ffirs.indd ii 3/8/11 4:35:32 pm€¦ · mcts windows server ... ffirs.indd iv 3/8/11 4:35:33 pm....

ffirs.indd iiffirs.indd ii 3/8/11 4:35:32 PM3/8/11 4:35:32 PM

MCTSWindows Server® 2008 R2

CompleteStudy Guide

ffirs.indd iffirs.indd i 3/8/11 4:35:30 PM3/8/11 4:35:30 PM

ffirs.indd iiffirs.indd ii 3/8/11 4:35:32 PM3/8/11 4:35:32 PM

MCTSWindows Server® 2008 R2

CompleteStudy Guide

William Panek

ffirs.indd iiiffirs.indd iii 3/8/11 4:35:32 PM3/8/11 4:35:32 PM

Acquisitions Editor: Jeff KellumDevelopment Editor: Amy BreguetTechnical Editor: Rodney FournierProduction Editor: Dassi ZeidelCopy Editor: Linda RecktenwaldEditorial Manager: Pete GaughanProduction Manager: Tim TateVice President and Executive Group Publisher: Richard SwadleyVice President and Publisher: Neil EddeMedia Project Manager 1: Laura Moss-HollisterMedia Associate Producer: Josh FrankMedia Quality Assurance: Marilyn HummelBook Designers: Judy Fung and Bill GibsonProofreader: Jen Larsen, Word One New YorkIndexer: Ted LauxProject Coordinator, Cover: Katie CrockerCover Designer: Ryan Sneed

Copyright © 2011 by Wiley Publishing, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-0-470-94846-0

ISBN: 9781118075197 (ebk.)

ISBN: 9781118075432 (ebk.)

ISBN: 9781118075203 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.

Library of Congress Cataloging-in-Publication Data is available from the publisher.

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. Windows Server is a registered trademark of Microsoft Corporation in the United States and/or other countries. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book.

10 9 8 7 6 5 4 3 2 1

ffirs.indd ivffirs.indd iv 3/8/11 4:35:33 PM3/8/11 4:35:33 PM

http://www.wiley.com/go/permissions

Dear Reader,

Thank you for choosing MCTS: Windows Server 2008 R2 Complete Study Guide. This book is part of a family of premium-quality Sybex books, all of which are written by outstanding authors who combine practical experience with a gift for teaching.

Sybex was founded in 1976. More than 30 years later, we’re still committed to producing consistently exceptional books. With each of our titles, we’re working hard to set a new standard for the industry. From the paper we print on, to the authors we work with, our goal is to bring you the best books available.

I hope you see all that refl ected in these pages. I’d be very interested to hear your comments and get your feedback on how we’re doing. Feel free to let me know what you think about this or any other Sybex book by sending me an email at [email protected]. If you think you’ve found a technical error in this book, please visit http://sybex.custhelp.com. Customer feedback is critical to our efforts at Sybex.

Best regards,

Neil EddeVice President and PublisherSybex, an Imprint of Wiley

ffirs.indd vffirs.indd v 3/8/11 4:35:34 PM3/8/11 4:35:34 PM

mailto:[email protected]

http://sybex.custhelp.com

http://sybex.custhelp.com

This book is dedicated to my wife, Crystal, and my two daughters,

Alexandria and Paige. Without their love and support, none of

this would be possible.

ffirs.indd viffirs.indd vi 3/8/11 4:35:34 PM3/8/11 4:35:34 PM

Acknowledgments I would like to thank my best friend and wife, Crystal. She is always the light at the end of my tunnel. I want to thank our two daughters, Alexandria and Paige, for all of their love and support during the writing of all my books. They make it all worthwhile.

I want to thank my family and especially my brothers, Rick, Gary, and Rob. They have always been there for me. I want to thank my father, Richard, who helped me become the man I am today, and my mother, Maggie, for all of her love and support.

I would like to thank Jeremy Hodgson, my training partner, who spends more time with me on the road than anyone else. His sense of humor keeps me smiling even when I am homesick.

I want to thank everyone on my Sybex team, especially my developmental editor Amy Breguet, who helped me make this the best book possible, and Rodney R. Fournier, who is the technical editor of many of my books. It ’ s always good to have the very best technical guy backing you up.

I want to thank Dassi Zeidel, who was my production editor, and my acquisitions editor Jeff Kellum, who was the lead for the entire book. He has always been there for me, and he is always great to write for. Finally, I want to thank everyone else behind the scenes who helped make this book possible.

ffirs.indd viiffirs.indd vii 3/8/11 4:35:34 PM3/8/11 4:35:34 PM

About the Author William Panek holds the following certifi cations: MCP, MCP�I, MCSA, MCSA� Security and Messaging, MCSE – NT (3.51 & 4.0), MCSE – 2000 and 2003, MCSE � Security and Messaging, MCDBA, MCT, MCTS, MCITP, CCNA, and CHFI.

After many successful years in the computer industry and a degree in computer programming, Will Panek decided that he could better use his talents and his personality as an instructor. He started teaching for such schools as Boston University, Clark University, and the University of Maryland, just to name a few. In 1998 Will started Stellacon Corporation. Stellacon has become one of New England ’ s most respected training companies. Stellacon is also a two - time winner of the Best Computer School award in Portsmouth, New Hampshire.

Will brings years of real - world expertise to the classroom and strives to ensure that each and every student has an understanding of the course material.

Will currently lives in New Hampshire with his wife and two girls. Will is also a representative in the NH House of Representatives. In his spare time he likes to golf, ski, and snowmobile. William is also a commercially rated helicopter pilot.

ffirs.indd viiiffirs.indd viii 3/8/11 4:35:35 PM3/8/11 4:35:35 PM

Contents at a GlanceIntroduction xxxv

Assessment Test xlvii

Part I MCTS: Windows Server 2008 R2 Active Directory Configuration (Exam 70-640) 1

Chapter 1 Overview of Active Directory 3

Chapter 2 Domain Name System (DNS) 35

Chapter 3 Active Directory Planning and Installation 97

Chapter 4 Installing and Managing Trees and Forests 135

Chapter 5 Configuring Sites and Replication 179

Chapter 6 Configuring Active Directory Server Roles 219

Chapter 7 Administering Active Directory 263

Chapter 8 Configuring Group Policy Objects 313

Chapter 9 Planning Security for Active Directory 373

Chapter 10 Active Directory Optimization and Reliability 415

Part II MCTS: Windows Server 2008 R2 Network Infrastructure Configuration (Exam 70-642) 461

Chapter 11 Understanding Windows Server 2008 R2 Networking 463

Chapter 12 Configuring TCP/IP 493

Chapter 13 Managing DHCP and DNS 545

Chapter 14 Managing Routing and Remote Access 595

Chapter 15 Managing Remote Access Services 643

Chapter 16 Managing Security for Remote Access Services 683

Chapter 17 Managing File and Print Services 725

Chapter 18 Monitoring and Managing a Network Infrastructure 765

Part III MCTS: Windows Server 2008 R2 Applications Infrastructure Configuration (Exam 70-643) 813

Chapter 19 Windows Server 2008 R2 Storage Services 815

Chapter 20 Remote Desktop Services in Windows Server 2008 R2 843

ffirs.indd ixffirs.indd ix 3/8/11 4:35:35 PM3/8/11 4:35:35 PM

Chapter 21 Configuring Web Services Infrastructure 889

Chapter 22 Advanced Web Infrastructure Configuration 919

Chapter 23 Configuring Additional Communication Services 945

Chapter 24 Configuring Windows SharePoint 2010 Foundation 975

Chapter 25 Using Virtualization in Windows Server 2008 R2 1007

Chapter 26 Deploying Servers 1041

Chapter 27 Configuring High Availability in Windows Server 2008 R2 1065

Appendix About the Companion CD 1097

Index 1101

ffirs.indd xffirs.indd x 3/8/11 4:35:36 PM3/8/11 4:35:36 PM

ContentsIntroduction xxxv

Assessment Test xlvii

Part I MCTS: Windows Server 2008 R2 Active Directory Configuration (Exam 70-640) 1

Chapter 1 Overview of Active Directory 3

The Industry before Active Directory 5The Benefits of Active Directory 5Understanding Active Directory’s Logical Structure 9

Components and Mechanisms of Active Directory 9An Overview of Active Directory Domains 11Overview of an Active Directory Forest 13

Understanding Active Directory Objects 15Names and Identifiers of Objects 15Using Organizational Units (OUs) in Active Directory 17Security Features of User, Computer, and Group Objects 18Delegation of Administrative Control 19

Introducing Windows Server 2008 R2 Server Roles 21Active Directory Certificate Services 22Active Directory Domain Services 22Active Directory Federation Services 24Active Directory Lightweight Directory Services 25Active Directory Rights Management Services 25

Introducing Identity and Access (IDA) in Windows Server 2008 26

Using Directory Services 27Strong Authentication 28Federated Identities 28Information Protection 29Forefront Identity Manager (FIM) 2010 29

Summary 30Exam Essentials 31Review Questions 32Answers to Review Questions 34

Chapter 2 Domain Name System (DNS) 35

Introducing DNS 36The Form of an IP Address 37Understanding Servers, Clients, and Resolvers 42Understanding the DNS Process 43

ftoc.indd xiftoc.indd xi 3/8/11 4:36:32 PM3/8/11 4:36:32 PM

xii Contents

Introducing DNS Database Zones 49Understanding Primary Zones 50Understanding Secondary Zones 51Understanding Active Directory Integrated DNS 52Understanding Stub Zones 54GlobalName Zones 55Zone Transfers and Replication 56

New Functionality in Windows Server 2008 DNS 59Background Zone Loading 59Support for IPv6 Addresses 59Support for Read-Only Domain Controllers 60GlobalName Zones 60DNS Socket Pool 61DNS Cache Locking 61DNS Security Extensions (DNSSEC) 61

Introducing DNS Record Types 62Start of Authority (SOA) Records 62Name Server (NS) Records 64Host Record 64Alias Record 65Pointer (PTR) Record 65Mail Exchanger (MX) Record 66Service (SRV) Record 66

Configuring DNS 67Installing DNS 67Load Balancing with Round Robin 68Configuring a Caching-Only Server 68Setting Zone Properties 69Configuring Zones for Dynamic Updates 73Delegating Zones for DNS 74DNS Forwarding 75Manually Creating DNS Records 76DNS Aging and Scavenging 78

Monitoring and Troubleshooting DNS 78Monitoring DNS with the DNS Snap-In 79Troubleshooting DNS 81


ftoc.indd xiiftoc.indd xii 3/8/11 4:36:32 PM3/8/11 4:36:32 PM

Contents xiii

Chapter 3 Active Directory Planning and Installation 97

Verifying the Filesystem 99Setting Up the NTFS Partition 100

Verifying Network Connectivity 102Basic Connectivity Tests 103Tools and Techniques for Testing Network Configuration 104

Understanding Domain and Forest Functionality 105About the Domain Functional Level 106About Forest Functionality 107

Planning the Domain Structure 109Installing Active Directory 109Verifying Active Directory Installation 114

Using Event Viewer 114Using Active Directory Administrative Tools 117Testing from Clients 119

Creating and Configuring Application Data Partitions 120Creating Application Data Partitions 121Managing Replicas 123Removing Replicas 124Using ntdsutil to Manage Application Data Partitions 124

Configuring DNS Integration with Active Directory 126Summary 128Exam Essentials 129Review Questions 130Answers to Review Questions 133

Chapter 4 Installing and Managing Trees and Forests 135

Reasons for Creating Multiple Domains 136Reasons for Using Multiple Domains 136Drawbacks of Multiple Domains 139

Creating Domain Trees and Forests 139Planning Trees and Forests 140The Promotion Process 143Creating a Domain Tree 144Joining a New Domain Tree to a Forest 149Adding Additional Domain Controllers 154

Demoting a Domain Controller 154Managing Multiple Domains 157

Managing Single-Master Operations 158Forest Operations Masters 158Domain Operations Masters 158

ftoc.indd xiiiftoc.indd xiii 3/8/11 4:36:33 PM3/8/11 4:36:33 PM

xiv Contents

Assigning Single-Master Roles 159Managing Trusts 161Managing UPN Suffixes 168Managing Global Catalog Servers 169Managing Universal Group Membership Caching 171


Chapter 5 Configuring Sites and Replication 179

Overview of Network Planning 180The Three Types of Network 180Exploring Network Constraints 181

Overview of Active Directory Replication and Sites 182Replicating Active Directory 182Understanding Active Directory Site Concepts 183Understanding Distributed File System Replication 187

Implementing Sites and Subnets 188Creating Sites 189Creating Subnets 192Configuring Sites 195

Configuring Replication 197Intrasite Replication 197Intersite Replication 198Configuring Server Topology 205Using Universal Group Membership Caching 208

Monitoring and Troubleshooting Active Directory Replication 209

About System Monitor 209Troubleshooting Replication 209


Chapter 6 Configuring Active Directory Server Roles 219

Understanding Server Manager 221Configuring Active Directory Certificate Services 222

Installing Active Directory Certificate Services 224Enrolling User and Computer Certificates 228

ftoc.indd xivftoc.indd xiv 3/8/11 4:36:33 PM3/8/11 4:36:33 PM

Contents xv

Certificate Templates 230Revoking Certificates 232Configuring Additional CA Server Settings 234What’s New in Windows Server 2008 R2 236

Understanding Active Directory Domain Services 237Introducing the New Domain Services Features in

Windows Server 2008 237Security Features Available for Domain Services 238What’s New in Windows Server 2008 R2 241

Active Directory Federation Services 242Installing AD FS 243Configuring AD FS 244

Active Directory Lightweight Directory Services 245Installing AD LDS 246Configuring AD LDS 246Installing AD LDS on Server Core 249

Active Directory Rights Management Services 250AD RMS Templates 255


Chapter 7 Administering Active Directory 263

An Overview of OUs 264The Purpose of OUs 265Benefits of OUs 266

Planning the OU Structure 266Logical Grouping of Resources 266Understanding OU Inheritance 268Delegating Administrative Control 269Applying Group Policies 270

Creating OUs 271Managing OUs 275

Moving, Deleting, and Renaming OUs 275Administering Properties of OUs 276Delegating Control of OUs 277

Troubleshooting OUs 282Creating and Managing Active Directory Objects 282

Overview of Active Directory Objects 282Managing Object Properties 290

ftoc.indd xvftoc.indd xv 3/8/11 4:36:34 PM3/8/11 4:36:34 PM

xvi Contents

Understanding Groups 293Filtering and Advanced Active Directory Features 295Moving, Renaming, and Deleting Active

Directory Objects 297Resetting an Existing Computer Account 298

Publishing Active Directory Objects 298Making Active Directory Objects Available to Users 298Publishing Printers 299Publishing Shared Folders 300Querying Active Directory 301Using the Active Directory Administrative Center 303

Using the Command Prompt for Active Directory Configuration 305


Chapter 8 Configuring Group Policy Objects 313

Introducing Group Policy 314Understanding Group Policy Settings 315The Security Settings Section of the GPO 317Group Policy Objects 318Group Policy Inheritance 320

Planning a Group Policy Strategy 321Implementing Group Policy 321

Creating GPOs 321Linking Existing GPOs to Active Directory 324

Managing Group Policy 325Managing GPOs 325Security Filtering of a Group Policy 327Delegating Administrative Control of GPOs 329Controlling Inheritance and Filtering Group Policy 331Assigning Script Policies 332Understanding the Loopback Policy 334Managing Network Configuration 334Automatically Enrolling User and Computer

Certificates in Group Policy 335Redirecting Folders 337Managing GPOs with Windows PowerShell

Group Policy Cmdlets 339Deploying Software through a GPO 340

The Software Management Life Cycle 340

ftoc.indd xviftoc.indd xvi 3/8/11 4:36:34 PM3/8/11 4:36:34 PM

Contents xvii

The Windows Installer 342Deploying Applications 346

Implementing Software Deployment 347Preparing for Software Deployment 347Software Restriction Policies 349Using AppLocker 349Group Policy Slow Link Detection 349Publishing and Assigning Applications 350Applying Software Updates 351Verifying Software Installation 352Configuring Automatic Updates in Group Policy 353

Configuring Software Deployment Settings 354The Software Installation Properties Dialog Box 354Removing Programs 357Microsoft Windows Installer Settings 358

Troubleshooting Group Policies 359RSoP in Logging Mode 360RSoP in Planning Mode 363Using the gpresult.exe Command 364


Chapter 9 Planning Security for Active Directory 373

Active Directory Security Overview 375Understanding Security Principals 375Managing Security and Permissions 386Using ACLs and ACEs 387

Implementing Active Directory Security 389Using User Templates 391Delegating Control of Users and Groups 392

Using Group Policy for Security 393Fine-Grained Password Policies 396

Understanding Smart Card Authentication 399Preparing a Smart Card Certificate Enrollment

Station 400Configuring Group Policy Settings for Smart Cards 400

Understanding Security Configuration and Analysis Tools 401Using the Security Configuration and Analysis Utility 402Understanding the secedit.exe Command 403

ftoc.indd xviiftoc.indd xvii 3/8/11 4:36:35 PM3/8/11 4:36:35 PM

xviii Contents

Implementing an Audit Policy 404Overview of Auditing 405Implementing Auditing 405Viewing Auditing Information 407What’s New in Windows Server 2008 R2 Auditing 408


Chapter 10 Active Directory Optimization and Reliability 415

Overview of Windows Server 2008 R2 Performance Monitoring 417

Using Windows Server 2008 R2 Performance Tools 419Deciding What to Monitor 420Viewing Performance Information 422Managing Performance Monitor Properties 424

Saving and Analyzing Data with Performance Logs and Alerts 428

Monitoring and Troubleshooting Active Directory Components 430

Monitoring Domain Controller Performance 430Monitoring Active Directory Performance with

Performance Monitor 433Using Other Performance Monitoring Tools 434Troubleshooting Active Directory Performance

Monitoring 442Backup and Recovery of Active Directory 442

Overview of the Windows Server 2008 R2 Backup Utility 444

Backing Up Active Directory 448Restoring Active Directory 449Active Directory Recycle Bin 451Restartable Active Directory 451Offline Maintenance 452Monitoring Replication 453Using the ADSI Editor 454


ftoc.indd xviiiftoc.indd xviii 3/8/11 4:36:35 PM3/8/11 4:36:35 PM

Contents xix

Part II MCTS: Windows Server 2008 R2 Network Infrastructure Configuration (Exam 70-642) 461

Chapter 11 Understanding Windows Server 2008 R2 Networking 463

Understanding the OSI Model 464Protocol Stacks 466Communication between Stacks 475

How Microsoft’s Network Components Work with the OSI Model 476

Device Drivers and the OSI Model 477Network Protocol Basics 477

About Windows Network Models 484Windows Peer-to-Peer Network 484


Chapter 12 Configuring TCP/IP 493

Understanding TCP/IP 494Details of the TCP/IP Model 494How TCP/IP Layers Communicate 495Understanding Port Numbers 496

Understanding IP Addressing 497The Hierarchical IP Addressing Scheme 497Understanding Network Classes 499

Subnetting a Network 502Implementing Subnetting 503An Easier Way to Apply Subnetting 509Applying Subnetting the Traditional Way 514Working with Classless Inter-Domain Routing 522

Understanding IPv6 525IPv6 History and Need 525IPv6 New and Improved Concepts 526IPv6 Addressing Concepts 528IPv6 Integration/Migration 533


ftoc.indd xixftoc.indd xix 3/8/11 4:36:35 PM3/8/11 4:36:35 PM

xx Contents

Chapter 13 Managing DHCP and DNS 545

Overview of DHCP 546Introducing the DORA Process 547Advantages and Disadvantages of DHCP 548ipconfig Lease Options 549Understanding Scope Details 550

Installing and Authorizing DHCP 552Installing DHCP 552Introducing the DHCP Snap-in 553Authorizing DHCP for Active Directory 554

Creating and Managing DHCP Scopes 556Creating a New Scope in IPv4 556Creating a New Scope in IPv6 563Changing Scope Properties (IPv4 and IPv6) 567Changing Server Properties 568Managing Reservations and Exclusions 571Setting Scope Options for IPv4 574Activating and Deactivating Scopes 577Creating a Superscope for IPv4 577Creating IPv4 Multicast Scopes 578Integrating Dynamic DNS and IPv4 DHCP 581Using Multiple DHCP Servers 583Working with the DHCP Database Files 583

DNS 585Understanding DNS Components 585


Chapter 14 Managing Routing and Remote Access 595

Understanding Routing 596What Routing Does 596How Routing Works 597Routing in Windows Server 2008 R2 606

Installing RRAS 608Configuring IP Routing 609

Creating and Managing Interfaces 609Setting IP Routing Properties 620Managing Routing Protocols 622Managing Static Routes 625

Configuring TCP/IP Packet Filters 627

ftoc.indd xxftoc.indd xx 3/8/11 4:36:36 PM3/8/11 4:36:36 PM

Contents xxi

Configuring VPN Packet Filters 630PPTP Packet Filters 630L2TP Packet Filters 631

Managing IP Routing 631Using the routeprint Command 633Troubleshooting IP Routing 633Troubleshooting Example 633


Chapter 15 Managing Remote Access Services 643

Overview of Dial-Up Networking 644What DUN Does 645How DUN Works 645

Overview of Virtual Private Networks 649What VPNs Do 649VPNs and Windows Server 2008 R2 650How VPNs Work 650

Configuring Your Remote Access Server 654Configuring PPP Options 654

Installing a VPN 657How VPN Works 658Enabling RRAS as a VPN 659

Configuring a VPN 659Configuring VPN Ports 659Troubleshooting VPNs 660

Managing Your Remote Access Server 662Managing Remote Users with a RADIUS Server 662Monitoring Overall Activity 663Controlling Remote Access Logging 663Reviewing the Remote Access Event Log 666Monitoring Ports and Port Activity 666

Configuring a RAS or VPN Client 667The General Tab 667The Options Tab 668The Security Tab 670The Networking Tab 671The Sharing Tab 672

Introduction to Authentication Protocols 672

ftoc.indd xxiftoc.indd xxi 3/8/11 4:36:36 PM3/8/11 4:36:36 PM

xxii Contents

Overview of Wireless Access 673Configuring Wireless Access 674


Chapter 16 Managing Security for Remote Access Services 683

Remote Access Security 684User Authentication 684Connection Security 686Access Control 687

Configuring User Access 687Setting Up User Profiles 687Using Network Access Policies 689Using Remote Access Profiles 694Setting Up a VPN Network Access Policy 699

Configuring Security 701Controlling Server Security 701Configuring Network Access Protection 704

Configuring Windows Firewall Options 706Windows Firewall with Advanced Security 708

Troubleshooting Techniques 714Summary 716Exam Essentials 716Review Questions 718Answers to Review Questions 723

Chapter 17 Managing File and Print Services 725

Understanding File Servers 726Configuring File Servers 727

Sharing Folders 728Making Active Directory Objects Available to Users 728Configuring Offline Folders 729Understanding Permissions 731Share and Storage Management console 738

Using BitLocker Drive Encryption 739Understanding BranchCache 739

Distributed Cache Mode Requirements 740Hosted Mode Requirements 742

Configuring DirectAccess 743DirectAccess vs. VPNs 743Understanding How DirectAccess Works 743Knowing the DirectAccess Infrastructure Requirements 744

Configuring Disk Quotas 745

ftoc.indd xxiiftoc.indd xxii 3/8/11 4:36:37 PM3/8/11 4:36:37 PM

Contents xxiii

Configuring Distributed File System 747Advantages of DFS 747Types of DFS 748Using the DFS Management Console 749

Understanding Printing 750Creating and Publishing Printers 751Configuring Printers 752Migrating Print Servers 757


Chapter 18 Monitoring and Managing a Network Infrastructure 765

Configuring Windows Server Update Services 767Windows Update 768Windows Automatic Updates 768Using Windows Server Update Services 770

Overview of Windows Server 2008 R2 Performance Monitoring 777

Using Windows Server 2008 R2 Performance Tools 779Introducing the Reliability and Performance Monitor 779Using Other Performance-Monitoring Tools 789

Backup and Recovery 802Wbadmin Command Line Utility 803

Understanding Shadow Copies 803Summary 805Exam Essentials 805Review Questions 807Answers to Review Questions 811

Part III MCTS: Windows Server 2008 R2 Applications Infrastructure Configuration (Exam 70-643) 813

Chapter 19 Windows Server 2008 R2 Storage Services 815

Storage in Windows Server 2008 R2 816Initializing Disks 816Working with Basic and Dynamic Disks 817Working with Volume Sets 819Redundant Array of Independent Disks 820Mount Points 824

ftoc.indd xxiiiftoc.indd xxiii 3/8/11 4:36:37 PM3/8/11 4:36:37 PM

xxiv Contents

Microsoft MPIO 824iSCSI 826Internet Storage Name Service 828Fibre Channel 829Network Attached Storage 830

Managing SANs 830Virtual Disk Service 830Storage Manager for SANs 832Storage Explorer 833

Working with Virtualization 834Benefits of Virtualization 835Features of Microsoft Hyper-V 835Virtualization Concepts 836Understanding Virtual Hard Disks 837


Chapter 20 Remote Desktop Services in Windows Server 2008 R2 843

Remote Desktop Connection Display 845Custom Display Resolutions 845Monitor Spanning 846Font Smoothing 846Display Data Prioritization 847Desktop Experience 847Device Redirection 850Single Sign-On for Remote Desktop Services 852Remote Desktop Protocol Signing 853

RDP 7.0 Benefits 853Understanding RemoteFX 854

Benefits of Using RemoteFX 854Prepare and Configure the Use of Remote Desktop

Services RemoteApp 855Terminal Services Web Access 855Installing Programs to Be Used with RemoteApp 856

Prepare and Configure Remote Desktop Services Gateway 858Preparing the Necessary RD Gateway Role Services 858Obtaining and Configuring a Certificate for RD

Gateway 858Creating Remote Desktop Services Connection

Authorization Policies 860

ftoc.indd xxivftoc.indd xxiv 3/8/11 4:36:38 PM3/8/11 4:36:38 PM

Contents xxv

Creating Remote Desktop Services Resource Authorization Policies 861

Configuring the Remote Desktop Services Client for RD Gateway 862

Configuring Remote Desktop Services Load Balancing 862Configuring a Remote Desktop Services Server Farm

with RD Connection Broker 863Configuring Network Load Balancing 865

Configuring Remote Desktop Licensing 866Remote Desktop Services Client Access Licenses 866Installing RD Licensing and RD Client Access

Licenses 867Configuring License Settings on an RD Session Host 872

Remote Administration in Windows Server 2008 R2 874Managing Remote Desktop Services through Group Policy 874

Group Policy Settings for Remote Desktop Services 875Configuring Global Deployment Settings for

RemoteApp 877Monitoring RD Gateway Using RD Gateway

Manager 880Summary 882Exam Essentials 884Review Questions 885Answers to Review Questions 887

Chapter 21 Configuring Web Services Infrastructure 889

Configuring Web Applications 890Installing IIS 7.5 891Creating and Configuring Websites 892

Configuring a File Transfer Protocol Server 903Configuring Permissions 904Configuring FTP Site for Extranet Users 905FTP IPv4 and Domain Restrictions 905WebDAV and FTP 906

Configuring a Simple Mail Transfer Protocol Server 907Configuring General SMTP Virtual Server Properties 907Configuring Access 909Configuring Message Size and Transfer Limits 910Configuring Delivery Options 911


ftoc.indd xxvftoc.indd xxv 3/8/11 4:36:38 PM3/8/11 4:36:38 PM

xxvi Contents

Chapter 22 Advanced Web Infrastructure Configuration 919

Managing Internet Information Services 920Configuring Monitoring and Logging 921Backup and Restore 927Delegating Administrative Rights 929

Configuring Secure Sockets Layer Security 932Requesting and Renewing SSL Certificates 933Enabling SSL on a Website 935Exporting and Importing Certificates 936

Configuring Website Authentication and Permissions 937Configuring Application Access 939Client Certificate Mapping 940


Chapter 23 Configuring Additional Communication Services 945

Configuring Fax Services 946Configuring Fax (Local) Properties 947Defining a Dialing Rule 949Defining a Fax Routing Location 950

Configuring a Media Server 951Configuring Basic Streaming Solutions 953Configuring Advanced Streaming Solutions 958Options for Configuring Security in a Windows

Media Server 961Web-Based Administration 964

Configuring Digital Rights Management 964How Does DRM Work? 965Encryption 966Sharing Business Rules 967Configuring License Delivery 968Configuring Policy Templates 969


Chapter 24 Configuring Windows SharePoint 2010 Foundation 975

Configuring SharePoint Foundation 2010 976Configuring Incoming Email Settings 977

ftoc.indd xxviftoc.indd xxvi 3/8/11 4:36:39 PM3/8/11 4:36:39 PM

Contents xxvii

Configuring Outgoing Email Settings 979Configuring Workflow Settings 982Configuring Diagnostic Logging Settings 984Configuring Antivirus Settings 985Configuring Backups 987Recovery 989Audience Targeting 990SharePoint Permissions 991

Configuring Windows SharePoint Foundation 2010 Sites 992Upgrading from WSS 3.0 993Configuring Alternate Access Mapping 996Creating Quota Templates 997Creating Site Collections 998Enabling Access for End Users 998

Configuring Authentication for SharePoint Foundation 2010 999Configure Digest Authentication 1000Configuring Web SSO Authentication by Using ADFS 1001


Chapter 25 Using Virtualization in Windows Server 2008 R2 1007

Hyper-V Overview 1008What Is Virtualization? 1008Hyper-V Features 1009Hyper-V Architecture 1010Hyper-V Requirements 1012

Hyper-V Installation and Configuration 1013Install the Hyper-V Role 1013Hyper-V in Server Manager 1015Using Hyper-V Manager 1015Configure Hyper-V Settings 1016Manage Virtual Networks 1017Managing Virtual Hard Disks 1020

Configuring Virtual Machines 1025Creating and Managing Virtual Machines 1025Back Up and Restore Virtual Machines 1032


ftoc.indd xxviiftoc.indd xxvii 3/8/11 4:36:39 PM3/8/11 4:36:39 PM

xxviii Contents

Chapter 26 Deploying Servers 1041

Windows Deployment Services 1042Deploying Images by Using Windows Deployment Services 1043Using Windows Deployment Services 1044

Configuring WDS 1046Image Types 1049Capturing Images 1050Deploying Server Core 1052

Configuring Microsoft Windows Activation 1054Installing KMS 1055Configuring KMS 1057


Chapter 27 Configuring High Availability in Windows Server 2008 R2 1065

Components of High Availability 1066Achieving High Availability 1067

High Availability Foundation 1067Achieving High Availability with Failover Clustering 1069

Failover Clustering Requirements 1071Cluster Quorum 1072Validating a Cluster Configuration 1074Creating a Cluster 1078Clustered Application Settings 1081Resource Properties 1083

New Windows Server 2008 R2 Clustering Features 1086Achieving High Availability with Network Load Balancing 1087

How Does Network Load Balancing Work? 1087Network Load Balancing Requirements 1088Creating an NLB Cluster 1089Modifying Cluster Properties 1089Managing NLB Clusters 1091


Appendix About the Companion CD 1097

Index 1101

ftoc.indd xxviiiftoc.indd xxviii 3/8/11 4:36:40 PM3/8/11 4:36:40 PM

ffirs.indd ii 3/8/11 4:35:32 pm€¦ · mcts windows server ... ffirs.indd iv 3/8/11 4:35:33 pm....

Documents