Book description
Book + Content Update Program
This is the most comprehensive and realistic guide to Windows Server 2016 planning, design, prototyping, implementation, migration, administration, and support. Extensively updated, it contains unsurpassed independent and objective coverage of Windows Server 2016’s key innovations, from the cloud and containers to security and mobility.
Windows Server 2016 Unleashed reflects the authors’ extraordinary experience implementing Windows Server 2016 in large-scale environments since its earliest alpha releases. Microsoft MVP Rand Morimoto and colleagues fully address all aspects of deploying and operating Windows Server 2016, including Active Directory, networking, application services, security, administration, business continuity, virtualization, optimization, and troubleshooting. You’ll find up-to-the-minute coverage of new features ranging from Storage Spaces Direct to Cluster-Aware Updating, and Dynamic Access Control to Nano Server.
Valuable for Windows pros at all levels, this book will be indispensable especially for intermediate-to-advanced level professionals seeking expert, in-depth solutions. Every chapter contains tips, tricks, best practices, and lessons learned from actual deployments—practical help for solving real problems.
Detailed information on how to:
- Take full advantage of key Windows Server 2016 innovations
- Plan, prototype, install, migrate to, and deploy Windows Server 2016 and Server Core
- Design a modern Windows Server Active Directory, from OUs and infrastructure to Federated Forests and Lightweight Directories
- Deliver reliable networking services: DNS, WINS, DNSSEC, DHCP, IPv, IPAM, and IIS
- Systematically harden server-level security
- Protect data in transit with PKI, certificates, rights management, and IPsec encryption
- Safely provide appropriate remote and mobile access for your users
- Efficiently administer, automate, maintain, and document Windows Server production environments
- Control Windows devices centrally with Group Policies and Policy Management
- Implement advanced fault tolerance, clustering, and other business continuity features
- Optimize, tune, and debug Windows Server, and plan for growth
- Leverage integrated application services, including SharePoint and Hyper-V
Table of contents
- Cover Page
- Title Page
- Copyright Page
- Contents at a Glance
- Table of Contents
- Foreword
- About the Authors
- Dedication
- Acknowledgments
- We Want to Hear from You!
- Reader Services
- Introduction
-
Part I: Windows Server 2016 Overview
-
Chapter 1. Windows Server 2016 Technology Primer
- Windows Server 2016 Defined
- When Is the Right Time to Migrate?
- Versions of Windows Server 2016
- Improvements for Continuous Availability
-
Enhancements for Flexible Identity and Security
- Increased Support for Standards
- Enhancing the Windows Server 2016 Security Subsystem
- Server Core and Minimized User Interface
- Dynamic Access Control
- DNSSEC—Zone Signing
- Transport Security Using IPSec and Certificate Services
- Security Policies, Policy Management, and Policy Enforcement Tools
- BitLocker for Server Security
- Windows Rights Management Services
- Active Directory Unification for Various Directory Services
- Enabling Users to Work Anywhere
-
Simplifying the Datacenter
- Server Manager Tool
- Improvements in Distributed Administration
- PowerShell for Administrative Tasks
- Active Directory Administrative Center
- Storage Spaces
- Improvements in Group Policy Management
- IP Address Management
- Managing Windows 2016 with Performance and Reliability Monitoring Tools
- Leveraging the Best Practice Analyzer
- Windows Deployment Services Integration
- Distributed File System
- Addition of Migration Tools
- Identifying Which Windows Server 2016 Service to Install or Migrate to First
- Summary
- Best Practices
-
Chapter 2. Planning, Prototyping, Migrating, and Deploying Windows Server 2016
- Determining the Scope of Your Project
- Identifying the Business Goals and Objectives to Implement Windows Server
- Identifying the Technical Goals and Objectives to Implement Windows Server
- The Discovery Phase: Understanding the Existing Environment
- The Design Phase: Documenting the Vision and the Plan
- The Migration Planning Phase: Documenting the Process for Migration
- The Prototype Phase: Creating and Testing the Plan
- The Pilot Phase: Validating the Plan to a Limited Number of Users
- The Migration/Implementation Phase: Conducting the Migration or Installation
- Summary
- Best Practices
-
Chapter 3. Installing Windows Server 2016 and Server Core
- Planning for a Server Installation
-
Installing a Clean Version of Windows Server 2016 Operating System
- Customizing the Language, Time, Currency, and Keyboard Preferences
- The Install Now Page
- Selecting the Type of Operating System to Install
- Accepting the Terms of the Windows Server 2016 License
- Selecting the Type of Windows Server 2016 Installation
- Selecting the Location for the Installation
- Finalizing the Installation and Customizing the Configuration
- Upgrading to Windows Server 2016
- Understanding Server Core Installation
-
Managing and Configuring a Server Core Installation
- Launching the Command Prompt in a Server Core Installation
- Changing the Server Core Administrator’s Password
- Changing the Server Core Machine Name
- Assigning a Static IPV4 IP Address and DNS Settings
- Adding the Server Core System to a Domain
- Activating the Server Core System
- Using SCONFIG to Configure a Server Core Installation
- Server Core Roles and Feature Installations
- Installing the Active Directory Domain Services Role
- Performing an Unattended Windows Server 2016 Installation
- Nano Server
- Summary
- Best Practices
-
Chapter 1. Windows Server 2016 Technology Primer
-
Part II: Windows Server 2016 Active Directory
-
Chapter 4. Active Directory Domain Services Primer
- The Evolution of Directory Services
- Understanding the Development of AD DS
- AD DS Structure
- Outlining AD DS Components
- Understanding Domain Trusts
- Defining Organizational Units
- Outlining the Role of Groups in an AD DS Environment
- Understanding AD DS Replication
- Outlining the Role of DNS in AD DS
- Outlining AD DS Security
-
Getting Familiar with AD DS Features in Windows Server 2016
- Restoring Deleted AD DS Objects Using the Active Directory Recycle Bin
- Restarting AD DS on a Domain Controller
- Implementing Multiple Password Policies per Domain
- Auditing Changes Made to AD Objects
- Reviewing Additional Active Directory Services
- Examining Additional Windows Server 2016 AD DS Features
- Reviewing Legacy Windows Server Active Directory Improvements
- Summary
- Best Practices
-
Chapter 5. Designing a Windows Server 2016 Active Directory
- Understanding AD DS Domain Design
- Choosing a Domain Namespace
- Examining Domain Design Features
- Choosing a Domain Structure
- Understanding the Single-Domain Model
- Understanding the Multiple-Domain Model
- Understanding the Multiple Trees in a Single-Forest Model
- Reviewing the Federated-Forests Model
- Understanding the Empty-Root Domain Model
- Understanding the Placeholder Domain Model
- Understanding the Special-Purpose Domain Model
- Renaming an AD DS Domain
- Summary
- Best Practices
- Chapter 6. Designing Organizational Unit and Group Structure
-
Chapter 7. Active Directory Infrastructure
- Understanding AD DS Replication in Depth
-
Understanding Active Directory Sites
- Windows Server 2016 Site Functionality
- Associating Subnets with Sites
- Creating Site Links
- Turning Off Site Link Bridging
- Understanding the Knowledge Consistency Checker and the Intersite Topology Generator
- Determining Site Cost
- Utilizing Preferred Site Link Bridgeheads
- Deploying AD DS DCs on Server Core
-
Planning Replication Topology
- Mapping Site Design into Network Design
- Establishing Sites
- Choosing Between One Site or Many Sites
- Optimizing Subnet Site Associations
- Determining Site Links and Site Link Costs
- Choosing Replication Scheduling
- Choosing SMTP or IP Replication
- Windows Server 2016 Replication
- DC Promotion from Media
- Identifying Linked-Value Replication/Universal Group Membership Caching
- Removing Lingering Objects
- Disabling Replication Compression
- Understanding How AD Avoids Full Synchronization of Global Catalog with Schema Changes
- The Intersite Topology Generator Algorithm
- Windows Server 2016 IPv6 Support
- Detailing Real-World Replication Designs
- Deploying Read-Only Domain Controllers
- Deploying a Clone Virtualized DC
- Summary
- Best Practices
- Chapter 8. Creating Federated Forests and Lightweight Directories
-
Chapter 4. Active Directory Domain Services Primer
-
Part III: Networking Services
-
Chapter 9. Domain Name System, WINS, and DNSSEC
- The Need for DNS
- Getting Started with DNS on Windows Server 2016
- Resource Records
- Understanding DNS Zones
- Performing Zone Transfers
- Understanding DNS Queries
- Other DNS Components
- Understanding the Evolution of Microsoft DNS
- DNS in Windows Server 2016
- DNS in an Active Directory Domain Services Environment
-
Troubleshooting DNS
- Using the DNS Event Viewer to Diagnose Problems
- Using Performance Monitor to Monitor DNS
- Client-Side Cache and HOST Resolution Problems
- Using the Nslookup Command-Line Utility
- Using the Ipconfig Command-Line Utility
- Using the Tracert Command-Line Utility
- Using the DNSCmd Command-Line Utility
- Managing DNS with PowerShell
- Secure DNS with DNSSEC
- Reviewing the Windows Internet Naming Service
- Installing and Configuring WINS
- Planning, Migrating, and Maintaining WINS
- Summary
- Best Practices
-
Chapter 10. DHCP, IPv6, IPAM
- Understanding the Components of an Enterprise Network
- Exploring DHCP
- Exploring DHCP Changes in Windows Server 2016
- Enhancing DHCP Reliability
- Exploring Advanced DHCP Concepts
- Securing DHCP
- IPv6 Introduction
- Configuring IPv6 on Windows Server 2016
- IP Address Management
- Installing the IPAM Server and Client Features
- Exploring the IPAM Console
- Summary
- Best Practices
- Chapter 11. Internet Information Services
-
Chapter 9. Domain Name System, WINS, and DNSSEC
-
Part IV: Security
-
Chapter 12. Server-Level Security
- Defining Windows Server 2016 Security
- Deploying Physical Security
- Using the Integrated Windows Firewall with Advanced Security
- Hardening Servers
- Examining File-Level Security
- Malware and Backup Protection
-
Windows Server Update
- Understanding the Background of WSUS: Windows Update
- Understanding the Automatic Updates Client
- Understanding the Development of Windows Server Update Services
- Examining WSUS Prerequisites
- Installing WSUS on a Windows Server 2016 Server
- Automatically Configuring Clients via Group Policy
- Deploying Security Patches with WSUS
- Summary
- Best Practices
-
Chapter 13. Securing Data in Transit
- Introduction to Securing Data in Transit in Windows Server 2016
- Deploying a Public Key Infrastructure with Windows Server 2016
- Understanding Active Directory Certificate Services in Windows Server 2016
- Active Directory Rights Management Services
- Using IPsec Encryption with Windows Server 2016
- Summary
- Best Practices
- Chapter 14. Network Policy and Access Services, Routing and Remote Access and DirectAccess
-
Chapter 12. Server-Level Security
-
Part V: Migrating to Windows Server 2016
-
Chapter 15. Migrating to Active Directory 2016
- Beginning the Migration Process
- Big Bang Migration
-
Phased Migration
- Migrating DCs
- Preparing the Forest and Domains Using Adprep
- Upgrading Existing Domain Controllers
- Replacing Existing Domain Controllers
- Moving Operation Master Roles
- Retiring Existing Windows Server DCs
- Retiring “Phantom” DCs
- Upgrading Domain and Forest Functional Levels
- Moving AD-Integrated DNS Zones to Application Partitions
-
Multiple Domain Consolidation Migration
- Understanding ADMT Functionality
- Using ADMT in a Lab Environment
- ADMT v3.2 Installation Procedure
- ADMT Domain Migration Prerequisites
- Exporting Password Key Information
- Installing PES on the Source Domain
- Setting Proper Registry Permissions
- Configuring Domains for SID Migration
- Migrating Groups
- Migrating User Accounts
- Migrating Computer Accounts
- Migrating Other Domain Functionality
- Summary
- Best Practices
-
Chapter 16. Compatibility Testing
- The Importance of Compatibility Testing
- Preparing for Compatibility Testing
- Researching Products and Applications
- Verifying Compatibility with Vendors
- Microsoft Assessment and Planning Toolkit
- Lab-Testing Existing Applications
- Documenting the Results of the Compatibility Testing
- Determining Whether a Prototype Phase Is Required
- Summary
- Best Practices
-
Chapter 15. Migrating to Active Directory 2016
-
Part VI: Windows Server 2016 Administration and Management
- Chapter 17. Windows Server 2016 Administration
-
Chapter 18. Windows Server 2016 Group Policies and Policy Management
- Group Policy Overview
- Group Policy Processing: How Does It Work?
- Local Group Policies
- Domain-Based Group Policies
- Security Templates
-
Understanding Group Policy
- Group Policy Objects
- GPO Storage and Replication
- The Group Policy Central Store
- Starter GPOs
- Policy Settings
- Preference Settings
- GPO Links
- Group Policy Link Enforcement
- Group Policy Inheritance
- Group Policy Block Inheritance
- Group Policy Order of Processing
- GPO Filtering
- Group Policy Loopback Processing
- Group Policy Slow-Link Detection and Network-Location Awareness
- Group Policy Policies Node
- Group Policy Preferences Node
- Policy Management Tools
- Designing a Group Policy Infrastructure
-
GPO Administrative Tasks
- Installing the Group Policy Management Tools
- Creating a GPO Central Store
- Creating and Using Starter GPOs
- Creating New Domain Group Policies
- Creating and Configuring GPO Links
- Managing GPO Status
- Managing GPO Security Filtering
- Creating and Linking WMI Filters to GPOs
- Managing GPO Link Order of Processing
- Viewing GPO Settings and Creating Reports
- Backing Up and Restoring Domain GPOs
- Group Policy Modeling Operations
- Troubleshooting Group Policies
- GPO Administrative Delegation
- Summary
- Best Practices
-
Chapter 19. Windows Server 2016 Management and Maintenance Practices
- Going Green with Windows Server 2016
- Server Manager Dashboard
- Managing Windows Server 2016 Roles and Features
- Creating a Server Group
- Viewing Events
- Server Manager Storage Page
- Auditing the Environment
- Managing Windows Server 2016 Remotely
- Common Practices for Securing and Managing Windows Server 2016
- Keeping Up with Service Packs and Updates
- Maintaining Windows Server 2016
- Summary
- Best Practices
- Chapter 20. Automating Tasks Using PowerShell Scripting
-
Chapter 21. Documenting a Windows Server 2016 Environment
- Benefits of Documentation
- Types of Documents
- Planning to Document the Windows Server 2016 Environment
- Knowledge Sharing and Knowledge Management
- Windows Server 2016 Project Documents
- Administration and Maintenance Documents
- Network Infrastructure
- Disaster Recovery Documentation
- Change Management Procedures
- Performance Documentation
- Baselining Records for Documentation Comparisons
- Routine Reporting
- Security Documentation
- Summary
- Best Practices
-
Part VII: Remote and Mobile Technologies
-
Chapter 22. Server-to-Client Remote and Mobile Access
- Remote Access in Windows Server 2016
- VPN in Windows Server 2016
- RAS System Authentication Options
- VPN Protocols
- DirectAccess in Windows Server 2016
- Choosing Between Traditional VPN Technologies and DirectAccess
- Setting Up the Unified Remote Access Role
- DirectAccess Scenario
- VPN Scenario
- Monitoring the Remote Access Server
- Summary
- Best Practices
-
Chapter 23. Remote Desktop Services
- Why Implement Remote Desktop Services?
- How Remote Desktop Works
- Understanding the Name Change
- RDS Roles
- Configuration Options and Fine-Tuning Terminology
- Planning for RDS
- Deploying RDS
- Deploying Virtual Desktops
- Enabling RemoteFX
-
Securing and Supporting RDS
- Securely Building Remote Session Services
- Segmenting Resources
- Securing RDS with GPOs
- Network Level Authentication
- Changing the RDP Port
- Remotely Managing a Remote Desktop Session
- Managing RDS with PowerShell
- Group Policy for RD Session Host Servers
- Applying Service Packs and Updates
- Performing Disaster Recovery
- Summary
- Best Practices
-
Chapter 22. Server-to-Client Remote and Mobile Access
-
Part VIII: Desktop Administration
-
Chapter 24. Windows Server 2016 Administration Tools for Desktops
- Managing Desktops and Servers
- Operating System Deployment Options
- Windows Server 2016 Windows Deployment Services
- Installing Windows Deployment Services
- Customizing Boot Images
- Creating Discover Images
- Pre-Creating Active Directory Computer Accounts for WDS (Prestaged Systems)
- Creating Custom Installations Using Capture Images
- Automating Image Deployment Using Unattend Files
- General Desktop Administration Tasks
- Summary
- Best Practices
-
Chapter 25. Group Policy Management for Network Clients
- The Need for Group Policies
- Windows Group Policies
- Group Policy Feature Set
- Planning Workgroup and Standalone Local Group Policy Configuration
- Planning Domain Group Policy Objects
- Managing Computers with Domain Policies
- Configuring Preference Item-Level Targeting
- Managing Users with Policies
- Managing Active Directory with Policies
- Summary
- Best Practices
- Chapter 26. Storage
-
Chapter 24. Windows Server 2016 Administration Tools for Desktops
-
Part IX: Fault-Tolerance Technologies
-
Chapter 27. File System Management
-
File System Access Services and Technologies
- Windows Folder Sharing
- DFS Namespaces and Replication
- WWW Directory Publishing
- File Transfer Protocol Service
- Server and Client for NFS
- Volume Shadow Copy Service
- BranchCache for Network Files
- Data Deduplication Service
- Continuously Available File Shares
- Distributed File System
- Distributed File System Replication
- iSCSI Target Server Service
- Adding the File and Storage Services Role
- Managing Data Access Using Windows Server 2016 Shares
- File Server Resource Manager
- The Distributed File System
- Planning a DFS Deployment
- Installing and Configuring DFS
- Using the Volume Shadow Copy Service
- Configuring Data Deduplication
-
Dynamic Access Control
- Creating DAC Claim Types
- Configuring DAC Resource Properties
- Adding Configured Resource Properties to a Resource Property List
- Creating a Central Access Rule
- Creating a Central Access Policy
- Creating and Assigning a Central Access Policy GPO to File Servers
- Enabling Kerberos Armoring for Domain Controllers
- Creating and Updating a File Share to Leverage Dynamic Access Control
- Configuring User Accounts and Testing Data Access
- Summary
- Best Practices
-
File System Access Services and Technologies
-
Chapter 28. Operational Fault Tolerance (Clustering / Network Load Balancing)
- Building Fault-Tolerant Windows Server 2016 Systems
- Windows Server 2016 Clustering Technologies
- Determining the Correct Clustering Technology
- Overview of Failover Clusters
-
Deploying Failover Clusters
- Installing the Failover Clustering Feature and Tools
- Configuring Disks for Cluster Usage
- Running the Validate a Configuration Wizard
- Creating a Failover Cluster
- Configuring Cluster Networks
- Adding Nodes to the Cluster
- Adding Storage to the Cluster
- Cluster Quorum Configuration
- Enabling Cluster Shared Volumes
- Deploying Roles on Failover Clusters
- Configuring Failover and Failback
- Testing Failover Clusters
- Failover Cluster Maintenance
- Cluster-Aware Updating
- Removing Nodes from a Failover Cluster
- Cluster Migration and Upgrades
- Backing Up and Restoring Failover Clusters
- Deploying Network Load-Balancing Clusters
- Managing NLB Clusters
- Network Teaming
- Summary
- Best Practices
-
Chapter 29. Backing Up the Windows Server 2016 Environment
- Understanding Your Backup and Recovery Needs and Options
- Creating the Disaster Recovery Solution
- Documenting the Enterprise
- Developing a Backup Strategy
- Windows Server Backup Overview
- Using Windows Server Backup
- Managing Backups Using the Command-Line Utility Wbadmin.exe and Windows PowerShell Cmdlets
- Backing Up Active Directory
- Backing Up Windows Server 2016 Roles
- Volume Shadow Copy Service
- Extending Server Backup to the Enterprise with Data Protection Manager 2016
- Summary
- Best Practices
- Chapter 30. Recovering from a Disaster
-
Chapter 27. File System Management
-
Part X: Optimizing, Tuning, Debugging, and Problem Solving
-
Chapter 31. Optimizing Windows Server 2016 for Branch Office Communications
- Key Branch Office Features in Windows Server 2016
- Understanding Read-Only Domain Controllers
-
Using BitLocker with Windows Server 2016
- Understanding BitLocker Drive Encryption in Windows Server 2016
- Comprehending BitLocker’s Drive Encryption Hardware Requirements
- Understanding BitLocker Deployment Scenarios
- Configuring BitLocker Drive Encryption on a Windows Server 2016 Branch Office Domain Controller
- Installing the BitLocker Drive Encryption Feature
- Configuring the System Partitions for BitLocker
- Enabling BitLocker Drive Encryption
- Utilizing the BitLocker Recovery Password
- Removing BitLocker Drive Encryption
- BranchCache in Windows Server 2016
- Printing with Branch Office Direct Printing
- Summary
- Best Practices
- Chapter 32. Logging and Debugging
- Chapter 33. Capacity Analysis and Performance Optimization
-
Chapter 31. Optimizing Windows Server 2016 for Branch Office Communications
-
Part XI: Integrated Windows Application Services
- Chapter 34. SharePoint 2016 Products
-
Chapter 35. Windows Server Virtualization
- Understanding Microsoft’s Virtualization Strategy
-
Integration of Hypervisor Technology in Windows Server
- Windows Server Hyper-V
- Microsoft Hyper-V Server as a Role in Windows Server 2016
- New and Improved Windows Server 2016 Hyper-V
- Production checkpoints
- Host Resource Protection
- Hot add and remove for network adapters and memory
- Discrete device assignment protection
- Nested virtualization
- Windows PowerShell Direct
- Linux Secure Boot
- Shared virtual hard disks
- Hyper-V Manager Improvements
- New Storage Quality of Service (QoS)
- Integration services delivered through Windows Update
- Windows Containers and Hyper-V Containers in Windows Server 2016
- Planning Your Implementation of Hyper-V
- Installing the Microsoft Hyper-V Role
- Becoming Familiar with the Hyper-V Administrative Console
- Installing a Guest Operating System Session
- Modifying Guest Session Configuration Settings
- Launching a Hyper-V Guest Session
- Using Snapshots of Guest Operating System Sessions
-
Quick Migration and Live Migration
- Quick Migration
- Live Migration
- Configuring the Cluster Quorum Witness Disk
- Installing the Failover Clustering Feature
- Running the Validate a Configuration Wizard
- Creating a Node and Disk Majority Cluster
- Adding Additional Shared Storage
- Configuring Hyper-V over SMB
- Deploying New Virtual Machines on a Hyper-V Failover Cluster
- Deploying Existing Virtual Machines on Failover Clusters
- Performing a Live Migration
- Performing a Quick Migration
- Utilizing Hyper-V Replica for Site-to-Site Redundancy
- Hyper-V Containers in Windows Server 2016
- Windows Docker Containers
- Summary
- Best Practices
- Chapter 36. Integrating System Center Operations Manager 2016 with Windows Server 2016
- Index
Product information
- Title: Windows Server 2016: Unleashed
- Author(s):
- Release date: September 2017
- Publisher(s): Sams
- ISBN: 9780134583822
You might also like
book
Mastering Windows Server 2016
A comprehensive and practical guide to Windows Server 2016 About This Book In-depth coverage of new …
book
Mastering Windows Server 2016
The IT pro's must-have guide to Windows Server 2016 Mastering Windows Server 2016 is a complete …
video
Windows Server 70-741: Networking with Windows Server 2016
8 Hours of Video Instruction Eight hours of video instruction to help you prepare for Exam …
video
Windows Server 70-740: Installation, Storage, and Compute with Windows Server 2016
16+ Hours of Video Instruction More than 16 hours of video instruction, quizzes, and exercises to …