Windows Server 2019 Cookbook - Second Edition

By : Mark Henderson, Jordan Krause

Windows Server 2019 Cookbook - Second Edition

By: Mark Henderson, Jordan Krause

Overview of this book

Do you want to get up and running with essential administrative tasks in Windows Server 2019? This second edition of the Windows Server 2019 Cookbook is packed with practical recipes that will help you do just that. The book starts by taking you through the basics that you need to know to get a Windows Server operating system working, before teaching you how to navigate through daily tasks using the upgraded graphical user interface (GUI). You'll then learn how to compose an optimal Group Policy and perform task automation with PowerShell scripting. As you advance, you’ll get to grips with faster app innovation, improved Windows security measures, and hybrid cloud environments. After you’ve explored the functions available to provide remote network access to your users, you’ll cover the new Hyper-V enhancements. Finally, this Windows Server book will guide you through practical recipes relating to Azure integration and important tips for how to manage a Windows Server environment seamlessly. By the end of this book, you’ll be well-versed with Windows Server 2019 essentials and have the skills you need to configure Windows services and implement best practices for securing a Windows Server environment.

Preface

Who this book is for

What this book covers

To get the most out of this book

Code in Action

Download the color images

Conventions used

Sections

Get in touch

Reviews

Chapter 1: Learning the Interface

Shutting down or restarting the server

Launching Administrative Tools

Using WinKey + X for quick admin tasks

Using the search function to launch applications quickly

Managing remote servers from a single pane with Server Manager

Using PowerShell to accomplish any function in Windows Server

Installing a role or feature

Administering Server 2019 from a Windows 10 machine

Managing your servers through the Windows Admin Center

Identifying useful keyboard shortcuts in Server 2019

Setting your PowerShell Execution Policy

Building and executing your first PowerShell script

Searching for PowerShell cmdlets with Get-Help

Free Chapter

Chapter 2: Core Infrastructure Tasks

Configuring a combination Domain Controller, DNS server, and DHCP server

Adding a second DC

Organizing your computers with Organizational Units

Creating an A or AAAA record in DNS

Creating and using a CNAME record in DNS

Creating a DHCP scope to assign addresses to computers

Creating a DHCP reservation for a specific server or resource

Pre-staging a computer account in Active Directory

Using PowerShell to create a new Active Directory user

Using PowerShell to run commands on another server

Chapter 3: Networking

Using Windows Firewall with Advanced Security to block unnecessary traffic

Multi-homing Windows Server 2019

Adding a static route to the Windows routing table

Using dynamic BGP routing in your Windows routing table

Using Telnet and Test-NetConnection to test a connection and network flow

Using the pathping command to trace network traffic

Setting up NIC Teaming

Renaming and domain joining

Chapter 4: Working with Certificates

Setting up the first Certification Authority server in a network

Building a subordinate Certification Authority server

Creating a certificate template to prepare for issuing machine certificates to your clients

Publishing a certificate template to allow enrolment

Using MMC to request a new certificate

Using the web interface to request a new certificate

Using PowerShell to request a new certificate

Configuring Autoenrollment to issue certificates to all domain-joined systems

Renewing your root certificate

Revoking a certificate

Chapter 5: Internet Information Services

Installing the Web Server role with PowerShell

Launching your first website

Changing the port on which your website runs

Adding encryption to your website

Using a Certificate Signing Request to acquire your SSL certificate

Using Let's Encrypt to acquire your SSL certificate

Moving an SSL certificate from one server to another

Rebinding your renewed certificates automatically

Hosting multiple websites on your IIS server

Using host headers to manage multiple websites on a single IP address

Chapter 6: Remote Access

DirectAccess planning questions and answers

Configuring DirectAccess, a VPN, or a combination of the two

Pre-staging Group Policy Objects to be used by DirectAccess

Enhancing the security of DirectAccess by requiring certificate authentication

Building your Network Location Server on its own system

Enabling Network Load Balancing on your DirectAccess servers

Adding a VPN to your existing DirectAccess server

Replacing your expiring IP-HTTPS certificate

Reporting on DirectAccess and VPN connections

Chapter 7: Remote Desktop Services

Basics of an RDS environment

Building a single server RDS environment

Adding an additional RDSH server to your RDS environment

Installing applications on an RDSH server

Disabling the redirection of local resources

Shadowing another session in RDS

Installing a printer driver to use with redirection

Removing an RD Session Host server from use for maintenance

Publishing WordPad with RemoteApp

Adding support for OpenGL and OpenCL applications

Chapter 8: Monitoring and Backup

Using Server Manager as a quick monitoring tool

Using the new Task Manager to its full potential

Configuring a full system backup using Windows Server Backup

Recovering data from a Windows backup file

Using IP Address Management to keep track of your used IP addresses

Checking for viruses and adding ransomware protection

Chapter 9: System Insights

Installing System Insights

Windows Server System Insights capabilities

Managing System Insights

Managing Windows Server System Insights from PowerShell

Aggregate prediction outcomes

Chapter 10: Group Policy

Creating and assigning a new Group Policy Object

Mapping network drives with Group Policy

Redirecting the Documents folder to a network share

Creating a VPN connection with Group Policy

Creating a printer connection with Group Policy

Using Group Policy to enforce an internet proxy server

Viewing the settings currently enabled inside a GPO

Viewing the GPOs currently assigned to a computer

Backing up and restoring GPOs

Working with WMI filters to assign GPOs

Plugging in ADMX and ADML templates

Chapter 11: File Services and Data Control

Enabling Distributed File System and creating a Namespace

Configuring Distributed File System Replication

Creating an iSCSI target on your server

Configuring an iSCSI initiator connection

Configuring Storage Spaces

Turning on data deduplication

Setting up Windows Server 2019 work folders

Configuring a Scale-Out File Server

Chapter 12: Server Core

Building your first Server Core instance

Configuring Server Core from the console

Switching between Server Core and Desktop Experience?

Limitations of Server Core

Managing Server Core with Server Manager

Managing Server Core using remote MMC tools

Managing Server Core with PowerShell remoting

Chapter 13: Working with Hyper-V

Creating a Windows Server that runs Hyper-V

Creating a Hyper-V server

Networking your VMs

Building your first VM

Using the VM Settings page

Editing virtual hard disks

Using checkpoints as rollback points

Using nested resiliency

Chapter 14: Containers and Docker

Configuring your server to run container images

Running your first container

Running commands inside a container

Creating and customizing your own container image

Upgrading a container

Productionizing a running container

Changing the container networking

Deploying a container to Azure

Chapter 15: Desired State Configuration and Automation

Making your first DSC

Adding additional roles to DSC

Using complex resources

Converting a GPO to DSC

Pushing a DSC configuration to multiple servers

Using Azure DSC automation

Chapter 16: Hardening Your Infrastructure

Using Group Policy to enforce a password policy

The Microsoft Security Compliance Toolkit

Using Desired State Configuration to enforce default configurations

Disabling outdated services and protocols

Delegating Active Directory permissions

Enabling the Active Directory Recycle Bin

Using System Monitor to identify security issues

Windows Server Update Services

Using BitLocker for drive encryption

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Configuring Autoenrollment to issue certificates to all domain-joined systems

Many new technologies requiring certificates to be used for authentication require those certificates to be distributed on a large scale. For example, if we want to use the Computer certificate for DirectAccess authentication, we need to issue a certificate to every DirectAccess client computer. This can be done for thousands of laptops in your network. If we want to start encrypting traffic inside the network with IPsec and require certificates to be distributed for that purpose, we would potentially need to issue some kind of machine certificate to every computer inside our network. While we could certainly issue each by hand using either the MMC console or the CA web interface, that doesn't sound like very much fun.

Enter Autoenrollment. We can turn this feature on, which is sort of like flipping a switch in Active Directory, and in doing so, we can tell AD to issue certificates automatically to...

Windows Server 2019 Cookbook - Second Edition

By : Mark Henderson, Jordan Krause

Windows Server 2019 Cookbook - Second Edition

By: Mark Henderson, Jordan Krause

Overview of this book

Related Content you might be interested in

Current Title:

Windows Server 2019 Cookbook - Second Edition

Mastering Windows Server 2019

Mastering Windows Server 2019, Third Edition

Mastering Windows Server 2022

Configuring Autoenrollment to issue certificates to all domain-joined systems