WINDOWS SERVER 2012/R2 ADMINISTRATION

ACADEMIE CLOUD COMPUTE

SEPT.2017
CUPRINS:

1.INSTALLING AND CONFIGURING SERVERS

1.1: INSTALL SERVERS

1.2: CONFIGURE SERVERS

1.3: CONFIGURE LOCAL STORAGE

2. CONFIGURING SERVER ROLES AND FEATURES

2.1: CONFIGURE FILE AND SHARE ACCESS

2.2: CONFIGURE SERVERS FOR REMOTE MANAGEMENT

3. DEPLOYING AND CONFIGURING CORE NETWORK SERVICES

3.1: CONFIGURE IPV4 AND IPV6 ADDRESSING

3.2: DEPLOY AND CONFIGURE DYNAMIC HOST

CONFIGURATION PROTOCOL (DHCP) SERVICE

3.3: DEPLOY AND CONFIGURE DNS SERVICE

4. INSTALLING AND ADMINISTERING ACTIVE DIRECTORY

4.1: INSTALL DOMAIN CONTROLLERS

4.2: CREATE AND MANAGE ACTIVE DIRECTORY USERS AND
COMPUTERS

4.3: CREATE AND MANAGE ACTIVE DIRECTORY GROUPS AND

ORGANIZATIONAL UNITS (OUS)

5. CREATING AND MANAGING GROUP POLICY

5.1: CREATE GROUP POLICY OBJECTS (GPOS)

5.2: CONFIGURE SECURITY POLICIES

5.3: CONFIGURE APPLICATION RESTRICTION POLICIES

5.4: CONFIGURE WINDOWS FIREWALL

1.Installing and configuring servers
Chapter summary: We will discusses the process of installing Windows Server
2012 R2 using either a clean install or a server upgrade and the server
configuration tasks you must perform immediately following the installation.
Finally, it considers the configuration of various types of hard disk technologies
used for local storage and the deployment of roles to servers all over the network.

 Install servers
 Configure servers

Local-Storage-Vlad

1.1:Install Servers
PLANNING FOR A SERVER INSTALLATION

Since Windows Server 2008 R2, there has been no 32-bit version; only a 64-bit
operating system is available, reflecting the fact that most major applications are
now 64-bit and that modern server configurations are typically supported on
hardware that requires 64 bits. We also have here a GUI and a Core installation
option.

Selecting a Windows Server 2012 R2 edition

Microsoft releases all of its operating systems in multiple editions, which provides
consumers with varying price points and feature sets. When planning a server
deployment, the operating system edition you choose should be based on multiple
factors, including the following:
  The roles you intend the servers to perform
 The virtualization strategy you intend to implement
 The licensing strategy you plan to use

Windows Server 2012 R2 has with the following core editions:

 Windows Server 2012 R2 Datacenter. The Datacenter edition is designed

for large and powerful servers with up to 64 processors and include fault-
tolerance features such as hot-add processor support. As a result, this edition
is available only through the Microsoft volume-licensing program and is
bundled with a server from original equipment manufacturers (OEMs).
 Windows Server 2012 R2 Standard. The Standard edition includes the full
set of Windows Server 2012 R2 features and differs from the Datacenter
edition only in the number of virtual machine (VM) instances permitted by
the license.
 Windows Server 2012 R2 Essentials. The Essentials edition includes
nearly all the features in the Standard and Datacenter editions; it does not
include Server Core, Hyper-V, and Active Directory Federation Services.
The Essentials edition is limited to one physical or virtual server instance
and a maximum of 25 users.
 Windows Server 2012 R2 Foundation. The Foundation edition is a scaled-
down version of the operating system; it is designed for small businesses
that require only basic server features, such as file and print services and
application support. The Foundation edition comes pre-installed with server
hardware, includes no virtualization rights, and is limited to 15 users.

Supporting server roles

Windows Server 2012 R2 includes predefined combinations of services,

called roles, which implement common server functions. Computers running the
Windows Server 2012 R2 operating system can perform a wide variety of tasks,
using both the software included with the product and third-party applications.
After you install the Windows Server 2012 R2 operating system, you can use
Server Manager or Windows PowerShell to install one or more roles on that
computer.

Some of the Windows Server 2012 R2 editions include all of the available roles,
whereas others include only some of them. Selecting the appropriate edition of
Windows Server has always been a matter of anticipating the roles that the
computer must perform.

Supporting server virtualization

The Windows Server 2012 R2 Datacenter edition and the Standard edition each

includes support for Hyper-V, but each edition varies in the number of VMs
permitted by its license. Each running instance of the Windows Server 2012 R2
operating system is classified as being in a physical operating system environment
(POSE) or in a virtual operating system environment (VOSE).

Server licensing

Microsoft provides several different sales channels for Windows Server 2012 R2
licenses, and not all of the editions are available through all of the channels.
Licensing Windows Server 2012 R2 includes purchasing licenses for both servers
and clients, and there are many options for each one.

Installation requirements

If your computer does not meet the following hardware specifications, Windows
Server 2012 R2 will not install correctly (or possibly at all):

 1.4-GHz 64-bit processor

 512 MB RAM
 32 GB available disk space
 Super VGA (1024 × 768) or higher resolution monitor
 Keyboard and mouse (or other compatible pointing device)
  Internet access

32 GB of available disk space should be considered an absolute minimum. The

system partition will need extra space if you install the system over a network or if
your computer has more than 16 GB of RAM installed. The additional disk space
is required for paging, hibernation, and dump files.

CHOOSING INSTALLATION OPTIONS

Many enterprise networks today use servers that are dedicated to a particular role.
When a server is performing a single role, it does not make sense to have so many
other processes running on the server that contribute little or nothing to that role.
Windows Server 2012 R2 provides installation options that enable administrators
to keep the unnecessary resources installed on a server to a minimum.

Using Server Core

Using the Minimal Server Interface

What’s left in the Minimal Server Interface are the Server Manager application, the
MMC application, Device Manager, and the entire Windows PowerShell interface.
This provides administrators with most of the tools they need to manage local and
remote servers.
To configure a Windows Server 2012 R2 Server with a GUI installation to use the
Minimal Server Interface, you must remove the Server Graphical Shell feature by
using Windows PowerShell or the Remove Roles And Features Wizard.

Using Features on Demand

During a Windows Server 2012 R2 installation, the Setup program copies the files
for all the operating system components from the installation medium to a
directory called WinSxS, the side-by-side component store.

Features on Demand provides the following three states:

 Enabled
 Disabled
 Disabled with payload removed

To implement this third state, you must use the Windows PowerShell Uninstall-
WindowsFeature cmdlet, which now supports a new –Remove flag. Thus, the
Windows PowerShell command to disable the Server Graphical Shell and remove
its source files from the WinSxS directory would be as follows:

Uninstall-WindowsFeature Server-Gui-Shell -Remove

FEATURES ON DEMAND

This ability to retrieve source files for a feature from another location is the actual
functionality to which the name Features on Demand refers. Microsoft often uses
this capability to reduce the size of updates downloaded from the Internet. When
the user installs the update, the program downloads the additional files required
and completes the installation.

UPGRADING SERVERS

An in-place upgrade is the most complicated form of Windows Server 2012 R2

installation. It is also the lengthiest and the most likely to cause problems during its
execution. Whenever possible, Microsoft recommends that administrators perform
a clean installation or migrate required roles, applications, and settings instead.

MIGRATING ROLES

Migration is the preferred method of replacing an existing server with one running
Windows Server 2012 R2. Unlike an in-place upgrade, a migration copies vital
information from an existing server to a clean Windows Server 2012 R2
installation.

1.2:Configure servers
A server is rarely ready to perform all the tasks you have planned for it
immediately after installation. Typically some postinstallation configuration
is required and further configuration changes might become necessary after
the server is in service.

Some tasks that administrators might have to perform immediately after the
operating system installation that require direct access to the server console:

 Configuring the network connection

  Setting the time zone
 Enabling Remote Desktop
 Renaming the computer
 Joining a domain
Using GUI tools

In Windows Server 2012 R2, the Properties tile in Server Manager, as shown
in Figure 1-4, provides the same functionality as the Initial Configuration Tasks
window in previous Windows Server versions. To complete any or all of the
postinstallation configuration tasks on a GUI Windows Server 2012 R2
installation, you can use the tools in the Properties tile, either by working directly
at the server console or by using Remote Desktop to access the server from another
computer.

Using command-line tools

If you selected the Server Core option when installing Windows Server 2012 R2,
you can perform the same post installation tasks from the command line. At the
very minimum, you will have to rename the computer and join it to a domain. To
do this, you can use the Sconfig.exe or Netdom.exe program.

Converting between GUI and Server Core

In Windows Server 2012 R2, you can convert a computer installed with the full
GUI option to Server Core and add the full GUI to a Server Core computer. This is
a major improvement in the usefulness of Server Core over the version in
Windows Server 2008 R2, in which you can only change the interface by
reinstalling the entire operating system.

To convert a Windows Server 2012 R2 Server Core installation to the full GUI
option, use the following Windows PowerShell command:

Install-WindowsFeature Server-Gui-Mgmt-Infra,Server-Gui-Shell –Restart

Configuring NIC teaming

NIC teaming is a feature in Windows Server 2012 R2 that enables administrators

to combine the bandwidth of multiple network interface adapters, providing
increased performance and fault tolerance.

The NIC teaming capability in Windows Server 2012 R2 is hardware independent

and enables you to combine multiple physical network adapters into a single
interface.

The results can include increased performance by combining the throughput of the
adapters and protection from adapter failures by dynamically moving all traffic to
the functioning NICs.

NIC teaming in Windows Server 2012 R2 supports two modes:

 Switch Independent Mode. All the network adapters are connected to

different switches, providing alternative routes through the network.
 Switch Dependent Mode. All the network adapters are connected to the
same switch, providing a single interface with their combined bandwidth.
USING SERVER MANAGER

The Server Manager tool in Windows Server 2012 R2 is an application that is the
most obvious evidence of a major paradigm shift in Windows Server
administration. Prior to Windows Server 2012, an administrator who wanted to
install a role by using graphical controls had to work at the server console by either
physically sitting at the keyboard or by connecting to it by using Remote Desktop
Services (formerly Terminal Services). In contrast, the Windows Server 2012 R2
Server Manager can install roles and features to any server on the network.

Adding roles and features

The Server Manager program in Windows Server 2012 R2 combines what used to
be separate wizards for adding roles and features into one, the Add Roles And
Features Wizard. Once you add multiple servers to the Server Manager interface,
they are integrated into the Add Roles And Features Wizard, so you can deploy
roles and features to any of your servers.
INSTALLING COMPONENTS TO MULTIPLE SERVERS

Although you can use the Add Roles And Features Wizard to install components to
any server you have added to Server Manager, you cannot use it to install
components to multiple servers at once. You can, however, do this by using
Windows PowerShell.
SELECTING ALL ROLES AND FEATURES

Unlike earlier versions of Server Manager, the Windows Server 2012 R2 version
enables you to select all the roles and features for a particular server configuration
at once, rather than making you run the wizard multiple times.
Deploying roles to VHDs

In addition to installing roles and features to servers on the network, Server

Manager also enables administrators to install them to VMs that are currently in an
offline state.

CONFIGURING SERVICES

Most Windows Server roles and many of the features include services, which are
programs that run continuously in the background, typically waiting for a client
process to send a request to them. Server Manager provides access to services
running on servers all over the network.
DELEGATING SERVER ADMINISTRATION

As networks grow, so does the number of administrative tasks there are to perform
on a regular basis, and so does the IT staff that is needed to perform them.
Delegating administrative tasks to specific individuals is a natural part of enterprise
server management, as is assigning those individuals the permissions they need—
and only the permissions they need—to perform those tasks

OBJECTIVE SUMMARY
 Server Manager is designed to enable administrators to fully manage
Windows servers without ever having to interact directly with the server
console, either physically or remotely.
 There are some tasks that administrators might have to perform immediately
after the operating system installation that require direct access to the server
console.
 If you selected the Server Core option when installing Windows Server 2012
R2, you can perform posti nstallation tasks from the command line.
 In Windows Server 2012 R2, the Properties tile in Server Manager provides
the same functionality as the Initial Configuration Tasks window in previous
versions.
 In Windows Server 2012 R2, you can convert a computer installed with the
full GUI option to Server Core and add the full GUI to a Server Core
computer.
 NIC teaming is a new feature in Windows Server 2012 R2 that enables
administrators to combine the bandwidth of multiple network interface
adapters, providing increased performance and fault tolerance.
 For administrators of enterprise networks, it might be necessary to add a
large number of servers to Server Manager. To avoid having to work with a
long scrolling list of servers, you can create server groups based on server
locations, functions, or any other organizational paradigm.
 In addition to installing roles and features to servers on the network, Server
Manager enables administrators to install them to VMs that are currently in
an offline state.
 1.3: Managing local storage
Describe Storage Technologies

Filesystem - method of storing and organizing computer files and the

data they
contain to make it easy to find and access this information. A file
system also maintains
the physical location of the files so that you can find and access the
files in the future

A Filesystem provides:

- a way to store data about these files — for example, their

filenames, permissions, and other attributes.

- an index — a list of the files on the drive and where they’re

located on the drive, so the operating system can see what’s
on the drive in one place rather than combing through the
entire drive to find a file.

- has a Master file table(index) contains all information about

the file: size, allocation, name etc

- examples of filesystem: NFS local filesystem for Windows,

EXT3 local for Linux, network filesystem NFS

There are 3 main types of storage technologies:

1. File based storage - a file is typically structured in a file system,

which is nothing more than a hierarchical way of organizing files
so that an individual file can be located by describing the path
to that file. We know that certain attributes -- information that
might describe a file and its contents, such as its owner, who
can access the file, and its size -- are conveniently stored as
metadata in a file system.
2. Block storage - a block is a chunk of data, and when
appropriate blocks are combined, it creates a file. A block has
an address, and the application retrieves a block by making a
SCSI call to that address. It is a very microscopic way of
controlling storage. Unlike in the case of NAS, the application
decides where to place the data and how to organize the
storage. How the blocks are combined or accessed is left up to
the application.

With block storage, files are split into evenly sized blocks of
data, each with its own address but with no additional
information (metadata) to provide more context for what that
block of data is.

Under the right circumstances, granting this level of granular

control to the application allows it to extract the best
performance from a given storage array. This is the reason why
block storage has been king of the hill for performance-centric
applications, mostly transactional and database-oriented

3. Object based storage - is a storage architecture that manages

data as objects, as opposed to other storage architectures like
file systems which manage data as a file hierarchy and block
storage which manages data as blocks within sectors and
tracks.
 - abstracts file and block and stores and has a flat namespace
of objects

1. objects are kept inside a single repository, and are not

nested as files inside a folder inside other folders

2. object storage keeps the blocks of data that make up a file

together and adds all of its associated metadata to that file.

3. the totality of the data, be it a document, audio or video file,

image or photo, or other unstructured data, is stored as a
single object

4. Metadata is also associated with the object and provides

descriptive information about the object and the data itself.
This eliminates the need for a hierarchical structure and
simplifies access by placing everything in a flat address
space (or single namespace).

Extra references:
https://cloudian.com/blog/object-storage-vs-file-storage/
Physical types of storage:

Direct-attached storage - refers to a computer storage system that is

directly attached to your server or PC instead of being attached
directly to a network. Direct-attached storage is not limited only to
internal storage. It can also utilize an external disk enclosure that
contains hard disk drives, including just-a-bunch-of-disks (JBOD)
enclosures and enclosures that are part of a redundant array of
independent disks (RAID).
The important point about direct-attached storage is that it does not
use a storage network. Although a common example of direct-
attached storage is the internal hard drive in your computer, more
commonly it refers to a dedicated storage array that is attached
directly to your servers.
The main interfaces and protocols that are used for direct-attached
storage connections are Serial ATA (SATA), external Serial
Advanced Technology Attachment (eSATA), serial attached SCSI
(SAS), and Fibre Channel.

JBOD - is an abbreviation for “just-a-bunch-of-disks." In other words,

the disks are presented to a computer as if they were directly
attached internal disks, and they are used to increase the direct-
attached storage capacity of file servers. JBODs are usually relatively
simple external enclosures, connected to one or more servers
through SAS or eSATA connections.

Network-attached storage - devices connect storage to a network

where they are accessed through file shares. Unlike direct-attached
storage, they are not directly attached to the computer.

Network-attached storage devices support Ethernet connection, and

they typically allow an administrator to manage disk space, set disk
quotas, provide security, and utilize snapshot technologies. Network-
attached storage devices support multiple protocols. These include
network attached file systems, Common Internet File Systems
(CIFS), and Server Message Block (SMB).
Storage Area Network (SAN) - is a dedicated network that allows you
to share storage. A SAN consists of a storage device, the
interconnecting network infrastructure (switches and so on), and
servers that are connected to this network. SAN devices provide
continuous and fast access to large amounts of data. The
communication and data transfer mechanism for a given deployment
is commonly known as a storage fabric.
A SAN uses a separate network, and it is generally not accessible by
other devices through the local area network.

A SAN does not provide file abstraction, only block-level operations.

The most common SAN protocols used are iSCSI, Fiber Channel, and
Fiber Channel over Ethernet (FCOE).
 HAB (Host Bus Adapter) - is most often used to refer to a Fibre
Channel interface card and iSCSI HBA for iSCSI SAN (offload
TCP/IP and iSCSI processing from a server's CPU)

Understanding Disks Structure in Windows

MBR vs GPT partitioning scheme

Master Boot Record (MBR) - is legacy partitioning scheme that is
used by most operating systems:

5. the MBR itself resides entirely on the first sector (512 bytes)
of a hard disk.

6. Of that space, the first 440 bytes of the MBR are devoted to
the boot loader.

7. the BIOS reads this code and executes it when the computer
boots.

8. followed by data space used to store information about the

four Primary partitions

9. permits us to address up to 2TB (related to how each

partition is described using 32 bit disk pointers)

On an MBR disk, there can only be:

10. primary partitions -4
Or
11. primary partitions -3 plus 1 extended partition

Extended Partition is just a defined area where logical drives reside.

In order to create more than 4 partitions, extended partition is
introduced. Logical Drive is the hard disk partition created in
extended partition.

GUID Partition Table (GPT) - is a new standard for the layout of the
partition table:

12. part of the Extensible Firmware Interface (EFI) standard

proposed by Intel as a replacement for the PC BIOS
 13. uses the 64 bit disk pointers, which allow for a maximum
disk partition size of 9.4 Zeta bytes, or 9.4 billion Tera Bytes.

14. from Windows Server 2008 onwards, only x64 versions **

of the Microsoft OS support GPT disks as the boot disk in
EFI (Extensible Firmware Interface) boot mode

15. GPT disks are not supported as the boot disk in BIOS
Mode when booting to Windows OSes.

** The difference between 32 bit OS and 64 bit OS:

16. The 32 bit system can point to or address only 4 GB
memory
17. the 64 bit system can point to or address a larger number
of locations in physical memory
You can convert a disk between MBR and GPT as long as the disk is
completely empty. Unfortunately, once you've created any partitions
or volumes on the disk, you can no longer convert between the two
types.
Adding new local disks in Windows

Tools for disk/partitions management: GUI Disk Management

(diskmgmt.msc or in Computer Management console) and diskpart
tool from cmd.
1. you need to physically install or add a new virtual disk if
machine is virtual
2. Windows automatically** recognizes the new hardware and
makes it available(not ready for use yet, you just can see it
as an offline disk):
o If the disk is a basic disk that is already partitioned and
formatted, you can use it without initializing, but it will
initially appear "offline" in Disk Management.
o If it's a brand-new disk that has never been partitioned
or formatted, you need to initialize it first:
 ** if the new disk is not visible in Disk Mgmt. do a Rescan
disks:

3. If disk is new, initialize the disk and choose MBR or GPT

partition table as necessary:

4. Create partitions/volumes, choosing the size of it, the mount

point drive letter, the filesystem (most cases is NTFS, the
other ones are obsolete and not used in enterprise
environments anymore) and Quick format:
5. Once the formatting finished the new partition should be
available in Windows Explorer to upload data on it.
SAN disks (iSCSI storage) in Windows

iSCSI is an IP based storage networking standard for linking storage

devices with servers.

By carrying SCSI commands over TCP/IP networks, iSCSI can

facilitate data transfers over local area networks (LANs), wide area
networks (WANs), or the Internet. Through iSCSI, the space on
storage server will be regarded as local disks by client's operation
system. In reality, all data transferred to the disk are actually
transferred over network to the storage server.

- the only interconnectivity required between servers and the disks

on storage subsystems is an IP network (this allows many servers
to share the same storage subsystem)
- is block based storage and the storage vendors offer SAN with
iSCSI technologies (EMC VNXe, Netapp iSCSI SAN etc)
- there are NAS systems with iSCSI support as well
- starting with Win 2008 R2 *** iSCSI server support was
introduced (you can create an iSCSI server/target with Win 2008
R2 )
*** Win 2008 R2 is not natively installed the iSCSI target software,
needs to be downloaded from Microsoft and installed

iSCSI target server - is the server where iSCSI target service is

running.

Microsoft Internet iSCSI Initiator - enables you to connect a host

computer that is running Windows Server® 2008 R2 or higher to an
external iSCSI-based storage array through an Ethernet network
adapter (any kind of iSCSI storage not only Microsoft). iSCSI initiator
service runs on the client and used to make a connection to the iSCSI
Target by logging on to a Target server.

iSCSI virtual disks - are created on iSCSI target server and

associated to the iSCSI target. iSCSI virtual disk represents an iSCSI
LUN, which are connect to the clients using iSCSI initiator.

IQN: It is a unique identifier of the Target or Initiator. The Target IQN

is shown when it is created on the Server. The initiator IQN can be
found by typing a simple “iscsicli” cmd in the command window.

Logical unit numbers (usually referred to as LUNs) allow a SAN to

break its storage down into manageable pieces, which are then
assigned to one or more servers in the SAN. It is a logical reference
that can comprise a disk, a section of a disk, a whole disk array, or a
section of a disk array.

Install iSCSI server/target on Windows 2012 (not used in enterprise

environments)
1. Add iSCSI target role:

2. Add virtual disk to iSCSI server and specify the size of the
virtual disk that you want:
3. Create a New iSCSI Target, give it a name and description
and select the iSCSI initiators *** (clients) that will have
access to this disk (this will allow the Target to be discovered
by defined list of initiators):

*** Initiator has to be started on the client side and have an

iqn
4. Optional CHAP authentication can be configured for this disk
5. On the client side, open iSCSI initiator, provide the iSCSI
Target server IP or host name to the initiator, and the initiator
will be able to do a discovery of the iSCSI Target:
 6. Once the connection is established, the iSCSI virtual disk will
be presented to the initiator as a disk. By default, this disk
will be offline.

7. The rest of the steps are the same as for a local disk

Extra references
https://blogs.technet.microsoft.com/filecab/2012/05/21/introduction-of-
iscsi-target-in-windows-server-2012/

Resizing partitions/volumes
Extend existing volume in Windows

You can add space to a volume without having to back up or reboot,

if the volume is a simple volume and there is free space at the end of
the volume (including the boot volume)!!!

1. on the volume choose Extend Volume:

2. choose the amount to extend with:

3. refresh in Win Explorer to see the new size of the volume

Shrink a volume that has extra free space(local disks only)

1. select the volume to shrink

2. enter the size to shrink with

Check disk tool: chkdsk

- scans the volumes for filesystem errors and physical errors
like bad sectors
- depending on the size of your volume it can take from 5 min
to couple of hours
- can be started from GUI or cmd:
A simple chkdsk Drive_letter: will only check the error but won’t do
any corrections. If chkdsk /f Drive_letter is used the volume will be
dismounted (if is the OS partition will request you to schedule at next
reboot as the OS partition cannot be dismounted with disrupting the
OS) and errors corrected.

There is an error event logged in System event log when a volume

needs a chkdsk, otherwise the filesystem may become corrupted:

Memory dump

A memory dump - consists of the recorded state of the working

memory of an Operating System (applications can create dumps also
when they crash) at a specific time, generally when the program has
crashed or otherwise terminated abnormally.

- a system crash (bugcheck) is usually caused by kernel-

mode code and not user-mode processes
- memory dump files can be analyzed by WinDbg tool
- there is two types:
o Kernel Memory Dump – stop code, lists all kernel
running processes, loaded drivers and threads at that
time
o Small memory dump – less details compared with the
above full dump

- Page file has to be set up on the boot volume and has to be

the size of the physical memory installed on the server,
otherwise the Kernel Dump file might not be generated when
a crash happens
 Page file
Windows memory management is based on Virtual Memory, where
each process has its own private virtual address space. Windows will
move the least used memory pages to a hidden file called the page
file, when approaching a low memory condition.

The Page file is a special file used by Windows to store modified

pages, and the process of moving pages from RAM to the Page file is
called "Paging".

Page files have two primary roles:

- Physical extensions of RAM that store modified data
- Record in information about the state of the system in case
of a system crashes

Extra references
Understanding Crash Dump Files:
https://blogs.technet.microsoft.com/askperf/2008/01/08/understanding-
crash-dump-files/

How to crash dump a Windows VM:

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US
&cmd=displayKC&externalId=1001624

2.Configuring server roles and features

 2.1:Configure file and share access

File sharing/permissions, map/unmap a share

- NTSF is the preferred filesystem on Windows servers

- In NTFS when a file/folder is created an Access Control List

(ACL) is created that includes information that controls which
users and groups can access the file or folder, as well as
what type of access is granted to particular users and groups

There are two types of permissions used in NTFS:

1. Explicit permissions: Permissions granted directly to a file or

folder.
 2. Inherited permissions: Permissions that are granted to a
folder (parent object or container) that flow into child objects
(subfolders or files inside the parent folder).

Looking at Effective NTFS Permissions of a user/group for a file/folder:

The owner of a file/folder controls how permissions are set on the
object and to whom
permissions are granted. If for some reason you have been denied
access to a file or folder, you need to reset the permissions by taking
ownership of the file or folder and modifying the permissions.

Encrypting File System (EFS) is a core file encryption technology

used to store encrypted files on NTFS file system volumes. Encrypted
files cannot be used unless a user has access to the keys required to
decrypt the information.

After a file has been encrypted, you do not have to manually decrypt
that file before you can use it. Rather, once you encrypt a file or
folder, you can work with that file or folder just as you would with any
other file or folder.

EFS can be used to encrypt individual folders or files and BitLocker

can be used to encrypt entire volumes.
Sharing files/folders – for files to be access over network they need to
be Shared and assigned Share permissions along with NTFS
permissions.

CIFS and SMB are Windows file sharing protocols (CIFS being the
latest version of SMB).

NFS is traditionally a Unix file sharing protocol but now Windows

Server supports it natively.

SMB/CIFS uses Windows-style access control lists, whereas NFS

uses Unix-style file permissions (User ID owner, Group ID owner, and
read/write/execute permissions).

Do not grant Everyone Share permissions as it can turn into a

vulnerability, but use specific users/groups to grant Share
permissions!!!
How you list all shared folders active on a server/client:
 How to map a shared folder from a remote server/client, once Share
and NTFS permissions have been granted:

Mapp a network drive from cmd:

List the mapped drive in My Computer:

To list mapped network drives from cmd:

An administrative share is a shared folder typically used for

administrative purposes and usually hidden. To make any shared
folder or drive hidden, the share name must have a $ at the end of it.

You have to have Administrator rights on the remote server to be able

to access the $ shares:
 Copying/moving/deleting files/folders from cmd:

Copy files: copy /robocopy

Robocopy – the newest tool available by default from Win Vista upwards
- /e parameter tells robocopy to include all subdirectories. This
includes empty folders.
- /z parameter give you the ability to restart the process in case
the connection is lost to the destination
- robocopy will automatically copy hidden and system files. It will
create new directories if they don't exist at the target location.
- gives you a detailed statistic and possibility to create a log file
- /mir it can mirror a folder and its content and will preserve the
permissions
Delete files/folders

rmdir – removes directory

del – delete files

2.2:Configure servers for remote management

Windows Server 2012 R2 is designed to facilitate remote server management so

administrators rarely, if ever, have to work directly at the server console. This
conserves server resources that can better be devoted to applications and saves
administrators’ time

Using Server Manager for remote managementServer Manager has been the
primary server administration tool for Windows Server ever since Windows Server
2003. The most obvious improvement to the Server Manager tool in Windows
Server 2012 R2 is the ability to perform administrative tasks on remote servers
and on the local system.

Adding serversThe primary difference between the Windows Server 2012 R2 (and
Windows Server 2012) Server Manager and previous versions is the ability to add
and manage multiple servers at once.

Managing non-domain joined serversWhen you add servers that are members of
an Active Directory Domain Services (AD DS) domain to the Server Manager
interface, Windows Server 2012 R2 uses the standard Kerberos authentication
protocol and your current domain credentials when connecting to the remote
systems. You can also add servers that are not joined to an AD DS domain, but
obviously, the system cannot authenticate using an AD DS account.

Managing Windows Server 2012 R2 serversWhen you add servers running

Windows Server 2012 R2 to Server Manager, you can immediately begin using the
Add Roles and Features Wizard to install roles and features on any of the servers
you have added.You can also perform other administrative tasks, such as
configuring network interface card (NIC) teaming and restarting the server,
because Windows Remote Management (WinRM) is enabled by default on
Windows Server 2012 R2.

Configuring WinRMWinRM enables administrators to manage a computer from a

remote location by using tools based on Windows Management Instrumentation
(WMI) and Windows PowerShell.

Configuring Windows Firewall

If you attempt to launch MMC snap-ins targeting a remote server, such as the
Computer Management console, you will receive an error because of the default
Windows Firewall settings in Windows Server 2012 R2. MMC uses the Distributed
Component Object Model (DCOM) for remote management instead of WinRM,
and these settings are not enabled by default.To address this problem, you must
enable the following inbound Windows Firewall rules on the remote server you
want to manage:

COM+ Network Access (DCOM-In)

Remote Event Log Management (NP-In)

Remote Event Log Management (RPC)

Remote Event Log Management (RPC-EPMAP).

Creating server groups

For administrators of enterprise networks, it might be necessary to add a large

number of servers to Server Manager. To avoid having to work with a long
scrolling list of servers, you can create server groups based on server locations,
functions, or any other organizational paradigm.When you create a server group,
it appears as an icon in the navigation pane, and you can manage the servers in
the group just as you would those in the All Servers group.

Creating server groups does not affect the functions you can perform on them.
You cannot, for example, perform actions on entire groups of servers. The
groupings are just a means to keep a large number of servers organized and easy
to locate.
Using Remote Server Administration Tools

You can manage remote servers from any computer running Windows Server
2012 R2; all the required tools are installed by default. However, administrators
have found it most efficient to use their client computers to manage servers
remotely (especially with the introduction of cloud-based services).To manage
Windows servers from a workstation, you must download and install the Remote
Server Administration Tools package for the version of Windows running on your
workstation from the Microsoft Download Center at
http://www.microsoft.com/download.

Working with remote servers

Once you have added remote servers to Server Manager, you can access them
using a variety of remote administration tools.Server Manager provides three
basic methods for addressing remote servers, as follows:

Contextual tasks. When you right-click a server in a Servers tile anywhere in

Server Manager, you see a shortcut menu that provides access to tools and
commands pointed at the selected server. Some of these are commands that
Server Manager executes on the remote server, such as Restart Server and
Windows PowerShell. Others launch tools on the local system and direct them at
the remote server, such as MMC snap-ins and the Install Roles And Features
Wizard. Still others modify Server Manager itself by removing servers from the
interface. Other contextual tasks sometimes appear in the Tasks menus for
specific panes.

Noncontextual tasks. The menu bar at the top of the Server Manager console
provides access to internal tasks, such as launching the Add Server Wizard and the
Install Roles And Features Wizard, and the Server Manager Properties dialog box,
in which you can specify the console’s refresh interval.
Noncontextual tools. The console’s Tools menu provides access to external
programs, such as MMC snap-ins and the Windows PowerShell interface, that are
directed at the local system.

OBJECTIVE SUMMARY
 Windows Server 2012 R2 is designed to facilitate remote server
management so administrators rarely if ever have to work directly at the
server console. This conserves server resources that can better be devoted to
applications.
 When you add servers running Windows Server 2012 R2 to Server Manager,
you can immediately begin using the Add Roles and Features Wizard to
install roles and features on any of the servers you have added.
 The Windows Firewall rules you have to enable for remote servers running
Windows Server 2012 R2 are also disabled by default on computers running
versions earlier than Windows Server 2012, so you also have to enable them
there.
 For administrators of enterprise networks, it might be necessary to add a
large number of servers to Server Manager. To avoid having to work with a
long scrolling list of servers, you can create server groups based on server
locations, functions, or any other organizational paradigm.
 You can manage remote servers from any computer running Windows
Server 2012 R2; all the required tools are installed by default. However, the
new administrative method that Microsoft is promoting urges administrators
to keep servers locked away and use a workstation to manage servers from a
remote location.