Session 6: Managing Windows Server 2016
1. Domain Name System (DNS)
- Purpose: Translates domain names to IP addresses for easier resource access.
- Key Components:
- Forward Lookup Zone: Maps domain names to IP addresses.
- Reverse Lookup Zone: Maps IP addresses to domain names.
- Resource Records: Includes A (IPv4), AAAA (IPv6), and PTR records.
2. Dynamic Host Configuration Protocol (DHCP)
- Purpose: Automatically assigns IP addresses and network configurations to devices.
- Key Components:
- Scopes: Defines the range of IP addresses available for assignment.
- Lease Time: Specifies how long a device can use an assigned IP address before renewal.
- Reservations: Ensures specific devices always receive the same IP address.
- Purpose: Microsoft’s web server for hosting websites and web applications.
- Configuration Steps:
- Install IIS via Server Manager.
- Use IIS Manager to manage sites and applications.
- Configure authentication, SSL, and logging for security and performance.
Session 7: Configuring Remote Access Services
1. Virtual Private Network (VPN)
- Purpose: Securely connects remote users to a corporate network.
- Key Tunneling Protocols:
- PPTP: Older, less secure.
- L2TP/IPsec: More secure, uses encryption.
- SSTP: Uses SSL/TLS for strong encryption.
2. DirectAccess
- Purpose: Provides seamless, always-on remote access for domain-joined devices.
- Key Requirements:
- IPv6 enabled or transition technologies like ISATAP.
- Configured Group Policies for automatic client connectivity.
3. Remote Desktop Services (RDS)
- Purpose: Allows users to access full desktops or specific applications hosted on a remote server.
- Key Components:
- Remote Desktop Session Host.
- Client configuration using Remote Desktop Protocol (RDP).
- Security settings to control access.
Session 8: Securing Windows Server 2016
1. Security Policies and Group Policy
- Purpose: Standardizes security settings across users and computers.
- Key Policies:
- Password policies (complexity, expiration, history).
- Account lockout settings.
- User rights and privileges.
2. Encryption and Firewalls
- BitLocker: Encrypts disk drives to protect data.
- Windows Defender Firewall: Controls inbound and outbound network traffic.
- IPsec Policies: Encrypts network communication between systems.
3. Security Templates and Network Protection
- Security Configuration Wizard: Helps configure security settings based on server roles.
- Windows Defender Antivirus: Protects against malware and threats.
Session 9: Server and Network Monitoring
1. Importance of Monitoring
- Performance Optimization: Tracks CPU, memory, disk, and network usage.
- Security: Detects unauthorized access or unusual activities.
- Troubleshooting: Helps diagnose and fix system issues.
- Resource Monitor: Provides real-time monitoring of CPU, disk, memory, and network.
- Event Viewer: Logs system events, errors, and security incidents.
- Performance Monitor: Analyzes system performance trends over time.
3. Best Practices
- Regularly review logs and alerts.
- Automate alerts for critical system issues.
- Maintain documentation for troubleshooting.
Session 10: System Reliability and Troubleshooting
1. System Recovery and Diagnostics
- Backup and Restore: Use Windows Server Backup to protect data.
- Safe Mode: Booting option for troubleshooting.
- Windows Recovery Environment (WinRE): Provides repair tools for startup failures.
- Using Event Viewer: Identify errors and system failures.
- Using Performance Monitor: Track long-term system performance trends.
- Task Manager: Monitor and manage running processes.
3. Ensuring System Uptime
- Preventative Maintenance: Regular updates, patches, and hardware checks.
- High Availability Strategies: Implement clustering and load balancing.
- Disaster Recovery Plans: Ensure backups and failover mechanisms are in place.