The Complete Guide to Windows Server 2008 P1

---

Praise for The Complete Guide to Windows Server 2008 “John Savill’s The Complete Guide to Windows Server 2008 is comprehensive without being overwhelming. At over 1500 pages, the book is not light reading, but Savill does a superb job of explaining the features and functions of Windows Server 2008 in a way that the read- er can understand and apply. Rather than investing in a library of books, an administrator can just keep this book handy as a reference resource for all their Windows Server 2008 questions and needs.” —Tony Bradley, CISSP, Microsoft MVP, Director of Security, Evangelyze Communications “John Savill’s book is the kind of technology bible you don’t mind reading cover to cover. Often I find books with this much information just too deadly dull to actually read, but this is an exception. If you are an old hat, you might end up skipping the starts of chapters, as John makes few assumptions about what you already know—a very good thing overall.” —Patrick Hynds, CTO, CriticalSites Microsoft Regional Director “Of all the recent books on Windows Server 2008 I’ve read, this one provides the most com- plete coverage in an easy to digest manner. An aptly titled publication that I recommend for anyone working with Windows Server 2008.” —Alan Le Marquand, Content Architect, Technical Audience Global Marketing Team “With the number of changes being introduced in Windows Server 2008, a book like The Complete Guide to Windows Server 2008 is essential in any IT professional’s library. John Savill does an excellent job of introducing these changes. He also gives clear instructions on how to implement them. I would highly recommend to anyone who’s planning on mak- ing Microsoft’s latest server operating system part of their infrastructure to buy and read this book from cover to cover.” —Ed Roberts, Lethos Incorporated “This book is an invaluable one-stop reference for deploying, configuring, and managing Windows Server 2008. It’s filled with John’s unique and hard-earned nuggets of advice, helpful scripts, and shortcuts that will save you time and money.” —Mark Russinovich, Technical Fellow, Platform and Services Division, Microsoft “The Complete Guide to Windows Server 2008 by John Savill is, indeed, just that. It begins with one of the most clear, concise, and understandable explanations of the evolution of Windows from its earliest days that I have ever read. I expected to learn about Windows Server 2008, but along the way learned a great deal about Windows in general and Vista in particular. If you are looking for a guide to help you navigate the rapids on the way to imple- menting, running, and troubleshooting Windows Server 2008, this is an excellent choice.” —Jerry Tibor, Microsoft MVP, Windows Server “If you’ve got questions about Windows Server 2008, John Savill has the answers. Written by one of the industry’s true heavyweights, The Complete Guide to Windows Server 2008 is just that, your complete guide to planning, deploying, configuring, and administering a comput- ing environment based on the latest and greatest version of Windows Server. Highly recom- mended!” —Paul Thurrott, Windows IT Pro Magazine and SuperSite for Windows THE COMPLETE GUIDE TO WINDOWS SERVER 2008 This page intentionally left blank THE COMPLETE GUIDE TO WINDOWS SERVER 2008 John Savill Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Cape Town • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trade- marks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for inciden- tal or consequential damages in connection with or arising out of the use of the information or programs con- tained herein. The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Government Sales (800) 382-3419 [email protected] For sales outside the United States please contact: International Sales [email protected] Visit us on the Web: www.informit.com/aw Library of Congress Cataloging-in-Publication Data: Savill, John, 1975- The complete guide to Windows server 2008 / John Savill. p. cm. ISBN 0-321-50272-8 (pbk. : alk. paper) 1. Microsoft Windows server. 2. Operating systems (Computers) I. Title. QA76.76.O63S35654 2008 005.4’476—dc22 2008025996 Copyright © 2009 Pearson Education, Inc. All rights reserved. Printed in the United States of America. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or like- wise. For information regarding permissions, write to: Pearson Education, Inc Rights and Contracts Department 501 Boylston Street, Suite 900 Boston, MA 02116 Fax (617) 671 3447 ISBN-13: 978-0-321-50272-8 ISBN-10: 0-321-50272-8 Text printed in the United States on recycled paper at Edwards Brothers in Ann Arbor, Michigan. First printing September 2008 Dedicated to Julie, for showing me love and support that I never knew existed This page intentionally left blank CONTENTS AT A GLANCE Acknowledgments About the Author Preface Chapter 1: Windows 101: Its Origins, Present, and the Services It Provides Chapter 2: Windows Server 2008 Fundamentals: Navigating and Getting Started Chapter 3: Installing and Upgrading Windows Server 2008 Chapter 4: Securing Your Windows Server 2008 Deployment Chapter 5: File System and Print Management Features Chapter 6: TCP/IP Chapter 7: Advanced Networking Services Chapter 8: Remote Access and Securing and Optimizing the Network Chapter 9: Terminal Services Chapter 10: Active Directory Domain Services Introduction Chapter 11: Designing and Installing Active Directory Chapter 12: Managing Active Directory and Advanced Concepts Chapter 13: Active Directory Federated Services, Lightweight Directory Services, and Rights Management Chapter 14: Server Core Chapter 15: Distributed File System Chapter 16: Deploying Windows Chapter 17: Managing and Maintaining Windows Server 2008 Chapter 18: Highly Available Windows Server 2008 Chapter 19: Virtualization and Resource Management Chapter 20: Troubleshooting Windows Server 2008 and Vista Environments Chapter 21: Group Policy Chapter 22: The Command Prompt and PowerShell Chapter 23: Connecting Windows Server 2008 to Other Environments Chapter 24: Internet Information Services How To Quick Reference Index ix CONTENTS Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvii About the Author . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xviii Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xix Chapter 1: Windows 101: Its Origins, Present, and the Services It Provides . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Origin of the Windows Operating System . . . . . . . . . . . . . . . . . . . . . .1 Features of the Windows Server 2008 Product Line . . . . . . . . . . . . . . .21 Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 Chapter 2: Windows Server 2008 Fundamentals: Navigating and Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 Windows Vista at 30,000 Feet . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44 The Logon Experience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46 User Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50 Windows Elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56 The Desktop Windows Manager (DWM) . . . . . . . . . . . . . . . . . . . . . .64 Windows Aero Effects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67 Task Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 Fast User Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77 Windows Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78 The Microsoft Management Console . . . . . . . . . . . . . . . . . . . . . . . . .86 The Control Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96 Chapter 3: Installing and Upgrading Windows Server 2008 . . . . . .99 Installing Windows Server 2008 . . . . . . . . . . . . . . . . . . . . . . . . . . . .99 Upgrading to Windows Server 2008 . . . . . . . . . . . . . . . . . . . . . . .126 Contents xi Advanced Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130 Viewing Installation Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131 Automating Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139 Chapter 4: Securing Your Windows Server 2008 Deployment . . . .141 Authentication and Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . .142 The Physical Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143 BitLocker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145 Active Directory Certificate Services (ADCS) . . . . . . . . . . . . . . . . . . .156 Authentication Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171 Securing Windows Server 2008 . . . . . . . . . . . . . . . . . . . . . . . . . . .179 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224 Chapter 5: File System and Print Management Features . . . . . . . .225 File System Types and Management . . . . . . . . . . . . . . . . . . . . . . . .225 File Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240 File Server Resource Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . .257 Print Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333 Chapter 6: TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335 Internet Protocol (IP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335 Transmission Control Protocol (TCP) . . . . . . . . . . . . . . . . . . . . . . . . .355 User Datagram Protocol (UDP) . . . . . . . . . . . . . . . . . . . . . . . . . . . .356 Network Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357 IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362 Communication Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .368 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .376 Chapter 7: Advanced Networking Services . . . . . . . . . . . . . . . . . .377 DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .377 Domain Name System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .406 WINS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .450 xii Contents Chapter 8: Remote Access and Securing and Optimizing the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .451 Virtual Private Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .452 RADIUS and Policy Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .478 Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .486 Network Access Protection (NAP) . . . . . . . . . . . . . . . . . . . . . . . . . .488 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .519 Chapter 9: Terminal Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . .521 Enabling Remote Desktop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .526 Initiating a Remote Desktop Connection . . . . . . . . . . . . . . . . . . . . . .529 Terminal Server Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .544 Installing Terminal Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .558 TS Easy Print . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .559 TS Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .566 Remote Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .583 TS Web Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .594 TS Session Broker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .604 Management and Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . .612 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .621 Chapter 10: Active Directory Domain Services Introduction . . . . . . .623 Workgroups Versus Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .623 Exclusive Membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .627 Trusts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .630 Active Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .632 Domain and Forest Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .671 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .677 Chapter 11: Designing and Installing Active Directory . . . . . . . . . . .679 Adding a Replica Domain Controller . . . . . . . . . . . . . . . . . . . . . . . .679 Creating a New Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .698 Verifying Domain Controller Operation . . . . . . . . . . . . . . . . . . . . . .705 Creating a Domain Controller from Media . . . . . . . . . . . . . . . . . . . .715 Removing Domain Controllers and Domains . . . . . . . . . . . . . . . . . . .719 Read-Only Domain Controllers (RODCs) . . . . . . . . . . . . . . . . . . . . . .722 Contents xiii Trust Relationships . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .740 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .751 Chapter 12: Managing Active Directory and Advanced Concepts . . .753 Customizing Site Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . .753 Forcing a Demotion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .767 Managing AD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .777 Backing Up and Restoring AD . . . . . . . . . . . . . . . . . . . . . . . . . . . . .811 Auditing AD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .829 Advanced Password Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .834 Prune and Graft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .836 Upgrading AD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .836 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .849 Chapter 13: Active Directory Federated Services, Lightweight Directory Services, and Rights Management . . . . . . . . .851 Active Directory Lightweight Directory Services . . . . . . . . . . . . . . . . .852 Active Directory Rights Management Services . . . . . . . . . . . . . . . . . .865 Active Directory Federated Services . . . . . . . . . . . . . . . . . . . . . . . . .891 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .909 Chapter 14: Server Core . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .911 Overview of Windows Server Core . . . . . . . . . . . . . . . . . . . . . . . . .911 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .915 Server Core Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .918 Performing Common Actions Using Server Core . . . . . . . . . . . . . . . .940 Remotely Managing Server Core . . . . . . . . . . . . . . . . . . . . . . . . . . .942 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .952 Chapter 15: Distributed File System . . . . . . . . . . . . . . . . . . . . . . . . .953 Distribution of Other Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . .954 Distributed File System Namespace . . . . . . . . . . . . . . . . . . . . . . . . .957 Distributed File System Replication . . . . . . . . . . . . . . . . . . . . . . . . . .964 Installing and Configuring DFS . . . . . . . . . . . . . . . . . . . . . . . . . . . .969 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1008 xiv Contents Chapter 16: Deploying Windows . . . . . . . . . . . . . . . . . . . . . . . . . .1011 Image Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1011 Installing Windows Deployment Services . . . . . . . . . . . . . . . . . . . .1017 Customizing the Windows Vista Deployment Process . . . . . . . . . . . .1041 Automating the Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1049 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1083 Chapter 17: Managing and Maintaining Windows Server 2008 . .1085 Server Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1085 Computer Management Console . . . . . . . . . . . . . . . . . . . . . . . . . .1151 Windows Server Backup (WSB) . . . . . . . . . . . . . . . . . . . . . . . . . .1152 Patch Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1178 Registry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1185 Performance and Paging File Tuning . . . . . . . . . . . . . . . . . . . . . . .1192 Managing from a Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1202 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1203 Chapter 18: Highly Available Windows Server 2008 . . . . . . . . . . .1205 High-Level Overview of NLB and Failover Clustering . . . . . . . . . . . .1205 Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1210 Failover Clustering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1229 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1269 Chapter 19: Virtualization and Resource Management . . . . . . . . .1271 Virtualization 360 Picture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1271 Virtual Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1272 Virtual Machines and Hyper-V . . . . . . . . . . . . . . . . . . . . . . . . . . . .1283 Windows System Resource Manager (WSRM) . . . . . . . . . . . . . . . .1319 Advantages of Virtualization and Consolidation . . . . . . . . . . . . . . .1330 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1330 Chapter 20: Troubleshooting Windows Server 2008 and Vista Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1333 Boot Mode Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1334 Windows Recovery Environment . . . . . . . . . . . . . . . . . . . . . . . . . .1338 Contents xv Reliability and Performance Monitoring . . . . . . . . . . . . . . . . . . . . .1355 Event Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1381 MSConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1400 Windows Error Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1401 System Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1402 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1407 Chapter 21: Group Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1409 Group Policy Structure . . . . . . . . . ....... . . . . . . . . . . . . . . . . .1410 Group Policy Management Console (GPMC) . . . . . . . . . . . . . . . . .1427 Group Policy Preferences . . . . . . . ....... . . . . . . . . . . . . . . . . .1491 Troubleshooting . . . . . . . . . . . . . . ....... . . . . . . . . . . . . . . . . .1501 Microsoft Templates . . . . . . . . . . . ....... . . . . . . . . . . . . . . . . .1503 Summary . . . . . . . . . . . . . . . . . . ....... . . . . . . . . . . . . . . . . .1505 Chapter 22: The Command Prompt and PowerShell . . . . . . . . . . .1507 Command.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1508 CMD.EXE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1510 Windows Scripting Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1528 PowerShell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1536 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1563 Chapter 23: Connecting Windows Server 2008 to Other Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1565 UNIX Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1566 NetWare Integration and Migration . . . . . . . . . . . . . . . . . . . . . . . .1593 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1608 Chapter 24: Internet Information Services . . . . . . . . . . . . . . . . . . .1611 IIS 7.0 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1611 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1625 IIS Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1628 Certificates and Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1645 xvi Contents Server Core Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1648 IIS and Windows Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1648 Windows Web Server 2008 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1649 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1650 How To Quick Reference . . . . . . . . . . . . . . . . . . . . . .1651 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1657 ACKNOWLEDGMENTS Many people helped in the creation of this book. I want to start by thank- ing Joan Murray, acquisitions editor at Addison-Wesley, who I worked with on this book. She had the faith to support this project. Those who know me know that I think and talk very fast; I quickly jump from one subject to the next. That does not translate well for a book, so I am extremely lucky that Addison-Wesley gave me an amazing devel- opment editor team to make my manuscript readable—a huge thanks you to Sheri Cain and Susan Brown Zahn. When the development edit was complete, the technical editors veri- fied that my content was technically accurate and digestible by the reading public, so I thank my technical editors Khaki Cohen and John Ruley. There are many other people at Addison-Wesley who I’ll probably never communicate with—such as copy editors, designers, proofreaders, and the publisher—so here’s a big thank you to all of them. Microsoft provided a great deal of input into this book, which was facil- itated by Emily Ohlsen and Melissa Dingle who handled my interaction with the Microsoft program managers. There are too many people at Microsoft to thank individually—so I want to make this a big thank-you to everyone at Microsoft who helped me with my many questions and for pro- viding their insight. Writing this book has taken up a huge amount of my life over the last 24 months. I would like to thank my colleagues at EMC for their support throughout this process. I feel I should also thank my two best friends, Brad Bartholow and David Covich, who are always there with life advice, keep me focused on what is important, and put up with me insulting them 24/7. I want to thank my parents for making me the person I am—which some people will curse them for. Along with Arnold Schwarzenegger, my father has always been my hero and the person I want to be. Throughout everything, Julie, my fiancée, has always been there with unconditional love, understanding, and full support for this project. My son, Kevin, has always been there to make me smile, highlight what’s most important in the world, and put everything into perspective. xvii ABOUT THE AUTHOR John Savill, B.S., MCSE, M.S. ITP Server Administrator, M.S. ITP Enterprise Administrator, Clustering MVP, is the Central U.S. manager for EMC’s Microsoft technical infrastructure practice and chief Microsoft architect. John has worked in infrastructure solutions for 15 years in dif- ferent industries. At the age of 19, John started a frequently asked ques- tions site for Windows NT that evolved into the www.ntfaq.com site, which became the most used NT FAQ on the Internet. John is a frequent writer for Windows IT Pro magazine and other major publications such as TechNet Magazine, and this work is John’s fourth solo book project. John is a speaker at many major technology shows, including Tech Ed 2006, 2007, and 2008. Outside of technology, John enjoys fitness activities, such as cycling, running, and weightlifting in addition to practicing martial arts, which he has done since the age of 7. John has lived in the United States since 2004 and received his green card (finally) at the beginning of 2008. PREFACE Everyone knows the saying, “Be careful what you wish for.” It had long been my goal to write a complete guide to Windows Server, but I never felt I had sufficient time to do justice to the subject. In the middle of 2006, I convinced myself that I could organize my time to allow the undertaking of writing a book on the largest Microsoft server release ever—from scratch. I started writing the book a few months later and finished the final copy editing in June 2008, basically two years from start to finish. Fortunately, Microsoft delayed the release of Windows Server 2008 enough that this book will hit bookshelves while Windows Server 2008 is still new to the market. With this book, I tried to create a resource that explains the major fea- tures of Windows Server 2008, when to use them, how to design the best implementation, and how to manage the deployed environment. Windows Server 2008 has so many features that I had to leave some out. Those features not discussed are ones I felt would not be interesting to most readers; however, I point out what is not covered and suggest some resources. Windows 2008 is trying to put books out of business; however, although the online help is great, it is task focused. Therefore, I encourage you to follow the online help tool. I concentrate on items that require more design, decision, or are just cool. Windows Server 2008 is very customer-focused and focuses on a key number of areas such as virtualization, the Web, and security. Usability is also a major area for Windows 2008. A customer does not point to a serv- er and say “that’s my windows server”; a customer says “that’s my domain controller” or “that’s my file server.” Windows Server 2008 is designed around how the server is used. Only the basic functions are installed; addi- tional components are installed as roles, and features are added to the serv- er and their management tools accessed through a single server manager interface. Design of Microsoft-based systems will change in the future. I predict that the process we perform today to design the best practice implemen- tation for our environment will be automated entirely within ten years— xix