Mastering Windows Server 2019: The complete guide for IT professionals to install and manage Windows Server 2019 and deploy new capabilities

Mastering Windows

Server 2019

Second Edition

The complete guide for IT professionals to install and manage Windows Server 2019 and deploy new capabilities

Jordan Krause

BIRMINGHAM - MUMBAI

Mastering Windows Server 2019 Second Edition

Copyright © 2019 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin Boricha

Acquisition Editor: Meeta Rajani

Content Development Editor: Abhijit Sreedharan

Technical Editor: Aditya Khadye

Copy Editor: Safis Editing

Project Coordinator: Jagdish Prabhu

Proofreader: Safis Editing

Indexer: Pratik Shirodkar

Graphics: Tom Scaria

Production Coordinator: Jayalaxmi Raja

First published: October 2016

Second edition: March 2019

Production reference: 1150319

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

ISBN 978-1-78980-453-9

www.packtpub.com

mapt.io

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

Packt.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at customercare@packtpub.com for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Contributors

About the author

Jordan Krause is a six-time Microsoft MVP, currently awarded in the Cloud and Datacenter Management category. He has the unique opportunity of working daily with Microsoft networking and remote access technologies. Jordan specializes in Microsoft DirectAccess and Always On VPN. Committed to continuous learning, Jordan holds Microsoft certifications as an MCP, MCTS, MCSA, and MCITP Enterprise Administrator, and regularly writes articles reflecting his experiences with these technologies. Jordan lives in beautiful West Michigan (USA), but works daily with companies around the world.

About the reviewers

Anderson Patricio is a Canadian Microsoft MVP and an IT consultant based in Toronto. His areas of expertise are Microsoft Exchange, Skype for Business, Azure, System Center, and Active Directory. Anderson is an active member of the Exchange Community and he contributes in forums, blogs, articles, and videos. In Portuguese, his website contains thousands of Microsoft tutorials to help the local community, as well as his speaking engagements at TechED in South America and MVA Academy training courses.

Premnath Sambasivam is a Technical Analyst with 6 years of experience in Windows, VMWare, and SCCM administration. He is a MCSE Cloud Platform and Infrastructure certified professional. He has developed and deployed the Microsoft System Center Configuration Manager solution to manage more than 6,000 assets in his client's environment. He loves learning more about and exploring Azure. He is a Microsoft enthusiast.

It was a very pleasant experience overall. Thank you, Sunanda, for choosing me for this project.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Mastering Windows Server 2019 Second Edition

About Packt

Why subscribe?

Packt.com

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Conventions used

Get in touch

Reviews

Getting Started with Windows Server 2019

The purpose of Windows Server

It's getting cloudy out there

Public cloud

Private cloud

Windows Server versions and licensing

Standard versus Datacenter

Desktop Experience/Server Core/Nano Server

Desktop Experience

Server Core

Nano Server

Licensing models - SAC and LTSC

Semi-Annual Channel (SAC)

Long-Term Servicing Channel (LTSC)

Overview of new and updated features

The Windows 10 experience continued

Hyper-Converged Infrastructure

Windows Admin Center

Windows Defender Advanced Threat Protection

Banned Passwords

Soft restart

Integration with Linux

Enhanced Shielded Virtual Machines

Azure Network Adapter

Always On VPN

Navigating the interface

The updated Start menu

The Quick Admin Tasks menu

Using the Search function

Pinning programs to the taskbar

The power of right-clicking

Using the newer Settings screen

Two ways to do the same thing

Creating a new user through Control Panel

Creating a new user through the Settings menu

Task Manager

Task View

Summary

Questions

Installing and Managing Windows Server 2019

Technical requirements

Installing Windows Server 2019

Burning that ISO

Creating a bootable USB stick

Running the installer

Installing roles and features

Installing a role using the wizard

Installing a feature using PowerShell

Centralized management and monitoring

Server Manager

Remote Server Administration Tools (RSAT)

Does this mean RDP is dead?

Remote Desktop Connection Manager

Windows Admin Center (WAC)

Installing Windows Admin Center

Launching Windows Admin Center

Adding more servers to Windows Admin Center

Managing a server with Windows Admin Center

Enabling quick server rollouts with Sysprep

Installing Windows Server 2019 onto a new server

Configuring customizations and updates onto your new server

Running Sysprep to prepare and shut down your master server

Creating your master image of the drive

Building new servers using copies of the master image

Summary

Questions

Core Infrastructure Services

What is a Domain Controller?

Active Directory Domain Services

Using AD DS to organize your network

Active Directory Users and Computers

User accounts

Security Groups

Prestaging computer accounts

Active Directory Domains and Trusts

Active Directory Sites and Services

Active Directory Administrative Center

Dynamic Access Control

Read-Only Domain Controllers (RODC)

The power of Group Policy

The Default Domain Policy

Creating and linking a new GPO

Filtering GPOs to particular devices

Domain Name System (DNS)

Different kinds of DNS records

Host record (A or AAAA)

ALIAS record - CNAME

Mail Exchanger record (MX)

Name Server (NS) record

ipconfig /flushdns

DHCP versus static addressing

The DHCP scope

DHCP reservations

Back up and restore

Schedule regular backups

Restoring from Windows

Restoring from the installer disc

MMC and MSC shortcuts

Summary

Questions

Certificates in Windows Server 2019

Common certificate types

User certificates

Computer certificates

SSL certificates

Single-name certificates

Subject Alternative Name certificates

Wildcard certificates

Planning your PKI

Role services

Enterprise versus Standalone

Root versus Subordinate (issuing)

Naming your CA server

Can I install the CA role onto a domain controller?

Creating a new certificate template

Issuing your new certificates

Publishing the template

Requesting a cert from MMC

Requesting a cert from the Web interface

Creating an auto-enrollment policy

Obtaining a public-authority SSL certificate

Public/private key pair

Creating a Certificate Signing Request

Submitting the certificate request

Downloading and installing your certificate

Exporting and importing certificates

Exporting from MMC

Exporting from IIS

Importing into a second server

Summary

Questions

Networking with Windows Server 2019

Introduction to IPv6

Understanding IPv6 IP addresses

Your networking toolbox

ping

tracert

pathping

Test-Connection

telnet

Test-NetConnection

Packet tracing with Wireshark or Message Analyzer

TCPView

Building a routing table

Multi-homed servers

Only one default gateway

Building a route

Adding a route with the Command Prompt

Deleting a route

Adding a route with PowerShell

NIC Teaming

Software-defined networking

Hyper-V Network Virtualization

Private clouds

Hybrid clouds

How does it work?

System Center Virtual Machine Manager

Network controller

Generic Routing Encapsulation

Microsoft Azure Virtual Network

Windows Server Gateway/SDN Gateway

Virtual network encryption

Bridging the gap to Azure

Azure Network Adapter

Summary

Questions

Enabling Your Mobile Workforce

Always On VPN

Types of AOVPN tunnel

User Tunnels

Device Tunnels

Device Tunnel requirements

AOVPN client requirements

Domain-joined

Rolling out the settings

AOVPN server components

Remote Access Server

IKEv2

SSTP

L2TP

PPTP

Certification Authority (CA)

Network Policy Server (NPS)

DirectAccess

The truth about DirectAccess and IPv6

Prerequisites for DirectAccess

Domain-joined

Supported client operating systems

DirectAccess servers get one or two NICs

Single NIC Mode

Dual NICs

More than two NICs

To NAT or not to NAT?

6to4

Teredo

IP-HTTPS

Installing on the true edge – on the internet

Installing behind a NAT

Network Location Server

Certificates used with DirectAccess

SSL certificate on the NLS web server

SSL certificate on the DirectAccess server

Machine certificates on the DA server and all DA clients

Do not use the Getting Started Wizard (GSW)!

Remote Access Management Console

Configuration

Dashboard

Operations Status

Remote Client Status

Reporting

Tasks

DA, VPN, or AOVPN? Which is best?

Domain-joined or not?

Auto or manual launch

Software versus built-in

Password and login issues with traditional VPNs

Port-restricted firewalls

Manual disconnect

Native load-balancing capabilities

Distribution of client configurations

Web Application Proxy

WAP as AD FS Proxy

Requirements for WAP

Latest improvements to WAP

Preauthentication for HTTP Basic

HTTP to HTTPS redirection

Client IP addresses forwarded to applications

Publishing Remote Desktop Gateway

Improved administrative console

Summary

Questions

Hardening and Security

Windows Defender Advanced Threat Protection

Installing Windows Defender AV

Exploring the user interface

Disabling Windows Defender

What is ATP, anyway?

Windows Defender ATP Exploit Guard

Windows Defender Firewall – no laughing matter

Three Windows Firewall administrative consoles

Windows Defender Firewall (Control Panel)

Firewall & network protection (Windows Security Settings)

Windows Defender Firewall with Advanced Security (WFAS)

Three different firewall profiles

Building a new inbound firewall rule

Creating a rule to allow pings (ICMP)

Managing WFAS with Group Policy

Encryption technologies

BitLocker and the virtual TPM

Shielded VMs

Encrypted virtual networks

Encrypting File System

IPsec

Configuring IPsec

Server policy

Secure Server policy

Client policy

IPsec Security Policy snap-in

Using WFAS instead

Banned passwords

Advanced Threat Analytics

General security best practices

Getting rid of perpetual administrators

Using distinct accounts for administrative access

Using a different computer to accomplish administrative tasks

Never browse the internet from servers

Role-Based Access Control (RBAC)

Just Enough Administration (JEA)

Summary

Questions

Server Core

Why use Server Core?

No more switching back and forth

Interfacing with Server Core

PowerShell

Using cmdlets to manage IP addresses

Setting the server hostname

Joining your domain

Remote PowerShell

Server Manager

Remote Server Administration Tools

Accidentally closing Command Prompt

Windows Admin Center for managing Server Core

The Sconfig utility

Roles available in Server Core

What happened to Nano Server?

Summary

Questions

Redundancy in Windows Server 2019

Network Load Balancing (NLB)

Not the same as round-robin DNS

What roles can use NLB?

Virtual and dedicated IP addresses

NLB modes

Unicast

Multicast

Multicast IGMP

Configuring a load-balanced website

Enabling NLB

Enabling MAC address spoofing on VMs

Configuring NLB

Configuring IIS and DNS

Testing it out

Flushing the ARP cache

Failover clustering

Clustering Hyper-V hosts

Virtual machine load balancing

Clustering for file services

Scale-out file server

Clustering tiers

Application-layer clustering

Host-layer clustering

A combination of both

How does failover work?

Setting up a failover cluster

Building the servers

Installing the feature

Running the failover cluster manager

Running cluster validation

Running the Create Cluster wizard

Recent clustering improvements in Windows Server

True two-node clusters with USB witnesses

Higher security for clusters

Multi-site clustering

Cross-domain or workgroup clustering

Migrating cross-domain clusters

Cluster operating-system rolling upgrades

Virtual machine resiliency

Storage Replica (SR)

Storage Spaces Direct (S2D)

New in Server 2019

Summary

Questions

PowerShell

Why move to PowerShell?

Cmdlets

PowerShell is the backbone

Scripting

Server Core

Working within PowerShell

Launching PowerShell

Default Execution Policy

Restricted

AllSigned

RemoteSigned

Unrestricted

The Bypass mode

Using the Tab key

Useful cmdlets for daily tasks

Using Get-Help

Formatting the output

Format-Table

Format-List

PowerShell Integrated Scripting Environment

PS1 files

PowerShell Integrated Scripting Environment

Remotely managing a server

Preparing the remote server

The WinRM service

Enable-PSRemoting

Allowing machines from other domains or workgroups

Connecting to the remote server

Using -ComputerName

Using Enter-PSSession

Desired State Configuration

Summary

Questions

Containers and Nano Server

Understanding application containers

Sharing resources

Isolation

Scalability

Containers and Nano Server

Windows Server containers versus Hyper-V containers

Windows Server Containers

Hyper-V Containers

Docker and Kubernetes

Linux containers

Docker Hub

Docker Trusted Registry

Kubernetes

Working with containers

Installing the role and feature

Installing Docker for Windows

Docker commands

docker --help

docker images

docker search

docker pull

docker run

docker ps -a

docker info

Downloading a container image

Running a container

Summary

Questions

Virtualizing Your Data Center with Hyper-V

Designing and implementing your Hyper-V Server

Installing the Hyper-V role

Using virtual switches

The external virtual switch

The internal virtual switch

The private virtual switch

Creating a new virtual switch

Implementing a new virtual server

Starting and connecting to the VM

Installing the operating system

Managing a virtual server

Hyper-V Manager

The Settings menu

Checkpoints

Hyper-V Console, Remote Desktop Protocol (RDP), or PowerShell

Windows Admin Center (WAC)

Shielded VMs

Encrypting VHDs

Infrastructure requirements for shielded VMs

Guarded hosts

Host Guardian Service (HGS)

Host attestations

TPM-trusted attestations

Host key attestations

Admin-trusted attestation – deprecated in 2019

Integrating with Linux

ReFS deduplication

ReFS

Data deduplication

Why is this important to Hyper-V?

Hyper-V Server 2019

Summary

Questions

Assessments

Chapter 1: Getting Started with Windows Server 2019

Chapter 2: Installing and Managing Windows Server 2019

Chapter 3: Core Infrastructure Services

Chapter 4: Certificates in Windows Server 2019

Chapter 5: Networking with Windows Server 2019

Chapter 6: Enabling Your Mobile Workforce

Chapter 7: Hardening and Security

Chapter 8: Server Core

Chapter 9: Redundancy in Windows Server 2019

Chapter 10: PowerShell

Chapter 11: Containers and Nano Server

Chapter 12: Virtualizing Your Data Center with Hyper-V

Another Book You May Enjoy

Leave a review - let other readers know what you think

Preface

I'm really not sure how or when it happened, but we are almost at the year 2020! In fact, part of me really wishes that Microsoft had held out on releasing this new version of Windows Server, just so that we could call it Server 2020. Alas, we will have to make do with the far less exotic sounding Server 2019. How amazing to look back and reflect on all of the big changes that have happened in terms of technology over the past 20 years. In some ways, it seems that Y2K has just happened and everyone has been scrambling to make sure their DOS-based and green screen applications are prepared to handle four-digit date ranges. It seems unthinkable to us now that these systems could have been created in a way that was so short-sighted. Did we not think the world would make it to the year 2000? Today, we build technology with such a different perspective and focus. Everything is centralized, redundant, global, and cloud-driven. Users expect 100% uptime, from wherever they are, on whatever device that happens to be sitting in front of them. The world has truly changed.

And, as the world has changed, so has the world of technology infrastructure. This year, we are being introduced to Microsoft's Windows Server 2019. Before we know it, we will be sitting in the year 2020. We are now living in and beyond Doc and Marty's future. My kids have actually ridden around on something called a hoverboard, for crying out loud!

From a user's perspective, as a consumer of data, backend computing requirements are becoming almost irrelevant. Things such as maintenance windows, scheduled downtime, system upgrades, slowness due to weak infrastructure—these items have to become invisible to the workforce. We are building our networks in ways that allow knowledge workers and developers to do their jobs without consideration for what is supporting their job functions. What do we use to support that level of reliability and resiliency? Our data centers haven't disappeared. Just because we use the words cloud and private cloud so often doesn't make them magic. What makes all of this centralized, spin up what you need mentality a reality is still physical servers running inside physical data centers.

And what is it that drives the processing power of these data centers for the majority of companies in the world? Windows Server. In fact, even if you have gone all-in for cloud adoption and host 100% of your serving resources in the Azure Cloud, you are still making use of Windows Server 2019. It is the operating system that underpins all of Azure! Server 2019 is truly ready to service even the heaviest workloads, in the newest cloud-centric ways.

Over the last few years, we have all become familiar with Software-Defined Computing, using virtualization technology to turn our server workloads into a software layer. Now, Microsoft is expanding on this idea with new terms such as Software-Defined Networking, and even an entire Software-Defined Data Center. The technologies that make these happen allow us to virtualize and share resources on a grand scale.

In order to make our workloads more flexible and cloud-ready, Microsoft is taking major steps in shrinking the server compute platform and creating new ways of interfacing with those servers. There is an underlying preference for new Windows Servers to be running the smaller, efficient, and more secure Server Core interface. Additionally, application containers have made huge advancements over the past year, and Server 2019 now allows us to transition our applications into containers in order to run them in isolation from each other and on a mass scale. We also have new centralized management tools for administering our servers and networks, namely, the brand new Windows Admin Center that we will be discussing in the forthcoming pages.

Let's take some time together to explore the inner workings of the newest version of this server operating system, which will drive and support so many of our business infrastructures over the coming years. Windows servers have dominated our data centers' rackspaces for more than two decades. Will this newest iteration in the form of Windows Server 2019 continue that trend?

Who this book is for

Anyone interested in Windows Server 2019 or in learning more in general about a Microsoft-centric data center will benefit from this book. An important deciding factor when choosing which content was appropriate for such a volume was making sure that anyone who had a baseline in working with computers could pick this up and start making use of it within their own networks. If you are already proficient in Microsoft infrastructure technologies and have worked with prior versions of Windows Server, then there are some focused topics on the aspects and parts that are brand new and only available in Server 2019. On the other hand, if you are currently in a desktop support role, or if you are coming fresh into the IT workforce, care was taken in the pages of this book to ensure that you will receive a rounded understanding, not only of what is brand new in Server 2019, but also what core capabilities it includes as carryovers from previous versions of the operating system, and that are still crucial to be aware of when working in a Microsoft-driven data center.

What this book covers

Chapter 1, Getting Started with Windows Server 2019, gives us an introduction to the new operating system and an overview of the new technologies and capabilities that it can provide. We will also spend a little bit of time exploring the updated interface for those who may not be comfortable with it yet.

Chapter 2, Installing and Managing Windows Server 2019, dives right into the very first thing we will have to do when working with Server 2019; installing it! While this seems like a simple task, there are a number of versioning and licensing variables that need to be understood before you proceed with your own install. From there, we will start to expand upon Microsoft's centralized management mentality, exploring the ways in which we can now manage and interact with our servers without ever having to log into them.

Chapter 3, Core Infrastructure Services, gives us a solid baseline on the technologies that make up the infrastructure of any Microsoft-centric network. We will discuss the big three—Active Directory (AD), Domain Name System (DNS), and Dynamic Host Configuration Protocol (DHCP)—and also address some server backup capabilities, as well as a cheat-sheet list of Microsoft Management Console (MMC) and Microsoft Configuration (MSC) shortcuts to make your day job easier.

Chapter 4, Certificates in Windows Server 2019, jumps into one of the pieces of Windows Server that has existed for many years and yet, the majority of server administrators that I meet are unfamiliar with it. Let's take a closer look at certificates as they become more and more commonly required for the new technologies that we roll out. By the end of this chapter, you should be able to spin up your own PKI and start issuing certificates for free!

Chapter 5, Networking with Windows Server 2019, begins with an introduction to that big, scary IPv6, and continues from there into building a toolbox of items that are baked into Windows Server 2019 and can be used in your daily networking tasks. We will also discuss Software-Defined Networking.

Chapter 6, Enabling Your Mobile Workforce, takes a look at the different remote access technologies that are built into Windows Server 2019. Follow along as we explore the capabilities provided by VPN, DirectAccess, Web Application Proxy, and the brand new Always On VPN.

Chapter 7, Hardening and Security, gives some insight into security and encryption functions that are built into Windows Server 2019. Security is the priority focus of CIOs everywhere this year, so let's explore what protection mechanisms are available to us out of the box.

Chapter 8, Server Core, throws us into the shrinking world of headless servers. Server Core has flown under the radar for a number of years, but is critical to understand as we bring our infrastructures into a more security-conscious mindset. Let's make sure you have the information necessary to make your environment more secure and more efficient, all while lowering the amount of space and resources that are consumed by those servers.

Chapter 9, Redundancy in Windows Server 2019, takes a look at some platforms in Server 2019 that provide powerful data and computing redundancy. Follow along as we discuss Network Load Balancing, Failover Clustering, and information on the updated Storage Spaces Direct.

Chapter 10, PowerShell, gets us into the new, blue command-line interface so that we can become comfortable using it, and also learn why it is so much more powerful than Command Prompt. PowerShell is quickly becoming an indispensable tool for administering servers, especially in cases where you are adopting a centralized management and administration mindset.

Chapter 11, Containers and Nano Server, incorporates the terms open source and Linux in a Microsoft book! Application containers are quickly becoming the new standard for hosting modern, scalable applications. Learn how to start enhancing your DevOps story through the use of tools such as Windows Server Containers, Hyper-V Containers, Docker, and Kubernetes.

Chapter 12, Virtualizing Your Data Center with Hyper-V, covers a topic that every server administrator should be very familiar with. Organizations have been moving their servers over to virtual machines in mass quantities for many years. Let's use this chapter to make sure you understand how that hypervisor works, and give you the resources required to build and manage one if and when you have the need.

To get the most out of this book

Each technology that we discuss within the pages of this book is included in, or relates directly to, Windows Server 2019. If you can get your hands on a piece of server hardware and the Server 2019 installer files, you will be equipped to follow along and try these things out for yourself. We will talk about and reference some enterprise-class technologies that come with stiffer infrastructure requirements in order to make them work fully, and so you may have to put the actual testing of those items on hold until you are working in a more comprehensive test lab or environment, but the concepts are all still included in this book.

We will also discuss some items that are not included in Server 2019 itself, but that are used to extend the capabilities and features of it. Some of these items help tie us into an Azure Cloud environment, and some are provided by third parties, such as using Docker and Kubernetes on your Server 2019 in order to interact with application containers. Ultimately, you do not need to use these tools in order to manage your new Windows Server 2019 environment, but they do facilitate some pretty cool things that I think you will want to look into.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: Inside DNS, I am going to create an alias record that redirects intranet to web1.

Any command-line input or output is written as follows:

Uninstall-WindowsFeature -Name Windows-Defender

Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Simply find the appropriate OU for his account to reside within, right-click on the OU, and navigate to New | User."

Warnings or important notes appear like this.

Tips and tricks appear like this.

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at customercare@packtpub.com.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at copyright@packt.com with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in, and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.

Getting Started with Windows Server 2019

About 10 years ago, Microsoft adjusted its operating system release ideology so that the latest Windows Server operating system is always structured very similarly to the latest Windows client operating system. This has been the trend for some time now, with Server 2008 R2 closely reflecting Windows 7, Server 2012 feeling a lot like Windows 8, and many of the same usability features that came with the Windows 8.1 update are also included with Server 2012 R2. This, of course, carried over to Server 2016 as well—giving it the same look and feel as if you were logged into a Windows 10 workstation.

Now that we are all familiar and comfortable with the Windows 10 interface, we typically have no problems jumping right into the Server 2016 interface and giving it a test drive. Windows Server 2019 is once again no exception to this rule, except that the release of client-side operating systems has shifted a little bit. Now, instead of releasing new versions of Windows (11, 12, 13, and so on), we are, for the time being, simply sticking with Windows 10 and giving it sub-version numbers, indicative of the dates when that operating system was released. For example, Windows 10 version 1703 released around March of 2017. Windows 10 version 1709 was released in September of 2017. Then, we have had 1803 and 1809 as well—although 1809 was delayed a little and didn't release until somewhere closer to November, but that wasn't the original plan. The current plan is Windows OS releases every six months or so, but expecting IT departments to lift and shift all of their servers just for the purposes of moving to an OS that is six months newer is crazy; sometimes it takes longer than that just to plan a migration.

Anyway, I'm getting ahead of myself a little, as we will be discussing versioning of Windows Server later in this chapter, during our Windows Server versions and licensing section. The point here is that Windows Server 2019 looks and feels like the latest version of the Windows client operating system that was released at about the same time—that OS being Windows 10 1809. Before we get started talking about the features of Windows Server, it is important to establish a baseline for usability and familiarity in the operating system itself before diving deeper into the technologies running under the hood.

Let's spend a few minutes exploring the new graphical interface and options that are available for finding your way around this latest release of Windows Server, with a view to covering the following topics in this chapter:

The purpose of Windows Server

It's getting cloudy out there

Windows Server versions and licensing

Overview of new and updated features

Navigating the interface

Using the newer Settings screen

Task Manager

Task View

The purpose of Windows Server

Is asking what the purpose of Windows Server a silly question? I don't think so. It's a good question to ponder, especially now that the definition for servers and server workloads is changing on a regular basis. The answer to this question for Windows clients is simpler. A Windows client machine is a requester, consumer, and contributor of data.

From where is this data being pushed and pulled? What enables the mechanisms and applications running on the client operating systems to interface with this data? What secures these users and their data? The answers to these questions reveal the purpose of servers in general. They house, protect, and serve up the data to be consumed by clients.

Everything revolves around data in business today. Our email, documents, databases, customer lists—everything that we need to do business well, is data. That data is critical to us. Servers are what we use to build the fabric upon which we trust our data to reside.

We traditionally think about servers using a client-server interface mentality. A user opens a program on their client computer, this program reaches out to a server in order to retrieve something, and the server responds as needed. This idea can be correctly applied to just about every transaction you may have with a server. When your domain-joined computer needs to authenticate you as a user, it reaches out to Active Directory on the server to validate your credentials and get an authentication token. When you need to contact a resource by name, your computer asks a DNS server how to get there. If you need to open a file, you ask the file server to send it your way.

Servers are designed to be the brains of our operation, and often by doing so transparently. In recent years, large strides have been taken to ensure resources are always available and accessible in ways that don't require training or a large effort on the part of our employees.

In most organizations, many different servers are needed in order to provide your workforce with the capabilities they require. Each service inside Windows Server is provided as, or as part of, a role. When you talk about needing new servers or configuring a new server for any particular task, what you are really referring to is the individual role or roles that are going to be configured on that server in order to get the work done. A server without any roles installed is useless, though depending on the chassis, can make an excellent paperweight. A 3U SAN device could weigh upwards of 100 pounds and keep your desk orderly even in the middle of a hurricane!

If you think of roles as the meat and potatoes of a server, then the next bit we will discuss is sort of like adding salt and pepper. Beyond the overhead roles you will install and configure on your servers, Windows also contains many features that can be installed, which sometimes stand alone, but more often complement specific roles in the operating system. Features may be something that complement and add functionality to the base operating system such as Telnet Client, or a feature may be added to a server in order to enhance an existing role, such as adding the Network Load Balancing feature to an already-equipped remote access or IIS server. The combination of roles and features inside Windows Server is what equips that piece of metal to do work.

This book will, quite obviously, focus on a Microsoft-centric infrastructure. In these environments, Windows Server operating system is king, and is prevalent across all facets of technology. There are alternatives to Windows Server, and different products which can provide some of the same functions to an organization, but it is quite rare to find a business environment anywhere that is running without some semblance of a Microsoft infrastructure.

Windows Server contains an incredible amount of technology, all wrapped up in one small installation disk. With Windows Server 2019, Microsoft has gotten us thinking out of the box about what it means to be a server in the first place, and comes with some exciting new capabilities that we will spend some time covering in these pages. Things such as PowerShell, Windows Admin Center, and Storage Spaces Direct are changing the way that we manage and size our computing environments; these are exciting times to be or to become a server administrator!

It's getting cloudy out there

There's this new term out there, you may have even heard of it...cloud. While the word cloud has certainly turned into a buzzword that is often misused and spoken of inappropriately, the idea of cloud infrastructure is an incredibly powerful one. A cloud fabric is one that revolves around virtual resources—virtual machines, virtual disks, and even virtual networks. Being plugged into the cloud typically enables things like the ability to spin up new servers on a whim, or even the ability for particular services themselves to increase or decrease their needed resources automatically, based on utilization.

Think of a simple e-commerce website where a consumer can go to order goods. Perhaps 75% of the year, they can operate this website on a single web server with limited resources, resulting in a fairly low cost of service. But, the other 25% of the year, maybe around the holiday seasons, utilization ramps way up, requiring much more computing power. Prior to cloud mentality, this would mean that the company would need to size their environment to fit the maximum requirements all the time, in case it was ever needed. They would be paying for more servers and much more computing power than was needed for the majority of the year. With a cloud fabric, giving the website the ability to increase or decrease the number of servers it has at its disposal as needed, the total cost of such a website or service can be drastically decreased. This is a major driving factor of cloud in business today.

Public cloud

Most of the time, when your neighbor Suzzi Knowitall talks to you about the cloud, she is simply talking about the internet. Well, more accurately she is talking about some service that she uses, which she connects to by using the internet. For example, Office 365, Google Drive, OneDrive, Dropbox—these are all public cloud resources, as they are storing your data in the cloud. In reality, your data is just sitting on servers which you access via the internet, but you can't see those servers and you don't have to administer and maintain those servers, which is why it feels like magic and is then referred to as the cloud.

To IT departments, the term cloud more often means one of the big three cloud hosting providers. Since this is a Microsoft-driven book, and since I truly feel this way anyway, Azure is top-notch in this category. Azure itself is another topic for another (or many other) book, but is a centralized cloud compute architecture that can host your data, your services, or even your entire network of servers.

Moving your datacenter to Azure enables you to stop worrying or caring about server hardware, replacing hard drives, and much more. Rather than purchasing servers, unboxing them, racking them, installing Windows on them, and then setting up the roles you want configured, you simply click a few buttons to spin up new virtual servers that can be resized at any time for growth. You then pay smaller op-ex costs for these servers—monthly or annual fees for running systems inside the cloud, rather than the big cap-ex costs for server hardware in the first place.

Other cloud providers with similar capabilities are numerous, but the big three are Azure, Amazon (AWS), and Google. As far as enterprise is concerned, Azure simply takes the cake and eats it too. I'm not sure that the others will ever be able to catch up with all of the changes and updates that Microsoft constantly makes to the Azure infrastructure.

Private cloud