70-410 Flashcards
Server Core
reduces management and servicing by installing only what is needed to run most server roles and applications. Fully manage locally or remotely with Windows PowerShell.
Load Driver on Windows Setup
May have load windows drivers for storage from the manufacturer.
Windows Server 2012 R2 Foundation
- Intended for small office networks.
- Up to 15 users. No CALs.
- Single CPU Socket. No Limit on cores.
- Maximum of 32GB of RAM.
- No Virtualization rights.
Windows Server 2012 R2 Essentials
- Intended for small office networks
- Up to 25 users and 50 devices
- Pre-configured connectivity to cloud-based services.
- Remote Web Access
- My Server app for Windows/RT/Phone
- Microsoft Azure Backup Integration.
- Office 365 Integration
- No Virtualization rights.
Windows Server 2012 R2 Standard
- The Entirety of Windows Server.
- Up to two CPU sockets. No Limit on cores.
- Two virtual instances included.
Windows Server 2012 R2 Datacenter
- The entirety of Windows Server.
- Up to two CPU sockets. No Limit on cores.
- Unlimited virtual instances included.
Server with a GUI
Standard Windows GUI with traditional start screen. Server manager tool and MMC console supported. All server roles can be installed.
Minimal Server Interface
Also known as Windows Server core. Start screen, explorer, IE, and the desktop not supported.
Full Desktop Experience
Intended for using Windows Server as a desktop OS. Standard Windows GUI with traditional Start Screen, plus Windows Store and Windows Store apps supported.
Role
something a windows server aspires to be.
Role Service
The functions that fulfill those aspirations.
Feature
Other tasks that don’t fit within an established Role.
Use Powershell to Install a Role, Role Service, and Feature
Get-WindowsFeature to see all options.
-Install-WindowsFeature telnet-server
Supported Roles on Windows Server Core
- AD Certificate Services. AD Domain Services. AD Lightweight Domain Services. AD Rights Management Services.
- DHCP Server. DNS Server.
- File and Storage Services.
- Hyper-V
- Print and Document Services.
- Remote Access Services.
- Streaming Media Services.
- Web Server (IIS)
- Windows Server Update Services.
Clean Install
Used for new installations. Used where old OS instance will be deleted. Used when changing from x86 to x64 architecture. Used when changing languages. Used when converting from pre-release versions.
Upgrade
Used when an existing OS instance requires an in-place upgrade. Supported upgrades:
- Windows Server 2008 SP2
- Windows Server 2008 R2
- Windows Server 2012 Standard and Datacenter
License Conversion
DISM command can migrate a Windows Server instance to a higher OS Edition.
- Offline servicing to OS images
- Online servicing to running OS instances.
DISM
Services images.
Role Migration
Windows Server Migration Tools are available as an install-able feature in Server Manager.
-Install-WindowsFeatureMigration
Tools must be installed onto source and destination computer. This can be done manually.
Migration steps are different based on the role being migrated.
- Export-SmigServerSetting
- Import-SmigServerSetting
WinSxS Folder
Windows Side by Side. Allows Windows to have multiple different versions of things installed simultaneously. mechanism to allow windows to compartmentalize the roles and features. Directory to point to whenever you need a feature that requires media.
WinSxS Folder
Windows Side by Side. Allows Windows to have multiple different versions of things installed simultaneously. mechanism to allow windows to compartmentalize the roles and features. Directory to point to whenever you need a feature that requires media.
NIC Teaming
Located within Server Manager. Requires at least 2 physical network cards. Under Tasks, create new team. Select Network adapters involved.
Teaming Mode
Static Teaming, switch Independent, and LACP.
Static Teaming
Requires network guys to check switch config. Network has to recognize the team.
Switch Independent
Allows you to configure a team that doesn’t require additional support from the network side. If you don’t have advanced networking equipment, this is the one to choose.
LACP
Requires network guys to check the config on the switch. Is LACP configured.
Load Balancing Mode (NIC Teaming)
How you want the network traffic to balance between the 2 different networking cards. Dynamic is more of a standard. Hyper V is only used for Hyper V servers. Address hash is based off of IP address the traffic is coming from.
Standby Adapter
When another adapter fails. With 2 network cards. It is essentially one NIC with failover.
Powershell Setting IP
- get-netAdapter. (To get the list of adpaters)
- Get-NetAdapter ethernet0 | Set-NetIPInterface -dhcp disabled.
- Get-NetAdapter ethernet0 | new-NetIPAddress -IPAddress 192.168.0.104 -DefaultGateway 192.168.0.1 -PrefixLength 24
- Set-DNSClientServerAddress -InterfaceAlias ethernet0 -ServerAddresses 192.168.0.100
Powershell NIC Teaming
- new-netlbfoteam -name “Our Team” -TeamMembers ethernet0,ehternet1 -TeamingMode SwitchIndependent -LoadBalancingAlgorithm dynamic
- you can set Team IP the same way as a single NIC. Get-NetAdapter “our team” | new-netIPAddress -IPaddress 192.0.0.0 -DefaultGateway 0.0.0.0 -PrefixLength 24
- A “yes to all”
- help LBFO
User Rights Assigment
Determines which users or groups to accomplish tasks on a machine. Local Security policy to delegate administration. Choose granular tasks. If on local security policy it would be only for that machine.
SC (Command Line Tool) for services
Create services or start/stop services. “SC query” will list all services on the machine. To stop service use “SC stop “. To get status of the service type “SC query “
manage services with powershell
- get-service | stop-service.
- get-service | start-service.
Configure Display Resolution with Powershell (Server Core)
Set-DisplayResolution
Adjust the clock settings in powershell (server core)
timedate.cpl
Rename the computer with powershell (server core)
rename-computer
Adding a computer to a domain (server core)
add-computer
Define product key and activate the license (server core)
slmgr.vbs -ipk & slmgr.vbs -ato
Bring up text based menu (Server core) bring up to help find commands you forgot.
sconfig.cmd
Configure WSUS (Server Core)
cscript scregedit.wsf
Install Features and Roles
- Get-WindowsFeature
- Install-WindowsFeature | Uninstall-WindowsFeature
Use your management desktop to manage that machine you are configuring (Server Core) Can be remoted from another location.
Enable-PSRemoting
Convert UI from server core to gui
- Check if possible on existing server: Install-WindowsFeature server-gui-shell -whatif.
- gain access to Windows ISO through powerhsell, and upack the ISO.
- Look for install.wim
- create a mount point: mkdir c:\mount
- run> dism /get-wiminfo /winfile:x:\isos\unpacked\sources\install.wim
- dism /mount-wim /wimfile:x:\isos\unpacked\sources\install.wim /index:2 /mountdir:c:\mount /readonly
- install-windowsfeature server-gui-shell -source c:\mount\windows\winsxs -whatif
Convert GUI to server core (powershell) much easier process than vice versa.
Remove-WindowsFeature server-gui-shell, server-gui-mgmt-infra
Deploy Role or Feature on Remote servers (Powershell)
Install-WindowsFeature -Computername servercore1
Configure Remote management (Powershell)
configure-smremoting
Add and Remove Features in Offline Images
- dism /image:c:\mount /enable-feature /featurename:dhcpserver
- write the change to disk. :> dism /unmount-image /commit
Powershell Desired State Configuration
Allows you to create config docs for controlling how your servers are configured. Powershelldsc. Configure a document as to what a server aspires to become. Mechanism to control the items your interested in controlling.
Powershell DSC example
Configuration Server1
{
Node “server1” {
WindowsFeature DNSServer {
Ensure = "Present"
Name = "DNS"
}
} } Server1
Execute the DSC (Powershell)
Start-DscConfiguration -wait -verbose -path .\server1
Test the DSC config (powershell)
Test-DscConfiguration
MBR
Master Boot Record. Uses a partition table in the first sector of the disk to describe the location of disk partitions. Supports disks up to 2TB. Four primary partitions or three primary plus one extended partition.
GPT
GUID Partition Table. Uses extensible firmware interface to store partition information with redundancy. Support disks larger than 2TB. Not all previous windows versions can recognize GPT disks.
Mark the selected partition as active
diskpart active
Add a mirror to a simple volume
diskpart add
assign a drive letter or mount point to the selected volume
diskpart assign
manipulate volume or disk attributes
diskpart attributes
attach a virtual disk file
diskpart attach
enable and disable automatic mounting of basic volumes
diskpart automount
break a mirror set
diskpart break
Clear the configuration information, or all information, off the disk
diskpart clean
attempts to reduce the physical size of the file
diskpart compact
convert between different disk formats
diskpart convert
create a volume, partition or virtual disk
diskpart create
Delete an object
diskpart delete
Provide details about an object
diskpart detail
detach a virtual disk file
diskpart detach
Exit diskpart
exit
Extend a volume
Diskpart extend
expands the maximum size available on a virtual disk.
diskpart expand
display current and supported file systems on the volume.
Diskpart filesystems
Format the volume or partition.
diskpart format.
assign attributes to the selected GPT partition.
diskpart GPT
display a list of commands
Help
Import a disk group
diskpart import
mark the selected partition as inactive
diskpart inactive
Display a list of objects
diskpart List
Merges a child disk with its parents
dispart Merge
Online an object that is currently marked offline
diskpart online
Offline an object that is currently marked as online.
dispart offline
Refreshes the state of all disks in the selected pack. Attempts recovery on disks in the invalid pack, and resynchronizes mirrored volumes and RAID5 volumes that have stale plex or parity data.
diskpart Recover
Does nothing. This is used to comment scripts.
diskpart REM
Remove a drive letter or mount point assignment.
diskpart Remove
Repair a RAID-5 volume with a failed member.
diskpart repair
rescan the computer looking for diskss and volumes.
diskpart rescan
place a retained partition under a simple volume.
diskpart retain
display or set the SAN policy for the currently booted OS.
diskpart SAN
Shift the focus to an object
diskpart select
change the partition type
diskpart setID
Reduce the size of the selected volume.
diskpart shrink
Displays or sets the GUID partition table identifier or MBR signature of a disk
diskpart UNIQUEID
Basic Volumes
In existence since MS-DOS. Still today a common configuration for disk volumes. Can be extended only to adjacent, contiguous, unallocated space on the same disk. Start here. Automatically created when intialized and brought online.
Dynamic Volumes
Supports spanned, striped, mirrored and Raid-5 volumes. Supports an unlimited number of volumes. Spanned volumes can extend across multiple disks. Not always the best choice. Convert basic to dynamic disks.
Simple Volume
See most commonly.
Spanned volume
provide a mechanism for you to take contents from multiple disk to attach one next to the other to combine available storage. Total storage space in a single drive letter. Potential for a bad day. Loss of any disks will cause the loss of the entire volume. Not many of these in organizations.
Mirrored Volume
takes 2 different disks and attaches them together to create multiple copies of the data on the disk. Gives you a single drive letter. 2 copies of the data is always available. Slower performance
Striped Volume
Takes data and stripes the data across two or more disks. Faster performance. Don’t care at all about HA.
Raid 5 volume
requires atleast 3 disks. Every 2 bits of data a 3rd bit of parity has to be calculated. Redundancy equivalent to mirror. Additional performance for reads, but cost for writes due to the parity bit have to being calculated.
Create and Mount VHD
Disk MGMT/Action/Create and attach VHD.
- VHDX is the updated format.
- Dynamically expanding is the best recommendation.
- File can become a disk the machine can use.
- VHD provide you a way to encapsulate into a single disk that is mobile. Storage virtualization.
Storage Spaces
Provides a way to consolidate storage into a storage pool. You can chop up the pool into individual virtual disks. Relies on the total disk space that exists.
Configure a Storage pool
- File & storage services/Disks.
- Storage Pools/Primordial/Tasks/New Storage Pool.
- -Choose disks/Then allocation (Such as Hotspare)/
- Create Virtual disk out of storage pool.
1. ) Storage Pools/Virtual Disks/Tasks/New Virtual disks/
2. )Storage Layout. “Simple, Mirror, or Parity”.
3. )Resiliency Settings. “two way mirror or three way mirror”
4. ) Provisioning Type: Thin or Fixed. Never want to run out of disk with thin provisioning.
SAS
HBAs to connect storage.
Storage Pool by disk enclosure
storage spaces subsystem provides the ability to connect to JBOD devices using sas to connect to servers. Could be used for cluster storage. Connects to nodes via SAS. It Is shared storage and accessible in a HA way. Multiple methods of connections including multiple JBOD storage to multiple nodes making it HA. There are JBOD enclosures certified by Microsoft.
JBOD
Just a bunch of disks. A collection of hard disks that have not been configured to act as a redundant array of independent disks. (RAID).
JBOD
Just a bunch of disks. A collection of hard disks that have not been configured to act as a redundant array of independent disks. (RAID).
Powershell Ping equivelant
test-connection -computername 192.168.0.0 -quiet -count 1
Test if a machine is online, output is true or false
Powershell to get to control panel
> control
Configure Server Networking (Server Core)
sconfig
Configure Server Networking (Server Core)
sconfig
Find networking Commandlets
cd c:\
get-help *-net
or
get-command -module nettcpip
Get IP addresses on Adapters (Powershell)
Get-NetIPAddress
or more defined to IPv4:
Get-NetIpAddress -AddressFamily IPv4
or get all properties:
Get-NetIpAddress -AddressFamily IPv4 | Select-Object -Property *
Get detailed help file (Powershell)
get-help get-NETIPaddress -Detailed
Get network interface information (Powershell)
Get-NetIPInterface
Check the IPv4 Protocol configuration (Powershell)
Get-NetIPv4Protocol
Understand More of IP configuration (Powershell)
Get-NetIpConfiguration
or
Get-NetIpConfiguration | FL *
or for remote computer:
Get-NetIpConfiguration -ComputerName Servercore1
Check the routing on your machine (Powershell)
(Windows Native) route print
or Powershell:
Get-NetRoute
Find the network interface information (Win native)
netsh interface ipv4 show interface
Add an IP to an existing network interface (Windows native)
netsh interface ipv4 add address “Ethernet0” 192.x.x.x. 255.255.255.0
Find the network interface information (Powershell)
Get-NetIPInterface
Add an IP to an existing network interface (Powershell)
Get-NetIPInterface -InterfaceIndex 12 -AddressFamily IPv4 | New-NetIPAddress -IPAddress 192.x.x.x. -PrefixLength 24
Global Unicast IPv6
2000::/3
APIPA Address (IPv6) Automatically obtained
Fe80::/64
Loopback (IPv6)
::1
same as 127.0.0.1
%12 (%) (IPv6)
Shows what interface the Ipv6 address is on.
Powershell command to display only IPv6 Info
Get-NetIPAddress -AdressFamily IPv6
Network Interoperability
ability to operate networks with both IPv4 and IPv6.
ISATAP
Enables connectivity between IPv6/Ipv4 hosts across an intranet. ISATAP addresses are automatically configured. Address scheme: 64bit link-local, site-local, or Global Prefix. First 32 bit 0000:5efe (5efe is the identifier for ISATAP). Last 32 bit IPv4 address. Tunneling protocol to self address it’s self. I.E.” FE80::5efe:192.168.0.13 “ ISATAP addresses get tunneled over the IPv4 network.
Internet Addressing 6to4 Addresses
Scheme for internet communication. Used to tunnel out to an intranet or a corporate internet outside your corporate walls. IPv4 is part but almost always in hexadecimal. All configured automatically. Can’t cross a NAT device. Public addresses to talk on internet.
Teredo Addresses
Used for application that needs to be able to cross an IPv4 based Nat. Tunneling protocol that encapsulates IPv6 packets into an IPv4 UDP message. Allows tunneling of information between host across a nat device. It gets active when an app is installed that needs Teredo.
Find ISATAP address IPv6 (Powershell)
> Get-NetIPAddress -AddressFamily IPv6
Look for 5efe and IPv4 integration
Find ISATAP cmdlets
get-help ISATAP
Configure Interoperability between Ipv4 and Ipv6 addresses using Group Policy
GPM/Domain Policy/Edit/Computer Configuration/Policies/Administrative Templates/Network/TCPIPSettings/Transition technologies
Enable DHCP Server with DISM
Dism /online /enable-feature /featurename:DHCPServer
Enable DHCP Server with Powershell
install-windowsfeature DHCP -IncludeManagementTools
Check if DHCP Service is running with Powershell
get-service -name dhcp
Add New DHCP Scope with powershell
Add-DHCPServerv4Scope -StartRanger 192.168.3.10 -EndRange 192.168.3.20 -subnetmask 255.255.255.0
(Then Name the scope)
Configure Default Gateway for DHCP Server Side
Scope Options/Add 003 router/choose appropriate IP.
Configure DNS Server for DHCP Server Side
Scope Options/Add 006 DNS servers/Choose appropriate IP that links to DNS.
Add WINS Server for netbios resolution DHCP Server side
Scope options/044 WINS/NBNS Servers/ type in WINS address. Add 046 WINS/NBT Node type / HNode 0x8
Configure PXE boot through DHCP
Scope options/066 Boot Server Host Name/Enter string value or IP address of WDDS server (image deployment)
Then
/067 Bootfile Name (Image you want to launch when client connects to WDDS server)
Manage authorized DHCP servers
Right click on DHCP within DHCP window/Manage Authorized Servers/Specify trusted servers.
Setup a DHCP Relay Agent
Add roles and features/Remote Access/Routing.
Tools/Routing and Remote Access/Server/IPv4 right click on general/select DHCP Relay Agent/
Right click on Relay agent to listen on Ethernet0. Specify Agent properties and the DHCP that is on the other network.
DNS
Provides name resolution. Replacement for the host file. Answer what they know. Can ask other DNS servers for help. Can remember previous requests.
Enable DNS with DISM
DISM /online /enable-feature:DNS-Server-Full-Role
Enable DNS with powershell
install-windowsfeature DNS -IncludeManagementTools
Shortcut for DNS management
DNSMGMT
SRV Records
Help find domain controllers, global catalog servers, to do authentication and authorization.
DNS Active Directory Integrated
The zone is going to be stored in an application partition in AD. The benefit is on DC’s that have DNS, it gets that zone information. It acts like fault tolerance. All A records are stored in AD, and get’s replicated to other DCs. You can choose which DCs to replicate it to.
DNS Dynamic updates
Clients that have authenticated can update their DNS records. Client get’s IP changed by DHCP or statically. The client updates the DNS record automatically.
Zone file
Normal way to create a zone without AD integration. Stores the zone in Windows\System32\dns in a txt file. Not much fault tolerance.
Primary Zones
master copy. Read/writable copies of the zones.
Secondary zone
Created as secondary zone for a primary zone or in other words a copy. Create new zone, select Secondary zone. Can’t be integrated with AD. Type in IP address or Name of the DNS server that has the master copy of the zone. Ensure zone transfers on the master copy server has the secondary server added to the server list. Right click and transfer from master to force the primary zone transfer.
Stub Zone
creates a glue record and points to another DNS server but doesn’t bring across all of the other records. Can be AD integrated.
DNS Forwarders
Forward a request to a different DNS server to do it faster. Any DNS especially on the external. You can send the request and see if that bigger DNS server can find out.
Create a dns forwarders
right click on DC\Forwarders tab\Add a forwarder address such as 4.2.2.2 or 8.8.8.8.
Root Hints
Root level servers hand the requests down in order to find a DNS server with an answer. Root level servers. DNS cache file holds all of the root level servers, down to TLD servers, down to subdomain servers.
Configure Root hints
right click on DC\RootHints Tab. Open cache.DNS to get a updated list of root servers. \Windows\System 32.
See DNS events
Global logs\DNS Events
Host Records
A Records.
IPv6 Host Records
AAAA Records.
CNAME
Alias that points to something that already exists. Canonical Name record. Requires an existing A record to point to. Gives a friendly name.
MX Record
mail exchange record. Directs the mail into your messaging environment. Displays what server you have that can accept emails. Give a mail server priority.
PTR Record
Gets created when you create an A record. Stores ptr records in reverse look up zone. Reverse lookup record.
Configure WinRM
Windows Remote Management. Already turned on and ready to go on server 2012 R2. Web Services http/https . Using default TCP port 5985. Configure the WinRM service start to Automatic. Create a WS-Man listener on TCP 5985. Create firewall exception. Command: Winrm quickconfig. Powershell:Enable-PSRemoting
Configure WinRM with Powershell
winrm quickconfig
(WinRS) Windows Remote Shell via Powershell
Allows you to run remote commands.
winrs -r:hostname ipconfig /all
PSSession with Powershell
Enter-Pssession -computerName hostname.
You can invoke commands remotely through Powershell
Enable remoting on client with Powershell
enable-PSRemoting. Use GPO to enable remoting scaling accross the enterprise.
Configure Down-Level Server management
For Win 7 and 2008 R2 and up. Install Windows Management Framework 4 or WMF4. Check release notes. For XP/2003 - WMF2.0.
Configure Server for Day-to-day management tasks
Install Remote Server Administration tools (RSAT) on your client. Add servers to Server manager. Use the MMC.
Configure Multi-Server management
Configure Server manager to allow management on other servers. Add servers to server manager. Group servers. RDP is no longer best practice.
Run command on multiple servers at once with powershell
invoke-command -computername dc, file1, print1 {Get-Service -name bits}
Configure Server Core
Use sconfig. Or enable winrm to add a server core server is added to a server manager for management with the server manager tools.
Configure Windows firewall through powershell and netsh
> netsh advfirewall firewall set rule group=”Remote administration” new enable=yes
Configure Windows Firewall with Powershell sort through rules
Sort specific rules i.e.: >get-netfirewallrule | select-object -property name, displayname | where {$_.displayname -like “remote”}
Enable a firewall rule with powershell
> Get-NetFirewallRule -name WinRM-HTTP-In-TCP | Set-netFirewallRule -enabled:true
