Praise for
The Complete Guide to Windows Server 2008
“John Savill’s The Complete Guide to Windows Server 2008 is comprehensive without being
overwhelming. At over 1500 pages, the book is not light reading, but Savill does a superb
job of explaining the features and functions of Windows Server 2008 in a way that the read-
er can understand and apply. Rather than investing in a library of books, an administrator
can just keep this book handy as a reference resource for all their Windows Server 2008
questions and needs.”
—Tony Bradley, CISSP, Microsoft MVP, Director of Security, Evangelyze Communications
“John Savill’s book is the kind of technology bible you don’t mind reading cover to cover.
Often I find books with this much information just too deadly dull to actually read, but this
is an exception. If you are an old hat, you might end up skipping the starts of chapters, as
John makes few assumptions about what you already know—a very good thing overall.”
—Patrick Hynds, CTO, CriticalSites Microsoft Regional Director
“Of all the recent books on Windows Server 2008 I’ve read, this one provides the most com-
plete coverage in an easy to digest manner. An aptly titled publication that I recommend
for anyone working with Windows Server 2008.”
—Alan Le Marquand, Content Architect, Technical Audience Global Marketing Team
“With the number of changes being introduced in Windows Server 2008, a book like The
Complete Guide to Windows Server 2008 is essential in any IT professional’s library. John
Savill does an excellent job of introducing these changes. He also gives clear instructions
on how to implement them. I would highly recommend to anyone who’s planning on mak-
ing Microsoft’s latest server operating system part of their infrastructure to buy and read
this book from cover to cover.”
—Ed Roberts, Lethos Incorporated
“This book is an invaluable one-stop reference for deploying, configuring, and managing
Windows Server 2008. It’s filled with John’s unique and hard-earned nuggets of advice,
helpful scripts, and shortcuts that will save you time and money.”
—Mark Russinovich, Technical Fellow, Platform and Services Division, Microsoft
“The Complete Guide to Windows Server 2008 by John Savill is, indeed, just that. It begins

W
INDOWS
S
ERVER
2008
John Savill
Upper Saddle River, NJ • Boston • Indianapolis • San Francisco
New York • Toronto • Montreal • London • Munich • Paris • Madrid
Cape Town • Sydney • Tokyo • Singapore • Mexico City
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trade-
marks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the
designations have been printed with initial capital letters or in all capitals.
The author and publisher have taken care in the preparation of this book, but make no expressed or implied
warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for inciden-
tal or consequential damages in connection with or arising out of the use of the information or programs con-
tained herein.
The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special
sales, which may include electronic versions and/or custom covers and content particular to your business,
training goals, marketing focus, and branding interests. For more information, please contact:
U.S. Corporate and Government Sales
(800) 382-3419

For sales outside the United States please contact:
International Sales

Visit us on the Web: www.informit.com/aw
Library of Congress Cataloging-in-Publication Data:
Savill, John, 1975-
The complete guide to Windows server 2008 / John Savill.
p. cm.

Chapter 1: Windows 101: Its Origins, Present, and the Services It Provides
Chapter 2: Windows Server 2008 Fundamentals: Navigating and Getting Started
Chapter 3: Installing and Upgrading Windows Server 2008
Chapter 4: Securing Your Windows Server 2008 Deployment
Chapter 5: File System and Print Management Features
Chapter 6: TCP/IP
Chapter 7: Advanced Networking Services
Chapter 8: Remote Access and Securing and Optimizing the Network
Chapter 9: Terminal Services
Chapter 10: Active Directory Domain Services Introduction
Chapter 11: Designing and Installing Active Directory
Chapter 12: Managing Active Directory and Advanced Concepts
Chapter 13: Active Directory Federated Services, Lightweight Directory Services, and Rights
Management
Chapter 14: Server Core
Chapter 15: Distributed File System
Chapter 16: Deploying Windows
Chapter 17: Managing and Maintaining Windows Server 2008
Chapter 18: Highly Available Windows Server 2008
Chapter 19: Virtualization and Resource Management
Chapter 20: Troubleshooting Windows Server 2008 and Vista Environments
Chapter 21: Group Policy
Chapter 22: The Command Prompt and PowerShell
Chapter 23: Connecting Windows Server 2008 to Other Environments
Chapter 24: Internet Information Services
How To Quick Reference
Index
C
ONTENTS
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvii

Authentication and Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . .142
The Physical Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143
BitLocker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145
Active Directory Certificate Services (ADCS) . . . . . . . . . . . . . . . . . . .156
Authentication Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171
Securing Windows Server 2008 . . . . . . . . . . . . . . . . . . . . . . . . . . .179
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224
Chapter 5: File System and Print Management Features . . . . . . . .225
File System Types and Management . . . . . . . . . . . . . . . . . . . . . . . .225
File Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240
File Server Resource Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . .257
Print Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333
Chapter 6: TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
Internet Protocol (IP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
Transmission Control Protocol (TCP) . . . . . . . . . . . . . . . . . . . . . . . . .355
User Datagram Protocol (UDP) . . . . . . . . . . . . . . . . . . . . . . . . . . . .356
Network Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357
IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362
Communication Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .368
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .376
Chapter 7: Advanced Networking Services . . . . . . . . . . . . . . . . . .377
DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .377
Domain Name System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .406
WINS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .450
Contents
xi
xii
Contents

Creating a Domain Controller from Media . . . . . . . . . . . . . . . . . . . .715
Removing Domain Controllers and Domains . . . . . . . . . . . . . . . . . . .719
Read-Only Domain Controllers (RODCs) . . . . . . . . . . . . . . . . . . . . . .722
Trust Relationships . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .740
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .751
Chapter 12: Managing Active Directory and Advanced Concepts . . .753
Customizing Site Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . .753
Forcing a Demotion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .767
Managing AD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .777
Backing Up and Restoring AD . . . . . . . . . . . . . . . . . . . . . . . . . . . . .811
Auditing AD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .829
Advanced Password Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .834
Prune and Graft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .836
Upgrading AD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .836
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .849
Chapter 13: Active Directory Federated Services, Lightweight
Directory Services, and Rights Management . . . . . . . . .851
Active Directory Lightweight Directory Services . . . . . . . . . . . . . . . . .852
Active Directory Rights Management Services . . . . . . . . . . . . . . . . . .865
Active Directory Federated Services . . . . . . . . . . . . . . . . . . . . . . . . .891
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .909
Chapter 14: Server Core . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .911
Overview of Windows Server Core . . . . . . . . . . . . . . . . . . . . . . . . .911
Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .915
Server Core Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .918
Performing Common Actions Using Server Core . . . . . . . . . . . . . . . .940
Remotely Managing Server Core . . . . . . . . . . . . . . . . . . . . . . . . . . .942
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .952
Chapter 15: Distributed File System . . . . . . . . . . . . . . . . . . . . . . . . .953
Distribution of Other Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . .954

Windows System Resource Manager (WSRM) . . . . . . . . . . . . . . . .1319
Advantages of Virtualization and Consolidation . . . . . . . . . . . . . . .1330
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1330
Chapter 20: Troubleshooting Windows Server 2008 and Vista
Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1333
Boot Mode Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1334
Windows Recovery Environment . . . . . . . . . . . . . . . . . . . . . . . . . .1338
xiv
Contents
Reliability and Performance Monitoring . . . . . . . . . . . . . . . . . . . . .1355
Event Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1381
MSConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1400
Windows Error Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1401
System Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1402
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1407
Chapter 21: Group Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1409
Group Policy Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1410
Group Policy Management Console (GPMC) . . . . . . . . . . . . . . . . .1427
Group Policy Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1491
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1501
Microsoft Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1503
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1505
Chapter 22: The Command Prompt and PowerShell . . . . . . . . . . .1507
Command.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1508
CMD.EXE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1510
Windows Scripting Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1528
PowerShell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1536
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1563
Chapter 23: Connecting Windows Server 2008 to Other
Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1565