Microsoft Learning
Ignite | May 4 – 8, 2015 | Chicago, IL

Mark Grimes
Senior Consultant
Microsoft Consulting Services

•
•
•
•
•
•
•
Residence, SE MI
18 Years MCT, 10 years ft active
10 years consulting
½ with Partner, ½ @Microsoft
Lead Internal Identity Technical
Communities
Lead multiple internal Azure
Cert programs
Losing weight fast with Joe
Cross’ plan!

70-410

MCSA: Windows Server 2008
MCITP: Server Administrator on Windows Server 2008
MCITP: Enterprise Administrator on Windows Server 2008
MCITP: Virtualization Administrator on Windows Server 2008 R2
MCITP: Enterprise Messaging Administrator 2010
MCITP: Lync Server Administrator 2010
MCITP: SharePoint Administrator 2010
MCITP: Enterprise Desktop Administrator on Windows 7
MCDST: Windows XP
MCSE: Windows 2000
MCSA: Windows 2000
MCSA: Security on Windows 2000
MCSA: Security on Windows 2003
MCSA: Windows Server 2003
MCSE: Security on Windows 2000
MCSE: Security on Windows 2003
MCSE: Windows Server 2003
MCSA: Messaging on Windows Server 2000
MCSA: Messaging on Windows Server 2003
MCSE: Messaging on Windows Server 2000
MCSE: Messaging on Windows Server 2003

http://bit.ly/Ignite-Learning http://bit.ly/Ignite-VirtAcad http://bit.ly/Ignite-CertApp aka.ms/migrate/2008R2

Install servers
Configure servers
Configure local storage

EDITION
Datacenter
Standard
Foundation
Essentials
POSE INSTANCES
1
1
1
1 (POSE or VOSE)
VOSE INSTANCES
Unlimited
2
0
1 (POSE or VOSE)

Processor Limit
RAM
Max users
Routing and Remote Access
(RRAS)
Active Directory Services
Active Directory Certificate
Services
Hyper V / Server Core
File Services limits
Foundation
1
32GB
15
50
Root only
CA Only
Essentials
2
64GB
25
250
Root only
CA Only
Standard /
Datacenter
64
4TB
Unlimited
Unlimited
Full
Full
No No
1 Standalone DFS root 1 Standalone DFS root
Yes
Unlimited

Operating System

Minimum Requirements
1.4 GHz 64-bit processor (no upgrade path from a 32bit system)
512 MB RAM
32 GB available disk space (considered as the minimum)
DVD drive (not normally a pre-requisite)
Super VGA (1024 x 768) or higher resolution monitor
Keyboard and mouse (or other compatible pointing device)
Internet access
Supported Maximums
Component
Logical processors
WINDOWS SERVER 2012 WINDOWS SERVER 2008 R2
640 256
RAM 4 terabytes
Failover cluster nodes 64
2 terabytes
16

Used to keep the server builds simple and targeted
 Located at C:\Windows\WinSXS directory
 Can be removed and added later if need
 Install-Windows Feature or Uninstall-
Windows Feature
 Can reduce the total disk space used.
 Also works on VHD and VHDX
 Install-WindowsFeature <featurename> -Source wim:d:\sources\install.wim:2

Number of roles support by Server Core increased
12 of 19 roles are available
Roles not available
 Active Directory Federation Services
 Fax Server & Application Server
 Network Policy and Access Services
 Remote Desktop Services/Gateway
/Session Host/Web Access
 Volume Activation Services
 Windows Deployment Services
 To switch from Server full to Core Server
 SQL Server can now run on Server core
Uninstall-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra

DISM is your friend
..and my favorite DISM commands:
Dism.exe /online /Get-Features (run the cmd prompt with admin account)
Dism.exe /online /Enable-Feature /FeatureName:NetFx3
The ImageX tool has been deprecated in Server 2012 and has been replaced with DISM for image management.

Post installation tasks to consider:
• Configure the network connection
• Set the time zone
• Enable Remote
Desktop
• Rename the computer
• Join a domain

Support for 3 Different Modes in Server 2012 R2
Switch Independent Mode
• Incoming Traffic come through one card
• Unless virtual machines are in use
• Need to use Hyper-V Port or Dynamic
Static Teaming or LACP
• Requires hardware support
• 802.3ad or 802.1ax
• Incoming Traffic Controlled
NIC Teaming Powershell Cmd :
New-NetLbfoTeam NewTeam NIC1,NIC2
–TeamingMode Lacp
–LoadBalancingAlgorithm HyperVPorts

 Select a Partition Style
 Master Boot Record (MBR)
 GUID Partition Table (GPT)
 Select a Disk Type
 Basic Disks
 Dynamic Disks
 Divide Disk Into partitions
 Simple, Spanned, Striped, Mirrored, Raid 5
 Format the partitions
 NTFS, FAT32, FAT16

 Creating and Mounting VHDs
 VHDs original format
 VHDX a new version that supports up to 64TB
 Fixed vs Dynamically Expanding
 Server Manager Usage
 Take advantage of the Disk Management Snap-in
 Determine your storage layout
 Create Storage Pools
 Create simple volumes
 Understand Storage Pools

 64 Bit only
 Versions/editions and differences
 Things not in Core
 Disk Partitions, types, etc
 NIC Teaming
 DISM

You have a server named Core1 that runs a Core installation of
Server 2012 R2 Standard. You need to configure Core1 to run a
Core installation of Server 2012 R2 Datacenter Edition. You must achieve this goal using the least amount of administrative effort.
What should you do?
a.
b.
c.
d.
Use Servermanagercmd.exe
Perform an offline servicing using DISM
Perform an online servicing using DISM
Insert the Windows Server 2012 R2 media and use Setup.exe.
Reference: http://technet.microsoft.com/en-us/library/hh825265.aspx

Configure file and share access
Configure print and document services
Configure servers for remote management

Key tips to know …
• Network Only
• 1st line of defense
• Read, Change, Full Control
• Folders Only, Drive?
• Effective Permissions w/ Multiple
Group Membership
• Deny Always Wins
• Combine w/NTFS
• Administrative Shares
• Configuring Access-Base
Enumeration

Key tips to know …
• Configuring Offline Files
• Disk Quotas
• Volume Shadow Copy

Device management policy
File encryption / selective wipe
Require password / device lock
Limit access to registered devices
) ADFS ( https://workfolders.contoso.com
Authentication
Kerberos (Windows Auth)
Digest (Windows Auth)
ADFS (OAuth)
Data management
Quotas
File screens
Reporting
Classification
RMS protection

Key tips to know for the exam…
• File and Storage Services sub-role
• An additional access protocol
• Consolidated view of sync activity across your server
 Multiple Sync Shares per server
 Each share maps to a file system location
 Users/groups associated with a single share
 Policy defined per share
 Files stay in sync across all devices
 Local changes sync back to server and then to other devices
 SMB clients can continue to work directly with server files

Understand Windows Printing
 Print Devices Management
 Print Server Management
 Print Drivers
 Direct vs Network Printing
 Managing, Sharing Printers
 Migrating Printers
 Deploying Printers via GPO
 Consider Remote Desktop Easy Print

 Remember VSS applies to the ENTIRE
VOLUME!
 Understand the difference between basic and advanced permissions
 Remote Management is strongly encouraged!
 Don’t Forget about Quotas
 And storage pools

You create a volume on Disk 1 on the server and create a shared folder on that volume.
You want to enable the Volume Shadow Copy Service (VSS) on the shared folder. What step can you take to accomplish the task?
a. In the properties for the shared folder, enable shadow copy b. In the properties for the volume, enable shadow copy for the volume c. Use the xcopy command to enable shadow copy for the shared folder
Source:
MeasureUp

Create and configure virtual machine settings
Create and configure virtual machine storage
Create and configure virtual networks

hardware-assisted virtualization.
Intel VT AMD-V supports the virtualization hardware
Hardware-enforced Data Execution Prevention (DEP), must enable the Intel XD bit (execute disable bit) or the AMD NX bit (no execute bit).

Typical Features
Newer Features…

 Up to 2,048 virtual CPUs
 Up to 4 terabytes (TB) of physical memory
 One server can host as many as 1,024 active VMs
 Each VM can have up to 64 virtual CPUs
 Up to 1 TB of memory.
 Support clusters with up to 64 nodes and 8,000
VMs.

Server1 runs Windows Server 2012 R2 with the Hyper-V role installed.
Server1 runs many Virtual Machines (VMs). A Virtual Machine named VM1 is configured to use dynamic memory.
You are asked to increase the Startup RAM allocation on VM1. Your solution must cause the least amount of disruption to the users..
Which should you do?
a. Shutdown VM1, change the Startup RAM on VM1. Start VM1 b. Stop the Hyper-V service on Server1. Change the Startup RAM on
VM1. Start the Hyper-V service on Server1 c. While VM1 is running, change the Maximum RAM on VM1
Source:
MeasureUp

Configure IPv4 and IPv6 addressing
Deploy and configure Dynamic Host
Configuration Protocol (DHCP) service
Deploy and configure DNS service

Important factors to know about Addressing…
• Understand IPv4 Subnetting & Supernetting
• Understand IPv6 Addressing
• Assign an IPv6 Addresses and check the route (route print)
Tunneling
 Automatic or Manual Configuration
 6to4
 ISATAP
 Teredo
 NAT64

•
Understand the DHCP options available

DNS Terminology that you should know…
Host Name Resolution
• Forward and reverse lookups
• Types of DNS
• For AD-Integrated, what is the domain partition, forestDNSZone, and domainDNSZone?
• Records =SOA, NS, A, CNAME, PTR, SRV, and MX
Hint: replication scope

 Understand the Importance of Root Hints
 Know your subnetting!!!
 IPv6 Global Unique or Local Address
 Powershell is not the only way to configure DNS and DHCP settings
 Global Names can still be used
 Be able to distinguish between stub zones, forward & reverse lookup zones

Configure the correct DNS IP in the DHCP scope options

Install domain controllers
Create and manage Active Directory users and computers
Create and manage Active Directory groups and organizational units
(OUs)

Things to Remember In Active Directory




Powershell TidBits




 Automate, automate, automate!
 The Active Directory
Administrative Center
 DSADD, LDIFDE & CSVDE still around
Additional features:
 Recycle Bin
 Fine-Grained Passwords

Tell me something I may not know…



A few more details…



a. Create a system state backup from any Server 2008 R2 server b. Upgrade one of the existing Server 2008 R2 domain controllers to Server
2012 first and then create an IFM backup c. Create an IFM backup from any existing Sever 2008R2 backup

Group Policy objects (GPOs)
Configure Security Policies
Configure Application Restriction
Policies
Configure Windows Firewall

What is a Group Policy
Object (GPO) for?
 Deploy software, configure registry based settings, configure security settings http://aka.ms/GroupPolicyGuide

Types of GPOS
 Local GPOs
 Non-Local GPOs
 Starter GPOS
Group Policy objects
 2 default policies = Domain, Domain
Controller
Domain Admins, Group Policy Creator
Owners
Link to sites, domains, OUs
 Not link directly to users, groups, computers
 Can use security filtering
 Policy applies to user/computer

Deploy software
 Publish to users
 Assign to users
 Assign to computers
Software removal
Software Restriction
Policies
AppLocker
 Win7 & 2008 R2

• Remote GP update
• GP Infrastructure Status
• Windows RT GP Support
• Starter GPOS

a. Universal security groups b. Global Groups c. Domain Local Groups d. None. You can use all group types

http://borntolearn.mslearn.net/

http://blogs.msdn.com/b/microsoft_press/archive/2014/02/20/new-book-exam-ref-70-410-installing-and-configuring-windows-server-2012-r2.aspx

https://technet.microsoft.com/enus/virtuallabs/default

http://www.microsoftvirtual
academy.com/producttraining/windows-server

© 2015 Microsoft Corporation. All rights reserved.