Windows Server 2008 R2
advertisement
US 6842– Install a multi-user computer and peripherals Computing (Computer Support) US 6860Install a local area computer network Computing (Computer Support) US 6741Administer a Local Area Computer Network Computing (Computer Operations) Version 2.0 – January 2015 National Technology Institute Name: Course: Division: Class: January 2015 Table of Contents WINDOWS SERVER 2008 R2............................................................................................................................................... 3 INSTALLING SERVER 2008 R2 ........................................................................................................................................... 6 INSTALLATION OF SERVER 2008 R2 ............................................................................................................................... 7 IP ADDRESS ........................................................................................................................................................................... 15 FEATURES AND ROLES OF SERVER 2008 R2 ............................................................................................................. 20 ADDS ........................................................................................................................................................................................ 23 DHCP ........................................................................................................................................................................................ 43 INSTALLING PRINTER ........................................................................................................................................................ 49 ORGANISATIONAL UNITS (OU’S) ................................................................................................................................... 59 USER ......................................................................................................................................................................................... 62 GROUP POLICY OBJECT (GPO) ........................................................................................................................................ 68 HOME FOLDER ...................................................................................................................................................................... 70 DOMAIN CONTROLLER POLICY ...................................................................................................................................... 79 IP SECURITY POLICY .......................................................................................................................................................... 83 WINDOWS SERVER BACKUP ........................................................................................................................................... 86 Level 6 Mod B – Networking NOTES ...................................................................................................................................................................................... 97 ©2015 - National Technology Institute Windows Server 2008 R2 Introduction Windows Server 2008 R2, or simply R2 for short, is the second release of Windows Server 2008. It isn’t a completely new release, but rather adds additional features and refinements to the existing release. In this book, we focus on the new features and refinements in R2. We assume you have at least a general knowledge of Windows Server, and that you have some familiarity with Windows Server 2008, although we don’t assume you’re actively running Windows Server 2008. Where an R2 feature is a refinement of a feature that was new in Windows Server 2008, we provide background on the Windows Server 2008 feature to provide context Release Cadence Beginning with Windows Server 2003, Microsoft moved to a server release cycle that was designed to have a major release every three to five years (Windows Server 2003, Windows Server 2008), with a minor release at the approximate midpoint of the major release cycle (Windows Server 2003 R2, Windows Server 2008 R2). This change allowed Microsoft to move away from including new functionality in service packs (SPs), while providing customers with a more stable and predictable server environment. An R2 release is more than an SP, but less than a full major release. Windows Server 2008 R2 includes Windows Server 2008 SP2, but it also adds many new features and functionality that were not part of Windows Server 2008. Editions Before embarking on the installation of Windows Server 2008 R2, it is important to first gain an understanding of the different editions available and the corresponding hardware requirements. It is also important to be aware of the upgrade options available with each edition. With this objective in mind, this chapter will focus on providing an overview of both the different Windows Server 2008 R2 editions and the recommended hardware requirements. Windows Server 2008 R2 Foundation Edition The Foundation edition of Windows Server 2008 R2 is the new entry level edition and is designed specifically with the small business in mind. It is the least expensive of the various editions and lacks some of the more advanced functionality typically found in the higher end editions such as full Active Directory support and Hyper-V virtualization capabilities. In addition, the Foundation edition limits some of the included features, such as restricting the number of concurrent remote desktop services connections to 50 and is able to access a maximum of 1 processor and 8GB of RAM. 3|Page January 2015 Windows Server 2008 R2 Standard Edition Windows Server 2008 R2 Standard is another one of Microsoft's entry level server offerings (alongside Windows Web Server R2 2008 and Windows Server R2 2008 Foundation). As previously stated, whilst the original version of Windows Server 2008 supported both 32-bit and 64-bit versions, the R2 version supports only 64-bit processors. In terms of hardware, Standard Edition supports up to 4GB of RAM and 4 processors. Windows Server 2008 is primarily targeted at small and mid-sized businesses (SMBs) and is ideal for providing domain, web, DNS, remote access, print, and file and application services. Support for clustering, however, is notably absent from this edition. An upgrade path to Windows Server 2008 R2 Standard is available from Windows Server 2008, Windows 2000 Server and Windows Server 2003 Standard Edition. Windows Server 2008 R2 Enterprise Edition Windows Server 2008 R2 Enterprise Edition provides greater functionality and scalability than the Standard Edition. As with Standard Edition both 32-bit and 64-bit versions are available. Enhancements include support for as many as 8 processors and up to 2TB of RAM. Additional features of the Enterprise edition include support for clusters of up to 16 nodes and Active Directory Federated Services (AD FS). Windows Server 2000, Windows 2000 Advanced Server, Windows Server 2003 Standard Edition and Windows Server 2003 Enterprise Edition may all be upgraded to Windows Server 2008 R2 Enterprise Edition. Level 6 Mod B – Networking Windows Server 2008 R2 Datacentre Edition The Datacentre edition represents the top end of the Windows Server 2008 R2 product range and is targeted at mission critical enterprises requiring stability and high uptime levels. Windows Server 2008 R2 Datacentre edition supports up to 2TB of RAM and a minimum of 8 processors up to a maximum of 64. Upgrade paths to Windows Server 2008 R2 Datacentre Edition are available from the Datacentre editions of Windows Server 2008, Windows 2000 and 2003. Windows Web Server 2008 R2 Windows Web Server R2 2008 is essentially a version of Windows Server 2008 R2 designed primarily for the purpose of providing web services. It includes Internet Information Services (IIS) 7.0 along with associated services such as Simple Mail Transfer Protocol (SMTP) and Telnet. It supports up to 4 processors but RAM is limited to 32GB. ©2015 - National Technology Institute As with other entry level editions, Windows Web Server 2008 R2 lacks many of the features present in other editions such as clustering, BitLocker drive encryption, multipath I/O, Windows Internet Naming Service (WINS), Removable Storage Management and SAN Management. Windows Server 2008 R2 Features Matrix Now that we have covered in general terms the various different editions of Windows Server 2008 R2 we can now look in a little more detail at a feature by feature comparison of the four different editions. This is outlined in the following feature matrix: Feature Enterprise Datacentre Standard Itanium Web Foundation Active Directory Yes Certificate Services Yes Limited No No Limited Active Directory Domain Yes Services Yes Yes No No Yes Active Directory Yes Federation Services Yes No No No No Active Lightweight Services Yes Yes No No Yes Active Directory Rights Yes Management Services Yes Yes No No Yes Application Server Yes Yes Yes Yes No Yes DHCP Server Yes Yes Yes No No Yes DNS Server Yes Yes Yes No Yes Yes Fax Server Yes Yes Yes No No Yes File Services Yes Yes Limited No No Limited Hyper-V Yes Yes Yes No No No Yes Yes Limited No No Limited Yes Yes Yes No No Yes Remote Desktop Services Yes Yes Limited No No Limited Web Services (IIS) Yes Yes Yes Yes Yes Yes Windows Services Yes Yes Yes No No Yes Windows Server Update Yes Services (WSUS) Yes Yes No No Yes Directory Directory Yes Network Policy Access Services Print and Services and Document Deployment 5|Page January 2015 Installing Server 2008 R2 System Requirements Category Minimum / Recommended Requirements Processor • Minimum: 1.4GHz (x64 processor) • Recommended: 2GHz or faster Note: For Itanium based systems an Intel Itanium 2 processor is required. Memory • Minimum: 512MB RAM • Recommended: 2GB RAM or greater • Maximum (32-bit systems): 4GB (Standard) or 64GB (Enterprise and Datacentre) • Maximum: 8GB (Foundation) 32GB (Standard) or 2TB (Enterprise, Datacentre and Itanium-Based Systems) Available Disk Space • Minimum: 10GB • Recommended: 40GB or greater Note: Systems with RAM in excess of 16GB will require greater amounts of disk space to accommodate paging, hibernation, and dump files Drive DVD-ROM drive Display and Peripherals • Super VGA or greater-resolution monitor (800x600) • Keyboard • Microsoft Mouse or compatible pointing device Level 6 Mod B – Networking Hardware Compatibility The "Certified for Windows Server® 2008 R2" and "Certified for Windows Server® 2008" logos identify hardware and software solutions that meet Microsoft standards for compatibility and recommended practices with the respective Windows Server operating systems. Solutions that have earned the Certified for Windows Server 2008 R2 and Certified Windows Server 2008 logos take advantage of top-performing technologies, such as 64-bit and virtualization. Certified for Windows Server 2008 R2 and Certified for Windows Server 2008 applications have been tested by a third party test vendor. ©2015 - National Technology Institute Installation of Server 2008 R2 Windows Server 2008 R2 is a network operating system Microsoft, and can be deployed in medium to large scale industries in order to allow administrators to centrally manage the entire network setup right from a single location. The main difference between a client operating system, such as Microsoft Windows 8, Microsoft Windows 7, etc. and a network operating system such as Microsoft Windows Server 2008 RTM/R2, Windows Server 2003 and Windows 2000 Server is that the network operating system (NOS) has some additional server specific features integrated in it. These additional features include: Active Directory Domain Services (AD DS) Dynamic Host Configuration Protocol (DHCP) Domain Name System (DNS) Active Directory Certificate Services (AD CS) Active Directory Federation Services (AD FS) Distributed File System (DFS), etc. Although Windows Server 2008 R2 is a network operating system, it is initially installed just as a normal client operating system, i.e. without any additional server oriented services or features installed in it. In order to make the installed network operating system work as a typical server, systems administrators must install the server services and/or features according to the role that they want the computer to play in the network. Administrators must follow the steps given below to install Windows Server 2008 R2: 1. Power on the computer on which Microsoft Windows Server 2008 R2 is to be installed. 2. Enter into the BIOS setup to make the computer boot from DVD. 3. Insert Microsoft Windows Server 2008 R2 bootable installation media. 4. Once inserted, reboot the computer. 7|Page January 2015 Level 6 Mod B – Networking 5. When prompted for an installation language and other regional options, make your selection and press Next. 6. Next, press Install Now to begin the installation process. ©2015 - National Technology Institute 7. Product activation is now also identical with that found in Windows Vista/7. Enter your Product ID in the next window, and if you want to automatically activate Windows the moment the installation finishes, click Next. 9|Page January 2015 8. If you do not have the Product ID available right now, you can leave the box empty, and click Next. You will need to provide the Product ID later, after the server installation is over. Press No. Level 6 Mod B – Networking 9. Because you did not provide the correct ID, the installation process cannot determine what kind of Windows Server 2008 R2 license you own, and therefore you will be prompted to select your correct version in the next screen, assuming you are telling the truth and will provide the correct ID to prove your selection later on. ©2015 - National Technology Institute 10. If you did provide the right Product ID, select the Full version of the right Windows version you're prompted, and click Next. 11. Read and accept the license terms by clicking to select the checkbox and pressing Next. 11 | P a g e January 2015 12. In the "Which type of installation do you want?" window, click the only available option –Custom (Advanced). Level 6 Mod B – Networking 13. In the "Where do you want to install Windows?", if you're installing the server on a regular IDE hard disk, click to select the first disk, usually Disk 0, and click Next. ©2015 - National Technology Institute 14. 11. The installation now begins, copying the setup files from the DVD to the hard drive only takes about one minute. The exact time it takes to install server core depends upon your hardware specifications. Faster disks will perform much faster installs… Windows Server 2008 takes up approximately 10 GB of hard drive space. 15. The installation process will reboot your computer . 16. Then the server reboots you'll be prompted with the new Windows Server 2008 type of login screen. Press CTRL+ALT+DEL to log in. 17. Click on Other User. 13 | P a g e January 2015 18. The default Administrator is blank, so just type Administrator and press Enter. Level 6 Mod B – Networking 19. You will be prompted to change the user's password. You have no choice but to press Ok. 20. In the password changing dialog box, leave the default password blank, and enter a new, complex, at-least-7-characters-long new password twice. 21. Someone thought it would be cool to nag you once more, so now you'll be prompted to accept the fact that the password had been changed. Press Ok. 22. Finally, the desktop appears and that's it, you're logged on and can begin working. You will be greeted by an assistant for the initial server configuration, and after performing some initial configuration tasks, you will be able to start working. ©2015 - National Technology Institute IP Address Every machine on a network has a unique identifier. Just as you would address a letter to send in the mail, computers use the unique identifier to send data to specific computers on a network. Most networks today, including all computers on the Internet, use the TCP/IP protocol as the standard for how to communicate on the network. In the TCP/IP protocol, the unique identifier for a computer is called its IP address. In Microsoft Windows, you can enter ipconfig in the command prompt app to view your computer's current IP address configuration. There are two standards for IP addresses: IP Version 4 (IPv4) and IP Version 6 (IPv6). All computers with IP addresses have an IPv4 address, and many are starting to use the new IPv6 address system as well. Here's what these two address types mean: IPv4 uses 32 binary bits to create a single unique address on the network. An IPv4 address is expressed by four numbers separated by dots. Each number is the decimal (base-10) representation for an eight-digit binary (base-2) number, also called an octet. For example: 216.27.61.137 IPv6 uses 128 binary bits to create a single unique address on the network. An IPv6 address is expressed by eight groups of hexadecimal (base-16) numbers separated by colons, as in 2001:cdba:0000:0000:0000:0000:3257:9652. Groups of numbers that contain all zeros are often omitted to save space, leaving a colon separator to mark the gap (as in 2001:cdba::3257:9652). 15 | P a g e January 2015 At the dawn of IPv4 addressing, the Internet was not the large commercial sensation it is today, and most networks were private and closed off from other networks around the world. When the Internet exploded, having only 32 bits to identify a unique Internet address caused people to panic that we'd run out of IP addresses. Under IPv4, there are 232 possible combinations, which offers just under 4.3 billion unique addresses. IPv6 raised that to a panic-relieving 2128 possible addresses. How does your computer get its IP address? An IP address can be either dynamic or static. A static address is one that you configure yourself by editing your computer's network settings. This type of address is rare, and it can create network issues if you use it without a good understanding of TCP/IP. Dynamic addresses are the most common. They're assigned by the Dynamic Host Configuration Protocol (DHCP), a service running on the network. DHCP typically runs on network hardware such as routers or dedicated DHCP servers. Dynamic IP addresses are issued using a leasing system, meaning that the IP address is only active for a limited time. If the lease expires, the computer will automatically request a new lease. Sometimes, this means the computer will get a new IP address, too, especially if the computer was unplugged from the network between leases. This process is usually transparent to the user unless the computer warns about an IP address conflict on the network (two computers with the same IP address). An address conflict is rare, and today's technology typically fixes the problem automatically. IP Classes Earlier, you read that IPv4 addresses represent four eight-digit binary numbers. That means that each number could be 00000000 to 11111111 in binary, or 0 to 255 in decimal (base-10). In other words, 0.0.0.0 to 255.255.255.255. However, some numbers in that range are reserved for specific purposes on TCP/IP networks. These reservations are recognized by the authority on TCP/IP addressing, the Internet Assigned Numbers Authority (IANA). Four specific reservations include the following: Level 6 Mod B – Networking 0.0.0.0 -- This represents the default network, which is the abstract concept of just being connected to a TCP/IP network. 255.255.255.255 -- This address is reserved for network broadcasts, or messages that should go to all computers on the network. 127.0.0.1 -- This is called the loopback address, meaning your computer's way of identifying itself, whether or not it has an assigned IP address. 169.254.0.1 To 169.254.255.254 -- This is the Automatic Private IP Addressing (APIPA) range of addresses assigned automatically when a computer's unsuccessful getting an address from a DHCP server. The other IP address reservations are for subnet classes. A subnet is a smaller network of computers connected to a larger network through a router. The subnet can have its own address system so computers on the same subnet can communicate quickly without sending data across the larger network. A router on a TCP/IP network, including the Internet, is configured to recognize one or more subnets and route network traffic appropriately. The following are the IP addresses reserved for subnets: ©2015 - National Technology Institute 10.0.0.0 To 10.255.255.255 -- This falls within the Class A address range of 1.0.0.0 to 127.0.0.0, in which the first bit is 0. 172.16.0.0 To 172.31.255.255 -- This falls within the Class B address range of 128.0.0.0 to 191.255.0.0, in which the first two bits are 10. 192.168.0.0 To 192.168.255.255 -- This falls within the Class C range of 192.0.0.0 through 223.255.255.0, in which the first three bits are 110. Multicast (formerly called Class D) -- The first four bits in the address are 1110, with addresses ranging from 224.0.0.0 to 239.255.255.255. Reserved for future/experimental use (formerly called Class E) -- addresses 240.0.0.0 to 254.255.255.254. The first three (within Classes A, B and C) are those most used in creating subnets. If you only connect one computer to the Internet, that computer can use the address from your ISP. Many homes today, though, use routers to share a single Internet connection between multiple computers. Wireless routers have become especially popular in recent years, avoiding the need to run network cables between rooms. If you use a router to share an Internet connection, the router gets the IP address issued directly from the ISP. Then, it creates and manages a subnet for all the computers connected to that router. If your computer's address falls into one of the reserved subnet ranges listed earlier, you're going through a router rather than connecting directly to the Internet. IP addresses on a subnet have two parts: network and node. The network part identifies the subnet itself. The node, also called the host, is an individual piece of computer equipment connected to the network and requiring a unique address. Each computer knows how to separate the two parts of the IP address by using a subnet mask. A subnet mask looks somewhat like an IP address, but it's actually just a filter used to determine which part of an IP address designates the network and node. A subnet mask consists of a series of 1 bits followed by a series of 0 bits. The 1 bits indicate those that should mask the network bits in the IP address, revealing only those that identify a unique node on that network. In the IPv4 standard, the most commonly used subnet masks have complete octets of 1s and 0s as follows: 255.0.0.0.0 = 11111111.00000000.00000000.00000000 = eight bits for networks, 24 bits for nodes 255.255.0.0 = 11111111.11111111.00000000.00000000 = 16 bits for networks, 16 bits for nodes 255.255.255.0 = 11111111. 11111111.11111111.00000000 = 24 bits for networks, eight bits for nodes People who set up large networks determine what subnet mask works best based on the number of desired subnets or nodes. For more subnets, use more bits for the network; for more nodes per subnet, use more bits for the nodes. This may mean using non-standard mask values. For instance, if you want to use 10 bits for networks and 22 for nodes, your subnet mask value would require using 11000000 in the second octet, resulting in a subnet mask value of 255.192.0.0. 17 | P a g e January 2015 Another important thing to note about IP addresses in a subnet is that the first and last addresses are reserved. The first address identifies the subnet itself, and the last address identifies the broadcast address for systems on that subnet. Create a table where all the classes of IP addresses are shown with their starting and ending range. Level 6 Mod B – Networking Notes ©2015 - National Technology Institute Static and Dynamic IP Addresses Static IP Addressing If you feel the need to always know what your IP address is then you need a Static IP address, because it is constant. Static IP addresses are more reliable for Voice over Internet Protocol (VOIP), more reliable to host a gaming website or to play X-Box, Play Station, use Virtual Private Network for secure access to files from your company network computer, etc. Static IP addresses are also great if you use your computer as a server, as it should give your file server faster file uploads and downloads. Another plus with Static IP's, when hosting a website you are not sharing your IP with another company who sends out a lot of E-mail SPAM and not only has their website been shut down but in turn gets your IP address blacklisted. In contrast a static IP address can become a security risk, because the address is always the same. Static IP's are easier to track for data mining companies. Static IP addressing is less cost effective than Dynamic IP Addressing. Dynamic IP Addressing The biggest advantages of Dynamic IP Addressing are less security risk as the computer is assigned a new IP address each time the customer logs on, they are cost effective and there is automatic network configuration (the less human intervention with network configuration the better). Dynamic addressing is usually used by ISP's so that one IP address can be assigned to several users, however some ISP's use Sticky Dynamic IP Addressing and do not change the IP address very often. Dynamic IP Addressing can be used by families with several computers or by a small business owner who has a home office. The software that comes with a router allows for Dynamic Host Configuration Protocol (DHCP) setup and assigns each computer attached to the router an IP address automatically. In contrast, Dynamic IP addressing should not be used for VOIP, VPN, playing online games or game hosting because Dynamic IP addressing is less reliable then Static IP addressing and could cause the service to disconnect while you are on a VOIP, VPN or gaming. Notes 19 | P a g e January 2015 FEATURES AND ROLES OF SERVER 2008 R2 What is Server Manager? Server Manager is a new feature that is included in Windows Server 2008, which is designed to guide information technology (IT) administrators through the process of installing, configuring, and managing server roles and features that are part of the Windows Server 2008 release. Server Manager is launched automatically after the administrator completes the tasks listed in Initial Configuration Tasks. If the Initial Configuration Tasks window has been turned off, Server Manager is also launched automatically when an administrator logs on to the server. Level 6 Mod B – Networking Server Manager is a Microsoft Management Console (MMC) snap-in that provides a consolidated view of the server, including information about server configuration, status of installed roles, and links for adding and removing roles and features. Server Manager replaces a number of features from Microsoft Windows® Server® 2003 such as Manage Your Server, Configure Your Server, and Add or Remove Windows Components. It is composed of the following elements: A new feature in Windows Server 2008 that is started automatically after setup is complete, Initial Configuration Tasks helps the administrator complete the setup and initial configuration of a new server. It includes tasks such as joining the server to an existing domain, enabling Windows Update, and configuring feedback sent to Microsoft. Initial Configuration Tasks: Add Roles Wizard: Add Role Services Wizard: Add Features Wizard: Remove Roles Wizard: Use this wizard to add one or more roles to the server. The Add Roles Wizard automatically checks for dependencies between roles, and ensures that all required roles and features are installed based on user selections. For some roles, such as Terminal Services and Active Directory Certificate Services, the Add Roles Wizard also provides configuration pages that allow the user to specify how the role should be configured as part of the installation process. Some roles, such as File Services, Terminal Services, and Active Directory Certificate Services, are composed of multiple sub-elements, which are identified as role services in the Server Manager interface. After a role is installed, you can add more role services by using the Add Role Services Wizard. Similar to the Add Roles Wizard, this wizard enables you to install features on the server. the computer. Use this wizard to remove a role that is no longer needed on Use this wizard to remove a role service that is no longer needed on the computer. Remove Role Services Wizard: Remove Features Wizard: Role management home pages: Use this wizard to remove a feature that is no longer needed on the computer. When Server Manager starts, it detects which roles are installed. For each installed role, a role management home page is added to ©2015 - National Technology Institute Server Manager. Role home pages provide a high-level view of the status of each role (for example, which services are running, errors that are logged to the event log) as well as links to role-specific tools and Help content. Tools on the role management home page allow you to filter events displayed in the Summary area, and set preferences for Windows system services that are required by the role. A new command-line feature in Server Manager allows unattended installation and removal of Windows Server 2008 technologies. The ServerManagerCmd.exe command-line tool exposes the key set of Server Manager Tasks, such as installation or removal of roles, role services and features, validation, and querying the current state of the computer. It also allows for installation or removal of multiple roles, role services, or features in a single command instance by using XML answer files. Command-line tools: 21 | P a g e January 2015 Level 6 Mod B – Networking Notes ©2015 - National Technology Institute ADDS (Active Directory Domain Services) The first step is to assign an IP to the server that you going to deploy the AD. It’s necessary to install it as DNS server too. So it’s better to have fixed IP it doesn't mean you cannot install AD without fixed IP address but it will solve lot of issues if you used fixed IP. Windows Server 2008 can properly install and configure DNS during the AD DS installation if it knows that the DNS is local. You can accomplish this by having the private network adapter’s preferred DNS server address point to the already assigned IP address of the same private network adapter, as follows: From the Windows Start menu, open Administrative Tools > Server Manager. In the Server Summary section of the Server Manager window, click View Network Connections. In the Network Connections window, right-click the private adapter and select Properties. 23 | P a g e January 2015 Level 6 Mod B – Networking Select Internet Protocol Version 4, and then click Properties. ©2015 - National Technology Institute Copy the IP address that is displayed in the IP address box and paste it into the Preferred DNS server box. Then, click OK. Click OK in the Properties dialog box, and close the Network Connections window. Note: The last step for prepping W2K8 for AD is adding the proper Server Role. The “Active Directory Domain Services” Role will be added. This only installs the framework for W2K8 to become a DC and run AD. It does not promote the server to DC or install AD. Add the Active Directory Domain Services Role Adding the Active Directory Domain Services role installs the framework for Windows Server 2008 to become a DC and run AD DS. It does not promote the server to a DC or install AD DS. In the Server Manager window, open the Roles directory and in the Roles Summary section, click Add Roles. 25 | P a g e January 2015 On the Before You Begin page of the Add Roles Wizard, click Next. Level 6 Mod B – Networking On the Select Server Roles page, select the Active Directory Domain Services check box, and then click Next on this page and on the Confirmation page. Notes ©2015 - National Technology Institute On the Installation Progress page, click Install. 27 | P a g e January 2015 On the Results page, after the role is successfully added, click Close. Level 6 Mod B – Networking Enable the Remote Registry Open the Server Manager window if it is not already open. In the Properties area of the Local Servers page, click Remote Managemen. Select the Enable remote management of this server from other computers check box. Install Active Directory Domain Services (DCPROMO) Now that you have prepared the server, you can install AD DS. Tip: As an alternative to performing steps 1 through 3, you can type dcpromo.exe at the command prompt. Then, skip to step 4. If it is not already open, open the Server Manager window. Select Roles > Active Directory Domain Services. In the Summary section,click Run the Active Directory Domain Services Installation Wizard (dcpromo.exe). ©2015 - National Technology Institute On the Welcome page of the Active Directory Domain Services Installation Wizard, ensure that the Use advanced mode installation check box is cleared, and then click Next. Notes 29 | P a g e January 2015 Level 6 Mod B – Networking On the Operating System Capability page, click Next. Notes ©2015 - National Technology Institute On the Choose a Deployment Configuration page, select Create a new domain in a new forest and then clickNext. 31 | P a g e January 2015 Level 6 Mod B – Networking Notes On the Name the Forest Root Domain page, enter the domain name that you choose during preparation steps. Then, click Next. ©2015 - National Technology Institute Notes After the installation verifies the NetBIOS name, on the Set Forest Functional Level page, select Windows Server 2008 R2 in the Forest function level list. Then, click Next. 33 | P a g e January 2015 Level 6 Mod B – Networking Notes ©2015 - National Technology Institute The installation examines and verifies your DNS setting. On the Additional Domain Controller Options page, ensure that the DNS server check box is selected, and then click Next. 35 | P a g e January 2015 Level 6 Mod B – Networking In the message dialog box that appears, click Yes. Notes ©2015 - National Technology Institute On the Location for Database, Log Files, and SYSVOL page, accept the default values and then click Next. 37 | P a g e January 2015 Level 6 Mod B – Networking Notes On the Directory Services Restore Mode Administrator Password page, enter the domain administrator password that you chose during the preparation steps. This is not your admin password that was emailed to you during the creation of your server, although you can use that password if you want to. Then, click Next. ©2015 - National Technology Institute Notes On the Summary page, review your selections and then click Next. The installation begins. 39 | P a g e January 2015 Level 6 Mod B – Networking Notes If you want the server to restart automatically after the installation is completed, select the Reboot on completion check box. ©2015 - National Technology Institute If you did not select the Reboot on completion check box, click Finish in the wizard. Then, restart the server. After a few minutes, reconnect to your server by using the Console in your Control Panel or RDP. To log in, perform the following steps: a. Click Switch User, and then click Other User. b. For the user, enter the full domain name that you chose, followed by a back slash and Administrator. 41 | P a g e January 2015 c. Enter the password that was emailed to you when you first built the server. If you changed your password for the local admin account to this server before you began the installation of AD DS, use that password. d. Click the log in button. The installation of Active Directory Domain Services on your server is complete. Level 6 Mod B – Networking ©2015 - National Technology Institute DHCP A Dynamic Host Configuration Protocol (DHCP) is responsible for assigning IP addresses to the computers automatically. IP addresses assigned to the computers by DHCP server are known as dynamic IP addresses, and the computers that are configured to obtain the IP addresses automatically from the DHCP server are called DHCP client computers. To install and configure Dynamic Host Configuration Protocol (DHCP) on Windows Server 2008 R2, administrators must follow the steps given as below: Log on to Windows Server 2008 R2 computer with the domain administrator or enterprise administrator account credentials on which DHCP server is to be installed and configured. Make sure that the computer has been assigned with a static IP address. Ensure that the DNS server is available anywhere in the network and is properly configured. On the desktop screen, click Server Manager icon from the taskbar. On the Server Manager window, from the console tree in the left, make sure that Roles option is selected. On the right pane, make sure that the Roles Summary section is expanded. From the expanded section, click Add Roles. Click Add Roles On Add Roles Wizard window, click Next. 43 | P a g e January 2015 Check DHCP Server Checkbox On the DHCP Server page, click Next. On Select Network Connection Bindings page, make sure that the IP address representing the network connection that is to be bound is checked from the Network Connectionslist. Level 6 Mod B – Networking On Select Server Roles page, from the Roles list, check DHCP Server checkbox and click Next. ©2015 - National Technology Institute Notes Select Network Connection Click Next to continue. On Specify IPv4 DNS Server Settings page, populate the Preferred DNS serer IPv4 address and optional Alternate DNS server IPv4 address fields with the correct values. 45 | P a g e January 2015 Once specified, click Validate to confirm the availability of DNS server and click Next. Specify DNS Server Level 6 Mod B – Networking On Specify IPv4 WINS Server Settings page, leave everything as default and click Next. On Add or Edit DHCP Scopes page, click Add. On Add Scope box, populate the Scope name, Starting IP address, and Ending IP address fields with the desired values and click OK. ©2015 - National Technology Institute Add Scope Back on Add or Edit DHCP Scope page, click Next. On Configure DHCPv6 Stateless Mode page, leave everything as default and click Next. On Specify IPv6 DNS Server Settings page, leave everything as default (assuming that the network setup doesn’t have IPv6 addressing scheme) and click Next to proceed. On Authorize DHCP Server page, make sure that the Use current credentials radio button is selected. Alternatively, Use alternate credentialsradio button can also be selected to specify the domain admin credentials that is to be allowed to authorize DHCP server in AD DS. Authorize DHCP Note: Authorize DHCP Server page will be displayed only when an Active Directory Domain Controller is present in the network. In case the Active Directory Domain Controller is absent, the page is not displayed. Click Next to proceed. On Confirm Installation Selections page, review the settings and click Install to start the DHCP installation and configuration process. Once installed, click Close on the Installation Results page. 47 | P a g e January 2015 Close Server Manager window when done. Level 6 Mod B – Networking ©2015 - National Technology Institute Installing Printer Adding a network printer was certainly easier in Windows Server 2003. It’s not difficult in Windows Server 2008, just several more steps. As I’m in the process of re-installing my main workstation I thought I would blog how to add a network printer in Windows Server 2008 R2 – hopefully saving someone else some time! Like everything all components in Windows Server 2008, components are broken down to Roles and Features. To add a network printer, you need to install ‘Print and Document Services’ role. This role enables centralisation of print servers and network printer tasks. Note: before you begin, ensure you have installed the latest drivers for your printer. Open Server Manager and navigate to roles. Select ‘Add Roles’ in the right pane. Select Next to begin in the ‘Add Roles Wizard’. 49 | P a g e January 2015 Level 6 Mod B – Networking Locate and select ‘Print and Document Services’ role. ©2015 - National Technology Institute You have option to install four role services: Print Server Print Server role service installs the Print Management snap-in and is used for managing multiple printers or print servers and migrating printers to and from other Windows print servers. After you share a printer, Windows enables the File and Printer sharing exception in Windows Firewall with Advanced Security. LPD Service Line Printer Daemon (LPD) Service installs and starts the TCP/IP Print Server (LPDSVC) service. This enables UNIX-based computers or other computers that are using the Line Printer Remote (LPR) service to print to shared printers on this server. An inbound exception is created for port 515 in Windows Firewall with Advanced Security. Internet Printing Internet Printing role service creates a Web site enabling users to: Manage print jobs on the server. Use a Web browser to connect and print to shared printers on the server by using the Internet Printing Protocol (IPP). (Users must have Internet Printing Client installed.) Distributed Scan Server Distributed Scan Server role service receives and routes scanned documents from network scanners. Scan Management snap-in is installed to manage network scanners and configure scan processes. 51 | P a g e January 2015 Level 6 Mod B – Networking Select ‘Install’ to install the role services. ©2015 - National Technology Institute Once installed click Close to complete the installation. In Server Manager a Print and Document Services management snap-in has been added. Navigate to ‘Roles’ > ‘Print and Document Services’ > ‘Print Management’ > ‘Print Servers’ > [Print Server Name] > Printer. Right click and select ‘Add Printer…’ 53 | P a g e January 2015 This begins the Network Printer Installation Wizard. Select the correct option for you. If you are searching the network for printers or adding the printer by TCP/IP address ensure you have the correct privileges. Level 6 Mod B – Networking For this example I have the printer connected. Select ‘Add a new printer using an exiting port’ option and select ‘Next’. ©2015 - National Technology Institute Select ‘Use an existing printer driver on the computer’ and select the printer from the drop down. Enter a friendly name for the printer; you have the option to share the printer at this point. Select Next to begin installing the network printer. 55 | P a g e Level 6 Mod B – Networking January 2015 It is advisable to print a test page. To do this select the ‘Print test page’ option and select ‘Finish’. ©2015 - National Technology Institute A test document should now be printing. In you return to Server Manager Print and Document Services snap-in you will see the printer server installed. 57 | P a g e January 2015 Install an HP printer and ask your tutor to check whether it is working or not? Mention the steps below of how to install the printer on your server. Level 6 Mod B – Networking Notes ©2015 - National Technology Institute Organisational Units (OU’s) An organizational unit (OU) is a container within a Microsoft Active Directory domain which can hold users, groups and computers. It is the smallest unit to which an administrator can assign Group Policy settings or account permissions. Organizational units are Active Directory containers into which you can place users, groups, computers, and other organizational units. An organizational unit cannot contain objects from other domains. An organizational unit is the smallest scope or unit to which you can assign Group Policy settings or delegate administrative authority. Using organizational units, you can create containers within a domain that represent the hierarchical, logical structures within your organization. Creating and Managing OU’s Start by opening up your Server Manager, then expand the Roles section. Next expand the Active Directory Domain Services section and click on Active Directory Users and Computers. To create a new Organization Unit, right-click on your domain name, point to the New option and then select Organizational Unit. 59 | P a g e January 2015 Type in the name of your OU and make sure that the box is checked next to Protect container from accidental deletion. When done, click OK. We now have a new Organizational Unit in our Active Directory. Level 6 Mod B – Networking Create 5 OU’s with your desired names and ask your tutor to check Notes ©2015 - National Technology Institute 61 | P a g e January 2015 User How to Create a New User Account in Active Directory Level 6 Mod B – Networking To start let’s go ahead and open up Server Manager Next we will open up the Roles section, next to Active Directory Users and Computers section and finally the Active Directory Users and Computers. You should now see your domain name. We are going to click on our Users section where we are going to create a new User Account. To do so, right-click on the blank section, point to New and select User. In this window you need to type in the user’s first name, middle initial and last name. Next you will need to create a user’s logon name. When done, click on the Next button. ©2015 - National Technology Institute In the next window you will need to create a password for your new user and select appropriate options. In our example we are going to have the user change his password at his next logon. You can also prevent a user from changing his password, set the password so that it will never expire or completely disable the account. When you are done making your selections, click the Next button. 63 | P a g e January 2015 And finally, click on the Finish button to complete the creation of new User Account. Level 6 Mod B – Networking Create 2 different users in the OU’s you created before, make sure that every OU should have 2 different users with their account “disabled” Notes ©2015 - National Technology Institute Logon Hours Open up Active Directory Users and Computers, and double click on the user you want to limit or right click on the user and select properties. Then move over to the accounts tab, and click on the button that says “Logon Hours” 65 | P a g e Level 6 Mod B – Networking January 2015 Once you click on that button, a window will appear that allows you to select the hours the user can logon. Simply make your choice, and now the user is limited to logon the hours you selected. If they try to logon during a restricted time, they will be greeted with this message: ©2015 - National Technology Institute Now you don’t have to worry about users sneaking in when they shouldn’t be. Create different logon hours for every user you just created and ask your tutor to check whether they are working or not? Notes 67 | P a g e January 2015 Group Policy Object (GPO) In Windows Server 2008 R2, a Group Policy Object (GPO) is a collection of settings that define what a system will look like and how it will behave for a defined group of users. Microsoft provides a program snap-in that allows you to use the Group Policy Microsoft Management Console (MMC). The selections result in a Group Policy Object. The GPO is associated with selected Active Directory containers, such as sites, domains, or organizational units (OUs). The MMC allows you to create a GPO that defines registrybased polices, security options, software installation and maintenance options, scripts options, and folder redirection options. To create a Group Policy object Level 6 Mod B – Networking 1. In the GPMC console tree, right-click Group Policy Objects in the forest and domain in which you want to create a GPO. 2. Click New . 3. In the New GPO dialog box, specify a name for the new GPO, and then click OK . ©2015 - National Technology Institute To edit a Group Policy object 1. In the GPMC console tree, double-click Group Policy Objects in the forest and domain containing the GPO that you want to edit. 2. Right-click the GPO, and then click Edit . 3. In the console tree, edit the settings as appropriate Create 4 different GP in your current console and show it to your tutor Notes 69 | P a g e January 2015 Home Folder Creating Home Folder for the User To create home folder for the user, Select a drive e.g. volume (F :) Right click in the drive and select New then folder from the menu to create new folder Level 6 Mod B – Networking ©2015 - National Technology Institute After creating New folder Rename it as the Home Folder in the F: drive Right click on the Home Folder and select properties from the menu 71 | P a g e January 2015 In the Home Folder properties Window click on Sharing tab and select Advance Sharing to set the sharing permissions for the folder Level 6 Mod B – Networking ©2015 - National Technology Institute In the Home Folder properties window click on add tab, In the Select Users, Computers, Groups Window write the user account name (LubnaAijaz) or click on Check Names tab to select user name for setting Home Folder permissions on the user account and click OK Select the check boxes Full Control Change and Read for the specified account (LubnaAijaz) click Apply to get the changes 73 | P a g e January 2015 The Home Folder is now shared for the user account Level 6 Mod B – Networking ©2015 - National Technology Institute Continuing the steps creating home folder for the user account select Start menu, administrative Tools and then active Directory Users and Computers In active Directory Users and Computers window select the user account (LubnaAijaz in the Students OU) right click and select Properties 75 | P a g e January 2015 In the user account properties (LubnaAijaz) select Profile Tab. In the Home folder select Connect radio button, select drive letter (L) and go to: define path of HomeFolder\\ServerName\HomeFolder\UserName (\\SystemDC\HomeFolder\Lubna) click OK to get settings Level 6 Mod B – Networking ©2015 - National Technology Institute Client Side View You can login and check the configuration for the user account to do so Login to system and follow the steps: Select Start menu and go to Computer In the computer window you can now check the drive (L :) created for user account (LubnaAijaz) 77 | P a g e January 2015 Level 6 Mod B – Networking Create a home folder named NTI and show it to your tutor, make sure that the sharing is working and that the permission is set to only read-only. ©2015 - National Technology Institute Domain Controller Policy Domain security policy settings provide Active Directory with domain-wide security options for handling authentication and authorization of Active Directory security principals. These policy settings are implemented as security settings within the Default Domain Policy GPO. Domain policy is applied to all security principal accounts in the domain, unless inheritance is specifically blocked or overridden by another policy. Security Policy settings are applied at the domain level by default for the following categories: Account Policies, which include: Password Policy Account Lockout Policy Modifying Domain Security Policy You can make changes to Group Policy by modifying the default GPO or by creating a new GPO. The recommendation for making changes to domain security policy is to always modify the default GPO. The primary reason for this recommendation is that APIs that were developed for earlier versions of the operating system update policy settings in the Default Domain Policy GPO. For this reason, make all changes to domain security policy settings by editing this GPO. To increase comprehensive security for your domain, apply the Password Policy, Account Lockout Policy, and Kerberos Policy settings that are recommended in this guide. Password Policy In Windows Server 2003, the most common means of authenticating a user’s identity is the use of secret user passwords. After a user has been identified and authenticated, the user can perform any tasks or access any resource for which the user’s account is authorized. Strong passwords generally enhance security for Active Directory users. Using strong passwords helps avoid the threat of an unauthorized user guessing (cracking) a weak password and acquiring the credentials of the compromised user account. This benefit applies especially to administrative accounts, because an unauthorized user could obtain administrative credentials and thereby gain elevated privileges. A complex password that changes regularly reduces the likelihood of a successful spoofing attack. Password Policy settings control the complexity and lifetime for passwords. Table 13 includes the default and recommended Password Policy settings for a domain. 79 | P a g e January 2015 Level 6 Mod B – Networking Table 13 Default and Recommended Password Policy Settings Policy Default Recommended Comments Enforce password history 24 passwords remembered (No change) Prevents users from reusing passwords. Maximum password age 42 days (No change) N/A Minimum password age 1 day (No change) Prevents users from cycling through their password history to reuse passwords. Minimum password length 7 characters (No change) Sets minimum password length. Password must meet complexity requirements Enabled (No change) For the definition of a complex password, see “Creating a Strong Administrator Password” in theEstablishing Secure Domain Controller Build Practices section. Store password using reversible encryption Disabled (No change) N/A Account Lockout Policy More than a few unsuccessful password tries during the logon process can represent an attempt by an attacker to determine an account password by trial and error. Windows Server 2003 keeps track of logon attempts, and it can be configured to respond to this type of attack by disabling the account for a preset period of time. This response is referred to as account lockout. Account Lockout Policy settings control the threshold for this response and the actions to be taken when the threshold is reached. Table 14 includes the default and recommended Account Lockout Policy settings. ©2015 - National Technology Institute Table 14 Default and Recommended Account Lockout Policy Settings Policy Default Recommended Reason Account lockout duration Not defined 0 minutes The value 0 means that after account lockout an Administrator is required to reenable the account before account lockout reset has expired. Account lockout threshold 0 invalid logon attempts 20 invalid logon attempts The value 0 means that failed password tries never cause account lockout. Not defined 30 minutes Reset account lockout counter after Because an account lockout duration of 0 minutes (administrator reset) is recommended, a small number for this setting can result in frequent administrator interventions. This setting protects against a sustained dictionary attack by imposing a nontrivial delay after 20 unsuccessful attempts. Notes Create some password policy and account lockout policy and ask your tutor to check. 81 | P a g e Level 6 Mod B – Networking January 2015 ©2015 - National Technology Institute IP Security Policy An IPsec policy consists of general IPsec policy settings and rules. General IPsec policy settings apply, regardless of which rules are configured. These settings determine the name of the policy, its description for administrative purposes, key exchange settings, and key exchange methods. One or more IPsec rules determine the types of traffic IPsec must examine, how traffic is treated, how to authenticate an IPsec peer, and other settings. After the policies are created, they can be applied at the domain, site, OU, and local level. Only one policy can be active on a computer at one time. Policies distributed and applied using Group Policy objects override local policies. Creating a policy Unless you are creating policies on only one computer and its IPsec peer, you will probably have to create a set of IPsec policies to fit your IT environment. The process of designing, creating, and deploying policies can be complex, depending on the size of your domain, the homogeneity of the computers in the domain, and other factors. Typically, the process is as follows: Create IP filter lists that match the computers, subnets, and conditions in your environment. Create filter actions that correspond to how you want connections to be authenticated, data integrity to be applied, and data to be encrypted. The filter action can also be either Block or Permit, regardless of other criteria. The Block action takes priority over other actions. Create a set of policies that match the filtering and filter action (security) requirements you need. First, deploy policies that use Permit and Block filter actions and then monitor your IPsec environment for issues that might require the adjustment of these policies. Deploy the policies using the Negotiate Security filter action with the option to fall back to clear text communications. This allows you to test the operation of IPsec in your environment without disrupting communications. As soon as you have made any required refinements to the policies, remove the fall back to clear text communications action, where appropriate. This will cause the policies to require authentication and security before a connection can be created. Monitor the environment for communications that are not taking place, which might be indicated by a sudden increase in the Main Mode Negotiation Failures statistic. 83 | P a g e January 2015 To create a new IPsec policy Level 6 Mod B – Networking Right-click the IP Security Policies node, and then click Create IP Security Policy. In the IP Security Policy Wizard, click Next. Type a name and a description (optional) of the policy, and then click Next. Either select the Activate the default response rule check box or leave it unselected, and then click Next. If you are using the default response rule, select an authentication method, and then click Next. For more information about the default response rule, see IPsec Rules. Leave the Edit properties check box selected, and then click Next. You can add rules to the policy as needed. Add or change a rule to a policy To add a policy rule Right-click the IPsec policy, and then click Properties. If you want to create the rule in the property dialog box, clear the Use Add Wizard check box. To use the wizard, leave the check box selected. Click Add. The following instructions are for creating a rule using the dialog box. In the New Rule Properties dialog box, on the IP Filter List tab, select the appropriate filter list, or click Add to add a new filter list. If you have already ©2015 - National Technology Institute created filter lists, they will appear in the IP Filter Lists list. For more information about creating and using filter lists, see Filter Lists. On the Filter Action tab, select the appropriate filter action, or click Add to add a new filter action. For more information about creating and using filter actions, seeFilter Actions. On the Authentication Methods tab, select the appropriate method, or click Add to add a new method. For more information about creating and using authentication methods, see IPsec Authentication. On the Connection Type tab, select the connection type to which the rule applies. For more information about connection types, see IPsec Connection Type If you are using a tunnel, specify the endpoints on the Tunnel Settings tab. By default, no tunnel is used. For more information about using tunnels, see IPsec Tunnel Settings. Tunnel rules cannot be mirrored. When all the settings are complete, click OK. To change a policy rule Right-click the IPsec policy, and then click Properties. In the Policy Properties dialog box, select the rule, and then click Edit. In the Edit Rule Properties dialog box, on the IP Filter List tab, select the appropriate filter list, or click Add to add a new filter list. For more information about creating and using filter lists, see Filter Lists. On the Filter Action tab, select the appropriate filter action, or click Add to add a new filter list. For more information about creating and using filter actions, see Filter Actions. On the Authentication Methods tab, select the appropriate method or click Add to add a new method. For more information about creating and using authentication methods, see IPsec Authentication. On the Connection Type tab, select the connection type to which the rule applies. For more information about connection types, see IPsec Connection Type. If you are using a tunnel, specify the endpoints on the Tunnel Settings tab. By default, no tunnel is used. For more information about using tunnels, see IPsec Tunnel Settings. When all the settings are complete, click OK. 85 | P a g e January 2015 Windows Server Backup The Windows Server Backup feature provides a basic backup and recovery solution for computers running the Windows Server® 2008 operating system. Windows Server Backup introduces new backup and recovery technology and replaces the previous Windows Backup (Ntbackup.exe) feature that was available with earlier versions of the Windows operating system. The Windows Server Backup feature in Windows Server 2008 consists of a Microsoft Management Console (MMC) snap-in and command-line tools that provide a complete solution for your day-to-day backup and recovery needs. You can use four wizards to guide you through running backups and recoveries. You can use Windows Server Backup to back up a full server (all volumes), selected volumes, or the system state. You can recover volumes, folders, files, certain applications, and the system state. And, in case of disasters like hard disk failures, you can perform a system recovery, which will restore your complete system onto the new hard disk, by using a full server backup and the Windows Recovery Environment. You can use Windows Server Backup to create and manage backups for the local computer or a remote computer. You can also schedule backups to run automatically and you can perform one-time backups to augment the scheduled backups. To install backup and recovery tools Level 6 Mod B – Networking Click Start, click Server Manager, in the left pane click Features, and then in the right pane click Add Features. This opens the Add Features Wizard. In the Add Features Wizard, on the Select Features page, expand Windows Server Backup Features, and then select the check boxes for Windows Server Backup and Command-line Tools. You will receive a message that Windows PowerShell is also required to be installed with these features. Click Add Required Features, and then click Next. On the Confirm Installation Selections page, review the choices that you made, and then click Install. If there is an error during the installation, it will be noted on the Installation Results page. Then, to access these backup and recovery tools, do the following: o To access the Windows Server Backup snap-in, click Start, click Administrative Tools, and then click Windows Server Backup. ©2015 - National Technology Institute Launching the “Backup Once” wizard Click on “Backup Once…” in the Actions pane: In Step 1, the wizard asks you if you want to run a manual backup using the same settings as the existing scheduled backup or a brand new backup: 87 | P a g e January 2015 Choose “Different Options” Level 6 Mod B – Networking In Step 2, you are asked if you want a Full Server or if you want to “pick and choose”: ©2015 - National Technology Institute Select “Full Server” In Step 3, you specify the destination type: 89 | P a g e January 2015 Choose “Local drives” Level 6 Mod B – Networking In Step 4, you specify the destination: ©2015 - National Technology Institute Here the USB drive appears as E: You will see a final warning: Click “OK” (you do not want to backup the backup!) (Actually, you really do not have a choice: “Cancel” brings you back to Step 4) A confirmation window will appear and then the backup will start: 91 | P a g e January 2015 Notice that WBS separates the backup into 4 items: Level 6 Mod B – Networking System Reserved (boot and system volume information) Local Disk (it will contain the data) System State (information about the server) Bare metal recovery (information needed to recover to a new hardware) And it is done: ©2015 - National Technology Institute The 14 GB backup was created in about 10 minutes. This wizard is very simple. After you have launched it once, it is just a matter of clicking Next-Next (except the very first screen where you have to choose “Different Options). You can repeat this manual task every week, just before leaving work and let it run. You will always have a “Full Server” backup to rely on. 93 | P a g e January 2015 Windows Restore In the “Recover” wizard, WSB does not differentiate a “Full Server” backup from a “Custom” backup. It will just ask the date of the backup you want to use: Level 6 Mod B – Networking And then the type of restore: ©2015 - National Technology Institute Choose “Files and Folders” 95 | P a g e January 2015 Browse to the desired files or folders. Level 6 Mod B – Networking The wizard will restore them where you want (original or another location). ©2015 - National Technology Institute Notes _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ 97 | P a g e January 2015 _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ Level 6 Mod B – Networking _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ ©2015 - National Technology Institute _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ 99 | P a g e January 2015 _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ Level 6 Mod B – Networking _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ _____________________________________________________________________________________________________________ ©2015 - National Technology Institute
