Windows Server 2008 R2 Unleashed
Read Windows Server 2008 R2 Unleashed Online
Authors: Noel Morimoto
Rand Morimoto, Ph.D., MCITP
Michael Noel, MVP, MCITP
Omar Droubi, MCSE
Ross Mistry, MVP, MCITP
Chris Amaris, MCSE, CISSP
Technical Edit by Guy Yardeni
ptg
Windows Server®
2008 R2
U N L E A S H E D
800 East 96th Street, Indianapolis, Indiana 46240 USA
Windows Server® 2008 R2 Unleashed
Editor-in-Chief
Copyright © 2010 by Pearson Education, Inc.
Karen Gettman
All rights reserved. No part of this book shall be reproduced, stored in a retrieval
Executive Editor
system, or transmitted by any means, electronic, mechanical, photocopying, recording,
or otherwise, without written permission from the publisher. No patent liability is
Neil Rowe
assumed with respect to the use of the information contained herein. Although every
Development
precaution has been taken in the preparation of this book, the publisher and author
Editor
assume no responsibility for errors or omissions. Nor is any liability assumed for
Mark Renfrow
damages resulting from the use of the information contained herein.
ISBN-13: 978-0-672-33092-6
Managing Editor
ISBN-10: 0-672-33092-X
Kristy Hart
The Library of Congress Cataloging-in-Publication Data is on file.
Project Editor
Printed in the United States of America
Betsy Harris
First Printing January 2010
Copy Editor
Trademarks
Karen Annett
All terms mentioned in this book that are known to be trademarks or service marks
have been appropriately capitalized. Sams Publishing cannot attest to the accuracy of
Indexer
this information. Use of a term in this book should not be regarded as affecting the
WordWise Publishing
validity of any trademark or service mark.
Services
Warning and Disclaimer
Proofreaders
Every effort has been made to make this book as complete and as accurate as possi-
Water Crest
ble, but no warranty or fitness is implied. The information provided is on an “as is”
basis. The authors and the publisher shall have neither liability nor responsibility to any
Publishing
person or entity with respect to any loss or damages arising from the information
Williams Woods
contained in this book or from the use of it.
Publishing
Bulk Sales
Technical Editor
Sams Publishing offers excellent discounts on this book when ordered in quantity for
ptg
Guy Yardeni
bulk purchases or special sales. For more information, please contact
U.S. Corporate and Government Sales
Publishing
1-800-382-3419
Coordinator
Cindy Teeters
For sales outside of the U.S., please contact
Book Designer
International Sales
Gary Adair
Compositor
Jake McFarland
Contributing
Writers
Alex Lewis, CISSP,
MVP
Colin Spence, MCP,
MCTS
Jeff Guillet, MVP,
MCITP, CISSP
Jon Skoog, MCSE,
CISSP
Stefan Garaygay,
MCSE
Tyson Kopczynski,
CISSP, GSEC, GCIH,
MCTS
Contents at a Glance
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Part I
Windows Server 2008 R2 Overview
1
Windows Server 2008 R2 Technology Primer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2
Planning, Prototyping, Migrating, and Deploying Windows Server
2008 R2 Best Practices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
3
Installing Windows Server 2008 R2 and Server Core. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Part II
Windows Server 2008 R2 Active Directory
4
Active Directory Domain Services Primer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
5
Designing a Windows Server 2008 R2 Active Directory . . . . . . . . . . . . . . . . . . . . . . . 149
6
Designing Organizational Unit and Group Structure. . . . . . . . . . . . . . . . . . . . . . . . . . . 175
7
Active Directory Infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
ptg
8
Creating Federated Forests and Lightweight Directories. . . . . . . . . . . . . . . . . . . . . . . 227
9
Integrating Active Directory in a UNIX Environment . . . . . . . . . . . . . . . . . . . . . . . . . 245
Part III
Networking Services
10
Domain Name System and IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
11
DHCP/WINS/Domain Controllers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
12
Internet Information Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377
Part IV
Security
13
Server-Level Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419
14
Transport-Level Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
15
Security Policies, Network Policy Server, and Network Access
Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459
Part V
Migrating to Windows Server 2008 R2
16
Migrating from Windows Server 2003/2008 to Windows
Server 2008 R2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483
17
Compatibility Testing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525
Part VI
Windows Server 2008 R2 Administration and Management
18
Windows Server 2008 R2 Administration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549
19
Windows Server 2008 R2 Group Policies and Policy Management. . . . . . . . . 585
20
Windows Server 2008 R2 Management and Maintenance Practices . . . . . . . 639
21
Automating Tasks Using PowerShell Scripting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 699
22
Documenting a Windows Server 2008 R2 Environment . . . . . . . . . . . . . . . . . . . . . . 763
23
Integrating System Center Operations Manager 2007 R2 with
Windows Server 2008 R2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 793
Part VII
Remote and Mobile Technologies
24
Server-to-Client Remote Access and DirectAccess . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 849
25
Remote Desktop Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 921
Part VIII
Desktop Administration
26
Windows Server 2008 R2 Administration Tools for Desktops. . . . . . . . . . . . . . . . 987
27
Group Policy Management for Network Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1023
ptg
Part IX
Fault-Tolerance Technologies
28
File System Management and Fault Tolerance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1097
29
System-Level Fault Tolerance (Clustering/Network Load Balancing) . . . . . 1173
30
Backing Up the Windows Server 2008 R2 Environment . . . . . . . . . . . . . . . . . . . . . 1227
31
Recovering from a Disaster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1267
Part X
Optimizing, Tuning, Debugging, and Problem Solving
32
Optimizing Windows Server 2008 R2 for Branch Office
Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1305
33
Logging and Debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1345
34
Capacity Analysis and Performance Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1391
Part XI
Integrated Windows Application Services
35
Windows SharePoint Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1433
36
Windows Media Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1483
37
Deploying and Using Windows Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1515
Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1553
Table of Contents
Windows Server 2008 R2 Overview
Windows Server 2008 R2 Technology Primer
What’s New and What’s the Same About Windows Server 2008 R2? . . . . . . . 16
Improvements in Mobile Computing in Windows Server 2008 R2 . . . . . . . . . . 28
ptg
Improvements in Windows Server 2008 R2 for Better Branch Office
Improvements in Clustering and Storage Area Network Support. . . . . . . . . . . . . 37
Improvements in Server Roles in Windows Server 2008 R2. . . . . . . . . . . . . . . . . . . . 40