Summary of window server

A server is a computer that is aimed to be a dedicated service provider.

❑ And a client is a computer that requests services.
❑ A network that is made up of dedicated servers and clients is known as a client/server
network.
A server-based network is the best network for sharing resources and data, while
providing centralized network security for those resources and data.
❑ Networks with Windows Server 2008, windows server 2012 and Windows Server 2019
are usually client/server networks.

When you access a web page over the Internet and:

✓access your email

✓access a data file on another computer

✓or access a printer that is connected to the network

❑ you are requesting services.

❑ And service requesting server is called client server.

While Windows servers are designed to provide a wide range of network

services.
✓Windows XP(not in use)

✓Windows Vista

✓and Windows 7 can provide printer and file sharing and web pages

✓although you are limited by the number of concurrent connections.

✓ especially when compared to Windows servers, and are not optimized for multiuser access.

Server Roles
❑ Before selecting server hardware and software components

❑you must first understand what your server is supposed to do.

❑First identify the server roles and network services that the server will need to provide.

❑Then examine how many people will be accessing the server at one time

❑ to help and determine the load the server needs to fulfill.

P a g e 1 | 15
Summary of window server

A server role is a primary duty that a server performs.

❑You should note that a server could have multiple roles.

❑ Some of the most common server roles include:

✓ File services ✓Print services ✓Web services ✓web services remote access

✓Application servers ✓Email servers ✓Data base servers ✓Monitoring servers

✓Threat management servers

file server

❑ A file server allows you to centrally locate files to be accessed by multiple people.

❑ Because the files are centrally located, it is easier for multiple users to access and find files
(assuming they are organized well) and it is easier to back up these files.

❑ When using Microsoft Windows to provide file sharing, you will usually be using Server
Message Block (SMB) to access Microsoft Shares or shared folders.

❑Windows Servers can also provide NFS shares for Unix/Linux users.

Web services
❑Using a web server to provide web services means that users can access web pages using their
browsers.

❑These web services may be used to do research, provide leads for sales, allow customers to
purchase goods and services, and provide customer support over the Internet.

❑Web services may also be used to provide an easy method to access databases, run reports,
track sales leads, provide customer support, and even help you with payroll and human
resources.

❑Because you are using a standard browser such as Internet Explorer, you will be using the
Hypertext Transfer Protocol (HTTP) or HTTP Secure (HTTPS) protocols.

❑ Microsoft provides web services using Internet Information Services (IIS).

Remote access
❑Remote access is a service that supports multiple inbound requests in connecting to the server
or network.

❑It can provide terminal services so that multiple users can log on to a server remotely and
access a desktop, start menu, and programs as if they were sitting in front of the server.

P a g e 2 | 15
Summary of window server

❑On the other hand, remote access can also provide network access over the Internet using a
virtual private network (VPN)

❑ which allows a user to be at home and yet have full access to their internal network resources
such as email and data files.

Application server
❑the application server role provides an integrated environment for deploying and running
server-based business applications.

❑In other words, the server delivers networked applications.

❑When you access a file from a shared folder, your PC does all of the work; in this case, the
server will also do some of the processing.

❑When talking about servers and server applications, you may hear the terms front end and
back end.

❑ In client/server applications, the client part of the program is often called the front end, and
the server part is called the back end.
Mail server

❑ One commonly used application server that is essential for most corporations is the mail
server.

❑ The mail server is a server that stores and manages electronic messages (email) among users.

❑ If you are using Microsoft email products, you will be using Microsoft Exchange to act as your
mail server, and you would most likely access the email using Microsoft Outlook or a web
browser.

Examples of application servers

❑ Two additional examples of application servers are sales tracking or inventory control
applications.

❑ You would access this type of server on your company network by using a customized
program or using your browser.

❑ You would then request information or input some data, which would then be retrieved from
or sent to the back end server running a database such as Microsoft SQL server.

P a g e 3 | 15
Summary of window server

Monitoring and threat server

❑The last two types of servers, monitoring servers and threat management servers, are not
commonly known servers but are essential within any organization.

❑ Since many organizations have large or complex networks and multiple servers, you will most
likely need one or more monitoring servers to help you monitor servers that provide the
necessary services to your users and customers.

❑ With monitoring servers, you should use threat management servers to monitor your network
and servers for intruders or other security breaches.

Windows server 2019 editions

Windows server 2019 is released in four editions:

✓Windows server 2019 essential ✓Windows server 2019 standard

✓Windows server 2019 data center ✓Hyper-V server 2019

Windows server 2019 essential:

✓It is the lowest edition in server 2019 ✓It is intended for small business

✓It has only 25 users ✓It can host only fifty devices

✓It can not be increased both users and devices ✓Microsoft recommends you to use office
365

Windows server 2019 standard:

✓It is intended for physical environment

✓It means physical server

✓You can run Linux operating system,2019 or server 2016

✓It can be run two operating system one physical server on virtual

✓It has two virtual license

✓If you want to run more than two you have to buy license from Microsoft

P a g e 4 | 15
Summary of window server

Windows server 2019 data center:

✓It has unlimited virtualization license

✓It means you don’t need to buy license

✓You can create any number of virtual systems

Hyper-V server 2019:

✓It is virtual software belongs by Microsoft

✓It can be downloaded free from Microsoft page

✓No service charge

✓No need license

✓It has no graphical user interface

Hardware requirements for windows server 2019

Hardware requirement will vary depend on:

✓Server role

✓Many roles have specific requirements

✓Resource usage

Deployment options Clean installation:

✓Boot the machine or VM from the windows server 2019 media

✓Choose installation language, time and current formats and keyboard layout

✓Choose architecture (either standard or data center) with or without desktop experience

✓Accept license

✓Choose custom installation

✓Choose the volume will host installation

Standard(core) no graphical user interface

P a g e 5 | 15
Summary of window server

Standard(DE) with graphical user interface

Data center(core) no graphical user interface
Data center(DE) with graphical user interface
Deployment option 2
In-place upgrade

✓Insert the disk or mount the ISO of windows server 2019 media and run setup.exe

✓Choose the architecture either standard or data center with or without desktop experience

✓Accept license

✓Choose to keep: personal files, apps or nothing

✓This option is rarely used

✓Because DLL conflicts

✓Dynamic link library

Deployment option 2
In-place upgrade

✓Insert the disk or mount the ISO of windows server 2019 media and run setup.exe

✓Choose the architecture either standard or data center with or without desktop experience

✓Accept license

✓Choose to keep: personal files, apps or nothing

✓This option is rarely used

✓Because DLL conflicts

✓Dynamic link library

Long term servicing channel

✓A new major version of windows server is released every 2-3 year.

✓Users are entitled to 5 years of mainstream support and 5 years of extended support.

✓This channel is appropriate for systems that require a longer servicing option and functionality
stability.

P a g e 6 | 15
Summary of window server

✓The long term servicing channel will continue to receive security and security updates but it
will not receive the new features and functionality.

Semi-Annual Channel
The Semi-Annual Channel is perfect for customers who are innovating quickly to take advantage
of new operating system capabilities at a faster pace.
Focused in on containers and microservices.
Windows Server products in the Semi-Annual Channel will have new releases available twice a
year, in spring and fall.
Each release in this channel will be supported for 18 months from the initial release.

Licensing and activation models for Windows Server (1 of 2)

Licensing for Windows Server Standard and Datacenter is based on the number of cores not
processors.
Each Windows Server has the following minimum license requirement:

❑ All physical cores must be licensed

❑There must be 8 core licenses per processor

❑There must be 16 core licenses per server

Client access licenses are required for each user or device that connected to the server for any
purpose.

Licensing and activation models for Windows Server (2 of 2)

To ensure that your organization has the proper licenses, you must activate every copy of
Windows Server that you install Windows Server activation methods:

❑ Manual activation requires a product key

❑ Automatic activation options:

✓ Key Management Services

✓ Active Directory-based activation

✓Multiple Activation Key

✓Automatic virtual machine activation

P a g e 7 | 15
Summary of window server

Prerequisite : to create a new virtual machine

✓ name=GPC1

✓Generation= generation 2

✓Memory= 2048 or 4096 MB ✓Virtual switch name: vswitch , type external

✓VHD; accept as default

✓ISO: brows to download windows server 2019 ISO file

Difference between core and desktop experience

Advantage Disadvantage

Small footprint that uses fewer server Some applications are not
resources and less disk space as little as 6 supported on a server core
GB for basic installation installation.
Because server core installs fever Some roles and role services are
components, there are fewer software not available
updates.
This reduces the number of monthly
restarts required and the time required for
you to service server core
The small attack surface makes server core No local graphical user interface.
much less vulnerable to exploits

Server core installation and post installation task To install

server core:
▪Connect to the installation source
▪Choose:

✓Language ✓Time and currency ✓Keyboard architecture

▪Select operating system to install
▪Accept license

▪Choose installation type ✓Upgrade ✓Custom

▪Choose installation disk
▪Provide admin password
P a g e 8 | 15
Summary of window server

Jump servers
A jump server is a hardened server used to access and manage devices in a different security
zone, such as between an internal network and a perimeter network.

Overview of Windows Admin Center

▪ Windows Admin Center consolidates multiple admin tools into a single console that can be
easily deployed and accessed through a web interface
▪Windows Admin Center is a modular web application comprised of the following four
modules:

✓ Server manager ✓Failover clusters

✓Hyper-converged clusters ✓Windows 10 clients

Server Manager
Server Manager allows server administrators to:

✓ Manage the local server and remotely manage multiple servers ✓Configure the local
server

✓ Query event logs ✓Monitor status of services

✓Perform best practice analysis ✓Check performance monitors

Server Manager initially opens to the dashboard, which

provides quick access to:
✓Add roles and features ✓Add other servers to manage

✓Create a server group ✓Connect this server to cloud service

Remote Server Administration Tools

▪ To enable IT administrators to remotely manage roles and features in Windows Server from a
computer that is running Windows 10 or Windows 8.1, use RSAT
▪ RSAT include:

✓ Active Directory Domain Services tools ✓DHCP server tools

✓DNS server tools ✓File services tools o Group Policy management tools

Windows PowerShell

P a g e 9 | 15
Summary of window server

▪Windows PowerShell is a command line shell and scripting language

▪Windows PowerShell cmdlets execute in a Windows PowerShell console or can be executed as
PowerShell scripts
▪Cmdlets:

✓Are small commands that perform specific functions

▪Modules:

✓ Cmdlets specific to a product are packaged together and installed as modules

✓Some are installed with the product and some need to be added manually

PowerShell Console
✓ Run PowerShell commands and execute scripts
▪ PowerShell ISE

✓ PowerShell Integrated Scripting Environment (ISE) is a graphical user interface–based tool that
allows you to: ✓ Run commands, create, modify and execute scripts
▪ Windows PowerShell remote management:

✓ Allows Windows PowerShell to remotely run cmdlets on other Windows syst

CMD command prompt Windows PowerShell

ping Verb-noun

Ping gpc1networking.com Test-connection

Gpc1networking.com

Ping –t gpc1networking.com Test-gpc1networking.com-count

10

Ipconfig /all Get-eventlog

Diskpart utility Geteventlog-LogName System

Unique syntax only used in diskPart

Active Directory Domain Services(AD DS)

The AD DS database stores information on
P a g e 10 | 15
Summary of window server

✓user identity ✓Computers ✓Groups

✓services ✓and resources

AD DS domain controllers also host the service that authenticates user and computer accounts
when they log on to the domain

Purpose of active directory

▪Provides user log on and authentication services using Kerberos protocol
▪To centralize and decentralize the resource management
▪To centrally organize and manage:

✓User accounts ✓Computers

✓Groups ✓Network resources

▪Enable authorized users to easily locate network resource

Domain controller
Domain is a logical grouping of user, computer and group objects for the purpose management
and security.
A domain controller is a server that is configured to store a copy the AD DS directory database
(NTDS.DIT) and a copy SYSVOL folder.
Each domain is identified y a DNS domain network.

Workgroup Domain
No centralized Centralized authentication
authentication
No centralized Centralized administration
administration
Max of 20 computers Unlimited number of
supported computers
Low security High security
Types of network

P a g e 11 | 15
Summary of window server

Logical component Physical component

Active Domains Domain controllers Directory Domain Services

(AD DS) Domain trees Read-only Domain Terms
AD DS is Controllers composed of both logical
and physical Forests component
OUs
Containers

NTDS stands for NT Directory Services.

DIT stands for Directory Information Tree.
This is named as NTDS because the Active Directory was called NT Directory Services originally.
Directory Information Tree (DIT) in the Active
Directory was implemented as a X. 500 database and the primary database file is NTDS.

AD DS Domains and Forests

A domain:
 A repository for User, Computers and other objects
 A replication boundary
 An administrative boundary

 A domain controller is a server that has Active Directory Domain Services (AD DS)
installed
A forest:
P a g e 12 | 15
Summary of window server

 Is a security boundary
 One or more domains that share a trust relationship
 Trust relationships:
 A relationship between domains that allows access to resources
 in other domains within the same forest

AD DS objects
User objects
Authentication of the user at logon
Access control
 Group objects
 Simplify assigning permissions
 Computer objects
 Authentication o

Organizational Units and Containers

Use containers to group objects within a domain:
 You cannot apply GPOs to containers
 Containers are used for system objects and as the default location for
new objects
Create OUs to:
 Configure objects by assigning GPOs to them
 Delegate administrative permissions

Your organizational units can be:

 Group managers
 Sales groups
 Desk help groups
 T group
 And so on

Domain Controllers Domain controllers:

Are servers that host the AD DS database (Ntds.dit) and SYSVOL
Host the Kerberos authentication service and KDC services to perform
authentication
Have best practices for:

P a g e 13 | 15
Summary of window server

 Availability:
 Use at least two domain controllers in a domain

What is the global catalog?

The global catalog:

 Hosts a partial attribute set for other domains in the forest

 Supports queries for objects throughout the forest
In a single domain, you should configure all the domain controllers to
hold a copy of the global catalog
When you have multiple sites, you should also make at least one
domain controller at each site a global catalog server

Group Policy Objects What are Group Policy

Objects?
Group Policy is a powerful administrative tool
You can use it to enforce various types of settings to a large number of
users and computers
 Typically, you use GPOs to:
 Apply security settings
 Manage desktop application settings
 Deploy application software
 Manage Folder Redirection
 Configure network settings

What are Group Policy Preferences?

Group Policy Preferences are a collection of Group Policy client-side
extensions that deliver preference settings to domain-joined computers.

Preference settings differ from policy settings because users have a choice to
alter the administrative configuration.

Policy settings administratively enforce setting, which restricts user choice.

Preferences can be targeted to specific groups, operating systems, IP

addresses, MAC addresses, and more.

Overview of GPO scope and inheritance GPOs are

processed on a client computer in the following order:
1. Local GPOs 2. Site-level GPOs
P a g e 14 | 15
Summary of window server

3. Domain-level GPOs 4. Organizational Unit GPO

GPUpdate

What is GPUpdate? Gpupdate is a command-line utility from Microsoft

that comes with all versions of the Windows operating system.

It’s a utility that controls the application of group policy objects (GPOs) on
assigned Active Directory computers.

Gpupdate /Force will process all GPOs regardless if they have changed or not

Creating group To create group in AD DS go to

tools

❑Click AD DS users and computers

❑Right click users and then new

❑Select group to create new group

❑Write group name

P a g e 15 | 15