Best Damn Windows Server 2008 Book Period (eBook)
824 Seiten
Elsevier Science (Verlag)
978-0-08-056007-6 (ISBN)
This book will show you how to increase the reliability and flexibility of your server infrastructure with built-in Web and virtualization technologies, have more control over your servers and web sites using new tools like IIS7, Windows Server Manager, and Windows PowerShell, and secure your network with Network Access Protection and the Read-Only Domain Controller.
New to this Edition:
* Web server management with Internet Information Services 7.0
* Virtualize multiple operating systems on a single server
* Hardening Security, including Network Access Protection, Federated Rights Management, and Read-Only Domain Controller
Best Damn Windows Server 2008 Book Period, Second Edition is completely revised and updated to Windows Server 2008. This book will show you how to increase the reliability and flexibility of your server infrastructure with built-in Web and virtualization technologies; have more control over your servers and web sites using new tools like IIS7, Windows Server Manager, and Windows PowerShell; and secure your network with Network Access Protection and the Read-Only Domain Controller. - Web server management with Internet Information Services 7.0- Virtualize multiple operating systems on a single server- Hardening Security, including Network Access Protection, Federated Rights Management, and Read-Only Domain Controller
Front Cover 1
The Best Damn Windows Server 2008 Book Period 4
Copyright Page 5
Technical Editors 6
Contributing Authors 7
Contents 12
Chapter 1: Configuring Network Services 26
Introduction 27
Configuring Domain Name System (DNS) 28
Identifying DNS Record Requirements 33
Installing and Configuring DNS 37
Using Server Core and DNS 42
Configuring Zones 44
Zone Transfer 47
Active Directory Records 51
Reverse Lookup Zones 52
Configuring Reverse Lookup Zones 53
Configuring Zone Resolution 56
Configuring Dynamic Host Configuration Protocol (DHCP) 59
DHCP Design Principles 60
DHCP Servers and Placement 62
Installing and Configuring DHCP 62
Using Server Core and DHCP 65
Configuring DHCP for DNS 67
Configuring Windows Internet Naming Service (WINS) 68
Understanding WINS Replication 70
Automatic Partner Configuration 70
Push Partnerships 71
Pull Partnerships 72
Push/Pull Partnerships 73
Replication Models 73
Ring Models 74
Hub-and-Spoke Models 74
Hybrid Replication Models 75
Static WINS Entries 75
Installing and Configuring 76
Using Server Core for WINS 77
Configuring WINS for DNS 78
Summary 79
Solutions Fast Track 80
Configuring Domain Name System (DNS) 80
Configuring Dynamic Host Configuration Protocol (DHCP) 80
Configuring Windows Internet Naming Service (WINS) 81
Frequently Asked Questions 82
Chapter 2: Configuring the Active Directory Infrastructure 84
Introduction 85
Working with Forests and Domains 86
Understanding Forests 87
Understanding Domains 87
Forest and Domain Functional Levels 89
Using Domain Functional Levels 91
Using the Windows 2000 Domain Functional Level 91
Windows Server 2003 Domain Functional Level 92
Windows Server 2008 Domain Functional Level 93
Configuring Forest Functional Levels 93
Windows 2000 Forest Functional Level (default) 94
Windows Server 2003 Forest Functional Level 94
Windows Server 2008 Forest Functional Level 95
Raising Forest and Domain Functional Levels 96
Raising the Domain Functional Level 96
Understanding the Global Catalog 98
UPN Authentication 100
Directory Information Search 100
Universal Group Membership Information 101
Understanding GC Replication 102
Universal Group Membership 102
Attributes in the Global Catalog 103
Placing GC Servers within Sites 104
Bandwidth and Network Traffic Considerations 105
Universal Group Membership Caching 106
Working with Flexible Single Master Operation (FSMO) Roles 107
Placing, Transferring, and Seizing FSMO Role Holders 111
Locating and Transferring the Schema Master Role 111
Locating and Transferring the Domain Naming Master Role 114
Locating and Transferring theInfrastructure, RID, and PDC Operations Master Roles 116
Placing the FSMO Roles within an Active Directory Environment 119
Working with Sites 120
Understanding Sites 121
Subnets 123
Site Planning 124
Criteria for Establishing Separate Sites 125
Creating a Site 125
Renaming a Site 129
Creating Subnets 131
Associating Subnets with Sites 134
Creating Site Links 136
Configuring Site Link Cost 139
Understanding Replication 141
Intrasite Replication 143
Intersite Replication 144
Bridgehead Servers 145
Site Link Bridges 146
Scheduling 146
Forcing Replication 147
Replication Protocols 147
Planning, Creating, and Managing the Replication Topology 148
Planning Replication Topology 148
Creating Replication Topology 148
Configuring Replication between Sites 149
Troubleshooting Replication Failure 150
Troubleshooting Replication 150
Using Event Viewer 151
Working with Trusts 153
Default Trusts 158
Forest Trusts 158
External Trusts 159
Shortcut Trusts 160
SID Filtering 161
Summary 162
Solutions Fast Track 164
Working with Forests and Domains 164
Working with Sites 164
Working with Trusts 165
Frequently Asked Questions 166
Chapter 3: Configuring Certificate Services and PKI 170
Introduction 171
What Is PKI? 172
The Function of the PKI 174
Components of PKI 175
How PKI Works 177
PKCS Standards 179
How Certificates Work 183
Public Key Functionality 186
Digital Signatures 187
Authentication 188
Secret Key Agreement via Public Key 189
Bulk Data Encryption without Prior Shared Secrets 189
User Certificates 200
Machine Certificates 201
Application Certificates 201
Analyzing Certificate Needs within the Organization 201
Working with Certificate Services 202
Configuring a Certificate Authority 202
Certificate Authorities 202
Standard vs. Enterprise 203
Root vs. Subordinate Certificate Authorities 204
Certificate Requests 205
Certificate Practice Statement 209
Key Recovery 210
Backup and Restore 210
Assigning Roles 216
Enrollments 217
Revocation 217
Working with Templates 221
General Properties 223
Request Handling 225
Cryptography 226
Subject Name 227
Issuance Requirements 228
Security 231
Types of Templates 232
User Certificate Types 232
Computer Certificate Types 234
Other Certificate Types 235
Custom Certificate Templates 236
Securing Permissions 239
Versioning 240
Key Recovery Agent 240
Summary 242
Solutions Fast Track 243
Planning a Windows Server 2008 Certificate-Based PKI 243
Implementing Certification Authorities 244
Planning Enrollment and Distribution of Certificates 244
Frequently Asked Questions 245
Chapter 4: Windows Server 2008 Core 248
Introduction 249
Using Server Core and Active Directory 252
Using Server Core and DNS 258
Configuring Dynamic Host Configuration Protocol (DHCP) Using Server Core 260
Installing DHCP Using Server Core 262
Installing Internet Information Services 264
Installing the FTP Publishing Service 269
Installing and Managing Hyper-V on Windows Server Core Installations 272
Summary 273
Solutions Fast Track 273
Frequently Asked Questions 274
Chapter 5: Configuring DNS 276
Introduction 277
An Introduction to Domain Name System (DNS) 277
Understanding Public Name Resolution 280
Understanding Private Name Resolution 281
Understanding Microsoft’s DNS Terminology 282
Configuring a DNS Server 283
Installing the DNS Server Role 283
Understanding Cache-Only DNS Servers 284
Configuring Root Hints 284
Adding Root Hint Records 285
Editing Root Hints Records 286
Removing Root Hints Records 288
Copying Root Hints from Another Server 288
Configuring Server-Level Forwarders 288
Configuring Conditional Forwarding 291
Creating Conditional Forwarders 291
Managing Conditional Forwarders 293
Server Core 295
Creating DNS Zones 296
Creating a Standard Primary Forward Lookup Zone 299
Creating a Secondary Forward Lookup Zone 303
Creating an Active Directory Integrated Forward Lookup Zone 304
Creating a Standard Primary Reverse Lookup Zone 308
Creating a Standard Secondary Reverse Lookup Zone 311
Creating a Zone Delegation 312
Creating a Stub Zone 315
Using the New GlobalNames Zone Feature 315
Enabling a Domain Controller to Support GlobalNames Zones 316
Creating the GlobalNames Zone 317
Configuring and Managing DNS Replication 319
Manually Initiating Replication Using DNS Manager 319
Configuring DNS Servers to Allow Zone Transfers 319
Configuring a Standard Primary Zone for Transfers 320
Configuring an AD Integrated 321
Configuring the SOA Record 322
Creating an Application Directory Partition 324
Creating and Managing DNS Records 325
Managing Record Types 325
Creating Host Records 325
Creating A Records 326
Creating AAAA Records 327
Creating Pointer Records 329
Creating MX Records 330
Creating SRV Records 332
Creating CNAME Records 335
Creating NS Records 336
Configuring Windows Internet Name Service (WINS) and DNS Integration 337
Creating a WINS Lookup Record 338
Creating a WINS Reverse Lookup Record 340
Understanding the Dynamic Domain Name System (DDNS) 343
Configuring DDNS Aging and Scavenging 344
Enabling Automatic Scavenging 346
Initiating Manual Scavenging 347
Configuring Name Resolution for Client Computers 348
How Name Resolution Works in Windows XP and Later 350
Configuring the DNS Server List 351
Configuring the Suffix Search Order 353
Configuring the HOSTS File 354
Configuring the NetBIOS Node Type 355
Configuring the WINS Server List 357
Configuring the LMHOSTS File 359
Understanding Link-Local Multicast Name Resolution (LLMNR) 361
Managing Client Settings by Using Group Policy 361
Summary 365
Solutions Fast Track 367
Frequently Asked Questions 370
Chapter 6: Configuring Network Access 374
Introduction 375
Windows Server 2008 and Routing 376
Windows Server 2008 and Remote Access 377
Windows Server 2008 and Wireless Access 377
Configuring Routing 378
Routing Fundamentals 378
Static Routing 380
Routing Internet Protocol (RIP) 381
Open Shortest Path First (OSPF) 382
Configuring Remote Access 383
Routing and Remote Access Services (RRAS) 384
Network Policy Server and Network Access Protection 386
Dial-Up 389
Remote Access Policy 390
Network Address Translation (NAT) 393
Internet Connection Sharing (ICS) 395
Remote Access Protocols 398
Virtual Private Networks 403
Installing and Configuring a SSL VPN Server 404
Inbound/Outbound Filters 408
Configuring Remote Authentication Dial-In User Service (RADIUS) Server 409
Configuring Wireless Access 413
Set Service Identifier (SSID) 417
Wi-Fi Protected Access (WPA) 418
Wi-Fi Protected Access 2 (WPA2) 418
Ad Hoc vs. Infrastructure Mode 419
Wireless Group Policy 421
Summary 422
Solutions Fast Track 422
Configuring Routing 422
Configuring Remote Access 423
Configuring Wireless Access 424
Frequently Asked Questions 426
Chapter 7: Configuring File and Print Services 428
Introduction 429
Configuring a File Server 429
File Share Publishing 430
Additional Role Services 433
File Screening 435
Sharing a Folder 436
Share Permissions 438
NTFS Permissions 439
Offline Files 441
Encrypting File System (EFS) 448
Working with EFS 449
Configuring Distributed File System (DFS) 454
DFS Namespaces 454
DFS Configuration and Application 455
Creating and Configuring Targets 458
DFS Replication 459
Configuring Shadow Copy Services 460
Recovering Previous Versions 462
Setting the Schedule 464
Setting Storage Locations 465
Configuring Backup and Restore 466
Backup Types 466
Backup Schedules 467
Managing Remotely 470
Restoring Data 471
Managing Disk Quotas 472
Quota by Volume or Quota by User 472
Quota Entries 474
Configuring Quotas Using FSRM 477
Quota Templates 477
Configuring and Monitoring Print Services 478
Printer Share 478
Publishing Printers to Active Directory 481
Printer Permissions 482
Deploying Printer Connections 483
Installing Printer Drivers 485
Exporting and Importing Print Queues and Printer Settings 486
Adding Counters to Reliability and Performance Monitor to Monitor Print Servers 488
Printer Pooling 490
Print Priority 491
Summary 491
Solutions Fast Track 493
Configuring a File Server 493
Configuring Distributed File System (DFS) 494
Configuring Shadow Copy Services 494
Configuring Backup and Restore 495
Managing Disk Quotas 495
Configuring and Monitoring Print Services 495
Frequently Asked Questions 496
Chapter 8: Monitoring and Managing a Network Infrastructure 502
Introduction 503
Configuring Windows Server Update Services Server Settings 503
Installing Windows Server Update Services 504
Update Type Selection 516
Client Settings 518
Configuring WSUS Computer Group Assignment Settings 520
Group Policy Objects (GPOs) 522
Client Targeting 526
Software Updates 526
Test and Approval 528
Disconnected Networks 532
Capturing Performance Data 534
Data Collector Sets 534
Performance Monitor 547
Reliability Monitor 551
Monitoring the System Stability Index 553
Monitoring Event Logs 554
Custom Views 554
Application and Services Logs 558
Admin Logs 558
Operational Logs 558
Analytic Logs 559
Debug Logs 559
Subscriptions 559
DNS Event Log 562
Gathering Network Data 563
Simple Network Management Protocol (SNMP) 563
Baseline Security Analyzer 567
Network Monitor 570
Summary 574
Solutions Fast Track 574
Configuring Windows Server Update Services Server Settings 574
Capturing Performance Data 575
Monitoring Event Logs 575
Gathering Network Data 575
Frequently Asked Questions 576
Chapter 9: Network Access Protection 578
Introduction 579
Working with NAP 580
Network Layer Protection 580
NAP Clients 581
NAP Enforcement Points 582
Active Directory Domain Services 582
NAP Health Policy Server 583
Health Requirement Server 583
Restricted Network 583
Software Policy Validation 584
DHCP Enforcement 584
VPN Enforcement 590
Communication Process with VPN Client and NAP 590
Configuring NAP Health Policies 594
Connection Request Policies 595
Network Policies 596
Health Policies 597
Network Access Protection Settings 599
IPsec Enforcement 601
Secure Network 602
Boundary Network 602
Restricted Network 603
Flexible Host Isolation 603
802.1x Enforcement 606
Summary 609
Solutions Fast Track 610
Working with Network Access Protection 610
Frequently Asked Questions 612
Chapter 10: Configuring Windows Server Hyper-V and Virtual Machines 614
Introduction 615
Advancing Microsoft’s Strategy for Virtualization 615
Understanding Virtualization 617
Understanding the Components of Hyper-V 621
Configuring Virtual Machines 624
Installing Hyper-V 624
Installing and Managing Hyper-V on Windows Server Core Installations 627
Virtual Networking 628
Virtualization Hardware Requirements 631
Virtual Hard Disks 632
Adding Virtual Machines 634
Migrating from Physical to Virtual Machines 639
Backing Up Virtual Machines 644
Virtual Server Optimization 648
Summary 651
Solutions Fast Track 652
Configuring Virtual Machines 652
Migrating from Physical to Virtual Machines 652
Backing Up Virtual Machines 653
Virtual Server Optimization 654
Frequently Asked Questions 655
Chapter 11: Configuring Web Application Services 658
Introduction 659
Installing and Configuring Internet Information Services 659
Differences in Windows Editions 664
Typical Deployment Scenarios 665
Simple Web Server 665
Small Web Farms 665
Large Web Farms 666
Installing Internet Information Services 667
Provisioning Web Sites 674
Adding a Virtual Directory 678
Configuring the Default Document 678
Enabling Directory Browsing 679
Customizing Error Pages 681
Redirecting Requests 684
Adding Custom Response Headers 685
Adding MIME Types 686
Configuring Web Applications 687
Application Pool Settings 693
Application Development Settings 695
Enabling Third-Party Runtime Environments 696
Migrating from Previous Releases 698
Securing Your Web Sites and Applications 699
Transport Security 700
Authentication 709
Considerations When Using Client Certificates 712
Authorization 714
URL Authorization 714
IP Authorization 718
Request Filtering 719
.NET Trust Levels 721
Managing Internet Information Services 722
Configuration and Delegation 722
Remote Administration 726
Health and Diagnostics 727
Failed Request Tracing 728
Logging 731
Scaling Your Web Farm 732
Output Caching 732
Compression 735
Network Load Balancing 738
Shared Configuration 739
TCP and HTTP Service Unavailable Responses 739
Backing Up and Restoring Server Configuration 740
Summary 742
Solutions Fast Track 744
Installing and Configuring Internet Information Services 744
Securing Your Web Sites and Applications 744
Managing Internet Information Services 745
Frequently Asked Questions 747
Chapter 12: Configuring Web Infrastructure Services 750
Introduction 751
Installing and Configuring FTP Publishing Services 751
Installing the FTP Publishing Service 752
Provisioning FTP Sites 759
Directory Browsing 762
Firewall Support 764
Messages 765
Virtual Directories 766
Application Pools 767
Securing Your FTP Site 769
Transport Security 769
Authentication 776
Authorization 776
URL Authorization 777
IP Authorization 778
User Isolation 779
Installing and Configuring SMTP Services 781
Installing Simple Mail Transfer (SMTP) Services 782
Provisioning Virtual Servers 785
Configuring a Virtual Server 787
Server Bindings 788
Logging 789
Message Limits 790
Delivery Options 791
LDAP Routing 794
Securing Your SMTP Virtual Server 795
Transport Security 795
Authentication 796
Connection Control 797
Relay Restrictions 798
Summary 800
Solutions Fast Track 801
Installing and Configuring FTP Publishing Service 801
Installing and Configuring SMTP Services 802
Frequently Asked Questions 803
Index 806
Erscheint lt. Verlag | 31.8.2011 |
---|---|
Sprache | englisch |
Themenwelt | Sachbuch/Ratgeber |
Informatik ► Betriebssysteme / Server ► Windows | |
Informatik ► Betriebssysteme / Server ► Windows Server | |
Informatik ► Netzwerke ► Sicherheit / Firewall | |
Informatik ► Office Programme ► Outlook | |
Informatik ► Theorie / Studium ► Kryptologie | |
Mathematik / Informatik ► Mathematik ► Algebra | |
Mathematik / Informatik ► Mathematik ► Angewandte Mathematik | |
Technik | |
Wirtschaft ► Betriebswirtschaft / Management | |
ISBN-10 | 0-08-056007-5 / 0080560075 |
ISBN-13 | 978-0-08-056007-6 / 9780080560076 |
Haben Sie eine Frage zum Produkt? |
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich