ffirs.indd ii 3/8/11 4:35:32 pm€¦ · mcts windows server ... ffirs.indd iv 3/8/11 4:35:33 pm....
TRANSCRIPT
ffirs.indd iiffirs.indd ii 3/8/11 4:35:32 PM3/8/11 4:35:32 PM
MCTSWindows Server® 2008 R2
CompleteStudy Guide
ffirs.indd iffirs.indd i 3/8/11 4:35:30 PM3/8/11 4:35:30 PM
ffirs.indd iiffirs.indd ii 3/8/11 4:35:32 PM3/8/11 4:35:32 PM
MCTSWindows Server® 2008 R2
CompleteStudy Guide
William Panek
ffirs.indd iiiffirs.indd iii 3/8/11 4:35:32 PM3/8/11 4:35:32 PM
Acquisitions Editor: Jeff KellumDevelopment Editor: Amy BreguetTechnical Editor: Rodney FournierProduction Editor: Dassi ZeidelCopy Editor: Linda RecktenwaldEditorial Manager: Pete GaughanProduction Manager: Tim TateVice President and Executive Group Publisher: Richard SwadleyVice President and Publisher: Neil EddeMedia Project Manager 1: Laura Moss-HollisterMedia Associate Producer: Josh FrankMedia Quality Assurance: Marilyn HummelBook Designers: Judy Fung and Bill GibsonProofreader: Jen Larsen, Word One New YorkIndexer: Ted LauxProject Coordinator, Cover: Katie CrockerCover Designer: Ryan Sneed
Copyright © 2011 by Wiley Publishing, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-0-470-94846-0
ISBN: 9781118075197 (ebk.)
ISBN: 9781118075432 (ebk.)
ISBN: 9781118075203 (ebk.)
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.
For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.
Library of Congress Cataloging-in-Publication Data is available from the publisher.
TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. Windows Server is a registered trademark of Microsoft Corporation in the United States and/or other countries. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book.
10 9 8 7 6 5 4 3 2 1
ffirs.indd ivffirs.indd iv 3/8/11 4:35:33 PM3/8/11 4:35:33 PM
Dear Reader,
Thank you for choosing MCTS: Windows Server 2008 R2 Complete Study Guide. This book is part of a family of premium-quality Sybex books, all of which are written by outstanding authors who combine practical experience with a gift for teaching.
Sybex was founded in 1976. More than 30 years later, we’re still committed to producing consistently exceptional books. With each of our titles, we’re working hard to set a new standard for the industry. From the paper we print on, to the authors we work with, our goal is to bring you the best books available.
I hope you see all that refl ected in these pages. I’d be very interested to hear your comments and get your feedback on how we’re doing. Feel free to let me know what you think about this or any other Sybex book by sending me an email at [email protected]. If you think you’ve found a technical error in this book, please visit http://sybex.custhelp.com. Customer feedback is critical to our efforts at Sybex.
Best regards,
Neil EddeVice President and PublisherSybex, an Imprint of Wiley
ffirs.indd vffirs.indd v 3/8/11 4:35:34 PM3/8/11 4:35:34 PM
This book is dedicated to my wife, Crystal, and my two daughters,
Alexandria and Paige. Without their love and support, none of
this would be possible.
ffirs.indd viffirs.indd vi 3/8/11 4:35:34 PM3/8/11 4:35:34 PM
Acknowledgments I would like to thank my best friend and wife, Crystal. She is always the light at the end of my tunnel. I want to thank our two daughters, Alexandria and Paige, for all of their love and support during the writing of all my books. They make it all worthwhile.
I want to thank my family and especially my brothers, Rick, Gary, and Rob. They have always been there for me. I want to thank my father, Richard, who helped me become the man I am today, and my mother, Maggie, for all of her love and support.
I would like to thank Jeremy Hodgson, my training partner, who spends more time with me on the road than anyone else. His sense of humor keeps me smiling even when I am homesick.
I want to thank everyone on my Sybex team, especially my developmental editor Amy Breguet, who helped me make this the best book possible, and Rodney R. Fournier, who is the technical editor of many of my books. It ’ s always good to have the very best technical guy backing you up.
I want to thank Dassi Zeidel, who was my production editor, and my acquisitions editor Jeff Kellum, who was the lead for the entire book. He has always been there for me, and he is always great to write for. Finally, I want to thank everyone else behind the scenes who helped make this book possible.
ffirs.indd viiffirs.indd vii 3/8/11 4:35:34 PM3/8/11 4:35:34 PM
About the Author William Panek holds the following certifi cations: MCP, MCP�I, MCSA, MCSA� Security and Messaging, MCSE – NT (3.51 & 4.0), MCSE – 2000 and 2003, MCSE � Security and Messaging, MCDBA, MCT, MCTS, MCITP, CCNA, and CHFI.
After many successful years in the computer industry and a degree in computer programming, Will Panek decided that he could better use his talents and his personality as an instructor. He started teaching for such schools as Boston University, Clark University, and the University of Maryland, just to name a few. In 1998 Will started Stellacon Corporation. Stellacon has become one of New England ’ s most respected training companies. Stellacon is also a two - time winner of the Best Computer School award in Portsmouth, New Hampshire.
Will brings years of real - world expertise to the classroom and strives to ensure that each and every student has an understanding of the course material.
Will currently lives in New Hampshire with his wife and two girls. Will is also a representative in the NH House of Representatives. In his spare time he likes to golf, ski, and snowmobile. William is also a commercially rated helicopter pilot.
ffirs.indd viiiffirs.indd viii 3/8/11 4:35:35 PM3/8/11 4:35:35 PM
Contents at a GlanceIntroduction xxxv
Assessment Test xlvii
Part I MCTS: Windows Server 2008 R2 Active Directory Configuration (Exam 70-640) 1
Chapter 1 Overview of Active Directory 3
Chapter 2 Domain Name System (DNS) 35
Chapter 3 Active Directory Planning and Installation 97
Chapter 4 Installing and Managing Trees and Forests 135
Chapter 5 Configuring Sites and Replication 179
Chapter 6 Configuring Active Directory Server Roles 219
Chapter 7 Administering Active Directory 263
Chapter 8 Configuring Group Policy Objects 313
Chapter 9 Planning Security for Active Directory 373
Chapter 10 Active Directory Optimization and Reliability 415
Part II MCTS: Windows Server 2008 R2 Network Infrastructure Configuration (Exam 70-642) 461
Chapter 11 Understanding Windows Server 2008 R2 Networking 463
Chapter 12 Configuring TCP/IP 493
Chapter 13 Managing DHCP and DNS 545
Chapter 14 Managing Routing and Remote Access 595
Chapter 15 Managing Remote Access Services 643
Chapter 16 Managing Security for Remote Access Services 683
Chapter 17 Managing File and Print Services 725
Chapter 18 Monitoring and Managing a Network Infrastructure 765
Part III MCTS: Windows Server 2008 R2 Applications Infrastructure Configuration (Exam 70-643) 813
Chapter 19 Windows Server 2008 R2 Storage Services 815
Chapter 20 Remote Desktop Services in Windows Server 2008 R2 843
ffirs.indd ixffirs.indd ix 3/8/11 4:35:35 PM3/8/11 4:35:35 PM
Chapter 21 Configuring Web Services Infrastructure 889
Chapter 22 Advanced Web Infrastructure Configuration 919
Chapter 23 Configuring Additional Communication Services 945
Chapter 24 Configuring Windows SharePoint 2010 Foundation 975
Chapter 25 Using Virtualization in Windows Server 2008 R2 1007
Chapter 26 Deploying Servers 1041
Chapter 27 Configuring High Availability in Windows Server 2008 R2 1065
Appendix About the Companion CD 1097
Index 1101
ffirs.indd xffirs.indd x 3/8/11 4:35:36 PM3/8/11 4:35:36 PM
ContentsIntroduction xxxv
Assessment Test xlvii
Part I MCTS: Windows Server 2008 R2 Active Directory Configuration (Exam 70-640) 1
Chapter 1 Overview of Active Directory 3
The Industry before Active Directory 5The Benefits of Active Directory 5Understanding Active Directory’s Logical Structure 9
Components and Mechanisms of Active Directory 9An Overview of Active Directory Domains 11Overview of an Active Directory Forest 13
Understanding Active Directory Objects 15Names and Identifiers of Objects 15Using Organizational Units (OUs) in Active Directory 17Security Features of User, Computer, and Group Objects 18Delegation of Administrative Control 19
Introducing Windows Server 2008 R2 Server Roles 21Active Directory Certificate Services 22Active Directory Domain Services 22Active Directory Federation Services 24Active Directory Lightweight Directory Services 25Active Directory Rights Management Services 25
Introducing Identity and Access (IDA) in Windows Server 2008 26
Using Directory Services 27Strong Authentication 28Federated Identities 28Information Protection 29Forefront Identity Manager (FIM) 2010 29
Summary 30Exam Essentials 31Review Questions 32Answers to Review Questions 34
Chapter 2 Domain Name System (DNS) 35
Introducing DNS 36The Form of an IP Address 37Understanding Servers, Clients, and Resolvers 42Understanding the DNS Process 43
ftoc.indd xiftoc.indd xi 3/8/11 4:36:32 PM3/8/11 4:36:32 PM
xii Contents
Introducing DNS Database Zones 49Understanding Primary Zones 50Understanding Secondary Zones 51Understanding Active Directory Integrated DNS 52Understanding Stub Zones 54GlobalName Zones 55Zone Transfers and Replication 56
New Functionality in Windows Server 2008 DNS 59Background Zone Loading 59Support for IPv6 Addresses 59Support for Read-Only Domain Controllers 60GlobalName Zones 60DNS Socket Pool 61DNS Cache Locking 61DNS Security Extensions (DNSSEC) 61
Introducing DNS Record Types 62Start of Authority (SOA) Records 62Name Server (NS) Records 64Host Record 64Alias Record 65Pointer (PTR) Record 65Mail Exchanger (MX) Record 66Service (SRV) Record 66
Configuring DNS 67Installing DNS 67Load Balancing with Round Robin 68Configuring a Caching-Only Server 68Setting Zone Properties 69Configuring Zones for Dynamic Updates 73Delegating Zones for DNS 74DNS Forwarding 75Manually Creating DNS Records 76DNS Aging and Scavenging 78
Monitoring and Troubleshooting DNS 78Monitoring DNS with the DNS Snap-In 79Troubleshooting DNS 81
Summary 90Exam Essentials 91Review Questions 93Answers to Review Questions 96
ftoc.indd xiiftoc.indd xii 3/8/11 4:36:32 PM3/8/11 4:36:32 PM
Contents xiii
Chapter 3 Active Directory Planning and Installation 97
Verifying the Filesystem 99Setting Up the NTFS Partition 100
Verifying Network Connectivity 102Basic Connectivity Tests 103Tools and Techniques for Testing Network Configuration 104
Understanding Domain and Forest Functionality 105About the Domain Functional Level 106About Forest Functionality 107
Planning the Domain Structure 109Installing Active Directory 109Verifying Active Directory Installation 114
Using Event Viewer 114Using Active Directory Administrative Tools 117Testing from Clients 119
Creating and Configuring Application Data Partitions 120Creating Application Data Partitions 121Managing Replicas 123Removing Replicas 124Using ntdsutil to Manage Application Data Partitions 124
Configuring DNS Integration with Active Directory 126Summary 128Exam Essentials 129Review Questions 130Answers to Review Questions 133
Chapter 4 Installing and Managing Trees and Forests 135
Reasons for Creating Multiple Domains 136Reasons for Using Multiple Domains 136Drawbacks of Multiple Domains 139
Creating Domain Trees and Forests 139Planning Trees and Forests 140The Promotion Process 143Creating a Domain Tree 144Joining a New Domain Tree to a Forest 149Adding Additional Domain Controllers 154
Demoting a Domain Controller 154Managing Multiple Domains 157
Managing Single-Master Operations 158Forest Operations Masters 158Domain Operations Masters 158
ftoc.indd xiiiftoc.indd xiii 3/8/11 4:36:33 PM3/8/11 4:36:33 PM
xiv Contents
Assigning Single-Master Roles 159Managing Trusts 161Managing UPN Suffixes 168Managing Global Catalog Servers 169Managing Universal Group Membership Caching 171
Summary 172Exam Essentials 173Review Questions 175Answers to Review Questions 178
Chapter 5 Configuring Sites and Replication 179
Overview of Network Planning 180The Three Types of Network 180Exploring Network Constraints 181
Overview of Active Directory Replication and Sites 182Replicating Active Directory 182Understanding Active Directory Site Concepts 183Understanding Distributed File System Replication 187
Implementing Sites and Subnets 188Creating Sites 189Creating Subnets 192Configuring Sites 195
Configuring Replication 197Intrasite Replication 197Intersite Replication 198Configuring Server Topology 205Using Universal Group Membership Caching 208
Monitoring and Troubleshooting Active Directory Replication 209
About System Monitor 209Troubleshooting Replication 209
Summary 211Exam Essentials 212Review Questions 214Answers to Review Questions 217
Chapter 6 Configuring Active Directory Server Roles 219
Understanding Server Manager 221Configuring Active Directory Certificate Services 222
Installing Active Directory Certificate Services 224Enrolling User and Computer Certificates 228
ftoc.indd xivftoc.indd xiv 3/8/11 4:36:33 PM3/8/11 4:36:33 PM
Contents xv
Certificate Templates 230Revoking Certificates 232Configuring Additional CA Server Settings 234What’s New in Windows Server 2008 R2 236
Understanding Active Directory Domain Services 237Introducing the New Domain Services Features in
Windows Server 2008 237Security Features Available for Domain Services 238What’s New in Windows Server 2008 R2 241
Active Directory Federation Services 242Installing AD FS 243Configuring AD FS 244
Active Directory Lightweight Directory Services 245Installing AD LDS 246Configuring AD LDS 246Installing AD LDS on Server Core 249
Active Directory Rights Management Services 250AD RMS Templates 255
Summary 257Exam Essentials 257Review Questions 259Answers to Review Questions 262
Chapter 7 Administering Active Directory 263
An Overview of OUs 264The Purpose of OUs 265Benefits of OUs 266
Planning the OU Structure 266Logical Grouping of Resources 266Understanding OU Inheritance 268Delegating Administrative Control 269Applying Group Policies 270
Creating OUs 271Managing OUs 275
Moving, Deleting, and Renaming OUs 275Administering Properties of OUs 276Delegating Control of OUs 277
Troubleshooting OUs 282Creating and Managing Active Directory Objects 282
Overview of Active Directory Objects 282Managing Object Properties 290
ftoc.indd xvftoc.indd xv 3/8/11 4:36:34 PM3/8/11 4:36:34 PM
xvi Contents
Understanding Groups 293Filtering and Advanced Active Directory Features 295Moving, Renaming, and Deleting Active
Directory Objects 297Resetting an Existing Computer Account 298
Publishing Active Directory Objects 298Making Active Directory Objects Available to Users 298Publishing Printers 299Publishing Shared Folders 300Querying Active Directory 301Using the Active Directory Administrative Center 303
Using the Command Prompt for Active Directory Configuration 305
Summary 306Exam Essentials 307Review Questions 308Answers to Review Questions 312
Chapter 8 Configuring Group Policy Objects 313
Introducing Group Policy 314Understanding Group Policy Settings 315The Security Settings Section of the GPO 317Group Policy Objects 318Group Policy Inheritance 320
Planning a Group Policy Strategy 321Implementing Group Policy 321
Creating GPOs 321Linking Existing GPOs to Active Directory 324
Managing Group Policy 325Managing GPOs 325Security Filtering of a Group Policy 327Delegating Administrative Control of GPOs 329Controlling Inheritance and Filtering Group Policy 331Assigning Script Policies 332Understanding the Loopback Policy 334Managing Network Configuration 334Automatically Enrolling User and Computer
Certificates in Group Policy 335Redirecting Folders 337Managing GPOs with Windows PowerShell
Group Policy Cmdlets 339Deploying Software through a GPO 340
The Software Management Life Cycle 340
ftoc.indd xviftoc.indd xvi 3/8/11 4:36:34 PM3/8/11 4:36:34 PM
Contents xvii
The Windows Installer 342Deploying Applications 346
Implementing Software Deployment 347Preparing for Software Deployment 347Software Restriction Policies 349Using AppLocker 349Group Policy Slow Link Detection 349Publishing and Assigning Applications 350Applying Software Updates 351Verifying Software Installation 352Configuring Automatic Updates in Group Policy 353
Configuring Software Deployment Settings 354The Software Installation Properties Dialog Box 354Removing Programs 357Microsoft Windows Installer Settings 358
Troubleshooting Group Policies 359RSoP in Logging Mode 360RSoP in Planning Mode 363Using the gpresult.exe Command 364
Summary 365Exam Essentials 366Review Questions 368Answers to Review Questions 371
Chapter 9 Planning Security for Active Directory 373
Active Directory Security Overview 375Understanding Security Principals 375Managing Security and Permissions 386Using ACLs and ACEs 387
Implementing Active Directory Security 389Using User Templates 391Delegating Control of Users and Groups 392
Using Group Policy for Security 393Fine-Grained Password Policies 396
Understanding Smart Card Authentication 399Preparing a Smart Card Certificate Enrollment
Station 400Configuring Group Policy Settings for Smart Cards 400
Understanding Security Configuration and Analysis Tools 401Using the Security Configuration and Analysis Utility 402Understanding the secedit.exe Command 403
ftoc.indd xviiftoc.indd xvii 3/8/11 4:36:35 PM3/8/11 4:36:35 PM
xviii Contents
Implementing an Audit Policy 404Overview of Auditing 405Implementing Auditing 405Viewing Auditing Information 407What’s New in Windows Server 2008 R2 Auditing 408
Summary 409Exam Essentials 410Review Questions 411Answers to Review Questions 414
Chapter 10 Active Directory Optimization and Reliability 415
Overview of Windows Server 2008 R2 Performance Monitoring 417
Using Windows Server 2008 R2 Performance Tools 419Deciding What to Monitor 420Viewing Performance Information 422Managing Performance Monitor Properties 424
Saving and Analyzing Data with Performance Logs and Alerts 428
Monitoring and Troubleshooting Active Directory Components 430
Monitoring Domain Controller Performance 430Monitoring Active Directory Performance with
Performance Monitor 433Using Other Performance Monitoring Tools 434Troubleshooting Active Directory Performance
Monitoring 442Backup and Recovery of Active Directory 442
Overview of the Windows Server 2008 R2 Backup Utility 444
Backing Up Active Directory 448Restoring Active Directory 449Active Directory Recycle Bin 451Restartable Active Directory 451Offline Maintenance 452Monitoring Replication 453Using the ADSI Editor 454
Summary 454Exam Essentials 455Review Questions 457Answers to Review Questions 460
ftoc.indd xviiiftoc.indd xviii 3/8/11 4:36:35 PM3/8/11 4:36:35 PM
Contents xix
Part II MCTS: Windows Server 2008 R2 Network Infrastructure Configuration (Exam 70-642) 461
Chapter 11 Understanding Windows Server 2008 R2 Networking 463
Understanding the OSI Model 464Protocol Stacks 466Communication between Stacks 475
How Microsoft’s Network Components Work with the OSI Model 476
Device Drivers and the OSI Model 477Network Protocol Basics 477
About Windows Network Models 484Windows Peer-to-Peer Network 484
Summary 486Exam Essentials 486Review Questions 487Answers to Review Questions 490
Chapter 12 Configuring TCP/IP 493
Understanding TCP/IP 494Details of the TCP/IP Model 494How TCP/IP Layers Communicate 495Understanding Port Numbers 496
Understanding IP Addressing 497The Hierarchical IP Addressing Scheme 497Understanding Network Classes 499
Subnetting a Network 502Implementing Subnetting 503An Easier Way to Apply Subnetting 509Applying Subnetting the Traditional Way 514Working with Classless Inter-Domain Routing 522
Understanding IPv6 525IPv6 History and Need 525IPv6 New and Improved Concepts 526IPv6 Addressing Concepts 528IPv6 Integration/Migration 533
Summary 537Exam Essentials 538Review Questions 539Answers to Review Questions 542
ftoc.indd xixftoc.indd xix 3/8/11 4:36:35 PM3/8/11 4:36:35 PM
xx Contents
Chapter 13 Managing DHCP and DNS 545
Overview of DHCP 546Introducing the DORA Process 547Advantages and Disadvantages of DHCP 548ipconfig Lease Options 549Understanding Scope Details 550
Installing and Authorizing DHCP 552Installing DHCP 552Introducing the DHCP Snap-in 553Authorizing DHCP for Active Directory 554
Creating and Managing DHCP Scopes 556Creating a New Scope in IPv4 556Creating a New Scope in IPv6 563Changing Scope Properties (IPv4 and IPv6) 567Changing Server Properties 568Managing Reservations and Exclusions 571Setting Scope Options for IPv4 574Activating and Deactivating Scopes 577Creating a Superscope for IPv4 577Creating IPv4 Multicast Scopes 578Integrating Dynamic DNS and IPv4 DHCP 581Using Multiple DHCP Servers 583Working with the DHCP Database Files 583
DNS 585Understanding DNS Components 585
Summary 587Exam Essentials 587Review Questions 590Answers to Review Questions 593
Chapter 14 Managing Routing and Remote Access 595
Understanding Routing 596What Routing Does 596How Routing Works 597Routing in Windows Server 2008 R2 606
Installing RRAS 608Configuring IP Routing 609
Creating and Managing Interfaces 609Setting IP Routing Properties 620Managing Routing Protocols 622Managing Static Routes 625
Configuring TCP/IP Packet Filters 627
ftoc.indd xxftoc.indd xx 3/8/11 4:36:36 PM3/8/11 4:36:36 PM
Contents xxi
Configuring VPN Packet Filters 630PPTP Packet Filters 630L2TP Packet Filters 631
Managing IP Routing 631Using the routeprint Command 633Troubleshooting IP Routing 633Troubleshooting Example 633
Summary 635Exam Essentials 635Review Questions 637Answers to Review Questions 640
Chapter 15 Managing Remote Access Services 643
Overview of Dial-Up Networking 644What DUN Does 645How DUN Works 645
Overview of Virtual Private Networks 649What VPNs Do 649VPNs and Windows Server 2008 R2 650How VPNs Work 650
Configuring Your Remote Access Server 654Configuring PPP Options 654
Installing a VPN 657How VPN Works 658Enabling RRAS as a VPN 659
Configuring a VPN 659Configuring VPN Ports 659Troubleshooting VPNs 660
Managing Your Remote Access Server 662Managing Remote Users with a RADIUS Server 662Monitoring Overall Activity 663Controlling Remote Access Logging 663Reviewing the Remote Access Event Log 666Monitoring Ports and Port Activity 666
Configuring a RAS or VPN Client 667The General Tab 667The Options Tab 668The Security Tab 670The Networking Tab 671The Sharing Tab 672
Introduction to Authentication Protocols 672
ftoc.indd xxiftoc.indd xxi 3/8/11 4:36:36 PM3/8/11 4:36:36 PM
xxii Contents
Overview of Wireless Access 673Configuring Wireless Access 674
Summary 676Exam Essentials 676Review Questions 677Answers to Review Questions 681
Chapter 16 Managing Security for Remote Access Services 683
Remote Access Security 684User Authentication 684Connection Security 686Access Control 687
Configuring User Access 687Setting Up User Profiles 687Using Network Access Policies 689Using Remote Access Profiles 694Setting Up a VPN Network Access Policy 699
Configuring Security 701Controlling Server Security 701Configuring Network Access Protection 704
Configuring Windows Firewall Options 706Windows Firewall with Advanced Security 708
Troubleshooting Techniques 714Summary 716Exam Essentials 716Review Questions 718Answers to Review Questions 723
Chapter 17 Managing File and Print Services 725
Understanding File Servers 726Configuring File Servers 727
Sharing Folders 728Making Active Directory Objects Available to Users 728Configuring Offline Folders 729Understanding Permissions 731Share and Storage Management console 738
Using BitLocker Drive Encryption 739Understanding BranchCache 739
Distributed Cache Mode Requirements 740Hosted Mode Requirements 742
Configuring DirectAccess 743DirectAccess vs. VPNs 743Understanding How DirectAccess Works 743Knowing the DirectAccess Infrastructure Requirements 744
Configuring Disk Quotas 745
ftoc.indd xxiiftoc.indd xxii 3/8/11 4:36:37 PM3/8/11 4:36:37 PM
Contents xxiii
Configuring Distributed File System 747Advantages of DFS 747Types of DFS 748Using the DFS Management Console 749
Understanding Printing 750Creating and Publishing Printers 751Configuring Printers 752Migrating Print Servers 757
Summary 757Exam Essentials 758Review Questions 759Answers to Review Questions 763
Chapter 18 Monitoring and Managing a Network Infrastructure 765
Configuring Windows Server Update Services 767Windows Update 768Windows Automatic Updates 768Using Windows Server Update Services 770
Overview of Windows Server 2008 R2 Performance Monitoring 777
Using Windows Server 2008 R2 Performance Tools 779Introducing the Reliability and Performance Monitor 779Using Other Performance-Monitoring Tools 789
Backup and Recovery 802Wbadmin Command Line Utility 803
Understanding Shadow Copies 803Summary 805Exam Essentials 805Review Questions 807Answers to Review Questions 811
Part III MCTS: Windows Server 2008 R2 Applications Infrastructure Configuration (Exam 70-643) 813
Chapter 19 Windows Server 2008 R2 Storage Services 815
Storage in Windows Server 2008 R2 816Initializing Disks 816Working with Basic and Dynamic Disks 817Working with Volume Sets 819Redundant Array of Independent Disks 820Mount Points 824
ftoc.indd xxiiiftoc.indd xxiii 3/8/11 4:36:37 PM3/8/11 4:36:37 PM
xxiv Contents
Microsoft MPIO 824iSCSI 826Internet Storage Name Service 828Fibre Channel 829Network Attached Storage 830
Managing SANs 830Virtual Disk Service 830Storage Manager for SANs 832Storage Explorer 833
Working with Virtualization 834Benefits of Virtualization 835Features of Microsoft Hyper-V 835Virtualization Concepts 836Understanding Virtual Hard Disks 837
Summary 838Exam Essentials 838Review Questions 839Answers to Review Questions 841
Chapter 20 Remote Desktop Services in Windows Server 2008 R2 843
Remote Desktop Connection Display 845Custom Display Resolutions 845Monitor Spanning 846Font Smoothing 846Display Data Prioritization 847Desktop Experience 847Device Redirection 850Single Sign-On for Remote Desktop Services 852Remote Desktop Protocol Signing 853
RDP 7.0 Benefits 853Understanding RemoteFX 854
Benefits of Using RemoteFX 854Prepare and Configure the Use of Remote Desktop
Services RemoteApp 855Terminal Services Web Access 855Installing Programs to Be Used with RemoteApp 856
Prepare and Configure Remote Desktop Services Gateway 858Preparing the Necessary RD Gateway Role Services 858Obtaining and Configuring a Certificate for RD
Gateway 858Creating Remote Desktop Services Connection
Authorization Policies 860
ftoc.indd xxivftoc.indd xxiv 3/8/11 4:36:38 PM3/8/11 4:36:38 PM
Contents xxv
Creating Remote Desktop Services Resource Authorization Policies 861
Configuring the Remote Desktop Services Client for RD Gateway 862
Configuring Remote Desktop Services Load Balancing 862Configuring a Remote Desktop Services Server Farm
with RD Connection Broker 863Configuring Network Load Balancing 865
Configuring Remote Desktop Licensing 866Remote Desktop Services Client Access Licenses 866Installing RD Licensing and RD Client Access
Licenses 867Configuring License Settings on an RD Session Host 872
Remote Administration in Windows Server 2008 R2 874Managing Remote Desktop Services through Group Policy 874
Group Policy Settings for Remote Desktop Services 875Configuring Global Deployment Settings for
RemoteApp 877Monitoring RD Gateway Using RD Gateway
Manager 880Summary 882Exam Essentials 884Review Questions 885Answers to Review Questions 887
Chapter 21 Configuring Web Services Infrastructure 889
Configuring Web Applications 890Installing IIS 7.5 891Creating and Configuring Websites 892
Configuring a File Transfer Protocol Server 903Configuring Permissions 904Configuring FTP Site for Extranet Users 905FTP IPv4 and Domain Restrictions 905WebDAV and FTP 906
Configuring a Simple Mail Transfer Protocol Server 907Configuring General SMTP Virtual Server Properties 907Configuring Access 909Configuring Message Size and Transfer Limits 910Configuring Delivery Options 911
Summary 914Exam Essentials 915Review Questions 916Answers to Review Questions 918
ftoc.indd xxvftoc.indd xxv 3/8/11 4:36:38 PM3/8/11 4:36:38 PM
xxvi Contents
Chapter 22 Advanced Web Infrastructure Configuration 919
Managing Internet Information Services 920Configuring Monitoring and Logging 921Backup and Restore 927Delegating Administrative Rights 929
Configuring Secure Sockets Layer Security 932Requesting and Renewing SSL Certificates 933Enabling SSL on a Website 935Exporting and Importing Certificates 936
Configuring Website Authentication and Permissions 937Configuring Application Access 939Client Certificate Mapping 940
Summary 941Exam Essentials 941Review Questions 942Answers to Review Questions 944
Chapter 23 Configuring Additional Communication Services 945
Configuring Fax Services 946Configuring Fax (Local) Properties 947Defining a Dialing Rule 949Defining a Fax Routing Location 950
Configuring a Media Server 951Configuring Basic Streaming Solutions 953Configuring Advanced Streaming Solutions 958Options for Configuring Security in a Windows
Media Server 961Web-Based Administration 964
Configuring Digital Rights Management 964How Does DRM Work? 965Encryption 966Sharing Business Rules 967Configuring License Delivery 968Configuring Policy Templates 969
Summary 971Exam Essentials 971Review Questions 972Answers to Review Questions 974
Chapter 24 Configuring Windows SharePoint 2010 Foundation 975
Configuring SharePoint Foundation 2010 976Configuring Incoming Email Settings 977
ftoc.indd xxviftoc.indd xxvi 3/8/11 4:36:39 PM3/8/11 4:36:39 PM
Contents xxvii
Configuring Outgoing Email Settings 979Configuring Workflow Settings 982Configuring Diagnostic Logging Settings 984Configuring Antivirus Settings 985Configuring Backups 987Recovery 989Audience Targeting 990SharePoint Permissions 991
Configuring Windows SharePoint Foundation 2010 Sites 992Upgrading from WSS 3.0 993Configuring Alternate Access Mapping 996Creating Quota Templates 997Creating Site Collections 998Enabling Access for End Users 998
Configuring Authentication for SharePoint Foundation 2010 999Configure Digest Authentication 1000Configuring Web SSO Authentication by Using ADFS 1001
Summary 1001Exam Essentials 1002Review Questions 1003Answers to Review Questions 1005
Chapter 25 Using Virtualization in Windows Server 2008 R2 1007
Hyper-V Overview 1008What Is Virtualization? 1008Hyper-V Features 1009Hyper-V Architecture 1010Hyper-V Requirements 1012
Hyper-V Installation and Configuration 1013Install the Hyper-V Role 1013Hyper-V in Server Manager 1015Using Hyper-V Manager 1015Configure Hyper-V Settings 1016Manage Virtual Networks 1017Managing Virtual Hard Disks 1020
Configuring Virtual Machines 1025Creating and Managing Virtual Machines 1025Back Up and Restore Virtual Machines 1032
Summary 1036Exam Essentials 1037Review Questions 1038Answers to Review Questions 1040
ftoc.indd xxviiftoc.indd xxvii 3/8/11 4:36:39 PM3/8/11 4:36:39 PM
xxviii Contents
Chapter 26 Deploying Servers 1041
Windows Deployment Services 1042Deploying Images by Using Windows Deployment Services 1043Using Windows Deployment Services 1044
Configuring WDS 1046Image Types 1049Capturing Images 1050Deploying Server Core 1052
Configuring Microsoft Windows Activation 1054Installing KMS 1055Configuring KMS 1057
Summary 1059Exam Essentials 1060Review Questions 1061Answers to Review Questions 1063
Chapter 27 Configuring High Availability in Windows Server 2008 R2 1065
Components of High Availability 1066Achieving High Availability 1067
High Availability Foundation 1067Achieving High Availability with Failover Clustering 1069
Failover Clustering Requirements 1071Cluster Quorum 1072Validating a Cluster Configuration 1074Creating a Cluster 1078Clustered Application Settings 1081Resource Properties 1083
New Windows Server 2008 R2 Clustering Features 1086Achieving High Availability with Network Load Balancing 1087
How Does Network Load Balancing Work? 1087Network Load Balancing Requirements 1088Creating an NLB Cluster 1089Modifying Cluster Properties 1089Managing NLB Clusters 1091
Summary 1092Exam Essentials 1092Review Questions 1093Answers to Review Questions 1095
Appendix About the Companion CD 1097
Index 1101
ftoc.indd xxviiiftoc.indd xxviii 3/8/11 4:36:40 PM3/8/11 4:36:40 PM