Windows Server 2019 & PowerShell All-in-One For Dummies

Name: Windows Server 2019 & PowerShell All-in-One For Dummies
Brand: Wiley
Price: 25.99 EUR
Availability: OnlineOnly

Sara Perrott(Autor*in)

Wiley (Verlag)

1. Auflage

Erschienen am 11. April 2019

768 Seiten

E-Book

ePUB mit Adobe-DRM

Systemvoraussetzungen

978-1-119-56064-7 (ISBN)

25,99 €inkl. 7% MwSt.

Systemvoraussetzungen

für ePUB mit Adobe-DRM

E-Book Einzellizenz

Als Download verfügbar

Beschreibung

Weitere Details

Weitere Ausgaben

Inhalt

Chapter 1

An Overview of Windows Server 2019

IN THIS CHAPTER

Getting an overview of the features new to Windows Server 2019

Making sense of the Windows Server 2019 editions

Looking at the different Windows Server 2019 user experiences

Recognizing the benefits of Server Manager

Working with the Windows Admin Center

Windows Server 2019 is the latest version of Microsoft's flagship server operating system. This chapter has something for everyone. If you're already familiar with Windows Server, I discuss the new features that Windows Server 2019 brings to the table. If you haven't worked with Microsoft Server operating systems much before, you'll appreciate the information on the editions and user experiences that you can use, depending on your needs.

Extra! Extra! Read All About It! Seeing What's New in Windows Server 2019

With each new version of Windows Server, Microsoft introduces new and innovative technologies to improve administration or add needed functionality. Here are some of the new features in Windows Server 2019:

App Compatibility Feature on Demand (FoD) for Server Core: The App Compatibility FoD package includes a set of binaries that improve compatibility for applications that require some of the graphical tools that haven't historically been available with Server Core. To use these capabilities, you need to install the FoD package from Microsoft; it's available as an optional package download from the Microsoft Evaluation Downloads page (www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019) in the form of an ISO image file. Just search for Windows Server Core Features on Demand, and ensure that you download the same version of FoD as the version of Server Core that you're going to install or you've already installed. All you need to do is copy the ISO image file to the local storage on the server or to a shared storage location. Then you can use PowerShell to mount the ISO with the Mount-DiskImage command. This will give you the ability to use Internet Explorer 11, Event Viewer, Performance Monitor, Resource Monitor, Device Manager, Microsoft Management Console (MMC), File Explorer, Windows PowerShell ISE, and Failover Cluster Manager, and it will add support for SQL Server Management Studio.
Improvements to clustering: Several improvements have been made in regards to clustering in Windows Server 2019:
- Cluster Sets is a new technology that allow you to group multiple clusters. These clusters may just be compute or storage, or they may be hyperconverged (both storage and compute) clusters. This allows the movement of virtual machines (VMs) across different clusters, which, in turn, allows you to do maintenance tasks with little to no impact to the uptime of the VMs. To use the Cluster Sets feature, you create a VM and point it to a unified namespace (a name that is shared and provides access across multiple storage systems) for the cluster set. From there, the VM will be assigned to a cluster, and the cluster will assign it to a specific node.
- File Share Witness is a file share that can be used to reach quorum in a clustering scenario. It received two enhancements in Windows Server 2019. The first enhancement enables the Failover Cluster Manager to block the creation of a file share witness if Distributed File System (DFS) is being used. An error message will also be displayed letting you know that this is not supported because it can cause stability issues in your cluster if your file share witness is put on a DFS share.
  
  The second enhancement to File Share Witness enables you to use a file share witness in scenarios that were not previously supported - for example, when you have poor Internet connections to remote locations, when you don't have shared drives, when you don't have a domain controller connection (for instance in a demilitarized zone [DMZ]), or in a workgroup or cross-domain cluster where there is no Active Directory-based cluster name.
  
  The DMZ is the area where you'll typically locate public-facing systems like web servers. It's essentially a lower-trust network being exposed to an untrusted network, like the Internet.
- Moving clusters between domains no longer results in the cluster being destroyed. Two new PowerShell cmdlets were created that allow you to move a cluster from one domain to another domain.
- Failover Clustering will no longer use NT LAN Manager (NTLM) for authentication. Instead, you'll use Kerberos and certificates to manage authentication on your failover clusters.
Improvements to containers: You may be aware that containers were added in Windows Server 2016. The underlying technology used on Windows Server for containers is Docker. (To learn more about containers and Docker, turn to Book 8.)

New container capabilities have been added in Windows Server 2019:
- You can use group managed service accounts (gMSA) to access network resources. The container's host name doesn't need to be the same as the gMSA. You can use the gMSA on both Windows and Hyper-V isolated containers.
- Applications that have specific communications needs such as support for Serial Peripheral Interface (SPI), Inter-Integrated Circuit (I2C), general-purpose input/output (GPIO), and universal asynchronous receiver-transmitter/communication (UART/COM) port can now be containerized. Host Device Access allows you to assign a simple bus to Windows Server containers. This is especially useful for Internet of Things (IoT) devices like sensors and other peripheral devices.
- A third container image has been created that resolves application programming interface (API) dependencies that were not available in Server Core.
- You can now deploy Kubernetes on Windows Server 2019. The master node still needs to be on Linux, but you can configure worker nodes to run on Windows Server. If you're in a Windows-centric shop and you're trying to automate processes, or you're just looking for a container orchestration solution, Kubernetes is a great one to go with. You can find lots of great resources on Kubernetes if it's something you're interested in. Because it's such a large topic, I don't cover it in this book.
Congestion control: Windows Server 2019 includes Low Extra Delay Background Transport (LEDBAT), a network congestion control provider. As the name suggests, LEDBAT can find available network bandwidth for running updates and other network-intensive jobs. When the network is not in use, it can consume all the bandwidth. When the network is in use, it gives up bandwidth for your users and applications so that they don't experience network delays.
Security enhancements: There are three enhancements made to security in Windows Server 2019, expanding on work done in Windows Server 2016 when Windows Defender was officially introduced to the server operating system. These enhancements are as follows:
- Windows Defender Advanced Threat Protection (ATP): Provides visibility to attack activities that target memory and kernel-level areas, as well as the ability to respond to compromised systems. It also aids in forensics investigations and can be used to collect data about the system remotely.
- Windows Defender ATP Exploit Guard: ATP Exploit Guard has similar capabilities to Host Intrusion Prevention Systems (HIPS). It's designed to protect systems from multiple methods of attack, as well as block suspicious behavior that is often seen in compromises involving malware. The exploit protection capability replaces the older Enhanced Mitigation Experience Toolkit (EMET) that was previously offered by Microsoft.
- Windows Defender Application Control: This feature was actually released in Windows Server 2016, but customer feedback provided to Microsoft conveyed that it was difficult to deploy. The version that ships with Windows Server 2019 comes with default policies built in to address some of the hardships that organizations faced. Microsoft applications are allowed to run by default, and executables that are known to be able to bypass code integrity checks are blocked.
Software-defined networking (SDN) enhancements: There were several improvements within the area of SDN:
- One of the great improvements in security was made by introducing the Encrypted Networks feature, which provides end-to-end encryption and is configured on a per-subnet basis.
- High-performance gateways allow for the network throughput to be increased up to six times. This is really great for hybrid scenarios where some systems are on-premises and others are in Azure.
- Access control lists were introduced for the SDN fabric and can be applied automatically. This can improve the security of your SDN.
- Your Hyper-V hosts can now generate firewall logs in the appropriate format for Azure Network Watcher.
- IPv6 support was added, including all the security features available with the traditional IPv4 SDN.
- Virtual network peering was introduced, to give you a method to allow separate virtual networks to communicate.
Shielded VMs: The concept of the shielded VM was introduced in Windows Server 2016. If you want to learn more about shielded VMs, turn to Book 7. Some cool new features available with Windows Server 2019 include...

Systemvoraussetzungen

Als PDF speichern Als Link merken