New Names in Active Directory 2008

New Names in Active Directory 2008:-

Lightweight Directory Services (AD-LDS):-

• AD LDS Provides an LDAP accessible directory services that supports identity managements scenarios

• Removes all other AD DS features

                  - No Kerberos authentication
                  - No forests, domain, DC, GC, sites, group polocies
                  - No dependency on DNS

• Each AD LDS server can host multiple directory stores (i.e. instances)

• Within each instance

                  - Schema partition
                  - Configuration Partition
                  - Zero or more application partition

Rights Managements Services (AD-RMS):-

• RMS enables customers to keep internal information internal

                  - Confidential files protection
                  - E-mail forwarding
                  - Web application

• Benefits

                  - Safeguards sensitive internal information
                  - Digitally enforce organization policies

Federation Services (AD-FS):-

• AD FS Provides an identity solution

• AD FS is a services that allows for the creation of federated relationships between organizations for web application authentication

• Deploy federation server in multiple organization to facilitate business-to-business (B2B) transactions

• AD FS provides a Web-based Single Sign-on (SSO) solution

• AD FS improves in windows Server 2008

Certificate Services (AD-CS):-

• AD CS Provides PKI certification issuance and managements services

• Not significantly different than CS in 2003

• Provides certificate issuance and certification Authority (CA) service

• Issues Digital certificates to web server for Secure data transfer (HTTPS) 

Upgrading Windows 2003 to 2008:-

• Windows Server 2003 can be upgrades to same flavor of windows server 2008

                 - EX: Win 2003 Enterprise to Win 2008 Enterprise

• Requirements

                 - Windows 2003 Service pack 1 or higher
                 - “C” Drive should have at least 10GB of Free space to upgrade
                 - Upgrade installation should start from the Console only

System-specific data that must be backed up:-

• System-specific data that must be backed up

                 - Registry
                 - Boot files – including system files
                 - Active Directory Database
                 - SYSVOL Directory

Installing/Uninstalling Backup Tool on Server Core:-

• To install windows server Backup tool

                - Start/w ocsetup WindowsServerBackup

• To Uninstall Windows Server Backup /uninstall

                - Start/w ocsetup WindowsServerBackup /uninstall


System State Data Backup and Recovery:-

• To start SSD Backup

                - Go to Cmd
                - WEADMIN START SYSTEMSTATEBACKUP –BACKUPTARGET:F:

• To start SSD Recovery

                - Restarting the D.C in DSRM (Directory Service Restore Mode) safe Mode by pressing 
                   “F8” during the system startup and login as Administrator
                - Go to Cmd
                - WBADMIN START SYSTEMSTATERECOVERY –VERSION:01/01/2009-90:00

Destributed File System

Destributed File System:-

• Distributed file system (DFS) allows Administrators to make it easier for users to access and manage file that are physically distributed across a network.

• With DFS, you can access make file distributed across multiple servers. It may appear for user that files actually reside in one place (computer) on the network.

Windows Server 2008 Server Core

What is Server Core? :-

• Only the core components of Operating system and a subnet of the executable files will be installed

• GUI interface will not be installed

• Windows Explorer, Internet Explorer etc will not be installed

• Can be managed with remote tools

Server Core Features:-

• Reduced software maintenance

• Low attack surface

• Reduced Management

• Less disk space required

Basic Configuration Commands:-

• To view the computer name

                - Set C (or) Hostname

• To view the Username & UserDomain

                - Set U

• To view the current logged on User

                - Whoami

• To view the ip address

                - ipconfig (or) ipconfig/all

• To view available network adapters

                - netsh interface ipv4 show interfaces

• To set an automatic ip address

                - netsh interface ipv6 set address name=”Local Area Connection” source=dhcp

• To assign an static ip address

                - netsh interface ipv4 add address “Local Area Connection” 10.0.0.1 255.0.0.0

• To assign an DNS server address

                - netsh interface ipv4 add answer “Local Area Connection” 10.0.0.1

• To disable the Windows firewall

                - netsh firewall set opmode=disable

• To rename a computer name

                - Netdom renamcomputer WIN-S0254RTEF/NewName:sys2-core

• To join the server to the domain

                - Netdom join Sys2-core /Domain:Zoom.com /UserD:Administartor/PasswordD:*

• To restart the computer

                - Shutdown /r

• To view the installed roles and features

                - Oclist

Installing/Uninstalling Server Role on Server Core:-

• To install DNS server role

                - Start /w ocsetup DNS-Server-Core-Role

• To uninstall DNS server role

                - Start /w ocsetup DNS-Server-Core-Role/Uninstall

• To install DHCP server role

                - Start /w ocsetup DHCPServerCore

• To uninstall DHCP server role

                - Start /w ocsetup DHCPServerCore /Uninstall
Backup and Recovery:-

• Copy data alternate media

• Prevent data loss

• Only Administrator can backup the data

WINDOWS DEPLOYMENT SERVICES (WDS)

 WINDOWS DEPLOYMENT SERVICES (WDS):-

• Windows Deployment Services enables you to deploy Windows operating systems, particularly Windows Seven and Windows Server 2008.

• You can use it to set up new computers by using a network-based installation. This means that you do not have to be physically present at each computer and you do not have to install each operating system directly from a CD or DVD.

Required of WDS-Deployment Server:-

• DHCP Server

• DNS Server

• Active Directory – Domain Services

• An NTFS Partition to Store images

 How WDS Work? :-

Types of Clients:-
1. Known Clients

• A Known Client is one whose computer account has been pre-created (Pre-staged) in Active directory.

2. Un-known Client

• A UN-Know Client Computer is one whose computer account has been per-staged in Active directory.

Types of Images:-
1. Boot Image

• It is a WIM file you can use to boot a computer to begin the deployment of an O.S to the computer.

2. Install Images

• It is a image of windows Vista or Windows server 2008 O.S itself that you want to deploy onto the client computer.

3. Capture Image

• It is a special boot image that you use to boot a master computer and upload an image to WDS server.

4. Discover Image

• It is a boot that you to deploy that you use to deploy an install image onto a computer that is not PXE enabled.

TERMINAL SERVICES

Modes of Terminal Services:-
1. Remote Administrator Mode

• Specially designed for remote management of server.

• Only two connections are Supported

• License is not required.

2. Application Server Mode

• Specially designed to use multiple application from terminal server.

• Unlimited connection supported.

• License should be purchased.

Terminal Services Sessions:-
Disconnect Session

•  If the Session is disconnected all the programs will continue to run in the background & the user can reconnect to same session

Logoff Session

• If the Session is logged off then all programs will be closed and next time new session will be established

Features of Terminal Services:-

• Terminal Server

• TS Licensing

• TS Session Broker

• TS Gateway

• TS Web Access

                - Remote App
Terminal Server:-

• Users can connect to a terminal server to run programs, to save file, and to use network resources on that server.

• Users can access a terminal server from within a corporate network or from the by using Remote Desktop Connection.

TS Licensing:-

• Terminal Services Licensing (TS Licensing) manages the terminal Services client access licenses (TS CALs) that are required for each device or user to a terminal server.

• Remote Desktop support two concurrent connections to remotely administer a computer. You do not need a license server for these connections.

TS Session Broker:-

• Allows a user to reconnect to their existing in a load balanced terminal servers.

• Enables you to evenly distribute the session load between servers in a load-balanced terminal servers

TS Gateway:-

• Terminal Services Gateway (TS Gateway) enables authorized remote users to connect to resources on a private network.

• The network can be terminal server, or computer with Remote Desktop enabled.

TS Web Access:-

• TS Web Provides access to a Terminal Server through a web browser.

• Users can visit a Web site (either from the internet or from the intranet) to access a list of available Remote App programs.

REMOTE ACCESS SERVICES (RAS)

How Dial-Up Network Access Work:-

• Dial-up client make a temporary connection to a remote access server by using.

Components of a Dial-Up Connection:-

How a VPN Connection Work:-

• A virtual private network (VPN) extends a private network across a public network, such as the internet.

Components of a VPN Connection:-

ROUTING

ROUTER

• It is device to communicate between two different networks.

ROUTING

• It is process of sending the data packets through the best path to reach the destination.

DEFAULT GATEWAY

• It gives exit point (or) entry point to reach the destination.

Types of Routing:-
1. Static Routing

• Routes should be added manually on the router by the administrator.

2. Dynamic Routing

• Routes will be added automatically by the router with the help of routing protocols

Types of Routers:-
1. Software Router

• It is a computer which performs routing task as one of its multiple tasks.

2. Hardware Router

• It is Dedicated HARDWARE DEVICE which works only as a router.

Router and Remote Access Service (RRAS):-

• Routing and Remote Access is a service that performs routing as one of its multiple processes.

NAT:-

• Provides access to internet from a protected private address range.

• Translates Private IP’s to public IP’s & vice-versa for outgoing and incoming traffic

• Hide private IP address range from the internet

• Can be used with DHCP or can be configured to assign IP to Client

How NAT works:-

DHCP Relay Agents:-

• A DHCP Relay agent is a computer or router that listens for DHCP Broadcasts from DHCP client and then relay(sends) those messages to DHCP Server on the another network.

How a DHCP Relay Agent Works? :-