Mastering Windows Server 2016
eBook - ePub

Mastering Windows Server 2016

Jordan Krause

Share book
  1. 416 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Mastering Windows Server 2016

Jordan Krause

Book details
Book preview
Table of contents
Citations

About This Book

A comprehensive and practical guide to Windows Server 2016

About This Book

  • In-depth coverage of new features of Windows Server 2016
  • Gain the necessary skills and knowledge to design and implement Microsoft Server 2016 in enterprise environment
  • Know how you can support your medium to large enterprise and leverage your experience in administering Microsoft Server 2016,
  • A practical guide to administering Windows server 2016

Who This Book Is For

The book is targeted at System Administrators and IT professionals who would like to design and deploy Windows Server 2016 (physical and logical) Enterprise infrastructure. Previous experience of Windows Server operating systems and familiarity with networking concepts is assumed. System administrators who are upgrading or migrating to Windows Server 2016 would also find this book useful.

What You Will Learn

  • Familiarize yourself with Windows Server 2016 ideology, the core of most datacenters running today
  • New functions and benefits provided only by the new Windows Server 2016
  • Get comfortable working with Nanoserver
  • Secure your network with new technologies in Server 2016
  • Harden your Windows Servers to help keep those bad guys out!
  • Using new built-in integration for Docker with this latest release of Windows Server 2016
  • Virtualize your datacenter with Hyper-V

In Detail

Windows Server 2016 is the server operating system developed by Microsoft as part of the Windows NT family of operating systems, developed concurrently with Windows 10. With Windows Server 2016, Microsoft has gotten us thinking outside of the box for what it means to be a system administration, and comes with some interesting new capabilities. These are exciting times to be or to become a server administrator!

This book covers all aspects of administration level tasks and activities required to gain expertise in Microsoft Windows Server 2016. You will begin by getting familiar and comfortable navigating around in the interface. Next, you will learn to install and manage Windows Server 2016 and discover some tips for adapting to the new server management ideology that is all about centralized monitoring and configuration.

You will deep dive into core Microsoft infrastructure technologies that the majority of companies are going to run on Server 2016. Core technologies such as Active Directory, DNS, DHCP, Certificate Services, File Services, and more. We will talk about networking in this new operating system, giving you a networking toolset that is useful for everyday troubleshooting and maintenance. Also discussed is the idea of Software Defined Networking. You will later walk through different aspects of certificate administration in Windows Server 2016. Three important and crucial areas to cover in the Remote Access role -- DirectAccess, VPN, and the Web Application Proxy -- are also covered.

You will then move into security functions and benefits that are available in Windows Server 2016. Also covered is the brand new and all-important Nano Server!

We will incorporate PowerShell as a central platform for performing many of the functions that are discussed in this book, including a chapter dedicated to the new PowerShell 5.0. Additionally, you will learn about the new built-in integration for Docker with this latest release of Windows Server 2016. The book ends with a discussion and information on virtualizing your datacenter with Hyper-V.

By the end of this book, you will have all the ammunition required to start planning for and implementing Windows Server 2016.

Style and approach

This book offers a practical and wide coverage of all features of brand new Microsoft Server 2016 along with tips on daily administration tasks.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Mastering Windows Server 2016 an online PDF/ePUB?
Yes, you can access Mastering Windows Server 2016 by Jordan Krause in PDF and/or ePUB format, as well as other popular books in Informatik & Computernetzwerke. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Packt Publishing
Year
2016
ISBN
9781785888908
Edition
1
Topic
Informatik
Subtopic
Computernetzwerke

Mastering Windows Server 2016

Table of Contents

Mastering Windows Server 2016
Credits
About the Author
About the Reviewer
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Instant updates on new Packt books
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Piracy
Questions
1. Getting Started with Windows Server 2016
What is the purpose of Windows Server?
It's getting "cloudy" out there
Private cloud
An overview of new features
The Windows 10 experience
Software-Defined Networking
PowerShell 5.0
Built-in malware protection
Soft restart
Nano Server
Web Application Proxy
Shielded virtual machines
Navigating the interface
The new Start menu
The hidden Admin menu
Using the Search function
Pin programs to the taskbar
The power of right-click
Using the new Settings screen
Two ways to do the same thing
Creating a new user through the Control Panel
Creating a new user through the Settings menu
Task Manager
Task View
Summary
2. Installing and Managing Windows Server 2016
Installing Windows Server 2016
Burning that ISO
Installing from USB
Running the installer
Installing roles and features
Installing a role using the wizard
Installing a feature using PowerShell
Centralized management and monitoring
Server Manager
Remote Server Administration Tools
Azure Server Management Tools
Does this mean RDP is dead?
Remote Desktop Connection Manager
Sysprep enables quick server rollouts
Installing Windows Server 2016 onto a new server
Configuring customizations and updates onto your new server
Running sysprep to prepare and shut down your master server
Creating your master image of the drive
Building new servers using copies of the master image
Summary
3. Core Infrastructure Services
What is a domain controller?
Using AD DS to organize your network
Active Directory Users and Computers
User accounts
Security Groups
Prestaging computer accounts
Active Directory Domains and Trusts
Active Directory Sites and Services
Active Directory Administrative Center
Dynamic Access Control
Read-only domain controllers
The power of Group Policy
The Default Domain Policy
Create and link a new GPO
Filtering GPOs to particular devices
DNS overview
Different kinds of DNS records
Host record (A or AAAA)
Alias record – CNAME
Mail Exchanger record
Name Server record
Ipconfig /flushdns
DHCP versus static addressing
The DHCP scope
DHCP reservations
Back up and restore
Schedule regular backups
Restoring from Windows
Restoring from the disc
MMC and MSC shortcuts
Summary
4. Certificates in Windows Server 2016
Common certificate types
User certificates
Computer certificates
SSL certificates
Single-name certificates
Subject Alternative Name certificates
Wildcard certificates
Planning your PKI
Enterprise versus standalone
Root versus subordinate
Can I install the CA role onto a domain controller?
Creating a new certificate template
Issuing your new certificates
Publishing the template
Requesting a cert from MMC
Requesting a cert from the Web interface
Creating an autoenrollment policy
Obtaining a public authority SSL certificate
Creating a Certificate Signing Request (CSR)
Submitting the certificate request
Downloading and installing your certificate
Exporting and importing certificates
Exporting from MMC
Exporting from IIS
Importing onto a second server
Summary
5. Networking with Windows Server 2016
Intro to IPv6
Networking toolbox
Ping
Tracert
Pathping
Test-Connection
Telnet
Packet tracing with Wireshark or Netmon
TCPView
Building a routing table
Multihomed servers
Only one default gateway
Building a route
Adding a route with Command Prompt
Deleting a route
Adding a route with PowerShell
Software-Defined Networking
Hyper-V Network Virtualization
Private clouds
Hybrid clouds
How does it work?
System Center Virtual Machine Manager
Network Controller
Generic Routing Encapsulation
Microsoft Azure virtual network
Windows Server Gateway
Summary
6. Enabling Your Mobile Workforce
DirectAccess – automatic VPN!
The truth about DirectAccess and IPv6
Prerequisites for DirectAccess
Domain joined
Supported client operating systems
DirectAccess servers get one or two NICs?
Single NIC mode
Edge mode with two NICs
More than two NICs?
To NAT or not to NAT?
6to4
Teredo
IP-HTTPS
Installing on the true edge – on the Internet
Installing behind a NAT
Network Location Server
Certificates used with DirectAccess
SSL certificate on the NLS web server
SSL certificate on the DirectAccess server
Machine certificates on the DA server and all DA clients
Do not use the Getting Started Wizard!
Remote Access Management Console
Configuration
Dashboard
Operations Status
Remote Client Status
Reporting
Tasks
DirectAccess versus VPN
Domain-joined versus non-domain-joined
Auto versus manual launch
Software versus built-in
Password and login issues with VPN
Web Application Proxy
Requirements for WAP
Server 2016 improvements to WAP
Preauthentication for HTTP Basic
HTTP to HTTPS redirection
Client IP addresses forwarded to applications
Publishing Remote Desktop Gateway
Improved administrative console
Summary
7. Hardening and Security
Windows Defender
Installing Windows Defender
Exploring the user interface
Disabling Windows Defender
Windows Firewall – no laughing matter
Two Windows Firewall administrative consoles
Windows Firewall settings
Windows Firewall with Advanced Security
Three different firewall profiles
Building a new Inbound Rule
How to build a rule for ICMP?
Managing WFAS with Group Policy
Encryption technologies
BitLocker and the Virtual TPM
Shielded VMs
Encrypting File System
IPsec
Configuring IPsec
Server policy
Secure Server policy
Client policy
IPsec Security Policy snap-in
Using WFAS instead
Advanced Threat Analytics
Lightweight Gateway
General security best practices
Get rid of perpetual administrators
Use distinct accounts for administrative access
Use a different computer to accomplish administrative tasks
Never browse the Internet from servers
Role-Based Access Controls
Just Enough Administration
Device Guard
Credential Guard
Summary
8. Tiny Servers
Why Server Core?
No more switching back and forth
Interfacing with Server Core
PowerShell
Cmdlets to manage IP addresses
Setting the server hostname
Joining your domain
Server Manager
Remote Server Administration Tools
Accidentally closing Command Prompt
Roles available in Server Core
Nano Server versus Server Core
Sizing and maintenance numbers
Accessibility
Capability
Installation
Setting up your first Nano Server
Preparing the VHD file
Creating a virtual machine
Nano Server Image Builder
Administering Nano Server
Nano Server Recovery Console
Remote PowerShell
Windows Remote Management
Other management tools
Summary
9. Redundancy in Windows Server 2016
Network Load Balancing
Not the same as round-robin DNS
What roles can use NLB?
Virtual and dedicated IP addresses
NLB modes
Unicast
Multicast
Multicast IGMP
Configuring a load balanced website
Enabling NLB
Enabling MAC address spoofing on VMs
Configuring NLB
Configuring IIS and DNS
Test it out
Flushing the ARP cache
Failover clustering
Clustering Hyper-V hosts
Scale-Out File Server
Clustering tiers
Application layer clustering
Host layer clustering
A combination of both
How does failover work?
Setting up a failover cluster
Building the servers
Installing the feature
Running the Failover Cluster Manager
Running cluster validation
Running the Create Cluster wizard
Clustering improvements in Windows Server 2016
Multi-Site clustering
Cross-domain or workgroup clustering
Cluster Operating System Rolling Upgrade
Virtual Machine Resiliency
Storage Replica
Stretch Cluster
Cluster to Cluster
Server to Server
Storage Spaces Direct
Summary
10. Learning PowerShell 5.0
Why move to PowerShell?
Cmdlets
PowerShell is the backbone
Scripting
Server Core and Nano Server
Working within PowerShell
Launching PowerShell
Default Execution Policy
Restricted
AllSigned
RemoteSigned
Unrestricted
Bypass
Using the Tab key
Useful cmdlets for daily tasks
Using Get-Help
Formatting the output
Format-Table
Format-List
PowerShell Integrated Scripting Environment
PS1 file
Integrated Scripting Environment
Remotely managing a server
Preparing the remote server
WinRM service
Enable-PSRemoting
Allowi...

Table of contents