Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Windows Server® 2012 Pocket Consultant
Dedication
Introduction
Who Is This Book For?
How This Book Is Organized
Conventions Used in This Book
Other Resources
Errata & Book Support
We Want to Hear from You
Stay in Touch
I. Windows Server 2012 Administration Fundamentals
1. Windows Server 2012 Administration Overview
Windows Server 2012 and Windows 8
Getting to Know Windows Server 2012
Power Management Options
Networking Tools and Protocols
Understanding Networking Options
Working with Networking Protocols
Domain Controllers, Member Servers, and Domain Services
Working with Active Directory
Using Read-Only Domain Controllers
Using Restartable Active Directory Domain Services
Name-Resolution Services
Using Domain Name System
Using Windows Internet Name Service
Using Link-Local Multicast Name Resolution
Frequently Used Tools
Windows PowerShell 3.0
Windows Remote Management
Enabling and Using WinRM
Configuring WinRM
2. Managing Servers Running Windows Server 2012
Server Roles, Role Services, and Features for Windows Server 2012
Full-Server, Minimal-Interface, and Server Core Installations
Navigating Server Core
Installing Windows Server 2012
Performing a Clean Installation
Performing an Upgrade Installation
Performing Additional Administration Tasks During Installation
Using the Command Line During Installation
Forcing Disk Partition Removal During Installation
Loading Disk Device Drivers During Installation
Creating, Formatting, Deleting, and Extending Disk Partitions During Installation
Creating Disk Partitions During Installation
Formatting Disk Partitions During Installation
Deleting Disk Partitions During Installation
Extending Disk Partitions During Installation
Changing the Installation Type
Converting Full-Server and Minimal-Interface Installations
Converting Server Core Installations
Managing Roles, Role Services, and Features
Performing Initial Configuration Tasks
Server Manager Essentials and Binaries
Managing Your Servers Remotely
Connecting to and Working with Remote Servers
Adding and Removing Roles, Role Services, and Features
Managing System Properties
The Computer Name Tab
The Hardware Tab
The Advanced Tab
Setting Windows Performance
Setting Application Performance
Configuring Virtual Memory
Configuring Data Execution Prevention
Using and Configuring DEP
Understanding DEP Compatibility
Configuring System and User Environment Variables
Creating an Environment Variable
Editing an Environment Variable
Deleting an Environment Variable
Configuring System Startup and Recovery
Setting Startup Options
Setting Recovery Options
The Remote Tab
3. Monitoring Processes, Services, and Events
Managing Applications, Processes, and Performance
Task Manager
Viewing and Working with Processes
Administering Processes
Viewing System Services
Viewing and Managing System Performance
CPU Usage: The Basics
Memory Usage: The Basics
Network Usage: The Basics
Viewing and Managing Remote User Sessions
Managing System Services
Navigating Services in Server Manager
Navigating Services in Computer Management
Starting, Stopping, and Pausing Services
Configuring Service Startup
Configuring Service Logon
Configuring Service Recovery
Disabling Unnecessary Services
Event Logging and Viewing
Accessing Events in Server Manager
Accessing Events in Event Viewer
Filtering Event Logs
Setting Event Log Options
Clearing Event Logs
Archiving Event Logs
Archive Log Formats
Creating Log Archives
Viewing Log Archives
Monitoring Server Performance and Activity
Why Monitor Your Server?
Getting Ready to Monitor
Using the Monitoring Consoles
Choosing Counters to Monitor
Performance Logging
Creating and Managing Data Collector Sets
Collecting Performance Counter Data
Collecting Performance Trace Data
Collecting Configuration Data
Viewing Data Collector Reports
Configuring Performance Counter Alerts
Tuning System Performance
Monitoring and Tuning Memory Usage
Monitoring and Tuning Processor Usage
Monitoring and Tuning Disk I/O
Monitoring and Tuning Network Bandwidth and Connectivity
4. Automating Administrative Tasks, Policies, and Procedures
Understanding Group Policies
Group Policy Essentials
In What Order Are Multiple Policies Applied?
When Are Group Policies Applied?
Group Policy Requirements and Version Compatibility
Navigating Group Policy Changes
Managing Local Group Policies
Local Group Policy Objects
Accessing the Top-Level Local Policy Settings
Local Group Policy Object Settings
Accessing Administrator, Non-Administrator, and User-Specific Local Group Policy
Managing Site, Domain, and Organizational Unit Policies
Understanding Domain and Default Policies
Using the Group Policy Management Console
Getting to Know the Policy Editor
Using Administrative Templates to Set Policies
Creating and Linking GPOs
Creating and Using Starter GPOs
Delegating Privileges for Group Policy Management
Blocking, Overriding, and Disabling Policies
Maintaining and Troubleshooting Group Policy
Refreshing Group Policy
Configuring the Refresh Interval
Modeling Group Policy for Planning Purposes
Copying, Pasting, and Importing Policy Objects
Backing Up and Restoring Policy Objects
Determining Current Group Policy Settings and Refresh Status
Disabling an Unused Part of Group Policy
Changing Policy Processing Preferences
Configuring Slow-Link Detection
Removing Links and Deleting GPOs
Troubleshooting Group Policy
Fixing Default Group Policy Objects
Managing Users and Computers with Group Policy
Centrally Managing Special Folders
Redirecting a Special Folder to a Single Location
Redirecting a Special Folder Based on Group Membership
Removing Redirection
User and Computer Script Management
Assigning Computer Startup and Shutdown Scripts
Assigning User Logon and Logoff Scripts
Deploying Software Through Group Policy
Getting to Know Software Installation Policy
Deploying Software Throughout Your Organization
Configuring Software Deployment Options
Updating Deployed Software
Upgrading Deployed Software
Automatically Enrolling Computer and User Certificates
Managing Automatic Updates in Group Policy
Configuring Automatic Updates
Optimizing Automatic Updates
Using Intranet Update Service Locations
5. Enhancing Computer Security
Using Security Templates
Using the Security Templates and Security Configuration And Analysis Snap-ins
Reviewing and Changing Template Settings
Changing Settings for Account, Local, and Event Log Policies
Configuring Restricted Groups
Enabling, Disabling, and Configuring System Services
Configuring Security Settings for Registry and File System Paths
Analyzing, Reviewing, and Applying Security Templates
Deploying Security Templates to Multiple Computers
Using the Security Configuration Wizard
Creating Security Policies
Editing Security Policies
Applying Security Policies
Rolling Back the Last-Applied Security Policy
Deploying a Security Policy to Multiple Computers
II. Windows Server 2012 Directory Services Administration
6. Using Active Directory
Introducing Active Directory
Active Directory and DNS
Read-Only Domain Controller Deployment
Active Directory Features for Windows Server 2008 R2
Active Directory Features for Windows Server 2012
Working with Domain Structures
Understanding Domains
Understanding Domain Forests and Domain Trees
Understanding Organizational Units
Understanding Sites and Subnets
Working with Active Directory Domains
Using Computers with Active Directory
Working with Domain Functional Levels
Using Windows Server 2003 Functional Level
Using Windows Server 2008 Functional Level
Using Windows Server 2008 R2 Functional Level
Using Windows Server 2012 Functional Level
Raising or Lowering Domain and Forest Functionality
Understanding the Directory Structure
Exploring the Data Store
Exploring Global Catalogs
Universal Group Membership Caching
Replication and Active Directory
Active Directory and LDAP
Understanding Operations Master Roles
Using the Active Directory Recycle Bin
Preparing Schema for the Recycle Bin
Recovering Deleted Objects
Using Ldp.exe for Basic Recovery
Using Windows PowerShell for Basic and Advanced Recovery
Using the Enhanced Recycle Bin for Recovery
7. Core Active Directory Administration
Tools for Managing Active Directory
Active Directory Administration Tools
Active Directory Command-Line Tools
Active Directory Support Tools
Using Active Directory Users And Computers
Active Directory Administrative Center and Windows PowerShell
Managing Computer Accounts
Creating Computer Accounts on a Workstation or Server
Creating Computer Accounts in Active Directory Administrative Center
Creating Computer Accounts in Active Directory Users And Computers
Viewing and Editing Computer Account Properties
Deleting, Disabling, and Enabling Computer Accounts
Resetting Locked Computer Accounts
Moving Computer Accounts
Managing Computers
Joining a Computer to a Domain or Workgroup
Using Offline Domain Join
Managing Domain Controllers, Roles, and Catalogs
Installing and Demoting Domain Controllers
Viewing and Transferring Domainwide Roles
Viewing and Transferring the Domain Naming Master Role
Viewing and Transferring Schema Master Roles
Transferring Roles Using the Command Line
Seizing Roles Using the Command Line
Configuring Global Catalogs
Configuring Universal Group Membership Caching
Managing Organizational Units
Creating Organizational Units
Viewing and Editing Organizational Unit Properties
Renaming and Deleting Organizational Units
Moving Organizational Units
Managing Sites
Creating Sites
Creating Subnets
Associating Domain Controllers with Sites
Configuring Site Links
Configuring Site Link Bridges
Maintaining Active Directory
Using ADSI Edit
Examining Intersite Topology
Troubleshooting Active Directory
8. Creating User and Group Accounts
The Windows Server Security Model
Authentication Protocols
Access Controls
Claims-Based Access Controls
Central Access Policies
Differences Between User and Group Accounts
User Accounts
Logon Names, Passwords, and Public Certificates
Security Identifiers and User Accounts
Group Accounts
Group Types
Group Scope
Security Identifiers and Group Accounts
When to Use Domain Local, Global, and Universal Groups
Default User Accounts and Groups
Built-in User Accounts
Predefined User Accounts
The Administrator Account
The Guest Account
Built-in and Predefined Groups
Implicit Groups and Special Identities
Account Capabilities
Privileges
Logon Rights
Built-in Capabilities for Groups in Active Directory
Using Default Group Accounts
Groups Used by Administrators
Implicit Groups and Identities
User Account Setup and Organization
Account Naming Policies
Rules for Display Names
Rules for Logon Names
Naming Schemes
Password and Account Policies
Using Secure Passwords
Setting Account Policies
Configuring Account Policies
Configuring Password Policies
Enforce Password History
Maximum Password Age
Minimum Password Age
Minimum Password Length
Passwords Must Meet Complexity Requirements
Store Password Using Reversible Encryption For All Users
Configuring Account Lockout Policies
Account Lockout Threshold
Account Lockout Duration
Reset Account Lockout Counter After
Configuring Kerberos Policies
Enforce User Logon Restrictions
Maximum Lifetime
Maximum Tolerance
Configuring User Rights Policies
Configuring Global User Rights
Configuring Local User Rights
Adding a User Account
Creating Domain User Accounts
Creating Local User Accounts
Adding a Group Account
Creating a Global Group
Creating a Local Group and Assigning Members
Handling Global Group Membership
Managing Individual Membership
Managing Multiple Memberships in a Group
Setting the Primary Group for Users and Computers
Implementing Managed Accounts
Creating and Using Managed Service Accounts
Configuring Services to Use Managed Service Accounts
Removing Managed Service Accounts
Moving Managed Service Accounts
Using Virtual Accounts
9. Managing User and Group Accounts
Managing User Contact Information
Setting Contact Information
Searching for Users and Groups in Active Directory
Configuring the User’s Environment Settings
System Environment Variables
Logon Scripts
Assigning Home Directories
Setting Account Options and Restrictions
Managing Logon Hours
Configuring Logon Hours
Enforcing Logon Hours
Setting Permitted Logon Workstations
Setting Dial-in and VPN Privileges
Setting Account Security Options
Managing User Profiles
Local, Roaming, and Mandatory Profiles
Working with Roaming and Mandatory Profiles
Restricting Roaming Profiles
Creating Local Profiles
Creating Roaming Profiles
Creating Mandatory Profiles
Using the System Utility to Manage Local Profiles
Creating a Profile by Hand
Copying an Existing Profile to a New User Account
Copying or Restoring a Profile
Deleting a Local Profile and Assigning a New One
Changing the Profile Type
Updating User and Group Accounts
Renaming User and Group Accounts
Copying Domain User Accounts
Importing and Exporting Accounts
Deleting User and Group Accounts
Changing and Resetting Passwords
Enabling User Accounts
Account Disabled
Account Locked Out
Account Expired
Managing Multiple User Accounts
Setting Profiles for Multiple Accounts
Setting Logon Hours for Multiple Accounts
Setting Permitted Logon Workstations for Multiple Accounts
Setting Logon, Password, and Expiration Properties for Multiple Accounts
Troubleshooting Logon Problems
Viewing and Setting Active Directory Permissions
III. Windows Server 2012 Data Administration
10. Managing File Systems and Drives
Managing the File Services Role
Adding Hard Disk Drives
Physical Drives
Preparing a Physical Drive for Use
Using Disk Management
Removable Storage Devices
Installing and Checking for a New Drive
Understanding Drive Status
Working with Basic, Dynamic, and Virtual Disks
Using Basic and Dynamic Disks
Special Considerations for Basic and Dynamic Disks
Changing Drive Types
Converting a Basic Disk to a Dynamic Disk
Changing a Dynamic Disk Back to a Basic Disk
Reactivating Dynamic Disks
Rescanning Disks
Moving a Dynamic Disk to a New System
Managing Virtual Hard Disks
Using Basic Disks and Partitions
Partitioning Basics
Creating Partitions and Simple Volumes
Formatting Partitions
Compressing Drives and Data
Compressing Drives
Compressing Directories and Files
Expanding Compressed Drives
Expanding Compressed Directories and Files
Encrypting Drives and Data
Understanding Encryption and the Encrypting File System
Encrypting Directories and Files
Working with Encrypted Files and Folders
Configuring Recovery Policy
Decrypting Files and Directories
11. Configuring Volumes and RAID Arrays
Using Volumes and Volume Sets
Understanding Volume Basics
Understanding Volume Sets
Creating Volumes and Volume Sets
Deleting Volumes and Volume Sets
Managing Volumes
Improving Performance and Fault Tolerance with RAID
Implementing RAID on Windows Server 2012
Implementing RAID-0: Disk Striping
Implementing RAID-1: Disk Mirroring
Creating a Mirror Set in Disk Management
Mirroring an Existing Volume
Implementing RAID-5: Disk Striping with Parity
Creating a Striped Set with Parity in Disk Management
Managing RAID and Recovering from Failures
Breaking a Mirrored Set
Resynchronizing and Repairing a Mirrored Set
Repairing a Mirrored System Volume to Enable Boot
Removing a Mirrored Set
Repairing a Striped Set Without Parity
Regenerating a Striped Set with Parity
Standards-Based Storage Management
Getting Started with Standards-Based Storage
Working with Standards-Based Storage
Creating Storage Pools and Allocating Space
Creating a Storage Space
Creating a Virtual Disk in a Storage Space
Creating a Standard Volume
Managing Existing Partitions and Drives
Assigning Drive Letters and Paths
Changing or Deleting the Volume Label
Deleting Partitions and Drives
Converting a Volume to NTFS
The Convert Utility Syntax
Using the Convert Utility
Resizing Partitions and Volumes
Repairing Disk Errors and Inconsistencies Automatically
Checking Disks Manually
Running Check Disk Interactively
Analyzing and Optimizing Disks
12. Data Sharing, Security, and Auditing
Using and Enabling File Sharing
Configuring Standard File Sharing
Viewing Existing Shares
Creating Shared Folders in Computer Management
Creating Shared Folders in Server Manager
Changing Shared Folder Settings
Managing Share Permissions
Various Share Permissions
Viewing and Configuring Share Permissions
Managing Existing Shares
Understanding Special Shares
Connecting to Special Shares
Viewing User and Computer Sessions
Managing Sessions and Shares
Ending Individual Sessions
Ending All Sessions
Managing Open Resources
Closing an Open File
Closing All Open Files
Stopping File and Folder Sharing
Configuring NFS Sharing
Using Shadow Copies
Understanding Shadow Copies
Creating Shadow Copies
Restoring a Shadow Copy
Reverting an Entire Volume to a Previous Shadow Copy
Deleting Shadow Copies
Disabling Shadow Copies
Connecting to Network Drives
Mapping a Network Drive
Disconnecting a Network Drive
Object Management, Ownership, and Inheritance
Objects and Object Managers
Object Ownership and Transfer
Object Inheritance
File and Folder Permissions
Understanding File and Folder Permissions
Setting Basic File and Folder Permissions
Setting Special Permissions on Files and Folders
Setting Claims-Based Permissions
Auditing System Resources
Setting Auditing Policies
Auditing Files and Folders
Auditing the Registry
Auditing Active Directory Objects
Using, Configuring, and Managing NTFS Disk Quotas
Understanding NTFS Disk Quotas and How NTFS Quotas Are Used
Setting NTFS Disk Quota Policies
Enabling NTFS Disk Quotas on NTFS Volumes
Viewing Disk Quota Entries
Creating Disk Quota Entries
Deleting Disk Quota Entries
Exporting and Importing NTFS Disk Quota Settings
Disabling NTFS Disk Quotas
Using, Configuring, and Managing Resource Manager Disk Quotas
Understanding Resource Manager Disk Quotas
Managing Disk Quota Templates
Creating Resource Manager Disk Quotas
13. Data Backup and Recovery
Creating a Backup and Recovery Plan
Figuring Out a Backup Plan
The Basic Types of Backup
Differential and Incremental Backups
Selecting Backup Devices and Media
Common Backup Solutions
Buying and Using Backup Media
Selecting a Backup Utility
Backing Up Your Data: The Essentials
Installing the Windows Backup and Recovery Utilities
Getting Started with Windows Server Backup
Getting Started with the Backup Command-Line Utility
Working with Wbadmin Commands
Using General-Purpose Commands
Using Backup Management Commands
Using Recovery Management Commands
Performing Server Backups
Configuring Scheduled Backups
Modifying or Stopping Scheduled Backups
Creating and Scheduling Backups with Wbadmin
Running Manual Backups
Recovering Your Server from Hardware or Startup Failure
Recovering from a Failed Start
Starting a Server in Safe Mode
Backing Up and Restoring the System State
Restoring Active Directory
Restoring the Operating System and the Full System
Restoring Applications, Nonsystem Volumes, and Files and Folders
Managing Encryption Recovery Policy
Understanding Encryption Certificates and Recovery Policy
Configuring the EFS Recovery Policy
Backing Up and Restoring Encrypted Data and Certificates
Backing Up Encryption Certificates
Restoring Encryption Certificates
IV. Windows Server 2012 Network Administration
14. Managing TCP/IP Networking
Navigating Networking in Windows Server 2012
Managing Networking in Windows 8 and Windows Server 2012
Installing TCP/IP Networking
Configuring TCP/IP Networking
Configuring Static IP Addresses
Using the ping Command to Check an Address
Configuring a Static IPv4 or IPv6 Address
Configuring Dynamic IP Addresses and Alternate IP Addressing
Configuring Multiple Gateways
Configuring Networking for Hyper-V
Managing Network Connections
Checking the Status, Speed, and Activity for Network Connections
Enabling and Disabling Network Connections
Renaming Network Connections
15. Running DHCP Clients and Servers
Understanding DHCP
Using Dynamic IPv4 Addressing and Configuration
Using Dynamic IPv6 Addressing and Configuration
Checking IP Address Assignment
Understanding Scopes
Installing a DHCP Server
Installing DHCP Components
Starting and Using the DHCP Console
Connecting to Remote DHCP Servers
Starting and Stopping a DHCP Server
Authorizing a DHCP Server in Active Directory
Configuring DHCP Servers
Configuring Server Bindings
Updating DHCP Statistics
DHCP Auditing and Troubleshooting
Integrating DHCP and DNS
Integrating DHCP and NAP
Avoiding IP Address Conflicts
Saving and Restoring the DHCP Configuration
Managing DHCP Scopes
Creating and Managing Superscopes
Creating Superscopes
Adding Scopes to a Superscope
Removing Scopes from a Superscope
Activating and Deactivating a Superscope
Deleting a Superscope
Creating and Managing Scopes
Creating Normal Scopes for IPv4 Addresses
Creating Normal Scopes for IPv6 Addresses
Creating Multicast Scopes
Setting Scope Options
Viewing and Assigning Server Options
Viewing and Assigning Scope Options
Viewing and Assigning Reservation Options
Modifying Scopes
Activating and Deactivating Scopes
Enabling the Bootstrap Protocol
Removing a Scope
Configuring Multiple Scopes on a Network
Creating and Managing Failover Scopes
Creating Failover Scopes
Modifying or Removing Failover Scopes
Managing the Address Pool, Leases, and Reservations
Viewing Scope Statistics
Enabling and Configuring MAC Address Filtering
Setting a New Exclusion Range
Reserving DHCP Addresses
Releasing Addresses and Leases
Modifying Reservation Properties
Deleting Leases and Reservations
Backing Up and Restoring the DHCP Database
Backing Up the DHCP Database
Restoring the DHCP Database from Backup
Using Backup and Restore to Move the DHCP Database to a New Server
Forcing the DHCP Server Service to Regenerate the DHCP Database
Reconciling Leases and Reservations
16. Optimizing DNS
Understanding DNS
Integrating Active Directory and DNS
Enabling DNS on the Network
Configuring Name Resolution on DNS Clients
Installing DNS Servers
Installing and Configuring the DNS Server Service
Configuring a Primary DNS Server
Configuring a Secondary DNS Server
Configuring Reverse Lookups
Configuring Global Names
Managing DNS Servers
Adding and Removing Servers to Manage
Starting and Stopping a DNS Server
Using DNSSEC and Signing Zones
Creating Child Domains Within Zones
Creating Child Domains in Separate Zones
Deleting a Domain or Subnet
Managing DNS Records
Adding Address and Pointer Records
Adding a PTR Record Later
Adding DNS Aliases with CNAME
Adding Mail Exchange Servers
Adding Name Servers
Viewing and Updating DNS Records
Updating Zone Properties and the SOA Record
Modifying the SOA Record
Allowing and Restricting Zone Transfers
Notifying Secondaries of Changes
Setting the Zone Type
Enabling and Disabling Dynamic Updates
Managing DNS Server Configuration and Security
Enabling and Disabling IP Addresses for a DNS Server
Controlling Access to DNS Servers Outside the Organization
Creating Nonforwarding and Forwarding-Only Servers
Creating Forwarding Servers
Configuring Conditional Forwarding
Enabling and Disabling Event Logging
Using Debug Logging to Track DNS Activity
Monitoring a DNS Server
Index
About the Author
Copyright
← Prev
Back
Next →
← Prev
Back
Next →