20410D installing and configuring windows server 2012 trainerhandbook

MCT USE ONLxiv Installing and Configuring Windows Server® 2012 Contents Module 1: Deploying and Managing Windows Server 2012 Lesson 1: Windows Server 2012 Overview 1-3 Lesson 2: Inst

Trang 2

MCT USE ONL

ii Installing and Configuring Windows Server® 2012

Information in this document, including URL and other Internet Web site references, is subject to change without notice Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred Complying with all applicable copyright laws is the responsibility of the user Without limiting the rights under copyright, no part of this document may be reproduced, stored in

or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these

patents, trademarks, copyrights, or other intellectual property

The names of manufacturers, products, or URLs are provided for informational purposes only and

Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product Links may be provided to third party sites Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites Microsoft is not responsible for webcasting or any other form of transmission received from any linked site Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein

Microsoft and the trademarks listed at http://www.microsoft.com/about/legal/en/us/IntellectualProperty /Trademarks/EN-US.aspxare trademarks of the Microsoft group of companies All other trademarks are

property of their respective owners

Product Number: 20410D

Part Number: X19-55618

Released: 04/2014

Trang 3

MCT USE ONL

MICROSOFT LICENSE TERMS

MICROSOFT INSTRUCTOR-LED COURSEWARE

These license terms are an agreement between Microsoft Corporation (or based on where you live, one of its affiliates) and you Please read them They apply to your use of the content accompanying this agreement which includes the media on which you received it, if any These license terms also apply to Trainer Content and any updates and supplements for the Licensed Content unless other terms accompany those items If so, those terms apply

BY ACCESSING, DOWNLOADING OR USING THE LICENSED CONTENT, YOU ACCEPT THESE TERMS

IF YOU DO NOT ACCEPT THEM, DO NOT ACCESS, DOWNLOAD OR USE THE LICENSED CONTENT

If you comply with these license terms, you have the rights below for each license you acquire

c “Classroom Device” means one (1) dedicated, secure computer that an Authorized Learning Center owns

or controls that is located at an Authorized Learning Center’s training facilities that meets or exceeds the hardware level specified for the particular Microsoft Instructor-Led Courseware

d “End User” means an individual who is (i) duly enrolled in and attending an Authorized Training Session

or Private Training Session, (ii) an employee of a MPN Member, or (iii) a Microsoft full-time employee

e “Licensed Content” means the content accompanying this agreement which may include the Microsoft Instructor-Led Courseware or Trainer Content

f “Microsoft Certified Trainer” or “MCT” means an individual who is (i) engaged to teach a training session

to End Users on behalf of an Authorized Learning Center or MPN Member, and (ii) currently certified as a Microsoft Certified Trainer under the Microsoft Certification Program

g “Microsoft Instructor-Led Courseware” means the Microsoft-branded instructor-led training course that educates IT professionals and developers on Microsoft technologies A Microsoft Instructor-Led

Courseware title may be branded as MOC, Microsoft Dynamics or Microsoft Business Group courseware

h “Microsoft IT Academy Program Member” means an active member of the Microsoft IT Academy

Trang 4

MCT USE ONL

l “Personal Device” means one (1) personal computer, device, workstation or other digital electronic device that you personally own or control that meets or exceeds the hardware level specified for the particular Microsoft Instructor-Led Courseware

m “Private Training Session” means the instructor-led training classes provided by MPN Members for

corporate customers to teach a predefined learning objective using Microsoft Instructor-Led Courseware These classes are not advertised or promoted to the general public and class attendance is restricted to individuals employed by or contracted by the corporate customer

n “Trainer” means (i) an academically accredited educator engaged by a Microsoft IT Academy Program Member to teach an Authorized Training Session, and/or (ii) a MCT

o “Trainer Content” means the trainer version of the Microsoft Instructor-Led Courseware and additional supplemental content designated solely for Trainers’ use to teach a training session using the Microsoft Instructor-Led Courseware Trainer Content may include Microsoft PowerPoint presentations, trainer preparation guide, train the trainer materials, Microsoft One Note packs, classroom setup guide and Pre-release course feedback form To clarify, Trainer Content does not include any software, virtual hard disks or virtual machines

2 USE RIGHTS The Licensed Content is licensed not sold The Licensed Content is licensed on a one copy per user basis, such that you must acquire a license for each individual that accesses or uses the Licensed

Content

2.1 Below are five separate sets of use rights Only one set of rights apply to you

a If you are a Microsoft IT Academy Program Member:

i Each license acquired on behalf of yourselfmay only be used to review one (1) copy of the Microsoft Instructor-Led Courseware in the form provided to you If the Microsoft Instructor-Led Courseware is

in digital format, you may install one (1) copy on up to three (3) Personal Devices You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control

ii For each license you acquire on behalf of an End User or Trainer, you may either:

1 distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End User who is enrolled in the Authorized Training Session, and only immediately prior to the commencement of the Authorized Training Session that is the subject matter of the Microsoft

Instructor-Led Courseware being provided, or

2 provide one (1) End User with the unique redemption code and instructions on how they can

access one (1) digital version of the Microsoft Instructor-Led Courseware, or

3 provide one (1) Trainer with the unique redemption code and instructions on how they can access one (1) Trainer Content,

provided you comply with the following:

iii you will only provide access to the Licensed Content to those individuals who have acquired a valid license to the Licensed Content,

iv you will ensure each End User attending an Authorized Training Session has their own valid licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized Training

Session,

v you will ensure that each End User provided with the hard-copy version of the Microsoft Led Courseware will be presented with a copy of this agreement and each End User will agree that their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to providing them with the Microsoft Instructor-Led Courseware Each individual will be required

Instructor-to denote their acceptance of this agreement in a manner that is enforceable under local law prior Instructor-to their accessing the Microsoft Instructor-Led Courseware,

vi you will ensure that each Trainer teaching an Authorized Training Session has their own valid

licensed copy of the Trainer Content that is the subject of the Authorized Training Session,

Trang 5

MCT USE ONL

vii you will only use qualified Trainers who have in-depth knowledge of and experience with the

Microsoft technology that is the subject of the Microsoft Instructor-Led Courseware being taught for all your Authorized Training Sessions,

viii you will only deliver a maximum of 15 hours of training per week for each Authorized Training

Session that uses a MOC title, and

ix you acknowledge that Trainers that are not MCTs will not have access to all of the trainer resources for the Microsoft Instructor-Led Courseware

b If you are a Microsoft Learning Competency Member:

i Each license acquired on behalf of yourselfmay only be used to review one (1) copy of the Microsoft Instructor-Led Courseware in the form provided to you If the Microsoft Instructor-Led Courseware is

1 distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End User attending the Authorized Training Session and only immediately prior to the

commencement of the Authorized Training Session that is the subject matter of the Microsoft

Instructor-Led Courseware provided, or

2 provide one (1) End User attending the Authorized Training Session with the unique redemption code and instructions on how they can access one (1) digital version of the Microsoft Instructor-

Led Courseware, or

3 you will provide one (1) Trainer with the unique redemption code and instructions on how they can access one (1) Trainer Content,

iv you will ensure that each End User attending an Authorized Training Session has their own valid licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized

Training Session,

v you will ensure that each End User provided with a hard-copy version of the Microsoft Instructor-Led Courseware will be presented with a copy of this agreement and each End User will agree that their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to providing them with the Microsoft Instructor-Led Courseware Each individual will be required to denote their acceptance of this agreement in a manner that is enforceable under local law prior to their accessing the Microsoft Instructor-Led Courseware,

vi you will ensure that each Trainer teaching an Authorized Training Session has their own valid

licensed copy of the Trainer Content that is the subject of the Authorized Training Session,

vii you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is the subject of the Microsoft Instructor-Led Courseware being taught for your Authorized Training Sessions,

viii you will only use qualified MCTs who also hold the applicable Microsoft Certification credential that is the subject of the MOC title being taught for all your Authorized Training Sessions using MOC,

ix you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and

x you will only provide access to the Trainer Content to Trainers

Trang 6

MCT USE ONL

c If you are a MPN Member:

i Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft Instructor-Led Courseware in the form provided to you If the Microsoft Instructor-Led Courseware is

1 distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End User attending the Private Training Session, and only immediately prior to the commencement

of the Private Training Session that is the subject matter of the Microsoft Instructor-Led

Courseware being provided, or

2 provide one (1) End User who is attending the Private Training Session with the unique

redemption code and instructions on how they can access one (1) digital version of the

Microsoft Instructor-Led Courseware, or

3 you will provide one (1) Trainer who is teaching the Private Training Session with the unique redemption code and instructions on how they can access one (1) Trainer Content,

iv you will ensure that each End User attending an Private Training Session has their own valid licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Private Training Session,

v you will ensure that each End User provided with a hard copy version of the Microsoft Instructor-Led Courseware will be presented with a copy of this agreement and each End User will agree that their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to providing them with the Microsoft Instructor-Led Courseware Each individual will be required to denote their acceptance of this agreement in a manner that is enforceable under local law prior to their accessing the Microsoft Instructor-Led Courseware,

vi you will ensure that each Trainer teaching an Private Training Session has their own valid licensed copy of the Trainer Content that is the subject of the Private Training Session,

vii you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is the subject of the Microsoft Instructor-Led Courseware being taught for all your Private Training Sessions,

viii you will only use qualified MCTs who hold the applicable Microsoft Certification credential that is the subject of the MOC title being taught for all your Private Training Sessions using MOC,

ix you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and

x you will only provide access to the Trainer Content to Trainers

d If you are an End User:

For each license you acquire, you may use the Microsoft Instructor-Led Courseware solely for your personal training use If the Microsoft Instructor-Led Courseware is in digital format, you may access the Microsoft Instructor-Led Courseware online using the unique redemption code provided to you by the training provider and install and use one (1) copy of the Microsoft Instructor-Led Courseware on up to three (3) Personal Devices You may also print one (1) copy of the Microsoft Instructor-Led Courseware You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control

e If you are a Trainer

i For each license you acquire, you may install and use one (1) copy of the Trainer Content in the form provided to you on one (1) Personal Device solely to prepare and deliver an Authorized

Training Session or Private Training Session, and install one (1) additional copy on another Personal Device as a backup copy, which may be used only to reinstall the Trainer Content You may not install or use a copy of the Trainer Content on a device you do not own or control You may also print one (1) copy of the Trainer Content solely to prepare for and deliver an Authorized Training Session or Private Training Session

Trang 7

MCT USE ONL

ii You may customize the written portions of the Trainer Content that are logically associated with instruction of a training session in accordance with the most recent version of the MCT agreement

If you elect to exercise the foregoing rights, you agree to comply with the following: (i)

customizations may only be used for teaching Authorized Training Sessions and Private Training Sessions, and (ii) all customizations will comply with this agreement For clarity, any use of

“customize” refers only to changing the order of slides and content, and/or not using all the slides or content, it does not mean changing or modifying any slide or content

2.2 Separation of Components The Licensed Content is licensed as a single unit and you may not

separate their components and install them on different devices

2.3 Redistribution of Licensed Content Except as expressly provided in the use rights above, you may

not distribute any Licensed Content or any portion thereof (including any permitted modifications) to any third parties without the express written permission of Microsoft

2.4 Third Party Notices The Licensed Content may include third party code tent that Microsoft, not the

third party, licenses to you under this agreement Notices, if any, for the third party code ntent are included for your information only

2.5 Additional Terms Some Licensed Content may contain components with additional terms,

conditions, and licenses regarding its use Any non-conflicting terms in those conditions and licenses also apply to your use of that respective component and supplements the terms described in this agreement

3 LICENSED CONTENT BASED ON PRE-RELEASE TECHNOLOGY If the Licensed Content’s subject

matter is based on a pre-release version of Microsoft technology (“Pre-release”), then in addition to the

other provisions in this agreement, these terms also apply:

a Pre-Release Licensed Content This Licensed Content subject matter is on the Pre-release version of

the Microsoft technology The technology may not work the way a final version of the technology will

and we may change the technology for the final version We also may not release a final version

Licensed Content based on the final version of the technology may not contain the same information as the Licensed Content based on the Pre-release version Microsoft is under no obligation to provide you

with any further content, including any Licensed Content based on the final version of the technology

b Feedback If you agree to give feedback about the Licensed Content to Microsoft, either directly or

through its third party designee, you give to Microsoft without charge, the right to use, share and

commercialize your feedback in any way and for any purpose You also give to third parties, without charge, any patent rights needed for their products, technologies and services to use or interface with any specific parts of a Microsoft technology, Microsoft product, or service that includes the feedback You will not give feedback that is subject to a license that requires Microsoft to license its technology, technologies, or products to third parties because we include your feedback in them These rights

survive this agreement

c Pre-release Term If you are an Microsoft IT Academy Program Member, Microsoft Learning

Competency Member, MPN Member or Trainer, you will cease using all copies of the Licensed Content on the Pre-release technology upon (i) the date which Microsoft informs you is the end date for using the Licensed Content on the Pre-release technology,or (ii) sixty (60) days after the commercial release of the

technology that is the subject of the Licensed Content, whichever is earliest (“Pre-release term”)

Upon expiration or termination of the Pre-release term, you will irretrievably delete and destroy all copies

of the Licensed Content in your possession or under your control

Trang 8

MCT USE ONL

4 SCOPE OF LICENSE The Licensed Content is licensed, not sold This agreement only gives you some

rights to use the Licensed Content Microsoft reserves all other rights Unless applicable law gives you more rights despite this limitation, you may use the Licensed Content only as expressly permitted in this

agreement In doing so, you must comply with any technical limitations in the Licensed Content that only allows you to use it in certain ways Except as expressly permitted in this agreement, you may not:

• access or allow any individual to access the Licensed Content if they have not acquired a valid license for the Licensed Content,

• alter, remove or obscure any copyright or other protective notices (including watermarks), branding

or identifications contained in the Licensed Content,

• modify or create a derivative work of any Licensed Content,

• publicly display, or make the Licensed Content available for others to access or use,

• copy, print, install, sell, publish, transmit, lend, adapt, reuse, link to or post, make available or distribute the Licensed Content to any third party,

• work around any technical limitations in the Licensed Content, or

• reverse engineer, decompile, remove or otherwise thwart any protections or disassemble the

Licensed Content except and only to the extent that applicable law expressly permits, despite this limitation

5 RESERVATION OF RIGHTS AND OWNERSHIP Microsoft reserves all rights not expressly granted to

you in this agreement The Licensed Content is protected by copyright and other intellectual property laws and treaties Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the Licensed Content

6 EXPORT RESTRICTIONS The Licensed Content is subject to United States export laws and regulations

You must comply with all domestic and international export laws and regulations that apply to the Licensed Content These laws include restrictions on destinations, end users and end use For additional information, see www.microsoft.com/exporting

7 SUPPORT SERVICES Because the Licensed Content is “as is”, we may not provide support services for it

8 TERMINATION Without prejudice to any other rights, Microsoft may terminate this agreement if you fail

to comply with the terms and conditions of this agreement Upon termination of this agreement for any reason, you will immediately stop all use of and delete and destroy all copies of the Licensed Content in your possession or under your control

9 LINKS TO THIRD PARTY SITES You may link to third party sites through the use of the Licensed

Content The third party sites are not under the control of Microsoft, and Microsoft is not responsible for the contents of any third party sites, any links contained in third party sites, or any changes or updates to third party sites Microsoft is not responsible for webcasting or any other form of transmission received from any third party sites Microsoft is providing these links to third party sites to you only as a

convenience, and the inclusion of any link does not imply an endorsement by Microsoft of the third party site

10 ENTIRE AGREEMENT This agreement, and any additional terms for the Trainer Content, updates and

supplements are the entire agreement for the Licensed Content, updates and supplements

11 APPLICABLE LAW

a United States If you acquired the Licensed Content in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort

Trang 9

MCT USE ONL

b Outside the United States If you acquired the Licensed Content in any other country, the laws of that country apply

12 LEGAL EFFECT This agreement describes certain legal rights You may have other rights under the laws

of your country You may also have rights with respect to the party from whom you acquired the Licensed Content This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so

13 DISCLAIMER OF WARRANTY THE LICENSED CONTENT IS LICENSED "AS-IS" AND "AS

AVAILABLE." YOU BEAR THE RISK OF USING IT MICROSOFT AND ITS RESPECTIVE

AFFILIATES GIVES NO EXPRESS WARRANTIES, GUARANTEES, OR CONDITIONS YOU MAY HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT CANNOT CHANGE TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT AND ITS RESPECTIVE AFFILIATES EXCLUDES ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT

14 LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES YOU CAN RECOVER FROM MICROSOFT, ITS RESPECTIVE AFFILIATES AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP

TO US$5.00 YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES

This limitation applies to

o anything related to the Licensed Content, services, content (including code) on third party Internet sites or third-party programs; and

o claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence,

or other tort to the extent permitted by applicable law

It also applies even if Microsoft knew or should have known about the possibility of the damages The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages

Please note: As this Licensed Content is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French

Remarque : Ce le contenu sous licence étant distribué au Québec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en français

EXONÉRATION DE GARANTIE Le contenu sous licence visé par une licence est offert « tel quel » Toute

utilisation de ce contenu sous licence est à votre seule risque et péril Microsoft n’accorde aucune autre garantie expresse Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues

consommateurs, que ce contrat ne peut modifier La ou elles sont permises par le droit locale, les garanties implicites de qualité marchande, d’adéquation à un usage particulier et d’absence de contrefaçon sont exclues

LIMITATION DES DOMMAGES-INTÉRÊTS ET EXCLUSION DE RESPONSABILITÉ POUR LES

DOMMAGES Vous pouvez obtenir de Microsoft et de ses fournisseurs une indemnisation en cas de dommages

directs uniquement à hauteur de 5,00 $ US Vous ne pouvez prétendre à aucune indemnisation pour les autres dommages, y compris les dommages spéciaux, indirects ou accessoires et pertes de bénéfices

Cette limitation concerne:

• tout ce qui est relié au le contenu sous licence, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers; et

• les réclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilité stricte, de négligence ou d’une autre faute dans la limite autorisée par la loi en vigueur

Trang 10

MCT USE ONL

Elle s’applique également, même si Microsoft connaissait ou devrait connaître l’éventualité d’un tel dommage Si votre pays n’autorise pas l’exclusion ou la limitation de responsabilité pour les dommages indirects, accessoires

ou de quelque nature que ce soit, il se peut que la limitation ou l’exclusion ci-dessus ne s’appliquera pas à votre égard

EFFET JURIDIQUE Le présent contrat décrit certains droits juridiques Vous pourriez avoir d’autres droits

prévus par les lois de votre pays Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre pays si celles-ci ne le permettent pas

Revised July 2013

Trang 11

MCT USE ONL

Installing and Configuring Windows Server ® 2012 xi

Trang 12

MCT USE ONL

xii Installing and Configuring Windows Server® 2012

Acknowledgments

Microsoft Learning wants to acknowledge and thank the following for their contribution toward

developing this title Their effort at various stages in the development has ensured that you have a good classroom experience

Andrew J Warren - Lead Content Developer

Andrew Warren has more than 25 years of experience in the IT industry, many of which he has spent teaching and writing He has been involved as the Subject Matter Expert for many Windows Server® 2008 courses and the technical lead on a number of other courses He also has been involved in developing TechNet sessions on Microsoft® Exchange Server 2007 Based in the United Kingdom, he runs his own IT training and education consultancy

Gary Dunlop - Content Developer

Gary Dunlop is based in Winnipeg, Canada and is a technical consultant and trainer for Broadview Networks He has authored a number of Microsoft Learning titles and has been a Microsoft Certified Trainer (MCT) since 1997

Dave Franklyn - Content Developer

David M Franklyn, MCT, Microsoft Certified Solutions Expert (MCSE), Microsoft Certified IT Professional (MCITP), Microsoft Most Valuable Professional (MVP) Windows Expert-It Pro, is a Senior Information Technology Trainer and Consultant at Auburn University in Montgomery, Alabama, and is the owner of DaveMCT, Inc LLC He is also Adjunct Faculty with MyITStudy.com He is an Eastern USA Regional Lead MCT Dave has been a Microsoft MVP since 2011, and has been teaching at Auburn University since 1998 Working with computers since 1976, Dave started out in the mainframe world and moved early into the networking arena Before joining Auburn University, Dave spent 22 years in the U.S Air Force as an electronic communications and computer systems specialist, retiring in 1998 Dave is president of the Montgomery Windows IT Professional Group, and a guest speaker at many events involving Microsoft products

Vladimir Meloski - Content Developer

Vladimir is a MCT, an MVP on Exchange Server, and a consultant, and provides unified-communications and infrastructure solutions based on Exchange Server, Lync® Server, Windows Server, and Microsoft System Center Vladimir has 17 years of professional IT experience, and has been involved in Microsoft conferences in Europe and the United States as a speaker, moderator, proctor for hands-on labs, and technical expert He also has been involved as a Subject Matter Expert and Technical Reviewer for

Microsoft Official Curriculum courses

Stan Reimer - Content Developer

Stan Reimer is president of S R Technical Services Inc., and he works as a consultant, trainer, and author Stan has extensive experience consulting on Active Directory® Domain Services (AD DS) and Exchange Server deployments for some of the largest companies in Canada Stan is the lead author for two

Active Directory books for Microsoft Press® For the last 10 years, Stan has been writing courseware for Microsoft Learning, specializing in Active Directory and Exchange Server courses Stan has been a MCT for

13 years

Trang 13

MCT USE ONL

Installing and Configuring Windows Server ® 2012 xiii

Telmo Sampaio - Content Developer

Telmo Sampaio, who has a Bachelor of Science degree in Computer Science, also is an MCT, MCSE, Microsoft Certified Solutions Developer (MCSD), and an MCT Regional Lead He is the “Chief Geek” for MCTrainer.NET and TechKnowLogical Telmo specializes in System Center, Microsoft SharePoint®, Microsoft SQL Server®, and NET, and has worked for IBM, Microsoft, and several start-ups during the past 20 years He is very active in the MCT community, and travels the world providing consulting services and attending training engagements His home base is Miami, Florida Telmo has passed more than 100 Microsoft exams since his first certification in 1996

David Susemiehl - Content Developer

David Susemiehl has worked as consultant, trainer, and courseware developer since 1996 David has extensive experience consulting on Microsoft Systems Management Server and Microsoft System Center Configuration Manager 2007, as well as Active Directory, Exchange Server, and Terminal Server/Citrix deployments David has developed courseware development for Microsoft and Hewlett-Packard, and delivered those courses successfully in Europe, Central America, and across North America For the last several years, David has been writing courseware for Microsoft Learning, and consulting on infrastructure transitions in Michigan

Brian Svidergol - Content Developer

Brian Svidergol specializes in Microsoft infrastructure and cloud-based solutions built around Windows, Active Directory, Exchange Server, System Center, virtualization, and Microsoft Desktop Optimization Pack

(MDOP) He holds a variety of Microsoft and industry certifications Brian authored the Active Directory

Cookbook, 4th edition He has also worked as a Subject Matter Expert and Technical Reviewer on many Microsoft Official Curriculum courses, Microsoft certification exams, and authored or reviewed related training content

Orin Thomas - Content Developer

Orin Thomas is an MVP, an MCT, and has a variety of MCSE and MCITP certifications He has written more

than 20 books for Microsoft Press, and is a contributing editor at Windows IT Pro magazine He has been

working in IT since the early 1990's He regularly speaks at events such as TechED in Australia, and around the world on Windows Server, Windows client operating systems, System Center, and security topics Orin founded and runs the Melbourne System Center Users Group

Brian Langan - Technical Reviewer

Brian Langan is president and founder of Langan Enterprises Inc., a consulting/training/security firm established in 1995 He has worked in the industry for over 20 years becoming an MCT in 1996, and holds

a number of Microsoft certifications on clients, servers, messaging, and System Center products He has written courses on many different topics including Windows Troubleshooting and Security courses for Global Knowledge and other training companies

Trang 14

MCT USE ONL

xiv Installing and Configuring Windows Server® 2012

Contents

Module 1: Deploying and Managing Windows Server 2012

Lesson 1: Windows Server 2012 Overview 1-3

Lesson 2: Installing Windows Server 2012 1-14

Lesson 3: Post-Installation Configuration of Windows Server 2012 1-21

Lesson 4: Overview of Windows Server 2012 Management 1-32

Lesson 5: Introduction to Windows PowerShell 1-39

Lab: Deploying and Managing Windows Server 2012 1-47

Module 2: Introduction to Active Directory Domain Services

Lesson 1: Overview of AD DS 2-2

Lesson 2: Overview of Domain Controllers 2-13

Lesson 3: Installing a Domain Controller 2-20

Lab: Installing Domain Controllers 2-28

Module 3: Managing Active Directory Domain Services Objects

Lesson 1: Managing User Accounts 3-2

Lesson 2: Managing Groups 3-12

Lesson 3: Managing Computer Accounts 3-21

Lesson 4: Delegating Administration 3-29

Lab: Managing Active Directory Domain Services Objects 3-33

Module 4: Automating Active Directory Domain Services Administration

Lesson 1: Using Command-line Tools for AD DS Administration 4-2

Lesson 2: Using Windows PowerShell for AD DS Administration 4-8

Lesson 3: Performing Bulk Operations with Windows PowerShell 4-14

Lab: Automating AD DS Administration by Using Windows PowerShell 4-25

Module 5: Implementing IPv4

Lesson 1: Overview of TCP/IP 5-2

Lesson 2: Understanding IPv4 Addressing 5-7

Lesson 3: Subnetting and Supernetting 5-12

Lesson 4: Configuring and Troubleshooting IPv4 5-18

Lab: Implementing IPv4 5-28

Module 6: Implementing Dynamic Host Configuration Protocol

Lesson 1: Overview of the DHCP Server Role 6-2

Lesson 2: Configuring DHCP Scopes 6-8

Lesson 3: Managing a DHCP Database 6-14

Lesson 4: Securing and Monitoring DHCP 6-18

Lab: Implementing DHCP 6-24

Trang 15

MCT USE ONL

Installing and Configuring Windows Server ® 2012 xv

Module 7: Implementing DNS

Lesson 1: Name Resolution for Windows Clients and Servers 7-2

Lesson 2: Installing a DNS Server 7-15

Lesson 3: Managing DNS Zones 7-21

Lab: Implementing DNS 7-25

Module 8: Implementing IPv6

Lesson 1: Overview of IPv6 8-2

Lesson 2: IPv6 Addressing 8-7

Lesson 3: Coexistence with IPv4 8-13

Lesson 4: IPv6 Transition Technologies 8-17

Lab: Implementing IPv6 8-23

Module 9: Implementing Local Storage

Lesson 1: Overview of Storage 9-2

Lesson 2: Managing Disks and Volumes 9-12

Lesson 3: Implementing Storage Spaces 9-23

Lab: Implementing Local Storage 9-29

Module 10: Implementing File and Print Services

Lesson 1: Securing Files and Folders 10-2

Lesson 2: Protecting Shared Files and Folders by Using Shadow Copies 10-15

Lesson 3: Configuring Work Folders 10-18

Lesson 4: Configuring Network Printing 10-26

Lab: Implementing File and Print Services 10-32

Module 11: Implementing Group Policy

Lesson 1: Overview of Group Policy 11-2

Lesson 2: Group Policy Processing 11-9

Lesson 3: Implementing a Central Store for Administrative Templates 11-16

Module 12: Securing Windows Servers by Using Group Policy Objects

Lesson 1: Security Overview for Windows Operating Systems 12-2

Lesson 2: Configuring Security Settings 12-6

Lab A: Increasing Security for Server Resources 12-18

Lesson 3: Restricting Software 12-25

Lesson 4: Configuring Windows Firewall with Advanced Security 12-29

Lab B: Configuring AppLocker and Windows Firewall 12-35

Trang 16

MCT USE ONL

xvi Installing and Configuring Windows Server® 2012

Module 13: Implementing Server Virtualization with Hyper-V

Lesson 1: Overview of Virtualization Technologies 13-2

Lesson 2: Implementing Hyper-V 13-8

Lesson 3: Managing Virtual Machine Storage 13-19

Lesson 4: Managing Virtual Networks 13-27

Lab: Implementing Server Virtualization with Hyper-V 13-33

Lab Answer Keys

Module 1 Lab: Deploying and Managing Windows Server 2012 L1-1

Module 2 Lab: Installing Domain Controllers L2-9

Module 3 Lab: Managing Active Directory Domain Services Objects L3-13

Module 4 Lab: Automating AD DS Administration by Using

Module 5 Lab: Implementing IPv4 L5-25

Module 6 Lab: Implementing DHCP L6-29

Module 7 Lab: Implementing DNS L7-35

Module 8 Lab: Implementing IPv6 L8-43

Module 9 Lab: Implementing Local Storage L9-47

Module 10 Lab: Implementing File and Print Services L10-53

Module 11 Lab: Implementing Group Policy L11-61

Module 12 Lab A: Increasing Security for Server Resources L12-65

Module 12 Lab B: Configuring AppLocker and Windows Firewall L12-71

Module 13 Lab: Implementing Server Virtualization with Hyper-V L13-77

Trang 17

MCT USE ONL

About This Course xvii

About This Course

This section provides you with a brief description of course 20410D: Installing and Configuring Windows

Server ® 2012, including its audience, suggested prerequisites, and course objectives

Course Description

Note: This release (D) Microsoft® Official Curriculum (MOC) version of course 20410 has been developed

on the final release version of Windows Server® 2012 R2 software

This course is part one of a three-part series that provides the skills and knowledge necessary to

implement a core Windows Server 2012 infrastructure in an existing enterprise environment The

three courses collectively cover implementing, managing, maintaining, and provisioning services and infrastructure in a Windows Server 2012 environment While there is some cross-over in skills and tasks across the courses, this course focuses on the initial implementation and configuration of core services, including Active Directory® Domain Services (AD DS), networking services, and Microsoft Hyper-V®Server 2012 R2 configuration

Audience

This course is intended for information technology (IT) professionals who have some knowledge and experience working with Windows operating systems, and who want to acquire the skills and knowledge necessary to install and perform the initial configuration of a Windows Server 2012 or Windows Server

2012 R2 server in an existing Windows server environment Candidates typically interested in attending this course are:

• Windows Server administrators who are relatively new to Windows Server administration and related technologies, and who are looking to learn more about Windows Server 2012 or Windows Server

2012 R2

• IT professionals who are experienced in other non-Microsoft technologies, who meet the

prerequisites, and want to cross-train on Windows Server 2012 or Windows Server 2012 R2

• IT professionals who want to take the any of the following exams:

o 70-410: Installing and Configuring Windows Server 2012

o The Microsoft Certified Solutions Expert (MCSE) exams in Datacenter, Desktop Infrastructure, Messaging, Collaboration and Communications

o The Microsoft Certified Solutions Associate (MCSA) exams which are a prerequisite for their individual specialties

Student Prerequisites

This course requires that students meet the following prerequisites, including that they:

• Have an understanding of networking fundamentals

• Understand basic Active Directory concepts

• Have an awareness and understanding of security best practices

• Have basic knowledge of server hardware

• Have experience working with, and configuring, Windows client-operating systems, such as

Windows® 7 or Windows 8

Trang 18

MCT USE ONL

xviii About This Course

Additionally, students would benefit from having some previous Windows Server operating-system experience

Course Objectives

After completing this course, students will be able to:

• Deploy and manage Windows Server 2012

• Describe AD DS

• Manage Active Directory objects

• Automate Active Directory administration

• Implement IPv4

• Implement Dynamic Host Configuration Protocol (DHCP)

• Implement Domain Name System (DNS)

• Implement IPv6

• Implement local storage

• Implement file and print services

• Implement Group Policy

• Use Group Policy Objects (GPOs) to secure Windows Servers

• Implement server virtualization by using Hyper-V

Course Outline

This section provides an outline of the course:

Module 1, Deploying and Managing Windows Server 2012

This module starts the course by discussing installation of Windows Server 2012 This is not the most commonly performed task in the course, but it provides a logical starting point for students to begin working with Windows Server 2012

Module 2, Introduction to Active Directory Domain Services

AD DS is a core part of network management in an enterprise environment We introduce it early in the course so that students can use it to perform other tasks, such as creating users and groups, in later modules In this module, students will install a domain controller

Module 3, Managing Active Directory Domain Services Objects

This module discusses creating and managing specific Active Directory objects, such as users, groups, and computer accounts This is a core part of what a beginning server administrator does on a daily basis Additionally, this module discusses how administrators can delegate some of these tasks to their company’s help-desk staff

Module 4, Automating Active Directory Domain Services Administration

This module expands on the knowledge that students gain in Module 3, by providing them with methods for automating the creation and management of Active Directory objects This is

a relatively advanced topic, but logically flows after Module 3

Trang 19

MCT USE ONL

About This Course xix

Module 5, Implementing IPv4

This module begins a new thread of learning in the course Configuring and understanding IPv4 is fundamental to working as a system administrator

Module 6, Implementing Dynamic Host Configuration Protocol

This module discusses how to use DHCP to distribute IPv4 address information

Module 7, Implementing Domain Name System

This module describes how DNS converts names to IP addresses and why this is important in

an Active Directory environment This module also describes how to deploy and manage DNS servers and zones

Module 8, Implementing IPv6

This module introduces IPv6 configuration, which is likely to be new content for the students

Module 9, Implementing Local Storage

This module includes content on storage configuration for Windows Server 2012 This is prerequisite information for Module 10, which discusses creating and securing file shares

Module 10, Implementing File and Print Services

This module discusses file shares and printing at the same time because both are commonly used network services Security for file shares and printing uses the knowledge about user accounts and groups that Modules 2 and 3 cover

Module 11, Implementing Group Policy

This module builds on the information students have learned about AD DS to introduce the creation and management of GPOs

Module 12, Securing Windows Servers by Using Group Policy Objects

This module covers specific Group Policy settings that you can use to increase security The settings include security policies, application-restriction policies, and Windows Firewall rules

Module 13, Implementing Server Virtualization with Hyper-V

The final module discusses how to configure Hyper-V and how to create virtual machines This module is last because the lab has the potential to negatively affect the virtual machines that are deployed on the student machines

Trang 20

MCT USE ONL

xx About This Course

Exam/Course Mapping

This course, 20410D: Installing and Configuring Windows Server ® 2012, has a direct mapping of its content

tothe objective domain for the Microsoft exam 70-410: Installing and Configuring Windows Server 2012.

The table below is provided as a study aid that will assist you in preparation for taking this exam and

to show you how the exam objectives and the course content fit together The course is not designed exclusively to support the exam but rather provides broader knowledge and skills to allow a real-world implementation of the particular technology The course will also contain content that is not directly covered in the examination and will utilize the unique experience and skills of your qualified Microsoft Certified Trainer

Note: The exam objectives are available online at the following URL:

http://www.microsoft.com/learning/en-us/exam-70-410.aspx, under Skills Measured

Exam Objective Domain: Exam 70-410: Installing and Configuring

1 Install and Configure Servers (17%) Module Lesson Lab

1.1 Install

servers

This objective may include but is not limited to: Plan for a server installation; plan for server roles; plan for a server upgrade; install Server Core; optimize resource utilization by using Features on Demand; migrate roles from previous versions of Windows Server

Mod 1 Lesson 1/2 Mod 1 Ex 1

1.2 Configure

servers

This objective may include but is not limited to:

Configure Server Core; delegate administration; add and remove features in offline images; deploy roles on remote servers; convert Server Core to/from full GUI;

configure services; configure NIC teaming; install and configure PowerShell Desired State Configuration (DSC)

Mod 1 Lesson

2/3/4

Mod 1 Ex 1/2/3/4

Mod 9 Lesson 2/3 Mod 9 Lab

configure offline files; configure NTFS permissions;

configure access-based enumeration (ABE); configure Volume Shadow Copy Service (VSS); configure NTFS quotas; create and configure Work Folders

Configure the Easy Print print driver; configure Enterprise Print Management; configure drivers;

configure printer pooling; configure print priorities;

configure printer permissions

Mod 10 Lesson 4 Mod 10 Lab

Ex 4

Trang 21

MCT USE ONL

About This Course xxi

2.3 Configure

servers for

remote

management

Configure WinRM; configure down-level server management; configure servers for day-to-day management tasks; configure multi-server management; configure Server Core; configure Windows Firewall; manage non-domain joined servers

Configure dynamic memory; configure smart paging;

configure Resource Metering; configure guest integration services; create and configure Generation 1 and 2 virtual machines; configure and use extended session mode; Configure RemoteFX

Mod 13 Lesson 2 Mod 13 Ex

checkpoints; implement a virtual Fibre Channel adapter; configure storage Quality of Service

Mod 13 Lesson 2/3 Mod 13 Ex

configure Hyper-V virtual switches; optimize network performance; configure MAC addresses; configure network isolation; configure synthetic and legacy virtual network adapters; configure NIC teaming in virtual machines

Configure IP address options; configure IPv4 or IPv6 subnetting; configure supernetting; configure interoperability between IPv4 and IPv6; configure ISATAP; configure Teredo

Ex 1/2 4.2 Deploy and

Mod 6 Lesson

1/2/3/4

Mod 6 Ex 1/2

4.3 Deploy and

configure DNS

service

Configure Active Directory integration of primary zones; configure forwarders; configure Root Hints;

manage DNS cache; create A and PTR resource records

Mod 7 Lesson

1/2/3

Mod 7 Ex 1/2/3

Trang 22

MCT USE ONL

xxii About This Course

5 Install and Administer Active Directory (14%)

resolve DNS SRV record registration issues; configure a global catalog server; deploy Active Directory IaaS in Azure

Automate the creation of Active Directory accounts;

create, copy, configure, and delete users and computers; configure templates; perform bulk Active Directory operations; configure user rights; offline domain join; manage inactive and disabled accounts

Mod 3 Lesson

1/2/3

Mod 3 Lab

Ex 2/3 Mod 4 Lesson

Configure group nesting; convert groups including security, distribution, universal, domain local, and domain global; manage group membership using Group Policy; enumerate group membership; delegate the creation and management of Active Directory objects; manage default Active Directory containers;

create, copy, configure, and delete groups and OUs

Mod 3 Lesson 2/4 Mod 3 Lab

Ex 1/2/3 Mod 4 Lesson 1/2 Mod 4 Lab

Configure a Central Store; manage starter GPOs;

configure GPO links; configure multiple local group policies

Configure User Rights Assignment; configure Security Options settings; configure Security templates;

configure Audit Policy; configure Local Users and Groups; configure User Account Control (UAC)

Configure rule enforcement; configure AppLocker rules; configure Software Restriction Policies

B Ex 1

6.4 Configure

Windows

Firewall

Configure rules for multiple profiles using Group Policy; configure connection security rules; configure Windows Firewall to allow or deny applications, scopes, ports, and users; configure authenticated firewall exceptions; import and export settings

B Ex 2

Note: Attending this course in itself will not successfully prepare you to pass any associated

certification exams

Trang 23

MCT USE ONL

About This Course xxiii

The taking of this course does not guarantee that you will automatically pass any certification exam In addition to attendance at this course, you should also have the following:

• Real-world, hands-on experience installing and configuring a Windows Server 2012 infrastructure

• Windows 7 or Windows 8 client configuration experience

• Additional study outside of the content in this handbook

There may also be additional study and preparation resources, such as practice tests, available for

you to prepare for this exam Details of these are available at the following URL:

http://www.microsoft.com/learning/en-us/exam-70-410.aspx, under Preparation options

You should also check out the Microsoft Virtual Academy, http://www.microsoftvirtualAcademy.com to view further additional study resources and online courses which are available to assist you with exam preparation and career development

You should familiarize yourself with the audience profile and exam prerequisites to ensure you are sufficiently prepared before taking the certification exam The complete audience profile for this exam

is available at the following URL: http://www.microsoft.com/learning/en-us/course.aspx?ID=20410D, under Overview, Audience Profile

The exam/course mapping table outlined above is accurate at the time of printing, however it is subject

to change at any time and Microsoft bears no responsibility for any discrepancies between the version published here and the version available online and will provide no notification of such changes

Course Materials

The following materials are included with your kit:

• Course Handbook: A succinct classroom learning guide that provides all the critical technical

information in a crisp, tightly-focused format, which is just right for an effective in-class learning experience

You may be accessing either a printed course hand book or digital courseware material via the Arvato Skillpipe reader Your Microsoft Certified Trainer will provide specific details but both contain the following:

o Lessons: Guide you through the learning objectives and provide the key points that are critical to

the success of the in-class learning experience

o Labs: Provide a real-world, hands-on platform for you to apply the knowledge and skills learned

in the module

o Module Reviews and Takeaways: Provide improved on-the-job reference material to boost

knowledge and skills retention

o Lab Answer Keys: Provide step-by-step lab solution guidance at your fingertips when it is

needed

Course Companion Content: On the http://www.microsoft.com/learning/companionmoc site

Searchable, easy-to-navigate digital content with integrated premium online resources designed to supplement the Course Handbook

o Modules: Include companion content, such as questions and answers, detailed demo steps and

additional reading links, for each lesson Additionally, they include Lab Review questions and answers and Module Reviews and Takeaways sections, which contain the review questions and

Trang 24

MCT USE ONL

xxiv About This Course

answers, best practices, common issues and troubleshooting tips with answers, and real-world issues and scenarios with answers

o Resources: Include well-categorized additional resources that give you immediate access to the

most up-to-date premium content on TechNet, Microsoft Developer Network®, and Microsoft Press®

Student Course files: on the http://www.microsoft.com/learning/companionmoc site

• Course evaluation At the end of the course, you will have the opportunity to complete an online

evaluation to provide feedback on the course, training facility, and instructor

o To provide additional comments or feedback on the course, send e-mail to

support@mscourseware.com To inquire about the Microsoft Certification Program, send e-mail

to mcphelp@microsoft.com

Virtual Machine Environment

This section provides the information for setting up the classroom environment to support the business scenario of the course

Virtual Machine Configuration

In this course, you will use virtual machines built in Microsoft Hyper-V to perform the labs

Important At the end of each lab, you must revert the virtual machines to a snapshot You can find the

instructions for this procedure at the end of each lab

The following table shows the role of each virtual machine used in this course

Virtual machine � Role

20410D-LON-DC1 A domain controller that is running Windows Server 2012 R2 in the

Adatum.com domain

20410D-LON-SVR1 A member server that is running Windows Server 2012 R2 in the Adatum.com domain

20410D-LON-SVR2 A member server that is running Windows Server 2012 R2 in the Adatum.com domain This server will be located on a second subnet

20410D-LON-SVR3 A blank virtual machine on which students will install Windows Server 2012 R2

20410D-LON-HOST1 A bootable virtual hard disk for running Windows Server 2012 R2 as the host for Hyper-V

20410D-LON-CORE A stand-alone server that is running a Server Core installation of Windows Server 2012 R2

20410D-LON-RTR A router that is used for network activities that require a separate subnet Also running Windows Server 2012 R2 20410D-LON-CL1 A client computer that is running Windows 8.1 and Microsoft® Office 2013 in

the Adatum.com domain

20410D-LON-CL2 A client computer that is running Windows 8.1 and Office 2013 in the

Adatum.com domain that is located in a second subnet

Trang 25

MCT USE ONL

About This Course xxv

Software Configuration

The following software is installed on the specified virtual machines:

• Microsoft Message Analyzer is installed on LON-SVR1

Classroom Setup

Each classroom computer will have the same virtual machine configured in the same way

You may be accessing the lab virtual machines in either in a hosted online environment with a web browser or by using Hyper-V on a local machine The labs and virtual machines are the same in both scenarios however there may be some slight variations because of hosting requirements Any

discrepancies will be called out in the Lab Notes on the hosted lab platform

Your Microsoft Certified Trainer will provide details about your specific lab environment

Course Hardware Level

Where labs are being run locally, to ensure a satisfactory student experience, Microsoft Learning requires

a minimum equipment configuration for trainer and student computers in all Microsoft Certified Partner for Learning Solutions (CPLS) classrooms in which Official Microsoft Learning Product courseware are taught

• The minimum equipment configuration for this course is hardware level 7 with 16 gigabytes (GB) of random access memory (RAM)

Navigation in Windows Server 2012

If you are not familiar with the user interface in Windows Server 2012 or Windows 8.1, the following information will help orient you to the new interface

• Sign in and Sign out replace Log in and Log off

• Administrative tools are found in the Tools menu of Server Manager

• Get to the Start screen, Settings, and Search as follows:

o To get to the Start screen, in the lower-left corner of the screen, click the Start button This

provides access to some applications

o Right-clicking the lower-left corner also provides a context menu to help with some navigation tasks, such as Shutdown, Restart, accessing Control Panel, and similar

o To get to Settings, point your mouse to the lower-right corner of the screen, and then click the

Settings charm when it appears Settings include Control Panel and Power

o To get to Search, point your mouse to the lower-right corner of the screen, and then click the

Search charm when it appears This allows you to search applications, settings, and files

You also may find the following shortcut keys useful:

• Windows logo key: Opens the Start screen

• Windows logo key +I: Opens Settings

• Windows logo key +R: Opens Run

• Windows logo key +C: Displays the selection of charms

Trang 26

MCT USE ONL

Trang 27

Lesson 1: Windows Server 2012 Overview 1-3

Lesson 2: Installing Windows Server 2012 1-14

Lesson 3: Post-Installation Configuration of Windows Server 2012 1-21

Lesson 4: Overview of Windows Server 2012 Management 1-32

Lesson 5: Introduction to Windows PowerShell 1-39

Lab: Deploying and Managing Windows Server 2012 1-47

Module Overview

Understanding the capabilities of a new Windows Server® 2012 operating system enables you to use that operating system effectively If you do not understand the capabilities of your new Windows Server 2012 operating system, you might use it the same way that you used the previous operating system, which would forego the advantages of the new system By understanding how to utilize your new Windows Server 2012 operating system fully, and by understanding the tools that are available to manage that functionality, you can provide your organization with more value

This module introduces the new Windows Server 2012 administrative interface In this module, you will learn about the different roles and features that are available with the Windows Server 2012 operating system You also will learn about the different installation options that you can use when you install Windows Server 2012

This module discusses the configuration steps that you can perform both during installation and after deployment to ensure that the server can begin functioning in its assigned role You will also learn how to use Windows PowerShell® to perform common administrative tasks in Windows Server 2012

Note: Please note that in this course, references to Windows Server 2012 mean both

Windows Server and Windows Server 2012 R2 If Windows Server 2012 R2 is specifically

mentioned, the reference is only for Windows Server 2012 R2 (for example, for upgrades)

Trang 28

MCT USE ONL

1-2 Deploying and Managing Windows Server 2012

Objectives

After completing this module, you should be able to:

• Describe Windows Server 2012

• Install Windows Server 2012

• Perform post-installation configuration of Windows Server 2012

• Describe the management tools available in Windows Server 2012

• Perform basic administrative tasks using Windows PowerShell

Trang 29

MCT USE ONL

Installing and Configuring Windows Server ® 2012 1-3

Lesson 1

Windows Server 2012 Overview

Before you deploy Windows Server 2012, you need to understand how each of the Windows Server 2012 editions might benefit your organization’s servers You also need to know whether a particular hardware configuration is appropriate for Windows Server 2012, whether a virtual deployment might be more suitable than a physical deployment, and which installation source allows you to deploy Windows Server

2012 in an efficient manner If you do not have an understanding of these issues, you could end up costing your organization time and money by making a choice that you must later correct

This lesson provides an overview of the various Windows Server 2012 editions, installation options, roles, and features Using this information, you should be able to determine which Windows Server 2012 edition and installation options are right for your organization

Lesson Objectives

After completing this lesson, you should be able to:

• Describe the different Windows Server 2012 editions

• Describe the purpose and function of a Windows Server 2012 Server Core installation

• Explain the function of Windows Server 2012 roles

• Explain the purpose of various Windows Server 2012 features

Windows Server 2012 R2 Editions

You can choose one of several different editions

of Windows Server 2012 R2 These editions allow

organizations to select a version of Windows

Server 2012 R2 that best meets their needs, rather

than pay for features they do not require

When deploying a server for a specific role,

systems administrators can save substantially by

selecting the appropriate edition

The following table lists the Windows Server 2012

R2 editions

Edition Description

The Windows Server 2012 R2

Standard operating system Provides all the roles and features available on the Windows Server 2012 R2 platform Supports up to 64 sockets and up to 4 terabytes

(TB) of random access memory (RAM) Includes two virtual machine licenses

Datacenter operating system Provides all the roles and features that are available on the Windows Server 2012 R2 platform Includes unlimited virtual machine licenses

for virtual machines that are run on the same hardware Supports 64 sockets, up to 640 processor cores, and up to 4 TB of RAM

Trang 30

MCT USE ONL

Essentials operating system •Next edition of Small Business Server It is now available in two forms: As an installable server role in an existing domain

• As a core Windows Server edition on a virtual machine (using a wizard)

It cannot function as a Hyper-V®, Failover Clustering, Server Core, or Remote Desktop Services server It has limits of 25 users and 50 devices It supports two processor cores and 64 GB of RAM

The new features and improvements for Windows Server 2012 R2 Essentials R2 include client deployment, user management, storage and data protection, and Office 365 integration

Microsoft Hyper-V

Server 2012 R2 Stand-alone Hyper-V platform for virtual machines There is no licensing cost (free) for the host operating system, but virtual

machines are licensed normally Supports 64 sockets and 4 TB of RAM Supports domain join Does not support other Windows Server 2012 R2 roles, other than limited file services features Hyper-V server has

no GUI but does have a user interface that presents a menu of configuration tasks

The Windows Storage

The Windows MultiPoint

Server 2012 Standard

operating system

Supports multiple users who access the same host computer directly using a separate mouse, keyboard, and monitor Limited to one socket, 32 GB of RAM, and a maximum of 12 sessions Supports some roles, including DNS and DHCP Server roles, but does not support others, including AD DS, AD CS, and AD FS Does not support domain join It is typically used by educational institutions

There is no R2 version available for Windows MultiPoint Server 2012 The Windows MultiPoint

Server 2012 Premium

operating system

Supports multiple users who access the same host computer directly using a separate mouse, keyboard, and monitor Limited to two sockets, 4 TB of RAM, and a maximum of 22 sessions Supports some roles, including DNS and DHCP Server roles, but does not support others, including AD DS, AD CS, and AD FS Supports domain join

Additional Reading:

• For detailed information on the new features in Windows Server 2012 R2 Essentials, refer to “What’s New in Windows Server 2012 R2 Essentials” at http://go.microsoft.com/fwlink/?LinkID=331071

Trang 31

MCT USE ONL

• For more information about the differences between Windows Server 2012 R2 editions, download the Windows Server 2012 R2 Products and Editions Comparison chart at

http://go.microsoft.com/fwlink/?LinkID=331070

• Many features have been removed or deprecated in Windows Server 2012 R2 For more information,

go to: Features Removed or Deprecated in Windows Server 2012 R2 Preview at

http://go.microsoft.com/fwlink/?LinkID=331069

What Is Server Core?

Server Core is an installation option for Windows

Server 2012 that can contain variations of the

Graphical User Interface (GUI) depending on the

requirements of the server roles to be installed

You can manage Server Core locally by using

Windows PowerShell® or a command-line

interface, rather than by using GUI-based tools, or

remotely by using one of the remote

management options Remote management is

covered later in this module

A Windows Server 2012 Server Core installation

offers fewer components and administrative

management options than the full installation of Windows Server 2012

Server Core installation is the default installation option when you install Windows Server 2012 Server Core has the following advantages over a traditional Windows Server 2012 deployment:

• Reduced update requirements Because Server Core installs fewer components, its deployment requires you to install fewer software updates This reduces the number of monthly reboots required and the amount of time required for an administrator to service Server Core

• Reduced hardware footprint Server Core computers require less RAM and less hard disk space When virtualized, this means that you can deploy more servers on the same host

Increasing numbers of Microsoft server programs are designed to run on computers with Server installed operating systems For example, you can install SQL Server 2012 on computers that are running the Server Core-installed version of Windows Server 2012

Core-You can switch from Server Core to the graphical version of Windows Server 2012 by running the

following Windows PowerShell cmdlet, where c:\mount is the root directory of a mounted image that hosts the full version of the Windows Server 2012 installation files:

Install-WindowsFeature -IncludeAllSubFeature User-Interfaces-Infra -Source c:\mount You can also use Windows Update or the installation DVD as the installation file source Installing the graphical components gives you the option of performing administrative tasks using the graphical tools Once you have performed the necessary administrative tasks, you can return the computer to its original Server Core configuration You can switch a computer that has the graphical version of Windows Server

2012 R2 to Server Core by removing the following components of the User Interfaces and Infrastructure feature:

• Graphical Management Tools and Infrastructure This contains a minimal server interface to provide some server management user interface tools such as Server Manager and Administrative Tools

Trang 32

MCT USE ONL

• Server Graphical Shell This contains the full GUI, including Internet Explorer and File Explorer and other user interface components This has a larger footprint than the Graphical Management Tools and Infrastructure option

Note: Be careful when you remove graphical features, because servers might have other

components installed that are dependent on those features

When connected locally, you can use the tools that are listed in the following table to manage Server Core deployments of Windows Server 2012 R2

Tool Function

Cmd.exe Allows you to run traditional command-line tools such as ping.exe, ipconfig.exe,

and netsh.exe

PowerShell.exe Launches a Windows PowerShell session on the Server Core deployment You then

can perform Windows PowerShell tasks normally Windows Server 2012 comes with Windows PowerShell version 4.0 installed

Sconfig.cmd A command-line menu-driven administrative tool that enables you to perform

most common server administrative tasks

Notepad.exe Allows you to use the Notepad.exe text editor within the Server Core environment Regedt32.exe Provides registry access within the Server Core environment

Msinfo32.exe Allows you to view system information about the Server Core deployment

Taskmgr.exe Launches the Task Manager

SCregEdit.wsf Used to enable Remote Desktop on the Server Core deployment

Note: If you accidentally close the command window on a computer that is running Server

Core, you can recover the command window by performing the following steps:

1 Press the Ctrl+Alt+Del keys, and then click Task Manager

2 From the File menu, click New Task (Run…), and then type cmd.exe

Server Core supports most Windows Server 2012 R2 roles and features However, you cannot install the following roles on a computer running Server Core:

• AD FS

• Application Server

• Network Policy and Access Services (NPAS)

• Windows Deployment Services

Even if a role is available to a computer that is running the Server Core installation option, a specific role service that is associated with that role might not be available

Note: You can check which roles on Server Core are available and which are not by running

the query Get-WindowsFeature | where-object {$_.InstallState -eq "Removed"}

Trang 33

MCT USE ONL

You can use the following tools to remotely manage a computer that is running the Server Core

installation option:

• Server Manager You can add a server that is running Server Core to Server Manager that is on a server that is running a full installation of Windows You then can use Server Manager to manage the server roles running on the Server Core computer

• Remote Windows PowerShell You can use Remote Windows PowerShell to run Windows PowerShell commands or scripts against correctly configured remote servers if the script is hosted on the local server With Remote Windows PowerShell, you also can locally load Windows PowerShell modules, such as Server Manager, and execute the cmdlets available in that module against appropriately configured remote servers

• Remote Desktop You can connect to a computer that is running the Server Core installation option

by using Remote Desktop Configure Remote Desktop by using Sconfig.cmd

• Remote Management Consoles For most server roles, you can add a computer that is running the Server Core installation option to a management console that is running on another computer

Windows Server 2012 R2 Roles

To correctly plan how you will use Windows

Server 2012 to support your organization’s

requirements, you need to be fully aware of the

roles that are available as part of the operating

system Each version of Windows Server comes

with a different set of roles As new versions of

Windows Server are released, some roles are

enhanced and others are deprecated For the

most part, the roles that are available in Windows

Server 2012 are familiar to IT professionals that

have managed Windows Server® 2008 and

Windows Server 2003

Windows Server 2012 supports the server roles that are listed in the following table

Role Function Changes in Windows Server 2012 R2

AD CS Allows you to deploy certification authorities

and related role services

AD DS A centralized store of information about

network objects, including user and computer accounts Used for authentication and authorization

Windows Server 2003 domain and functional levels of AD DS and the File Replication Service have been deprecated in Windows Server 2012 R2

AD FS Provides web single sign-on (SSO) and

secured identify federation support

Trang 34

MCT USE ONL

Role Function Changes in Windows

Application Server Supports centralized management and

hosting of high-performance distributed business applications, such as those built with Microsoft NET Framework 4.5

Deprecated in Windows Server 2012 R2

DHCP Server Provisions client computers on the network

with temporary IP addresses

DNS Server Provides name resolution for TCP/IP

networks

Fax Server Supports sending and receiving of faxes Also

allows you to manage fax resources on the network

File and Storage

Services Supports the management of shared folders storage, distributed file system (DFS), and

network storage

Hyper-V Enables you to host virtual machines on

computers that are running Windows Server

2012

Network Access

Protection (NAP) A mechanism to create and enforce policies that describe software and security update

requirements before the requesting computer is allowed to access the LAN A computer that is not in compliance can be provided with ways to remediate its configuration to bring it into compliance

Deprecated in Windows Server

2012 R2

Print and Document

Services Supports centralized management of document tasks, including network scanners

and networked printers

Remote Access Supports Seamless Connectivity, Always On,

and Always Managed features based on the Windows 7 DirectAccess feature Also supports remote access through virtual private network (VPN) and dial-up connections

Remote Desktop

Services (RDS) Supports access to virtual desktops, session-based desktops, and RemoteApp

programs

Volume Activation

Services Allows you to automate and simplify the management of volume license keys and

volume key activation Allows you to manage

a Key Management Service (KMS) host or configure AD DS-based activation for computers that are domain members

Trang 35

MCT USE ONL

Role Function Changes in Windows

Server 2012 R2

Web Server (IIS) The Windows Server 2012 web server

component Internet Information Service (IIS) 6.0 Manager has been

deprecated in Windows Server 2012 R2

Windows Deployment

Services Allows you to deploy server operating systems to clients over the network Windows PowerShell cmdlets have been added, and cmdlet

scripting is supported in Windows Server 2012 R2 Windows Server

Essentials Experience • Provides the infrastructure and a

dashboard to perform tasks such as:

o Managing users and groups

o Configuring server backups

o Monitoring server health

o Setting up Anywhere Access

o Integrating with Microsoft Online services

When you deploy a role, Windows Server 2012 automatically configures aspects of the server’s

configuration, such as firewall settings, to support the role Windows Server 2012 also automatically and simultaneously deploys role dependencies For example, when you install the WSUS role, the Web Server (IIS) role components that are required to support the WSUS role are installed automatically

You add and remove roles using the Add Roles and Features Wizard, which is available from the Windows Server 2012 Server Manager console If you are using Server Core, you can also add and remove roles

using the Install-WindowsFeature and Remove-WindowsFeature Windows PowerShell cmdlets

Question: Which roles are often co-located on the same server?

What Are the Windows Server 2012 Features?

Windows Server 2012 features are independent

components that often support role services or

support the server directly For example, Windows

Server Backup is a feature because it only provides

backup support for the local server It is not a

resource that other servers on the network can

use

Windows Server 2012 includes the features that

are listed in the following table

Trang 36

MCT USE ONL

Feature Description Changes in Windows

Server 2012 R2

.NET Framework 3.5 Features Installs NET Framework 3.5 technologies

.NET Framework 4.5 Features Installs NET Framework 4.5 technologies

This feature is installed by default

Background Intelligent

Transfer Service (BITS) Allows asynchronous transfer of files to ensure that other network applications are

not affected adversely

Windows BitLocker® Drive

Encryption Supports full-disk and full-volume encryption, and startup environment

protection

BitLocker network unlock Provides a network-based key protector that

can unlock locked BitLocker-protected domain-joined operating systems

Windows BranchCache® Allows the server to function as either a

hosted cache server or a BranchCache content server for BranchCache clients

Client for NFS Provides access to files stored on network file

system (NFS) servers

Data Center Bridging Allows you to enforce bandwidth allocation

on Converged Network Adapters

Enhanced Storage Provides support for additional functionality

available in Enhanced Storage Access (IEEE

1667 protocol) device, including data access restrictions

Failover Clustering A high availability feature that allows

Windows Server 2012 to participate in failover clustering

Group Policy Management An administrative management tool for

administering Group Policy across an enterprise

Ink and Handwriting Services Allows use of Ink Support and Handwriting

Recognition

Internet Printing Client Supports use of Internet Printing Protocol

IP Address Management

(IPAM) Server Centralized management of IP address and namespace infrastructure

Internet SCSI (iSCSI) Target

Storage Provider Provides iSCSI target and disk management services to Windows Server 2012

Internet Storage Name

Service (iSNS) Server service Supports discovery services of iSCSI storage area networks (SANs)

Trang 37

MCT USE ONL

Server 2012 R2

Line Printer Remote Port

Monitor Allows computer to send print jobs to printers that are shared using the Line Printer

Daemon service

Management Open Data

Protocol (OData) IIS Extension Allows you to expose Windows PowerShell cmdlets through an OData-based web

service running on the Internet Information Services (IIS) platform

Media Foundation Supports media file infrastructure

Message Queuing Supports message delivery between

applications

Multipath input/output (I/O) Supports multiple data paths to storage

devices

Network Load Balancing

(NLB) Allows traffic to be distributed in a load-balanced manner across multiple servers that

host the same stateless applications

Peer Name Resolution

Protocol (PNRP) Name resolution protocol that allows applications to resolve names on the

computer

Quality Windows Audio Video

Experience Supports audio and video streaming applications on IP home networks

Remote Access Server (RAS)

Connection Manager

Administration Kit

Allows you to create connection manager profiles that simplify remote access configuration deployment to client computers

Remote Assistance Allows remote support through invitations

Remote Differential

Compression (RDC) Transfers the differences between files over a network, minimizing bandwidth utilization

Remote Server Administration

Tools Collection of consoles and tools for remotely managing roles and features on other

servers

Remote Procedure Call (RPC)

over HTTP Proxy Relays RPC traffic over HTTP as an alternative to VPN connections

Simple TCP/IP Services Supports basic TCP/IP services, including

Quote of the Day

Simple Mail Transfer Protocol

(SMTP) Server Supports transfer of email messages Deprecated in Windows Server 2012 R2 Simple Network Management

Protocol (SNMP) Service Includes SNMP agents that are used with the network management services

Trang 38

MCT USE ONL

Server 2012 R2

Subsystem for UNIX-based

Applications Supports Portable Operating System Interface for UNIX (POSIX)-compliant

UNIX-based applications

Telnet Client Allows outbound connections to Telnet

servers and other Transmission Control Protocol (TCP)-based services

Telnet Server Allows clients to connect to the server using

the Telnet protocol Deprecated in Windows Server 2012 R2 Trivial File Transfer Protocol

(TFTP) Client Allows you to access TFTP servers

User Interfaces and

Infrastructure Contains the components necessary to support the graphical interface installation

option on Windows Server 2012 On graphical installations, this feature is installed

by default

Windows Biometric

Framework (WBF) Allows use of fingerprint devices for authentication

Windows Feedback Forwarder Supports sending feedback to Microsoft

when users join a Customer Experience Improvement Program

Windows Identity Foundation

3.5 Set of NET Framework classes that support implementing claims based identity on NET

applications

Windows Internal Database Relational data store that can only be used

by Windows roles and features such as WSUS

Windows PowerShell Task-based command-line shell and scripting

language used to administer computers running Windows operating systems This feature is installed by default

Version 4.0 is installed in Windows

Server 2012 R2

Windows PowerShell Web

Access Allows remote management of computers by running Windows PowerShell sessions in a

web browser

Windows Process Activation

service (WAS) Allows applications hosting Windows Communication Foundation (WCF) services

that do not use HTTP protocols to use IIS features

Windows Search service Allows fast searches of files hosted on a

server for clients compatible with the Windows Search service

Windows Server Backup Backup and recovery software for Windows

Server 2012

Trang 39

MCT USE ONL

Server 2012 R2

Windows Server Migration

Tools Collection of Windows PowerShell cmdlets that assist in the migration of server roles,

operating system settings, files, and shares from computers running previous versions of Windows Server operating systems to Windows Server 2012

Windows Standards-Based

Storage Management Set of Application Programming Interfaces (APIs) that allow the discovery, management,

and monitoring of storage devices that use standards such as Storage Management Initiative Specification (SMI-S)

Windows System Resource

Manager (WSRM) Allows you to control the allocation of CPU and memory resources Removed in Windows Server 2012 R2 Windows TIFF IFilter Supports Optical Character Recognition on

Tagged Image File Format (TIFF) 6.0-compliant files

WinRM IIS Extension Windows Remote Management for IIS

Windows Internet Naming

Service (WINS) Server Supports name resolution for NetBIOS names

Wireless local area network

(LAN) Service Allows the server to use a wireless network interface

Windows on Windows (WoW)

64 Support Supports running 32-bit apps on Server Core installations This feature is installed by

default

XPS Viewer Supports viewing and signing documents in

XPS formats

Features on Demand

Features on Demand enables you to add and remove role and feature files, also known as feature payload,

from the Windows Server 2012 operating system to conserve space You can install roles and features when the feature payload is not present by using a remote source, such as a mounted image of the full operating system If an installation source is not present but an Internet connection is, source files will be downloaded from Windows Update The advantage of a Features on Demand installation is that it

requires less hard disk space than a traditional installation The disadvantage is that if you want to add a role or feature, you must have access to a mounted installation source This is something that is not necessary if you perform an installation of Windows Server 2012 with the graphical features enabled

Question: Which feature do you need to install to support NetBIOS name resolution for

client computers running a Microsoft Windows NT® 4.0 operating system workstation?

Trang 40

MCT USE ONL

Lesson 2

Installing Windows Server 2012

When you prepare to install Windows Server 2012, you need to understand whether a particular hardware configuration is appropriate You also need to know whether a Server Core deployment might be more suitable than a full GUI deployment, and which installation source allows you to deploy Windows Server

2012 in an efficient manner

In this lesson, you will learn about the process of installing Windows Server 2012, including the methods that you can use to install the operating system, the different installation options, the minimum system requirements, and the decisions that you need to make when you use the Installation Wizard

Lesson Objectives

After completing this lesson, you should be able to:

• Describe the different methods that you can use to install Windows Server 2012

• Identify the different installation types that you can choose when you install Windows Server 2012

• Determine whether to upgrade or migrate to Windows Server 2012

• Determine whether a computer or virtual machine meets the minimum hardware requirements necessary to install Windows Server 2012

• Describe the decisions that you need to make when you perform a Windows Server 2012 installation

• Describe how to migrate server roles and features

Installation Methods

Microsoft distributes Windows Server 2012 on

optical media and in an iso (ISO) image format

ISO format is becoming more common as

organizations acquire software over the Internet

rather than by obtaining physical removable

media

Once you have obtained the Windows Server

2012 operating system from Microsoft, you can

use your own method to deploy the operating

system You can install Windows Server 2012 by

using a variety of methods, including the

 Requires that the computer have access to a DVD-ROM drive

 Is typically slower than USB media

 You cannot update the installation image without replacing the media

 You can only perform one installation per DVD-ROM at a time

Định dạng
Số trang	574
Dung lượng	26,92 MB