Your one-stop reference for Windows Server 2019 and PowerShell know-how
Windows Server 2019 & PowerShell All-in-One For Dummies offers a single reference to help you build and expand your knowledge of all things Windows Server, including the all-important PowerShell framework. Written by an information security pro and professor who trains aspiring system administrators, this book covers the broad range of topics a system administrator needs to know to run Windows Server 2019, including how to install, configure, and secure a system. This book includes coverage of:
Installing & Setting Up Windows Server Configuring Windows Server 2019 Administering Windows Server 2019 Configuring Networking Managing Security Working with Windows PowerShell Installing and Administering Hyper-V Installing, Configuring, and Using Containers
If you’re a budding or experienced system administrator looking to build or expand your knowledge of Windows Server, this book has you covered.
By:
Sara Perrott
Imprint: For Dummies
Country of Publication: United States
Dimensions:
Height: 234mm,
Width: 188mm,
Spine: 48mm
Weight: 998g
ISBN: 9781119560715
ISBN 10: 1119560713
Pages: 768
Publication Date: 30 April 2019
Audience:
General/trade
,
ELT Advanced
Format: Paperback
Publisher's Status: Active
Introduction 1 About This Book 1 Foolish Assumptions 2 Icons Used in This Book 2 Beyond the Book 3 Where to Go from Here 3 Book 1: Installing and Setting Up Windows Server 2019 5 Chapter 1: An Overview of Windows Server 2019 7 Extra! Extra! Read All About It! Seeing What’s New in Windows Server 2019 8 Deciding Which Windows Server 2019 Edition Is Right for You 12 Essentials 12 Standard 13 Datacenter 13 Walking the Walk: Windows Server 2019 User Experiences 13 Desktop Experience 13 Server Core 14 Nano 15 Seeing What Server Manager Has to Offer 15 Windows Admin Center: Your New Best Friend 17 Chapter 2: Using Boot Diagnostics 21 Accessing Boot Diagnostics 21 From the DVD 22 From the boot menu 24 Using a Special Boot Mode 25 Safe Mode 25 Enable Boot Logging 27 Enable Low-Resolution Video 27 Last Known Good Configuration 27 Directory Services Restore Mode 28 Debugging Mode 28 Disable Automatic Restart on System Failure 29 Disable Driver Signature Enforcement 29 Disable Early Launch Anti-Malware Driver 29 Performing a Memory Test 30 Using the Command Prompt 32 Working with Third-Party Boot Utilities 32 Chapter 3: Performing the Basic Installation 35 Making Sure You Have What It Takes 36 Central processing unit 36 Random access memory 38 Storage 38 Network adapter 39 DVD drive 39 UEFI-based firmware 39 Trusted Platform Module 39 Monitor 39 Keyboard and mouse 40 Performing a Clean Install 40 Upgrading Windows 43 Performing a Network Install with Windows Deployment Services 46 Chapter 4: Performing Initial Configuration Tasks 47 Understanding Default Settings 48 Getting an Overview of the Configuration Process 49 Providing Computer Information 50 Windows Server 2019 with Desktop Experience 50 Windows Server 2019 Core 54 Updating Windows Server 2019 60 Windows Server 2019 with Desktop Experience 60 Windows Server 2019 Core 62 Customizing Windows Server 2019 64 Windows Server 2019 with Desktop Experience 64 Windows Server 2019 Core 67 Configuring Startup Options with BCDEdit 70 Book 2: Configuring Windows Server 2019 73 Chapter 1: Configuring Server Roles and Features 75 Using Server Manager 75 Roles and features 76 Diagnostics 77 Configuration tasks 78 Configure and Manage Storage 79 Understanding Server Roles 80 Active Directory Certificate Services 80 Active Directory Domain Services 81 Active Directory Federation Services 81 Active Directory Lightweight Directory Services 81 Active Directory Rights Management Services 82 Device Health Attestation 82 Dynamic Host Configuration Protocol 82 Domain Name System 83 Fax Server 83 File and Storage Services 84 Host Guardian Service 84 Hyper-V 85 Network Controller 85 Network Policy and Access Services 85 Print and Document Services 86 Remote Access 86 Remote Desktop Services 86 Volume Activation Services 86 Web Services 87 Windows Deployment Services 87 Windows Server Update Services 87 Understanding Server Features 87 .NET 3.5 88 .NET 4.7 88 Background Intelligent Transfer Service 88 BitLocker Drive Encryption 88 BitLocker Network Unlock 89 BranchCache 89 Client for NFS 89 Containers 89 Data Center Bridging 90 Direct Play 90 Enhanced Storage 90 Failover Clustering 90 Group Policy Management 91 Host Guardian Hyper-V Support 91 I/O Quality of Service 91 IIS Hostable Web Core 91 Internet Printing Client 91 IP Address Management Server 92 Internet Storage Name Server Service 92 LPR Port Monitor 92 Management OData IIS Extension 92 Media Foundation 92 Message Queueing 93 Multipath I/O 93 Multipoint Connector 93 Network Load Balancing 93 Network Virtualization 93 Peer Name Resolution Protocol 94 Quality Windows Audio Video Experience 94 RAS Connection Manager Administration Kit 94 Remote Assistance 94 Remote Differential Compression 94 Remote Server Administration Tools 94 RPC over HTTP Proxy 95 Setup and Boot Event Collection 95 Simple TCP/IP Services 95 SMB 1.0/CIFS File Sharing Support 95 SMB Bandwidth Limit 96 SMTP Server 96 Simple Network Management Protocol Service 96 Software Load Balancer 96 Storage Migration Service 97 Storage Migration Service Proxy 97 Storage Replica 97 System Data Archiver 97 System Insights 98 Telnet Client 98 TFTP Client 98 VM Shielding Tools for Fabric Management 98 WebDAV Redirector 98 Windows Biometric Framework 99 Windows Defender Antivirus 99 Windows Identity Foundation 3.5 99 Windows Internal Database 99 Windows PowerShell 99 Windows Process Activation Service 99 Windows Search Service 100 Windows Server Backup 100 Windows Server Migration Tools 100 Windows Standards-Based Storage Management 100 Windows Subsystem for Linux 101 Windows TIFF IFilter 101 WinRM IIS Extension 101 WINS Server 101 Wireless LAN Service 101 WoW64 Support 101 XPS Viewer 102 Chapter 2: Configuring Server Hardware 103 Working with Device Manager 104 Opening Device Manager 104 Configuring how Device Manager displays 104 Viewing devices that are not working properly 106 Understanding resources 107 Viewing hidden devices 108 Scanning for new devices 109 Working with older devices 109 Viewing individual device settings 109 Updating drivers 111 Configuring power management 111 Using the Add Hardware Wizard 112 Performing Hard-Drive-Related Tasks 113 Choosing basic or dynamic disks 114 Using multipath I/O 115 Working with storage area networks 116 Understanding Storage Spaces Direct 117 Working with Storage Replica 123 Using Storage Quality of Service 124 Encrypting with BitLocker 124 Performing Printer-Related Tasks 134 Using the Printer Install Wizard 134 Configuring print options 136 Configuring the Print Server role 137 Connecting to a Printer on a Print Server 140 Performing Other Configuration Tasks 141 Keyboard 141 Mouse 141 Power management 142 Sound 143 Language 143 Fonts 143 Chapter 3: Using the Control Panel 145 Accessing the Control Panel 145 Configuring the Control Panel 146 Understanding Control Panel Items 148 Chapter 4: Working with Workgroups 157 Knowing What a Workgroup Is 158 Knowing If a Workgroup Is Right for You 158 Comparing Centralized and Group Sharing 159 Configuring a Server for a Workgroup 159 Changing the name of your workgroup 160 Adding groups 161 Creating users and adding users to the group 162 Adding shared resources 164 Managing Workgroups 168 The Computer Management console 168 The User Account window 169 PowerShell 170 Examining the Peer Name Resolution Protocol 172 Chapter 5: Promoting Your Server to Domain Controller 173 Understanding Domains 173 What is a domain? 174 Forests and domains and OUs, oh my! 174 Understanding privileged domain groups 175 Examining Flexible Single Master Operation roles on domain controllers 175 Preparing to Create a Domain 177 Functional levels 178 Forest functional level 179 Domain functional level 179 Performing Domain Configuration Prerequisites 179 Checking for unsupported roles and features 180 Installing and configuring Domain Name System 180 Installing and configuring Dynamic Host Configuration Protocol 183 Configuring the Server as a Domain Controller 187 Installing Active Directory Domain Services 188 Configuring Active Directory Domain Services 188 Converting your DNS Zone to an Active Directory Integrated Zone 190 Authorizing your DHCP Server for your Active Directory environment 193 Configuring the user accounts 194 Sharing resources on a domain 196 Joining clients to the domain 197 Wrapping Things Up 202 Chapter 6: Managing DNS and DHCP with IP Address Management 205 Installing IP Address Management 206 Configuring IP Address Management 206 Using IP Address Management 210 Overview 210 Server Inventory 211 IP Address Space 211 Monitor and Manage 213 Event Catalog 215 Access Control 215 Book 3: Administering Windows Server 2019 217 Chapter 1: An Overview of the Tools Menu in Server Manager 219 Accessing the Server Manager Tools Menu 219 Working with Common Administrative Tools 222 Computer Management 222 Defragment and Optimize Drives 222 Disk Cleanup 223 Event Viewer 224 Local Security Policy 224 Registry Editor 226 Services 226 System Configuration 228 Task Scheduler 228 Installing and Using Remote Server Administration Tools 229 Installing Remote Server Administration Tools 229 Using Remote Server Administration Tools 230 Chapter 2: Setting Group Policy 233 Understanding How Group Policy Works 234 Starting the Group Policy Editor 235 Performing Computer Management 236 Modifying computer software settings 238 Modifying computer settings 239 Using Administrative Templates 240 Performing User Configuration 241 Modifying user software settings 241 Modifying a user’s Windows Settings 242 Using user Administrative Templates 244 Viewing Resultant Set of Policy 244 Chapter 3: Configuring the Registry 247 Starting Registry Editor 248 Importing and Exporting Registry Elements 248 Exporting Registry elements 249 Importing Registry elements 249 Finding Registry Elements 250 Understanding Registry Data Types 251 Understanding the Hives 252 HKEY_CLASSES_ROOT 252 HKEY_CURRENT_USER 253 HKEY_LOCAL_MACHINE 254 HKEY_USERS 255 HKEY_CURRENT_CONFIG 256 Loading and Unloading Hives 256 Connecting to Network Registries 258 Setting Registry Security 259 Setting permissions in the Windows Registry 259 Disabling Remote Registry access 259 Securing remote administration 260 Chapter 4: Working with Active Directory 263 Active Directory 101 263 Configuring Objects in Active Directory 264 Using Active Directory Domains and Trusts 264 Using Active Directory Sites and Services 269 Using Active Directory Users and Computers 270 Using Active Directory Administrative Center 274 Chapter 5: Performing Standard Maintenance 277 Activating Windows 277 Through the graphical user interface 278 Through the command line 278 Configuring the User Interface 280 Working with the Folder Options dialog box 280 Setting your Internet Options 282 Focusing on your Personalization settings 284 Reporting problems 286 Setting your Regional and Language Options 286 Working with the Performance Options dialog box 287 Understanding How User Access Control Affects Maintenance Tasks 288 Adding and Removing Standard Applications 289 Measuring Reliability and Performance 290 Performance Monitor 290 Resource Monitor 292 Task Manager 293 Protecting the Data on Your Server 294 System Backup 295 System Restore 297 Performing Disk Management Tasks 298 Managing storage 299 Managing disks 299 Defragmenting drives 300 Automating Diagnostic Tasks with Task Scheduler 301 Discovering task status 301 Using preconfigured tasks 302 Creating your own tasks 304 Working with Remote Desktop 305 Working with Remote Server Administration Tools 306 Figuring out firewall rules 306 Connecting to the server 306 Managing your servers 307 Working with Admin Center 308 Focusing on firewall rules 309 Connecting to a server 309 Using Windows Admin Center to manage your servers 309 Creating a Windows Recovery Drive 311 Chapter 6: Working at the Command Line 313 Opening an Administrative Command Prompt 313 Configuring the Command Line 314 Customizing how you interact with the Command Prompt 314 Changing the font 316 Choosing your window layout 317 Defining text colors 318 Setting Environmental Variables 319 Getting Help at the Command Line 320 Understanding Command Line Symbols 322 Chapter 7: Working with PowerShell 323 Opening an Administrative PowerShell Window 324 Configuring PowerShell 325 Options 325 Font 327 Layout 328 Colors 328 Using a Profile Script 330 Setting Environmental Variables 330 Getting Help in PowerShell 332 Understanding PowerShell Punctuation 334 Book 4: Configuring Networking in Windows Server 2019 337 Chapter 1: Overview of Windows Server 2019 Networking 339 Getting Acquainted with the Network and Sharing Center 340 Using the Network Connections Tools 342 Status 342 Ethernet 343 Dial-up 344 VPN 344 Proxy 344 Configuring TCP/IP 346 Understanding DHCP 349 Defining DNS 350 Creating a DNS zone 352 DNS and Active Directory 353 Making DNS fault tolerant 354 Chapter 2: Performing Basic Network Tasks 355 Viewing Network Properties 355 Connecting to Another Network 357 Connecting to the Internet 358 Setting up a dial-up connection 359 Connecting to a virtual private network 360 Managing Network Connections 361 Understanding the Client for Microsoft Networks feature 362 Configuring the Internet Protocol 362 Installing network features 364 Uninstalling network features 364 Chapter 3: Accomplishing Advanced Network Tasks 367 Working with Remote Desktop Services 367 Installing Remote Desktop Services 368 Configuring user-specific settings 369 Configuring apps 371 Using RD Web Access 372 Configuring and using RDS licensing 374 Working with Network Policy and Access Services 376 Network Policy Server 377 Troubleshooting at the Command Line 381 Chapter 4: Diagnosing and Repairing Network Connection Problems 383 Using Windows Network Diagnostics 384 Repairing Individual Connections 386 Network Troubleshooting at the Command Line 388 Working with Windows Firewall 389 Making Sense of Common Configuration Errors 391 Duplicate IP addresses 391 No gateway address 391 No DNS servers set 392 An application is experiencing network issues 392 Everything should be working, but it’s not 392 Working with Other Troubleshooting Tools 392 Book 5: Managing Security with Windows Server 2019 395 Chapter 1: Understanding Windows Server 2019 Security 397 Understanding Basic Windows Server Security 397 The CIA triad: Confidentiality, integrity, and availability 398 Authentication, authorization, and accounting 399 Access tokens 399 Security descriptors 399 Access control lists 400 Working with Files and Folders 403 Setting file and folder security 403 Creating a Local Security Policy 406 Paying Attention to Windows Security 408 Virus & Threat Protection 408 Firewall & Network Protection 408 App & Browser Control 410 Device Security 411 Chapter 2: Configuring Shared Resources 413 Comparing Share Security with File System Security 413 Shared folder permissions 414 File system security 415 Effective permissions validation 415 Sharing Resources 417 Storage media 417 Printers 418 Other resources 419 Configuring Access with Federated Rights Management 419 Working with Active Directory Federation Services 420 Working with Active Directory Rights Management Services 424 Chapter 3: Configuring Operating System Security 433 Understanding and Using User Account Control 433 Using User Account Control to protect the server 434 Running tasks as administrator 434 Watching out for automatic privilege elevation 435 Overriding User Account Control settings 435 Managing User Passwords 438 Understanding Credential Guard 439 How Credential Guard works 440 Credential Guard Hardware Requirements 440 How to enable Credential Guard 441 Configuring Startup and Recovery Options 444 Chapter 4: Working with the Internet 447 Firewall Basics 447 Getting acquainted with the Windows Defender Firewall profiles 448 Enabling and disabling the Windows Defender Firewall 448 Configuring Windows Defender Firewall with Advanced Security 451 Working with profile settings 452 Working with inbound/outbound rules 454 Understanding IPSec 457 Configuring the IPSec settings 458 Chapter 5: Understanding Digital Certificates 461 Certificates in Windows Server 2019 462 Cryptography 101 462 Certificate-specific concepts 464 Types of Certificates in Active Directory Certificate Services 465 User certificates 465 Computer 466 Chapter 6: Installing and Configuring AD CS 469 Introducing Certificate Authority Architecture 470 Root certificate authorities 470 Issuing certificate authorities 471 Policy certificate authorities 471 Installing a Certificate Authority 471 Creating the CAPolicy.inf file 471 Installing the root certificate authority 473 Installing the issuing certificate authority 477 Enrolling for certificates 478 Setting up web enrollment 481 Installing Online Certificate Status Protocol 482 Configuring Certificate Auto-Enrollment 485 Configuring the template 485 Configuring Group Policy 486 Chapter 7: Securing Your DNS Infrastructure 489 Understanding DNSSEC 489 The basics of DNSSEC 490 Records used for DNSSEC 490 Configuring DNSSEC 491 Understanding DANE 495 The basics of DANE 495 Configuring DANE 496 Book 6: Working with Windows PowerShell 501 Chapter 1: Introducing PowerShell 503 Understanding the Basics of PowerShell 503 Objects 504 Pipeline 504 Providers 505 Variables 506 Sessions 506 Comments 507 Aliases 507 Cmdlets 507 Using PowerShell 509 Writing PowerShell commands and scripts 509 Working with objects 513 Working with the pipeline 514 Working with modules 516 Working with comparison operators 518 Getting information out of PowerShell 519 Scripting logic 521 Other cool tricks 522 Running PowerShell Remotely 527 Invoke-Command 527 New-PSSession 527 Enter-PSSession 527 Getting Help in PowerShell 528 Update-Help 528 Get-Help 529 -Detailed and -Full 529 Identifying Security Issues with PowerShell 530 Execution Policy 530 Code signing 531 Firewall requirements for PowerShell remoting 534 Chapter 2: Understanding the NET Framework 535 Introducing the Various Versions of NET Framework 535 Focusing on New Features in NET 4.7 538 Viewing the Global Assembly Cache 539 Understanding assembly security 540 Identifying the two types of assembly privacy 540 Viewing assembly properties 541 Understanding NET Standard and NET Core 541 .NET Core 542 .NET Standard 542 Tying it all together: NET and PowerShell 542 Chapter 3: Working with Scripts and Cmdlets 543 Introducing Common Scripts and Cmdlets 543 Executing Scripts or Cmdlets 544 Working with COM objects 545 Combining multiple cmdlets 545 Working from Another Location 546 Performing Simple Administrative Tasks with PowerShell Scripts 548 Adding users in Active Directory 548 Creating a CSV file and populating it with data from Active Directory 548 Checking to see if a patch is installed 550 Checking running processes or services 550 Chapter 4: Creating Your Own Scripts and Advanced Functions 551 Creating a PowerShell Script 552 Creating a simple script 552 Running the script 557 Defining a Script Policy 558 Signing a PowerShell Script 559 Creating a PowerShell Advanced Function 559 Playing with parameters 560 Creating the advanced function 561 Using the advanced function 563 Chapter 5: PowerShell Desired State Configuration 567 Getting an Overview of PowerShell Desired State Configuration 567 Configurations 568 Resources 569 Local Configuration Manager 571 Creating a PowerShell Desired State Configuration Script 572 Applying the PowerShell Desired State Configuration Script 573 Compiling into MOF 574 Applying the new configuration 575 Push and Pull: Using PowerShell Desired State Configuration at Scale 575 Push mode 576 Pull mode 577 Book 7: Installing and Administering Hyper-V 579 Chapter 1: What Is Hyper-V? 581 Introduction to Virtualization 581 Type 1 and Type 2 Hypervisors 582 Type 1 hypervisors 583 Type 2 hypervisors 583 Installing and Configuring Hyper-V 583 Installing Hyper-V 584 Configuring Hyper-V 586 Virtual Switch Manager 591 Virtual SAN Manager 591 Chapter 2: Virtual Machines 593 Creating a Virtual Machine 593 Configuring a Virtual Machine 597 Add Hardware 598 Firmware 598 Security 598 Memory 599 Processor 600 SCSI Controller 601 Network Adapter 602 Name 603 Integration Services 603 Checkpoints 603 Smart Paging File Location 603 Automatic Start Action 604 Automatic Stop Action 604 Shielded Virtual Machines 604 Chapter 3: Virtual Networking 605 Identifying the Types of Virtual Switches 606 External 606 Internal 606 Private 606 Creating a Virtual Switch 607 Hyper-V Manager 607 PowerShell 608 Getting into Advanced Hyper-V Networking 610 Virtual local area network tagging 610 Bandwidth management 613 Network interface card teaming 614 Looking at single-root I/O virtualization 619 Chapter 4: Virtual Storage 621 Understanding Virtual Disk Formats 621 Considering Types of Disks 622 Fixed 622 Dynamic 622 Differencing 623 Pass-through 623 Adding Storage to the Host 623 Adding the drives 623 Changing the default save locations of virtual disk files 625 Adding Storage to the Virtual Machine 626 Adding a new virtual drive 626 Expanding a disk drive 629 Adding a pass-through disk 630 Converting a VHD disk file to a VHDX disk file 631 Attaching the converted drive to the virtual machine 632 Chapter 5: High Availability in Hyper-V 635 Hyper-V Replica 635 Setting up Hyper-V Replica on the Hyper-V hosts 636 Setting up replication on the virtual machines 638 Live Migration 640 Setting up live migration 641 Kicking off a live migration 643 Storage Migration 644 Failover Clustering 645 Installing Failover Clustering 645 Configuring Failover Clustering 646 Configuring a witness for your failover cluster 647 Book 8: Installing, Configuring, and Using Containers 649 Chapter 1: Introduction to Containers in Windows Server 2019 651 Understanding Containers 652 Knowing what a container looks like 652 Defining important container terms 653 Seeing how containers run on Windows 653 Considering Use Cases for Containers 654 Developers 654 System administrators 654 Deciding What Type of Containers You Want to Use 655 Windows Server containers 655 Hyper-V containers 655 Managing Containers at Scale 656 Chapter 2: Docker and Docker Hub 657 Introduction to Docker 657 Docker architecture 658 Basic Docker commands 658 Introduction to Docker Hub 659 Finding public images 659 Creating a private repository 662 Using a private repository 664 Chapter 3: Installing Containers on Windows Server 2019 667 Installing Windows Containers 668 Installing Hyper-V Containers 669 Installing Docker 670 Testing Your Container Installation 672 Windows container 672 Hyper-V container 672 Chapter 4: Configuring Docker and Containers on Windows Server 2019 675 Working with Dockerfile 675 Applying Custom Metadata to Containers and Other Objects 678 Creating labels 679 Viewing labels 679 Configuring Containers 680 Starting containers automatically 680 Limiting a container’s resources 681 Configuring the Docker Daemon with daemon.json 682 Chapter 5: Managing Container Images 685 Making Changes to Images and Saving the Changes You Make 685 Pushing Images to Docker Hub 689 Pulling Images from Docker Hub 691 Handling Image Versioning 693 Chapter 6: Container Networking 695 Considering the Different Types of Network Connections 696 Viewing Your Network Adapters and Virtual Switches 697 Configuring a Network Address Translation Network Connection 698 Configuring a Transparent Network Connection 699 Configuring an Overlay Network Connection 700 Configuring an l2bridge Network Connection 701 Configuring an l2tunnel Network Connection 702 Connecting to a Network 703 Chapter 7: Container Storage 705 Getting Acquainted with Container Storage 705 Creating a Volume Inside of a Container 706 Working with Persistent Volumes 709 Looking at volume types 709 Removing volumes 712 Index 713
Sara Perrott is an information security professional with a systems and network engineering background. She teaches classes related to Windows Server, Amazon Web Services, networking, and virtualization. Sara addressed the AWS Imagine conference in 2018 and presented at the RSA conference in 2019.