Mastering Windows Server 2008 Networking Foundations

Introduction xvii

Chapter 1 • Why Network? 1

What’s the Point of Networks and Networking? 1

Choosing a Network Type 3

Network Client and Server Software 3

Networks Need Connection Hardware and Links 6

Considering the Hardware 6

Clients and Servers Must Speak the Same Protocols 10

A Brief History of Windows 12

Chapter 2 • Building a Simple Network 15

Getting Your Free Copy of Windows Server 2008 16

Downloading the Software 16

Extending the 30-Day Version to 180 Days 17

Performing the Installation 18

Performing the Basic Network Setup 22

Changing the Machine Name 24

Changing the Network Name 26

Creating User Accounts 27

Sharing Resources with Other Computers 30

Accessing Resources on Another Computer 33

Accessing Resources Temporarily 34

Making Resource Access Automatic 34

Chapter 3 • Security Concepts in Windows 37

Understanding the Need to Secure Windows 37

Considering What You Need to Secure in Windows 38

Understanding Authentication versus Authorization 40

Understanding How Authentication Works 42

Where Windows Stores Users and Passwords 43

Securing the User Account Database 44

Networkable, Centralized Accounts: Domains 44

Secure Logons Across a Network 45

Understanding How Authorization Works 46

Permissions and Access Control Lists (ACLs) 46

Understanding What Tokens Do 48

Access to Earlier Security Systems 50

Defining File and Folder Security 50

Chapter 4 • Installing Windows Server 2008: Basics 55

Choosing a Windows Server 2008 Edition 55

Performing a Windows Server 2008 Full Version Installation 57

Considering the Installation Choices 58

Using the DVD Installation Method 59

Using the Initial Tasks Page 65

Providing Computer Information 65

Update the Server 66

Customizing This Server 69

Understanding Roles and Features 70

Determining the Need for Specific Roles and Features 71

Installing Roles and Features 81

Adding Roles 82

Removing Roles 85

Adding and Removing Features 86

Chapter 5 • Controlling Windows Server: MMC 89

Fixing the Server 2008 GUI 89

Restoring Your Desktop Icons and Start Menu 90

Setting Administrator-Friendly Folder Options 92

A Microsoft Management Console Primer 93

What Is This MMC Thing? 94

MMC Terms to Know 95

The Computer Management Console 97

Other MMC Tools 99

Building Your Own MMC Tools 101

Building a Simple Microsoft Saved Console 101

Creating the Removable Storage Manager Console 104

Chapter 6 • Controlling Windows Server: The Command Line 107

Why You Give a Hoot about the Command Line Interface 108

Reasons to Use the Command Line 108

Situations Where the Command Line Is Less Useful 110

Elements of the Command Line 112

Command Line Rights 113

Command Prompt Window Configuration 114

Command Prompt Personalization 118

Internal Versus External Commands 121

Basic Command Examples 124

Getting Help at the Command Line 124

Checking the Status of the System 128

Viewing and Managing Tasks 129

Locating Specific Files Based on Content 130

Simple Batch Files 131

Chapter 7 • Controlling Windows III: The Registry 135

Computer Configuration and the Registry 135

Why Should You Care About the Registry? 136

The Registry Is the Real Control Panel 136

Some Administrative Tasks Require Direct Registry Editing 137

Looking at the Registry 138

The Keys 139

Viewing the Registry from the Command Line 143

Changing Registry Entries 143

Changing Registry Entries from the Command Line 145

Registry Entry Types 145

Researching the Registry 146

Discovering Registry Keys on Your Own 147

Dealing with a ‘‘Hey, Where Is It?’’ Registry Value 148

Creating/Deleting a New Registry Entry 150

Creating and Deleting Registry Entries from the CLI. 151

Backing Up and Restoring a Registry Subkey 151

Securing the Registry 152

Subkeys Have Permissions 152

Registry Security: the Idea and the Effects 154

Where the Registry Lives: Hives 156

A Look at the Hive Files 156

Fault Tolerance in the Registry 157

Remote Registry Modification 158

Backing Up and Restoring a Registry 159

Chapter 8 • Controlling Windows Server: Group Policy 161

The Power of Group Policy 161

Working with LGPOs 163

Local Group Policy 165

Administrators or Non-Administrators LGPO 166

User Specific LGPO 167

Group Policy Breakdown: How LGPOs Are Organized and Structured 168

Computer Node vs. User Node 168

LGPO . . . Just a Glorified Registry Editor 169

Introducing ADM Templates and ADMX Files 172

Not All Group Policy Settings Are Registry-Based 174

Introducing Client Side Extensions 176

Essential Policy Settings 176

Using Scripts in Group Policy 180

Working with Active Directory–Based GPOs 181

LGPOs and Active Directory GPOs 182

Chapter 9 • Windows Storage Concepts and Skills 183

Disk Management versus DiskPart 183

The Disk Management Gooey (GUI) 183

Meet DiskPart, the Command-Line Interface 185

The Basics of Disk Management 186

Physical/Logical Disks: How to Slice Them Up 186

Basic Disks versus Dynamic Disks 189

Server 2008 Setup and System Disk Meet Dynamic Disks 198

RAID in Server 2008 204

Mirrored Volumes — RAID-1 205

RAID-5 210

Moving a Dynamic Disk 214

Performing Disk Maintenance 215

Background: Disk Geometry and File Formats 216

Formatting Disks 220

Dealing Out Disk Space . . . Managing Disk Quotas 224

Volume Shadow Copy Service 230

Encrypting NTFS Files and Folders 235

Tools of Disk Maintenance 244

Defragmenting Disks 248

Remote Storage 251

The Evolution of Storage 252

Chapter 10 • TCP/IP and IPv4 Networking Basics 253

A Brief History of TCP/IP 254

Origins of TCP/IP: From the ARPANET to the Internet 255

Goals of TCP/IP’s Design 257

Getting There: The Internet Protocol (IP) 259

A Simple Internet 259

Subnets and Routers: ‘‘Should I Shout, or Should I Route?’’ 259

IP Addresses and Ethernet/Media Access Control (MAC) Addresses 260

Where Your System Gets Its IP Address From 262

IP Routers 265

Routing in More Detail 265

Class A, B, and C Networks, CIDR Blocks, and Routable and Nonroutable Addresses  267

A, B, and C Class Networks 268

Routable and Nonroutable Addresses 269

You Can’t Use All of the Numbers 270

Subnet Masks 272

Exercise: Using IPConfig to View Network Information 273

Classless Inter-Domain Routing (CIDR) 275

What IP Doesn’t Do: Error Checking 277

Transmission Control Protocol (TCP) 278

Sequencing 279

Flow Control 279

Error Detection/Correction 279

Sockets, Ports, and the Winsock Interface 279

How Ports and Sockets Work: An Example 281

Routing the Nonroutable, Part II: PAT and NAT 282

Winsock Sockets 285

Internet Host Names 285

Simple Naming Systems (HOSTS) 286

Domain Name System (DNS) 287

E-Mail Names: A Note 288

Attaching to an Internet 289

Dumb Terminal Connection 290

PPP Serial Connection 290

Cable Modem and DSL Connections 291

LAN Connection 291

Terminal Connections versus Other Connections 291

The Basics of Setting Up TCP/IP on Windows Server 2008 with Static IP Addresses 292

Configuring TCP/IP with a Static IP Address 293

Setting Up MAIN 295

Testing Your IP Configuration 295

Configuration Continued: Setting Domain Suffixes 298

Handling Old Names: Configuring Your Workstation for WINS 301

Adding IP Addresses to a Single NIC 303

Lower-Cost LAN-to-WAN Routing with Internet Connection Sharing 305

Step One: Connect the Internal Network — and Meet Automatic Private Internet Protocol Addressing (APIPA) 306

Step Two: Get Connected to Your ISP 307

Step Three: Turn ICS On 309

Step Four: Configure the Intranet Machines 311

What About the Firewall? 311

Chapter 11 • What’s in a Name? Network Name Overview 313

What Is Naming All About: What a Name Server Does for You 313

Name Resolution in Perspective: Introduction to WINS, NetBIOS, DNS, and Winsock 314

The Old: WINS, NetBIOS, and LMHOSTS 314

The New: Domain Naming System (DNS) 315

Two Different Lineages, Two Different Names 316

Application Program Interface = Modularity 316

Chapter 12 • Old Names: Understanding NetBIOS, WINS, and NetBIOS over TCP/IP 319

NetBIOS and Winsock 319

Handling Legacy and NetBIOS Names: The Windows Internet Name Service 320

NetBIOS atop TCP/IP (NBT) 320

Name Resolution before WINS: LMHOSTS 326

Introducing LMHOSTS 326

WINS: A NetBIOS Name Service for Windows 329

WINS Needs NT or Later Server 329

WINS Holds Name Registrations 329

WINS Client Failure Modes 330

It’s My Name, but for How Long? 330

Installing WINS 331

Configuring a WINS Server 333

Designing a Multi-WINS Network 337

Adding the Second WINS Server 338

Keeping the Second Server Up-to-Date 339

Avoiding WINS Problems 343

Deleting, Tombstoning, and Purging WINS Records 344

WINS Proxy Agents 345

Name Resolution in More Detail 347

Review: Winsock versus NBT 347

DNS/Winsock Name Resolution 347

Controlling WINS versus DNS Order in Winsock 349

NetBIOS Name Resolution Sequence 350

Chapter 13 • New Names: How DNSWorks 353

What DNS Does 353

Anatomy of a DNS Name 354

DNS Labels 1: The Host Name 355

DNS Labels 2: DNS Domains or Zones 355

DNS Domains Versus Active Directory Names 355

DNS from the Client Side 356

Preferred and Alternate DNS Servers 356

Configuring Your DNS Client Software 356

Configuring Your DNS Domain Membership 359

Configuring the DNS Suffix Search List 360

Caching Query Results 361

Caching Negative Query Results 362

Setting Up a Simple DNS Server 363

Find Your IP Addresses 363

Installing the DNS Server Software 364

Point the DNS Client to the DNS Server 365

Try Your DNS Server Out 365

Meet a Better DNS Tool: NSLOOKUP 366

Troubleshooting the Simple DNS Server 367

We Just Built a ‘‘Caching-Only’’ DNS Server 367

DNS Concepts: ‘‘The Hierarchy’’ 368

Introducing the Hierarchy: Back to Left-to-Right 369

Why Build the DNS Hierarchy This Way? 370

The Root, Top-Level, Second-Level, and Child Domains 370

Building a More Complex DNS Server 376

Connect and Name the Systems 376

Set Up the IP Addresses and Preferred DNS Servers 377

Open the Firewalls to Allow Pings 377

Test Connectivity 378

Install DNS Suffixes 378

Make Winserver a DNS Server 379

Creating bigfirm.com: The Birth of a Domain 380

Configuring Your Zone with DNS Records 384

Adding Hosts to a Zone: ‘‘A’’ Records 384

Setting Up Reverse Lookups 386

Reading NS and SOA DNS Records 388

Working with A Records and Understanding Glue Records 390

Seeing All of the Records: The Zone Files Themselves 392

Giving a Host Multiple Names with CNAMEs 395

Identify Your E-mail Servers with MX Records 398

Modifying Your Zone’s SOA Record 401

Spreading the Work: Secondary DNS Servers 401

Secondary DNS Servers Hold Read-Only Zone Copies 402

How Primaries Keep Secondaries Up-to-Date 402

Delegating: Child Domains/Subdomains 411

Revising Bigfirm 411

Time for a Subdomain: test.bigfirm.com 414

Easier Record Maintenance: Dynamic DNS (DDNS) 416

Seeing DDNS Work 416

What DDNS Does, Under the Hood 417

Why You Need a Dynamic Reverse Lookup Zone 418

Keeping Your Systems from Registering PTRs 418

What Triggers DDNS Registrations? 419

Stopping All DDNS Registrations 420

Troubleshooting Failed DDNS Registrations 421

Keeping Your Zones Clean with DNS Scavenging 421

DDNS and Security 426

Tweaking DNS Performance 426

Cheap ‘‘Clusters’’: Building Fault Tolerance with Multiple A Records and Round-Robin DNS 427

dnscmd Cheat Sheet 430

Chapter 14 • Automatic IP Setup: DHCP Essentials 435

DHCP: Automatic TCP/IP Configuration 435

Simplifying TCP/IP Administration: BOOTP 435

DHCP: BOOTP Plus 436

Installing and Configuring DHCP Servers 437

Monitoring DHCP 462

Rebuilding a Damaged DHCP Server 462

DHCP on the Client Side 463

DHCP in Detail: How DHCP Works 463

Designing Multi-DHCP Networks 471

Chapter 15 • Things to Come: A Peek at Active Directory 473

Centralized User Accounts and Authorization 474

Group Policy Centralizes Management, Security, and Configuration 475

AD Provides a Central List of Resources 475

Your Data Follows You Around, and It’s Easier to Secure 476

Index 477