Hands-On Microsoft Windows Server 2019, Third Edition
By Jason W. Eckert
Table of Contents:
INTRODUCTION……………………………………………………………………………… xvii
MODULE 1
Getting Started with Windows Server 2019……………………… 1
USING WINDOWS SERVER 2019 WITHIN AN ORGANIZATION……………………. 2
Understanding Windows Server Virtualization…………………………………………… 3
Understanding Windows Containers………………………………………………………… 8
WINDOWS SERVER 2019 FEATURES………………………………………………………… 10
Active Directory…………………………………………………………………………………… 11
Security………………………………………………………………………………………………. 12
Volume and Filesystem Features…………………………………………………………….. 13
Performance and Reliability…………………………………………………………………… 14
Administration Tools…………………………………………………………………………….. 16
Small Footprint Installation Options……………………………………………………….. 21
Hybrid Cloud Features………………………………………………………………………….. 23
Linux Application Support…………………………………………………………………….. 24
WINDOWS SERVER 2019 EDITIONS………………………………………………………… 24
Windows Server 2019 Essentials Edition…………………………………………………. 24
Windows Server 2019 Standard Edition………………………………………………….. 26
Windows Server 2019 Datacenter Edition……………………………………………….. 26
Windows Storage Server 2019……………………………………………………………….. 27
Microsoft Hyper-V Server 2019………………………………………………………………. 27
PREPARING FOR A WINDOWS SERVER 2019 INSTALLATION…………………….. 27
INSTALLING WINDOWS SERVER 2019…………………………………………………….. 30
Obtaining Installation Media………………………………………………………………….. 30
Starting the Installation Process……………………………………………………………… 31
Completing the Installation Process………………………………………………………… 32
POST-INSTALLATION CONFIGURATION…………………………………………………… 39
Setting the Correct Time and Time Zone…………………………………………………. 40
Configuring the Network………………………………………………………………………. 40
Configuring the Firewall……………………………………………………………………….. 48
Changing the Default Computer Name and Domain Membership………………. 49
Installing a Modern Web Browser…………………………………………………………… 51
Activating the Windows Server Operating System……………………………………. 51
SELECTING A WINDOWS SERVER 2019 LAB ENVIRONMENT……………………. 52
MODULE SUMMARY………………………………………………………………………………. 53
KEY TERMS……………………………………………………………………………………………. 54
REVIEW QUESTIONS………………………………………………………………………………. 55
HANDS-ON PROJECTS……………………………………………………………………………. 57
Project 1-1: Lab Environment 1……………………………………………………………… 57
Project 1-2: Lab Environment 2……………………………………………………………… 58
Project 1-3: Post-Installation Tasks………………………………………………………….. 61
Discovery Exercises………………………………………………………………………………. 63
MODULE 2
Configuring Windows Server 2019…………………………………. 65
WORKING WITH SERVER MANAGER……………………………………………………….. 66
Adding Roles and Features Using Server Manager……………………………………. 73
Using the BPA to Verify Server Roles………………………………………………………. 77
WORKING WITH THE WINDOWS ADMIN CENTER……………………………………. 78
Installing the Windows Admin Center…………………………………………………….. 79
Using the Windows Admin Center…………………………………………………………. 81
CONFIGURING SERVER HARDWARE DEVICES………………………………………….. 84
Adding Hardware Using Control Panel……………………………………………………. 85
Using Device Manager………………………………………………………………………….. 87
VERIFYING SYSTEM FILES……………………………………………………………………….. 89
CONFIGURING WINDOWS SETTINGS……………………………………………………… 91
Configuring Performance Options………………………………………………………….. 91
Configuring Environment Variables………………………………………………………… 98
Configuring Startup and Recovery………………………………………………………….. 98
Configuring Power Options……………………………………………………………………. 99
THE WINDOWS REGISTRY…………………………………………………………………….. 102
Windows Registry Contents…………………………………………………………………. 103
USING WINDOWS POWERSHELL………………………………………………………….. 105
Working with Windows PowerShell……………………………………………………… 105
System Administration Commands………………………………………………………. 114
Using WMI within Windows PowerShell……………………………………………….. 117
Creating PowerShell Scripts…………………………………………………………………. 119
MODULE SUMMARY…………………………………………………………………………….. 131
KEY TERMS………………………………………………………………………………………….. 132
REVIEW QUESTIONS…………………………………………………………………………….. 133
HANDS-ON PROJECTS………………………………………………………………………….. 135
Project 2-1: Server Manager………………………………………………………………… 135
Project 2-2: Windows Admin Center…………………………………………………….. 137
Project 2-3: Configuration Utilities……………………………………………………….. 138
Project 2-4: Cmdlets……………………………………………………………………………. 139
Project 2-5: Cmdlet Output………………………………………………………………….. 140
Project 2-6: PowerShell Providers…………………………………………………………. 141
Project 2-7: WMI………………………………………………………………………………… 143
Project 2-8: PowerShell Customization………………………………………………….. 144
Project 2-9: PowerShell Scripting………………………………………………………….. 145
Discovery Exercises…………………………………………………………………………….. 146
MODULE 3
Implementing Hyper-V and Rapid Server Deployment…. 149
IMPLEMENTING HYPER-V…………………………………………………………………….. 150
Installing Hyper-V………………………………………………………………………………. 150
Understanding Virtual Networks…………………………………………………………… 155
Creating Virtual Machines……………………………………………………………………. 160
Configuring Virtual Machines………………………………………………………………. 167
Working with Virtual Machines……………………………………………………………. 177
Managing Hyper-V Features………………………………………………………………… 179
RAPID SERVER DEPLOYMENT……………………………………………………………….. 185
Using Virtual Machine Templates………………………………………………………….. 185
Using Windows Deployment Services……………………………………………………. 191
MODULE SUMMARY…………………………………………………………………………….. 200
KEY TERMS………………………………………………………………………………………….. 201
REVIEW QUESTIONS…………………………………………………………………………….. 202
HANDS-ON PROJECTS………………………………………………………………………….. 204
Project 3-1: Hyper-V Installation…………………………………………………………… 204
Project 3-2: Virtual Switches………………………………………………………………… 205
Project 3-3: WDS Configuration…………………………………………………………… 206
Project 3-4: WDS Deployment……………………………………………………………… 208
Project 3-5: Templates…………………………………………………………………………. 209
Project 3-6: Checkpoints……………………………………………………………………… 210
Project 3-7: Virtual Machine Settings…………………………………………………….. 212
Discovery Exercises…………………………………………………………………………….. 214
MODULE 4
Introduction to Active Directory and Account
Management………………………………………………………………. 217
WORKING WITH LOCAL USERS AND GROUPS……………………………………….. 218
ACTIVE DIRECTORY BASICS…………………………………………………………………… 223
Active Directory Objects………………………………………………………………………. 225
Active Directory Forests, Trees, and Trusts……………………………………………… 227
Active Directory Groups………………………………………………………………………. 230
Domain and Forest Functional Levels……………………………………………………. 232
Sites and Active Directory Replication…………………………………………………… 234
Global Catalog……………………………………………………………………………………. 237
FSMO Roles……………………………………………………………………………………….. 238
Azure Active Directory………………………………………………………………………… 240
INSTALLING ACTIVE DIRECTORY…………………………………………………………… 241
Installing a Forest Root Domain……………………………………………………………. 242
Installing a Domain within an Existing Forest………………………………………… 247
Installing a Domain Controller within an Existing Domain……………………… 249
CONFIGURING ACTIVE DIRECTORY………………………………………………………. 251
Raising Functional Levels…………………………………………………………………….. 251
Creating Trust Relationships………………………………………………………………… 253
Managing FSMO Roles………………………………………………………………………… 257
Configuring Sites and Replication…………………………………………………………. 257
Configuring Global Catalog and UGMC…………………………………………………. 263
MANAGING ACTIVE DIRECTORY OBJECTS……………………………………………… 265
Working with Organizational Units………………………………………………………. 265
Working with User Objects………………………………………………………………….. 267
Working with Group Objects……………………………………………………………….. 271
Working with Computer Objects………………………………………………………….. 273
Using the Active Directory Administrative Center…………………………………… 274
READ-ONLY DOMAIN CONTROLLERS……………………………………………………. 275
MODULE SUMMARY…………………………………………………………………………….. 277
KEY TERMS………………………………………………………………………………………….. 279
REVIEW QUESTIONS…………………………………………………………………………….. 280
HANDS-ON PROJECTS………………………………………………………………………….. 281
Project 4-1: Cleanup……………………………………………………………………………. 282
Project 4-2: Active Directory Installation……………………………………………….. 282
Project 4-3: Functional Levels………………………………………………………………. 284
Project 4-4: Trusts……………………………………………………………………………….. 284
Project 4-5: Sites…………………………………………………………………………………. 286
Project 4-6: Global Catalog…………………………………………………………………… 287
Project 4-7: Objects…………………………………………………………………………….. 287
Project 4-8: Active Directory Admin Center…………………………………………… 290
Project 4-9: RODCs…………………………………………………………………………….. 290
Discovery Exercises…………………………………………………………………………….. 292
MODULE 5
Configuring Resource Access……………………………………….. 295
CONFIGURING FOLDER AND FILE ATTRIBUTES……………………………………… 296
Working with Basic Attributes……………………………………………………………… 296
Working with Advanced Attributes………………………………………………………. 298
MANAGING FOLDER AND FILE SECURITY……………………………………………… 303
Configuring Folder and File Permissions……………………………………………….. 303
Configuring Folder and File Ownership…………………………………………………. 309
Troubleshooting Folder and File Permissions……………………………………………310
Configuring Folder and File Auditing……………………………………………………. 311
CONFIGURING SHARED FOLDERS………………………………………………………… 314
Sharing Folders Using SMB………………………………………………………………….. 314
Sharing Folders Using NFS…………………………………………………………………… 324
Publishing a Shared Folder in Active Directory………………………………………. 330
IMPLEMENTING DISTRIBUTED FILE SYSTEM…………………………………………. 332
Configuring DFS Namespaces………………………………………………………………. 332
Configuring DFS Replication………………………………………………………………… 337
IMPLEMENTING QUOTAS AND FILE SCREENS………………………………………… 341
Configuring User Quotas……………………………………………………………………… 342
Configuring Folder Quotas…………………………………………………………………… 343
Configuring File Screens……………………………………………………………………….345
MODULE SUMMARY…………………………………………………………………………….. 347
KEY TERMS………………………………………………………………………………………….. 347
REVIEW QUESTIONS…………………………………………………………………………….. 348
HANDS-ON PROJECTS………………………………………………………………………….. 350
Project 5-1: Host Setup………………………………………………………………………… 351
Project 5-2: Member Server Setup………………………………………………………….351
Project 5-3: Permissions………………………………………………………………………. 353
Project 5-4: Auditing…………………………………………………………………………… 355
Project 5-5: Attributes…………………………………………………………………………. 356
Project 5-6: Sharing Folders…………………………………………………………………. 358
Project 5-7: DFS…………………………………………………………………………………. 360
Project 5-8: Quotas and File Screens……………………………………………………… 362
Discovery Exercises…………………………………………………………………………….. 364
Configuring Printing……………………………………………………. 367
WINDOWS PRINTING BASICS……………………………………………………………….. 368
The Printing Process……………………………………………………………………………. 369
Printing to a Shared Printer…………………………………………………………………. 371
The Printing Process for a Shared Printer………………………………………………. 375
CONFIGURING A WINDOWS SERVER 2019 PRINT SERVER……………………… 375
Installing Print and Document Services…………………………………………………. 376
Configuring a Print Server…………………………………………………………………… 377
Adding Printers to a Print Server………………………………………………………….. 383
Configuring Printer Properties……………………………………………………………… 386
Using Group Policy to Deploy Shared Printers………………………………………… 397
Configuring Branch Office Direct Printing……………………………………………… 398
MANAGING PRINT JOBS………………………………………………………………………. 398
MONITORING AND TROUBLESHOOTING PRINTERS……………………………… 402
MODULE SUMMARY…………………………………………………………………………….. 407
KEY TERMS………………………………………………………………………………………….. 408
REVIEW QUESTIONS…………………………………………………………………………….. 409
HANDS-ON PROJECTS………………………………………………………………………….. 411
Project 6-1: Enhanced Session Mode Removal……………………………………….. 411
Project 6-2: Print Server Installation……………………………………………………… 411
Project 6-3: Print Server Configuration………………………………………………….. 412
Project 6-4: Printer Properties………………………………………………………………. 413
Project 6-5: Adding Shared Printers………………………………………………………. 415
Project 6-6: Print Job Management………………………………………………………. 416
Project 6-7: Printer Troubleshooting……………………………………………………… 417
Discovery Exercises…………………………………………………………………………….. 418
MODULE 7
Configuring and Managing Data Storage……………………… 421
WINDOWS SERVER 2019 LOCAL STORAGE OPTIONS……………………………… 421
Storage Devices………………………………………………………………………………….. 422
Partitions, Filesystems, and Volumes…………………………………………………….. 422
Partition Types and Strategies………………………………………………………………. 424
RAID Types and Strategies…………………………………………………………………… 427
CREATING AND MANAGING LOCAL VOLUMES………………………………………. 431
Using Disk Management……………………………………………………………………….431
Using Server Manager…………………………………………………………………………. 440
Using Storage Spaces Direct…………………………………………………………………. 454
ACCESSING AND CONFIGURING SAN STORAGE…………………………………….. 455
Connecting Windows Server 2019 to an iSCSI SAN Device……………………… 456
Connecting Windows Server 2019 to a Fibre Channel SAN Device…………… 459
Using MPIO to Connect to Multiple SAN Devices…………………………………… 460
Configuring Windows Server 2019 as an iSCSI SAN Device…………………….. 462
MANAGING VOLUME DATA………………………………………………………………….. 468
Enabling Data Deduplication……………………………………………………………….. 468
Optimizing Volumes……………………………………………………………………………. 470
Repairing Volumes……………………………………………………………………………… 472
Backing Up and Restoring Data……………………………………………………………. 475
MODULE SUMMARY…………………………………………………………………………….. 484
KEY TERMS………………………………………………………………………………………….. 485
REVIEW QUESTIONS…………………………………………………………………………….. 486
HANDS-ON PROJECTS………………………………………………………………………….. 488
Project 7-1: Adding Storage Devices……………………………………………………… 488
Project 7-2: Disk Management (Simple Volumes)…………………………………… 490
Project 7-3: Disk Management (RAID)………………………………………………….. 493
Project 7-4: Server Manager and Storage Spaces…………………………………….. 495
Project 7-5: iSCSI Target Server……………………………………………………………. 497
Project 7-6: Managing Volume Data……………………………………………………… 499
Project 7-7: Backup and Restore…………………………………………………………… 501
Discovery Exercises…………………………………………………………………………….. 502
MODULE 8
Configuring and Managing Network Services………………. 505
UNDERSTANDING DNS………………………………………………………………………… 506
The DNS Lookup Process…………………………………………………………………….. 506
Authoritative DNS Server Types…………………………………………………………… 509
Accessing DNS Servers in Other Organizations………………………………………. 510
Resource Records……………………………………………………………………………….. 510
CONFIGURING A DNS SERVER………………………………………………………………. 512
Configuring Primary Zones………………………………………………………………….. 514
Creating Secondary Zones……………………………………………………………………. 529
Creating Stub Zones……………………………………………………………………………. 529
Configuring Conditional Forwarders…………………………………………………….. 530
Configuring Default Forwarders…………………………………………………………… 531
TROUBLESHOOTING DNS…………………………………………………………………….. 532
Using nslookup…………………………………………………………………………………… 533
Using DNS Manager……………………………………………………………………………. 535
Using Log Files…………………………………………………………………………………… 536
CONFIGURING WINS……………………………………………………………………………. 537
Using WINS for NetBIOS Name Resolution……………………………………………. 538
Configuring a WINS Server………………………………………………………………….. 540
UNDERSTANDING DHCP………………………………………………………………………. 542
The DHCP Lease Process……………………………………………………………………… 543
DHCP Relay……………………………………………………………………………………….. 544
CONFIGURING A DHCP SERVER……………………………………………………………. 545
Creating a New Scope…………………………………………………………………………. 547
Configuring Scopes…………………………………………………………………………….. 553
Configuring Filters……………………………………………………………………………… 557
Configuring DHCP Fault Tolerance……………………………………………………….. 557
TROUBLESHOOTING DHCP………………………………………………………………….. 559
MODULE SUMMARY…………………………………………………………………………….. 561
KEY TERMS………………………………………………………………………………………….. 561
REVIEW QUESTIONS…………………………………………………………………………….. 562
HANDS-ON PROJECTS………………………………………………………………………….. 564
Project 8-1: Configuring DNS Zones……………………………………………………… 564
Project 8-2: DNS Zone Properties and Resource Records………………………….. 566
Project 8-3: Configuring DNS Secondary Zones………………………………………. 568
Project 8-4: Installing and Configuring WINS…………………………………………. 569
Project 8-5: Installing and Configuring DHCP………………………………………… 570
Project 8-6: DHCP Testing and Fault Tolerance……………………………………….. 572
Discovery Exercises…………………………………………………………………………….. 574
MODULE 9
Configuring and Managing Remote Access Services…….. 577
UNDERSTANDING ORGANIZATION NETWORKS AND REMOTE ACCESS….. 578
UNDERSTANDING VPNs……………………………………………………………………….. 583
Using VPNs for Remote Access……………………………………………………………… 583
Using VPNs to Protect Network Traffic…………………………………………………… 585
VPN Protocols…………………………………………………………………………………….. 587
VPN Authentication……………………………………………………………………………. 588
Using RADIUS……………………………………………………………………………………. 589
IMPLEMENTING VPNs………………………………………………………………………….. 590
Configuring a Remote Access Server…………………………………………………….. 591
Configuring RADIUS…………………………………………………………………………… 601
Connecting to a VPN Server…………………………………………………………………. 610
Creating a Demand-Dial Interface………………………………………………………… 612
UNDERSTANDING DIRECTACCESS…………………………………………………………. 616
IMPLEMENTING DIRECTACCESS……………………………………………………………. 617
UNDERSTANDING REMOTE DESKTOP…………………………………………………… 622
IMPLEMENTING REMOTE DESKTOP SERVICES………………………………………. 625
Installing Remote Desktop Services………………………………………………………. 625
Configuring Remote Desktop Services…………………………………………………… 630
Configuring Collections……………………………………………………………………….. 633
Connecting to Remote Desktop Services……………………………………………….. 637
MODULE SUMMARY…………………………………………………………………………….. 637
KEY TERMS………………………………………………………………………………………….. 638
REVIEW QUESTIONS…………………………………………………………………………….. 639
HANDS-ON PROJECTS………………………………………………………………………….. 640
Project 9-1: Cleanup Tasks…………………………………………………………………… 641
Project 9-2: Configuring a VPN Server…………………………………………………… 642
Project 9-3: Connecting to a VPN………………………………………………………….. 643
Project 9-4: RADIUS……………………………………………………………………………. 645
Project 9-5: DirectAccess……………………………………………………………………… 647
Project 9-6: Remote Desktop Services……………………………………………………. 649
Project 9-7: Remote Desktop Connection………………………………………………. 651
Discovery Exercises…………………………………………………………………………….. 653
MODULE 10
Configuring Web Services and Cloud Technologies………. 655
UNDERSTANDING THE CLOUD…………………………………………………………….. 656
Defining the Cloud……………………………………………………………………………… 656
Cloud Types……………………………………………………………………………………….. 658
Cloud Delivery Models………………………………………………………………………… 659
Cloud Storage…………………………………………………………………………………….. 661
Understanding Continuous Deployment……………………………………………….. 662
CONFIGURING WEB SERVICES……………………………………………………………… 663
Installing IIS………………………………………………………………………………………. 664
Configuring IIS…………………………………………………………………………………… 666
CONFIGURING CONTAINERS………………………………………………………………… 670
Installing Docker………………………………………………………………………………… 671
Obtaining Container Images………………………………………………………………… 672
Running Containers……………………………………………………………………………. 675
Running Hyper-V Containers……………………………………………………………….. 678
Common Docker Commands……………………………………………………………….. 679
CONFIGURING THE WINDOWS SUBSYSTEM FOR LINUX………………………… 681
Installing and Using WSL…………………………………………………………………….. 682
Hosting Web Services using WSL………………………………………………………….. 684
CONFIGURING LINUX CONTAINERS ON WINDOWS………………………………. 685
IMPLEMENTING WINDOWS SERVER 2019 IN A CLOUD ENVIRONMENT…. 687
Hosting Web Apps in a Public Cloud……………………………………………………… 687
Hosting Web Apps in a Private Cloud……………………………………………………. 689
MODULE SUMMARY…………………………………………………………………………….. 690
KEY TERMS………………………………………………………………………………………….. 691
REVIEW QUESTIONS…………………………………………………………………………….. 691
HANDS-ON PROJECTS………………………………………………………………………….. 693
Project 10-1: Configuring IIS……………………………………………………………….. 693
Project 10-2: Windows Containers………………………………………………………… 696
Project 10-3: WSL………………………………………………………………………………. 698
Project 10-4: Linux Containers on Windows………………………………………….. 700
Project 10-5: Nano Server……………………………………………………………………. 702
Discovery Exercises…………………………………………………………………………….. 702
MODULE 11
Managing and Securing Windows Networks………………… 705
CONFIGURING GROUP POLICY…………………………………………………………….. 706
Configuring GPOs………………………………………………………………………………. 708
Configuring GPO Settings……………………………………………………………………. 710
Managing GPOs………………………………………………………………………………….. 721
DEPLOYING PUBLIC KEY CERTIFICATES…………………………………………………. 723
Understanding Public Key Certificates…………………………………………………… 723
Installing an Enterprise CA………………………………………………………………….. 728
Configuring an Enterprise CA for Certificate Enrollment…………………………. 729
Enrolling for Certificates……………………………………………………………………… 735
IMPLEMENTING 802.1X WIRELESS………………………………………………………… 740
Configuring RADIUS for 802.1X Wireless………………………………………………. 742
Configuring a WAP for 802.1X Wireless………………………………………………… 745
CONFIGURING WINDOWS SERVER UPDATE SERVICES…………………………… 746
Installing WSUS…………………………………………………………………………………. 747
Configuring WSUS……………………………………………………………………………… 749
Configuring a WSUS GPO……………………………………………………………………. 754
CONFIGURING WINDOWS DEFENDER………………………………………………….. 756
Configuring Windows Defender Features………………………………………………. 756
Configuring Windows Defender Firewall with Advanced Security……………. 758
MODULE SUMMARY…………………………………………………………………………….. 765
KEY TERMS………………………………………………………………………………………….. 765
REVIEW QUESTIONS…………………………………………………………………………….. 766
HANDS-ON PROJECTS………………………………………………………………………….. 768
Project 11-1: Configuring Group Policy…………………………………………………. 768
Project 11-2: Configuring Active Directory Certificate Services…………………. 772
Project 11-3: Configuring 802.1X Wireless…………………………………………….. 775
Project 11-4: Configuring WSUS…………………………………………………………… 776
Project 11-5: Configuring Windows Defender………………………………………… 777
Discovery Exercises…………………………………………………………………………….. 779
MODULE 12
Monitoring and Troubleshooting Windows Server 2019….. 781
MONITORING AND TROUBLESHOOTING METHODOLOGY……………………. 782
MONITORING AND TROUBLESHOOTING TOOLS…………………………………… 784
Task Manager…………………………………………………………………………………….. 785
Resource Monitor……………………………………………………………………………….. 792
Performance Monitor………………………………………………………………………….. 793
Data Collector Sets……………………………………………………………………………… 798
Event Viewer……………………………………………………………………………………… 805
Reliability Monitor……………………………………………………………………………… 811
RESOLVING COMMON SYSTEM PROBLEMS………………………………………….. 812
Hardware-Related Problems…………………………………………………………………. 813
Performance-Related Problems…………………………………………………………….. 814
Software-Related Problems………………………………………………………………….. 816
Operating System-Related Problems……………………………………………………… 816
Network-Related Problems………………………………………………………………….. 817
MODULE SUMMARY…………………………………………………………………………….. 822
KEY TERMS………………………………………………………………………………………….. 823
REVIEW QUESTIONS…………………………………………………………………………….. 823
HANDS-ON PROJECTS………………………………………………………………………….. 825
Project 12-1: Monitoring Performance and Processes………………………………. 825
Project 12-2: Creating a Baseline………………………………………………………….. 827
Project 12-3: Creating Data Collector Sets……………………………………………… 828
Project 12-4: Viewing Events……………………………………………………………….. 830
Project 12-5: Testing Connectivity and Service Access…………………………….. 831
Project 12-6: Accessing Advanced Boot Options……………………………………… 832
Discovery Exercises…………………………………………………………………………….. 833
GLOSSARY………………………………………………………………………………………… 835
INDEX……………………………………………………………………………………………….. 867