Professional Documents
Culture Documents
MCTS Guide To Microsoft Windows Server 2008 Network Configuration Exam 70-642
MCTS Guide To Microsoft Windows Server 2008 Network Configuration Exam 70-642
For
MCTS Guide to Microsoft Windows Server 2008 Network
Configuration
Exam 70-642
By
Michael Bender
This erratum contains errors, corrections, and omissions from the current text along
with suggested changes for future editions of the book. If you come across
additional errors or have suggestions for future releases, please email the author at
mbender@matcmadison.edu.
The author would like to thank the following instructors for their comments which
help to complete this document:
Note on Operating System updates: The text and all activities are based on the
RTM version of Windows Server 2008, not SP1, SP2, or Windows Server 2008 R2
RTM. There are known issues with specific activities such as BitLocker when
working with SP2. It is recommended that you run the RTM version of Windows. If
you choose to apply any available service packs and/or updates, you may
experience issues or functionality change compared with the textbook. Also,
additions of the software such as WSUS and Network Monitor specified in the text
may not be available from Microsoft. Please provide your students with the current
software version you wish for them to use. Keep in mind that newer versions of
software may have different functionality and appearance so some steps in
activities may change.
Chapter 1
Chapter 1 - p. 3 should read
Trusts between Active Directory domains in a forest are created automatically when
you create domains in Windows Server 2008. These are called transitive trusts.
In Windows NT domains prior to Windows 2000, administrators created all trusts
manually.
Pg. 8, Step 5 should read:
Enter your product key if you have one and are required to enter the key. You can
install Windows Server 2008 without a product key.
Chapter 2
Pg. 46 Should Read:
Out-of-Box Experience The most common cleanup action with Sysprep is to use the
system OOBE when generalizing images. This combination will remove the
computer security identifier (SID), reset the computer activation, and boot the
computer into Windows Welcome.
Pg. 50 title should read:
Installing Windows Server 2008
Pg. 50 should read:
This section explores the three installation methods available for Windows Server
2008. Each of the following methods has a purpose and place within a network:
Image-based installation
DVD/USB Boot Installation Probably the most familiar of the installation methods
is using physical installation media. Windows Server 2008 can be installed via
optical drive (that is a DVD drive) or via USB flash drive. This type of installation is
called a DVD boot installation and is the most common media-based type.
Installing with a USB flash drive is new and not yet as popular as using a DVD.
However, with the advent of USB 2.0 and servers that can boot from the drives in
their USB ports, USB flash drives are the perfect media for installing Windows
Server 2008. Whether using optical or flash media, this installation method requires
you to be present at the server. Activity 1-1, where you installed Windows Server
2008, is an example of a DVD installation.
Page 52 Activity 2-4 should read:
1. Log onto your server.
2. Click Start, type Windows PE Command Prompt in the Start Search box.
When it Windows PE Command Prompt appears, select it and press enter to
launch.
3. Type md c:\MCTS_70642\Ch2\ImageFolder and then press Enter to create
a new directory called ImageFolder in the folder created for this chapter. This
represents a distribution point to contain the .wim file created with ImageX.
4. Change to the directory containing ImageX by using the following cd
command:
cd \Program Files\Windows AIK\Tools\x86\
5. Next, run the following ImageX command to create an image of the
c:\windows\fonts
direc
Chapter 3
Pg. 83 Should read:
Network Bridges Network bridges connect one or more networks segments. Like a
switch, a bridge uses MAC addresses for managing traffic. A bridge learns from the
traffic it processes, so it can associate a port with the specific MAC address to which
it is connected. After the bridge associates a port and an address, it sends traffic for
that address only to that port. This creates more efficient traffic on the network.
Bridges work on the Layer 2 of the OSI model.
Pg 83 should read:
The Data Link layer is responsible for communications between adjacent
network nodes. Bridges and switches operate at the Data Link layer.
Full Address
Simplified Address
1075:0000:0000:0000:0005:0600:300c:422d
ff06::d5
1055:0000:0000:0000:000b:1bda:0041:25ab
abcd:12bc::34:1a
50ab:0353:2003:0001:0000:0000:abaf:0003
Pg 97 should read:
In cases where you cannot contact a DHCP server, even though the client is configured for dynamic
addressing, Windows uses Automatic Private IP Addressing (APIPA) to assign a unique random IP
address from the usable address range of 169.254.0.1 to 169.254.255.254.
Pg 103, Step 2 should read:
Click Start, Run and enter ncpa.cpl. This will launch the Network Connections
console from Control Panel.
Pg 104 Activity 3-10 step 2 should read:
Preferred DNS server: 2001:db8:8765:4321:2 (instead of ::3)
Pg 104 Activity 3-10 step 4 should read:
Netsh interface ipv6 add dnsserver local area connection 2001:db8:8765:4321:2
Pg 108, Activity 3-11 should read:
1. On MSN-SC-0XX, type the following netsh command and then press Enter to
check the ISATAP status on the computer:
netsh interface isatap show state
2. At the command prompt, enter the following netsh command and then press
Enter
to
enable
ISATAP on the computer:
netsh interface isatap set state enabled
3.
Type ipconfig /all and then press Enter to verify that an ISATAP address has
been added to your network adapters. If changes do not appear promptly, wait
about 30 seconds and rerun ipconfig /all.
4. 4. At the command prompt, enter the following netsh command and then press
Enter to dis-able ISATAP on the computer:
netsh interface isatap set state disable
5. Type ipconfig /all and then press Enter to verify that ISATAP has been removed.
Pg 109 should read:
reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v
DisabledComponents /t REG_DWORD /d 255
Pg 116 Steps should be added to open the ICMP firewall ports on both
servers. The following command will perform the task on both servers:
netsh advfirewall firewall add rule name=ICMP Allow incoming V4 echo request
protocol=icmpv4:8,any dir=in action=allow
Chapter 4
Pg 134 DHCPInform should read:
If a DHCP client already has an IP address, it sends this type of message to a DHCP
server ..
Activity 4-5 (page 142) should read:
10. Return to MSN-SRV-0XX, expand Scope [192.168.100.0] Partner Scope, and click Address
Leases. Verify that you see a lease for msn-sc-0XX.bentech.local of 192.168.100.201.
Activity 4-7 (page 144) should read:
10. Return to MSN-SRV-0XX, expand Scope [192.168.100.0] Partner Scope, and then
click Address Leases. Verify that you see a lease for msn-sc-0XX.bentech.local of
192.168.100.211. (Press F5 to update the display.)
Pg 145, Activity 4-8 should read:
Description: Your organization has decided to implement a DNS server on your
network. This server will provide updated name resolution for your clients. In this
activity, you modify the server scope so all scopes in your environment use the DNS
server, 192.168.100.10.
1. Start Server Manager on the MSN-SRV-0XX computer.
2. In the left pane of Server Manager, expand the Roles section and the DHCP
Server role and then click MSN-SRV-0XX. The DHCP Server administration
console opens.
3. In the left pane, expand IPv4 and then click Server Options.
4. Click More Actions and then click Configure Options.
5. In the Server Options dialog box, click 006 DNS Servers and then enter
192.168.100.10 in the String Value text box.
6. Click OK to close the Server Options dialog box.
7. Verify that the server option for DNS Servers appears in the Server Options pane.
8. Log onto MSN-SC-0XX, if necessary.
9. In the Command Prompt, type ipconfig /renew.
10.Type ipconfig /all to verify the new settings. You should now receive a new DNS
server of 192.168.100.10.
11.Leave the DHCP console open for the next activity.
Pg 154, should read:
Windows Server 2008 performs an automated backup of the DHCP database every
60 minutes to the %systemroot%\ dhcp\backup directory...
Pg 154 should read:
Like automatic backups, manual backups are stored in the %systemroot%\
dhcp\backup folder by default.
Chapter 5
Pg 167 Activity 5-1, Step 11 should read:
Open a command prompt from the Start menu and then enter the following command to change the IP
address and DNS information:
netsh int ip set address name=Local Area Connection static
192.168.100.10 255.255.255.0
Pg 167 Activity 5-1, Step 13 should read:
At the command prompt, enter the following command to change the Internet Protocol version 4 (IPv4)
address:
netsh int ip set address name=Local Area Connection static
192.168.100.20 255.255.255.0
Pg. 169 Activity5-2 Note should read:
For this activity, your server needs to have access to the Internet and be able to resolve Internet-based
DNS zones.
Pg. 172 Activity 5-4 step 1 should read:
On the MSN-SRV-0XX computer, open a command prompt form the Start menu, type
ncpa.cpl and then press Enter to open the Network Properties windows.
Pg. 172 Activity 5-4 step 7 should read:
At the command prompt, type nslookup cengage.com and then press Enter. You should receive an error
message because you do not have DNS name resolution from 192.168.100.10.
Pg. 172 Activity 5-4 step 8 should read:
At the command prompt, type nslookup cengage.com 4.2.2.1 and then press Enter. This forces nslookup
to query the name server at 4.2.2.1 instead of your preferred DNS server. This time, you should receive a
nonauthoritative answer for cengage.com of 69.32.133.79. If the IP address is different, it simply means
that the record for cengage.com has been changed.
Pg. 185, Activity 5-9 have the following step inserted as step 11 and
renumber remaining steps:
11. In the command prompt, enter the following commands. You will need to wait for each to complete
before entering the next.
Net stop DNS
Net start DNS
Chapter 6
Pg 206 Activity 6-1 step 3 should read:
Netsh interface set interface name=local area connection
newname=Internet
Pg 207 Activity 6-1 step 3 should read*:
netsh interface set interface name=local area connection 2
newname=bentech.local
nets int ipv4 set address name=bentech.local static
nets int ipv4 set dns bentech.local static
*Screenshot for Figure 6-1 will need to be modified to show bentech.local.
pg 208 step 8 should read:
netsh interface set interface name=local area connection
newname=bentech.local
netsh int ip set address name=bentech.local static 192.168.100.20
255.255.255.0
netsh int ip set dns bentech.local static 192.168.100.10
pg 208 step 9 should read:
Enter the following command to verify you have name resolution. After
nslookup microsoft.com
pg 208 step 10 (new) should read:
Log off your Server Core computer by typing logoff at the command prompt and
then pressing Enter.
Pg 208 Activity 6-2, step 1 (new) should read*:
Prior to beginning Activity 6-5, run the following command on MSN-SRV-0XX:
DNSCMD /CONFIG BENTECH.LOCAL /ALLOWUPDATE 1
*The existing 1-10 should be renumbered 2-11
8. At the command prompt, enter the following command to change the Internet
Protocol version 4 (IPv4) address:
netsh interface set interface name=local area connection
newname=bentech.local
netsh int ip set address name=bentech.local static
192.168.100.20 255.255.255.0
Chapter 7
On page 263, Remove Activity 7-1 and renumber remaining Activities.
Activity 7-9 (page 276) Step 8, the last two lines should read:
This displays the shares available on MSN-SC-0XX. If you are prompted for credentials, enter the
administrator account name and pass-word for MSN-SC-0XX.
In Step 1 of Activity 7-17, do not include the comma within the quotes for
the md command. The command below is correct.
md "c:\70642\Chapter 7\Quotas"
Activity 7-19 (page 291) Skip step 1 since this was done in Activity 7-16.
Chapter 8
Beginning of Activity 8-2 should read:
Your
company
decided
it
needs
to
centralize
its
printing
Chapter 9
Activity 9-1 (page 334) should read:
20.
On MSN-SRV-1xx, open the command prompt, and enter the following
command to add MSN-SRV-1XX to the domain, bentech.local:
21.
Reboot the server, and then log onto MSN-SRV-1XX as
administrator@bentech.local.
Activity 9-2: (page 336) should read:
Log onto MSN-SC-0XX and enter the following command to set MSN-SC-0XX to use
MSN-SRV-0XX as a default gateway:
netsh int ipv4 set address name = bentech.net static
192.168.100.20 255.255.255.0 192.168.100.10
6.In the Actions pane, click More Actions under DHCP Relay Agent and then click
New Interface. Select bentech.local and then click OK.
12.Verify that bentech.local is using an IP address of 192.168.100.211. If you do not
see the change, you may have to issue ipconfig /release followed by
ipconfig/renew or reboot the server. If you required a server reboot, you will
need to logon to MSN-SRV-1xx to complete the next step.
Activity 9-6 (page 345) Add the following note or additional Step:
1. Logon to MSN-SRV-0XX for this activity.
Activity 9-7 (page 347) All references to MSN-SRV-1XX should be changed
to MSN-SRV-0XX
Chapter 10
Activity 10-4 (page 370) Insert the following step:
14. Repeat steps 7 13 using c:\Program Files (x86)\Internet Explorer\iexplore.exe
as the program path in Step 9.
Activity 10-6 Add the following note prior to completing activity.
Prior to beginning this lab, remove the File Services Resource manager with the
following command:
Servermanagercmd.exe remove FS-Resource-Manager
Due to a bug in Windows Server 2008, you will receive an error when trying to
create a GPO if you did not remove the File Services Resource Manager. For
more information, search Microsoft.com for KB967358.
Activity 10-9 (Pg 380) Add this note to Activity 10-9:
If Server 2008 SP2 is installed, you will have issues installing the Drive Prep tool.
Either remove SP2 or perform the following steps:
1. Download the Bit Locker Preparation Tool to the C: drive.
2. Enter the following commands at the command prompt.
a. expand -f:* "C:\Windows6.0-KB933246-x86.msu" %TEMP%
b. pkgmgr.exe /n:%TEMP%\Windows6.0-KB933246-x86.xml
3. Enter C:\Program Files\BitLocker\BdeHdCfg.exe on the Run line. This will
repartition your drive to allow Bit Locker to work properly.
Chapter 11
Activity 11-1 (page 405) Insert the following Note:
Note: MSN-SRV-1XX will need to have its Firewall rules modified in order
to complete this and future activitivies. Enter the following command
through the command prompt on MSN-SRV-1XX:
Netsh advfirewall firewall set rule group=remote administration new
enable=yes