Windows Server® 2008 Administrator’s Companion

Book description

This comprehensive, one-volume guide delivers the information you need to successfully deploy, administer, and support Windows Server 2008. The authors—MVP experts in Windows Server technologies—provide easy-to-follow procedures, practical workarounds, and key troubleshooting tactics for everyday, on-the-job results. Delve into core system administration topics, system features, and capabilities—and get expert insights for administering Windows Server 2008. This reference delivers essential information on Active Directory directory service, security issues, disaster planning and recovery, and interoperability with Linux and UNIX. It also includes coverage of Internet Information Services (IIS) 7.0, virtualization, clustering, and performance tuning. With the ADMINISTRATOR’S COMPANION, you get the in-depth information you need in a single volume. Includes a companion CD with a searchable eBook and sample utilities.

For customers who purchase an ebook version of this title, instructions for downloading the CD files can be found in the ebook.

Table of contents

  1. Windows Server® 2008 Administrator’s Companion
  2. Acknowledgments
  3. Introduction
    1. Meet the Family
    2. New in Windows Server 2008
    3. What’s In This Book
    4. System Requirements
    5. About the Companion CD
    6. Support
  4. I. Prepare
    1. 1. Introduction to Windows Server 2008
      1. Worth the Wait
      2. Server Virtualization
      3. Server Core
      4. PowerShell
      5. Read-Only Domain Controller
      6. Active Directory Domain Services
        1. Restartable Active Directory Domain Services
        2. Fine-Grained Password Policies
        3. Data Mining Tool
      7. Terminal Services
        1. Terminal Services Gateway
        2. Terminal Services RemoteApp
        3. Terminal Services Web Access
        4. Terminal Services Session Broker
        5. Terminal Services Drain Mode
      8. Server Manager
      9. Windows Server Backup
      10. Clean Service Shutdown
      11. More Security Features
        1. Address Space Load Randomization
        2. BitLocker Drive Encryption
        3. Windows Firewall
        4. Network Access Protection
      12. Versions of Windows Server 2008
      13. Summary
    2. 2. Introducing Directory Services
      1. Understanding Directory Services
      2. Active Directory in Microsoft Windows Server 2008
        1. Terminology and Concepts in Active Directory
          1. Namespace and Name Resolution
          2. Attribute
          3. Object
          4. Container
          5. Tree and Subtree
          6. Distinguished Name
          7. Schema
      3. The Active Directory Architecture
        1. The Directory System Agent
        2. Naming Formats
        3. The Data Model
        4. Schema Implementation
        5. The Security Model
          1. Delegation and Inheritance
        6. Naming Contexts and Partitions
        7. The Global Catalog
      4. Summary
    3. 3. Planning Namespace and Domains
      1. Analyzing Naming Convention Needs
        1. Trees and Forests
          1. Trees
          2. Forests
        2. Defining a Naming Convention
          1. The Organizational Naming Convention
          2. The Geographical Naming Convention
          3. Mixed Naming Conventions
        3. Determining Name Resolution
          1. Using the Same Internal and External Namespaces
          2. Using Different Internal and External Namespaces
      2. Planning a Domain Structure
        1. Domains vs. Organizational Units
          1. Domains
          2. Organizational Units
        2. Designing a Domain Structure
          1. Designing a Single-Domain Tree Structure
          2. Designing a Multiple-Domain Tree Structure
        3. Domain Security Guidelines
        4. Creating Organizational Units
      3. Planning Multiple Domains
        1. Planning a Contiguous Namespace
        2. Determining the Need for a Multi-Tree Forest
        3. Creating the Forest
      4. Summary
    4. 4. Planning Deployment
      1. How Information Technology Functions
      2. Identifying Business Needs
        1. Getting Specific
        2. Seeing into the Future
      3. Assessing Current Systems
        1. Documenting the Network
          1. The Organizational and Physical Infrastructure
          2. Traffic Patterns
          3. Network Addresses
          4. Operating System Connectivity
          5. External Connectivity
          6. Existing Network Operating Systems
          7. Existing Applications and Services
          8. Server Load
      4. Making a Roadmap
        1. Defining Goals
        2. Assessing Risk
      5. Summary
  5. II. Install and Configure
    1. 5. Getting Started
      1. Reviewing System Requirements
      2. Designing a Deployment Environment
        1. Choosing an Installation Method
        2. Installing Windows Server 2008
          1. Server Core Installations
          2. Default Settings in Initial Configuration
        3. Automating Server Deployment
        4. Installing and Configuring WDS
          1. Installation Steps
          2. Initial Configuration
          3. Setting Additional Properties
        5. Adding Additional Images
          1. Adding Standard Images
          2. Creating a Capture Image
          3. Adding Custom Images
      3. Troubleshooting Installations
        1. Failure to Boot from a Network Distribution Point
          1. Failure to Connect to the PXE Server
          2. Failure to Load WinPE
          3. WinPE Can’t Connect to the Distribution Server
          4. Image Corruption
        2. Corrupt File During Installation
        3. Failure to Find a Hard Disk
        4. Stop Errors
      4. Summary
    2. 6. Upgrading to Windows Server 2008
      1. Upgrade Matrix
      2. Common Threads to Upgrades
        1. Pre-Upgrade Steps
        2. Architecture
        3. Active Directory
        4. Hardware Support
        5. Software Support
      3. Preparing Domains and Computers
        1. Upgrading Clients
      4. Performing the Upgrade
        1. Upgrading To Windows Server 2008
        2. Forest and Domain Functional Levels
      5. Summary
    3. 7. Configuring a New Installation
      1. Overview of the Tasks
      2. Initial Logon
      3. Configure Hardware
      4. Configuring Basic Computer Information
        1. Setting the Time Zone
        2. Configuring Networking
        3. Setting the Computer Name and Domain
      5. Updating and Feedback Settings
        1. Enable Updates and Feedback
        2. Getting Updates
      6. Customizing the Server
        1. Adding the Windows PowerShell Feature
        2. Enable Remote Desktop
        3. Configuring Windows Firewall
      7. Closing the Initial Configuration Tasks Wizard
      8. Summary
    4. 8. Installing Server Roles and Features
      1. Defining Server Roles
      2. Adding and Removing Roles
        1. Add a Role
          1. Using the Server Manager Console
          2. Using the Command Line
        2. Removing a Role
          1. Using the Server Manager Console
          2. Using the Command Line
      3. Adding and Removing Role Services
        1. Adding Role Services
        2. Removing Role Services
      4. Adding and Removing Features
        1. Adding Features
        2. Removing Features
      5. Summary
    5. 9. Installing and Configuring Server Core
      1. Benefits of a Server Core Installation
        1. Security
        2. Resources
      2. Installing Server Core
      3. Configuration
      4. Initial Configuration
        1. Set IP Address
        2. Renaming the Server and Joining to a Domain
        3. Setting Desktop Display Resolution
        4. Enabling Remote Management
        5. Activating the Server
        6. Installing Roles
          1. Listing Roles
      5. Managing a Server Core Computer
        1. Using Windows Remote Shell
        2. Using Terminal Server RemoteApp
      6. Summary
    6. 10. Managing Printers
      1. Planning Printer Deployment
        1. Establishing Printer Naming Conventions
        2. Creating a Location-Naming Convention
      2. Creating a Print Server
      3. Enabling Printer Location Tracking
      4. Migrating Print Servers
        1. Using the Print Migration Wizard
        2. Using the Command Line
      5. Installing Printers
      6. Deploying Printers with Group Policy
        1. Adding PushPrinterConnections Using Group Policy
      7. Managing Print Jobs from Windows
        1. Temporarily Stopping Print Jobs
        2. Canceling Print Jobs
        3. Restarting a Print Job
        4. Changing a Print Job Priority
        5. Moving Print Jobs
      8. Managing Printers from the Command Line
      9. Setting Security Options
      10. Changing Printer Availability and Group Priorities
      11. Specifying a Separator Page
      12. Modifying Print Spooling by Printer
        1. Spool Print Documents So Program Finishes Printing Faster
        2. Print Directly To The Printer
        3. Hold Mismatched Documents
        4. Print Spooled Documents First
        5. Keep Printed Documents
      13. Modifying Spooling on a Print Server
      14. Optimizing Print Server Performance
        1. Changing the Print Spooling Folder Location
      15. Managing Printer Drivers
      16. Creating Printer Pools
      17. Preparing for Print Server Failure
      18. Troubleshooting Printers
        1. Starting at the Server
          1. Physical problems
          2. Print server problems
          3. Network connectivity problems
          4. Client problems
          5. Document Prints Incorrectly
          6. Document Fails to Print
          7. Printing from a Particular Application Fails
          8. Deleting Stuck Documents
          9. Check the Print Server Status
        2. Starting at the Client
          1. Print from the Client Computer Experiencing the Problem
          2. Check the Printer
      19. Summary
    7. 11. Managing Users and Groups
      1. Understanding Groups
        1. Assigning Group Scopes
          1. Global Scope
          2. Domain Local Scope
          3. Universal Scope
      2. Planning Organizational Units
        1. Creating Organizational Units
        2. Moving Organizational Units
        3. Deleting Organizational Units
      3. Planning a Group Strategy
        1. Determining Group Names
        2. Using Global and Domain Local Groups
        3. Using Universal Groups
      4. Implementing the Group Strategy
        1. Creating Groups
        2. Deleting Groups
        3. Adding Users to a Group
          1. Changing the Group Scope
          2. Creating Local Groups
      5. Managing Default Groups and User Rights
        1. Builtin Local Groups
        2. Builtin Domain Local Groups
        3. Builtin Global Groups
        4. Defining User Rights
          1. Assigning User Rights to a Group
          2. Assigning Rights Locally
      6. Creating User Accounts
        1. Naming User Accounts
        2. Account Options
        3. Passwords
        4. Creating a Domain User Account
        5. Creating a Local User Account
        6. Setting User Account Properties
        7. Testing User Accounts
      7. Managing User Accounts
        1. Finding a User Account
        2. Disabling and Enabling a User Account
        3. Deleting a User Account
        4. Moving a User Account
        5. Renaming a User Account
        6. Resetting a User’s Password
        7. Unlocking a User Account
      8. Using Home Folders
        1. Creating Home Folders on a Server
        2. Providing Home Folders to Users
      9. Maintaining User Profiles
        1. Local Profiles
        2. Roaming Profiles
          1. Setting Up Roaming Profiles
          2. Creating Customized Roaming Profiles
          3. Using Mandatory Profiles
        3. Assigning a Logon Script to a User Profile
      10. Summary
    8. 12. Managing File Resources
      1. Share Permissions vs. File Permissions
        1. Share Permissions
        2. File Permissions
      2. NTFS Permissions
        1. What Permissions Mean
        2. How Permissions Work
        3. Considering Inheritance
        4. Configuring Folder Permissions
        5. Assigning Permissions to Files
        6. Configuring Special Permissions
        7. Ownership and How It Works
          1. Taking Ownership of an Object
          2. Transferring Ownership
      3. Shared Folders
        1. Using Share And Storage Management
          1. Removing a Folder Share
          2. Special Shares
        2. Using the Command Line: Net Share
        3. Publishing Shares in Active Directory
      4. Distributed File System (DFS)
        1. DFS Terminology
          1. Namespace Type
        2. Namespace Server Requirements
        3. Namespace Client Requirements
        4. DFS Replication
          1. File Replication Service
          2. Replication Topologies
        5. Installing DFS Management
        6. Creating or Opening a Namespace Root
        7. Adding Namespace Servers
        8. Adding DFS Folders
        9. Changing Advanced Settings
          1. Changing Namespace Referral Settings
          2. Overriding Referral Settings on Individual Folders
          3. Delegating Management Permissions
          4. Changing Namespace Polling Settings
        10. Backing Up and Restoring the DFS Folder Targets
        11. Using DFS Replication
          1. Creating a Replication Group
          2. Replicating a DFS Folder
          3. Creating a Branch Office Replication Group
          4. Creating a Multipurpose Replication Group
          5. Managing Replication Groups
      5. Summary
    9. 13. Group Policy
      1. What’s New in Server 2008
      2. Components of Group Policy
      3. Group Policy Objects
        1. Order of Implementation
        2. Order of Inheritance
          1. Overriding Inheritance
            1. Enforcing a GPO Link
            2. Blocking Inheritance
        3. Creating a Group Policy Object
        4. Editing a Group Policy Object
        5. Deleting a Group Policy Object
        6. Searching for a Group Policy Object
        7. Using Starter GPOs
          1. Creating a Starter GPO
          2. Editing a Starter GPO
          3. Creating a New GPO from a Starter GPO
          4. Generating a Report of Starter GPO Settings
          5. Importing and Exporting a Starter GPO
        8. Group Policy Preferences
        9. Using Group Policy Preferences for Windows
          1. Drive Maps
          2. Environment
          3. Files
          4. Folders
          5. Ini Files
          6. Network Shares
          7. Registry
            1. Creating Multiple Registry Items
          8. Shortcuts
        10. Configuring Common Options
        11. Using Group Policy Preferences for Control Panel
          1. Data Sources
          2. Devices
          3. Folder Options
            1. Creating a Windows XP Folder Options Item
            2. Configuring a Windows Vista Folder Options Item
            3. Configuring an Open With Item
            4. Configuring a File Type Item
          4. Internet Settings
            1. Creating an Internet Explorer 7 Item
            2. Creating an Internet Explorer 5 or 6 Item
          5. Local Users and Groups
            1. Creating a Local User Item
            2. Creating a Local Group Item
          6. Network Options
            1. Creating a New VPN Connection Item
            2. Creating a New DUN Connection Item
          7. Power Options
            1. Configuring a Windows XP Power Options Item
            2. Configuring a Windows XP Power Scheme Item
          8. Printers
            1. Creating a Local Printer Item
            2. Creating a Shared Printer Item
            3. Creating a TCP/IP Printer Item
          9. Regional Options
          10. Scheduled Tasks
            1. Configuring a New Scheduled Task
            2. Configuring an Immediate Task (Windows XP) Item
          11. Services
          12. Start Menu
            1. Creating a Start Menu Item (Windows Vista)
            2. Creating a Start Menu Item (Windows XP)
          13. Configuring a Targeting Item
      4. Delegating Permissions on GPOs
        1. Delegating Permission to Create
        2. Delegating Permission to Link
        3. Delegating Permission to Edit, Delete, or Modify Security
      5. Disabling a Branch of a GPO
      6. Refreshing Group Policy
      7. Backing Up a Group Policy Object
      8. Restoring a Group Policy Object
      9. Using Group Policy for Folder Redirection
        1. Redirecting to One Location
        2. Redirecting by Group Membership
        3. Removing Redirection
      10. Using Resultant Set of Policy (RSoP)
        1. Running an RSoP Query
        2. A Planning RSoP
        3. A Logging RSoP
      11. Summary
  6. III. Administer the Network
    1. 14. Managing Daily Operations
      1. User Account Control (UAC) for Administration
        1. The Admin Approval Mode (AAM)
        2. UAC and Registry Virtualization
          1. How It Works
        3. Disabling Aspects of User Account Control
          1. Disabling Admin Approval Mode
          2. Changing the Behavior of the Elevation Prompt
          3. Disabling UAC Prompts to Install Applications
          4. Configuring an Application to Always Run Elevated
        4. Turning Off UAC
      2. Using Microsoft Management Console 3.0
        1. Setting MMC 3.0 Console Options
        2. Creating an MMC Console with Snap-Ins
        3. Using the New Taskpad View Wizard
        4. Distributing and Using Consoles
        5. Using MMC for Remote Administration
        6. Setting Auditing Policy
          1. Exposure
          2. Defenses
          3. Likely Effect
        7. Auditing Categories
          1. Account Logon Events
          2. Account Management
          3. Directory Service Access
          4. Logon Events
          5. Object Access
          6. Policy Change
          7. Privilege Use
          8. Process Tracking
          9. System Events
        8. Auditing Directory Service Events
        9. Enabling Auditing of AD DS Objects
          1. Using Auditpol.exe
        10. Setting Global Audit Policy
        11. Enabling Auditing
          1. Auditing Settings for Objects
        12. Using Event Viewer
          1. Windows Logs
          2. Applications And Services Logs
          3. Creating Custom Views
          4. Forwarding and Collecting Events
          5. Creating Subscriptions
          6. Working with Events on a Remote Computer
          7. Running a Task When a Given Event Occurs
        13. Managing Event Logs
          1. Setting the Maximum Log Size
          2. Setting the Retention Policy
          3. Saving Event Logs
        14. Using Task Scheduler
          1. Creating a Basic Task
          2. Creating a More Complicated Task
        15. Using the AT Command
        16. Delegating Tasks
      3. Summary
    2. 15. Using Scripts for Consistent Administration
      1. Introducing Windows PowerShell
      2. Understanding Windows PowerShell
        1. Basics
          1. Security
          2. Terminology
          3. Case Sensitivity
          4. The PowerShell Console
          5. Tab Completion
          6. Basic Customizing
            1. Managing Profiles
            2. Setting the Prompt
        2. PowerShell as a Shell
          1. What Is an Interactive Shell?
          2. Avoiding Errors
          3. Running Cmd Commands
          4. User Credentials
        3. Cmdlets
          1. What Is a Cmdlet?
          2. Some Commonly Used Cmdlets
      3. Windows Infrastructure
        1. The .NET Framework
        2. Windows Management Instrumentation (WMI)
        3. Windows Remote Management (WinRM)
        4. Component Object Model (COM)
        5. Creating Popup and Input Boxes
      4. Exploring PowerShell
        1. Get-Command
        2. Get-Help
        3. Get-Member
        4. Data Display
        5. Parameter Sets and Positional Parameters
        6. Loading a Snap-in
      5. Powershell Scripting Basics
        1. Creating a .ps1 Script
        2. Comments
        3. Variables
        4. Scope
        5. Strings
        6. Here Strings
        7. Wildcards and Regular Expressions
        8. Arrays
        9. Hashtables
        10. Operators
        11. Functions
        12. Conditional Statements
        13. Looping Statements
        14. Importing and Exporting From and To Files
        15. Flow Control
        16. Formatting Cmdlets
        17. Exiting from Scripts, Functions, and Loops
        18. Dot-Sourcing
        19. Passing Arguments
        20. Param Statement
        21. $_ and $input
        22. Error Handling
        23. Redirection Operators
        24. Type Accelerators
        25. Escaping Characters
      6. Windows PowerShell Examples
        1. Typical File System Tasks
        2. Testing Whether a File or Directory Exists
        3. Windows Server Backup Cmdlets
        4. Examples of Managing Server Core
        5. XML Support
        6. Using the File Transfer Protocol (FTP)
        7. Downloading a File Using HTTP
        8. Sending E-mail via SMTP
        9. Compressing Files
        10. Dealing with Dates
        11. Timer/Countdown
        12. Taking Input from the Console
        13. Storing Secure Information
        14. Checking Services and Processes
        15. Checking the Windows Event Log
        16. Getting Memory and CPU Information
        17. Accessing Performance Counters
        18. Checking Disk Space Usage
        19. Working with the Registry
        20. Copying Files to Another Directory Recursively
        21. Rotating Logs
        22. Renaming Files
        23. Scheduling Tasks
        24. Running Against Multiple Targets
        25. Creating XML-Formatted Data
        26. Checking Open Ports
        27. Head, Tail, Touch, and Tee
      7. Summary
    3. 16. Installing and Configuring Directory Services
      1. Active Directory in Windows Server 2008
        1. Active Directory Domain Services
        2. Active Directory Lightweight Directory Services
        3. Active Directory Rights Management Services
        4. Active Directory Federation Services
        5. Active Directory Certificate Services
      2. Installing Active Directory Domain Services
        1. Prerequisites for Installing AD DS
          1. Hard Disk Space Requirements
          2. Network Connectivity
          3. DNS
          4. Administrative Permissions
      3. Installing AD DS Using the Active Directory Domain Services Installation Wizard
        1. Operating System Compatibility
        2. Deployment Configuration
        3. Naming the Domain
        4. Setting the Windows Server 2008 Functional Levels
          1. Additional Domain Controller Options
        5. File Locations
        6. Completing the Installation
        7. Adding a Domain Controller to an Existing Domain
        8. Verifying the Installation of AD DS
        9. Advanced Options
        10. Install from Media
        11. Unattended Installation
        12. Uninstalling AD DS
          1. Forced Removal of a Windows Server 2008 Domain Controller
      4. Installing and Configuring Read-Only Domain Controllers
        1. What Are Read-Only Domain Controllers?
        2. Why Use RODCs?
        3. Delegating RODC Installations and Administration
          1. Staging the RODC Account
          2. Installing AD DS on the RODC
        4. Configuring Password Replication Policies
      5. Managing AD DS with Active Directory Users and Computers
        1. Viewing AD DS Objects
          1. AD DS Object Types
          2. Normal Mode vs. Advanced Mode
          3. Changing the Domain
          4. Using Filters to Simplify the Display
        2. Creating a Computer Object
        3. Configuring Computer Objects
        4. Using Remote Computer Management
        5. Publishing a Shared Folder
        6. Publishing a Printer
        7. Moving, Renaming, and Deleting Objects
      6. Managing AD DS with Active Directory Domains and Trusts
        1. Launching Active Directory Domains And Trusts
        2. Managing Domain Trust Relationships
        3. Specifying the Domain Manager
        4. Configuring User Principal Name Suffixes for a Forest
      7. Using Active Directory Sites And Services
        1. AD DS Sites Overview
          1. Subnet Objects
          2. Server Objects
        2. Understanding AD DS Replication
          1. Intrasite Replication
          2. Intersite Replication
        3. Launching Active Directory Sites And Services
          1. Viewing Replication Objects
          2. Creating Site Objects
          3. Creating Server and Connection Objects
          4. Creating Subnet Objects
          5. Creating Site Link Objects
          6. Configuring Site Links
          7. Creating Site Link Bridge Objects
      8. Installing and Configuring Active Directory Lightweight Directory Service
        1. AD LDS Overview
        2. AD LDS Features
        3. Configuring Instances and Application Partitions
        4. Managing AD LDS
          1. Using the ADSI Edit Tool
          2. Using the Ldp.exe Tool
          3. Using the Dsdbutil Tool
          4. Configuring Access Control
        5. Configuring Replication
          1. Creating AD LDS Replicas
        6. Configuring AD DS and AD LDS Synchronization
      9. Summary
    4. 17. Managing Active Directory
      1. Maintaining the AD DS Database
        1. AD DS Data Storage
        2. Garbage Collection
        3. Online Defragmentation
        4. Restartable Active Directory Domain Services
        5. Offline Defragmentation of the AD DS Database
        6. Moving Database and Transaction Log Locations
      2. Backing Up AD DS
        1. The Need for Backups
        2. Backup Frequency
        3. Performing an AD DS Backup with Windows Server Backup
      3. Restoring AD DS
        1. Removing Domain Controllers from AD DS with Ntdsutil
        2. Performing a Nonauthoritative Restore of AD DS
        3. Performing an Authoritative Restore of AD DS
      4. Managing the AD DS Schema
        1. Requirements for Modifying the AD DS Schema
        2. Launching Active Directory Schema
        3. Modifying the Schema
          1. Creating Attributes
          2. Creating Object Classes
          3. Adding Attributes to a Class
          4. Adding an Auxiliary Class to a Structural Class
        4. Managing Operations Master Roles
          1. Schema Master
          2. Domain Naming Master
          3. RID Master
          4. PDC Emulator
          5. Infrastructure Master
        5. Transferring Operations Master Roles
        6. Seizing Operations Master Roles
      5. Auditing AD DS
        1. Configuring the Audit Policy
        2. Enabling Auditing of AD DS Changes
      6. Summary
    5. 18. Administering TCP/IP
      1. Using DHCP
        1. Designing DHCP Networks
          1. DHCP Security Considerations
          2. Plan the IP Address Range and Exclusions
        2. Adding the DHCP Server Role
        3. Creating a New Scope
          1. Creating a New IPv4 DHCP Scope
          2. Creating a New IPv6 DHCP Scope
        4. Authorizing the DHCP Server and Activating Scopes
        5. Adding Address Reservations
        6. Using Multiple DHCP Servers for Redundancy
          1. Splitting the Address Space Between Two Servers
          2. Setting Up a DHCP Server Cluster
          3. Enabling Server-Based Conflict Detection
        7. Setting Up a DHCP Relay Agent
        8. DHCP Command-Line Administration
      2. Using DNS Server
        1. Setting Up a DNS Server
        2. Creating Subdomains and Delegating Authority
        3. Adding Resource Records
        4. Configuring Zone Transfers
        5. Interoperating with Other DNS Servers
        6. Setting Up a Forwarder
      3. Setting Up a WINS Server
      4. Summary
    6. 19. Implementing Disk Management
      1. Understanding Disk Terminology
      2. Overview of Disk Management
        1. Remote Management
        2. Dynamic Disks
        3. Command Line
        4. Adding a New Disk
          1. Setting a Disk Online
          2. Initializing a New Disk
      3. Partitions and Volumes
        1. Creating a Volume or Partition
        2. Creating Extended Partitions and Logical Drives
        3. Converting a Disk to a Dynamic Disk
        4. Converting a Disk to a GPT Disk
        5. Changing the Size of a Volume
          1. Extending a Volume
          2. Shrinking a Volume
        6. Adding a Mirror to a Volume
          1. Drive Failure in a Mirrored Volume
      4. Setting Disk Quotas
        1. Enabling Quotas on a Disk
        2. Setting Per-User Quotas
        3. Importing and Exporting Quotas
      5. Enabling File Encryption
      6. Summary
    7. 20. Managing Storage
      1. Using File Server Resource Manager
        1. Installation and Initial Configuration of FSRM
        2. Scheduling Storage Reports
        3. Using Directory Quotas
          1. Directory Quota Types
          2. Creating Quotas and Auto Quotas
          3. Viewing and Managing Quotas
          4. Creating and Editing Quota Templates
        4. Screening Files
          1. Creating File Screens
          2. Creating Exceptions
          3. Creating and Editing File Screen Templates
          4. Working with File Groups
      2. Overview of SAN Manager
        1. Concepts and Terminology
        2. Installing Storage Manager For SANs
        3. Using the Storage Manager For SANs Console
        4. Managing Server Connections
        5. Managing iSCSI Targets
        6. Managing iSCSI Security
        7. Logging In to iSCSI Targets
        8. Creating and Deploying Logical Units (LUNs)
        9. Extending a LUN
      3. Removable Storage
        1. Concepts and Terminology
          1. Removable Devices and Libraries
          2. Media Pools
          3. Removable Storage Media Identification
          4. Media States
            1. Physical States
            2. Side States
        2. Use and Management
          1. Managing Libraries
            1. Inventorying Libraries
            2. Setting Door and Inject/Eject Port Timeouts
            3. Enabling and Disabling Individual Drives in a Library
            4. Cleaning Libraries
          2. Managing Media Pools
          3. Managing Physical Media
            1. Injecting and Ejecting Media
            2. Mounting and Dismounting Media
          4. Using the Work Queue
          5. Working with Operator Requests
      4. Summary
    8. 21. Using Clusters
      1. What Is a Cluster?
        1. Network Load Balancing Clusters
        2. Failover Clusters
      2. New Failover Cluster Features
      3. Windows Server 2008 Core
      4. Cluster Scenarios
        1. Web Server
        2. Terminal Services
        3. Mission-Critical Applications and Services
      5. Requirements and Planning
        1. Identifying and Addressing Goals
        2. Identifying a Solution
        3. Identifying and Addressing Risks
        4. Making Checklists
      6. Network Load Balancing Clusters
        1. NLB Concepts
        2. Choosing an NLB Cluster Model
          1. Single Network Adapter in Unicast Mode
          2. Single Network Adapter in Multicast Mode
          3. Multiple Network Adapters in Unicast Mode
          4. Multiple Network Adapters in Multicast Mode
        3. Creating an NLB Cluster
          1. New NLB Cluster
          2. Adding a Node to an NLB Cluster
          3. Removing a Host from an NLB Cluster
        4. Planning the Capacity of an NLB Cluster
        5. Providing Fault Tolerance
        6. Optimizing an NLB Cluster
      7. Failover Clusters
        1. Failover Cluster Concepts
          1. Validated Cluster Configuration
          2. Networks (Interconnects)
          3. Nodes
          4. Services and Applications
          5. Resources
        2. Types of Resources
          1. Client Access Point
          2. File Server
          3. DHCP and WINS
          4. Print Spooler
          5. Internet Protocol Address
          6. iSNSClusRes
          7. NFS Share
          8. Generic Application
          9. Generic Script
          10. Generic Service
          11. Volume Shadow Copy Service Task
          12. Cluster Disk
        3. Defining Failover and Failback
        4. Configuring a Failover Cluster
          1. High Availability with Load Balancing
          2. Maximum Availability Without Load Balancing
          3. Partial Failover (Load Shedding)
          4. Virtual Server Only
        5. Planning the Capacity of a Failover Cluster
        6. Creating a Failover Cluster
          1. New Failover Cluster
          2. Creating a Clustered Resource
            1. New File Server
            2. New File Share
      8. HPC Clusters
      9. Summary
  7. IV. Secure the Network
    1. 22. Planning Security
      1. The Fundamental Principles of Security
        1. Confidentiality
        2. Integrity
        3. Availability
      2. The Eight Rules of Security
        1. Rule of Least Privilege
        2. Rule of Change Management
        3. Rule of Trust
        4. Rule of the Weakest Link
        5. Rule of Separation
        6. Rule of the Three-Fold Process
        7. Rule of Preventative Action
        8. Rule of Immediate and Proper Response
      3. The Higher Security Mindset
        1. Think in Terms of Zones
        2. Create Chokepoints
          1. Network Chokepoints
          2. Application Chokepoints
        3. Layer Your Security
        4. Understand Relational Security
        5. Divide Responsibility
          1. Staff redundancy
          2. Monitor everyone
          3. No one is above security enforcement
      4. Summary
    2. 23. Implementing Security
      1. Introduction
        1. Secure at Installation
          1. System Account Roles
        2. Server Core
      2. Roles and Features Wizards
      3. Securing the Startup: BitLocker
        1. Setting Up BitLocker
          1. Setting Up the Volumes
          2. Installing the BitLocker Feature
          3. Enabling BitLocker Encryption
          4. Encrypting Server Data Volumes
          5. Recovery with BitLocker
      4. Securing the Accounts
        1. Disabling the Administrator Account
        2. Password Policies on Standalone Servers
        3. Password Policies in Domains
      5. Windows Server 2008 Firewall
        1. Setting Firewall Policies Using Group Policy
        2. Firewall Rule Basics
        3. Rule Definitions
        4. Creating a Firewall Policy
        5. Windows Firewall Via Command Line
      6. Additional Security Changes
        1. New Groups
        2. Auditing
        3. LanMan Hashes and Authentication Level
        4. SMBv2
        5. Read Only Domain Controllers
      7. Summary
    3. 24. Administering Network Access Protection
      1. Why the Need for NAP?
      2. Planning the Deployment
        1. NAP Shopping List
        2. Servers Needed for NAP
        3. Benefits of NAP
      3. Determining the Health Policy
        1. Policies Checked
        2. Enforcement Levels
        3. Determining Exemptions
      4. Testing IPsec NAP Enforcement
        1. Setting Up a Certificate Server
          1. Setting Up the NAP Server
          2. Installing the Group Policy Management Console
        2. Configuring the NAP Health Policy Server
        3. Client Settings for NAP
          1. Enable IPsec Enforcement
          2. Steps on the Workstations
          3. Creating Boundaries for IPsec
      5. IEEE 802.1x Enforcement in NAP
        1. Configuring IEEE 802xz Enforcement
        2. Configuring 802.1X Enforcement
      6. The Politics of Deployment
      7. Summary
    4. 25. Patch Management
      1. Why It’s Important
      2. The Patching Cycle
        1. Assess
        2. Identify
        3. Evaluate and Plan
        4. Deploy
        5. Repeat
      3. Deployment Testing
        1. Test Network Deployment
        2. Beta User Deployment
        3. Full Deployment
      4. Obtaining Updates
        1. Automatic Updates
        2. Windows Server Update Services
          1. Installation
          2. Prerequisites
          3. Basic Configuration
        3. Systems Center Configuration Manager
      5. Third-Party Products
      6. Summary
    5. 26. Implementing Remote Access Strategies: SSTP, VPN, and Wireless
      1. Introduction
        1. Network Policy Server
        2. Planning for NPS
        3. Start with the Policies
        4. Define the Support
      2. Secure Sockets Tunnelling Protocol
        1. The SSTP Process
        2. Configuring SSTP
          1. Installing Prerequisites For SSTP
        3. Installing the Server Authentication Certificate
          1. Moving the Certificate
        4. Installing Routing And Remote Access
          1. Configuring Routing And Remote Access
        5. Configuring SSTP-based Connection Clients
        6. Making the SSTP Connection
        7. Troubleshooting Connections
          1. 0x800704C9
          2. 0x80070040
          3. 0x800B0101
          4. 0x800B0109
          5. 0x800B010F
          6. 0x80092013
          7. 809
      3. Using NPS in Windows Server 2008
        1. Configuring Remote Access Per User
        2. Configuring Remote Access in the NPS Network Policy
      4. Wireless Deployment
        1. Prerequisites
          1. Active Directory Certificate Services
          2. Network Policy Server Role Service
          3. Configure Certificates for PEAP
        2. Adding RADIUS Clients to the Network
        3. Configuring the Access Points
        4. Configuring Clients to Use Secure Wireless
          1. Group Policy Deployment of Certificates
          2. The Workstation Settings
      5. Summary
  8. V. Use Support Services and Features
    1. 27. Interoperability
      1. General UNIX Interoperability
        1. Permissions and Security Concepts
        2. A UNIX File Listing
        3. Symbolic Links
        4. Privilege Levels
        5. Basic Connectivity
        6. File Transfer Protocol
        7. Telnet
        8. File Systems
          1. The Network File System
          2. Server Message Block
        9. Printing
      2. Network File System
        1. Legacy User Name Mapping
          1. Configuring User Name Mapping
        2. Server For NFS
          1. Creating an NFS Share
          2. Configuring Server for NFS
          3. Connecting to an NFS Share
          4. Configuring Client for NFS
      3. Microsoft Identity Management for UNIX
        1. Installing Microsoft Identity Management for UNIX
        2. Subsystem for UNIX-based Applications
          1. The Subsystem for UNIX-Based Applications Architecture
          2. Installing the Subsystem for UNIX-Based Applications
          3. Installing the SUA SDK and Utilities
      4. Macintosh Interoperability
      5. Summary
    2. 28. Managing Software
      1. Using the Group Policy Software Installation Extension
      2. Finding the Right Mix of Services
        1. Windows Installer Packages
        2. Zap Files
          1. Deciding Whether to Publish or Assign Applications
          2. Updating Applications Deployed via Group Policy
      3. Setting Up the Group Policy Software Installation Extension
        1. Creating a Software Distribution Point
        2. Creating a GPO for Application Deployment
        3. Configuring the Group Policy Software Installation Extension
          1. Setting Software Installation Options
          2. Changing Software Installation Behavior over Slow Links
      4. Working with Packages
        1. Adding a Package to a Group Policy
        2. Changing Application Properties
        3. Applying Package Upgrades
        4. Applying Package Modifications
        5. Removing and Redeploying Packages
      5. Using Software Restriction Policies
        1. How Software Restriction Policies Work
        2. Creating Software Restriction Policies
      6. Windows Deployment Services
      7. Summary
    3. 29. Working with Windows Virtualization
      1. Hyper-V Overview
        1. Scenarios
        2. Requirements
      2. Installation
        1. Installing On Windows Server Core
        2. Installing on Windows Server 2008
      3. Initial Configuration
        1. Configuring Networks
          1. Setting Network Type
          2. Adding a Virtual Network
        2. Server Settings
      4. Creating A Virtual Machine
        1. Creating a Basic VM
        2. Machine Settings
          1. Adding Hardware
          2. Memory and CPU
          3. Disks and Controllers
          4. Creating a Differencing Disk
          5. Network Adapters
          6. COM and Floppy
        3. Management Settings
          1. Installing Integration Services
      5. Working With A Virtual Machine
        1. Starting, Stopping, Saving, Snapshotting
          1. Snapshots
        2. Clipboard
        3. Export/Import
      6. Summary
    4. 30. Deploying Terminal Services
      1. Concepts
        1. Remote Access
        2. Central Management
      2. Requirements
        1. RAM
        2. CPU
        3. Network Utilization
        4. Capacity Planning
      3. Installation
        1. Improving the User Experience
        2. Enabling Remote Desktop for Administration Mode
        3. Installing Programs
          1. Install Mode vs. Execute Mode
          2. The Change Command
            1. Using the Change Command to Install an Application
      4. Administration
        1. Terminal Services Manager
          1. Overview
          2. My Group
          3. Making Connections
          4. Managing Connections
            1. Disconnecting Sessions
            2. Resetting Sessions
            3. Logging Off a Session
            4. Viewing Processes and Other Information About a Session
            5. Managing User Sessions
            6. Sending a Message to a Session
            7. Controlling a Session
            8. Connecting to a Session
            9. Session Status
        2. Terminal Services Configuration
          1. Connection Properties
        3. Terminal Services Licensing
        4. Installing Terminal Server Licensing
          1. To Install Terminal Services
          2. To Activate the License Server
          3. To Install Windows Terminal Server Client Access Licenses
      5. RemoteApps
        1. TS RemoteApp Manager
          1. TS Gateway Settings
          2. Distributing RemoteApps with TS Web Access
        2. Adding RemoteApps
        3. Deploying RemoteApps
          1. Adding or Removing a Program from TS Web Access
          2. Creating .rdp and .msi Files
      6. TS Web Access
        1. Remote Desktop Web Connection
        2. TS Web Access RemoteApp Programs
      7. Summary
    5. 31. Internet Information Services
      1. Architecture
        1. Components
          1. Protocol Listeners
          2. World Wide Web Publishing Service
          3. Windows Process Activation Service (WAS)
        2. Modules
          1. HTTP Modules
          2. Application Development Modules
          3. Health and Diagnostics Modules
          4. Security Modules
          5. Performance Modules
      2. Installing IIS
        1. Installing Using the Server Roles Wizard
        2. Installing Using Windows Package Manager
      3. Administration Tools
        1. Internet Information Server (IIS) Manager
          1. Connecting To Servers, Sites, and Applications
          2. Starting and Stopping the Server
          3. Viewing Contents of a Site
        2. AppCmd.exe
          1. Getting Started with AppCmd
          2. Working with Objects, Commands, and Attributes
          3. Configuring Settings
        3. Windows Management Instrumentation (WMI)
      4. Administrative Tasks
        1. Managing Servers
          1. Configuring HTTP Settings
            1. Default Documents
            2. Directory Browsing
            3. Error Pages
            4. HTTP Redirect
            5. HTTP Response Headers
            6. MIME Types
            7. Shared Configuration
          2. Configuring Web Application Development Settings
            1. .NET Compilation
            2. .NET Globalization
            3. .NET Trust Levels
            4. Application Settings
            5. ASP
            6. CGI
            7. Database Connection Strings
            8. Machine Key
            9. Pages and Controls
            10. Providers
            11. Session State
            12. SMTP E-Mail
          3. Optimizing Performance
            1. Compression
            2. Output Caching
          4. Monitoring
            1. Failed Request Tracing Rules
            2. Logging
            3. Monitoring Worker Processes
          5. Configuring Request Processing
            1. ISAPI Filters
            2. Application Pools
            3. Modules
            4. Handler Mappings
        2. Managing Sites
          1. Viewing the Sites on a Server
            1. IIS Manager
          2. Adding a Site
            1. IIS Manager
          3. Adding a Binding to a Site
            1. IIS Manager
            2. AppCmd
          4. Configuring a Site’s Application Pool
            1. IIS Manager
            2. AppCmd
          5. To Configure Host Headers
            1. IIS Manager
          6. Stopping or Starting a Site
            1. IIS Manager
          7. Configuring Security
            1. IPv4 Address and Domain Restrictions
            2. Authentication
            3. Authorization Rules
            4. ISAPI and CGI Restrictions
            5. Request Filters
            6. Server Certificates and SSL
            7. Configuring Server Certificates
            8. SSL
        3. Managing Web Applications
        4. Managing Virtual Directories
      5. Understanding Delegation and Permissions
        1. Delegating Site and Application Management
          1. Configuring Delegation for a Server
          2. Delegating a Site
        2. Configuring Permissions to View and Manage Content
          1. Configuring IIS Manager Accounts
            1. IIS Manager Permissions
            2. NTFS Permissions
        3. Understanding the Configuration Store
        4. Using Shared Configuration
      6. Remote Administration
      7. Installing and Managing the FTP Publishing Service
        1. FTP Current Sessions
        2. FTP Directory Browsing
        3. FTP Firewall Support
        4. FTP Messages
        5. FTP SSL Settings
        6. FTP User Isolation
        7. Active Directory Federation Services (AD FS)
      8. Summary
  9. VI. Tune, Maintain, and Repair
    1. 32. Windows Reliability And Performance Monitor
      1. Using Resource View
        1. CPU Details
        2. Disk Details
        3. Network Details
        4. Memory Details
      2. Using Performance Monitor
        1. Adding Counters in Performance Monitor
        2. Changing the Performance Monitor Display
        3. Saving the Performance Monitor Display
        4. Connecting to a Remote Computer Using Performance Monitor
      3. Using Reliability Monitor
        1. Viewing Reliability Monitor on a Remote Computer
        2. Interpreting the System Stability Index
          1. Software Installs and Uninstalls
          2. Application Failures
          3. Hardware Failures
          4. Windows Failures
          5. Miscellaneous Failures
      4. Creating a Data Collector Set
        1. Building a Data Collector Set from a Template
          1. Importing Templates
          2. Exporting Templates
        2. Creating a Data Collector Set from Performance Monitor
        3. Constructing a Data Collector Set Manually
        4. Creating a Data Collector Set to Monitor Performance Counters
      5. Scheduling Data Collection
      6. Managing Collected Data
        1. Working with Data Log Files
      7. Viewing Reports
      8. Summary
    2. 33. Disaster Planning
      1. Planning for Disaster
        1. Identifying the Risks
        2. Identifying the Resources
        3. Developing the Responses
          1. Standard Operating Procedures
          2. Standard Escalation Procedures
        4. Testing the Responses
        5. Iterating
      2. Preparing for a Disaster
        1. Setting Up a Fault-Tolerant System
        2. Backing Up the System
        3. System Repair
        4. Specifying Recovery Options
      3. Summary
    3. 34. Using Backup
      1. Installing the Backup Service
        1. Ntbackup Users
      2. Scheduling a Backup
        1. Choosing Volumes to Back Up
        2. Designating a Storage Location
        3. Creating the Backup Schedule
        4. Implementing a Rotating Backup Set
        5. Modifying a Backup Schedule
        6. Stop Running Scheduled Backups
      3. Using the Backup Once Wizard
      4. Using the Wbadmin Command
        1. Wbadmin enable backup
        2. Wbadmin disable backup
        3. Wbadmin start backup
        4. Wbadmin stop job
        5. Wbadmin start recovery
        6. Wbadmin start systemstatebackup
        7. Wbadmin start sysstaterecovery
        8. Wbadmin start sysrecovery
        9. Windows Recovery Environment
        10. Wbadmin get versions
        11. Wbadmin get status
      5. Recovering Your Server
        1. Recovering Volumes
        2. Recovering Files and Folders from the Local Server
        3. Recovering Files and Folders from Another Server
        4. Recovering Applications and Data
        5. Recovering the Operating System
        6. Restoring a Backup Catalog
      6. Summary
    4. 35. Planning Fault Tolerance and Avoidance
      1. Mean Time to Failure and Mean Time to Recover
      2. Protecting the Power Supply
        1. Local Power Supply Failure
        2. Voltage Variations
          1. Spikes
          2. Surges
          3. Sags
          4. Brownouts
        3. Short-Term Power Outages
        4. Long-Term Power Outages
      3. Disk Arrays
        1. Hardware vs. Software
        2. RAID Levels for Fault Tolerance
          1. Intended Use
          2. Fault Tolerance
          3. Availability
          4. Performance
          5. Cost
        3. Hot-Swap and Hot-Spare Disk Systems
      4. Distributed File System
      5. Clustering
        1. Network Load Balancing
        2. Failover Clustering
      6. Summary
    5. 36. Managing the Registry
      1. Introducing the Registry
      2. The Origins of the Registry
      3. How Registry Data Is Used
      4. Functional Changes in Windows Server 2008
      5. Understanding the Registry’s Structure
        1. The Root Keys
        2. Major Subkeys
          1. HKLM\HARDWARE
          2. HKLM\SAM
          3. HKLM\SECURITY
          4. HKLM\SOFTWARE
          5. HKLM\Software\Wow6432Node
          6. HKLM\SYSTEM\CurrentControlSet
          7. HKLM\SYSTEM\MountedDevices
        3. How Data Is Stored
          1. Useful Data Types
          2. Volatile Keys
          3. Disk-Based Keys
          4. Where Data Goes on Disk
      6. Creating Registry Items with the Registry Wizard
      7. Using the Registry Editors
        1. A Whirlwind Tour of the Registry Editor
          1. Searching for Keys and Values
          2. Editing Value Contents
          3. Adding and Removing Keys and Values
          4. Importing and Exporting Registry Data
          5. Loading and Unloading Hives
          6. Connecting to a Remote Computer’s Registry
          7. Renaming Keys and Values
          8. Managing Security on Registry Keys
        2. A Whirlwind Tour of Reg
      8. Backing Up and Restoring the Registry
        1. Choosing a Backup Method
          1. Windows Server Backup
          2. Wbadmin
          3. Third-Party Products
          4. Do-It-Yourself Backups
        2. System Recovery
      9. Summary
    6. 37. Troubleshooting and Recovery
      1. Determining Priorities
      2. Recovering a System
        1. Identifying Possible Causes
        2. Rolling Back a Device Driver
      3. Recovering Your Server
        1. Recovering Volumes
        2. Recovering Files and Folders from the Local Server
        3. Recovering Files and Folders from Another Server
        4. Recovering Applications and Data
        5. Recovering the Operating System
        6. Recovering the System State
      4. Using System Information
      5. Verifying the Status of Services
      6. Using the System Configuration Utility
      7. Using the System File Checker
      8. Using the Shutdown Event Tracker
      9. Summary
  10. A. Interface Changes from Windows Server 2003
  11. B. Optional Components
  12. C. Understanding TCP/IP v4
    1. The TCP/IP Protocol Suite
      1. Internet Protocol
      2. Transmission Control Protocol
      3. User Datagram Protocol
      4. Windows Sockets
      5. NetBIOS
      6. Requests for Comments
    2. IP Addresses and What They Mean
      1. Class A Networks
      2. Class B Networks
      3. Class C Networks
      4. Class D and Class E Addresses
    3. Routers and Subnets
      1. What Is a Subnet?
      2. Gateways and Routers
      3. Address Resolution and Routing Protocols
    4. Name Resolution
      1. The Domain Name System
        1. The Domain Namespace
        2. Top-Level Domains
        3. How Names Are Resolved into Addresses
        4. Reverse Lookups
        5. Dynamic DNS and Active Directory Integration
        6. Zone Storage and Active Directory
        7. Lightweight Directory Access Protocol
      2. Dynamic Host Configuration Protocol
        1. How DHCP Works
        2. Using Multiple DHCP Servers
      3. Windows Internet Name Service
        1. Single Domain Across a Subnet Boundary
        2. Multiple Domains Within a Subnet Boundary
        3. Multiple Domains Across a Subnet Boundary
    5. Summary
  13. D. About the Authors
  14. E. Additional Resources for IT Professionals from Microsoft Press
    1. Windows Server
    2. Windows Client
    3. SQL Server 2005
    4. Exchange Server 2007
    5. Scripting
  15. F. More Great Resources for IT Professionals from Microsoft Press
    1. Administrator’s Pocket Consultant
    2. Administrator’s Companion
    3. Resource Kit
    4. Self-Paced Training Kit
  16. Index
  17. About the Authors
  18. Copyright

Product information

  • Title: Windows Server® 2008 Administrator’s Companion
  • Author(s): Charlie Russel and Sharon Crawford
  • Release date: April 2008
  • Publisher(s): Microsoft Press
  • ISBN: 9780735625051