bindex.indd 508 1/16/2015 9:19:32 AMdownload.e-bookshelf.de/download/0003/0910/16/L-G-0003091016... · MCSA+ Security and Messaging, MCSE-NT (3.51 and 4.0), MCSE 2000 and 2003, MCSE+Security

bindex.indd 508 1/16/2015 9:19:32 AM

MCSAWindows Server® 2012 R2 Installation and Configuration

Study Guide

ffirs.indd 1 1/16/2015 9:40:50 AM

ffirs.indd 2 1/16/2015 9:40:52 AM

MCSAWindows Server® 2012 R2Installation and Configuration

Study Guide

William Panek

ffirs.indd 3 1/16/2015 9:40:53 AM

Senior Acquisitions Editor: Jeff KellumDevelopment Editor: Gary SchwartzTechnical Editors: Rodney Fournier and Michael RiceProduction Editor: Eric CharbonneauCopy Editor: Kim WimpsettEditorial Manager: Pete GaughanProduction Manager: Kathleen WisorProfessional Technology and Strategy Director: Barry PruettAssociate Publisher: Jim MinatelMedia Project Manager 1: Laura Moss-HollisterMedia Associate Producer: Marilyn HummelMedia Quality Assurance: Josh FrankBook Designer: Judy FungProofreader: Josh Chase, Word One New YorkIndexer: Ted LauxProject Coordinator, Cover: Patrick RedmondCover Designer: Wiley

Copyright © 2015 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-1-118-87020-4

ISBN: 978-1-118-85968-1 (ebk.)

ISBN: 978-1-118-91687-2 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: XXXXXXXXXX

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. Windows Server is a registered trademark of Microsoft Corporation. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

10 9 8 7 6 5 4 3 2 1

ffirs.indd 4 1/16/2015 9:40:53 AM

http://www.wiley.com/go/permissionshttp://booksupport.wiley.comhttp://www.wiley.com

This book is dedicated to the three ladies of my life: Crystal, Alexandria,

and Paige.

ffirs.indd 5 1/16/2015 9:40:53 AM

ffirs.indd 6 1/16/2015 9:40:53 AM

AcknowledgmentsI would like to thank my wife and best friend, Crystal. She is always the light at the end of my tunnel. I want to thank my two daughters, Alexandria and Paige, for all of their love and support during the writing of all my books. They make it all worthwhile.

I want to thank my family, and especially my brothers, Rick, Gary, and Rob. They have always been there for me. I want to thank my father, Richard, who helped me become the man I am today, and my mother, Maggie, for all of her love and support.

I would like to thank all of my friends and co-workers, especially Vic, Catherine, Jeff, Stephanie, Don, Jason, Doug, Dave, Steve, Pat, Mike (all of them), Tommy, George, Greg, Becca, Deb, Jeri, Lisa, Scotty, and all of the field guys. I want to also thank my team and everyone who works with my group including Moe, Jimmy, Paul, Dana, Dean, Reanna, Todd, and Will F. Because of all your hard work, you make me look good every day and make it a pleasure to go to work. Thanks to all of you for everything you do.

I want to thank everyone on my Sybex team, especially my development editor, Gary Schwartz, who helped me make this the best book possible, and Rodney R. Fournier, who is the technical editor of many of my books. It’s always good to have the very best technical guy backing you up.

I want to thank Eric Charbonneau, who was my production editor, and my acquisitions editor, Jeff Kellum, who served as lead for the entire book. He has always been there for me, and it is always great to write for him.

Finally, I want to thank everyone else behind the scenes that helped make this book possible. It’s truly an amazing thing to have so many people work on my books to help make them the very best. I can’t thank you all enough for your hard work.

ffirs.indd 7 1/16/2015 9:40:53 AM

ffirs.indd 8 1/16/2015 9:40:53 AM

About the AuthorsWilliam Panek holds the following certifications: MCP, MCP+I, MCSA, MCSA+ Security and Messaging, MCSE-NT (3.51 and 4.0), MCSE 2000 and 2003, MCSE+Security and Messaging, MCDBA, MCT, MCTS, MCITP, CCNA, and CHFI. Will is also a Microsoft MVP.

After many successful years in the computer industry and a degree in computer programming, Will decided that he could better use his talents and his personality as an instructor. He began teaching for schools such as Boston University, Clark University, and the University of Maryland, just to name a few. He has done consulting and training work for some of the biggest government and corporate companies in the world including the U.S. Secret Service, Cisco, the U.S. Air Force, and the U.S. Army.

In January 2015, Will is now teaching for StormWind (www.stormwind.com). He currently lives in New Hampshire with his wife and two daughters. Will was also a representative in the New Hampshire House of Representatives from 2010 to 2012. In his spare time, he likes to golf, ski, shoot, and go snowmobiling. Will is also a commercially rated helicopter pilot.

ffirs.indd 9 1/16/2015 9:40:54 AM

http://www.stormwind.com

ffirs.indd 10 1/16/2015 9:40:54 AM

Contents at a GlanceIntroduction xxiii

Assessment Test xxxv

Chapter 1 Install Windows Server 2012 R2 1

Chapter 2 Configure Network Services 55

Chapter 3 Plan and Install Active Directory 163

Chapter 4 Configure Windows Server 2012 R2 205

Chapter 5 Administer Active Directory 245

Chapter 6 Manage GPOs 295

Chapter 7 Manage Security 355

Chapter 8 Configure TCP/IP 387

Chapter 9 Use Virtualization in Windows Server 2012 437

Appendix A Answers to Review Questions 471

Appendix B About the Additional Study Tools 483

ffirs.indd 11 1/16/2015 9:40:54 AM

ffirs.indd 12 1/16/2015 9:40:54 AM

ContentsIntroduction xxiii

Assessment Test xxxv

Chapter 1 Install Windows Server 2012 R2 1

Features and Advantages of Windows Server 2012 and Server 2012 R2 2

Planning the Windows Server 2012 R2 Installation 5Server Roles in Windows Server 2012 R2 5Migrating Roles and Features to Windows

Server 2012 R2 8Roles and Features That Have Been Reduced in

Windows Server 2012 R2 10Deciding Which Windows Server 2012 R2

Versions to Use 14Deciding on the Type of Installation 15NIC Teaming 19Installing Windows Server 2012 R2 20Using Windows Deployment Services 24

Understanding Features On Demand 28Storage in Windows Server 2012 R2 29

Initializing Disks 29Configuring Basic and Dynamic Disks 30Managing Volumes 32Storage Spaces in Windows Server 2012 R2 33Redundant Array of Independent Disks 34Mount Points 38Microsoft MPIO 39iSCSI 41Internet Storage Name Service 44Fibre Channel 47Network Attached Storage 48Virtual Disk Service 48

Summary 50Exam Essentials 51Review Questions 52

Chapter 2 Configure Network Services 55

Introducing DNS 56The Form of an IP Address 57Understanding Servers, Clients, and Resolvers 62Understanding the DNS Process 63

flast.indd 13 1/16/2015 9:41:15 AM

xiv Contents

Introducing DNS Database Zones 69Understanding Primary Zones 70Understanding Secondary Zones 71Understanding Active Directory Integrated DNS 72Understanding Stub Zones 73GlobalName Zones 75Zone Transfers and Replication 75

Advantages of DNS in Windows Server 2012 R2 78

Background Zone Loading 79Support for IPv6 Addresses 79Support for Read-Only Domain Controllers 80DNS Socket Pools 80DNS Cache Locking 81DNS Security Extensions 81DNS Devolution 82Zone Level Statistics 82Record Weighting 83Netmask Ordering 83DnsUpdateProxy Group 83Windows PowerShell Support 83

Introducing DNS Record Types 84Start of Authority Records 84Name Server Records 85Host Record 86Alias Record 87Pointer Record 87Mail Exchanger Record 88Service (SRV) Record 88

Configuring DNS 89Installing DNS 89Load Balancing with Round Robin 92Configuring a Caching-Only Server 92Setting Zone Properties 93Configuring Zones for Dynamic Updates 96Delegating Zones for DNS 98DNS Forwarding 99Manually Creating DNS Records 100DNS Aging and Scavenging 101

Monitoring and Troubleshooting DNS 102Monitoring DNS with the DNS Snap-In 103Troubleshooting DNS 105

Overview of DHCP 114Introducing the DORA Process 114Advantages and Disadvantages of DHCP 116

flast.indd 14 1/16/2015 9:41:15 AM

Contents xv

Ipconfig Lease Options 117Understanding Scope Details 118

Installing and Authorizing DHCP 120Installing DHCP 120Introducing the DHCP Snap-In 123Authorizing DHCP for Active Directory 124

Creating and Managing DHCP Scopes 126Creating a New Scope in IPv4 127Creating a New Scope in IPv6 134Changing Scope Properties (IPv4 and IPv6) 136Changing Server Properties 138Managing Reservations and Exclusions 141Setting Scope Options for IPv4 144Activating and Deactivating Scopes 147Creating a Superscope for IPv4 147Creating IPv4 Multicast Scopes 149Integrating Dynamic DNS and IPv4 DHCP 151Using Multiple DHCP Servers 153Working with the DHCP Database Files 154


Chapter 3 Plan and Install Active Directory 163

Verifying the File system 164Resilient File System (ReFS) 165NTFS 166

Verifying Network Connectivity 169Basic Connectivity Tests 169Tools and Techniques for Testing

Network Configuration 170Understanding Domain and Forest Functionality 172

About the Domain Functional Level 172About Forest Functionality 174

Planning the Domain Structure 176Installing Active Directory 177

Adprep 177Active Directory Prerequisites 177The Installation Process 178Deploying Active Directory IaaS in Windows

Azure 187Verifying Active Directory Installation 188

Using Event Viewer 188Using Active Directory Administrative Tools 190Testing from Clients 191

flast.indd 15 1/16/2015 9:41:15 AM

xvi Contents

Creating and Configuring Application Data Partitions 193Creating Application Data Partitions 194Managing Replicas 196Removing Replicas 196Using ntdsutil to Manage Application Data

Partitions 196Configuring DNS Integration with Active Directory 199Summary 201Exam Essentials 201Review Questions 202

Chapter 4 Configure Windows Server 2012 R2 205

Understanding File Servers 206Configuring File Servers 207

Sharing Folders 207Making Active Directory Objects Available

to Users 208Access-Based Enumeration 210Configuring Offline Files 210Volume Shadow Copy Services 213Configuring Permissions 216

Configuring Disk Quotas 222Configuring Print Services 224

Creating and Publishing Printers 224Configuring Printers 226Migrating Print Servers 230Printer Pooling 231Easy Print Driver 231

Configuring Remote Management 231Windows Remote Management 232Windows PowerShell 233Configuring Down-Level Servers 236Configuring Server Core 237


Chapter 5 Administer Active Directory 245

An Overview of OUs 246The Purpose of OUs 247Benefits of OUs 248

Planning the OU Structure 248Logical Grouping of Resources 248Understanding OU Inheritance 250

flast.indd 16 1/16/2015 9:41:15 AM

Contents xvii

Delegating Administrative Control 251Applying Group Policies 253

Creating OUs 253Managing OUs 257

Moving, Deleting, and Renaming OUs 258Administering Properties of OUs 259Delegating Control of OUs 261

Troubleshooting OUs 265Creating and Managing

Active Directory Objects 266Overview of Active Directory Objects 266Managing Object Properties 273Understanding Groups 277Filtering and Advanced Active Directory Features 278Moving, Renaming, and Deleting

Active Directory Objects 280Resetting an Existing Computer Account 281

Publishing Active Directory Objects 282Making Active Directory Objects Available

to Users 282Publishing Printers 282Publishing Shared Folders 284Querying Active Directory 285Using the Active Directory Administrative

Center 287Using the Command Prompt for Active Directory

Configuration 288Summary 290Exam Essentials 290Review Questions 292

Chapter 6 Manage GPOs 295

Introducing Group Policy 296Understanding Group Policy Settings 297The Security Settings Section of the GPO 299Group Policy Objects 300Group Policy Inheritance 301

Planning a Group Policy Strategy 302Implementing Group Policy 303

Creating GPOs 303Linking Existing GPOs to Active Directory 307

Managing Group Policy 307Managing GPOs 308Security Filtering of a Group Policy 309

flast.indd 17 1/16/2015 9:41:15 AM

xviii Contents

Delegating Administrative Control of GPOs 311Controlling Inheritance and Filtering Group Policy 313Assigning Script Policies 314Understanding the Loopback Policy 316Managing Network Configuration 316Automatically Enrolling User and Computer

Certificates in Group Policy 317Redirecting Folders 320Managing GPOs with Windows PowerShell

Group Policy Cmdlets 322Deploying Software Through a GPO 322

The Software Management Life Cycle 323The Windows Installer 324Deploying Applications 328

Implementing Software Deployment 329Preparing for Software Deployment 330Software Restriction Policies 331Using AppLocker 331Group Policy Slow Link Detection 331Publishing and Assigning Applications 332Applying Software Updates 333Verifying Software Installation 334Configuring Automatic Updates in Group Policy 335

Configuring Software Deployment Settings 336The Software Installation Properties Dialog Box 336Removing Programs 339Microsoft Windows Installer Settings 340

Troubleshooting Group Policies 342RSoP in Logging Mode 343RSoP in Planning Mode 345Using the gpresult.exe Command 347


Chapter 7 Manage Security 355

Managing Security 356Understanding Security Principals 356Managing Security and Permissions 365Using ACLs and ACEs 367Configuring User Account Control 368Delegating Control of Users and Groups 368Understanding Dynamic Access Control 369Using Group Policy for Security 370

flast.indd 18 1/16/2015 9:41:15 AM

Contents xix

Implementing an Audit Policy 371Overview of Auditing 372Implementing Auditing 372Using the Auditpol.exe Command 374Features of Windows Server 2012 R2 Auditing 374

Configuring Windows Firewall Options 375Summary 383Exam Essentials 383Review Questions 384

Chapter 8 Configure TCP/IP 387

Understanding TCP/IP 388Details of the TCP/IP Model 388How TCP/IP Layers Communicate 389Understanding Port Numbers 389

Understanding IP Addressing 391The Hierarchical IP Addressing Scheme 391Understanding Network Classes 393

Subnetting a Network 396Implementing Subnetting 398An Easier Way to Apply Subnetting 404Applying Subnetting the Traditional Way 408Working with Classless Inter-Domain Routing 416Supernetting 419

Understanding IPv6 420IPv6 History and Need 420New and Improved IPv6 Concepts 421IPv6 Addressing Concepts 423IPv6 Integration/Migration 428


Chapter 9 Use Virtualization in Windows Server 2012 437

Hyper-V Overview 438What Is Virtualization? 438Hyper-V Features 439Hyper-V Architecture 443Hyper-V Requirements 444

Hyper-V Installation and Configuration 445Install the Hyper-V Role 445Hyper-V in Server Manager 448Using Hyper-V Manager 448Configure Hyper-V Settings 449

flast.indd 19 1/16/2015 9:41:16 AM

xx Contents

Manage Virtual Switches 451Managing Virtual Hard Disks 454

Configuring Virtual Machines 459Creating and Managing Virtual Machines 459


Appendix A Answers to Review Questions 471

Chapter 1: Install Windows Server 2012 R2 472Chapter 2: Configure Network Services 473Chapter 3: Plan and Install Active Directory 474Chapter 4: Configure Windows Server 2012 R2 475Chapter 5: Administer Active Directory 476Chapter 6: Manage GPOs 477Chapter 7: Manage Security 478Chapter 8: Configure TCP/IP 478Chapter 9: Use Virtualization in Windows Server 2012 480

Appendix B About the Additional Study Tools 483

Additional Study Tools 484Sybex Test Engine 484Electronic Flashcards 484PDF of Glossary of Terms 484Adobe Reader 485

System Requirements 485Using the Study Tools 485Troubleshooting 485

Customer Care 486

flast.indd 20 1/16/2015 9:41:16 AM

Table of ExercisesExercise 1.1 Installing Windows Server 2012 R2 with the GUI . . . . . . . . . . . . . . . . . . . . 20

Exercise 1.2 Installing Windows Server 2012 R2 Using Server Core . . . . . . . . . . . . . . . 23

Exercise 1.3 Initializing Disk Drives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Exercise 1.4 Converting a Basic Disk to a Dynamic Disk . . . . . . . . . . . . . . . . . . . . . . . . . 31

Exercise 1.5 Creating a Volume Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Exercise 1.6 Creating Mount Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Exercise 1.7 Installing Microsoft MPIO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Exercise 1.8 Configuring iSCSI Storage Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Exercise 1.9 Installing the iSNS Feature on Windows Server 2012 R2 . . . . . . . . . . . . . 45

Exercise 2.1 Installing and Configuring the DNS Service . . . . . . . . . . . . . . . . . . . . . . . . 90

Exercise 2.2 Configuring a Zone for Dynamic Updates . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Exercise 2.3 Creating a Delegated DNS Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Exercise 2.4 Manually Creating DNS RRs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

Exercise 2.5 Simple DNS Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

Exercise 2.6 Using the nslookup Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Exercise 2.7 Installing the DHCP Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Exercise 2.8 Unauthorizing a DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Exercise 2.9 Authorizing a DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Exercise 2.10 Creating a New Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

Exercise 2.11 Configuring User Class Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Exercise 2.12 Creating a Superscope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Exercise 2.13 Creating a New Multicast Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Exercise 2.14 Enabling DHCP-DNS Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Exercise 3.1 Viewing Disk Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

Exercise 3.2 Promoting a Domain Controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

Exercise 3.3 Installing AD DS on Server Core . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

Exercise 3.4 Viewing the Active Directory Event Log . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Exercise 3.5 Joining a Computer to an Active Directory Domain . . . . . . . . . . . . . . . . . 193

Exercise 3.6 Configuring DNS Integration with Active Directory . . . . . . . . . . . . . . . . . 199

Exercise 4.1 Creating and Publishing a Shared Work Folder . . . . . . . . . . . . . . . . . . . . 208

Exercise 4.2 Configuring Offline Folder Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212

Exercise 4.3 Configuring a Shared Network Folder for Offline Access . . . . . . . . . . . . 213

Exercise 4.4 Configuring a Shadow Copy on a Volume . . . . . . . . . . . . . . . . . . . . . . . . . 214

Exercise 4.5 Configuring Shared and NTFS Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

flast.indd 21 1/16/2015 9:41:16 AM

xxii Table of Exercises

Exercise 4.6 Configuring Disk Quotas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223

Exercise 4.7 Creating and Publishing a Printer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224

Exercise 4.8 Starting the Windows PowerShell Utility . . . . . . . . . . . . . . . . . . . . . . . . . 236

Exercise 5.1 Creating an OU Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

Exercise 5.2 Modifying OU Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258

Exercise 5.3 Using the Delegation of Control Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

Exercise 5.4 Delegating Custom Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262

Exercise 5.5 Creating Active Directory Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268

Exercise 5.6 Creating a User Template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271

Exercise 5.7 Managing Object Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275

Exercise 5.8 Moving Active Directory Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280

Exercise 5.9 Resetting an Existing Computer Account . . . . . . . . . . . . . . . . . . . . . . . . . 281

Exercise 5.10 Creating and Publishing a Printer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283

Exercise 5.11 Creating and Publishing a Shared Folder . . . . . . . . . . . . . . . . . . . . . . . . . 284

Exercise 5.12 Finding Objects in Active Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285

Exercise 6.1 Creating a Group Policy Object Using the GPMC . . . . . . . . . . . . . . . . . . . 305

Exercise 6.2 Linking Existing GPOs to Active Directory . . . . . . . . . . . . . . . . . . . . . . . . 307

Exercise 6.3 Filtering Group Policy Using Security Groups . . . . . . . . . . . . . . . . . . . . . 310

Exercise 6.4 Delegating Administrative Control of Group Policy . . . . . . . . . . . . . . . . . 311

Exercise 6.5 Configuring Automatic Certificate Enrollment in Group Policy . . . . . . . 319

Exercise 6.6 Configuring Folder Redirection in Group Policy . . . . . . . . . . . . . . . . . . . . 320

Exercise 6.7 Creating a Software Deployment Share . . . . . . . . . . . . . . . . . . . . . . . . . . 330

Exercise 6.8 Publishing and Assigning Applications Using Group Policy . . . . . . . . . . 332

Exercise 6.9 Applying Software Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334

Exercise 7.1 Delegating Control of Active Directory Objects . . . . . . . . . . . . . . . . . . . . 368

Exercise 7.2 Enabling Auditing of Active Directory Objects . . . . . . . . . . . . . . . . . . . . . 373

Exercise 7.3 Configuring Windows Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380

Exercise 8.1 Class C, 10 Hosts per Subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405

Exercise 8.2 Class C, 20 Hosts per Subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406

Exercise 8.3 Class C, Five Subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406

Exercise 8.4 Class B, 1,500 Hosts per Subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407

Exercise 8.5 Class B, 3,500 Hosts per Subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407

Exercise 9.1 Installing Hyper-V in Full Installation Mode . . . . . . . . . . . . . . . . . . . . . . . . 446

Exercise 9.2 Creating an Internal Virtual Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453

Exercise 9.3 Creating a Differencing Hard Disk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455

Exercise 9.4 Creating a New Virtual Machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459

Exercise 9.5 Installing Hyper-V Integration Components . . . . . . . . . . . . . . . . . . . . . . . 466

flast.indd 22 1/16/2015 9:41:16 AM

IntroductionThis book is drawn from more than 20 years of IT experience. I have taken that experience and translated it into a Windows Server 2012 R2 book that will help you not only prepare for the MCSA: Windows Server 2012 R2 exams but also develop a clear understanding of how to install and configure Windows Server 2012 R2 while avoiding all of the possible configuration pitfalls.

Many Microsoft books just explain the Windows operating system, but with MCSA: Windows Server 2012 R2 Complete Study Guide, I go a step further by providing many in-depth, step-by-step procedures to support my explanations of how the operating system performs at its best.

Microsoft Windows Server 2012 R2 is the newest version of Microsoft’s server operating system software. Microsoft has taken the best of Windows Server 2003, Windows Server 2008, and Windows Server 2012 and combined them into the latest creation, Windows Server 2012 R2.

Windows Server 2012 R2 eliminates many of the problems that plagued the previous versions of Windows Server, and it includes a much faster boot time and shutdown. It is also easier to install and configure, and it barely stops to ask the user any questions during installation. In this book, I will show you what features are installed during the automated installation and where you can make changes if you need to be more in charge of your operating system and its features.

This book takes you through all the ins and outs of Windows Server 2012 R2, including installation, configuration, Group Policy objects, auditing, backups, and so much more.

Windows Server 2012 R2 has improved on Microsoft’s desktop environment, made networking easier, enhanced searching capability, and improved performance—and that’s only scratching the surface.

When all is said and done, this is a technical book for IT professionals who want to take Windows Server 2012 R2 to the next step and get certified. With this book, you will not only learn Windows Server 2012 R2 and ideally pass the exams, but you will also become a Windows Server 2012 R2 expert.

The Microsoft Certification ProgramSince the inception of its certification program, Microsoft has certified more than 2 million people. As the computer network industry continues to increase in both size and complexity, this number is sure to grow—and the need for proven ability will also increase. Certifications can help companies verify the skills of prospective employees and contractors.

ftoc.indd 23 1/16/2015 9:41:31 AM

xxiv Introduction

The Microsoft certification tracks for Windows Server 2012 R2 include the following:

MCSA: Windows Server 2012 R2 The MCSA is now the lowest-level certification you can achieve with Microsoft in relation to Windows Server 2012 R2. It requires passing three exams: 70-410, 70-411, and 70-412. Or, if you qualify, you can take an Upgrading exam: Exam 70-417. This book assists in your preparation for all four exams.

MCSE: Server Infrastructure or MCSE: Desktop Infrastructure The MCSE certifications, in relation to Windows Server 2012 R2, require that you become an MCSA first and then pass two additional exams. The additional exams will vary depending on which of the two MCSE tracks you choose. For more information, visit Microsoft’s website at www.microsoft.com/learning.

MCSM: Directory Services The MCSM certification takes things to an entirely new level. It requires passing a knowledge exam (in addition to having the MCSE in Windows Server 2012 R2) and a lab exam. This is now the elite-level certification in Windows Server 2012 R2.

How Do You Become Certified on Windows Server 2012 R2?Attaining Microsoft certification has always been a challenge. In the past, students have been able to acquire detailed exam information—even most of the exam questions—from online “brain dumps” and third-party “cram” books or software products. For the new generation of exams, this is simply not the case.

Microsoft has taken strong steps to protect the security and integrity of its new certification tracks. Now prospective candidates must complete a course of study that develops detailed knowledge about a wide range of topics. It supplies them with the true skills needed, derived from working with the technology being tested.

The new generations of Microsoft certification programs are heavily weighted toward hands-on skills and experience. It is recommended that candidates have troubleshooting skills acquired through hands-on experience and working knowledge.

Fortunately, if you are willing to dedicate the time and effort to learn Windows Server 2012 R2, you can prepare yourself well for the exam by using the proper tools. By working through this book, you can successfully meet the requirements to pass the Windows Server 2012 R2 exams.

MCSA Exam RequirementsCandidates for MCSA certification on Windows Server 2012 R2 must pass at least the following three Windows Server 2012 R2 exams:

■ 70-410: Installing and Configuring Windows Server 2012 R2

■ 70-411: Administering Windows Server 2012 R2

■ 70-412: Configuring Advanced Windows Server 2012 R2 Services

ftoc.indd 24 1/16/2015 9:41:31 AM

http://www.microsoft.com/learning

Introduction xxv

For those who have a qualifying certification, they can take the Upgrading Your Skills to MCSA Windows Server 2012 R2 exam (Exam 70-417). The objectives for this exam span the three individual exams. This book covers all of the objectives for the Upgrading exam. For details about the exam, visit Microsoft’s website at www.microsoft.com/learning.

Microsoft provides exam objectives to give you a general overview of possible areas of coverage on the Microsoft exams. Keep in mind, however, that exam objectives are subject to change at any time without prior notice and at Microsoft’s sole discretion. Visit the Microsoft Learning website (www.microsoft.com/learning) for the most current listing of exam objectives. The published objectives and how they map to this book are listed later in this introduction.

For a more detailed description of the Microsoft certification programs, including a list of all the exams, visit the Microsoft Learning website at: www.microsoft.com/learning.

Tips for Taking the Windows Server 2012 R2 ExamsHere are some general tips for achieving success on your certification exam:

■ Arrive early at the exam center so that you can relax and review your study materials. During this final review, you can look over tables and lists of exam-related information.

■ Read the questions carefully. Do not be tempted to jump to an early conclusion. Make sure you know exactly what the question is asking.

■ Answer all questions. If you are unsure about a question, mark it for review and come back to it at a later time.

■ On simulations, do not change settings that are not directly related to the question. Also, assume the default settings if the question does not specify or imply which settings are used.

■ For questions about which you’re unsure, use a process of elimination to get rid of the obviously incorrect answers first. This improves your odds of selecting the correct answer when you need to make an educated guess.

Exam RegistrationAt the time this book was released, Microsoft exams are given using Prometric testing centers (800-755-EXAM (800-755-3926)). As of December 31, 2014, Microsoft will be ending its relationship with Prometric, and all exams will be delivered through the more than 1,000 Authorized VUE Testing Centers around the world. For the location of a testing

ftoc.indd 25 1/16/2015 9:41:32 AM

http://www.microsoft.com/learninghttp://www.microsoft.com/learninghttp://www.microsoft.com/learning

xxvi Introduction

center near you, go to VUE’s website at www.vue.com. If you are outside of the United States and Canada, contact your local VUE registration center.

Find out the number of the exam that you want to take and then register with the Prometric registration center nearest to you. At this point, you will be asked for advance payment for the exam. The exams are $125 each, and you must take them within one year of payment. You can schedule exams up to six weeks in advance or as late as one working day prior to the date of the exam. You can cancel or reschedule your exam if you contact the center at least two working days prior to the exam. Same-day registration is available in some locations, subject to space availability. Where same-day registration is available, you must register a minimum of two hours before test time.

When you schedule the exam, you will be provided with instructions regarding appointment and cancellation procedures, ID requirements, and information about the testing center location. In addition, you will receive a registration and payment confirmation letter from Prometric.

Microsoft requires certification candidates to accept the terms of a nondisclosure agreement before taking certification exams.

Who Should Read This Book?This book is intended for individuals who want to earn their MCSA: Windows Server 2012 R2 certification.

This book will not only help anyone who is looking to pass the Microsoft exams, it will also help anyone who wants to learn the real ins and outs of the Windows Server 2012 R2 operating system.

What’s Inside?Here is a glance at what’s in each chapter:

Chapter 1: Install Windows Server 2012 R2 In the first chapter, I explain the requirements and steps required to install and configure Windows Server 2012 R2.

Chapter 2: Configure Network Services This chapter shows you how to install and configure DNS. I also explain the different types of DNS records and DNS zone types.

Chapter 3: Plan and Install Active Directory I take you through the advantages and benefits of Windows Server 2012 R2 Active Directory.

Chapter 4: Configure Windows Server 2012 R2 I show you how to manage file systems, print servers, and file and share access.

ftoc.indd 26 1/16/2015 9:41:32 AM

http://www.vue.com

Introduction xxvii

Chapter 5: Administer Active Directory This chapter takes you through the different ways to create and manage your users and groups on the Windows Server 2012 R2 operating system.

Chapter 6: Manage GPOs You will see how to configure different types of Group Policy objects (GPOs) in Active Directory.

Chapter 7: Manage Security I show you how to secure Windows Server 2012 R2.

Chapter 8: Configure TCP/IP This chapter shows you how to configure IPv4 and IPv6. You’ll look at IPv4 subnetting and how to manage a TCP/IP network.

Chapter 9: Use Virtualization in Windows Server 2012 This chapter will show you how to implement and configure Windows Server Hyper-V and virtual machines. You will learn about virtual networking, virtual hard disks, migration types, and Integration Services.

What’s Included with the BookThis book includes many helpful items intended to prepare you for the MCSA: Windows Server 2012 R2 certification.

Assessment Test There is an assessment test at the conclusion of the introduction that can be used to evaluate quickly where you are with Windows Server 2012 R2. This test should be taken prior to beginning your work in this book, and it should help you identify areas in which you are either strong or weak. Note that these questions are purposely more simple than the types of questions you may see on the exams.

Objective Map and Opening List of Objectives Later in this introduction, I include a detailed exam objective map showing you where each of the exam objectives are covered. Each chapter also includes a list of the exam objectives that are covered.

Helpful Exercises Throughout the book, I have included step-by-step exercises of some of the more important tasks that you should be able to perform. Some of these exercises have corresponding videos that can be downloaded from the book’s website. Also, in the following section I have a recommended home lab setup that will be helpful in completing these tasks.

Exam Essentials The end of each chapter also includes a listing of exam essentials. These are essentially repeats of the objectives, but remember that any objective on the exam blueprint could show up on the exam.

Chapter Review Questions Each chapter includes review questions. These are used to assess your understanding of the chapter and are taken directly from the chapter. These questions are based on the exam objectives, and they are similar in difficulty to items you might actually receive on the MCSA: Windows Server 2012 R2 exams.

ftoc.indd 27 1/16/2015 9:41:32 AM

xxviii Introduction

The Sybex Test Engine, flashcards, videos, and glossary can be obtained at www.sybex.com/go/mcsawin2012r2install.

Sybex Test Engine Readers can access the Sybex Test Engine, which includes the assessment test and chapter review questions in electronic format. In addition, there are a total of three practice exams included with the Sybex test engine: one each for Exams 70-410, 70-411, and 70-412.

Electronic Flashcards Flashcards are included for quick reference. They are a great tool for learning important facts quickly. You may even consider these as additional simple practice questions, which is essentially what they are.

Videos Some of the exercises include corresponding videos. These videos show you how I do the exercises. There is also a video that shows you how to set up virtualization so that you can complete the exercises within a virtualized environment. This same video also shows you how to install Windows Server 2012 Datacenter on that virtualized machine.

PDF of Glossary of Terms There is a glossary included that covers the key terms used in this book.

Recommended Home Lab SetupTo get the most out of this book, you will want to make sure you complete the exercises throughout the chapters. To complete the exercises, you will need one of two setups. First, you can set up a machine with Windows Server 2012 R2 and complete the labs using a regular Windows Server 2012 R2 machine.

The second way to set up Windows Server 2012 R2 (the way I set up Server 2012 R2) is by using virtualization. I set up Windows Server 2012 R2 as a virtual hard disk (VHD), and I did all the labs this way. The advantages of using virtualization are that you can always just wipe out the system and start over without losing a real server. Plus, you can set up multiple virtual servers and create a full lab environment on one machine.

I created a video for this book showing you how to set up a virtual machine and how to install Windows Server 2012 R2 onto that virtual machine.

How to Contact SybexSybex strives to keep you supplied with the latest tools and information you need for your work. Please check the website at www.sybex.com/go/mcsawin2012r2install, where I’ll post additional content and updates that supplement this book should the need arise.

You can contact me by going to my website at www.willpanek.com.

ftoc.indd 28 1/16/2015 9:41:32 AM
http://www.sybex.com/go/mcsawin2012r2installhttp://www.sybex.com/go/mcsawin2012r2installhttp://www.willpanek.com

Documents

bindex.indd 508 1/16/2015 9:19:32 AMdownload.e-bookshelf.de/download/0003/0910/16/L-G-0003091016... · MCSA+ Security and Messaging, MCSE-NT (3.51 and 4.0), MCSE 2000 and 2003, MCSE+Security