Bücher
Service
Your one-stop reference for Windows Server 2019 and PowerShell know-how
Windows Server 2019 & PowerShell All-in-One For Dummies offers a single reference to help you build and expand your knowledge of all things Windows Server, including the all-important PowerShell framework. Written by an information security pro and professor who trains aspiring system administrators, this book covers the broad range of topics a system administrator needs to know to run Windows Server 2019, including how to install, configure, and secure a system. This book includes coverage of:
* Installing & Setting Up Windows Server
* Configuring Windows Server 2019
* Administering Windows Server 2019
* Configuring Networking
* Managing Security
* Working with Windows PowerShell
* Installing and Administering Hyper-V
* Installing, Configuring, and Using Containers
If you're a budding or experienced system administrator looking to build or expand your knowledge of Windows Server, this book has you covered.
Sara Perrott is an information security professional with a systems and network engineering background. She teaches classes related to Windows Server, Amazon Web Services, networking, and virtualization. Sara addressed the AWS Imagine conference in 2018 and presented at the RSA conference in 2019.
Introduction 1
About This Book 1
Foolish Assumptions 2
Icons Used in This Book 2
Beyond the Book 3
Where to Go from Here 3
Book 1: Installing and Setting Up Windows Server 2019 5
Chapter 1: An Overview of Windows Server 2019 7
Extra! Extra! Read All About It! Seeing What's New in Windows Server 2019 8
Deciding Which Windows Server 2019 Edition Is Right for You 12
Essentials 12
Standard 13
Datacenter 13
Walking the Walk: Windows Server 2019 User Experiences 13
Desktop Experience 13
Server Core 14
Nano 15
Seeing What Server Manager Has to Offer 15
Windows Admin Center: Your New Best Friend 17
Chapter 2: Using Boot Diagnostics 21
Accessing Boot Diagnostics 21
From the DVD 22
From the boot menu 24
Using a Special Boot Mode 25
Safe Mode 25
Enable Boot Logging 27
Enable Low-Resolution Video 27
Last Known Good Configuration 27
Directory Services Restore Mode 28
Debugging Mode 28
Disable Automatic Restart on System Failure 29
Disable Driver Signature Enforcement 29
Disable Early Launch Anti-Malware Driver 29
Performing a Memory Test 30
Using the Command Prompt 32
Working with Third-Party Boot Utilities 32
Chapter 3: Performing the Basic Installation 35
Making Sure You Have What It Takes 36
Central processing unit 36
Random access memory 38
Storage 38
Network adapter 39
DVD drive 39
UEFI-based firmware 39
Trusted Platform Module 39
Monitor 39
Keyboard and mouse 40
Performing a Clean Install 40
Upgrading Windows 43
Performing a Network Install with Windows Deployment Services 46
Chapter 4: Performing Initial Configuration Tasks 47
Understanding Default Settings 48
Getting an Overview of the Configuration Process 49
Providing Computer Information 50
Windows Server 2019 with Desktop Experience 50
Windows Server 2019 Core 54
Updating Windows Server 2019 60
Windows Server 2019 with Desktop Experience 60
Windows Server 2019 Core 62
Customizing Windows Server 2019 64
Windows Server 2019 with Desktop Experience 64
Windows Server 2019 Core 67
Configuring Startup Options with BCDEdit 70
Book 2: Configuring Windows Server 2019 73
Chapter 1: Configuring Server Roles and Features 75
Using Server Manager 75
Roles and features 76
Diagnostics 77
Configuration tasks 78
Configure and Manage Storage 79
Understanding Server Roles 80
Active Directory Certificate Services 80
Active Directory Domain Services 81
Active Directory Federation Services 81
Active Directory Lightweight Directory Services 81
Active Directory Rights Management Services 82
Device Health Attestation 82
Dynamic Host Configuration Protocol 82
Domain Name System 83
Fax Server 83
File and Storage Services 84
Host Guardian Service 84
Hyper-V 85
Network Controller 85
Network Policy and Access Services 85
Print and Document Services 86
Remote Access 86
Remote Desktop Services 86
Volume Activation Services 86
Web Services 87
Windows Deployment Services 87
Windows Server Update Services 87
Understanding Server Features 87
.NET 3.5 88
.NET 4.7 88
Background Intelligent Transfer Service 88
BitLocker Drive Encryption 88
BitLocker Network Unlock 89
BranchCache 89
Client for NFS 89
Containers 89
Data Center Bridging 90
Direct Play 90
Enhanced Storage 90
Failover Clustering 90
Group Policy Management 91
Host Guardian Hyper-V Support 91
I/O Quality of Service 91
IIS Hostable Web Core 91
Internet Printing Client 91
IP Address Management Server 92
Internet Storage Name Server Service 92
LPR Port Monitor 92
Management OData IIS Extension 92
Media Foundation 92
Message Queueing 93
Multipath I/O 93
Multipoint Connector 93
Network Load Balancing 93
Network Virtualization 93
Peer Name Resolution Protocol 94
Quality Windows Audio Video Experience 94
RAS Connection Manager Administration Kit 94
Remote Assistance 94
Remote Differential Compression 94
Remote Server Administration Tools 94
RPC over HTTP Proxy 95
Setup and Boot Event Collection 95
Simple TCP/IP Services 95
SMB 1.0/CIFS File Sharing Support 95
SMB Bandwidth Limit 96
SMTP Server 96
Simple Network Management Protocol Service 96
Software Load Balancer 96
Storage Migration Service 97
Storage Migration Service Proxy 97
Storage Replica 97
System Data Archiver 97
System Insights 98
Telnet Client 98
TFTP Client 98
VM Shielding Tools for Fabric Management 98
WebDAV Redirector 98
Windows Biometric Framework 99
Windows Defender Antivirus 99
Windows Identity Foundation 3.5 99
Windows Internal Database 99
Windows PowerShell 99
Windows Process Activation Service 99
Windows Search Service 100
Windows Server Backup 100
Windows Server Migration Tools 100
Windows Standards-Based Storage Management 100
Windows Subsystem for Linux 101
Windows TIFF IFilter 101
WinRM IIS Extension 101
WINS Server 101
Wireless LAN Service 101
WoW64 Support 101
XPS Viewer 102
Chapter 2: Configuring Server Hardware 103
Working with Device Manager 104
Opening Device Manager 104
Configuring how Device Manager displays 104
Viewing devices that are not working properly 106
Understanding resources 107
Viewing hidden devices 108
Scanning for new devices 109
Working with older devices 109
Viewing individual device settings 109
Updating drivers 111
Configuring power management 111
Using the Add Hardware Wizard 112
Performing Hard-Drive-Related Tasks 113
Choosing basic or dynamic disks 114
Using multipath I/O 115
Working with storage area networks 116
Understanding Storage Spaces Direct 117
Working with Storage Replica 123
Using Storage Quality of Service 124
Encrypting with BitLocker 124
Performing Printer-Related Tasks 134
Using the Printer Install Wizard 134
Configuring print options 136
Configuring the Print Server role 137
Connecting to a Printer on a Print Server 140
Performing Other Configuration Tasks 141
Keyboard 141
Mouse 141
Power management 142
Sound 143
Language 143
Fonts 143
Chapter 3: Using the Control Panel 145
Accessing the Control Panel 145
Configuring the Control Panel 146
Understanding Control Panel Items 148
Chapter 4: Working with Workgroups 157
Knowing What a Workgroup Is 158
Knowing If a Workgroup Is Right for You 158
Comparing Centralized and Group Sharing 159
Configuring a Server for a Workgroup 159
Changing the name of your workgroup 160
Adding groups 161
Creating users and adding users to the group 162
Adding shared resources 164
Managing Workgroups 168
The Computer Management console 168
The User Account window 169
PowerShell 170
Examining the Peer Name Resolution Protocol 172
Chapter 5: Promoting Your Server to Domain Controller 173
Understanding Domains 173
What is a domain? 174
Forests and domains and OUs, oh my! 174
Understanding privileged domain groups 175
Examining Flexible Single Master Operation roles on domain controllers 175
Preparing to Create a Domain 177
Functional levels 178
Forest functional level 179
Domain functional level 179
Performing Domain Configuration Prerequisites 179
Checking for unsupported roles and features 180
Installing and configuring Domain Name System 180
Installing and configuring Dynamic Host Configuration Protocol 183
Configuring the Server as a Domain Controller 187
Installing Active Directory Domain Services 188
Configuring Active Directory Domain Services 188
Converting your DNS Zone to an Active Directory Integrated Zone 190
Authorizing your DHCP Server for your Active Directory environment 193
Configuring the user accounts 194
Sharing resources on a domain 196
Joining clients to the domain 197
Wrapping Things Up 202
Chapter 6: Managing DNS and DHCP with IP Address Management 205
Installing IP Address Management 206
Configuring IP Address Management 206
Using IP Address Management 210
Overview 210
Server Inventory 211
IP Address Space 211
Monitor and Manage 213
Event Catalog 215
Access Control 215
Book 3: Administering Windows Server 2019 217
Chapter 1: An Overview of the Tools Menu in Server Manager 219
Accessing the Server Manager Tools Menu 219
Working with Common Administrative Tools 222
Computer Management 222
Defragment and Optimize Drives 222
Disk Cleanup 223
Event Viewer 224
Local Security Policy 224
Registry Editor 226
Services 226
System Configuration 228
Task Scheduler 228
Installing and Using Remote Server Administration Tools 229
Installing Remote Server Administration Tools 229
Using Remote Server Administration Tools 230
Chapter 2: Setting Group Policy 233
Understanding How Group Policy Works 234
Starting the Group Policy Editor 235
Performing Computer Management 236
Modifying computer software settings 238
Modifying computer settings 239
Using Administrative Templates 240
Performing User Configuration 241
Modifying user software settings 241
Modifying a user's Windows Settings 242
Using user Administrative Templates 244
Viewing Resultant Set of Policy 244
Chapter 3: Configuring the Registry 247
Starting Registry Editor 248
Importing and Exporting Registry Elements 248
Exporting Registry elements 249
Importing Registry elements 249
Finding Registry Elements 250
Understanding Registry Data Types 251
Understanding the Hives 252
HKEY_CLASSES_ROOT 252
HKEY_CURRENT_USER 253
HKEY_LOCAL_MACHINE 254
HKEY_USERS 255
HKEY_CURRENT_CONFIG 256
Loading and Unloading Hives 256
Connecting to Network Registries 258
Setting Registry Security 259
Setting permissions in the Windows Registry 259
Disabling Remote Registry access 259
Securing remote administration 260
Chapter 4: Working with Active Directory 263
Active Directory 101 263
Configuring Objects in Active Directory 264
Using Active Directory Domains and Trusts 264
Using Active Directory Sites and Services 269
Using Active Directory Users and Computers 270
Using Active Directory Administrative Center 274
Chapter 5: Performing Standard Maintenance 277
Activating Windows 277
Through the graphical user interface 278
Through the command line 278
Configuring the User Interface 280
Working with the Folder Options dialog box 280
Setting your Internet Options 282
Focusing on your Personalization settings 284
Reporting problems 286
Setting your Regional and Language Options 286
Working with the Performance Options dialog box 287
Understanding How User Access Control Affects Maintenance Tasks 288
Adding and Removing Standard Applications 289
Measuring Reliability and Performance 290
Performance Monitor 290
Resource Monitor 292
Task Manager 293
Protecting the Data on Your Server 294
System Backup 295
System Restore 297
Performing Disk Management Tasks 298
Managing storage 299
Managing disks 299
Defragmenting drives 300
Automating Diagnostic Tasks with Task Scheduler 301
Discovering task status 301
Using preconfigured tasks 302
Creating your own tasks 304
Working with Remote Desktop 305
Working with Remote Server Administration Tools 306
Figuring out firewall rules 306
Connecting to the server 306
Managing your servers 307
Working with Admin Center 308
Focusing on firewall rules 309
Connecting to a server 309
Using Windows Admin Center to manage your servers 309
Creating a Windows Recovery Drive 311
Chapter 6: Working at the Command Line 313
Opening an Administrative Command Prompt 313
Configuring the Command Line 314
Customizing how you interact with the Command Prompt 314
Changing the font 316
Choosing your window layout 317
Defining text colors 318
Setting Environmental Variables 319
Getting Help at the Command Line 320
Understanding Command Line Symbols 322
Chapter 7: Working with PowerShell 323
Opening an Administrative PowerShell Window 324
Configuring PowerShell 325
Options 325
Font 327
Layout 328
Colors 328
Using a Profile Script 330
Setting Environmental Variables 330
Getting Help in PowerShell 332
Understanding PowerShell Punctuation 334
Book 4: Configuring Networking in Windows Server 2019 337
Chapter 1: Overview of Windows Server 2019 Networking 339
Getting Acquainted with the Network and Sharing Center 340
Using the Network Connections Tools 342
Status 342
Ethernet 343
Dial-up 344
VPN 344
Proxy 344
Configuring TCP/IP 346
Understanding DHCP 349
Defining DNS 350
Creating a DNS zone 352
DNS and Active Directory 353
Making DNS fault tolerant 354
Chapter 2: Performing Basic Network Tasks 355
Viewing Network Properties 355
Connecting to Another Network 357
Connecting to the Internet 358
Setting up a dial-up connection 359
Connecting to a virtual private network 360
Managing Network Connections 361
Understanding the Client for Microsoft Networks feature 362
Configuring the Internet Protocol 362
Installing network features 364
Uninstalling network features 364
Chapter 3: Accomplishing Advanced Network Tasks 367
Working with Remote Desktop Services 367
Installing Remote Desktop Services 368
Configuring user-specific settings 369
Configuring apps 371
Using RD Web Access 372
Configuring and using RDS licensing 374
Working with Network Policy and Access Services 376
Network Policy Server 377
Troubleshooting at the Command Line 381
Chapter 4: Diagnosing and Repairing Network Connection Problems 383
Using Windows Network Diagnostics 384
Repairing Individual Connections 386
Network Troubleshooting at the Command Line 388
Working with Windows Firewall 389
Making Sense of Common Configuration Errors 391
Duplicate IP addresses 391
No gateway address 391
No DNS servers set 392
An application is experiencing network issues 392
Everything should be working, but it's not 392
Working with Other Troubleshooting Tools 392
Book 5: Managing Security with Windows Server 2019 395
Chapter 1: Understanding Windows Server 2019 Security 397
Understanding Basic Windows Server Security 397
The CIA triad: Confidentiality, integrity, and availability 398
Authentication, authorization, and accounting 399
Access tokens 399
Security descriptors 399
Access control lists 400
Working with Files and Folders 403
Setting file and folder security 403
Creating a Local Security Policy 406
Paying Attention to Windows Security 408
Virus & Threat Protection 408
Firewall & Network Protection 408
App & Browser Control 410
Device Security 411
Chapter 2: Configuring Shared Resources 413
Comparing Share Security with File System Security 413
Shared folder permissions 414
File system security 415
Effective permissions validation 415
Sharing Resources 417
Storage media 417
Printers 418
Other resources 419
Configuring Access with Federated Rights Management 419
Working with Active Directory Federation Services 420
Working with Active Directory Rights Management Services 424
Chapter 3: Configuring Operating System Security 433
Understanding and Using User Account Control 433
Using User Account Control to protect the server 434
Running tasks as administrator 434
Watching out for automatic privilege elevation 435
Overriding User Account Control settings 435
Managing User Passwords 438
Understanding Credential Guard 439
How Credential Guard works 440
Credential Guard Hardware Requirements 440
How to enable Credential Guard 441
Configuring Startup and Recovery Options 444
Chapter 4: Working with the Internet 447
Firewall Basics 447
Getting acquainted with the Windows Defender Firewall profiles 448
Enabling and disabling the Windows Defender Firewall 448
Configuring Windows Defender Firewall with Advanced Security 451
Working with profile settings 452
Working with inbound/outbound rules 454
Understanding IPSec 457
Configuring the IPSec settings 458
Chapter 5: Understanding Digital Certificates 461
Certificates in Windows Server 2019 462
Cryptography 101 462
Certificate-specific concepts 464
Types of Certificates in Active Directory Certificate Services 465
User certificates 465
Computer 466
Chapter 6: Installing and Configuring AD CS 469
Introducing Certificate Authority Architecture 470
Root certificate authorities 470
Issuing certificate authorities 471
Policy certificate authorities 471
Installing a Certificate Authority 471
Creating the CAPolicy.inf file 471
Installing the root certificate authority 473
Installing the issuing certificate authority 477
Enrolling for certificates 478
Setting up web enrollment 481
Installing Online Certificate Status Protocol 482
Configuring Certificate Auto-Enrollment 485
Configuring the template 485
Configuring Group Policy 486
Chapter 7: Securing Your DNS Infrastructure 489
Understanding DNSSEC 489
The basics of DNSSEC 490
Records used for DNSSEC 490
Configuring DNSSEC 491
Understanding DANE 495
The basics of DANE 495
Configuring DANE 496
Book 6: Working with Windows PowerShell 501
Chapter 1: Introducing PowerShell 503
Understanding the Basics of PowerShell 503
Objects 504
Pipeline 504
Providers 505
Variables 506
Sessions 506
Comments 507
Aliases 507
Cmdlets 507
Using PowerShell 509
Writing PowerShell commands and scripts 509
Working with objects 513
Working with the pipeline 514
Working with modules 516
Working with comparison operators 518
Getting information out of PowerShell 519
Scripting logic 521
Other cool tricks 522
Running PowerShell Remotely 527
Invoke-Command 527
New-PSSession 527
Enter-PSSession 527
Getting Help in PowerShell 528
Update-Help 528
Get-Help 529
-Detailed and -Full 529
Identifying Security Issues with PowerShell 530
Execution Policy 530
Code signing 531
Firewall requirements for PowerShell remoting 534
Chapter 2: Understanding the NET Framework 535
Introducing the Various Versions of NET Framework 535
Focusing on New Features in NET 4.7 538
Viewing the Global Assembly Cache 539
Understanding assembly security 540
Identifying the two types of assembly privacy 540
Viewing assembly properties 541
Understanding NET Standard and NET Core 541
.NET Core 542
.NET Standard 542
Tying it all together: NET and PowerShell 542
Chapter 3: Working with Scripts and Cmdlets 543
Introducing Common Scripts and Cmdlets 543
Executing Scripts or Cmdlets 544
Working with COM objects 545
Combining multiple cmdlets 545
Working from Another Location 546
Performing Simple Administrative Tasks with PowerShell Scripts 548
Adding users in Active Directory 548
Creating a CSV file and populating it with data from Active Directory 548
Checking to see if a patch is installed 550
Checking running processes or services 550
Chapter 4: Creating Your Own Scripts and Advanced Functions 551
Creating a PowerShell Script 552
Creating a simple script 552
Running the script 557
Defining a Script Policy 558
Signing a PowerShell Script 559
Creating a PowerShell Advanced Function 559
Playing with parameters 560
Creating the advanced function 561
Using the advanced function 563
Chapter 5: PowerShell Desired State Configuration 567
Getting an Overview of PowerShell Desired State Configuration 567
Configurations 568
Resources 569
Local Configuration Manager 571
Creating a PowerShell Desired State Configuration Script 572
Applying the PowerShell Desired State Configuration Script 573
Compiling into MOF 574
Applying the new configuration 575
Push and Pull: Using PowerShell Desired State Configuration at Scale 575
Push mode 576
Pull mode 577
Book 7: Installing and Administering Hyper-V 579
Chapter 1: What Is Hyper-V? 581
Introduction to Virtualization 581
Type 1 and Type 2 Hypervisors 582
Type 1 hypervisors 583
Type 2 hypervisors 583
Installing and Configuring Hyper-V 583
Installing Hyper-V 584
Configuring Hyper-V 586
Virtual Switch Manager 591
Virtual SAN Manager 591
Chapter 2: Virtual Machines 593
Creating a Virtual Machine 593
Configuring a Virtual Machine 597
Add Hardware 598
Firmware 598
Security 598
Memory 599
Processor 600
SCSI Controller 601
Network Adapter 602
Name 603
Integration Services 603
Checkpoints 603
Smart Paging File Location 603
Automatic Start Action 604
Automatic Stop Action 604
Shielded Virtual Machines 604
Chapter 3: Virtual Networking 605
Identifying the Types of Virtual Switches 606
External 606
Internal 606
Private 606
Creating a Virtual Switch 607
Hyper-V Manager 607
PowerShell 608
Getting into Advanced Hyper-V Networking 610
Virtual local area network tagging 610
Bandwidth management 613
Network interface card teaming 614
Looking at single-root I/O virtualization 619
Chapter 4: Virtual Storage 621
Understanding Virtual Disk Formats 621
Considering Types of Disks 622
Fixed 622
Dynamic 622
Differencing 623
Pass-through 623
Adding Storage to the Host 623
Adding the drives 623
Changing the default save locations of virtual disk files 625
Adding Storage to the Virtual Machine 626
Adding a new virtual drive 626
Expanding a disk drive 629
Adding a pass-through disk 630
Converting a VHD disk file to a VHDX disk file 631
Attaching the converted drive to the virtual machine 632
Chapter 5: High Availability in Hyper-V 635
Hyper-V Replica 635
Setting up Hyper-V Replica on the Hyper-V hosts 636
Setting up replication on the virtual machines 638
Live Migration 640
Setting up live migration 641
Kicking off a live migration 643
Storage Migration 644
Failover Clustering 645
Installing Failover Clustering 645
Configuring Failover Clustering 646
Configuring a witness for your failover cluster 647
Book 8: Installing, Configuring, and Using Containers 649
Chapter 1: Introduction to Containers in Windows Server 2019 651
Understanding Containers 652
Knowing what a container looks like 652
Defining important container terms 653
Seeing how containers run on Windows 653
Considering Use Cases for Containers 654
Developers 654
System administrators 654
Deciding What Type of Containers You Want to Use 655
Windows Server containers 655
Hyper-V containers 655
Managing Containers at Scale 656
Chapter 2: Docker and Docker Hub 657
Introduction to Docker 657
Docker architecture 658
Basic Docker commands 658
Introduction to Docker Hub 659
Finding public images 659
Creating a private repository 662
Using a private repository 664
Chapter 3: Installing Containers on Windows Server 2019 667
Installing Windows Containers 668
Installing Hyper-V Containers 669
Installing Docker 670
Testing Your Container Installation 672
Windows container 672
Hyper-V container 672
Chapter 4: Configuring Docker and Containers on Windows Server 2019 675
Working with Dockerfile 675
Applying Custom Metadata to Containers and Other Objects 678
Creating labels 679
Viewing labels 679
Configuring Containers 680
Starting containers automatically 680
Limiting a container's resources 681
Configuring the Docker Daemon with daemon.json 682
Chapter 5: Managing Container Images 685
Making Changes to Images and Saving the Changes You Make 685
Pushing Images to Docker Hub 689
Pulling Images from Docker Hub 691
Handling Image Versioning 693
Chapter 6: Container Networking 695
Considering the Different Types of Network Connections 696
Viewing Your Network Adapters and Virtual Switches 697
Configuring a Network Address Translation
Network Connection 698
Configuring a Transparent Network Connection 699
Configuring an Overlay Network Connection 700
Configuring an l2bridge Network Connec
