Windows Server 2008 R2 Unleashed

; Michael Noel ; Omar Droubi ; Ross Mistry ; Chris Amaris

Windows Server 2008 R2 Unleashed is the most comprehensive and realistic guide to planning, design, prototyping, implementation, migration, administration, and support. Based on the authors' unsurpassed experience working with Windows Server 2008 R2 since its earliest alpha releases, it offers indispensable guidance drawn from hundreds of production environments. Les mer
Vår pris
751,-

(Innbundet) Fri frakt!
Leveringstid: Usikker levering*
*Vi bestiller varen fra forlag i utlandet. Dersom varen finnes, sender vi den så snart vi får den til lager
På grunn av Brexit-tilpasninger og tiltak for å begrense covid-19 kan det dessverre oppstå forsinket levering.

Vår pris: 751,-

(Innbundet) Fri frakt!
Leveringstid: Usikker levering*
*Vi bestiller varen fra forlag i utlandet. Dersom varen finnes, sender vi den så snart vi får den til lager
På grunn av Brexit-tilpasninger og tiltak for å begrense covid-19 kan det dessverre oppstå forsinket levering.

Om boka

Windows Server 2008 R2 Unleashed is the most comprehensive and realistic guide to planning, design, prototyping, implementation, migration, administration, and support. Based on the authors' unsurpassed experience working with Windows Server 2008 R2 since its earliest alpha releases, it offers indispensable guidance drawn from hundreds of production environments.



Microsoft MVP Rand Morimoto and his colleagues systematically introduce Windows Server 2008 R2 to IT professionals, identifying R2's most crucial enhancements and walking through every step of installation and configuration. Next, they present comprehensive coverage of every area of Windows Server 2008 R2, including Active Directory, networking services, security, R2 migration from Windows Server 2003 and 2008, administration, fault tolerance, optimization and troubleshooting, core application services, and more.



The authors thoroughly address major Windows Server 2008 R2 enhancements and present extensive coverage of R2 innovations ranging from Hyper-V virtualization to DirectAccess and the enhancements in Failover Clustering. Every chapter contains tips, tricks, and best practices learned from actual deployments: practical information for using Windows Server 2008 R2 to solve real business problems.



Detailed information on how to...



Plan and migrate from Windows Server 2003/2008 to Windows Server 2008 R2 and use R2's new server migration tools
Manage Active Directory with Active Directory Administrative Center, Best Practice Analyzer, and PowerShell scripts
Use R2's updated security tools and templates to lock down servers, clients, and networks
Maximize availability with Windows Server 2008 R2 clustering, fault tolerance, and replication
Streamline client management with new Group Policy ADMX settings and management tools
Improve remote access using DirectAccess, Remote Desktop Services (formerly Terminal Services), and Virtual Desktop Infrastructure
Implement Hyper-V virtualization including the built-in Live Migration technology
Leverage add-ons such as Windows SharePoint Services, Windows Media Services, and IIS 7.5

Fakta

Innholdsfortegnelse

Introduction 1



Part I Windows Server 2008 R2 Overview

Chapter 1 Windows Server 2008 R2 Technology Primer 5

Windows Server 2008 R2 Defined 5

When Is the Right Time to Migrate? 10

Versions of Windows Server 2008 R2 12

What's New and What's the Same About Windows Server 2008 R2? 16

Changes in Active Directory 20

Windows Server 2008 R2 Benefits for Administration 22

Improvements in Security in Windows Server 2008 R2 26

Improvements in Mobile Computing in Windows Server 2008 R2 28

Improvements in Windows Server 2008 R2 for Better Branch Office Support 30

Improvements for Thin Client Remote Desktop Services 33

Improvements in Clustering and Storage Area Network Support 37

Addition of Migration Tools 38

Improvements in Server Roles in Windows Server 2008 R2 40

Identifying Which Windows Server 2008 R2 Service to Install or Migrate to First 43

Summary 46

Best Practices 47



Chapter 2 Planning, Prototyping, Migrating, and Deploying Windows Server 2008 R2 Best Practices 49

Determining the Scope of Your Project 50

Identifying the Business Goals and Objectives to Implement Windows Server 2008 R2 50

Identifying the Technical Goals and Objectives to Implement Windows Server 2008 R2 53

The Discovery Phase: Understanding the Existing Environment 59

The Design Phase: Documenting the Vision and the Plan 3

The Migration Planning Phase: Documenting the Process for Migration 67

The Prototype Phase: Creating and Testing the Plan 73

The Pilot Phase: Validating the Plan to a Limited Number of Users 75

The Migration/Implementation Phase: Conducting the Migration or Installation 78

Summary 79

Best Practices 80



Chapter 3 Installing Windows Server 2008 R2 and Server Core 83

Preplanning and Preparing a Server Installation .83

Installing a Clean Version of Windows Server 2008 R2 Operating System 89

Upgrading to Windows Server 2008 R2 98

Understanding Server Core Installation 103

Managing and Configuring a Server Core Installation 105

Performing an Unattended Windows Server 2008 R2 Installation 111

Summary 111

Best Practices 112



Part II Windows Server 2008 R2 Active Directory

Chapter 4 Active Directory Domain Services Primer 113

Examining the Evolution of Directory Services .114

Understanding the Development of AD DS 115

Examining AD DS's Structure 116

Outlining AD DS's Components 119

Understanding Domain Trusts 124

Defining Organizational Units 126

Outlining the Role of Groups in an AD DS Environment 127

Explaining AD DS Replication 129

Outlining the Role of DNS in AD DS 131

Outlining AD DS Security 133

Outlining AD DS Changes in Windows Server 2008 R2 134

Summary 146

Best Practices 146



Chapter 5 Designing a Windows Server 2008 R2 Active Directory 149

Understanding AD DS Domain Design 149

Choosing a Domain Namespace 151

Examining Domain Design Features 153

Choosing a Domain Structure 154

Understanding the Single Domain Model 155

Understanding the Multiple Domain Model 157

Understanding the Multiple Trees in a Single Forest Model 160

Understanding the Federated Forests Design Model 162

Understanding the Empty-Root Domain Model 165

Understanding the Placeholder Domain Model 167

Understanding the Special-Purpose Domain Design Model 169

Renaming an AD DS Domain 170

Summary 173

Best Practices 173



Chapter 6 Designing Organizational Unit and Group Structure 175

Defining Organizational Units in AD DS 176

Defining AD Groups 178

Examining OU and Group Design 182

Starting an OU Design 182

Using OUs to Delegate Administration 184

Group Policies and OU Design 186

Understanding Group Design 186

Exploring Sample Design Models 188

Summary 193

Best Practices 193



Chapter 7 Active Directory Infrastructure 195

Understanding AD DS Replication in Depth 195

Understanding Active Directory Sites 200

Planning Replication Topology 207

Outlining Windows Server 2008 R2 IPv6 Support 213

Detailing Real-World Replication Designs 216

Deploying Read-Only Domain Controllers (RODCs) 220

Summary 224

Best Practices 225



Chapter 8 Creating Federated Forests and Lightweight Directories 227

Keeping a Distributed Environment in Sync 227

Active Directory Federation Services 232

Synchronizing Directory Information with Forefront Identity Manager (FIM) 236

Harnessing the Power and Potential of FIM 240

Summary 243

Best Practices 243



Chapter 9 Integrating Active Directory in a UNIX Environment 245

Understanding and Using Windows Server 2008 R2 UNIX Integration Components 245

Reviewing the Subsystem for UNIX-Based Applications (SUA) 252

Understanding the Identity Management for UNIX Components 253

Administrative Improvements with Windows Server 2008 R2 256

Summary 258

Best Practices 258



Part III Networking Services

Chapter 10 Domain Name System and IPv6 259

Understanding the Need for DNS 260

Getting Started with DNS on Windows Server 2008 R2 263

Resource Records 266

Understanding DNS Zones 270

Performing Zone Transfers 274

Understanding DNS Queries 276

Other DNS Components 278

Understanding the Evolution of Microsoft DNS 285

DNS in Windows Server 2008 R2 286

DNS in an Active Directory Domain Services Environment 288

Troubleshooting DNS 292

IPv6 Introduction 297

How to Configure IPv6 on Windows Server 2008 R2 311

Secure DNS with DNSSEC 316

Summary 323

Best Practices 323



Chapter 11 DHCP/WINS/Domain Controllers 325

Understanding the Key Components of an Enterprise Network 326

Exploring the Dynamic Host Configuration Protocol (DHCP) 328

Exploring DHCP Changes in Windows Server 2008 R2 336

Enhancing DHCP Reliability .345

Implementing Redundant DHCP Services 350

Exploring Advanced DHCP Concepts 358

Securing DHCP 359

Reviewing the Windows Internet Naming Service (WINS) 361

Installing and Configuring WINS 364

Planning, Migrating, and Maintaining WINS 368

Exploring Global Catalog Domain Controller Placement 370

Summary 374

Best Practices 374



Chapter 12 Internet Information Services 377

Understanding Internet Information Services (IIS) 7.5 377

Planning and Designing Internet Information Services 7.5 382

Installing and Upgrading IIS 7.5 383

Installing and Configuring Websites 389

Installing and Configuring FTP Services 397

Securing Internet Information Services 7.5 407

Summary 416

Best Practices 417



Part IV Security

Chapter 13 Server-Level Security 419

Defining Windows Server 2008 R2 Security 419

Deploying Physical Security 420

Using the Integrated Windows Firewall with Advanced Security 424

Hardening Server Security 427

Examining File-Level Security 429

Additional Security Mechanisms 433

Using Windows Server Update Services 434

Summary 440

Best Practices 440



Chapter 14 Transport-Level Security 441

Introduction to Transport-Level Security in Windows Server 2008 R2 442

Deploying a Public Key Infrastructure with Windows Server 2008 R2 443

Understanding Active Directory Certificate Services (AD CS) in Windows Server 2008 R2 444

Active Directory Rights Management Services 451

Using IPSec Encryption with Windows Server 2008 R2 454

Summary 456

Best Practices 456



Chapter 15 Security Policies, Network Policy Server, and Network Access Protection 459

Understanding Network Access Protection (NAP) in Windows Server 2008 R2 459

Deploying a Windows Server 2008 R2 Network Policy Server 462

Enforcing Policy Settings with a Network Policy Server 465

Deploying and Enforcing a Virtual Private Network (VPN) Using an RRAS Server 473

Summary 480

Best Practices 481



Part V Migrating to Windows Server 2008 R2

Chapter 16 Migrating from Windows Server 2003/2008 to Windows Server 2008 R2 483

Beginning the Migration Process 484

Big Bang Migration 487

Phased Migration 491

Multiple Domain Consolidation Migration 505

Summary 522

Best Practices 523



Chapter 17 Compatibility Testing 525

The Importance of Compatibility Testing 526

Preparing for Compatibility Testing 527

Researching Products and Applications 534

Verifying Compatibility with Vendors 537

Microsoft Assessment and Planning (MAP) Toolkit 542

Lab-Testing Existing Applications 543

Documenting the Results of the Compatibility Testing 546

Determining Whether a Prototype Phase Is Required 546

Summary 547

Best Practices 548



Part VI Windows Server 2008 R2 Administration and Management

Chapter 18 Windows Server 2008 R2 Administration 549

Defining the Administrative Model 550

Examining Active Directory Site Administration 551

Configuring Sites 554

Examining Windows Server 2008 R2 Active Directory Groups 562

Creating Groups 564

Managing Users with Local Security and Group Policies 568

Managing Printers with the Print Management Console 576

Summary 582

Best Practices 583



Chapter 19 Windows Server 2008 R2 Group Policies and Policy Management 585

Group Policy Overview 585

Group Policy Processing--How Does It Work? 586

Local Group Policies 588

Security Templates 590

Elements of Group Policy 591

Group Policy Administrative Templates Explained 603

Policy Management Tools 607

Designing a Group Policy Infrastructure 616

GPO Administrative Tasks 619

Summary 637

Best Practices 637



Chapter 20 Windows Server 2008 R2 Management and Maintenance Practices 639

Going Green with Windows Server 2008 R2 640

Initial Configuration Tasks 641

Managing Windows Server 2008 R2 Roles and Features 643

Server Manager 647

Server Manager Diagnostics Page 652

Server Manager Configuration Page 657

Server Manager Storage Page 661

Auditing the Environment 665

Managing Windows Server 2008 R2 Remotely 674

Using Common Practices for Securing and Managing Windows Server 2008 R2 679

Keeping Up with Service Packs and Updates 681

Maintaining Windows Server 2008 R2 685

Summary 696

Best Practices 696



Chapter 21 Automating Tasks Using PowerShell Scripting 699

Understanding Shells 700

Introduction to PowerShell 702

Understanding the PowerShell Basics 705

Using Windows PowerShell 732

Summary 762

Best Practices 762



Chapter 22 Documenting a Windows Server 2008 R2 Environment 763

Benefits of Documentation 764

Types of Documents 765

Planning to Document the Windows Server 2008 R2 Environment 766

Knowledge Sharing and Knowledge Management 766

Windows Server 2008 R2 Project Documents 767

Administration and Maintenance Documents 780

Network Infrastructure 784

Disaster Recovery Documentation 785

Change Management Procedures 788

Performance Documentation 788

Baselining Records for Documentation Comparisons 789

Routine Reporting 789

Security Documentation 790

Summary 791

Best Practices 791



Chapter 23 Integrating System Center Operations Manager 2007 R2 with Windows Server 2008 R2 793

Windows Server 2008 R2 Monitoring 794

What's New in OpsMgr R2 796

Explaining How OpsMgr Works 796

Outlining OpsMgr Architecture 798

Understanding How to Use OpsMgr 802

Understanding OpsMgr Component Requirements 805

Understanding Advanced OpsMgr Concepts 807

Securing OpsMgr 811

Installing Operations Manager 2007 R2 814

Configuring Operations Manager 2007 R2 822

Monitoring DMZ Servers with Certificates 831

Using Operations Manager 2007 R2 837

Summary 846

Best Practices 846



Part VII Remote and Mobile Technologies

Chapter 24 Server-to-Client Remote Access and DirectAccess 849

VPN in Windows Server 2008 R2 850

Authentication Options to an RRAS System 856

VPN Protocols 858

DirectAccess in Windows Server 2008 R2 863

Choosing Between Traditional VPN Technologies and DirectAccess 873

Traditional VPN Scenario 876

DirectAccess Scenario 898

Connection Manager .916

Summary 919

Best Practices 919



Chapter 25 Remote Desktop Services 921

Why Implement Remote Desktop Services 922

How Remote Desktop Works 925

Understanding the Name Change 928

Understanding Remote Desktop Services 928

Planning for Remote Desktop Services 947

Deploying Remote Desktop Services 953

Securing Remote Desktop Services 979

Supporting Remote Desktop Services 981

Summary 984

Best Practices 985



Part VIII Desktop Administration

Chapter 26 Windows Server 2008 R2 Administration Tools for Desktops 987

Managing Desktops and Servers 988

Operating System Deployment Options 989

Windows Server 2008 R2 Windows Deployment Services 991

Installing Windows Deployment Services (WDS) 994

Creating Discover Images 1005

Creating Custom Installations Using Capture Images 1016

General Desktop Administration Tasks 1020

Summary 1021

Best Practices 1021



Chapter 27 Group Policy Management for Network Clients 1023

The Need for Group Policies 1024

Windows Group Policies 1025

Group Policy Feature Set 1028

Planning Workgroup and Standalone Local Group Policy Configuration 1033

Planning Domain Group Policy Objects 1036

Managing Computers with Domain Policies 1045

Managing Users with Policies 1070

Managing Active Directory with Policies 1076

Summary 1095

Best Practices 1096



Part IX Fault-Tolerance Technologies

Chapter 28 File System Management and Fault Tolerance 1097

Windows Server 2008 R2 File System Overview/Technologies 1097

File System Access Services and Technologies 1102

Windows Server 2008 R2 Disks 1105

Utilizing External Disk Subsystems 1109

Managing Windows Server 2008 R2 Disks 1109

System File Reliability 1118

Adding the File Services Role 1120

Managing Data Access Using Windows Server 2008 R2 Shares 1122

Volume-Based NTFS Quota Management 1128

File Server Resource Manager (FSRM) 1130

The Distributed File System 1147

Planning a DFS Deployment 1152

Installing DFS 1155

Managing and Troubleshooting DFS 1163

Backing Up DFS 1166

Using the Volume Shadow Copy Service 1167

Summary 1170

Best Practices 1170



Chapter 29 System-Level Fault Tolerance (Clustering/Network Load Balancing) 1173

Building Fault-Tolerant Windows Server 2008 R2 Systems 1174

Windows Server 2008 R2 Clustering Technologies 1177

Determining the Correct Clustering Technology 1182

Overview of Failover Clusters 1184

Deploying Failover Clusters 1191

Backing Up and Restoring Failover Clusters 1211

Deploying Network Load Balancing Clusters 1215

Managing NLB Clusters 1223

Summary 1225

Best Practices 1225



Chapter 30 Backing Up the Windows Server 2008 R2 Environment 1227

Understanding Your Backup and Recovery Needs and Options .1228

Creating the Disaster Recovery Solution 1232

Documenting the Enterprise 1234

Developing a Backup Strategy 1234

Windows Server Backup Overview 1235

Using Windows Server Backup 1239

Managing Backups Using the Command-Line Utility wbadmin.exe and PowerShell Cmdlets 1246

Backing Up Windows Server 2008 R2 Role Services 1248

Volume Shadow Copy Service (VSS) 1262

Windows Server 2008 R2 Startup Options 1264

Summary 1265

Best Practices 1265



Chapter 31 Recovering from a Disaster 1267

Ongoing Backup and Recovery Preparedness 1267

When Disasters Strike 1271

Disaster Scenario Troubleshooting 1274

Recovering from a Server or System Failure 1277

Managing and Accessing Windows Server Backup Media 1285

Windows Server Backup Volume Recovery 1287

Recovering Role Services and Features 1291

Summary 1302

Best Practices 1302



Part X Optimizing, Tuning, Debugging, and Problem Solving

Chapter 32 Optimizing Windows Server 2008 R2 for Branch Office Communications 1305

Understanding Read-Only Domain Controllers (RODCs) 1306

Installing a Read-Only Domain Controller 1310

Understanding BitLocker Drive Encryption 1323

Configuring BitLocker Drive Encryption on a Windows Server 2008 R2 Branch Office Domain Controller 1326

Understanding and Deploying BranchCache 1333

Enhancing Replication and WAN Utilization at the Branch Office 1339

Summary 1342

Best Practices 1342



Chapter 33 Logging and Debugging 1345

Using the Task Manager for Logging and Debugging 1345

Using Event Viewer for Logging and Debugging 1350

Performance and Reliability Monitoring 1359

Setting Baseline Values 1369

Using the Debugging Tools Available in Windows Server 2008 R2 1371

Task Scheduler 1382

Summary 1388

Best Practices 1389



Chapter 34 Capacity Analysis and Performance Optimization 1391

Defining Capacity Analysis 1391

Using Capacity-Analysis Tools 1395

Monitoring System Performance 1415

Optimizing Performance by Server Roles 1423

Summary 1430

Best Practices 1430



Part XI Integrated Windows Application Services

Chapter 35 Windows SharePoint Services 1433

Understanding the History of SharePoint Technologies 1434

What Are the Differences Between Windows SharePoint Services 3.0 and SharePoint Server 2007? 1436

Identifying the Need for Windows SharePoint Services 1439

Installing Windows SharePoint Services 1440

Lists and Libraries in Windows SharePoint Services 3.0 1453

Integrating Office 2007 Applications with Windows SharePoint Services 3.0 1469

Managing the Site Collection 1475

Summary 1479

Best Practices 1481



Chapter 36 Windows Media Services 1483

Understanding Windows Media Services 1484

Installing Windows Media Services 1489

Using Windows Media Services for Real-Time Live Broadcasts 1492

Broadcasting Stored Single Files 1495

Hosting a Directory of Videos for On-Demand Playback 1498

Combining Multiple Files for a Combined Single Broadcast 1501

Understanding Windows Media Encoder 1504

Broadcasting a Live Event 1506

Capturing Audio or Video for Future Playback 1508

Using Other Windows Media Encoder Options 1510

Summary 1512

Best Practices 1512



Chapter 37 Deploying and Using Windows Virtualization 1515

Understanding Microsoft's Virtualization Strategy 1515

Integration of Hypervisor Technology in Windows Server 2008 1517

Planning Your Implementation of Hyper-V 1519

Installation of the Microsoft Hyper-V Role 1522

Becoming Familiar with the Hyper-V Administrative Console 1524

Installing a Guest Operating System Session 1529

Modifying Guest Session Configuration Settings 1533

Launching a Hyper-V Guest Session 1535

Using Snapshots of Guest Operating System Sessions 1538

Quick Migration and Live Migration 1540

Summary 1550

Best Practices 1551



Index 1553

Om forfatteren

Rand H. Morimoto, Ph.D., MVP, MCITP, CISSP, has been in the computer industry for over 30 years and has authored, coauthored, or been a contributing writer for dozens of books on Windows, Security, Exchange, BizTalk, and Remote and Mobile Computing. Rand is the president of Convergent Computing, an IT-consulting firm in the San Francisco Bay area that has been one of the key early adopter program partners with Microsoft, implementing beta versions of Microsoft Windows Server 2008 R2, Windows 7, Exchange Server 2010, and SharePoint 2010 in production environments over 18 months before the initial product releases.



Michael Noel, MCITP, CISSP, MVP, is an internationally recognized technology expert, best-selling author, and well-known public speaker on a broad range of IT topics. He authored multiple major industry books that have been translated into more than a dozen languages worldwide. Significant titles include SharePoint 2010 Unleashed, Microsoft Exchange Server 2010 Unleashed, SharePoint 2007 Unleashed, Exchange Server 2007 Unleashed, ISA Server 2006 Unleashed, and many more. Currently a partner at Convergent Computing (www.cco.com) in the San Francisco Bay area, Michael's writing and extensive public speaking experience across six continents leverage his real-world expertise in helping organizations realize business value from Information Technology infrastructure.



Omar Droubi, MCSE, has been in the computer industry since 1992 and during this time has coauthored several of Sams Publishing best-selling books, including Microsoft Windows Server 2003 Unleashed and Windows Server 2008 Unleashed, and Omar has been a contributing writer and technical reviewer on several other books on Windows Server 2003, Windows Server 2008, and Exchange Server 2000, 2003, and 2007. Omar has been involved in testing, designing, and prototyping Windows Server 2008 and Windows Server 2008 R2 infrastructures for the past four years, and has primarily focused on upgrading existing networks and utilizing many of the new roles and features included in the product. Also during this time, Omar has assisted several organizations with the development of technical road maps, planning and executing domain and server consolidation and virtualization projects, and deploying Exchange Server 2007 for organizations of all sizes.



Ross Mistry, MVP, MCITP, is a principal consultant and partner at Convergent Computing, an author, and a Microsoft MVP. With over a decade of experience, Ross focuses on designing and implementing Windows, Active Directory, Hyper-V, Exchange Server, and SQL Server solutions for Fortune 500 organizations located in the Silicon Valley. His specialties include upgrades, migrations, high availability, security, and virtualization. Ross has also taken on the roles of lead author, contributing writer, and technical editor for many best-selling books published by Sams. His recent works include SQL Server 2008 Management and Administration, Exchange Server 2010 Unleashed, and Windows Server 2008 Unleashed. Ross writes technical articles for many sites including TechTarget.com and frequently speaks at international conferences around the world.



Chris Amaris, MCSE, CISSP/ISSAP, CHS III, is the chief technology officer and cofounder of Convergent Computing. He has more than 20 years experience consulting for Fortune 500 companies, leading companies in the technology selection, design, planning, and implementation of complex Information Technology projects. Chris has worked with Microsoft Windows since version 1.0 in 1985. He specializes in messaging, security, performance tuning, systems management, and migration. A Certified Information Systems Security Professional (CISSP) with an Information System Security Architecture Professional (ISSAP) concentration, Certified Homeland Security (CHS III), Windows 2003 MCSE, Novell CNE, Banyan CBE, and a Certified Project Manager, Chris is also an author, writer, and technical editor for a number of IT books, including Network Security for Government and Corporate Executives, Microsoft Exchange Server 2010 Unleashed, and Microsoft Operations Manager 2005 Unleashed. Chris presents on messaging, operations management, security, and Information Technology topics worldwide.