|
|
|
Copyright
|
|
|
|
About the Authors
|
|
|
|
Acknowledgments
|
|
|
|
We Want to Hear from You!
|
|
|
|
Introduction
|
|
|
|
Part I: Security Solutions
|
|
|
|
|
Chapter 1. Securing Windows Server 2003
|
|
|
|
|
Improved Default Security in Windows 2003
|
|
|
|
|
Securing the Hatches
|
|
|
|
|
Know Who is Connected Using Two-factor Authentication
|
|
|
|
|
Using Templates to Improve Usage and Management
|
|
|
|
|
Patrolling the Configuration
|
|
|
|
|
Securing the File System
|
|
|
|
|
Securing Web Services
|
|
|
|
|
Keeping Files Confidential with EFS
|
|
|
|
|
Bulletproof Scenario
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 2. Implementing Secured Wireless Technologies
|
|
|
|
|
Working Through Walls
|
|
|
|
|
Managing Spectrums to Avoid Denial of Service
|
|
|
|
|
Implementing Support for Secure 802.1x Technologies
|
|
|
|
|
Taking Advantage of Windows Server 2003 Security Features
|
|
|
|
|
Configuring the Wireless Client
|
|
|
|
|
Maximizing Wireless Security Through Tunneling
|
|
|
|
|
Maintaining Knowledge of Your Wireless Networks
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 3. Integrating Smartcard and Secured Access Technologies
|
|
|
|
|
Maximizing Certificate Services Implementations
|
|
|
|
|
Securing Certificate Services
|
|
|
|
|
Getting the Most Out of Smartcards
|
|
|
|
|
Tips and Tricks for Securing Access to the Network
|
|
|
|
|
Creating a Single Sign-on Environment
|
|
|
|
|
Securing Access to Web Servers and Services
|
|
|
|
|
Protecting Certificate-based Services from Disaster
|
|
|
|
|
Integrating Smartcards with Personal Devices
|
|
|
|
|
Summary
|
|
|
|
|
|
|
|
Part II: Management and Administration Solutions
|
|
|
|
|
Chapter 4. Distributing Administration
|
|
|
|
|
Choosing the Best Administrative Model for Your Organization
|
|
|
|
|
Using Role-based Administration for Optimal Delegation
|
|
|
|
|
Leveraging the Delegation of Control Wizard
|
|
|
|
|
Enhancing Administration with Functional Levels
|
|
|
|
|
Managing Domain and Enterprise Administration
|
|
|
|
|
Developing Group Policies that Affect Administration
|
|
|
|
|
Testing Level of Administrative Access
|
|
|
|
|
Auditing Administrative Activities
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 5. Managing User Rights and Permissions
|
|
|
|
|
Leveraging Domain Local, Global, and Universal Groups
|
|
|
|
|
Using NTFS and AD Integrated File Shares
|
|
|
|
|
Using Group Policy to Administer Rights and Permissions
|
|
|
|
|
Maximizing Security, Functionality, and Lowering Total Cost of Ownership (TCO) with User Profiles
|
|
|
|
|
Managing Rights and Permissions for Specific User Types
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 6. Implementing Group Policies
|
|
|
|
|
Leveraging Group Policies
|
|
|
|
|
Group Policy Deployment
|
|
|
|
|
Understanding GP Inheritance and Application Order
|
|
|
|
|
Understanding the Effects of Slow Links on Group Policy
|
|
|
|
|
Using Tools to Make Things go Faster
|
|
|
|
|
Automating Software Installations
|
|
|
|
|
Enhancing Manageability with Group Policy Management Console
|
|
|
|
|
Using Resultant Set of Policies in GPMC
|
|
|
|
|
Maximizing Security with Group Policy
|
|
|
|
|
Increasing Fault Tolerance with Intellimirror
|
|
|
|
|
Leveraging Other Useful Tools for Managing Group Policies
|
|
|
|
|
Using Administrative Templates
|
|
|
|
|
Finding Additional Resources About Group Policy
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 7. Managing Desktops
|
|
|
|
|
Automating Backup of Desktop Data
|
|
|
|
|
Accelerating Deployments with Workstation Images
|
|
|
|
|
Creating Windows XP Images
|
|
|
|
|
Automating Software Installation
|
|
|
|
|
Slow Link Detection
|
|
|
|
|
Ensuring a Secured Managed Configuration
|
|
|
|
|
Managing Systems and Configurations
|
|
|
|
|
Leveraging Useful Tools for Managing Desktops
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 8. Administering Windows Server 2003 Remotely
|
|
|
|
|
Using Remote Desktop for Administration
|
|
|
|
|
Taking Advantage of Windows Server 2003 Administration Tools
|
|
|
|
|
Using Out-Of-Band Remote Administration Tools for Emergency Administration
|
|
|
|
|
Using and Configuring Remote Assistance
|
|
|
|
|
Securing and Monitoring Remote Administration
|
|
|
|
|
Delegating Remote Administration
|
|
|
|
|
Administering IIS in Windows Server 2003 Remotely
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 9. Maintenance Practices and Procedures
|
|
|
|
|
Maintenance is not as Interesting as Implementing New Technology
|
|
|
|
|
What to Do Every Day
|
|
|
|
|
What to Do Every Week
|
|
|
|
|
What to Do Every Month
|
|
|
|
|
Consolidating Servers as a Maintenance Task
|
|
|
|
|
Backup Tips and Tricks
|
|
|
|
|
Making Automated System Recovery Work for You
|
|
|
|
|
Leveraging Scripting for Maintenance Practices
|
|
|
|
|
Why Five-9s Might Be a Bad Idea
|
|
|
|
|
Automating Updates
|
|
|
|
|
Summary
|
|
|
|
|
|
|
|
Part III: Design and Implementation Solutions
|
|
|
|
|
Chapter 10. Advanced Active Directory Design
|
|
|
|
|
Implementations Small and Large
|
|
|
|
|
Configuring and Reconfiguring Domains and Organizational Units
|
|
|
|
|
Sites and the New Knowledge Consistency Checker
|
|
|
|
|
Using Cross-Forest Trusts Effectively
|
|
|
|
|
Interforest Synchronization
|
|
|
|
|
Active Directory Migration Tool Best Practices
|
|
|
|
|
Using Microsoft Metadirectory Services Effectively
|
|
|
|
|
Domain Controller Placement
|
|
|
|
|
Global Catalog Placement
|
|
|
|
|
Taking Advantage of Replication Improvements
|
|
|
|
|
Active Directory Functional Levels
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 11. Implementing Microsoft Windows Server 2003
|
|
|
|
|
Best Practices for Successful Server Deployments
|
|
|
|
|
Licensing and Activating Windows Server 2003
|
|
|
|
|
Automating Deployment with Remote Installation Service
|
|
|
|
|
Using Sysprep for Servers to Maximize Consistency
|
|
|
|
|
Customizing Setup Using Unattend and Setup Manager
|
|
|
|
|
Creating Custom Bootable CDs for Rapid Deployment
|
|
|
|
|
Optimizing Standard Server Configurations
|
|
|
|
|
Customizing Servers with Setup Wizards
|
|
|
|
|
Controlling the Back-end with the Windows Registry
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 12. Implementing Microsoft Active Directory
|
|
|
|
|
Taking Advantage of Functional Levels
|
|
|
|
|
Improving Domain Controller Installation
|
|
|
|
|
Getting the Most Out of Global Catalog Servers
|
|
|
|
|
Maximizing Flexible Single Master Operation (FSMO) Roles
|
|
|
|
|
Expanding the Enterprise by Interconnecting Forests and Domains
|
|
|
|
|
Enhancing Flexibility with Renaming Domains
|
|
|
|
|
Managing the Active Directory Schema
|
|
|
|
|
Improving Replication with Application Partitions
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 13. Establishing a Solid Infrastructure Foundation
|
|
|
|
|
Focusing on the Windows Server 2003 Infrastructure Components
|
|
|
|
|
DNS in an Active Directory Environment
|
|
|
|
|
The Domain
Name
System (DNS) In Depth
|
|
|
|
|
Installing DNS Using the Configure Your Server Wizard
|
|
|
|
|
Configuring DNS to Point to Itself
|
|
|
|
|
Using Resource Records in a Windows 2003 Environment
|
|
|
|
|
Establishing and Implementing DNS Zones
|
|
|
|
|
Creating Zone Transfers in DNS
|
|
|
|
|
Understanding the Importance of DNS Queries
|
|
|
|
|
Other DNS Components
|
|
|
|
|
DNS Maintenance, Updates, and Scavenging
|
|
|
|
|
Troubleshooting DNS
|
|
|
|
|
The Dynamic Host Configuration Protocol (DHCP) In Depth
|
|
|
|
|
DHCP Changes in Windows Server 2003
|
|
|
|
|
Installing DHCP and Creating New Scopes
|
|
|
|
|
Creating DHCP Redundancy
|
|
|
|
|
Advanced DHCP Concepts
|
|
|
|
|
Optimizing DHCP Through Proper Maintenance
|
|
|
|
|
Securing a DHCP Implementation
|
|
|
|
|
Continuing Usage of Windows Internet Naming Service (WINS)
|
|
|
|
|
Installing and Configuring WINS
|
|
|
|
|
WINS Planning, Migrating, and Maintenance
|
|
|
|
|
Global Catalog Domain Controllers (GC/DCs) Placement
|
|
|
|
|
The Need to Strategically Place GCs and DCs
|
|
|
|
|
Summary
|
|
|
|
|
|
|
|
Part IV: Migration and Integration Solutions
|
|
|
|
|
Chapter 14. Migrating from Windows NT 4.0
|
|
|
|
|
Migrating to a Scalable Windows 2003 Server Environment
|
|
|
|
|
Fallback Plans and Failover Procedures
|
|
|
|
|
Tips to Minimize Network Downtime
|
|
|
|
|
Planning and Implementing Name Resolution When Migrating
|
|
|
|
|
Planning and Upgrading File Systems and Disk Partitions
|
|
|
|
|
Avoiding Failures and Disruptions During Server Upgrades
|
|
|
|
|
Keeping Windows Servers Current with Windows Updates
|
|
|
|
|
Finalizing Server Upgrades with Windows Update
|
|
|
|
|
Supporting Windows Clients During Coexistence
|
|
|
|
|
Implementing and Securing Password Migrations
|
|
|
|
|
Addressing Permissions Issues When Migrating Desktops
|
|
|
|
|
Best Practices for Maintaining and Managing Coexistence
|
|
|
|
|
Common Mistakes When Decommissioning Domains and Servers
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 15. Migrating from Windows 2000
|
|
|
|
|
Preparing the Migration
|
|
|
|
|
Windows Server 2003 Applications Compatibility
|
|
|
|
|
Using the Application Compatibility Tool Kit
|
|
|
|
|
Upgrading and Installing Windows Server 2003
|
|
|
|
|
Migrating Network Services
|
|
|
|
|
Migrating Active Directory Objects
|
|
|
|
|
FailOver Best Practices
|
|
|
|
|
Supporting Clients with Windows Server 2003
|
|
|
|
|
Decommissioning Windows 2000
|
|
|
|
|
Raising Windows 2003 Functional Levels
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 16. Integration with Unix/LDAP-Based Systems
|
|
|
|
|
Designing and Planning Platform Integration
|
|
|
|
|
Creating an Integrated Infrastructure
|
|
|
|
|
Integrating Directories Across Environments
|
|
|
|
|
Using Password Synchronization
|
|
|
|
|
Centralizing the Management of Cross-Platform Resources
|
|
|
|
|
Accessing Unix from a Windows Perspective
|
|
|
|
|
Accessing Windows from a Unix Perspective
|
|
|
|
|
Migrating Resources from One Platform to the Other
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 17. Integrating Windows 2003 with Novell Networks
|
|
|
|
|
Leveraging Services for NetWare
|
|
|
|
|
Creative Ways of Bridging the Gap Between Novell and Windows
|
|
|
|
|
Installing the Microsoft Services for NetWare Tool
|
|
|
|
|
Creating a Single Sign-on Environment
|
|
|
|
|
Synchronizing eDirectory/NDS with Active Directory
|
|
|
|
|
Replacing NetWare Servers with Windows Servers
|
|
|
|
|
Summary
|
|
|
|
|
|
|
|
Part V: Remote and Mobile User Solutions
|
|
|
|
|
Chapter 18. VPN and Dial-up Solutions
|
|
|
|
|
Choosing the Right VPN Solution
|
|
|
|
|
Best Practices for Securing L2TP
|
|
|
|
|
Best Practices for Securing PPTP
|
|
|
|
|
Taking Advantage of Internet Authentication Service
|
|
|
|
|
Using VPN for Wireless
|
|
|
|
|
Deploying VPN and Dial-up Services
|
|
|
|
|
Using Site-to-Site VPNs
|
|
|
|
|
Using Load Balancing to Add Scalability and Resiliency
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 19. Web Access to Windows Server 2003 Resources
|
|
|
|
|
Best Practices for Publishing Web Shares to the Internet
|
|
|
|
|
Securing Access to Resources with SSL
|
|
|
|
|
Enabling SSL on a Web Server Directory
|
|
|
|
|
Enabling and Securing Internet Printing
|
|
|
|
|
Best Practices for Securing FTP Services
|
|
|
|
|
Accessing Resources with Terminal Services and Remote Desktops
|
|
|
|
|
Monitoring IIS Access Through Auditing and Logging
|
|
|
|
|
Using Windows Tools and Scripts to Manage IIS
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 20. Leveraging Thin Client Terminal Services
|
|
|
|
|
Advantages of Using Terminal Services
|
|
|
|
|
Keeping Users Connected with Session Directory
|
|
|
|
|
Adding Redundancy to Session Directory
|
|
|
|
|
Optimizing Terminal Service Performance
|
|
|
|
|
Managing Terminal Service Users with Group Policy
|
|
|
|
|
Keeping Terminal Service Secure
|
|
|
|
|
Leveraging Local Resources
|
|
|
|
|
Summary
|
|
|
|
|
|
|
|
Part VI: Business Continuity Solutions
|
|
|
|
|
Chapter 21. Proactive Monitoring and Alerting
|
|
|
|
|
Leveraging Windows Management Instrumentation
|
|
|
|
|
Leveraging Scripts for Improved System Management
|
|
|
|
|
Deciding What to Monitor
|
|
|
|
|
Determining What to Monitor and Alert Upon
|
|
|
|
|
Responding to Problems Automatically
|
|
|
|
|
Using Microsoft Operations Manager for Advanced Automation
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 22. Creating a Fault-Tolerant Environment
|
|
|
|
|
Optimizing Disk Management for Fault Tolerance
|
|
|
|
|
Maximizing Redundancy and Flexibility with Distributed File System
|
|
|
|
|
Simplifying Fault Tolerance with Volume Shadow Copy
|
|
|
|
|
Optimizing Disk Utilization with Remote Storage
|
|
|
|
|
Optimizing Clusters to Simplify Administrative Overhead
|
|
|
|
|
Leveraging Network Load Balancing for Improved Availability
|
|
|
|
|
Realizing Rapid Recovery Using Automated System Recovery (ASR)
|
|
|
|
|
Summary
|
|
|
|
|
|
|
|
Part VII: Performance Optimization Solutions
|
|
|
|
|
Chapter 23. Tuning and Optimization Techniques
|
|
|
|
|
Understanding of Capacity Analysis
|
|
|
|
|
Best Practice for Establishing Policy and Metric Baselines
|
|
|
|
|
Leveraging Capacity-Analysis Tools
|
|
|
|
|
Identifying and Analyzing Core Analysis and Monitoring Elements
|
|
|
|
|
Optimizing Performance by Server Roles
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 24. Scaling Up and Scaling Out Strategies
|
|
|
|
|
Size Does Matter
|
|
|
|
|
Building Bigger Servers
|
|
|
|
|
Building Server Farms
|
|
|
|
|
Avoiding the Pitfalls
|
|
|
|
|
Making It Perform
|
|
|
|
|
Scaling the Active Directory
|
|
|
|
|
Scaling for the File System
|
|
|
|
|
Scaling for RAS
|
|
|
|
|
Scaling Web Services
|
|
|
|
|
Scaling for Terminal Services
|
|
|
|
|
Summary
|
|
|
|
|
|
|
Chapter 25. Utilizing Storage Area Networks
|
|
|
|
|
Defining the Technologies
|
|
|
|
|
When is the Right Time to Implement NAS and SAN Devices?
|
|
|
|
|
Designing the Right Data Storage Structure
|
|
|
|
|
Adding in Fault Tolerance for External Storage Systems
|
|
|
|
|
Combining Hardware Fault Tolerance with Windows Server 2003 Technologies
|
|
|
|
|
Best Practices for SAN and NAS
|
|
|
|
|
Recovering from a System Failure
|
|
|
|
|
Leveraging NAS and SAN Solutions for Server Consolidation
|
|
|
|
|
Summary
|
|
|
|
|
|
|
|
Part VIII: Business Productivity Solutions
|
|
|
|
|
Chapter 26. User File Management and Information Look-up
|
|
|
|
|
Enabling Collaboration with Windows SharePoint Services
|
|
|
|
|
Expanding on the File and Data Management Capabilities of Windows 2003
|
|
|
|
|
Simplifying File Sharing with Office 2003
|
|
|
|
|
Improving Data Lookup with Indexing
|
|
|
|
|
Taking Advantage of Revision Control Management
|
|
|
|
|
Hierarchical Storage Management
|
|
|
|
|
Implementing Information, Communication, and Collaboration Security
|
|
|
|
|
Summary
|
|
|
|
|
|
|
|
Index
|
