Rand Morimoto, Jeffrey Shapiro, Guy Yardeni, Omar Droubi, Michael Noel, Andrew Abbate, Chris Amaris
Windows Server 2016 Unleashed
Rand Morimoto, Jeffrey Shapiro, Guy Yardeni, Omar Droubi, Michael Noel, Andrew Abbate, Chris Amaris
Windows Server 2016 Unleashed
- Broschiertes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
This is the most comprehensive and realistic guide to Windows Server 2016 planning, design, prototyping, implementation, migration, administration, and support. Extensively updated, it contains unsurpassed independent and objective coverage of Windows Server 2016's key innovations, including the cloud, containers, and Windows 10 integration. Windows Server 2016 Unleashed reflects the authors' extraordinary experience implementing Windows Server 2016 in large-scale environments since its earliest alpha releases, reaching back more than two years prior to its official launch. Microsoft MVP Rand…mehr
Andere Kunden interessierten sich auch für
- Avinash ValiramaniMicrosoft Azure Storage: The Definitive Guide32,99 €
- Troy LanphierExam Ref 70-339 Managing Microsoft SharePoint Server 201648,99 €
- Craig HuntWindows Server 2003 Network Administration42,99 €
- Windows 2000 DNS Server46,99 €
- Samara LynnWindows Server 2012: Up and Running42,99 €
- Woody LeonhardWindows Home Server for Dummies24,99 €
- Serdar YegulalpWindows Server Undocumented Solutions: Beyond the Knowledge Base41,99 €
-
-
-
This is the most comprehensive and realistic guide to Windows Server 2016 planning, design, prototyping, implementation, migration, administration, and support. Extensively updated, it contains unsurpassed independent and objective coverage of Windows Server 2016's key innovations, including the cloud, containers, and Windows 10 integration. Windows Server 2016 Unleashed reflects the authors' extraordinary experience implementing Windows Server 2016 in large-scale environments since its earliest alpha releases, reaching back more than two years prior to its official launch. Microsoft MVP Rand Morimoto and his colleagues fully address every aspect of deploying and operating Windows Server 2016, including Active Directory, networking and core application services, security, migration from Windows Server 2003/2008, administration, fault tolerance, optimization, troubleshooting, and much more.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Produktdetails
- Produktdetails
- Verlag: Pearson Education
- Seitenzahl: 1584
- Erscheinungstermin: 3. September 2017
- Englisch
- Abmessung: 232mm x 179mm x 55mm
- Gewicht: 1911g
- ISBN-13: 9780134583754
- ISBN-10: 0134583752
- Artikelnr.: 45367158
- Verlag: Pearson Education
- Seitenzahl: 1584
- Erscheinungstermin: 3. September 2017
- Englisch
- Abmessung: 232mm x 179mm x 55mm
- Gewicht: 1911g
- ISBN-13: 9780134583754
- ISBN-10: 0134583752
- Artikelnr.: 45367158
Rand Morimoto, Ph.D., MCSE, CISSP, has been in the computer industry for more than 30 years and has authored, coauthored, or been a contributing writer for dozens of books on Windows, Security, Exchange, Office 365, and Microsoft Azure. Rand is the president of Convergent Computing, an IT-consulting firm in the San Francisco Bay area that has been one of the key early adopter program partners with Microsoft. Convergent Computing implements the latest Microsoft technologies, including Microsoft Windows Server 2016, System Center 2016, Windows 10, Azure Stack, Office 365, and Azure (public) in production environments months before the initial product releases to the general public. Jeffrey Shapiro, MCSE, MCT, leads MISIQ, a technical consulting company specializing in all areas of Microsoft systems, including Windows Server, SQL Server, IIS, PKI, all aspects of .NET software development, and Microsoft’s Azure cloud services. He helps CIOs and CTOs plan, architect, and manage their network and IT operations assets. He has nearly 30 years’ experience in all aspects of information technology and has authored and co-authored more than 20 books from software engineering to IT infrastructure and computer and network systems. He began architecting Windows Client-Server systems as early as 1993 and supported numerous Windows NT networks for most of the 1990s. A prolific IT writer, he was one of the first authors to cover the advent of Active Directory in 1999, and has written extensively on Windows Server technology. His books cover Windows Server NT, and Windows Server 2000 through Windows Server 2016. Jeffrey is also a high-availability expert and has architected some of the world’s largest Windows Server networks, some of them consisting of 100s of servers and server clusters all over the world. He has consulted for some of the United States’ largest corporations, such as Blue Cross Blue Shield, Con Edison, Disney, Universal Studios, and several counties and cities across North America. He is an expert SQL Server DBA and .NET Programmer. Guy Yardeni, MCITP, CISSP, MVP, is an accomplished infrastructure architect, author, and overall geek-for-hire. Guy has been working in the IT industry for more than 16 years and has extensive experience designing, implementing, and supporting enterprise technology solutions. Guy is an expert at connecting business requirements to technology solutions and driving to successful completion the technical details of the effort while maintaining overall goals and vision. Guy maintains a widely read technical blog at www.rdpfiles.com and is a Windows MVP. Omar Droubi, MCTS, has maintained a successful career and delivered quality work as a senior Information Technology professional for more than 20 years by keeping current with the latest technological developments and trends. As a writer, he has co-authored several Sams Publishing best-selling books, including Microsoft Windows Server 2003 Unleashed through Windows Server 2012 Unleashed. Omar has also been a contributing writer and technical reviewer on several Microsoft Exchange Server books and publications. He has been deeply involved in testing, designing, and prototyping Windows 10 and Windows Server 2016 for the past few years, and has assisted organizations in getting the most out of the latest features included in these products. Michael Noel, MVP, is an internationally recognized technology expert, bestselling author, and well-known public speaker on a broad range of IT topics. He has authored more than 20 major industry books that have been translated into more than a dozen languages worldwide. In addition, Michael has presented at more than 200 technical and business conferences in more than 70 countries around the world. Currently a partner at Convergent Computing (cco.com) in the San Francisco Bay area, Michael’s writing and extensive public-speaking experience across all seven continents leverage his real-world expertise in helping organizations realize business value from Information Technology infrastructure. Andrew Abbate, MCITP, enjoys the position of principal consultant and partner at Convergent Computing. With more than 20 years of experience in IT, Andrew’s area of expertise is understanding a business’s needs and translating that to process and technologies to solve real problems. Having worked with companies from the Fortune Ten to companies of 10, Andrew has a unique perspective on IT and a grasp on “big picture” consulting. Andrew has also written eight industry books on varying technologies ranging from Windows to Security to Unified Communications. Chris Amaris, MCITP, MCTS, CISSP/ISSAP, CHS III, is the chief technology officer and cofounder of Convergent Computing. He has more than 30 years’ experience consulting for Fortune 500 companies, leading companies in the technology selection, architecture, design, and deployment of complex enterprise and hosted cloud integration projects. Chris specializes in leveraging Microsoft Azure, Windows 2016, and System Center to achieve a high degree of on-premise to cloud integration, automation, and self-service, reducing the level of effort and time-to-market for organizations while providing high levels of fault tolerance and availability. Chris is also an author, writer, and technical editor for a number of IT books, including System Center 2012 Unleashed, and conducts trainings and seminars on Azure, Windows, and System Center technologies worldwide.
Introduction 1
How This Book Is Organized 1
Part I: Windows Server 2016 Overview
Chapter 1 Windows Server 2016 Technology Primer 5
Windows Server 2016 Defined 6
When Is the Right Time to Migrate? 16
Versions of Windows Server 2016 18
Improvements for Continuous Availability 22
Enhancements for Flexible Identity and Security 25
Enabling Users to Work Anywhere 31
Simplifying the Datacenter 38
Addition of Migration Tools 48
Identifying Which Windows Server 2016 Service to Install or Migrate to
First 49
Chapter 2 Planning, Prototyping, Migrating, and Deploying Windows Server
2016 55
Determining the Scope of Your Project 56
Identifying the Business Goals and Objectives to Implement Windows
Server 56
Identifying the Technical Goals and Objectives to Implement Windows
Server 59
The Discovery Phase: Understanding the Existing Environment 65
The Design Phase: Documenting the Vision and the Plan 69
The Migration Planning Phase: Documenting the Process for Migration 73
The Prototype Phase: Creating and Testing the Plan 79
The Pilot Phase: Validating the Plan to a Limited Number of Users 81
The Migration/Implementation Phase: Conducting the Migration or
Installation 83
Chapter 3 Installing Windows Server 2016 and Server Core 89
Planning for a Server Installation 90
Installing a Clean Version of Windows Server 2016 Operating System 95
Upgrading to Windows Server 2016 104
Understanding Server Core Installation 107
Managing and Configuring a Server Core Installation 110
Performing an Unattended Windows Server 2016 Installation 118
Nano Server 118
Part II: Windows Server 2016 Active Directory
Chapter 4 Active Directory Domain Services Primer 125
The Evolution of Directory Services 126
Understanding the Development of AD DS 128
AD DS Structure 128
Outlining AD DS Components 131
Understanding Domain Trusts 136
Defining Organizational Units 137
Outlining the Role of Groups in an AD DS Environment 139
Understanding AD DS Replication 141
Outlining the Role of DNS in AD DS 143
Outlining AD DS Security 145
Getting Familiar with AD DS Features in Windows Server 2016 145
Chapter 5 Designing a Windows Server 2016 Active Directory 159
Understanding AD DS Domain Design 160
Choosing a Domain Namespace 161
Examining Domain Design Features 163
Choosing a Domain Structure 164
Understanding the Single-Domain Model 165
Understanding the Multiple-Domain Model 168
Understanding the Multiple Trees in a Single-Forest Model 170
Reviewing the Federated-Forests Model 172
Understanding the Empty-Root Domain Model 175
Understanding the Placeholder Domain Model 178
Understanding the Special-Purpose Domain Model 179
Renaming an AD DS Domain 180
Chapter 6 Designing Organizational Unit and Group Structure 185
Defining Organizational Units in AD DS 186
Defining AD Groups 188
OU and Group Design 192
Starting an OU Design 193
Using OUs to Delegate Administration 194
Group Policies and OU Design 196
Understanding Group Design 197
Exploring Sample Design Models 199
Chapter 7 Active Directory Infrastructure 207
Understanding AD DS Replication in Depth 207
Understanding Active Directory Sites 212
Planning Replication Topology 219
Windows Server 2016 IPv6 Support 226
Detailing Real-World Replication Designs 229
Deploying Read-Only Domain Controllers 232
Deploying a Clone Virtualized DC 236
Chapter 8 Creating Federated Forests and Lightweight Directories 241
Keeping a Distributed Environment in Sync 241
Active Directory Federation Services 247
Synchronizing Directory Information with Microsoft Identity Manager 251
Harnessing the Power and Potential of MIM 254
Part III: Networking Services
Chapter 9 Domain Name System, WINS, and DNSSEC 259
The Need for DNS 261
Getting Started with DNS on Windows Server 2016 264
Resource Records 267
Understanding DNS Zones 272
Performing Zone Transfers 276
Understanding DNS Queries 279
Other DNS Components 280
Understanding the Evolution of Microsoft DNS 288
DNS in Windows Server 2016 289
DNS in an Active Directory Domain Services Environment 291
Troubleshooting DNS 295
Secure DNS with DNSSEC 304
Reviewing the Windows Internet Naming Service 310
Installing and Configuring WINS 311
Planning, Migrating, and Maintaining WINS 316
Chapter 10 DHCP, IPv6, IPAM 321
Understanding the Components of an Enterprise Network 321
Exploring DHCP 323
Exploring DHCP Changes in Windows Server 2016 331
Enhancing DHCP Reliability 338
Exploring Advanced DHCP Concepts 349
Securing DHCP 350
IPv6 Introduction 351
Configuring IPv6 on Windows Server 2016 362
IP Address Management 370
Installing the IPAM Server and Client Features 371
Exploring the IPAM Console 387
Chapter 11 Internet Information Services 391
Understanding Internet Information Services 10 392
Planning and Designing IIS 10 396
Installing and Upgrading IIS 10 397
Installing and Configuring Websites 403
Installing and Configuring FTP Services 413
Securing IIS 10 422
Part IV: Security
Chapter 12 Server-Level Security 433
Defining Windows Server 2016 Security 434
Deploying Physical Security 435
Using the Integrated Windows Firewall with Advanced Security 437
Hardening Servers 442
Examining File-Level Security 450
Malware and Backup Protection 454
Windows Server Update 456
Chapter 13 Securing Data in Transit 463
Introduction to Securing Data in Transit in Windows Server 2016 464
Deploying a Public Key Infrastructure with Windows Server 2016 465
Understanding Active Directory Certificate Services in Windows Server
2016 467
Active Directory Rights Management Services 476
Using IPsec Encryption with Windows Server 2016 479
Chapter 14 Network Policy and Access Services, Routing and Remote Access
and DirectAccess 483
Installing a Network Policy Server 484
Deploying a Virtual Private Network Using RRAS 485
Configuring DirectAccess 491
Part V: Migrating to Windows Server 2016
Chapter 15 Migrating to Active Directory 2016 495
Beginning the Migration Process 496
Big Bang Migration 499
Phased Migration 503
Multiple Domain Consolidation Migration 519
Chapter 16 Compatibility Testing 537
The Importance of Compatibility Testing 538
Preparing for Compatibility Testing 539
Researching Products and Applications 545
Verifying Compatibility with Vendors 548
Microsoft Assessment and Planning Toolkit 554
Lab-Testing Existing Applications 554
Documenting the Results of the Compatibility Testing 557
Determining Whether a Prototype Phase Is Required 557
Part VI: Windows Server 2016 Administration and Management
Chapter 17 Windows Server 2016 Administration 561
Defining the Administrative Model 562
Examining Active Directory Site Administration 563
Configuring Sites 566
Windows Server 2016 Active Directory Groups 574
Creating Groups 575
Managing Users with Local Security and Group Policies 580
Managing Printers with the Print Management Console 588
Chapter 18 Windows Server 2016 Group Policies and Policy Management
595
Group Policy Overview 596
Group Policy Processing: How Does It Work? 597
Local Group Policies 600
Domain-Based Group Policies 601
Security Templates 602
Understanding Group Policy 603
Group Policy Policies Node 615
Group Policy Preferences Node 618
Policy Management Tools 618
Designing a Group Policy Infrastructure 626
GPO Administrative Tasks 629
Chapter 19 Windows Server 2016 Management and Maintenance Practices 651
Going Green with Windows Server 2016 652
Server Manager Dashboard 653
Managing Windows Server 2016 Roles and Features 655
Creating a Server Group 660
Viewing Events 660
Server Manager Storage Page 670
Auditing the Environment 673
Managing Windows Server 2016 Remotely 682
Common Practices for Securing and Managing Windows Server 2016 688
Keeping Up with Service Packs and Updates 689
Maintaining Windows Server 2016 693
Chapter 20 Automating Tasks Using PowerShell Scripting 707
Understanding Shells 708
Introduction to PowerShell 710
Understanding PowerShell Fundamentals 712
Using Windows PowerShell 739
Chapter 21 Documenting a Windows Server 2016 Environment 771
Benefits of Documentation 772
Types of Documents 773
Planning to Document the Windows Server 2016 Environment 774
Knowledge Sharing and Knowledge Management 774
Windows Server 2016 Project Documents 775
Administration and Maintenance Documents 788
Network Infrastructure 792
Disaster Recovery Documentation 793
Change Management Procedures 796
Performance Documentation 796
Baselining Records for Documentation Comparisons 796
Routine Reporting 796
Security Documentation 797
Part VII: Remote and Mobile Technologies
Chapter 22 Server-to-Client Remote and Mobile Access 801
Remote Access in Windows Server 2016 803
VPN in Windows Server 2016 805
RAS System Authentication Options 808
VPN Protocols 810
DirectAccess in Windows Server 2016 815
Choosing Between Traditional VPN Technologies and DirectAccess 826
Setting Up the Unified Remote Access Role 829
DirectAccess Scenario 830
VPN Scenario 836
Monitoring the Remote Access Server 847
Chapter 23 Remote Desktop Services 851
Why Implement Remote Desktop Services? 852
How Remote Desktop Works 855
Understanding the Name Change 857
RDS Roles 857
Configuration Options and Fine-Tuning Terminology 865
Planning for RDS 872
Deploying RDS 877
Deploying Virtual Desktops 888
Enabling RemoteFX 896
Securing and Supporting RDS 898
Part VIII: Desktop Administration
Chapter 24 Windows Server 2016 Administration Tools for Desktops 903
Managing Desktops and Servers 904
Operating System Deployment Options 905
Windows Server 2016 Windows Deployment Services 908
Installing Windows Deployment Services 910
Customizing Boot Images 921
Creating Discover Images 925
Pre-Creating Active Directory Computer Accounts for WDS (Prestaged
Systems) 926
Creating Custom Installations Using Capture Images 930
Automating Image Deployment Using Unattend Files 933
General Desktop Administration Tasks 934
Chapter 25 Group Policy Management for Network Clients 937
The Need for Group Policies 938
Windows Group Policies 939
Group Policy Feature Set 942
Planning Workgroup and Standalone Local Group Policy Configuration 947
Planning Domain Group Policy Objects 950
Managing Computers with Domain Policies 959
Configuring Preference Item-Level Targeting 967
Managing Users with Policies 977
Managing Active Directory with Policies 984
Chapter 26 Storage 999
Storage Spaces and Storage Pools 999
Managing Windows Server 2016 Disks 1010
Configuring Storage Spaces Direct 1014
Part IX: Fault-Tolerance Technologies
Chapter 27 File System Management 1023
File System Access Services and Technologies 1023
Adding the File and Storage Services Role 1027
Managing Data Access Using Windows Server 2016 Shares 1028
File Server Resource Manager 1032
The Distributed File System 1044
Planning a DFS Deployment 1048
Installing and Configuring DFS 1051
Using the Volume Shadow Copy Service 1057
Configuring Data Deduplication 1060
Dynamic Access Control 1062
Chapter 28 Operational Fault Tolerance (Clustering/Network Load
Balancing) 1073
Building Fault-Tolerant Windows Server 2016 Systems 1075
Windows Server 2016 Clustering Technologies 1077
Determining the Correct Clustering Technology 1083
Overview of Failover Clusters 1085
Deploying Failover Clusters 1090
Backing Up and Restoring Failover Clusters 1113
Deploying Network Load-Balancing Clusters 1117
Managing NLB Clusters 1125
Network Teaming 1127
Chapter 29 Backing Up the Windows Server 2016 Environment 1131
Understanding Your Backup and Recovery Needs and Options 1132
Creating the Disaster Recovery Solution 1135
Documenting the Enterprise 1136
Developing a Backup Strategy 1137
Windows Server Backup Overview 1138
Using Windows Server Backup 1141
Managing Backups Using the Command-Line Utility Wbadmin.exe and Windows
PowerShell Cmdlets 1146
Backing Up Active Directory 1150
Backing Up Windows Server 2016 Roles 1153
Volume Shadow Copy Service 1154
Extending Server Backup to the Enterprise with Data Protection Manager
2016 1155
Chapter 30 Recovering from a Disaster 1157
Ongoing Backup and Recovery Preparedness 1157
When Disasters Strike 1161
Disaster Scenario Troubleshooting 1163
Recovering from a Server or System Failure 1166
Managing and Accessing Windows Server Backup Media 1173
Windows Server Backup Volume Recovery 1174
Recovering Role Services and Features 1176
Part X: Optimizing, Tuning, Debugging, and Problem Solving
Chapter 31 Optimizing Windows Server 2016 for Branch Office
Communications 1185
Key Branch Office Features in Windows Server 2016 1186
Understanding Read-Only Domain Controllers 1186
Using BitLocker with Windows Server 2016 1202
BranchCache in Windows Server 2016 1213
Printing with Branch Office Direct Printing 1226
Chapter 32 Logging and Debugging 1229
Using the Task Manager for Logging and Debugging 1229
Using Event Viewer for Logging and Debugging 1237
Performance Monitoring 1248
Setting Baseline Values 1275
Using the Debugging Tools Available in Windows Server 2016 1277
Task Scheduler 1291
Chapter 33 Capacity Analysis and Performance Optimization 1299
Defining Capacity Analysis 1299
Using Capacity-Analysis Tools 1303
Monitoring System Performance 1317
Optimizing Performance by Server Roles 1325
Part XI: Integrated Windows Application Services
Chapter 34 SharePoint 2016 Products 1333
History of SharePoint Technologies 1333
Identifying the Need for SharePoint 2016 Products 1335
Designing a SharePoint 2016 Farm 1339
Exploring a Basic SharePoint 2016 Site 1343
Lists and Libraries in SharePoint 2016 1345
Managing the Site Collection 1351
Chapter 35 Windows Server Virtualization 1357
Understanding Microsoft’s Virtualization Strategy 1357
Integration of Hypervisor Technology in Windows Server 1360
Windows Containers and Hyper-V Containers in Windows Server 2016 1368
Planning Your Implementation of Hyper-V 1368
Installing the Microsoft Hyper-V Role 1371
Becoming Familiar with the Hyper-V Administrative Console 1374
Installing a Guest Operating System Session 1380
Modifying Guest Session Configuration Settings 1384
Launching a Hyper-V Guest Session 1387
Using Snapshots of Guest Operating System Sessions 1389
Quick Migration and Live Migration 1391
Utilizing Hyper-V Replica for Site-to-Site Redundancy 1404
Hyper-V Containers in Windows Server 2016 1410
Windows Docker Containers 1412
Chapter 36 Integrating System Center Operations Manager 2016 with Windows
Server 2016 1417
Windows Server 2016 Monitoring 1418
Understanding How OpsMgr Works 1419
OpsMgr Architecture Components 1423
Securing OpsMgr 1433
Fault Tolerance and Disaster Recovery 1438
Understanding OpsMgr Components 1444
Putting it All Together in a Design 1448
Index 1459
How This Book Is Organized 1
Part I: Windows Server 2016 Overview
Chapter 1 Windows Server 2016 Technology Primer 5
Windows Server 2016 Defined 6
When Is the Right Time to Migrate? 16
Versions of Windows Server 2016 18
Improvements for Continuous Availability 22
Enhancements for Flexible Identity and Security 25
Enabling Users to Work Anywhere 31
Simplifying the Datacenter 38
Addition of Migration Tools 48
Identifying Which Windows Server 2016 Service to Install or Migrate to
First 49
Chapter 2 Planning, Prototyping, Migrating, and Deploying Windows Server
2016 55
Determining the Scope of Your Project 56
Identifying the Business Goals and Objectives to Implement Windows
Server 56
Identifying the Technical Goals and Objectives to Implement Windows
Server 59
The Discovery Phase: Understanding the Existing Environment 65
The Design Phase: Documenting the Vision and the Plan 69
The Migration Planning Phase: Documenting the Process for Migration 73
The Prototype Phase: Creating and Testing the Plan 79
The Pilot Phase: Validating the Plan to a Limited Number of Users 81
The Migration/Implementation Phase: Conducting the Migration or
Installation 83
Chapter 3 Installing Windows Server 2016 and Server Core 89
Planning for a Server Installation 90
Installing a Clean Version of Windows Server 2016 Operating System 95
Upgrading to Windows Server 2016 104
Understanding Server Core Installation 107
Managing and Configuring a Server Core Installation 110
Performing an Unattended Windows Server 2016 Installation 118
Nano Server 118
Part II: Windows Server 2016 Active Directory
Chapter 4 Active Directory Domain Services Primer 125
The Evolution of Directory Services 126
Understanding the Development of AD DS 128
AD DS Structure 128
Outlining AD DS Components 131
Understanding Domain Trusts 136
Defining Organizational Units 137
Outlining the Role of Groups in an AD DS Environment 139
Understanding AD DS Replication 141
Outlining the Role of DNS in AD DS 143
Outlining AD DS Security 145
Getting Familiar with AD DS Features in Windows Server 2016 145
Chapter 5 Designing a Windows Server 2016 Active Directory 159
Understanding AD DS Domain Design 160
Choosing a Domain Namespace 161
Examining Domain Design Features 163
Choosing a Domain Structure 164
Understanding the Single-Domain Model 165
Understanding the Multiple-Domain Model 168
Understanding the Multiple Trees in a Single-Forest Model 170
Reviewing the Federated-Forests Model 172
Understanding the Empty-Root Domain Model 175
Understanding the Placeholder Domain Model 178
Understanding the Special-Purpose Domain Model 179
Renaming an AD DS Domain 180
Chapter 6 Designing Organizational Unit and Group Structure 185
Defining Organizational Units in AD DS 186
Defining AD Groups 188
OU and Group Design 192
Starting an OU Design 193
Using OUs to Delegate Administration 194
Group Policies and OU Design 196
Understanding Group Design 197
Exploring Sample Design Models 199
Chapter 7 Active Directory Infrastructure 207
Understanding AD DS Replication in Depth 207
Understanding Active Directory Sites 212
Planning Replication Topology 219
Windows Server 2016 IPv6 Support 226
Detailing Real-World Replication Designs 229
Deploying Read-Only Domain Controllers 232
Deploying a Clone Virtualized DC 236
Chapter 8 Creating Federated Forests and Lightweight Directories 241
Keeping a Distributed Environment in Sync 241
Active Directory Federation Services 247
Synchronizing Directory Information with Microsoft Identity Manager 251
Harnessing the Power and Potential of MIM 254
Part III: Networking Services
Chapter 9 Domain Name System, WINS, and DNSSEC 259
The Need for DNS 261
Getting Started with DNS on Windows Server 2016 264
Resource Records 267
Understanding DNS Zones 272
Performing Zone Transfers 276
Understanding DNS Queries 279
Other DNS Components 280
Understanding the Evolution of Microsoft DNS 288
DNS in Windows Server 2016 289
DNS in an Active Directory Domain Services Environment 291
Troubleshooting DNS 295
Secure DNS with DNSSEC 304
Reviewing the Windows Internet Naming Service 310
Installing and Configuring WINS 311
Planning, Migrating, and Maintaining WINS 316
Chapter 10 DHCP, IPv6, IPAM 321
Understanding the Components of an Enterprise Network 321
Exploring DHCP 323
Exploring DHCP Changes in Windows Server 2016 331
Enhancing DHCP Reliability 338
Exploring Advanced DHCP Concepts 349
Securing DHCP 350
IPv6 Introduction 351
Configuring IPv6 on Windows Server 2016 362
IP Address Management 370
Installing the IPAM Server and Client Features 371
Exploring the IPAM Console 387
Chapter 11 Internet Information Services 391
Understanding Internet Information Services 10 392
Planning and Designing IIS 10 396
Installing and Upgrading IIS 10 397
Installing and Configuring Websites 403
Installing and Configuring FTP Services 413
Securing IIS 10 422
Part IV: Security
Chapter 12 Server-Level Security 433
Defining Windows Server 2016 Security 434
Deploying Physical Security 435
Using the Integrated Windows Firewall with Advanced Security 437
Hardening Servers 442
Examining File-Level Security 450
Malware and Backup Protection 454
Windows Server Update 456
Chapter 13 Securing Data in Transit 463
Introduction to Securing Data in Transit in Windows Server 2016 464
Deploying a Public Key Infrastructure with Windows Server 2016 465
Understanding Active Directory Certificate Services in Windows Server
2016 467
Active Directory Rights Management Services 476
Using IPsec Encryption with Windows Server 2016 479
Chapter 14 Network Policy and Access Services, Routing and Remote Access
and DirectAccess 483
Installing a Network Policy Server 484
Deploying a Virtual Private Network Using RRAS 485
Configuring DirectAccess 491
Part V: Migrating to Windows Server 2016
Chapter 15 Migrating to Active Directory 2016 495
Beginning the Migration Process 496
Big Bang Migration 499
Phased Migration 503
Multiple Domain Consolidation Migration 519
Chapter 16 Compatibility Testing 537
The Importance of Compatibility Testing 538
Preparing for Compatibility Testing 539
Researching Products and Applications 545
Verifying Compatibility with Vendors 548
Microsoft Assessment and Planning Toolkit 554
Lab-Testing Existing Applications 554
Documenting the Results of the Compatibility Testing 557
Determining Whether a Prototype Phase Is Required 557
Part VI: Windows Server 2016 Administration and Management
Chapter 17 Windows Server 2016 Administration 561
Defining the Administrative Model 562
Examining Active Directory Site Administration 563
Configuring Sites 566
Windows Server 2016 Active Directory Groups 574
Creating Groups 575
Managing Users with Local Security and Group Policies 580
Managing Printers with the Print Management Console 588
Chapter 18 Windows Server 2016 Group Policies and Policy Management
595
Group Policy Overview 596
Group Policy Processing: How Does It Work? 597
Local Group Policies 600
Domain-Based Group Policies 601
Security Templates 602
Understanding Group Policy 603
Group Policy Policies Node 615
Group Policy Preferences Node 618
Policy Management Tools 618
Designing a Group Policy Infrastructure 626
GPO Administrative Tasks 629
Chapter 19 Windows Server 2016 Management and Maintenance Practices 651
Going Green with Windows Server 2016 652
Server Manager Dashboard 653
Managing Windows Server 2016 Roles and Features 655
Creating a Server Group 660
Viewing Events 660
Server Manager Storage Page 670
Auditing the Environment 673
Managing Windows Server 2016 Remotely 682
Common Practices for Securing and Managing Windows Server 2016 688
Keeping Up with Service Packs and Updates 689
Maintaining Windows Server 2016 693
Chapter 20 Automating Tasks Using PowerShell Scripting 707
Understanding Shells 708
Introduction to PowerShell 710
Understanding PowerShell Fundamentals 712
Using Windows PowerShell 739
Chapter 21 Documenting a Windows Server 2016 Environment 771
Benefits of Documentation 772
Types of Documents 773
Planning to Document the Windows Server 2016 Environment 774
Knowledge Sharing and Knowledge Management 774
Windows Server 2016 Project Documents 775
Administration and Maintenance Documents 788
Network Infrastructure 792
Disaster Recovery Documentation 793
Change Management Procedures 796
Performance Documentation 796
Baselining Records for Documentation Comparisons 796
Routine Reporting 796
Security Documentation 797
Part VII: Remote and Mobile Technologies
Chapter 22 Server-to-Client Remote and Mobile Access 801
Remote Access in Windows Server 2016 803
VPN in Windows Server 2016 805
RAS System Authentication Options 808
VPN Protocols 810
DirectAccess in Windows Server 2016 815
Choosing Between Traditional VPN Technologies and DirectAccess 826
Setting Up the Unified Remote Access Role 829
DirectAccess Scenario 830
VPN Scenario 836
Monitoring the Remote Access Server 847
Chapter 23 Remote Desktop Services 851
Why Implement Remote Desktop Services? 852
How Remote Desktop Works 855
Understanding the Name Change 857
RDS Roles 857
Configuration Options and Fine-Tuning Terminology 865
Planning for RDS 872
Deploying RDS 877
Deploying Virtual Desktops 888
Enabling RemoteFX 896
Securing and Supporting RDS 898
Part VIII: Desktop Administration
Chapter 24 Windows Server 2016 Administration Tools for Desktops 903
Managing Desktops and Servers 904
Operating System Deployment Options 905
Windows Server 2016 Windows Deployment Services 908
Installing Windows Deployment Services 910
Customizing Boot Images 921
Creating Discover Images 925
Pre-Creating Active Directory Computer Accounts for WDS (Prestaged
Systems) 926
Creating Custom Installations Using Capture Images 930
Automating Image Deployment Using Unattend Files 933
General Desktop Administration Tasks 934
Chapter 25 Group Policy Management for Network Clients 937
The Need for Group Policies 938
Windows Group Policies 939
Group Policy Feature Set 942
Planning Workgroup and Standalone Local Group Policy Configuration 947
Planning Domain Group Policy Objects 950
Managing Computers with Domain Policies 959
Configuring Preference Item-Level Targeting 967
Managing Users with Policies 977
Managing Active Directory with Policies 984
Chapter 26 Storage 999
Storage Spaces and Storage Pools 999
Managing Windows Server 2016 Disks 1010
Configuring Storage Spaces Direct 1014
Part IX: Fault-Tolerance Technologies
Chapter 27 File System Management 1023
File System Access Services and Technologies 1023
Adding the File and Storage Services Role 1027
Managing Data Access Using Windows Server 2016 Shares 1028
File Server Resource Manager 1032
The Distributed File System 1044
Planning a DFS Deployment 1048
Installing and Configuring DFS 1051
Using the Volume Shadow Copy Service 1057
Configuring Data Deduplication 1060
Dynamic Access Control 1062
Chapter 28 Operational Fault Tolerance (Clustering/Network Load
Balancing) 1073
Building Fault-Tolerant Windows Server 2016 Systems 1075
Windows Server 2016 Clustering Technologies 1077
Determining the Correct Clustering Technology 1083
Overview of Failover Clusters 1085
Deploying Failover Clusters 1090
Backing Up and Restoring Failover Clusters 1113
Deploying Network Load-Balancing Clusters 1117
Managing NLB Clusters 1125
Network Teaming 1127
Chapter 29 Backing Up the Windows Server 2016 Environment 1131
Understanding Your Backup and Recovery Needs and Options 1132
Creating the Disaster Recovery Solution 1135
Documenting the Enterprise 1136
Developing a Backup Strategy 1137
Windows Server Backup Overview 1138
Using Windows Server Backup 1141
Managing Backups Using the Command-Line Utility Wbadmin.exe and Windows
PowerShell Cmdlets 1146
Backing Up Active Directory 1150
Backing Up Windows Server 2016 Roles 1153
Volume Shadow Copy Service 1154
Extending Server Backup to the Enterprise with Data Protection Manager
2016 1155
Chapter 30 Recovering from a Disaster 1157
Ongoing Backup and Recovery Preparedness 1157
When Disasters Strike 1161
Disaster Scenario Troubleshooting 1163
Recovering from a Server or System Failure 1166
Managing and Accessing Windows Server Backup Media 1173
Windows Server Backup Volume Recovery 1174
Recovering Role Services and Features 1176
Part X: Optimizing, Tuning, Debugging, and Problem Solving
Chapter 31 Optimizing Windows Server 2016 for Branch Office
Communications 1185
Key Branch Office Features in Windows Server 2016 1186
Understanding Read-Only Domain Controllers 1186
Using BitLocker with Windows Server 2016 1202
BranchCache in Windows Server 2016 1213
Printing with Branch Office Direct Printing 1226
Chapter 32 Logging and Debugging 1229
Using the Task Manager for Logging and Debugging 1229
Using Event Viewer for Logging and Debugging 1237
Performance Monitoring 1248
Setting Baseline Values 1275
Using the Debugging Tools Available in Windows Server 2016 1277
Task Scheduler 1291
Chapter 33 Capacity Analysis and Performance Optimization 1299
Defining Capacity Analysis 1299
Using Capacity-Analysis Tools 1303
Monitoring System Performance 1317
Optimizing Performance by Server Roles 1325
Part XI: Integrated Windows Application Services
Chapter 34 SharePoint 2016 Products 1333
History of SharePoint Technologies 1333
Identifying the Need for SharePoint 2016 Products 1335
Designing a SharePoint 2016 Farm 1339
Exploring a Basic SharePoint 2016 Site 1343
Lists and Libraries in SharePoint 2016 1345
Managing the Site Collection 1351
Chapter 35 Windows Server Virtualization 1357
Understanding Microsoft’s Virtualization Strategy 1357
Integration of Hypervisor Technology in Windows Server 1360
Windows Containers and Hyper-V Containers in Windows Server 2016 1368
Planning Your Implementation of Hyper-V 1368
Installing the Microsoft Hyper-V Role 1371
Becoming Familiar with the Hyper-V Administrative Console 1374
Installing a Guest Operating System Session 1380
Modifying Guest Session Configuration Settings 1384
Launching a Hyper-V Guest Session 1387
Using Snapshots of Guest Operating System Sessions 1389
Quick Migration and Live Migration 1391
Utilizing Hyper-V Replica for Site-to-Site Redundancy 1404
Hyper-V Containers in Windows Server 2016 1410
Windows Docker Containers 1412
Chapter 36 Integrating System Center Operations Manager 2016 with Windows
Server 2016 1417
Windows Server 2016 Monitoring 1418
Understanding How OpsMgr Works 1419
OpsMgr Architecture Components 1423
Securing OpsMgr 1433
Fault Tolerance and Disaster Recovery 1438
Understanding OpsMgr Components 1444
Putting it All Together in a Design 1448
Index 1459
Introduction 1
How This Book Is Organized 1
Part I: Windows Server 2016 Overview
Chapter 1 Windows Server 2016 Technology Primer 5
Windows Server 2016 Defined 6
When Is the Right Time to Migrate? 16
Versions of Windows Server 2016 18
Improvements for Continuous Availability 22
Enhancements for Flexible Identity and Security 25
Enabling Users to Work Anywhere 31
Simplifying the Datacenter 38
Addition of Migration Tools 48
Identifying Which Windows Server 2016 Service to Install or Migrate to
First 49
Chapter 2 Planning, Prototyping, Migrating, and Deploying Windows Server
2016 55
Determining the Scope of Your Project 56
Identifying the Business Goals and Objectives to Implement Windows
Server 56
Identifying the Technical Goals and Objectives to Implement Windows
Server 59
The Discovery Phase: Understanding the Existing Environment 65
The Design Phase: Documenting the Vision and the Plan 69
The Migration Planning Phase: Documenting the Process for Migration 73
The Prototype Phase: Creating and Testing the Plan 79
The Pilot Phase: Validating the Plan to a Limited Number of Users 81
The Migration/Implementation Phase: Conducting the Migration or
Installation 83
Chapter 3 Installing Windows Server 2016 and Server Core 89
Planning for a Server Installation 90
Installing a Clean Version of Windows Server 2016 Operating System 95
Upgrading to Windows Server 2016 104
Understanding Server Core Installation 107
Managing and Configuring a Server Core Installation 110
Performing an Unattended Windows Server 2016 Installation 118
Nano Server 118
Part II: Windows Server 2016 Active Directory
Chapter 4 Active Directory Domain Services Primer 125
The Evolution of Directory Services 126
Understanding the Development of AD DS 128
AD DS Structure 128
Outlining AD DS Components 131
Understanding Domain Trusts 136
Defining Organizational Units 137
Outlining the Role of Groups in an AD DS Environment 139
Understanding AD DS Replication 141
Outlining the Role of DNS in AD DS 143
Outlining AD DS Security 145
Getting Familiar with AD DS Features in Windows Server 2016 145
Chapter 5 Designing a Windows Server 2016 Active Directory 159
Understanding AD DS Domain Design 160
Choosing a Domain Namespace 161
Examining Domain Design Features 163
Choosing a Domain Structure 164
Understanding the Single-Domain Model 165
Understanding the Multiple-Domain Model 168
Understanding the Multiple Trees in a Single-Forest Model 170
Reviewing the Federated-Forests Model 172
Understanding the Empty-Root Domain Model 175
Understanding the Placeholder Domain Model 178
Understanding the Special-Purpose Domain Model 179
Renaming an AD DS Domain 180
Chapter 6 Designing Organizational Unit and Group Structure 185
Defining Organizational Units in AD DS 186
Defining AD Groups 188
OU and Group Design 192
Starting an OU Design 193
Using OUs to Delegate Administration 194
Group Policies and OU Design 196
Understanding Group Design 197
Exploring Sample Design Models 199
Chapter 7 Active Directory Infrastructure 207
Understanding AD DS Replication in Depth 207
Understanding Active Directory Sites 212
Planning Replication Topology 219
Windows Server 2016 IPv6 Support 226
Detailing Real-World Replication Designs 229
Deploying Read-Only Domain Controllers 232
Deploying a Clone Virtualized DC 236
Chapter 8 Creating Federated Forests and Lightweight Directories 241
Keeping a Distributed Environment in Sync 241
Active Directory Federation Services 247
Synchronizing Directory Information with Microsoft Identity Manager 251
Harnessing the Power and Potential of MIM 254
Part III: Networking Services
Chapter 9 Domain Name System, WINS, and DNSSEC 259
The Need for DNS 261
Getting Started with DNS on Windows Server 2016 264
Resource Records 267
Understanding DNS Zones 272
Performing Zone Transfers 276
Understanding DNS Queries 279
Other DNS Components 280
Understanding the Evolution of Microsoft DNS 288
DNS in Windows Server 2016 289
DNS in an Active Directory Domain Services Environment 291
Troubleshooting DNS 295
Secure DNS with DNSSEC 304
Reviewing the Windows Internet Naming Service 310
Installing and Configuring WINS 311
Planning, Migrating, and Maintaining WINS 316
Chapter 10 DHCP, IPv6, IPAM 321
Understanding the Components of an Enterprise Network 321
Exploring DHCP 323
Exploring DHCP Changes in Windows Server 2016 331
Enhancing DHCP Reliability 338
Exploring Advanced DHCP Concepts 349
Securing DHCP 350
IPv6 Introduction 351
Configuring IPv6 on Windows Server 2016 362
IP Address Management 370
Installing the IPAM Server and Client Features 371
Exploring the IPAM Console 387
Chapter 11 Internet Information Services 391
Understanding Internet Information Services 10 392
Planning and Designing IIS 10 396
Installing and Upgrading IIS 10 397
Installing and Configuring Websites 403
Installing and Configuring FTP Services 413
Securing IIS 10 422
Part IV: Security
Chapter 12 Server-Level Security 433
Defining Windows Server 2016 Security 434
Deploying Physical Security 435
Using the Integrated Windows Firewall with Advanced Security 437
Hardening Servers 442
Examining File-Level Security 450
Malware and Backup Protection 454
Windows Server Update 456
Chapter 13 Securing Data in Transit 463
Introduction to Securing Data in Transit in Windows Server 2016 464
Deploying a Public Key Infrastructure with Windows Server 2016 465
Understanding Active Directory Certificate Services in Windows Server
2016 467
Active Directory Rights Management Services 476
Using IPsec Encryption with Windows Server 2016 479
Chapter 14 Network Policy and Access Services, Routing and Remote Access
and DirectAccess 483
Installing a Network Policy Server 484
Deploying a Virtual Private Network Using RRAS 485
Configuring DirectAccess 491
Part V: Migrating to Windows Server 2016
Chapter 15 Migrating to Active Directory 2016 495
Beginning the Migration Process 496
Big Bang Migration 499
Phased Migration 503
Multiple Domain Consolidation Migration 519
Chapter 16 Compatibility Testing 537
The Importance of Compatibility Testing 538
Preparing for Compatibility Testing 539
Researching Products and Applications 545
Verifying Compatibility with Vendors 548
Microsoft Assessment and Planning Toolkit 554
Lab-Testing Existing Applications 554
Documenting the Results of the Compatibility Testing 557
Determining Whether a Prototype Phase Is Required 557
Part VI: Windows Server 2016 Administration and Management
Chapter 17 Windows Server 2016 Administration 561
Defining the Administrative Model 562
Examining Active Directory Site Administration 563
Configuring Sites 566
Windows Server 2016 Active Directory Groups 574
Creating Groups 575
Managing Users with Local Security and Group Policies 580
Managing Printers with the Print Management Console 588
Chapter 18 Windows Server 2016 Group Policies and Policy Management
595
Group Policy Overview 596
Group Policy Processing: How Does It Work? 597
Local Group Policies 600
Domain-Based Group Policies 601
Security Templates 602
Understanding Group Policy 603
Group Policy Policies Node 615
Group Policy Preferences Node 618
Policy Management Tools 618
Designing a Group Policy Infrastructure 626
GPO Administrative Tasks 629
Chapter 19 Windows Server 2016 Management and Maintenance Practices 651
Going Green with Windows Server 2016 652
Server Manager Dashboard 653
Managing Windows Server 2016 Roles and Features 655
Creating a Server Group 660
Viewing Events 660
Server Manager Storage Page 670
Auditing the Environment 673
Managing Windows Server 2016 Remotely 682
Common Practices for Securing and Managing Windows Server 2016 688
Keeping Up with Service Packs and Updates 689
Maintaining Windows Server 2016 693
Chapter 20 Automating Tasks Using PowerShell Scripting 707
Understanding Shells 708
Introduction to PowerShell 710
Understanding PowerShell Fundamentals 712
Using Windows PowerShell 739
Chapter 21 Documenting a Windows Server 2016 Environment 771
Benefits of Documentation 772
Types of Documents 773
Planning to Document the Windows Server 2016 Environment 774
Knowledge Sharing and Knowledge Management 774
Windows Server 2016 Project Documents 775
Administration and Maintenance Documents 788
Network Infrastructure 792
Disaster Recovery Documentation 793
Change Management Procedures 796
Performance Documentation 796
Baselining Records for Documentation Comparisons 796
Routine Reporting 796
Security Documentation 797
Part VII: Remote and Mobile Technologies
Chapter 22 Server-to-Client Remote and Mobile Access 801
Remote Access in Windows Server 2016 803
VPN in Windows Server 2016 805
RAS System Authentication Options 808
VPN Protocols 810
DirectAccess in Windows Server 2016 815
Choosing Between Traditional VPN Technologies and DirectAccess 826
Setting Up the Unified Remote Access Role 829
DirectAccess Scenario 830
VPN Scenario 836
Monitoring the Remote Access Server 847
Chapter 23 Remote Desktop Services 851
Why Implement Remote Desktop Services? 852
How Remote Desktop Works 855
Understanding the Name Change 857
RDS Roles 857
Configuration Options and Fine-Tuning Terminology 865
Planning for RDS 872
Deploying RDS 877
Deploying Virtual Desktops 888
Enabling RemoteFX 896
Securing and Supporting RDS 898
Part VIII: Desktop Administration
Chapter 24 Windows Server 2016 Administration Tools for Desktops 903
Managing Desktops and Servers 904
Operating System Deployment Options 905
Windows Server 2016 Windows Deployment Services 908
Installing Windows Deployment Services 910
Customizing Boot Images 921
Creating Discover Images 925
Pre-Creating Active Directory Computer Accounts for WDS (Prestaged
Systems) 926
Creating Custom Installations Using Capture Images 930
Automating Image Deployment Using Unattend Files 933
General Desktop Administration Tasks 934
Chapter 25 Group Policy Management for Network Clients 937
The Need for Group Policies 938
Windows Group Policies 939
Group Policy Feature Set 942
Planning Workgroup and Standalone Local Group Policy Configuration 947
Planning Domain Group Policy Objects 950
Managing Computers with Domain Policies 959
Configuring Preference Item-Level Targeting 967
Managing Users with Policies 977
Managing Active Directory with Policies 984
Chapter 26 Storage 999
Storage Spaces and Storage Pools 999
Managing Windows Server 2016 Disks 1010
Configuring Storage Spaces Direct 1014
Part IX: Fault-Tolerance Technologies
Chapter 27 File System Management 1023
File System Access Services and Technologies 1023
Adding the File and Storage Services Role 1027
Managing Data Access Using Windows Server 2016 Shares 1028
File Server Resource Manager 1032
The Distributed File System 1044
Planning a DFS Deployment 1048
Installing and Configuring DFS 1051
Using the Volume Shadow Copy Service 1057
Configuring Data Deduplication 1060
Dynamic Access Control 1062
Chapter 28 Operational Fault Tolerance (Clustering/Network Load
Balancing) 1073
Building Fault-Tolerant Windows Server 2016 Systems 1075
Windows Server 2016 Clustering Technologies 1077
Determining the Correct Clustering Technology 1083
Overview of Failover Clusters 1085
Deploying Failover Clusters 1090
Backing Up and Restoring Failover Clusters 1113
Deploying Network Load-Balancing Clusters 1117
Managing NLB Clusters 1125
Network Teaming 1127
Chapter 29 Backing Up the Windows Server 2016 Environment 1131
Understanding Your Backup and Recovery Needs and Options 1132
Creating the Disaster Recovery Solution 1135
Documenting the Enterprise 1136
Developing a Backup Strategy 1137
Windows Server Backup Overview 1138
Using Windows Server Backup 1141
Managing Backups Using the Command-Line Utility Wbadmin.exe and Windows
PowerShell Cmdlets 1146
Backing Up Active Directory 1150
Backing Up Windows Server 2016 Roles 1153
Volume Shadow Copy Service 1154
Extending Server Backup to the Enterprise with Data Protection Manager
2016 1155
Chapter 30 Recovering from a Disaster 1157
Ongoing Backup and Recovery Preparedness 1157
When Disasters Strike 1161
Disaster Scenario Troubleshooting 1163
Recovering from a Server or System Failure 1166
Managing and Accessing Windows Server Backup Media 1173
Windows Server Backup Volume Recovery 1174
Recovering Role Services and Features 1176
Part X: Optimizing, Tuning, Debugging, and Problem Solving
Chapter 31 Optimizing Windows Server 2016 for Branch Office
Communications 1185
Key Branch Office Features in Windows Server 2016 1186
Understanding Read-Only Domain Controllers 1186
Using BitLocker with Windows Server 2016 1202
BranchCache in Windows Server 2016 1213
Printing with Branch Office Direct Printing 1226
Chapter 32 Logging and Debugging 1229
Using the Task Manager for Logging and Debugging 1229
Using Event Viewer for Logging and Debugging 1237
Performance Monitoring 1248
Setting Baseline Values 1275
Using the Debugging Tools Available in Windows Server 2016 1277
Task Scheduler 1291
Chapter 33 Capacity Analysis and Performance Optimization 1299
Defining Capacity Analysis 1299
Using Capacity-Analysis Tools 1303
Monitoring System Performance 1317
Optimizing Performance by Server Roles 1325
Part XI: Integrated Windows Application Services
Chapter 34 SharePoint 2016 Products 1333
History of SharePoint Technologies 1333
Identifying the Need for SharePoint 2016 Products 1335
Designing a SharePoint 2016 Farm 1339
Exploring a Basic SharePoint 2016 Site 1343
Lists and Libraries in SharePoint 2016 1345
Managing the Site Collection 1351
Chapter 35 Windows Server Virtualization 1357
Understanding Microsoft’s Virtualization Strategy 1357
Integration of Hypervisor Technology in Windows Server 1360
Windows Containers and Hyper-V Containers in Windows Server 2016 1368
Planning Your Implementation of Hyper-V 1368
Installing the Microsoft Hyper-V Role 1371
Becoming Familiar with the Hyper-V Administrative Console 1374
Installing a Guest Operating System Session 1380
Modifying Guest Session Configuration Settings 1384
Launching a Hyper-V Guest Session 1387
Using Snapshots of Guest Operating System Sessions 1389
Quick Migration and Live Migration 1391
Utilizing Hyper-V Replica for Site-to-Site Redundancy 1404
Hyper-V Containers in Windows Server 2016 1410
Windows Docker Containers 1412
Chapter 36 Integrating System Center Operations Manager 2016 with Windows
Server 2016 1417
Windows Server 2016 Monitoring 1418
Understanding How OpsMgr Works 1419
OpsMgr Architecture Components 1423
Securing OpsMgr 1433
Fault Tolerance and Disaster Recovery 1438
Understanding OpsMgr Components 1444
Putting it All Together in a Design 1448
Index 1459
How This Book Is Organized 1
Part I: Windows Server 2016 Overview
Chapter 1 Windows Server 2016 Technology Primer 5
Windows Server 2016 Defined 6
When Is the Right Time to Migrate? 16
Versions of Windows Server 2016 18
Improvements for Continuous Availability 22
Enhancements for Flexible Identity and Security 25
Enabling Users to Work Anywhere 31
Simplifying the Datacenter 38
Addition of Migration Tools 48
Identifying Which Windows Server 2016 Service to Install or Migrate to
First 49
Chapter 2 Planning, Prototyping, Migrating, and Deploying Windows Server
2016 55
Determining the Scope of Your Project 56
Identifying the Business Goals and Objectives to Implement Windows
Server 56
Identifying the Technical Goals and Objectives to Implement Windows
Server 59
The Discovery Phase: Understanding the Existing Environment 65
The Design Phase: Documenting the Vision and the Plan 69
The Migration Planning Phase: Documenting the Process for Migration 73
The Prototype Phase: Creating and Testing the Plan 79
The Pilot Phase: Validating the Plan to a Limited Number of Users 81
The Migration/Implementation Phase: Conducting the Migration or
Installation 83
Chapter 3 Installing Windows Server 2016 and Server Core 89
Planning for a Server Installation 90
Installing a Clean Version of Windows Server 2016 Operating System 95
Upgrading to Windows Server 2016 104
Understanding Server Core Installation 107
Managing and Configuring a Server Core Installation 110
Performing an Unattended Windows Server 2016 Installation 118
Nano Server 118
Part II: Windows Server 2016 Active Directory
Chapter 4 Active Directory Domain Services Primer 125
The Evolution of Directory Services 126
Understanding the Development of AD DS 128
AD DS Structure 128
Outlining AD DS Components 131
Understanding Domain Trusts 136
Defining Organizational Units 137
Outlining the Role of Groups in an AD DS Environment 139
Understanding AD DS Replication 141
Outlining the Role of DNS in AD DS 143
Outlining AD DS Security 145
Getting Familiar with AD DS Features in Windows Server 2016 145
Chapter 5 Designing a Windows Server 2016 Active Directory 159
Understanding AD DS Domain Design 160
Choosing a Domain Namespace 161
Examining Domain Design Features 163
Choosing a Domain Structure 164
Understanding the Single-Domain Model 165
Understanding the Multiple-Domain Model 168
Understanding the Multiple Trees in a Single-Forest Model 170
Reviewing the Federated-Forests Model 172
Understanding the Empty-Root Domain Model 175
Understanding the Placeholder Domain Model 178
Understanding the Special-Purpose Domain Model 179
Renaming an AD DS Domain 180
Chapter 6 Designing Organizational Unit and Group Structure 185
Defining Organizational Units in AD DS 186
Defining AD Groups 188
OU and Group Design 192
Starting an OU Design 193
Using OUs to Delegate Administration 194
Group Policies and OU Design 196
Understanding Group Design 197
Exploring Sample Design Models 199
Chapter 7 Active Directory Infrastructure 207
Understanding AD DS Replication in Depth 207
Understanding Active Directory Sites 212
Planning Replication Topology 219
Windows Server 2016 IPv6 Support 226
Detailing Real-World Replication Designs 229
Deploying Read-Only Domain Controllers 232
Deploying a Clone Virtualized DC 236
Chapter 8 Creating Federated Forests and Lightweight Directories 241
Keeping a Distributed Environment in Sync 241
Active Directory Federation Services 247
Synchronizing Directory Information with Microsoft Identity Manager 251
Harnessing the Power and Potential of MIM 254
Part III: Networking Services
Chapter 9 Domain Name System, WINS, and DNSSEC 259
The Need for DNS 261
Getting Started with DNS on Windows Server 2016 264
Resource Records 267
Understanding DNS Zones 272
Performing Zone Transfers 276
Understanding DNS Queries 279
Other DNS Components 280
Understanding the Evolution of Microsoft DNS 288
DNS in Windows Server 2016 289
DNS in an Active Directory Domain Services Environment 291
Troubleshooting DNS 295
Secure DNS with DNSSEC 304
Reviewing the Windows Internet Naming Service 310
Installing and Configuring WINS 311
Planning, Migrating, and Maintaining WINS 316
Chapter 10 DHCP, IPv6, IPAM 321
Understanding the Components of an Enterprise Network 321
Exploring DHCP 323
Exploring DHCP Changes in Windows Server 2016 331
Enhancing DHCP Reliability 338
Exploring Advanced DHCP Concepts 349
Securing DHCP 350
IPv6 Introduction 351
Configuring IPv6 on Windows Server 2016 362
IP Address Management 370
Installing the IPAM Server and Client Features 371
Exploring the IPAM Console 387
Chapter 11 Internet Information Services 391
Understanding Internet Information Services 10 392
Planning and Designing IIS 10 396
Installing and Upgrading IIS 10 397
Installing and Configuring Websites 403
Installing and Configuring FTP Services 413
Securing IIS 10 422
Part IV: Security
Chapter 12 Server-Level Security 433
Defining Windows Server 2016 Security 434
Deploying Physical Security 435
Using the Integrated Windows Firewall with Advanced Security 437
Hardening Servers 442
Examining File-Level Security 450
Malware and Backup Protection 454
Windows Server Update 456
Chapter 13 Securing Data in Transit 463
Introduction to Securing Data in Transit in Windows Server 2016 464
Deploying a Public Key Infrastructure with Windows Server 2016 465
Understanding Active Directory Certificate Services in Windows Server
2016 467
Active Directory Rights Management Services 476
Using IPsec Encryption with Windows Server 2016 479
Chapter 14 Network Policy and Access Services, Routing and Remote Access
and DirectAccess 483
Installing a Network Policy Server 484
Deploying a Virtual Private Network Using RRAS 485
Configuring DirectAccess 491
Part V: Migrating to Windows Server 2016
Chapter 15 Migrating to Active Directory 2016 495
Beginning the Migration Process 496
Big Bang Migration 499
Phased Migration 503
Multiple Domain Consolidation Migration 519
Chapter 16 Compatibility Testing 537
The Importance of Compatibility Testing 538
Preparing for Compatibility Testing 539
Researching Products and Applications 545
Verifying Compatibility with Vendors 548
Microsoft Assessment and Planning Toolkit 554
Lab-Testing Existing Applications 554
Documenting the Results of the Compatibility Testing 557
Determining Whether a Prototype Phase Is Required 557
Part VI: Windows Server 2016 Administration and Management
Chapter 17 Windows Server 2016 Administration 561
Defining the Administrative Model 562
Examining Active Directory Site Administration 563
Configuring Sites 566
Windows Server 2016 Active Directory Groups 574
Creating Groups 575
Managing Users with Local Security and Group Policies 580
Managing Printers with the Print Management Console 588
Chapter 18 Windows Server 2016 Group Policies and Policy Management
595
Group Policy Overview 596
Group Policy Processing: How Does It Work? 597
Local Group Policies 600
Domain-Based Group Policies 601
Security Templates 602
Understanding Group Policy 603
Group Policy Policies Node 615
Group Policy Preferences Node 618
Policy Management Tools 618
Designing a Group Policy Infrastructure 626
GPO Administrative Tasks 629
Chapter 19 Windows Server 2016 Management and Maintenance Practices 651
Going Green with Windows Server 2016 652
Server Manager Dashboard 653
Managing Windows Server 2016 Roles and Features 655
Creating a Server Group 660
Viewing Events 660
Server Manager Storage Page 670
Auditing the Environment 673
Managing Windows Server 2016 Remotely 682
Common Practices for Securing and Managing Windows Server 2016 688
Keeping Up with Service Packs and Updates 689
Maintaining Windows Server 2016 693
Chapter 20 Automating Tasks Using PowerShell Scripting 707
Understanding Shells 708
Introduction to PowerShell 710
Understanding PowerShell Fundamentals 712
Using Windows PowerShell 739
Chapter 21 Documenting a Windows Server 2016 Environment 771
Benefits of Documentation 772
Types of Documents 773
Planning to Document the Windows Server 2016 Environment 774
Knowledge Sharing and Knowledge Management 774
Windows Server 2016 Project Documents 775
Administration and Maintenance Documents 788
Network Infrastructure 792
Disaster Recovery Documentation 793
Change Management Procedures 796
Performance Documentation 796
Baselining Records for Documentation Comparisons 796
Routine Reporting 796
Security Documentation 797
Part VII: Remote and Mobile Technologies
Chapter 22 Server-to-Client Remote and Mobile Access 801
Remote Access in Windows Server 2016 803
VPN in Windows Server 2016 805
RAS System Authentication Options 808
VPN Protocols 810
DirectAccess in Windows Server 2016 815
Choosing Between Traditional VPN Technologies and DirectAccess 826
Setting Up the Unified Remote Access Role 829
DirectAccess Scenario 830
VPN Scenario 836
Monitoring the Remote Access Server 847
Chapter 23 Remote Desktop Services 851
Why Implement Remote Desktop Services? 852
How Remote Desktop Works 855
Understanding the Name Change 857
RDS Roles 857
Configuration Options and Fine-Tuning Terminology 865
Planning for RDS 872
Deploying RDS 877
Deploying Virtual Desktops 888
Enabling RemoteFX 896
Securing and Supporting RDS 898
Part VIII: Desktop Administration
Chapter 24 Windows Server 2016 Administration Tools for Desktops 903
Managing Desktops and Servers 904
Operating System Deployment Options 905
Windows Server 2016 Windows Deployment Services 908
Installing Windows Deployment Services 910
Customizing Boot Images 921
Creating Discover Images 925
Pre-Creating Active Directory Computer Accounts for WDS (Prestaged
Systems) 926
Creating Custom Installations Using Capture Images 930
Automating Image Deployment Using Unattend Files 933
General Desktop Administration Tasks 934
Chapter 25 Group Policy Management for Network Clients 937
The Need for Group Policies 938
Windows Group Policies 939
Group Policy Feature Set 942
Planning Workgroup and Standalone Local Group Policy Configuration 947
Planning Domain Group Policy Objects 950
Managing Computers with Domain Policies 959
Configuring Preference Item-Level Targeting 967
Managing Users with Policies 977
Managing Active Directory with Policies 984
Chapter 26 Storage 999
Storage Spaces and Storage Pools 999
Managing Windows Server 2016 Disks 1010
Configuring Storage Spaces Direct 1014
Part IX: Fault-Tolerance Technologies
Chapter 27 File System Management 1023
File System Access Services and Technologies 1023
Adding the File and Storage Services Role 1027
Managing Data Access Using Windows Server 2016 Shares 1028
File Server Resource Manager 1032
The Distributed File System 1044
Planning a DFS Deployment 1048
Installing and Configuring DFS 1051
Using the Volume Shadow Copy Service 1057
Configuring Data Deduplication 1060
Dynamic Access Control 1062
Chapter 28 Operational Fault Tolerance (Clustering/Network Load
Balancing) 1073
Building Fault-Tolerant Windows Server 2016 Systems 1075
Windows Server 2016 Clustering Technologies 1077
Determining the Correct Clustering Technology 1083
Overview of Failover Clusters 1085
Deploying Failover Clusters 1090
Backing Up and Restoring Failover Clusters 1113
Deploying Network Load-Balancing Clusters 1117
Managing NLB Clusters 1125
Network Teaming 1127
Chapter 29 Backing Up the Windows Server 2016 Environment 1131
Understanding Your Backup and Recovery Needs and Options 1132
Creating the Disaster Recovery Solution 1135
Documenting the Enterprise 1136
Developing a Backup Strategy 1137
Windows Server Backup Overview 1138
Using Windows Server Backup 1141
Managing Backups Using the Command-Line Utility Wbadmin.exe and Windows
PowerShell Cmdlets 1146
Backing Up Active Directory 1150
Backing Up Windows Server 2016 Roles 1153
Volume Shadow Copy Service 1154
Extending Server Backup to the Enterprise with Data Protection Manager
2016 1155
Chapter 30 Recovering from a Disaster 1157
Ongoing Backup and Recovery Preparedness 1157
When Disasters Strike 1161
Disaster Scenario Troubleshooting 1163
Recovering from a Server or System Failure 1166
Managing and Accessing Windows Server Backup Media 1173
Windows Server Backup Volume Recovery 1174
Recovering Role Services and Features 1176
Part X: Optimizing, Tuning, Debugging, and Problem Solving
Chapter 31 Optimizing Windows Server 2016 for Branch Office
Communications 1185
Key Branch Office Features in Windows Server 2016 1186
Understanding Read-Only Domain Controllers 1186
Using BitLocker with Windows Server 2016 1202
BranchCache in Windows Server 2016 1213
Printing with Branch Office Direct Printing 1226
Chapter 32 Logging and Debugging 1229
Using the Task Manager for Logging and Debugging 1229
Using Event Viewer for Logging and Debugging 1237
Performance Monitoring 1248
Setting Baseline Values 1275
Using the Debugging Tools Available in Windows Server 2016 1277
Task Scheduler 1291
Chapter 33 Capacity Analysis and Performance Optimization 1299
Defining Capacity Analysis 1299
Using Capacity-Analysis Tools 1303
Monitoring System Performance 1317
Optimizing Performance by Server Roles 1325
Part XI: Integrated Windows Application Services
Chapter 34 SharePoint 2016 Products 1333
History of SharePoint Technologies 1333
Identifying the Need for SharePoint 2016 Products 1335
Designing a SharePoint 2016 Farm 1339
Exploring a Basic SharePoint 2016 Site 1343
Lists and Libraries in SharePoint 2016 1345
Managing the Site Collection 1351
Chapter 35 Windows Server Virtualization 1357
Understanding Microsoft’s Virtualization Strategy 1357
Integration of Hypervisor Technology in Windows Server 1360
Windows Containers and Hyper-V Containers in Windows Server 2016 1368
Planning Your Implementation of Hyper-V 1368
Installing the Microsoft Hyper-V Role 1371
Becoming Familiar with the Hyper-V Administrative Console 1374
Installing a Guest Operating System Session 1380
Modifying Guest Session Configuration Settings 1384
Launching a Hyper-V Guest Session 1387
Using Snapshots of Guest Operating System Sessions 1389
Quick Migration and Live Migration 1391
Utilizing Hyper-V Replica for Site-to-Site Redundancy 1404
Hyper-V Containers in Windows Server 2016 1410
Windows Docker Containers 1412
Chapter 36 Integrating System Center Operations Manager 2016 with Windows
Server 2016 1417
Windows Server 2016 Monitoring 1418
Understanding How OpsMgr Works 1419
OpsMgr Architecture Components 1423
Securing OpsMgr 1433
Fault Tolerance and Disaster Recovery 1438
Understanding OpsMgr Components 1444
Putting it All Together in a Design 1448
Index 1459