+353-1-416-8900REST OF WORLD
+44-20-3973-8888REST OF WORLD
1-917-300-0470EAST COAST U.S
1-800-526-8630U.S. (TOLL FREE)

Mastering Windows Server 2022 with Azure Cloud Services. IaaS, PaaS, and SaaS. Edition No. 1

  • Book

  • 544 Pages
  • November 2022
  • John Wiley and Sons Ltd
  • ID: 5826092

Extend your on-premises Windows Server deployments to the cloud with Azure

In Mastering Windows Server 2022 with Azure Cloud Services: IaaS, PaaS, and SaaS, 5-time Microsoft MVP Winner William Panek delivers a comprehensive and practical blueprint for planning, implementing, and managing environments that include Azure IaaS-hosted Windows Server-based workloads.

You’ll learn to use the expansive, hybrid capabilities of Azure, how to migrate virtual and physical server workloads to Azure IaaS, PaaS, and SaaS, and how to manage and secure Azure virtual machines running Windows Server 2022.

This book also offers:

  • Foundational explanations of core Azure capabilities, including Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS)
  • Explorations of the tools you’ll need to implement Azure solutions, including Windows Admin Center and PowerShell
  • Examples of implementing identity in Hybrid scenarios, including Azure AD DS on Azure IaaS and managed AD DS

Perfect for IT professionals who manage on-premises Windows Server environments, seek to use Azure to manage server workloads, and want to secure virtual machines running on Windows Server 2022, Mastering Windows Server 2022 with Azure Cloud Services: IaaS, PaaS, and SaaS is also a must-read resource for anyone involved in administering or operating Microsoft Azure IaaS workloads.

Table of Contents

Introduction xxi

Chapter 1 Understanding Windows Server 2022 1

Features and Advantages of Windows Server 2022 1

Deciding Which Windows Server 2022 Version to Use 6

Deciding on the Type of Installation 13

Removed Features 17

The Bottom Line 20

Chapter 2 Understanding Virtualization 21

Introduction to Virtualization 21

Hyper-V Features 23

Hyper-V Architecture 28

Hyper-V Operating Systems 29

Linux and FreeBSD Image Deployments 29

Virtualization in Azure 30

The Bottom Line 30

Chapter 3 Installing and Configuring Hyper-V 31

Hyper-V Installation and Configuration 31

Hyper-V Requirements 31

Install the Hyper-V Role 32

Hyper-V in Server Manager 35

Using Hyper-V Manager 35

Configure Hyper-V Settings 36

Manage Virtual Switches 38

Managing Virtual Hard Disks 40

Configuring Virtual Machines 45

Creating and Managing Virtual Machines 45

Linux and FreeBSD Image Deployments 56

PowerShell Commands 59

The Bottom Line 62

Chapter 4 Installing Windows Server 2022 63

Installing the Windows Server 2022 OS 63

Installing with the Desktop Experience 63

Installing Windows Server 2022 Server Core 68

Activating and Servicing Windows 71

Key Management Service 71

Automatic Virtual Machine Activation 73

Active Directory-Based Activation 74

Servicing Windows Server 2022 74

Configuring Windows Server Updates 75

Windows Update 76

Using Windows Server Update Services 80

Understanding Features On Demand 93

The Bottom Line 94

Chapter 5 Understanding IP 97

Understanding TCP/IP 97

Details of the TCP/IP Model 97

How TCP/IP Layers Communicate 98

Understanding Port Numbers 98

Understanding IP Addressing 100

The Hierarchical IP Addressing Scheme 100

Understanding Network Classes 101

Subnetting a Network 104

Implementing Subnetting 105

An Easier Way to Apply Subnetting 110

Applying Subnetting the Traditional Way 114

Working with Classless Inter-Domain Routing 121

Supernetting 124

Understanding IPv6 124

IPv6 History and Need 124

New and Improved IPv6 Concepts 125

IPv6 Addressing Concepts 127

IPv6 Integration/Migration 132

The Bottom Line 136

Chapter 6 Implementing DNS 137

Introducing DNS 137

HOSTS File 138

Understanding Servers, Clients, and Resolvers 142

Understanding the DNS Process 142

Introducing DNS Database Zones 147

Understanding Primary Zones 148

Understanding Secondary Zones 149

Understanding Active Directory Integrated DNS 150

Understanding Stub Zones 152

GlobalName Zones 153

Zone Transfers and Replication 153

Advantages of DNS in Windows Server 2022 156

Background Zone Loading 157

Support for IPv6 Addresses 157

Support for Read-Only Domain Controllers 157

DNS Socket Pools 158

DNS Cache Locking 158

Response Rate Limiting 158

Unknown Record Support 159

IPv6 Root Hints 159

DNS Security Extensions 159

DNS Devolution 161

Record Weighting 161

Netmask Ordering 161

DnsUpdateProxy Group 161

DNS Policies 161

Introducing DNS Record Types 162

Start of Authority (SOA) Records 162

Name Server Records 164

Host Record 164

Alias Record 165

Pointer Record 165

Mail Exchanger Record 166

Service Record 166

Configuring DNS 167

Installing DNS 167

Load Balancing with Round Robin 168

Configuring a Caching-Only Server 168

Setting Zone Properties 168

Configuring Zones for Dynamic Updates 172

Delegating Zones for DNS 173

DNS Forwarding 174

Manually Creating DNS Records 175

DNS Aging and Scavenging 176

DNS PowerShell Commands 176

The Bottom Line 179

Chapter 7 Understanding Active Directory 181

Verifying the File System 181

Resilient File System (ReFS) 182

NTFS 183

Verifying Network Connectivity 185

Basic Connectivity Tests 185

Tools and Techniques for Testing Network Configuration 186

Understanding Active Directory 188

Domains 188

Trees 188

Forests 189

Understanding Domain and Forest Functionality 189

About the Domain Functional Level 190

About Forest Functionality 191

Planning the Domain Structure 193

Installing Active Directory 193

Improved Active Directory Features 194

Read-Only Domain Controllers 194

Active Directory Prerequisites 194

The Installation Process 194

Installing Additional Domain Controllers by Using Install from Media 201

Verifying Active Directory Installation 201

Using Event Viewer 201

Using Active Directory Administrative Tools 203

Testing from Clients 204

Creating and Configuring Application Data Partitions 206

Creating Application Data Partitions 206

Managing Replicas 207

Removing Replicas 208

Using ntdsutil to Manage Application Data Partitions 208

Configuring DNS Integration with Active Directory 210

The Bottom Line 211

Chapter 8 Administering Active Directory 213

Active Directory Overview 213

Understanding Active Directory Features 214

Understanding Security Principals 215

An Overview of OUs 216

The Purpose of OUs 217

Benefits of OUs 217

Planning the OU Structure 217

Logical Grouping of Resources 218

Understanding OU Inheritance 219

Delegating Administrative Control 220

Applying Group Policies 221

Creating OUs 221

Managing OUs 224

Moving, Deleting, and Renaming OUs 225

Administering Properties of OUs 225

Delegating Control of OUs 227

Creating and Managing Active Directory Objects 228

Overview of Active Directory Objects 229

Managing Object Properties 235

Understanding Groups 238

Filtering and Advanced Active Directory Features 240

Moving, Renaming, and Deleting Active Directory Objects 241

Resetting an Existing Computer Account 242

Understanding Dynamic Access Control 243

Managing Security and Permissions 244

Publishing Active Directory Objects 245

Making Active Directory Objects Available to Users 245

Publishing Printers 245

Publishing Shared Folders 246

PowerShell for Active Directory 247

The Bottom Line 248

Chapter 9 Configuring DHCP 249

Understanding DHCP 249

Introducing the DORA Process 250

Advantages and Disadvantages of DHCP 251

Ipconfig Lease Options 252

Understanding Scope Details 253

Installing and Authorizing DHCP 255

Installing DHCP 255

Introducing the DHCP Snap-In 256

Authorizing DHCP for Active Directory 257

Creating and Managing DHCP Scopes 259

Creating a New Scope in IPv4 259

Creating a New Scope in IPv6 267

Changing Scope Properties (IPv4 and IPv6) 269

Changing Server Properties 270

Managing Reservations and Exclusions 272

Setting Scope Options for IPv4 274

Activating and Deactivating Scopes 276

Creating a Superscope for IPv4 276

Creating IPv4 Multicast Scopes 277

Integrating Dynamic DNS and IPv4 DHCP 279

Using DHCP Failover Architecture 281

Working with the DHCP Database Files 281

Working with Advanced DHCP Configuration Options 283

Implement DHCPv6 283

Configure High Availability for DHCP, Including DHCP Failover and Split Scopes 284

Configure DHCP Name Protection 286

PowerShell Commands 287

The Bottom Line 289

Chapter 10 Building Group Policies 291

Introducing Group Policy 291

Understanding Group Policy Settings 292

The Security Settings Section of the GPO 295

Client-Side Extensions 296

Group Policy Objects 296

Group Policy Inheritance 297

Planning a Group Policy Strategy 298

Implementing Group Policy 298

Creating GPOs 299

Linking Existing GPOs to Active Directory 301

Forcing a GPO to Update 302

Managing Group Policy 303

Managing GPOs 303

Security Filtering of a Group Policy 304

Delegating Administrative Control of GPOs 306

Controlling Inheritance and Filtering Group Policy 307

Assigning Script Policies 308

Understanding the Loopback Policy 310

Managing Network Configuration 310

Configuring Network Settings 311

Automatically Enrolling User and Computer Certificates in Group Policy 311

Redirecting Folders 313

Managing GPOs with Windows PowerShell Group Policy Cmdlets 314

Item-Level Targeting 315

Back Up, Restore, Import, Copy, and Migration Tables 316

The Bottom Line 319

Chapter 11 Advanced Group Policy Options 321

Deploying Software Through a GPO 321

The Software Management Life Cycle 322

The Windows Installer 323

Deploying Applications 326

Implementing Software Deployment 328

Preparing for Software Deployment 328

Software Restriction Policies 329

Using AppLocker 329

Group Policy Slow Link Detection 329

Publishing and Assigning Applications 329

Applying Software Updates 331

Verifying Software Installation 332

Configuring Automatic Updates in Group Policy 332

Configuring Software Deployment Settings 333

The Software Installation Properties Dialog Box 333

Removing Programs 335

Microsoft Windows Installer Settings 337

Troubleshooting Group Policies 337

RSoP in Logging Mode 338

RSoP in Planning Mode 342

Using the gpresult.exe Command 342

Using the Group Policy Infrastructure Status Dashboard 343

The Bottom Line 343

Chapter 12 Understanding Cloud Concepts 345

Understand Cloud Concepts 345

Cloud Advantages 345

Understanding CapEx vs. OpEx 346

Understanding Different Cloud Concepts 348

Understanding the difference between IaaS, PaaS, and SaaS 349

Infrastructure as a Service 350

Platform as a Service 350

Software as a Service 351

Compare and Contrast the Service Types 352

The Bottom Line 353

Chapter 13 Configuring Azure 355

Understanding Azure Benefits 355

Azure Benefits 355

Understanding the Azure Dashboards 357

Using the Azure Dashboard 357

Configuring the Azure Portal Settings 366

The Bottom Line 372

Chapter 14 Understanding Azure Active Directory 373

Azure Active Directory 373

Understanding Azure AD 373

Self-Service Password Reset 392

The Bottom Line 394

Chapter 15 Creating a Hybrid Network 395

Creating a Hybrid Network 395

Password Hash Synchronization with Azure AD 396

Azure Active Directory Pass-Through Authentication 396

Federation with Azure AD 397

Common Identity Scenarios 399

Azure AD Connect 400

Implement Active Directory Federation Services 405

What Is a Claim? 406

AD FS in Windows Server 2022 409

Configuring a Web Application Proxy 411

Active Directory Federation Services Installation 413

AD FS and AD Connect 421

Planning Azure AD Authentication Options 423

Azure AD Multi-Factor Authentication 423

Azure AD Connect Sync - Understand and Customize Synchronization 426

Creating an Azure Recovery Policy 427

Model Apps 427

Automate Tasks in Recovery Plans 428

Run a Test Failover on Recovery Plans 429

Create a Recovery Plan 429

The Bottom Line 432

Chapter 16 Understanding Microsoft Endpoint 433

Using Microsoft Endpoint Manager 433

Understanding AutoPilot 440

Autopilot Benefits 441

Autopilot Prerequisites 441

Deployment Scenarios 443

Planning for Secure Applications Data on Devices 446

Configuring Managed Apps for Mobile Application Management (MAM) 446

Protecting Enterprise Data using Windows Information Protection (WIP) 449

The Bottom Line 458

Chapter 17 Configuring Security 459

Managing Windows Security 459

Windows Defender Security Center 460

Configuring Windows Firewall 463

Understanding Windows Firewall Basics 463

Windows Firewall with Advanced Security 464

Managing Security 469

Implementing Azure Windows Defender Advanced Threat Protection 469

Understanding Windows Defender Application Guard 471

Understanding Windows Defender Credential Guard 476

Implementing and Managing Windows Defender Exploit Guard 478

Using Windows Defender Application Control 481

The Bottom Line 482

Chapter 18 Creating Azure Policies 483

Azure Devices and Policies 483

Compliance Policies 484

Device Configuration Profiles 489

PowerShell Commands 492

The Bottom Line 494

Appendix The Bottom Line 495

Authors

William Panek