98-365 – Microsoft MTA Windows Server 2008 – Server Roles

  1. What to expect in this section

In this section, we are going to talk about serves, and Shaapplications. as and Applica Microsoft Exchange Microsoft Exchange SQLSharePoint We’ll talk about Web services? There is a lecture dedicated to remote access. a very important topic. You want to make sure you know how you can access Microsoft Server remotely and how your users can access your network from home.

  1. Identifying Application Servers

Server roles. Identifying Application Servers, I’m not sure if you agree with me, but in my opinion, it would be really boring to have just a server and share a few files. Of course, you can use a Windows Server 2008 box for it. A lot of commercial companies do that. In this lecture, I want to discuss a few applications that you can put on Windows 7 (2008–2012) and get a lot of new features. As an MTA-certified technician, Microsoft asks you to focus on three or four main things, and you have to be able to identify these applications. They won’t ask you to manage their troubleshooting service in this manner? Not really. You have to have a very good idea of how they work and what they do. Of course, for me, it’s not enough. And I will try to show you at least one application in action, because it makes more sense, in my opinion. Microsoft Exchange is really difficult to find a server for. Windows seven.

No Microsoft Exchange Of course, some companies opt for other solutions. It is a very popular mail and contact server. A reliable application with a lot of features To be honest, there are companies that hire, and they require a certified Microsoft Exchange engineer. and engineers like that. They just focus on email service. That is a full-time job, even in a medium-sized company. I remember one small ISP that had like 50 or 60 clients they managed services for. Sorry. And they had a full-time Exchange guy to sort out issues and deploy new services. Why? Well, because it’s your email server. You want to make sure it’s secure. And today, as you can imagine, it’s not enough to just put up an email server and forget about that. Now it’s spam, viruses, rules, and updates, everything you need to set up a reliable email server. The second application server is SQL Server. It is a database. Again, in some companies There is a dedicated engineer who specialises in SQL Server. The third one is SharePoint. It is pretty popular. However, you will not find a lot of companies that take full advantage of the web platform that SharePoint offers. It is great to create something that we call an intranet. You can share documents, create websites, and do anything else your business requires. It is a powerful tool. Well, it’s not as popular as Microsoft wanted when they created that application.

The last one, which is discontinued, I’m not sure if you remember if you’re watching it and you say, “Yes, I remember that guy.” That’s good, because every time I teach security or Microsoft and I mention ISA Firewall, people say, “What is that?” And it makes me feel really old. It was a pretty good and reliable firewall and VPN server from Microsoft. Then Microsoft created something else, and they decided to stop developing applications like that. They focused on some other solutions. Of course, there are some solutions that can replace everything that people used to have. Okay, it’s time to see at least one application in action. I want to show you Microsoft Exchange because this is something that you will find in the real world. You will be asked to manage it and maybe create an email ething that you will find That’s what you can see on the screen at the moment. You can check your emails just by using your browser. The way it works is that you enter a domain and username. In my case, it’s Dmzt. DMZ means that it is isolated from my main network. I’m not sure if you’ve seen it before because it’s an email server and a web server. I decided to isolate it and put it in the DMZ. It is a very popular solution because if someone breaks into my server, they will not be able to access my home network because this is isolated. Okay, then you enter your username. In my case, it’s admin and your password.

Now you will see that it is really, really slow. Okay, some troubleshooting. This service has been stopped. It is the most important service that you can find for Microsoft Exchange. It is a Microsoft Exchange information store. If it’s stopped, then, of course, mailbox databases are unavailable. Let’s try it now. We go back. I’m troubleshooting. Let’s try now. I’m just going to refresh the page now. I said it would be very slow. Again, I have a question for you. Why is that? Why is it so slow? Any ideas? I am going to show you that page because it will take a while to load that mailbox. That is the memory requirement for Exchange 2010. That’s the minimum. I should have that because I have more than one role. And guess what I’ve got? Let’s check. We right-click on the computer, we go to properties, and you will see even less than 4 GB. as far as I remember. Yeah, it’s three. Okay. The CPU is very slow as well. HP’s HyperV microserver is what it’s all about. It means it’s a shared environment. That’s why it’s really slow. It’s okay. It’s a lab. That’s fine. I don’t really care. As long as it works, it is slow. Here we go. Okay, it is working. Now I can access my emails using a web browser. Please note that I can customise a lot of things here as well. You can set up automatic replies. You can customise a lot of things from here.

I’ll show you a few options. Yeah, I can see the options now. It took about three minutes to see that screen. You know what I mean? I’m showing it to you to prove my point. A lot of people go and say, “Yeah, whatever they ask for in terms of 4 GB of RAM, just whatever.” Now, don’t do it. especially for Microsoft Exchange, SQL, and so on. Follow the recommendations. Make sure that you have more RAM and a good CPU because you need a reliable solution. You need something that will work, and you will not be surprised with anything. when a user accesses, for instance, his email from home, and so on. We manage Microsoft Exchange using the Microsoft Exchange management console. and it’s like that. From here, you can work with databases, create rules, add new domains, and do everything else that you need. Of course, you can troubleshoot, check the queue of your emails, and do everything else that you need to manage your email server. In this lecture, we talked about server roles and identified a few application servers. I showed you a Microsoft Exchange Server in action as well. In our next lecture, we are going to talk about a Web server. Yes, your Windows server. 2008 and 2012 can be web servers. And actually, you have a Microsoft Exchange server. Owa. Outlook Web Access, things like that. You’re running a Web server in the background. Anyway, we’ll talk about that. Thank you very much.

  1. Web Services – let’s run our own WWW Server!

Web services. Every time you talk to an experienced IT engineer and you say, “Well, I want to run IIS on my server,” this guy will look like, “OK, what?” Why would you do that? And it’s not as bad as it used to be. IIS was regarded as insecure many years ago. That’s all I have to say about that today. Actually, it is very difficult to run a lot of services without IIS. A lot of things are based on it. And even if you think, “Oh, I’m not running IIS,” you are IIS.

Internet Information Services allows you to run a web server. a server that will support http, FTP, and SMTP. You can run a website and download files. I enabled PHP on IIS, and it did work. When I prepared a slide for that lecture, I was surprised to find that IIS has a market share of 32%. To be honest, I’m not sure how the survey was done. I think it included intranet services as well. However, that’s what I said. IIS is not considered insecure anymore. Even though there are some bugs, there are issues with IIS, and there are issues with the Apache Service as well. Still, most ISPs go with a Linux solution to host websites. There are companies that have decided to go with IIS. I am pretty sure you’ve noticed so far that I’m crazy. I have everything on my home network, and my network is like a bank’s network for a bank. And, yes, my network contains a web server. And here is my website. Yeah, you’re not impressed? Well, I am, because IIS is working and I can see my website. That’s my website when I go to the server; I’ll show you where it’s located. First of all, here is how you manage your IIS. There is a manager—a dedicated manager. You can set everything up from here. If you want to upload some files, of course you can customize the path you take on the WW route. And I believe this is the IIS start. Let’s open it to double check. It’s the same website. I’m pretty sure that’s the one that you saw. Of course, I’m opening it locally now. It is a good idea to check and make sure that you’re accessing the correct file at the moment. Here we go. That’s why I made that mistake. It is done on purpose because I put some files in a different location. It allows me to identify a file that I want. So it’s not me being lazy this time. I encourage you to enable IIS.

When you put your own server together using VMware or a virtual PC, just go for it and play with it. See, put up a website. If there is a chance that you’ll design websites, go for more advanced solutions like SQL, PHP, or whatever you want. Just play with it. You will find a lot of job ads asking for IIS specialists. You can imagine that if you find a company and they host like 20 websites and everything is managed using IIS, they need a dedicated engineer to look after the IIS infrastructure. Not sure if you noticed when I opened the website here, but it is in red. Do you know why? Well, here is a reason for that: You can click, and it says “Certificate is invalid.” What does it mean? Well, it means that the certificate is not trusted. What does it mean? It means that this certificate was issued by a company—a place that my Internet Explorer does not trust. There are some well-known companies and places that we trust. We call it the certificate authority, and we trust places like that. We assume that, well, if they issue a certificate, it’s okay, and I will trust it. In my case, I issued my own certificate. I made my own certificate, and of course, Internal Explorer is asking me what it is right now. I don’t know who the WS 2008 one is. I don’t trust you; go away. Does this mean that none of my traffic will be encrypted? No, it will be noted that that certificate was identified as invalid by https://internetexplorer.com. That’s it. It does not mean that I will not have a secure connection between these two places.

Of course, you have to know and accept that, which is why when you see an error like that, people say, “Oh, just don’t accept it,” because yes, someone could be pretending to be Google, Microsoft.com, or your bank. So you should never accept anything like that. When you access your bank account or Amazon or anything like that, you should never do that because, in most cases, it is a Trojan, a virus on your PC, and you can lose a lot of money. If you’re interested, here is a list of certificate authorities. You go to Internet Explorer, and you go to content and certificates. Here is a list. You can scroll through all the options that are available here, from “untrusted” to “trusted.” And the idea is that, well, let’s say that Microsoft issues a certificate. It makes sense to trust it. Because we trust Microsoft, we hope that they are going to issue a certificate that is valid and that they are going to do some background checks to make sure everything is okay. Now we have to talk about SSL and certificates to summarise this lecture. SSL is the magic behind everything that you can see on the internet today, and it makes our communication secure. It is a protocol designed to give us communication security over the Internet. That is a standard that we use. Of course we have SSL certificates; that’s pretty obvious. And that’s what I want to mention: when we talk about certificates, public key infrastructure, and SSL, there is this idea of public and private keys, and here I want to spend like two minutes talking about that. I doubt you will see that on your exam. Still, it is a really important concept, and it makes sense to understand that. The concept is that you have two keys, one public and one private. A public key is something that anyone can obtain. A private key is something that you keep and do not allow anyone else to see that.Now, the magic is that when you encrypt something—let’s say you have a message—you are going to encrypt that message using your public key. The only way to decrypt that message is to use the private key. Why is it important? It is really important because it means that I can ask someone. I can email you my public key, ask you to encrypt that message, and then email it to me again. I do not expect anything like that on your MTA exam. Still, it is a very good idea to understand that, because we talk about certificates, encryption, and SSL, it makes sense to COVID these two topics. Okay, we are done with web services. We are going to talk about files and printers in our next lecture. Thank you very much.

  1. Print and File Services

Print and file services It’s almost impossible to find a company without a printer today. It’s everywhere. And it is going to be your job to manage a printer. Set it up. Configure troubleshoot share a printer. Make sure that you know how it works. If someone sends a file or something goes wrong, you will have to know how to fix it. You can see a few basic terms on the screen. I want to show you how it works and how you can share a printer. Some advantages and disadvantages You should remember that we have two main types of printers. It can be a local printer or a network printer. Let’s start with a local printer. Okay, a local printer. It means it is connected to a server. It is connected to a PC or a laptop. It is a local printer. a network printer. It means that, well, it is available on the network.

A lot of printers have a wireless option or even a wired option. It means that you can connect a printer like that to the network directly. It means you take a cable and connect it directly to a switch directly. Then you assign an IP address to that printer. Assume it’s 192168 112. Okay? And there is no space here. Yeah, you know what I mean? Twelve. And then what you do is you use this IP address and you access—here we go. You access that printer using an IP address. Of course, you can create a host name as well. The idea is that it’s very easy to manage a network printer. You can access it using an IP address. Of course, you can share a local printer as well. It’s not a big issue. However, most companies will go for a network printer. That is, it is a printer that, in most cases, can be assigned an IP address and managed via a web browser. Here we go. I am connected to my Samsung printer. Please note. I used an IP address to access it, and I can see a nice dashboard. It produces a nice output. I can see the name of the IP address, and if there are any issues, I can see them straight away. I can click and see what’s going on. Okay. Yeah, I have to add paper. You can see that on the screen. Of course, you can manage your print jobs, check all settings, and manage everything from this website.

When you log in, you will see a lot of settings. It means that you can change things and be careful. You can break things as well. Here is one of the ways you can create a RAM disk. That’s what was missing on the previous screen. What else? You can safely change the language tone. Yeah, it’s on. You can change the quality. All settings, including network settings, Be very careful with that screen because this is an IP address that I am using at the moment. Be very careful when you change it. Fortunately, most printers allow you to change things like that using an LCD screen. However, with a few printers, it was not possible, and you had to connect a laptop to a special port on a printer and manage it that way. Be very careful when you change network settings on a printer that is connected to your network. It is critical to understand the distinction between Share and NTFS permissions. We can share a folder, a file, and we can use Share permissions. Then we apply NTFS permissions. In most cases, because this is Windows Server training, our focus will be, of course, on Windows Server 2008 and 2012. Again, the easiest way to show it to you We’ll connect to a server, and we’ll try to share a folder and apply some NTFS permissions as well. Let me open a server. Here we go. We go to the C drive, and let’s create a new folder.

Let’s call it a test. Now, when you right-click, we go to Properties, and in here you have a shared tab sharing.I recommend you go for advanced sharing. It gives you more options and more flexibility. Then you share this folder. You select permissions. It’s sharing permissions. You have three options. read Change, full Control read means well-read access only; changing its read or write requires full control. You should not give that to end users, really, because it allows them to change permissions as well. Now we go to security. That is what NTFS permissions are. We click on Edit, and in here we can see that all users in our company have read and executed. They can list folders; they can read well; they cannot write. Okay, so maybe you want these two things to be allowed. Or maybe you want to add a group or a user. I know there is a user, Mike. So perhaps you should grant Mike modify and write permissions. It means that Mike will be allowed to download a file, upload a file, and modify a file in that folder. That’s what I wanted to do with COVID. In this lecture, we talked about printers and permissions. In the next lecture, we are going to talk about remote access. Thank you very much.

  1. Remote Access Options

Remote access. What is a VPN? a virtual private network. You can see a really nice picture on your screen. Now, there are two types of VPNs. The one that you can see on your screen at the moment is called a site-to-site VPN. That is, we have two sites, two locations. And then what we want to do is send some files from, let’s say, point A to point B. Now, the problem is that that’s the Internet. We do not trust anything that is over there. There are a lot of bad guys looking for our files and bank account details and things like that. What you want to do is secure everything. And VPN—virtual private networks—is a great solution.

You can create a tunnel, and then everything inside is encrypted. It means that someone can capture the message that you’re sending. At the moment, that’s fine. However, it is encrypted. It means that, well, he will not understand anything that is inside. Again, it is a site-to-site VPN. The second type of VPN connection is called a remote VPN connection. It means that you can use that if you work from home. Let’s say you are over here and you want to download a file that is on the server. You can use a VPN instead. You can use that as a verb. You can VPN into the network and then create a secure tunnel that’s a remote connection. Thanks to that, you can download and upload work from home. If you want to connect to a server in your local area network, What does it mean? Imagine that you are over here, at your desk, and you want to manage a server that is in your communications room. You don’t want to go there. It’s cold, and you don’t want to go there. Support engineers, You guys are lazy, and we don’t want to go there. There is a server, and you want to manage it. You want to add a user, you want to make a backup, whatever. It makes no sense to go there. What you can do is use RDP (Remote Desktop Protocol), or to be more specific, Remote Desktop Connection, to connect to a server and remotely manage it. It’s a really good protocol.

It’s really fast and reliable. However, it’s not recommended. You should not use that across the Internet. VPN is a better option. You should not allow RDP to connect directly. There is one more tool I don’t like it.Not a lot of companies use that. It’s based on RDP. However, it allows your users to view the screen. Because the problem with RDP is that when you connect to a server, you will see the message “Sorry guys, somebody else is using my server.” at the moment. You cannot see anything on the screen. That’s not good. If you want to, for instance, sort out an issue for a user, Windows RemoteAssistance is not a popular tool. There are some other applications that are more popular, and we’re going to talk about them now. The most popular applications, in my opinion, are VNCadmin and Team Viewer. They allow you to manage a PC remotely. However, a user can see what’s going on on a screen. That’s a good thing. Team Viewer is great. It’s a really nice application because it can work through a firewall or a router. That’s a good thing. Let’s see RDP in action. That’s a remote desktop connection. You go to Start and type “Remote Desktop Connection.” You can also type mstsc. That’s an application that is behind the remote desktop connection. You can type it or just type InstallDesktop, and you will see that screen here.

You type an IP address or a name, and you click Connect. Then, of course, you’ll be asked for a username and password. If you specify the correct one, you’ll be connected. Let’s do that. No, I will not give you my password. Sorry. And that is a way to introduce our next lesson. Oh, that’s a good example. Sometimes you will not be able to connect because you don’t have licences to provide remote access to. Sort it out: on your server, you can access the admin session, the core session, and the root session. You do that by typing “Mstscadmin.” Okay. The screen is exactly the same. However, there is a switch. Just again. It’s Mstscadmin. Okay. That’s how you do it. and you can access the console. So it’s like being at this location now. It should be okay. Yep, here we go. And as I said, it’s a great way to tell you about our next lecture. Yes. We’re going to talk about HyperV.

  1. Server Virtualization

Virtual PCs, virtual machines Let’s talk about server virtualization, something that has become so popular in the last couple of years. It’s everywhere. You can see VM or HyperV everywhere. It’s really difficult to find a server or a company without a solution like that. The Microsoft application and solution for that are called HyperV. I will show it to you in a moment. There are also VMware applications, which are applications made by or created by VMware. And, of course, every time I see that question, I think to myself, okay, which one is better? And I took that from the Microsoft website, and you can see that HyperV wins in every single category. However, if you go to VMware, as I did, you can find a very similar table.

Of course, some terms and lines change. However, VMware wins in every single place. So it all depends. There are places where VMware is superior, and places where HyperV is adequate; they compete in some ways. However, Microsoft, I think, stopped doing it because there is a place for both solutions, in my opinion. So what is HyperV? Well, HyperV is a solution for Microsoft is a hypervisor.That’s a role that you can add, and it allows you to create virtual machines. It means you can have multiple operating systems. You can have, let’s say, Windows Server 2008, and inside you can run another Windows Server 2008, or you can run Linux, Nas, or whatever you want. I’ll show it to you. This is HyperV enabled on my server, and I have a few virtual machines running. I’ve got one Windows Server 2008, one Windows Server 2012, and the Nagius Server, which is a monitoring tool that allows me to monitor and check my network and services.

The great thing about a solution like that is that it doesn’t matter. It’s hypervolemic; it doesn’t matter. There are, in my opinion, two main advantages. First of all, it’s just one server, okay? It’s one big box. Of course, you have redundant power supplies and things like that. There are a lot of things that make it reliable. However, it’s just one box. You don’t have 25 boxes. Second of all, it’s so easy to make a backup and recover. I recall a few years ago, at one company, they had a small business running on Server 2003, and something happened to it, I believe a hard drive failed or something; I’m not sure. However, they asked us to recover it, and we spent a few days on site doing it. Because you had to replace this hard drive first, then you had to put SBF 2003 on it, recover it, and test it. And it didn’t want to work because of this or that, whatever. Please take note that I have snapshots here, and with a single click, I can do what I want: I can say apply, and I can return without any problems. Because it’s a virtual machine, it means it’s a file. I can literally copy that file, take it on a USB stick, and open it in five years on a different PC, and it’s going to work. It’s awesome. Today we think, “Well, it’s really obvious you can do that.” When you think back, it’s not like you’re going to save, I don’t know, 2 hours. If you want to recover, you can save up to two weeks. And imagine how easy it is to test a new feature. Let’s say you want to enable IIS, okay? We talked about web services. This is a big step. A lot of things can go wrong. It’s a role on a server. You take a snapshot, and you test it. If it blows up, you say, “Okay, whoops, sorry.” You go back and apply, but nothing happens. Awesome. Let me say it again. It is really important to understand what’s inside. Of course. Let’s say you’re studying for your MTA exam at the moment. Microsoft will not ask you to create a new virtual machine in HyperV. Manage it; make a backup.

No, that is something they will ask you when you move on to more advanced certificates. However, I recommend you do that. It is so important. It is so popular, and it does matter. Play with HyperV. Play with VMware. It doesn’t matter. If you master one solution, it will be pretty easy for you to move to, let’s say, VMware or another solution. It’s not a big problem. You can do that. MTA, on the other hand, only does the basics. However, in my opinion, it’s not enough. It is really easy for you to play with it. You can download VMware, for instance, for free. You can even put that inside a virtual PC or VMware. Or you can have a dedicated server. It doesn’t matter. Play with it. Put Windows 7 on it. Windows Eight. See how it works. Okay? What if I want to move it? What if I wanted to make a backup? What would happen if I did this? Or that? Play with it. It’s really important to know a little more than the MTA asks for. Thank you very much.