Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Preface
Who this book is for What this book covers To get the most out of this book Get in touch
Getting Started with Windows Server 2019
The purpose of Windows Server It's getting cloudy out there
The public cloud The private cloud
Windows Server versions and licensing
Standard versus Datacenter Three different interfaces
Desktop Experience Server Core Nano Server – now only for containers
Licensing models – SAC and LTSC
Semi-Annual Channel (SAC) Long-Term Servicing Channel (LTSC)
Overview of new and updated features
The Windows 10 experience continued Hyper-Converged Infrastructure Windows Admin Center Windows Defender Advanced Threat Protection Banned passwords Soft restart Integration with Linux SAC releases are shrinking! Enhanced shielded virtual machines Azure Network Adapter Always On VPN System Insights
Windows Server 2019 interface
The updated Start menu The Quick Admin Tasks menu Using the Search function Pinning programs to the taskbar The power of right-clicking
Using the newer Settings screen Two ways to do the same thing
Creating a new user through Control Panel Creating a new user through the Settings menu
Task Manager Task View Summary Questions
Installing and Managing Windows Server 2019
Technical requirements Installing Windows Server 2019
Burning that ISO Creating a bootable USB stick Running the installer
Installing roles and features
Installing a role using the wizard Installing a feature using PowerShell
Centralized management and monitoring
Server Manager Remote Server Administration Tools (RSAT) Does this mean RDP is dead?
Remote Desktop Connection Manager
Windows Admin Center (WAC)
Installing Windows Admin Center Launching Windows Admin Center Adding more servers to Windows Admin Center Managing a server with Windows Admin Center Changes are easy as pie Azure integrations
Enabling quick server rollouts with Sysprep
Installing Windows Server 2019 onto a new server Configuring customizations and updates onto your new server Running Sysprep to prepare and shut down your master server Creating your master image of the drive Building new servers using copies of the master image
Summary Questions
Active Directory
What is a domain controller?
Active Directory Domain Services
Creating your first domain
Prep your domain controller Install the AD DS role Configure the domain
Trees, forests, and…domains?
Multiple domain controllers for redundancy Active Directory Users and Computers
User accounts Security groups Prestaging computer accounts
Active Directory Domains and Trusts
Building a trust
Network connectivity Conditional DNS forwarding Configuring the trust Test it out!
Active Directory Sites and Services Active Directory Administrative Center
Dynamic Access Control Fine-Grained Password Policy
Read-only domain controllers Group Policy Summary Questions
DNS and DHCP
The purpose of DNS Types of DNS records
Host record (A or AAAA) Alias record – CNAME Mail Exchanger (MX) record TXT record SPF Record
Enforcement rule -all
Name Server (NS) record
Public name server records
ipconfig /flushdns
Split-brain DNS Types of DNS zones
Active Directory Integrated Zones Forward Lookup Zones Reverse Lookup Zones Primary Zone Secondary Zone Stub Zone Creating a new zone
IP addressing with DHCP Creating a DHCP scope
Scope Options
DHCP reservations DHCP failover
Two DHCP servers Hot standby mode Load sharing mode Configuring DHCP failover
IPAM Summary Questions
Group Policy
Group Policy Object
Group Policy background refresh cycle
Building a GPO
Adding Trusted Sites Mapping network drives Installing registry keys
Scoping a GPO
Links
GPRESULT Continuing with the link
Group Policy processing order
Local Policy Site-level policies Domain-level policies OU-level policies
Security Filtering WMI Filtering Item-level targeting Delegation
Computer settings and user settings
Computer Configuration User Configuration Linking GPOs accordingly Group Policy loopback processing
Policy vs preference
Policies Preferences
Default Domain Policy Administrative Templates
Implementing ADMX/ADML files
Central Store
Enable the Central Store Populate the Central Store
Summary Questions
Certificates in Windows Server 2019
Common certificate types
User certificates Computer certificates SSL certificates
Single-name certificates Multi-domain or subject alternative name certificates Wildcard certificates
Planning your PKI
Role services Enterprise versus Standalone Root versus subordinate (issuing) Naming your CA server Can I install the CA role onto a domain controller?
Creating a new certificate template Issuing your new certificates
Publishing the template Requesting a cert from MMC Requesting a certificate from the web interface Creating an auto-enrollment policy
Obtaining a public-authority SSL certificate
Public/private key pair Creating a certificate signing request Submitting the certificate request Downloading and installing your certificate
Exporting and importing certificates
Exporting from MMC Exporting from IIS Importing into a second server
Summary Questions
Networking with Windows Server 2019
Introduction to IPv6
Understanding IPv6 IP addresses
Your networking toolbox
ping tracert pathping Test-Connection Telnet Test-NetConnection Packet tracing with Wireshark TCPView
Building a routing table
Multi-homed servers Only one default gateway Building a route Adding a route with the Command Prompt Deleting a route Adding a route with PowerShell
NIC Teaming Software-defined networking
Hyper-V Network Virtualization Private clouds Hybrid clouds How does it work?
System Center Virtual Machine Manager Network Controller Generic Routing Encapsulation Microsoft Azure Virtual Network RAS Gateway/SDN Gateway
Virtual network encryption Bridging the gap to Azure Azure Network Adapter
Summary Questions
Remote Access
Always On VPN
Types of AOVPN tunnels
User tunnels Device tunnels
Device tunnel requirements AOVPN client requirements
Domain-joined
Rolling out the settings AOVPN server components
Remote Access server Certification Authority (CA) Network Policy Server (NPS)
DirectAccess
The truth about DirectAccess and IPv6 Prerequisites for DirectAccess
Domain-joined Supported client operating systems DirectAccess servers – one or two NICs? To NAT or not to NAT? Network Location Server Certificates used with DirectAccess
Do not use the Getting Started Wizard (GSW)!
Remote Access Management Console
Configuration Dashboard Operations Status Remote Client Status Reporting Tasks
DA, VPN, or AOVPN? Which is best?
Domain-joined or not? Auto or manual launch Software versus built-in Password and login issues with traditional VPNs Port-restricted firewalls Manual disconnect Native load-balancing capabilities Distribution of client configurations
Web Application Proxy
WAP as AD FS Proxy
Requirements for WAP Latest improvements to WAP
Preauthentication for HTTP Basic HTTP to HTTPS redirection Client IP addresses forwarded to applications Publishing Remote Desktop Gateway Improved administrative console
Summary Questions
Hardening and Security
Windows Defender Antivirus
Installing Windows Defender Antivirus Exploring the user interface Disabling Windows Defender Antivirus What is ATP, anyway? Windows Defender ATP Exploit Guard
Windows Defender Firewall – no laughing matter
Three Windows Firewall administrative consoles
Windows Defender Firewall (Control Panel) Firewall & network protection (Windows Security Settings) Windows Defender Firewall with Advanced Security (WFAS)
Three different firewall profiles Building a new inbound firewall rule Creating a rule to allow pings (ICMP) Managing WFAS with Group Policy
Encryption technologies
BitLocker and the virtual TPM Shielded VMs Encrypted virtual networks Encrypting File System IPsec
Configuring IPsec
Azure AD Password Protection Fine-grained password policy Advanced Threat Analytics – end of support
What is (was) ATA? Azure ATP
General security best practices
Getting rid of perpetual administrators Using distinct accounts for administrative access Using a different computer to accomplish administrative tasks Never browse the internet from servers Role-Based Access Control (RBAC) Just Enough Administration (JEA) Disable external RDP…NOW
Summary Questions
Server Core
Why use Server Core?
No more switching back and forth
Interfacing with Server Core
PowerShell
Using cmdlets to manage IP addresses Setting the server hostname Joining your domain
Remote PowerShell Server Manager Remote Server Administration Tools Accidentally closing Command Prompt
Windows Admin Center for managing Server Core The Sconfig utility Roles available in Server Core Building a Server Core domain controller
Install the AD DS role Promote this server to a domain controller Verify that it worked
What happened to Nano Server? Summary Questions
PowerShell
Why move to PowerShell?
Cmdlets PowerShell is the backbone Scripting Server Core
Working within PowerShell
Launching PowerShell Default execution policy
Restricted AllSigned RemoteSigned Unrestricted Bypass mode
Using the Tab key Useful cmdlets for daily tasks
Query user or quser IP addressing cmdlets
Using Get-Help Formatting the output
Format-Table Format-List
Using a pipeline
Export to CSV Pipes can invoke action
PowerShell Integrated Scripting Environment
PS1 files Working with PowerShell ISE
Remotely managing a server
Preparing the remote server
The WinRM service Enable-PSRemoting Allowing machines from other domains or workgroups
Connecting to the remote server
Using -ComputerName Using Enter-PSSession
Desired State Configuration Summary Questions
Redundancy in Windows Server 2019
Network Load Balancing (NLB)
Not the same as round-robin DNS What roles can use NLB? Virtual and dedicated IP addresses NLB modes
Unicast Multicast Multicast IGMP
Configuring a load-balanced website
Enabling NLB
Enabling MAC address spoofing on VMs
Configuring NLB Configuring IIS and DNS Testing it out Flushing the ARP cache
Failover clustering
Clustering Hyper-V hosts
Virtual machine load balancing
Clustering for file servers
Scale-out file server
Clustering tiers
Application-layer clustering Host-layer clustering A combination of both How does failover work?
Setting up a failover cluster
Building the servers Installing the feature Running Failover Cluster Manager Running cluster validation Running the Create Cluster wizard
Clustering improvements in Windows Server 2019
True two-node clusters with USB witnesses Higher security for clusters Multi-site clustering Cross-domain or workgroup clustering
Migrating cross-domain clusters
Cluster operating system rolling upgrades Virtual machine resiliency
Storage Replica (SR)
Configuring Storage Replica
Initializing disks as GPT Testing preparedness for Storage Replica Configuring Storage Replica Shifting the primary server to FS02
Storage Spaces Direct (S2D)
New in Server 2019
Summary Questions
Containers and Nano Server
Understanding application containers
Sharing resources Isolation Scalability
Containers and Nano Server Windows Server containers versus Hyper-V containers
Windows Server containers Hyper-V containers
Docker and Kubernetes
Linux containers Docker Hub Docker Trusted Registry Kubernetes
Working with containers
Installing the role and feature Installing Docker for Windows Docker commands
docker version docker info docker --help docker images docker search docker pull docker run docker ps -a
Downloading a container image Running a container
Summary Questions
Hyper-V
Designing and implementing your Hyper-V Server
Installing the Hyper-V role
Using virtual switches
External virtual switch Internal virtual switch Private virtual switch Creating a new virtual switch
Implementing a new virtual server
Starting and connecting to the VM Installing the operating system
Managing a virtual server
Hyper-V Manager The Settings menu Checkpoints Configuring auto stop and start Expanding a virtual disk Hyper-V console, Remote Desktop Protocol (RDP), or PowerShell Windows Admin Center (WAC)
Shielded VMs
Encrypting VHDs Infrastructure requirements for shielded VMs
Guarded hosts Host Guardian Service (HGS)
Host attestations
TPM-trusted attestations Host key attestations Admin-trusted attestation – deprecated in 2019
Integrating with Linux ReFS deduplication
ReFS Data deduplication Why is this important to Hyper-V?
Hyper-V Server 2019 Summary Questions
Troubleshooting Windows Server 2019
Backup and Restore
Schedule regular backups Restoring from Windows Restoring from the installer disk
Task Manager Resource Monitor Performance Monitor Windows Firewall with Advanced Security System Insights Remote toolsets Event Logs
Filtering event logs Exporting Windows event logs with PowerShell Common Event IDs
MMC and MSC shortcuts Summary Questions
Appendix: Answers to the end-of-chapter Questions Other Books You May Enjoy Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion