2. Configuring automatic replication partners
          3. Using designated replication partners
        4. Configuring and maintaining WINS
          1. Configuring burst handling
          2. Checking server status and configuration
          3. Checking active registrations and scavenging records
          4. Maintaining the WINS database
            1. Verifying the WINS database consistency
            2. Compacting the WINS database
            3. Backing up the WINS database
            4. Restoring the WINS database
        5. Enabling WINS lookups through DNS
    7. 5. Managing Active Directory and Security
      1. 24. Active Directory Architecture
        1. Active Directory physical architecture
          1. Active Directory physical architecture: A top-level view
          2. Active Directory within the Local Security Authority
          3. Directory service architecture
            1. Protocols and client interfaces
            2. Directory System Agent and database layer
            3. Extensible Storage Engine
          4. Data store architecture
        2. Active Directory logical architecture
          1. Active Directory objects
          2. Active Directory domains, trees, and forests
          3. Active Directory trusts
          4. Active Directory namespaces and partitions
          5. Active Directory data distribution
      2. 25. Designing and Managing the Domain Environment
        1. Design considerations for Active Directory replication
        2. Design considerations for Active Directory search and global catalogs
          1. Searching the tree
          2. Accessing the global catalog
          3. Designating global catalog servers
          4. Designating replication attributes
        3. Design considerations for compatibility
          1. Understanding domain functional level
          2. Understanding forest functional level
          3. Raising or lowering the domain or forest functional level
        4. Design considerations for Active Directory authentication and trusts
          1. Universal groups and authentication
            1. Understanding security tokens and universal group membership caching
            2. Enabling universal group membership caching
          2. NTLM and Kerberos authentication
            1. Establishing the initial authentication
            2. Accessing resources after authentication
          3. Authentication and trusts across domain boundaries
            1. Two-way transitive trusts
            2. Shortcut trusts
          4. Authentication and trusts across forest boundaries
          5. Examining domain and forest trusts
          6. Establishing external, shortcut, realm, and cross-forest trusts
          7. Verifying and troubleshooting trusts
        5. Delegating authentication
          1. Delegated authentication essentials
          2. Configuring delegated authentication
            1. Configuring the delegated user account
            2. Configuring the delegated service or computer account
        6. Design considerations for Active Directory operations masters
          1. Operations master roles
          2. Using, locating, and transferring the schema master role
          3. Using, locating, and transferring the domain naming master role
          4. Using, locating, and transferring the relative ID master role
          5. Using, locating, and transferring the PDC emulator role
          6. Using, locating, and transferring the infrastructure master role
          7. Seizing operations master roles
      3. 26. Organizing Active Directory
        1. Creating an Active Directory implementation or update plan
          1. Developing a forest plan
          2. Forest namespace
          3. A single forest vs. multiple forests
          4. Forest administration
        2. Developing a domain plan
          1. Domain design considerations
          2. A single domain vs. multiple domains
          3. Forest root domain design configurations
          4. Changing domain design
        3. Developing an organizational unit plan
          1. Using organizational units
          2. Using OUs for delegation
          3. Using OUs for Group Policy
          4. Creating an OU design
            1. OU design: Division or business unit model
            2. OU design: Geographic model
            3. OU design: The cost center model
            4. OU design: The administration model
      4. 27. Configuring Active Directory Sites and Replication
        1. Working with Active Directory sites
          1. Single site vs. multiple sites
          2. Replication within and between sites
          3. Determining site boundaries
        2. Understanding Active Directory replication
          1. Tracking Active Directory replication changes over time
          2. Tracking Active Directory system volume changes over time
          3. Replication architecture: An overview
          4. Intersite replication essentials
        3. Replication rings and directory partitions
        4. Developing or revising a site design
          1. Mapping network infrastructure
          2. Creating a site design
            1. Mapping the network structure to the site structure
            2. Designing each individual site
            3. Designing the intersite replication topology
            4. Considering the impact of site-link bridging
            5. Planning the placement of servers in sites
      5. 28. Implementing Active Directory Domain Services
        1. Preinstallation considerations for Active Directory
          1. Hardware and configuration considerations for domain controllers
          2. Configuring Active Directory for fast recovery with storage area networks
          3. Connecting clients to Active Directory
        2. Installing Active Directory Domain Services
          1. Active Directory installation options and issues
          2. Using the Active Directory Domain Services Configuration Wizard
            1. Creating additional domain controllers for an existing domain
            2. Creating new domains in new forests
            3. Creating a new domain or domain tree within an existing forest
          3. Performing an Active Directory installation from media
        3. Cloning virtualized domain controllers
          1. Using clones of virtualized domain controllers
          2. Creating a clone virtualized domain controller
          3. Finalizing the clone deployment
          4. Troubleshooting the clone deployment
        4. Uninstalling Active Directory
        5. Creating and managing organizational units
          1. Creating an OU
          2. Setting OU properties
          3. Creating or moving accounts and resources for use with an OU
        6. Delegating the administration of domains and OUs
          1. Understanding delegation of administration
          2. Delegating administration
      6. 29. Deploying Read-only Domain Controllers
        1. Introducing read-only domain controllers
        2. Design considerations for read-only replication
        3. Installing RODCs
          1. Preparing for an RODC installation
          2. Installing an RODC
          3. Installing an RODC from media
          4. Staging an RODC
        4. Managing Password Replication Policy
          1. Working with Password Replication Policy
          2. Allowing or denying accounts in Password Replication Policy
          3. Viewing and managing credentials on an RODC
          4. Determining whether an account is allowed or denied access
          5. Resetting credentials
          6. Delegating administrative permissions
      7. 30. Managing Users, Groups, and Computers
        1. Managing domain user accounts
          1. Configuring user account policies
            1. Enforcing Password Policy
            2. Configuring Account Lockout Policy
            3. Setting Kerberos Policy
          2. Creating Password Settings Objects and applying secondary settings
          3. Understanding user account capabilities, privileges, and rights
          4. Assigning user rights
            1. Assigning user rights for a domain or OU
            2. Assigning user rights on a specific computer
          5. Creating and configuring domain user accounts
            1. Obtaining effective access
          6. Configuring account options
          7. Configuring profile options
          8. Troubleshooting user accounts
        2. Maintaining user accounts
          1. Deleting user accounts
          2. Disabling and enabling user accounts
          3. Moving user accounts
          4. Renaming user accounts
          5. Resetting a user’s domain password
          6. Unlocking user accounts
          7. Creating a user account password backup
        3. Managing groups
          1. Understanding groups
          2. Creating a group
          3. Adding members to groups
          4. Deleting a group
          5. Modifying groups
            1. Finding a group
        4. Managing computer accounts
          1. Creating a computer account in Active Directory
          2. Joining computers to a domain
          3. Moving a computer account
          4. Disabling a computer account
          5. Deleting a computer account
          6. Managing a computer account
          7. Resetting a computer account
          8. Troubleshooting computer accounts
        5. Recovering deleted accounts
          1. Enabling Active Directory Recycle Bin
          2. Recovering objects from the recycle bin
      8. 31. Managing Group Policy
        1. Understanding Group Policy
          1. Local and Active Directory Group Policy
          2. Group Policy settings
          3. Group Policy architecture
          4. Administrative templates
        2. Implementing Group Policy
          1. Working with Local Group Policy
          2. Working with Group Policy Management Console
            1. Using Group Policy Management Console
            2. Accessing forests, domains, and sites in Group Policy Management Console
            3. Creating and linking a new GPO in Group Policy Management Console
            4. Editing an existing GPO in Group Policy Management Console
            5. Linking to an existing GPO in Group Policy Management Console
            6. Working with starter GPOs
            7. Deleting an existing GPO in Group Policy Management Console
          3. Working with the default Group Policy Objects
        3. Managing Group Policy through delegation
          1. Managing GPO creation rights
          2. Reviewing Group Policy management privileges
          3. Delegating Group Policy management privileges
          4. Delegating privileges for links and RSoP
        4. Managing Group Policy inheritance and processing
          1. Group Policy inheritance
          2. Changing link order and precedence
          3. Overriding inheritance
          4. Blocking inheritance
          5. Enforcing inheritance
          6. Filtering Group Policy application
          7. Group Policy processing
          8. Modifying Group Policy processing
          9. Modifying user policy preference using loopback processing
        5. Using scripts in Group Policy
          1. Configuring computer startup and shutdown scripts
          2. Configuring user logon and logoff scripts
        6. Applying Group Policy through security templates
          1. Working with security templates
          2. Applying security templates
        7. Maintaining and troubleshooting Group Policy
          1. Group Policy refresh
          2. Modifying Group Policy refresh
          3. Viewing applicable GPOs and the last refresh
          4. Modeling GPOs for planning
          5. Refreshing Group Policy manually
          6. Backing up GPOs
          7. Restoring GPOs
          8. Fixing default Group Policy
      9. 32. Active Directory Site Administration
        1. Managing sites and subnets
          1. Creating an Active Directory site
          2. Creating a subnet and associating it with a site
          3. Associating domain controllers with a site
        2. Managing site links and intersite replication
          1. Understanding IP and SMTP replication transports
          2. Creating a site link
          3. Configuring replication schedules for site links
          4. Configuring site-link bridges
          5. Determining the ISTG
          6. Configuring site bridgehead servers
          7. Configuring advanced site-link options
        3. Monitoring and troubleshooting replication
          1. Using the Replication Administrator
          2. Using PowerShell to monitor and troubleshoot replication
          3. Monitoring replication
          4. Modifying intersite replication for testing
    8. A. Index to Troubleshooting Topics
    9. Index
    10. About the Author
    11. Copyright