Server 2016 Links

This page by David Papkin has links about Microsoft Server 2016

What’s new in Active Directory Domain Services for Windows Server 2016

Authenticating identities without passwords through Windows Hello for Business

TPM not available in Virtual machine in Server 2012

Enable Virtual TPM in Hyper-V gives you the ability to test bitlocker in a VM

http://deploymentresearch.com/Research/Post/490/Enabling-Virtual-Secure-Mode-VSM-in-Windows-10-Enterprise-Build-10130

http://www.infoworld.com/article/2998942/windows-server/the-best-new-features-in-windows-server-2016-so-far.html

In editions of Windows Server previous to Windows Server 2016 Technical Preview, it is not possible to configure RDMA on network adapters that are bound to a NIC Team or to a Hyper-V Virtual Switch.

Remote Direct Memory Access (RDMA) and Switch Embedded Teaming (SET)

http://www.aidanfinn.com/?p=18813

Deploy Nano

Failover cluster server 2016

Windows Server 2016 version 1709 Wiki

Windows Server , version 1709

Windows Server, version 1803

Where Are The License Keys For Server 2016 Virtual Machines AVMA?

Creating nested Hyper-V virtual machines

Containers

Cannot verify the file SHA256. Deleting the file.”) #919

NFS

Configure NFS Client (Server 2012/2016)

How To Mount An NFS Share In Windows Server 2016

VHD Sets for clustering

Create Hyper-V VHD Set files

https://blog.workinghardinit.work/2016/01/05/first-look-shared-virtual-disks-windows-server-2016/

https://www.petri.com/deploying-vhd-sets-windows-server-2016-hyper-v

Security

Protect derived domain credentials with Windows Defender Credential Guard

Secure MOR implementation

Securing Privileged Access

Other

20741B-ENU-companion

Q & A

Q

What  different methods to configure IP addresses for a branch office?

Static or DHCP

Q

What are some IPv6 best practices when implementing IPv6 in your organization?

  • Do not disable IPv6 on current Windows Server and Client OS
  • Enable both IPv4 and IPv6 in your company
  • Use unique local IPv6 addresses internally
  • for  IPv6 connectivity on a IPv4 Internet, use Teredo.

Q

Why use IPAM if you are not centrally managing your IP addresses in your organization?

A Centralized monitoring of the IP addressing

 

Q

What  elements are used to determine a branch office network design ?

  • Security. Hosting services in a branch office can introduce potential security risks.
  • Availability and reliability. The quality of a WAN link from the branch office to the head office or datacenter is usually the most significant factor that can affect availability and reliability.
  • Performance and capacity. The key determiner for the location of a service or application might be performance and capacity requirements.
  • Legal and regulatory requirements. Depending on the geographic and industry affiliations of your organization, legal restrictions or requirements for compliance with regulations can affect the location of services.
  • IT organization. The IT resources to manage onsite infrastructure at head offices and branch offices are often different.
  • Business considerations. The ownership structure of an organization can affects service placement.
  • Cost. Centralizing server infrastructure typically results in greater cost savings.

 

Q

What are some Hyper-V networking best practices?

A

  • Deploy multiple network adapters to a Hyper-V physical host, and then configure those adapters as part of a team.
  • Use bandwidth management to allocate a minimum and a maximum bandwidth allocation on a per-virtual network adapter basis.
  • Provision a Hyper-V physical host with an adapter that supports VMQ. VMQ uses hardware packet filtering to deliver network traffic directly to a virtual machine. This helps to improve performance because the packet does not need to be copied from the physical host operating system to the virtual machine. When you do not configure virtual machines to support VMQ, the physical host operating system can become a bottleneck when it processes large amounts of network traffic.

 

 

Q

Why use SDN with Windows Server 2016?

A

  • Flexible. You can move traffic from your on-premises infrastructure to your private or public cloud infrastructure.
  • Efficient. You can abstract the hardware components of your network infrastructure with software components.
  • Scalable. Your on-premises infrastructure has a finite capacity. Your cloud-based infrastructure has far broader limits, enabling you to scale up your infrastructure when necessary.

Identity

Q

Why might an organization deploy an additional AD DS Tree in an existing AD DS Forest?

A

If you needed a different (discontiguous) DNS name space in the same forest.

Q

Which service should be used if an organization wants AD in the Azure cloud?

A

IaaS VM (virtual machine) can have a full AD DS deployment . AAD would be used for Identity Management only for web based authentication needs.

Q

Why associate subnets with Site objects in AD DS Sites?

A

This way DC can be associated with locations  so that clients can authenticate to the DC closest to them. Also to locate services closest to them.

Q

What is the difference between GPO links vs security group filtering  to control a GPO scope?

A

GPO links are inflexible, security group filtering can be used many places and controlled through group membership easily.

Q

What is a disadvantage of using Account-lockout settings for your OWA(Outlook Web Access) users ?

A

Hackers can use an incorrect password as a DOS attack