Download Windows.server.2008.R2.Secrets PDF

File Size10.5 MB
Total Pages578
Table of Contents
                            Windows Server 2008 R2 Secrets
	About the Author
	About the Technical Editor
	Read This First
		Who This Book Is For
		What This Book Covers
		How This Book Is Structured
		What You Need to Use This Book
		Features and Icons Used in This Book
	Part I: Depolyment and Administration Secrets
		Chapter 1: Windows Server 2008 R2 Deployment Secrets
			Choosing an Edition of Windows Server 2008 R2
			Deciding Between Types of Installation
			Optimizing Your Deployment Image
			Minimizing Deployment Time
			Activating Windows
		Chapter 2: The Windows Server 2008 R2 Administrator's Toolkit
			Choosing the Right Remote Administration Tool
			Remote Desktop
			Management Consoles
			Remote Windows PowerShell
			Emergency Management Services (When All Else Fails)
		Chapter 3: Server Core Secrets
			Using Server Core Administration Tools
			Performing Server Core Post-Deployment Tasks
			Understanding the Sconfig.cmd
			Administering with Server Core Configurator
			Understanding Server Core Infrastructure Roles
		Chapter 4: Active Directory Domains and Forests
			Understanding Forests and Domains
			Setting Domain and Forest Functional Levels
			Selecting the DNS Server
			Defining Active Directory Sites
			Defining FSMO Roles
			Using Read-Only Domain Controllers
			Securing with Global Catalog Servers and Universal Group Membership Caching
			Maintaining the Active Directory Database
		Chapter 5: Effectively Managing Group Policy
			Applying Group Policy
			Using Group Policy Management Console
			Using Important Group Policy Features
			Completing Common Group Policy Tasks
		Chapter 6: Managing Users and Computers
			Using Organizational Unit Structures
			Managing User Accounts
			Configuring Account Policies
			Managing Groups
			Creating Computer Accounts
		Chapter 7: Managing Active Directory Certificate Services
			Understanding Certification Authority Types
			Managing Certification Authorities
			Using Certificate Templates
			Utilizing Certificate Autoenrollment
			Recovering Certificates
			Backing Up Certificate Services
			Revoking Certificates
	Part II: Network Infrastructure and Security Secrets
		Chapter 8: Network Addressing
			Understanding IPv4 and DHCP
			Understanding IPv6
			Transitioning to IPv6
			Understanding Windows Firewall with Advanced Security
		Chapter 9: Securing the Network: Windows Firewall and Network Access Protection
			Understanding Connection Security Rules
			Understanding and Configuring Network Access Protection
	Part III: Shared Folder and Data Protection Secrets
		Chapter 10: Secrets behind Shared Folders
			Using the Share and Storage Management Console
			Using File Server Resource Manager
			Working with the Distributed File System
			Utilizing BranchCache
			Working with Offline Files
		Chapter 11: Keeping Data Private
			Encrypting File System
			Encrypting with BitLocker
			Using Active Directory Rights Management Services
		Chapter 12: Backup and Recovery
			Using and Configuring Windows Server Backup
			Enabling Shadow Copies of Shared Folders
			Performing Recovery
			Using System Center Data Protection Manager
	Part IV: Infrastructure Services
		Chapter 13: Internet Information Services
			Managing Sites
			Managing Application Pools
			IIS Users and Delegation
			Managing FTP
		Chapter 14: Configuring Hyper-V Virtual Machines
			Configuring Hyper-V
			Understanding Virtual Hard Disks
			Understanding Hyper-V Networks
			Using Virtual Machine Snapshots
			Migrating Virtual Machines
		Chapter 15: Patch Management with WSUS
			Defining an Update Process
			Installing and Deploying WSUS
			Deploying Updates
			Understanding WSUS Topologies
			Verifying Update Deployment
			Going Further
		Chapter 16: High Availablity
			Understanding Network Load Balancing
			Allocating Storage to iSCSI SAN
			Understanding Failover Clustering
	Part V: Remote Access Secrets
		Chapter 17: Presentation and Application Virtualization
			Understanding Remote Desktop Session Host
			Running RemoteApp
			Using Remote Desktop Web Access
			Utilizing Remote Desktop Connection Broker
			Connecting via Remote Desktop Gateway
			Remote Desktop Licensing
			Understanding Remote Desktop Virtualization Host
			Virtualizing Applications with App-V
		Chapter 18: Remote Access
			Setting up Remote Desktop Gateway
			Deploying Virtual Private Networks
			Connecting via DirectAccess
	Part VI: Maintenance and Monitoring Secrets
		Chapter 19: Getting the Most Out of Event Logs and Auditing
			Auditing Windows Server 2008 R2
			Filtering and Viewing Event Logs
			Event Log Forwarding
			Creating Event Viewer Tasks
			Going Further with Operations Manager
			Monitoring Point-in-Time Performance
		Chapter 20: Performance and Resource Management
			Understanding Data Collector Sets
			Using Windows Server Resource Manager
Document Text Contents
Page 289

Using File Server Resource Manager

2 . In the Actions pane, click the Generate Reports Now item.

3 . On the Storage Reports Task Properties window shown in Figure 10-12, click
Add to specify the volumes that you want to check, and use the checkboxes to
select which reports you want to run. Click OK to run the report(s). During this
process, you have the option of waiting for the reports to be generated and
then displayed, or having the reports generated in the background for later

FigurE 10-12: Storage reports

Configuring File Classification
File classification enables you to assign metadata to a file based on its properties. You
can perform a simple classification based on the file’s location or a more complex clas-
sification based on the contents of the file. The first step in configuring file classifica-
tion is to set classification properties. Classification properties support the following

Yes/No:33 A Boolean value

Date-Time:33 The date and time

Number:33 An integer value

Page 290

c h a P t E r 1 0 Secrets behind Shared Folders

Multiple Choice List:33 Where multiple values can be assigned

Ordered List:33 Values that have an order

String:33 A text-based value

Multi-string:33 Allows the assignment of several text-based values in a

For example, to create a classification property named Importance, which has the
possible values High, Medium, and Low, perform the following general steps:

1 . Open File Server Resource Manager and navigate to the Classification Man-
agement\Classification Properties node.

2 . In the Actions menu, click Create Property.

3 . In the Create Classification Property Definition window, enter the property
name as Importance. Change the property type to Ordered List and enter the
items High, Medium, and Low as shown in Figure 10-13. Click OK.

FigurE 10-13: Classification property

Page 577


directory browsing, 343

IP address and domain name filtering, 344

modifying custom error response, 341–342

overview of, 332

URL authorization rules, 345–346

WFAS (Windows Firewall with Advanced Security)

applying WFAS rules using Group Policy, 221–222

configuring IPSec settings, 228–230

creating firewall profiles, 222–225

creating inbound rules, 225–226

creating isolation rules, 232

creating outbound rules, 227

creating server-to-server rules, 233–234

creating tunnel rules, 234–235

overview of, 220–221

WIM format

applying WIM image to VHD files, 17–18

deploying WIM images using WDS, 22–23

Windows 2000 Native, 79

Windows 7

auditing categories, 486

EFS and, 284

IPSec settings and, 229

ISATAP tunneling support, 215

NAP client policies, 239

RSAT support and, 41–42

SHVs (System Health Validators), 238

support for dual layer IP architecture, 213

VPNs and, 469

WinTPC (Windows Thin PC) and, 443

Windows authentication, 340–341

Windows Automated Installation Kit (WAIK), 24

Windows Deployment Services. See WDS (Windows
Deployment Services)

Windows Firewall with Advanced Security. See WFAS
(Windows Firewall with Advanced Security)

Windows PowerShell. See PowerShell

Windows Server 2003, 79–80

Windows Server 2008

auditing categories, 486

domain functional level, 80

EFS and, 284

firewall profiles and, 223

Hyper-V support, 358

IPSec settings and, 229

ISATAP tunneling support, 215

support for dual layer IP architecture, 213

Windows Server Backup in, 305

Windows Server 2008 R2

auditing, 486

configuring as VPN server, 471–472

configuring as WSUS client, 391–395

domain functional level, 80

EFS and, 284

firewall profiles and, 223

Hyper-V support, 358

IPSec settings and, 229

ISATAP tunneling support, 215

NAP client policies, 239

NPS (Network Policy Server) role, 236

SHVs (System Health Validators), 238

support for dual layer IP architecture, 213

Windows Server Backup in, 305

Windows Server Backup

backing up applications, 310

backing up system state, 308–310

installing, 305

optimizing performance of backups, 312–313

overview of, 303–305

performing one-time backup, 305–308

recovering applications, 318–319

recovering backup catalog, 321

recovering files and folders, 317–318

recovering system state, 319–320

scheduling backup jobs, 310–312

Windows Server Update Services. See WSUS (Windows
Server Update Services)

Windows System Resource Manager. See WSRM
(Windows System Resource Manager)

Windows Thin PC (WinTPC), 443

Windows Vista

auditing categories, 486

EFS and, 284

IPSec settings and, 229

Page 578

556 Index

ISATAP tunneling support, 215

RSAT support and, 41

SHVs (System Health Validators), 238

support for dual layer IP architecture, 213

Windows XP

EFS and, 284

RSAT support and, 41


configuring IPv4 addresses, 197

high availability options, 428

WinTPC (Windows Thin PC), 443

WMI queries, 129

workgroups, sconfig.cmd utility managing, 62

WSRM (Windows System Resource Manager)

configuring Session Host servers, 442–443

installing, 522

overview of, 521

performing basic tasks with, 524–525

resource allocation policies, 523

WSUS (Windows Server Update Services)

automatic approvals, 399–401

BranchCache support, 275–276

checking for approved updates with MBSA, 405–406

configuration options in, 387–389

configuring Windows Server 2008 R2 as WSUS
client, 391–395

creating update database, 389–390

deploying updates, 395–396

deploying updates to WSUS groups, 396–397

initial configuration of, 385–387

installing, 384–385

managing Windows Update with Core
Configurator, 66

migrating metadata and patch database, 390–391

overview of, 382

removing updates, 398–399

reports, 404–405

SCE and SCCM compared with, 407–408

topologies and, 401–402

verifying update deployment, 402–403

WSUS Server Configuration Wizard, 389

WSUS servers, 59–60

WSUSutil.exe, 391

XML file format, answer files in, 24–25

zone IDs, 212

zones, DNS. See DNS zones

Similer Documents