You are on page 1of 10

About Tina


Follow Tina



Next Blog


Create Blog Sign In

General Insurance (Property & Casualty)


Quick Check Facts for Windows Server 2008, Active Directory Network Infrastructure

Serving the North Shore of

Long Island 516-313-1077


IPv6 Addressing
IPv6 address space is 128 bits (16 bytes)


Large address space. Divided along 16-bit boundaries, converted to 4 digit hexadecimal
numbers, separated by colons - known as colon hexadecimal .

Computer Repair

Simpler host configuration. IPv6 supports dynamic client configuration by using DHCPv6 and IPv6
also enables routers to configure hosts dynamically.
Improved routing efficiency. Reduces how many routes the Internet must process by supporting
hierarchical routing.
Built-in security. IPv6 ensures all hosts encrypt data while in transit by including native IPSec


Configure and
File System

IPv6 address types

Unicast. Packets delivered to a unicast address are delivered to a single interface, oneto-one communication
Multicast. Packets are delivered to multiple interfaces, one-to-many. One-to-many
communication between computers that are defined as using the same multicast address.
Multicast addresses have the first 8 bits set to 1111 1111 or FF
Anycast. Identifies multiple interfaces, but delivered to a single interface, the closest
one. Used for locating services or the nearest router.

encountered a
problem and
needs to close
Tips on How to
Configure DNS

Global Unicast address

Equivalent to IPv4 public addresses
Identified by the FP (Format Prefix) of 001 (globally routable and reachable on the IPv6
The scope of a global unicast address is the entire IPv6 Internet
The address prefix of a currently assigned global address is 2000::/3
The combination of the first 3 high-order fixed bits and the 45-bit Global Routing Prefix
is a 48-bit prefix assigned to an individual site

Windows Hang
and Crash Dump
Webcast Review

The next 16 bits are the Subnet ID

The Interface ID field is the next 64-bits

About Routing
and Remote
Access in
Server 2008

Link-local Unicast address

Used by nodes to communicate on the local network segment and for neighbor discovery

Quick Check
Facts for
Windows Server
2008 Active

Identified by the FP of 1111 1110 10

Link-local addresses are equivalent to APIPA IPv4 addresses and always automatically
Link-local addresses always begin with FE80
The prefix for link-local addresses is always FE80::/64
An IPv6 router never forwards a link-local address beyond the link

SQL Subqueries

Site-local Unicast address

Equivalent to the IPv4 private site addressing
Identified by the FP of 1111 1110 11
The scope of the site-local address is the site/organization
The site-local address must be assigned through stateless or stateful address
The first 10 bits of a site-local address are always fixed, FEC0::/10
The next 54 bits is a subnet identifier (Subnet ID field)
After the 54-bit Subnet ID field, is the 64-bit Interface ID field that identifies a
specific interface in the subnet

Need a Windows XP tuneup?

The Case of

Special IPv6 Unicast address

SQL Table

Unspecified address or :: indicates the absence of an address

Loopback address or ::1 identifies a loopback interface, enables a node
to send packets to itself; equivalent to the IPv4 loopback address of
Compatibility Unicast address
To aid in the migration of IPv4 to IPv6 and the coexistence of both types


Access-Based Enumeration
Active Directory (31)
ActiveX (3)
Address Labels (1)
AOL (1)
Backup (4)
Beep codes (1)
BitLocker (3)
Blogger (4)
cabling (7)
Certificates (6)
CMAK (1)

To enable ISATAP (Intra-Site Automatic Tunnel Addressing Protocol)

IPv6 transition mechanism to transmit IPv6 packets on top of an IPv4 network
Disabled by default in Server 2008

netsh interface isatap set state enabled

IPv4 address space is 32-bit binary (Base 2)
Divided along 8-bit boundaries called octets, converted to decimal,
separated by periods called a dotted decimal notation

converted by

command line (39)

Connection Request Policy
database (8)
DBMS (8)
Device Manager (8)
DFS (2)
DHCP (7)
DirectAccess (1)
Display (4)
DNS (16)
Drivers (14)
EFS (2)
Elevation prompt (3)
Ethernet (2)
Exam 70-640 (13)
Exam 70-642 (20)
Fax (1)
File and Folder Issues
File Recovery (5)
File Signature
Verification (4)
Firewall (11)
FireWire (1)
freeware (7)
FSRM (1)
Google (5)
Group Policy (31)
Hardware (18)
Installation (8)
Internet Explorer (14)
Internet Favorites (1)
Internet Options (9)
Iphone (4)
IPSec (3)
IPv4 (9)
IPv6 (4)
IPv6 Subnetting (1)
LCD (1)
Lenovo (3)
Logon (3)
Mac (8)
Meeting Space (1)
Memory (5)
Mouse (4)
MS Access (8)
msconfig (4)
NAP (3)
Network (49)
Network Access Services
Network Monitor (1)
Network Policy (1)
NPS (2)
NTFS (11)
Offline (3)
Parental Controls (1)
Password (4)
PC Repair North Shore (2)
Performance (9)
Permissions (4)
power options (7)
PowerShell (2)
Printer (25)
Ready Boost (1)
Recovery Console (4)
Register (4)
Remote Access (7)
Remote Assistance (1)
Remote Desktop (2)
Restore (8)
Roaming profiles (1)
safe mode (2)
Screensaver (2)
Security (23)
Shadow Copy (4)
Shutdown Problems (3)
Slow Startup (8)
SMB (1)
SQL (8)
Standby mode (5)
Startup problems (16)
Sysinternals (8)
System Restore (7)

The number of hosts depends on the number of bits in the subnet

The subnet mask determines which part is the network address and
which part is the host address
To calculate the number of hosts bits in a subnet mask
2^n-2, where n is the number of host bits
Types of IPv4 addresses
Unicast. One-to-one communication, a single network interface
assigned to one subnet
Multicast. One-to-many communication, assigned to one or more interfaces assigned to
multiple subnets
Broadcast. One-to-everyone communication, assigned to all network interfaces located on a
Network classes
Class A. Default subnet mask and have 0-127 as their first octet. - are used for private IP addressing is used for a loopback address
Class B. Default subnet mask and have 128-192 as their first octet. - are used for APIPA - are used for private IP addressing
Class C. Default subnet mask and have 192-223 as their first octet. - are used for private IP addressing
DHCPv6 can provide stateless configuration settings or stateful address configuration to IPv6
Stateless autoconfiguration is used for configuration settings from the DHCP server.
Stateful address auto configuration is used to configure both IP addresses and other
configuration settings from the DHCP server.
With IPv6, you don't need DHCP to configure addresses, although your network might benefit from
using a DHCP.
When a DHCP server is configured on a domain, the DHCP server checks itself against the domain's
list of authorized DHCP servers and if the DHCP server's IP address is not on the list, the DHCP
server will shut itself down.
Use netsh to authorize the server in Active Directory and configure DHCP scope information if a
server is running Windows Server 2008 Server Core and is part of a domain in Active Directory.
Standalone DHCP servers cannot coexist with another authorized DHCP server on the same subnet.
Reservations in DHCP
Permanent lease assignments used for clients that require a constant IP address.
User Classes in DHCP are used to specify a different DHCP configuration from the default DHCP
When a client computer sends a request for an IP address, the DHCP will check to see if
there is a user class before assigning an IP address to the client.
To identify clients in certain sites and locations. For example, clients using specific
printers in a department could be in the same user class.
To assign certain options based on the user class. For example, you might want to assign
Internet access to only certain user classes.
DHCP Options
Additional configuration parameters for clients. The most common options for IPv4 are:
003 Router Perferred list of IPv4 router addresses that are on the same subnet
as the DHCP clients .
006 DNS Servers IP addresses for DNS name servers.
015 DNS Domain Name The domain name DHCP clients use when resolving unqualified
names, and also allows clients to perform dynamic DNS updates.
044 WINS/NBNS Servers Primary and secondary WINS servers IPv4 addresses.
046 WINS/NBT Node Type In order for WINS to function properly, you must set
option 046. The perferred NetBIOS name resolution method, such as b-node or hnode.
051 Lease A special lease duration for remote access clients.
Dism command in Windows Server 2008 R2 Server Core is used to add the DHCP Server role.
Dism /online /enable-feature /featurename:DHCPServerCore

RIP (Routing Information Protocol)
Used to maintain routing information and routing tables in Windows
Server 2008 R2.
Enables RRAS servers to exchange routing information with other
RIP needs to be enabled on a RRAS server.
Disadvantage of RIP is its inability to scale to large networks.
Maximum hop count used by RIP routers is 15.
Administer DHCP remotely
Add UDP ports 67 and 2535 and Tcpsvcs.exe to the Windows Firewall exception list.
Netsh add route command
Add IPv6 routing information
route command is used to view and change entries in the local IP routing table (you can administer
routes more quickly using the command line rather than the Routing and Remote Access console).
add to add a route
change to make changes to an existing route

converted by

Task Manager (3)

TCPIP (22)
UAC (1)
USB (6)
virus (7)
Vista (20)
VMware (1)
VPN (4)
WCZ (1)
Windows 7 (9)
Windows 98 (3)
Windows Aero (2)
Windows ME (2)
Windows Server 2008 (33)
Windows Sidebar (1)
Windows version (3)
Windows Virtual PC (1)
Windows XP (28)
WINS (2)
wireless (13)
WSUS (2)

delete to delete a route or several routes

print to view routing tables
-p to make persistent entries in the routing table by adding a static route directly to
the registry
route command parameters

route [-f] [-p] [Command [Destination] [mask Netmask] [Gateway] [metric Metric]]
[if Interface]]
Destination is used to configure the network destination for a route
mask Netmask is used to configure the subnet mask
Gateway is used to configure the next hop address
metric Metric is used to configure an integer cost metric for a route
if Interface is used to configure the interface index on the interface for which the
destination network can be reached
Windows Firewall with Advanced Security
Manage firewall and IPSec configuration settings
Netsh advfirewall
Windows Firewall with Advanced Security Group Policy settings using GPMC
Authenticate IPSec with domain user accounts using Kerberos
Windows Vista or later OS
Windows Server 2008 and later servers
IPSec can be used for both
Authentication and encryption
Authentication bypass rule

Followers (12)

Lets traffic protected by IPSec bypass Windows firewall regardless of incoming rules.
UDP ports 67 and 2535
Support remote administration for DHCP servers
Should be added to the Windows Firewall exceptions list on the target server
Inbound rules
Explicitly allow or block traffic directed to the computer from other hosts that match
the criteria of the rule.
Outbound rules
Explicitly allow or block traffic originating from the computer if it matches the
criteria of the rule.
netsh firewall show state
Displays the current firewall configuration

Follow this blog

DNS server


By default, DNS performs recursion on behalf of its DNS clients and

servers that have forwarded DNS client queries to it. DNS servers
query other DNS servers for the requesting client to fully resolve
the name and sends an answer back to the client.
Attackers can use recursion to deny the DNS Server service. Unless
recursion is needed, you should disable it. If you disable
recursion, the DNS server will only resolve names for which it is authoritative.
Conditional forwarder
A DNS server used to forward DNS queries according to the DNS domain name in the query.
Root hints


Used to provide a list of names and addresses of DNS servers that are authoritative for
the root zone of the DNS namespace. Root hints can be used for resolving external
names that cannot be resolved from a DNS server or by sending the request to a forwarder.
Root hints are contained in a file named CACHE.DNS that is located in the
\\Windows\System32\DNS folder. It is a text listing of IP addresses with the matching
root DNS servers.
Stub zone


A copy of a zone that contains only the resource records that are necessary to identify
the authoritative DNS servers for the zone. A Stub zone consist of:
Start of Authority (SOA) resource record, Name Server (NS) resource records, and
glue A resource records for the zone.


IP address of one or more master servers that can be used to update the zone.
Stub zones help reduce the amount of DNS traffic on your network.
dnscmd /clearcache
Command to clear the DNS server cache. Name resolution problems can occur when a DNS
server has cached a record that has changed. Clearing the cache removes the stale
dnscmd /resetlistenaddresses

Command to set the IP address to service DNS requests.

Example: dnscmd dns1 resetlistenaddresses
netsh interface reset
Command to reset an interface's configuration.
netsh interface delete
Command to delete an interface.
start /w ocsetup DNS-Server-Core-Role
Install the DNS Server Role in Server Core. Using the /w prevents the command prompt from
returning until the installation is complete.
To discover the available server roles. It also lists the server roles and features
currently installed.


converted by

2013 (9)
2012 (18)
12/30/12 - 1/6/13 (1)

DNS zones
GlobalNames zone
Provides single-name resolution for networks without a WINS server.

12/2/12 - 12/9/12 (1)

Global Names zone resolution must have all authoritative DNS

servers running Windows Server 2008 or later.
Global Names zone must be integrated with Active Directory for
deployment across multiple domains and forests.

11/11/12 - 11/18/12 (1)

10/14/12 - 10/21/12 (1)
9/9/12 - 9/16/12 (1)

Active Directory Integrated zones

7/15/12 - 7/22/12 (1)

Provide name resolution even when a WAN link is temporarily unavailable between domains
if there is an authoritative DNS server installed on a domain controller.

6/10/12 - 6/17/12 (1)

4/22/12 - 4/29/12 (1)

Stub zone

Quick Check Facts for

Windows Server 2008,
Active ...

A copy of a zone that contains only the resource records that are necessary to identify
the authoritative DNS servers for the zone. This enables the DNS server hosting the
parent zone to be aware of the authoritative servers for the child zones. A stub zone is
kind of like a secondary zone because it obtains its resource records from other name
servers, and a stub zone is read-only like a secondary zone. However, stub zones contain
only three types of resource records: a copy of the SOA record for the zone, copies of NS
records for all name servers that are authoritative for the zone, and copies of A records
for all the name servers authoritative for the zone.

4/1/12 - 4/8/12 (1)

3/4/12 - 3/11/12 (1)
2/26/12 - 3/4/12 (1)
2/19/12 - 2/26/12 (1)
2/12/12 - 2/19/12 (1)

Secondary zone

2/5/12 - 2/12/12 (1)

1/22/12 - 1/29/12 (2)

A read-only copy of a zone that was copied from the master server during zone transfer.
Automatic scavenging

1/15/12 - 1/22/12 (1)

Removes outdated DNS records that can accumulate in the zone over time. Disabled by
default, must be enabled for a zone. DNS records that are manually created by an
Administrator are NEVER scavenged.

1/8/12 - 1/15/12 (1)

2011 (68)


2010 (112)

Used to view and change the properties of DNS servers, zones, resource records, and zone

2009 (20)

Three zone types:



Enter a long URL to make tiny:

Make TinyURL!

Expiry field of the SOA record

Determines how long the secondary zone server can service records without being able to
contact the primary zone server for an update.


DNS Records
IPv6 resource record used to resolve FQDN host names to IPv6
Sometimes called canonical name, the resource record enables you to
register a different FQDN for a computer already registered with a
host A record.
HINFO (host information) record
Contains recorded information about a host's CPU type and operating system.

Subscribe in a reader

SRV records

Used to locate computers running specific services.

PTR records
Used for reverse lookups.
WKS (Well Known Service) record
Identifies a server that hosts a well-known service, such as the FTP service.
Includes the host, the IP address of the host, whether the protocol is TCP or UDP, and a
list of services the host provides.
DNS Replication
Background zone loading in Windows Server 2008 R2
Allows DNS to respond to queries more quickly because zone data is loaded in the
background from AD DS while the DNS server restarts. Enables the server to respond to
client requests by requesting data from other available zones.
dnscmd ServerName /zoneupdatefromds ZoneName


Use to manually update Active Directory Integrated zones.

dnscmd /zonerefresh
Forces a refresh of the secondary zone from the master zone.
The minimum amount of time before a record can be removed is equal to the refresh
interval plus the no-refresh interval
Read-only copy of a domain controller.
The DNS Server Role provides primary read-only zones on RODCs.
RODCs are good for branch offices that are not physically secure enough for a domain


converted by

Name Resolution for client computers

Primary DNS server
Should be the physically nearest domain controller for a client.
DNS server addresses list box
Used to specify the IP address of each DNS server.
Priority is determined by the order. If the first DNS server is not
able to respond to a name-resolution request, the next one is used.
Caching-only DNS servers
Also known as forwarding only servers
DNS servers that build a local server cache of names learned while
querying recursively on behalf of clients. The names are then
available when answering subsequent queries.


Caching-only DNS servers do not host any zones.

Caching-only DNS servers are not authoritative.
Good for remote sites with a slow network link where full zone transfers might consume
too much bandwidth.
Conditional forwarder
DNS server configured to forward DNS queries, according to the DNS domain name in the
query, to the authoritative DNS server.
Helps to keep traffic generated by name requests to a minimum by limiting the number of
DNS servers that have to connect to the Internet and other external networks.
LLMNR (Link-local multicast name resolution)
Provides host name resolution on the local subnet for IPv4 and IPv6 addresses.
GNZ (Global Names Zone)
Provides single-name resolution throughout the network, across forest boundaries.
DNS records in a GNZ must be entered manually.
HOST file


Stored on a local computer.

Contains a list of host names and IP addresses.
Used for host-name resolution.
The client first checks the local DNS cache (the Hosts file is loaded here), before
querying the DNS server.
Block name resolution for a computer on DNS
Configure a global query block list
All domain controllers must run Windows Server 2008 R2


Remote Access
Remote Desktop Gateway (RD Gateway)
Formerly known as Terminal Services
Provides Remote Desktop Services for authorized clients with access to internal
RD Gateway uses Transport Layer Security (TLS) to encrypt communications.
RD Gateway uses Remote Desktop Protocol (RDP) over HTTPS to establish a secure, encrypted
connection between remote users on the Internet and internal resources. You should get
user certificates from the internal certificate authority and every server must be
configured for Network Level Authentication to only allow Remote Desktop client computers
When the Remote Desktop session is active, RD locks the target computer to prevent
interactive logons for the session.
Use Remote Desktop Services CAP (Connection Authorization Policy) to identify user or
computer groups to secure access to the server resources.
Define a Remote Desktop Services Resource Authorization Policy (RAP) to identify the
resources for which they have access.
Network Policy and Access Services (NPAS) role
Network Policy Server (NPS)
Replacement for Internet Authentication Service (IAS)
Microsoft implementation of the RADIUS server
Must have a server certificate.
Can use either Protected Extensible Authentication Protocol (PEAP) or
Extensible Authentication Protocol (EAP).
NPS performs centralized authentication, authorization, and accounting for
network access, including:
Wireless. Wireless access points must support 802.1x to be configured
as clients to NPS.
Configure them as RADIUS clients to pass authentication
requests to NPS.
By default, Protected Extensible Authentication Protocol
(PEAP) with Microsoft Challenge Handshake Authentication
Protocol (MS-CHAP) version 2. PEAP helps to prevent rogue
wireless access points on the network. MS-CHAPv2 uses
passwords for authentication.

converted by

NPS as a RADIUS proxy

NPS forwards authentication and accounting messages to other RADIUS
NPS can be configured as a NAP policy server
Acts as a health evaluation server for Network Access Protection (NAP)
Configure connection request policies:
Use the policies node of the Network Policy Server snap-in or use the
netsh command-line utility to create connection request policies
Routing and Remote Access Service (RRAS)
Allows remote users or site-to-site connectivity to
access your private network over:
VPN. Routing and Remote Access tunnels data through
the Internet and acts as a gateway to the internal
network. Data transferred through a VPN is encrypted.
RRAS includes support for three standards-based VPN
1. A new VPN protocol Secure Sockets Tunneling
Protocol (SSTP) allows Point-to-Point (PPP)
protocol packets to be sent over Hypertext
Transfer Protocol (HTTP) over SSL (HTTPS) using
port 443.
SSTP supported by Windows Vista and Windows Server
2. L2TP/IPSec allows end-to-end encryption and computer
authentication on a VPN. L2TP/IPSec uses PPP for user
authentication and IPSec for machine authentication.
L2TP traffic is sent over UDP port 1701.
L2TP/IPSec authenticates both the user and the
User and computer client certificates are
Traffic uses TCP port 1723 to create a connection
Uses IP protocol 47 to send data.
A PPTP control connection is established from a
dynamically-allocated TCP port on the PPTP client to
TCP port 1723 on the PPTP server.
Uses Point-to-Point Protocol (PPP) for user
authentication, and 128-bit Microsoft Point-to-Point
Encryption (MPPE) for data encryption.
Client computer is not authenticated with PPTP.
EAP-TLS supports smart card authentication for VPN clients
Dial-up networking
Internet Protocol (IP) router for connecting subnets in a private
Network address translator (NAT) for connecting a private network to
the Internet
Dial-up and VPN site-to-site-demand-dial router
Health Registration Authority (HRA)
Host Credential Authorization Protocol (HCAP)
Network Access Protection (NAP)
NAP controls network access based on a client computer's health compliance requirements.
Health checks make sure
Firewall software is enabled.
Antivirus is running and signatures are up to date.
NAP Policy Server
Evaluates statements of health that are sent by NAP-capable client computers attempting
to communicate with the network.
Remediation Server
Placed on the restricted network and can be accessed by non-compliant clients.
Remediation servers are added to the Remediation server groups
Remediation server groups can be used with NAP only when you deploy DHCP NAP
enforcement or VPN Nap enforcement
Remediation server is responsible for
Installing necessary patches, configurations, or applications to bring a noncompliant client computer to a healthy state.
Direct Access
Allows remote access to intranet resources using bi-directional connectivity
Clients are able to access resources anytime they have an Internet connection without
having to connect to a VPN.
Administrators can restrict who has access and to what resources.
Remote users are able to receive updates and be centrally managed as if they are local.
Requirements for using DirectAccess
One or more DirectAccess servers with Windows Server 2008
R2 with two NICs
One for the internal network
One for the Internet
The NIC connected to the Internet must be
assigned two public consecutive IPv4 addresses
DirectAccess servers and clients are required to be domain members

converted by

Clients require Windows 7 Enterprise or higher

DirectAccess uses IPv6 over IPSec, so both client and
server required to use IPv6 over IPSec
Domain controller and DNS server running Windows Server
SP2 or Windows Server 2008 R2
Clients required to use the internal DNS server to locate
intranet servers and resolve using a AAAA resource record
PKI required because certificates are used for
DirectAccess Setup Wizard used to configure client computers for DirectAccess
Add computers to a security group
Configure a File Server
File Services Resource Manager (FSRM) MMC has three components for managing storage resources on
local or remote servers:
Quota Management
Can apply quota templates or can apply quotas manually on individual folders
If you later change the settings in the template, the new quota will
be reflected for all quotas created in the template
Configure quotas by volume or folder (Windows Server 2008 R2)
Quota Usage report shows quotas that have reached the specified level
File-screening management
Can apply screening templates to filter certain file types from being saved
By volume or directory tree
Configure Notification Types for exceeding quota limits or attempting to save an
unauthorized file
Event log
Storage reports management
Built-in reports to track quota usage, file screening, and storage management
Distributed File System (DFS)
DFS offers WAN-friendly replication and simplified access and highavailability to geographically dispersed files. Two technologies are
available in DFS:
DFS Namespaces lets you group shared folders located on different
servers into one or more namespaces that appear to the user as one
folder with a series of sub-folders
dfscmd /add
Add a shared folder as a target folder to an existing DFS
Access-based enumeration.
Enable so users will only see files and folders they have permission
to access. Not enabled by default, though it is enabled by default on
newly created shared folders in Windows Server 2008.
dfsutil property abde enable \\
Used to diagnose and help resolve namespace issues.
Command-line utility for configuring and managing DFS replication.
DFS Replication
Replaces FRS as the replication engine for DFS.
Uses multimaster replication engine to keep folders synchronized across servers
for limited-bandwidth network connections.
Replicates AD DS SYSVOL for domains using Windows Server 2008.
DFS Manager
Used to check DFS replication efficiency
Backup and Restore * Windows Server Backup feature
Non-authoritative restore.
Default method for restoring Active Directory.
Start the domain controller in DSRM (Directory Services Restore Mode) and restore to a
state at the time of the backup and then normal replication overwrites that state with
any changes after the backup.
Wbadmin in Windows Server 2008 R2
Replaces Ntbackup for backing up from the command line.
Windows Server 2008 R2 supports backing up directly to removable media, including DVD.
Scheduled backups must go to a second local volume or a shared folder.
Windows creates a WindowsImageBackup folder in the root of the backup media. Inside that folder, it
creates a folder with the current computer name. The backup is stored in
Start the Windows Recovery Environment:
Boot from the Windows Server 2008 R2 installation CD
Choose Repair Computer
Once in the Windows Recovery Environment, use the wbadmin command to
recover volumes.
Use the wbadmin start sys recovery command to recover volumes
Specify -restoreallvolumes to recover all volumes. Otherwise,

converted by

only the operating system will be restored.

systemstaterecovery option restores only system state. It
does not recover the operating system files or data files.
Manage File Server Resources
Shadow copies should be written to a volume on a different hard disk
than the shared files.
Maintain up to 64 copies of each shared file.
Enabled at the volume level (enabled for all shared folders or none
of the shared folders).
vssadmin create shadow creates a shadow copy
vssadmin add shadowstorage adds a volume shadow copy storage
File Service Resource Management (Quotas)
Can apply quota templates or can apply quotas manually on individual folders
If you later change the settings in the template, the new quota will be
reflected for all quotas created in the template
Configure quotas by volume or folder (Windows Server 2008 R2)
Quota Usage report shows quotes that have reached the specified level
NFS Network File System.
Services for NFS provides UNIX and Linux clients with access to resources on a file
server running Windows Server 2008 R2.
Print Services
Printer Management
A single interface administrators can use to administer multiple print servers and
A GUI utility not supported on Server Core Installs. Located in Administrative Tools.
Add a printer in Printer Management lets you search for network printers.
Print filter can be used to manage a set of printers
Send notification when a print condition occurs.
Run a script when a printer condition occurs.
Command-line utility used to migrate printer settings from one print server to another .
Can export printer settings as a backup.
Cannot migrate directly from older operating systems to Windows Server 2008 R2.
Lpq Line Printer Queue
View print jobs queued through the Line Printer Daemon (LPD). The LPD is a network
protocol for submitting print jobs to a remote printer.
Publishing printer in Active Directory
Controlled by the List in Active Directory check box on the Sharing tab of the
Properties sheet for each printer.

Windows Server Update Services (WSUS)

Command-line management utility for WSUS.
When you create a WSUS Website during WSUS install, the Website is configured to use HTTP port 8530
for unencrypted communication.
Open port 8530 to enable communication with the servers.
Port 443 is used for secure communication.
Upstream server
Server on which updates are approved.
Downstream server
Receives updates from the upstream server.
WSUS allows you to approve updates before they are made available to the WSUS clients
You can create a group of computers and approve updates only for specific groups (WSUS
Performance Monitoring
Performance and Reliability Monitor
Reliability Monitor (Windows Server 2008 R2)
Computer required to have been running for at least 24 hours
RACAgent, Reliability Analysis Component, a hidden scheduled
task that must be running on the computer. It is automatically
configured during system install. Responsible for gathering
the reliability data and displaying in the chart view.
System Stability report shows a graph of these events:
System clock changes
Successful and failed software installs
Server failures due to hardware problems
Server failures due to operating system problems
Application failures
Reliability and Performance Monitor Resource View
Provides detailed info about system resource use and how the resources are
Data collector set
Can be created with the performance counters you want to log
Choose the default creation settings to have the data collector set based on the
currently selected performance counters.

converted by

Event Logs
Wevutil (Windows Event Logs)
Command-line utility lets you view and manage Windows Event Logs
wevutil qe
The ge or query-event command is used to retrieve a list of events in the
Windows Event Logs
wevutil gl
The gl or qet-log command is used to retrieve info about the log, such as its
Wecutil (Windows Event Collector)
Command-line utility lets you view and manage info about event subscriptions like
hardware events that are forwarded from a remote computer which support WS-Management
You can use the wecutil utility to automatically configure a computer to collect events
Audit events
Written to the Windows Security Event Log
Windows Server 2008 R2 Active Directory audit policy (auditpol.exe) supports:
Directory Service Access
Directory Service Changes
Directory Service Replication
Detailed Directory Service Replication
Gather Network Data
Task Manager
Gives a quick overview of total network bandwidth usage.
Network Monitor
Collect and save detailed network usage statistics like individual
packets transmitted across the network (note: log file would be
Create an address database first to specify address pairs in a
capture filter
Must be an Administrator or member of the netmon users group
Must be downloaded from the Microsoft website (free)
nmcap /? command line
Carefully choose the location to install Network Monitor
To capture all traffic switch on promiscuous mode (p-mode)
SNMP. Simple Network Management Protocol, is supported by Windows Server 2008
SNMP is an Internet standard protocol for managing devices on an IP network
3rd party software required to analyze SNMP data
Network Monitor Capture command-line utility can capture network traffic using the
Network Monitor driver
Netcap installs the Network Monitor driver and binds it to all adapters when you first
run the Netcap command
Monitors traffic on a LAN and write the information to a log file
Can consume lots of system resources. Not recommended in a production environment, best
to use netcap.exe command line version to monitor production.
Data Collector Set.
You can create a data collector set with the network performance counters you want to
monitor, and schedule Windows Reliability and Performance Monitor to start automatically
and log counter values at various times during the day.

Networking and Access Technologies

Microsoft Server and Cloud Platform
Windows Server 2008 R2
Microsoft Support
The Precision Guide to Windows Server 2008 Active Directory Configuration: MCTS Exam 70-640 Study Guide
[Kindle Edition]
IPv6 Addresses
Layer 2 Tunneling Protocol
Configure Network Level Authentication for Remote Desktop Services Connections

Posted by Tina Thorsen

converted by

Related Posts: Access-Based Enumeration, Active Directory, Certificates, DFS, DHCP, DirectAccess, Exam 70-642, IPSec,
IPv4, IPv6, NAP, NPS, Performance, RADIUS, Remote Access, System Restore, VPN, Windows Server 2008, WSUS

1 comment:
Pickme india April 24, 2012 at 6:12 AM
Your thought processing is wonderful. The way you tell the thing is awesome. You are really a master.
Great Blog!! That was amazing

Enter your comment...

Comment as: Select profile...



"Comment As:" anonymous if you would rather not sign into an account!

LINK this post in your blog

Create a Link
Newer Post


Older Post

Subscribe to: Post Comments (Atom)





Computer Repair

Powered by Blogger.

converted by