Tips and Tricks Guide To tm - ?· Tips and Tricks Guide To tm Windows Administration. The Tips and Tricks…

  • Published on
    15-Sep-2018

  • View
    212

  • Download
    0

Transcript

  • Don Jones andDan Sullivan

    Tips and TricksGuide To

    tm

    WindowsAdministration

    Tips and TricksGuide To

    tm

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    i

    IntroductiontoRealtimePublishersby Don Jones, Series Editor Forseveralyearsnow,Realtimehasproduceddozensanddozensofhighqualitybooksthatjusthappentobedeliveredinelectronicformatatnocosttoyou,thereader.Wevemadethisuniquepublishingmodelworkthroughthegeneroussupportandcooperationofoursponsors,whoagreetobeareachbooksproductionexpensesforthebenefitofourreaders.

    Althoughwevealwaysofferedourpublicationstoyouforfree,dontthinkforamomentthatqualityisanythinglessthanourtoppriority.Myjobistomakesurethatourbooksareasgoodasandinmostcasesbetterthananyprintedbookthatwouldcostyou$40ormore.Ourelectronicpublishingmodeloffersseveraladvantagesoverprintedbooks:Youreceivechaptersliterallyasfastasourauthorsproducethem(hencetherealtimeaspectofourmodel),andwecanupdatechapterstoreflectthelatestchangesintechnology.

    Iwanttopointoutthatourbooksarebynomeanspaidadvertisementsorwhitepapers.Wereanindependentpublishingcompany,andanimportantaspectofmyjobistomakesurethatourauthorsarefreetovoicetheirexpertiseandopinionswithoutreservationorrestriction.Wemaintaincompleteeditorialcontrolofourpublications,andImproudthatweveproducedsomanyqualitybooksoverthepastyears.

    Iwanttoextendaninvitationtovisitusathttp://nexus.realtimepublishers.com,especiallyifyouvereceivedthispublicationfromafriendorcolleague.Wehaveawidevarietyofadditionalbooksonarangeoftopics,andyouresuretofindsomethingthatsofinteresttoyouanditwontcostyouathing.WehopeyoullcontinuetocometoRealtimeforyour

    farintothefuture.educationalneeds

    enjoy.Untilthen,

    DonJones

    http://nexus.realtimepublishers.com/

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    ii

    Tip ,Trick,Technique1:SettingupaServerCoreDomainController..............................................1

    StartingtheInstallation....................................................................................................................................1

    BasicConfiguration.............................................................................................................................................1

    ActivatingWindows...........................................................................................................................................2

    CustomizetheServer.........................................................................................................................................2

    InstallingRoles.....................................................................................................................................................3

    Tip ,Trick,Technique2:ReadOnlyDomainControllers........................................................................4

    PasswordCaching...............................................................................................................................................5

    Caveats.....................................................................................................................................................................5

    FilteredAttributes...............................................................................................................................................6

    ReadOnlyDNS......................................................................................................................................................6

    Bonus:AdministrativeSeparation...............................................................................................................6

    ApplicationCompatibility................................................................................................................................7

    UltimateSecurity.................................................................................................................................................7

    EdgeCases..............................................................................................................................................................8

    RODCs:ProsandCons.......................................................................................................................................8

    Tip,Trick,Technique3:NoMoreCHKDSK...................................................................................................8

    Tip ,Trick,Technique4:InternetInformationServices7.......................................................................9

    AllNewConsole...................................................................................................................................................9

    ApplicationPools..............................................................................................................................................10

    WebPlatformInstaller...................................................................................................................................11

    FTP..........................................................................................................................................................................13

    URLRewriting....................................................................................................................................................14

    Tip ,Trick,Technique5:EvaluatingWindowsServerBackup...........................................................17

    InstallingWindowsServerBackup...........................................................................................................17

    UsingWindowsServerBackup..................................................................................................................18

    ProsandCons.....................................................................................................................................................20

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    iii

    Tip ,Trick,Technique6:UsingWindowsPowerShell............................................................................21

    WhatIsWindowsPowerShell?...................................................................................................................21

    EnablingWindowsPowerShell..................................................................................................................21

    WindowsPowerShellSecurityandProfiles..........................................................................................22

    UsingWindowsPowerShell:TheBasics.................................................................................................24

    AllAboutCommands,Aliases,andParameters...................................................................................26

    Tip ,Trick,Technique7:UnderstandingHyperV....................................................................................27

    HyperV,HypervisorWhatsitAllMean?...........................................................................................27

    HowDoesHyperVLicensingWork?.......................................................................................................28

    IsHyperVaBareMetalHypervisor?...................................................................................................28

    Tip,Trick,Technique8:RemoteServerManagerinR2.......................................................................30

    Tip,Trick,Technique9:LeveragingServerCoreinR2........................................................................30

    Tip,Trick,Technique10:DeletedADObjectRecoveryinR2............................................................33

    Tip,Trick,Technique11:ClassifyingFilesinR2.....................................................................................36

    Tip,Trick,Technique12:RemoteCommandLineAdministrationinR2.....................................41

    Tip,Trick,Technique13:ConfiguringServerCoreinWindowsServer2008R2.....................41

    Tip ,Trick,Technique14:WhatAreMicrosoftsManyVirtualizationOptions?.........................45

    HyperV.................................................................................................................................................................45

    AppV.....................................................................................................................................................................45

    VirtualPC.............................................................................................................................................................45

    DeskVorMEDV..............................................................................................................................................45

    RemoteDesktopServices..............................................................................................................................46

    ItsallV..............................................................................................................................................................46

    Tip,Trick,Technique15:TheNewWindowsLogFiles........................................................................46

    ...................50Tip,Trick,Technique16:GeographicallyDispersedClusterNodes............................

    Tip,Trick,Technique17:IdentifyingThreatsofDataLossinaWindowsServerEnvironment............................................................................................................................................................51

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    iv

    AccidentalDataLossDuetoHumanError............................................................................................53

    AccidentalDataLossDuetoApplicationError...................................................................................53

    IntentionalDataLossDuetoMalware....................................................................................................54

    IntentionalDataLossDuetoHumanActions......................................................................................55

    55DataLossDuetoNaturalDisaster............................................................................................................

    Tip,Trick,Technique18:UnderstandingtheBuildingBlocksofaRecoveryManagementStr ategy......................................................................................................................................................................57

    CreatingaDataClassificationScheme.....................................................................................................57

    Ide ntifyingCriticalServersandApplications.......................................................................................59

    CriticalServersHostCriticalApplications........................................................................................59

    CriticalServersSupportCriticalBusinessProcesses...................................................................60

    ImportantButNonCriticalServers.....................................................................................................60

    DeterminingRPOsandRTOs.......................................................................................................................61

    .......62CreatingaDisasterRecoveryPolicy..................................................................................................

    Tip,Trick,Technique19:UnderstandingSecurityIssueswithBackups,Archives,andDisasterRecovery..................................................................................................................................................64

    Tip ,Trick,Technique20:UnderstandingtheSourcesofGrowingVolumesofData...............65

    DataIntensiveApplications.........................................................................................................................65

    Cu stomerInteractionData...........................................................................................................................66

    BusinessIntelligenceandAnalytics....................................................................................................66

    GrowingImportanceofUnstructuredData..........................................................................................69

    .....69ComplianceandDataGeneration.........................................................................................................

    Tip,Trick,Technique21:UnderstandingSystemsAdministratorsResponsibilitiesforGr owingVolumesofData..................................................................................................................................70

    BackupandRecovery.....................................................................................................................................71

    Se curity.................................................................................................................................................................72

    ChallengestoMaintainingConfidentialityandIntegrity...........................................................72

    ChallengestoMaintainingAvailability...............................................................................................74

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    v

    Tip,Trick,Technique22:GettingControlofDataGrowthwithInformationLifeCycleMa nagement............................................................................................................................................................76

    Step1:ClassifyingData..................................................................................................................................77

    Step2:DeterminingAccessRequirementsforCategoriesofData.............................................77

    Step3:DefiningRecoveryRequirementsforData.............................................................................78

    Step4:DefiningExplicitPoliciesforDestroyingData......................................................................78

    Step5:ImplementingInformationLifeCyclePolicies.....................................................................78

    LimitsofInformationLifeCycleManagement.....................................................................................79

    Tip ,Trick,Technique23:BusinessDriversBehindtheNeedforHighAvailability.................79

    UserExpectationforContinuousAvailability......................................................................................79

    ApplicationDesignConsiderationsandHighAvailability..............................................................80

    Tip ,Trick,Technique24:UnderstandingtheKeyElementsofHighAvailability.....................82

    TheNeedforHardwareRedundancy......................................................................................................83

    TheNeedforOSRedundancy......................................................................................................................84

    SpecialIssueswithApplicationSoftwareRedundancy...................................................................84

    Tip ,Trick,Technique25:WindowsServerOptionsforHighAvailability....................................86

    UsingNLBtoEnsurePerformanceLevels.............................................................................................86

    ApplicationRedundancyinFailoverClusters......................................................................................87

    Tip ,Trick,Technique26:EnsuringHighAvailabilityforSQLServerDatabases......................89

    FailoverClusters...............................................................................................................................................89

    DatabaseMirroring..........................................................................................................................................91

    LogShipping.......................................................................................................................................................91

    Replication...........................................................................................................................................................91

    Tip ,Trick,Technique27:EnsuringHighAvailabilityforMicrosoftExchange...........................92

    HighAvailabilityinMicrosoftExchange2007.....................................................................................92

    HighAvailabilityinMicrosoftExchange2010.....................................................................................93

    DownloadAdditionalBooksfromRealtimeNexus!...............................................................................93

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    vi

    Copyright Statement 2010 Realtime Publishers. All rights reserved. This site contains materials that have been created, developed, or commissioned by, and published with the permission of, Realtime Publishers (the Materials) and this site and any such Materials are protected by international copyright and trademark laws.

    THE MATERIALS ARE PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. The Materials are subject to change without notice and do not represent a commitment on the part of Realtime Publishers or its web site sponsors. In no event shall Realtime Publishers or its web site sponsors be held liable for technical or editorial errors or omissions contained in the Materials, including without limitation, for any direct, indirect, incidental, special, exemplary or consequential damages whatsoever resulting from the use of any information contained in the Materials.

    The Materials (including but not limited to the text, images, audio, and/or video) may not be copied, reproduced, republished, uploaded, posted, transmitted, or distributed in any way, in whole or in part, except that one copy may be downloaded for your personal, non-commercial use on a single computer. In connection with such use, you may not modify or obscure any copyright or other proprietary notice.

    The Materials may contain trademarks, services marks and logos that are the property of third parties. You are not permitted to use these trademarks, services marks or logos without prior written consent of such third parties.

    Realtime Publishers and the Realtime Publishers logo are registered in the US Patent & Trademark Office. All other product or service names are the property of their respective owners.

    If you have any questions about these terms, or if you would like information about licensing materials from Realtime Publishers, please contact us via e-mail at info@realtimepublishers.com.

    mailto:info@realtimepublishers.com

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    1

    [EditorsNote:ThisbookwasdownloadedfromRealtimeNexusTheDigitalLibraryforITProfessionals.AllleadingtechnologybooksfromRealtimePublisherscanbefoundatttp://nexus.realtimepublishers.comh .]

    Tip,Trick,Technique1:SettingupaServerCoreDomainControllerWindowsServer2008sServerCoreinstallationisagreatoptionfordomaincontrollers:Theoperatingsystem(OS)hasasmallerfootprintandhassofarrequiredsignificantlyfewerpatchesthanthefullWindowsinstallation,makingitpossibletohavelessdowntimeandmaintenanceforyourcriticaldomaincontrollers.Inthistip,wellinstallaServerCoredomaincontrollerfromscratch.

    StartingtheInstallationTheinstallationbegins,ironically,withthelightweightGUIinstallerthatsfamiliartoalleditionsofWin2008andtoWindowsVista.SelectoneoftheServerCoreoptions.

    NoteNotethatthisisaonetimedecision:YoucantlaterupgradetothefullWindowsinstallationnorcanyoudowngradeafullinstalltoServerCore.

    Thatsabouttheonlydecisionyouhaveduringinstallation.Whenitsfinished,youllbelookingatalogonscreenandmightbewonderingwhattodo.SelecttheOtherUser,andloginasAdministrator.Useablankpassword;youllbeimmediatelypromptedtocreateanewpassword.

    Afterchangingthepassword,youllbeloggedinandstaringatyournew,trimmeddowndesktop.Thatsrightnotmuchtosee!ThisisServerCore,andithasonlyafewgraphicalelementsavailabletoit.Togetitupandrunning,youllneedtorunafewcommands.Manyofthesewillbecommandsyourefamiliarwithalready;othersarenewandareuniquetoServerCore.

    BasicConfigurationSincewerebuildingadomaincontroller,youllprobablywanttostartbyassigningastaticIPaddress.DosousingtheNetshcommand,asshown,togetalistofnetworkinterfaces.UsethenumberintheIdxcolumntorefertotheinterfaceinlatercommands.

    Netshinterfaceipv4showaddress

    http://nexus.realtimepublishers.com/

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    2

    Withyournetworkadapteridentified,assignastaticIPaddress,subnetmask,anddefaultgatewayusingtheNetshcommand.TheName=parameteriswhereyourchosenadaptersIDnumbergoes.

    Netshinterfaceipv4setaddressname=2source=staticaddress=10.0.1.57mask=255.255.255.0gateway=10.0.1.1

    UsethesametechniquetoassignaDNSserver.Toassignmorethanone,incrementtheindex=parameteryoucanseeherethatIveattemptedtoaddindex=1twice,andreceivedanerrormessage.Ipconfig/allwillconfirmthatyouveaddedthecorrectserveraddress.

    Netshinterfaceipv4adddnsservername=2address=10.0.1.1index=1

    ActivatingWindowsServerCorestillrequiresactivation,whichisatwostepprocessthatusestheSlmgrcommand.First,installaproductkey.ThenactivateWindows.NotethatServerCoreiscompatiblewithenterprisekeyserversifyourorganizationusesoneofthose.RunSlmgrwithoutanyparameterstogetapopupdialogboxofotherthingsitcando;notethatthedialogoftenappearsbehindthecommandlinewindowandtheresnoTaskBartoclueyouin.Ifthecommandsoutputdoesntshowupquickly,trymovingtheCmd.exewindowoutoftheway.Dontcloseitifyoudo,pressCtrl+Alt+DeletetogettoTaskmanager,andusetheNewTaskmenuoptiontorunanewinstanceofCmd.exe.

    Slmgripkyourproductkeyhere

    Afterinstallingthekey,activateit.Thiscantakesometimewaitforthedialogboxindicatingsuccessorfailure,anddontforgetthatitmightappearbehindtheCmd.exewindow.

    Slmgrato

    CustomizetheServerYoullprobablywanttocustomizethecomputernameatthispoint.Usethehostnamecommandtofindthecurrentcomputername,andthentheNetdomcommandtochangeittoanewone.

    Netdomrenamecomputeroldname/newname:newname

    Arebootwillberequiredafterwards,sousetheShutdown/rcommandtoreboot.

    Shutdown/r

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    3

    InstallingRolesIgenerallyliketoinstalltheDNSServerrolemyselfsothatIcancustomizeit.Afterinstalling,youllneedtousetheDNSadministrationconsoleonanothercomputer(suchasyourworkstation)toconnecttotheServerCorecomputerandconfigureDNS.ServerCoredoesntrunanygraphicaladmintools.YoucouldalsousetheDnscmdcommandtoconfigureDNS,ifyourecomfortablewithit.Toinstalltherole,usetheOcsetupcommand;IprefertogetthisgoingbyusingtheStart/wcommand,whichsuspendsthecommandpromptuntilOcsetupfinishes.Ifyoudontdoso,thecommandpromptimmediatelyreturnswhiletheinstallationcompletesinthebackground,andyouwontknowwhenitsdone.

    Start/wocsetupDNSServerCoreRole

    Next,youllneedtocreateanunattendedinstallationfileforDcpromobecauseitsgraphicalwizardisntavailableinServerCore.http://www.petri.co.il/creatingunattendinstallationfiledcpromowindowsserver2008.htmisanexcellentreferenceforWin2008unattendedDcpromofilesnotethattheWin2008syntaxisabitdifferentandnewerfromtheWin2003one.ServerCoredoeshaveNotepad,soyoucanuseittocreateyourunattendedfileifneeded.ServerCoresNotepadusesanoldersetoffiledialogboxes;paycloseattentiontotheseWin95vintagedialogboxesbecausetheyworkdifferentlyfromtheneweronesyoureusedto.

    TheunattendfiletellsDcpromoifyourecreatinganewdomain,anewdomaincontrollerinanexistingdomain,awholenewforest,orwhatever.Readthroughtheoptionscarefully!YoucanalsouseDcpromoonanexistingfullWindowsinstallation(althoughnotonanexistingdomaincontroller)tocreateanunattendfile;justrunthroughtheDcpromowizardand,beforeyoucommittoinstallingAD,saveyourconfigurationinafile.ThatfilecanthenbecarriedtoServerCore(onaUSBkey,forexample)andusedwithDcpromothere.

    http://www.petri.co.il/creating-unattend-installation-file-dcpromo-windows-server-2008.htmhttp://www.petri.co.il/creating-unattend-installation-file-dcpromo-windows-server-2008.htm

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    4

    [unattended]unattendmode=fullunattended[DCINSTALL]UserName=AdministratorPassword=P@ssw0rdUserDomain=company.proDatabasePath=%systemroot%\ntdsLogPath=%systemroot%\ntdsSYSVOLPath=%systemroot%\SYSVOLSafeModeAdminPassword=P@ssw0rdCriticalReplicationOnly=noInstallDNS=yesDomainNetBIOSName=COMPANYNewDomain=ForestNewDomainDNSName=company.proRebookOnSuccess=YesSiteName=DefaultFirstSiteNameReplicaOrNewDomain=domainForestLevel=3DomainLevel=3

    Withyourunattendedfileready,runDcpromo/unattend:filenametostarttheADinstallationprocess.Youllseeplentyofoutputtellingyouwhatshappening.

    Dcpromo/unattend:filename

    Ofcourse,arebootisinorderafterwards,andDcpromowillhandlethatautomatically.Oncetheserverrestarts,youcanuseActiveDirectoryUsers&Computersagain,fromanothercomputertobeginmanagingyourdomain.

    Tip,Trick,Technique2:ReadOnlyDomainControllersReadOnlyDomainControllers(RODCs)areanewfeatureinWindowsServer2008designedspecificallyforbranchofficeswherethedomaincontrollermightnotbeasphysicallysecureasyouwouldlike.Ariskwithlesssecurecomputersisthatthecomputeroritssystemharddrivemightbestolen,givinganattackertheopportunitytobreaktheencryptionontheActiveDirectorydatabaseandthenrunadictionaryattackagainststoredpasswords,potentiallycompromisingeverypasswordinyourdomain.Thisisntfarfetched;whilebreakingthedatabaseencryptionwouldbetimeconsuming,adictionaryattackthatusedapregeneratedrainbowtable(whicharereadilyavailable)canbegincrackingpasswordsinjustminutes.TheideawithanRODCisthatitdoesntstoreanypasswords,sostealingit(ortheharddrive)reallylimitstheamountofusefulinformationanattackercangetholdof.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    5

    PasswordCachingAdownsidetoanRODCisthattheydontstorepasswordsmeaningtheprimaryfunctionofadomaincontroller,authentication,cantbeperformed.Actually,RODCscanperformauthentication.Whattheydoiscontactawritabledomaincontroller,whichhaspasswordsstored,tohandletheauthentication;theRODCcanthencachethepasswordinformationlocally.Thisallowsauthenticationtooccurwhenawritabledomaincontrollerisntavailableprovidedtheuserthatthepasswordinformationwasretrievedforwascachedintheadvance.IftheRODCisstolen,anycachedpasswordsrepresentpotentialsecurityvulnerabilities,butonlythosepasswordsneedtobechanged,nottheentiredomain.Simplyforceapasswordchangeoneveryoneinthatoffice,andyourefine.Youcanspecify,inadvance,whichaccountsanRODCwillcache.Anyotheraccountswillonlyauthenticateifawritabledomaincontrollerisavailableatthetime.

    Youcanprepopulatethepasswordcache:WhenaddingcacheallowedaccountstotheRODCsPasswordReplicationPolicy,clickPrepopulatePasswordstomakethishappen.Thisensuresthatallcacheablepasswordsarecachedimmediately,withoutwaitingforeachofthoseuserstologon.

    CaveatsThepresenceofanRODCdoesntnegatetheneedforawritabledomaincontroller.Anychangesmadetothedomain,includinguserpasswordchanges,needtocontactawritabledomaincontroller;Windowsclientshandlethisautomatically,butyoudoneedtoensurethatbranchofficeconnectivityissufficienttohandlethesecontacts.AbranchofficethathappenstohaveanactivedomainadministratormightnotofferacceptableperformancebecausetheadministratorwouldessentiallybeworkingovertheWANtoadministerthedomain.Joiningacomputertothedomainalsorequirescontactingawritabledomain

    inistracontroller,andGroupPolicyadm tionrequiresawritabledomaincontroller.

    OneconcernwithRODCsisthatcertaininformation,inadditiontopasswords,isstoredlocally,includingaccountlockoutstatus.WhenanRODClocksanaccount,thatlockoutisforwardedtoawritabledomaincontrollerbutnotreplicatedintheADsenseoftheterm.IfthelockoutoccurswhiletheWANlinkisdown,however,nowritabledomaincontrollerwillreceivethelockoutnotice.TheADmanagementtoolswillnotshowthelockout,buttheaccountwillbelockedonouttheRODCalthougheventheRODCsmanagementtoolswillnotshowthelockoutbecauseitisntofficiallyinthedomaindatabase,yet.ADSIEditdoesshowthelockoutontheRODC,inthelockoutTimeattribute(whichisnttheattributetheADmanagementtoolslookattoseewhetheranaccountislocked).NormalaccountunlockingmethodswontworkbecausetheyrelyonawritabledomaincontrollerandtheRODCisntone.ThemainwaytounlocktheaccountistorestoreWANconnectivity,allowingtheusertoauthenticatenormally.Unfortunately,restoringtheWANlinkwillalsoimmediatelyunlocktheaccountbecausethewritabledomaincontrollersinyourdomainwilloverwritetheRODCslockoutstatusalmostimmediately.Thus,iftheaccountwaslockedforagoodreasonsuchasanattemptedattacktheaccountwillnowbefreeforanothertry,andyoumightnotevenknowthatithadbeenlockedontheRODCatall,ifnousercomplainedaboutit.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    6

    FilteredAttributesSomethirdpartyapplicationsthatstoredatainADmaystoresensitiveinformationthatyoudontwantreplicatedtoRODCs.Inthesecases,youcanconfigureasetofattributesintheschemathatwillnotreplicatetoanRODCthisiscalledtheRODCfilteredattributeset.EvenifanattackermodifiesanRODCandattemptstorequestreplicationoftheseattributes,thedomainwilldenytherequest.However,beawarethatdomaincontrollersrunningolderversionsofWindowswillhonorarequestfortheseattributesbecausethoseolderdomaincontrollersdontrecognizethefilteredattributeset.ThefilteredattributesetisconfiguredonthedomainsSchemaMaster,whichmustberunningWindowsServer2008inorderfortheattributesettobeproperlystored.

    ReadOnlyDNSRODCscanalsohosttheWindowsDNSServerservice,andtheRODCwillbeabletoreplicateallapplicationdirectorypartitionsthatDNSuses.ClientscanquerytheDNSserverastheywouldanyotherfornameresolution.However,theDNSservicewillbereadonlyandwillbeunabletoacceptupdatesofanykind.

    Typically,clientsusetheDNSserverintheirsiteastheirpreferredDNSserver,andsendupdatesincludingupdatesforA,AAAA,SRV,andotherrecordtypes.AnRODChasnomeansofacceptingtheseupdates,however,andwhenqueriedforanSOArecord,theRODCwillreturnthenameofawritabledomaincontrollerrunningtheDNSserviceratherthanthatoftheRODC.ThisishowasecondaryDNSserverhandlesupdatesforzonesthatarenotADintegratedzones,anditsawellestablishedDNSstandardoperation.

    TheRODCdoeshaveabitofsmarts:WhenitrefersaclienttoawritableDNSserver,itwaitsforabitandthentriestoqueryanyrecordsrelatedtothatclientfromtheDNSserver.ThatgivestheclientachancetocontactawritableDNSserver,submitupdates,andletstheRODCquicklypullthoseupdatesdownsothatitslocal,readonlyDNSdatabaseisuptodate.ThisworksonlyifatleastoneofyourDNSserversisonaWindowsServer2008computer,andifthatcomputerhasregisteredanNSrecordforitselfintheDNSdatabase.

    Bonus:AdministrativeSeparationRODCsallowyoutodelegatelocaladministrativeauthoritysuchastheabilitytorunbackupandrestoreoperationswithoutdelegatinganydomainauthority.ThisallowsbranchofficepersonneltoperformbasicadministrativetasksontheRODCcomputerwithouthavinganybroaderpermissionwithinADitself.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    7

    ApplicationCompatibilityGenerallyspeaking,RODCsarecompatiblewithanyADenabledapplication.However,writeintensiveapplicationsdontdowellwhentheyrecolocatedwithonlyRODCsbecausewriterequestshavetobereferredtoawritabledomaincontroller,whichmightundersomecircumstances(suchasinterruptedWANconnectivity)beunavailable.Thewritereferralispotentiallythemostdifficultoperation;whileapplicationsthatusestandarddirectoryprogramminginterfacesshouldhavenoproblem,noteveryapplicationisbuiltusingthesestandardinterfaces.OnlytestingwilldeterminewhetherallyourapplicationswillbeRODCcompatible,andiftheyrenot,thedeveloperwillneedtomakecorrections.ApplicationsbuiltusingMicrosoftsActiveDirectoryServicesInterface(ADSI)willautomaticallyhandlewritereferrals;developersoftenpreferthehigherperformanceLDAP,however,whichcarriesreferralsbutdoesnotautomaticallychasethemasADSIdoes.

    MostMicrosoftapplicationsworkfineagainstanRODC,althoughthefollowingonesrequirespecialstepsifactuallyinstalledonanRODC(seehttp:// y/cc732790.aspxtechnet.microsoft.com/enus/librar fordetails):

    cationsServerOfficeLiveCommuni

    es OfficeOutlook

    rvic 05

    SharePointSeSQLServer20

    DHCPServer

    ProbablythebigchallengeisExchangeServer,whichdoesnotuseRODCs.Outlookclients,however,canuseanRODCforreadonlyGlobalCatalogaddressbooklookups.

    Generally,specialstepsmeanscreatingappropriateserviceaccountsonawritabledomaincontrollerandthenensuringtheyreplicatetotheRODCbeforebeginningthesoftwareinstallation.

    UltimateSecurityThebestsecurityisachievedwhenRODCsarecombinedwithtwootherWindowsServer2008features:BitLockerandahardwareTrustedPlatformModule(TPM).Thelattertechnologiesprovidevolumewideencryptionforthesystemdrive,providingyetanotherlayeranattackermustworkthroughinordertoaccessdata.TheTPMhelpsbycheckingthehardwareconfigurationagainstwhatsstoredinitssecurememorytoensurethatnothinghasbeentamperedwithbeforeallowingthehosttoboothelpingtopreventunauthorizedhardwaremodificationsthatmightbeusedtosubvertorcompromisetheOS.Combined,thesethreefeaturesdontmakeitimpossibletohackadomaincontroller,buttheymakeitprettyimpracticalandultimatelyunrewarding.

    http://technet.microsoft.com/en-us/library/cc732790.aspx

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    8

    EdgeCasesAsidefromsecurityandlogonperformanceatbranchoffices,RODCsofferbenefitsinacoupleofoddscenarios.Oneisalineofbusinessapplication,whichwillonlyworkifphysicallyinstalledonadomaincontrollerapoorpractice,tobesure,butonewhichsomeadministratorsface.AnRODCwillworkwithmanyoftheseapplications(subjecttothecaveatsmentionedearlier),providingasortofspecialpurposedomaincontrollerjustforthatapplication.RODCsalsoprovidebettersecurityinsomeextranetscenarios,whereyouneedtoexposeauthenticationcapabilitiesbutdontnecessarilywantpasswordstobecompromised.

    RODCs:ProsandConsecure

    ectivity Bettersecurityfordomaincontrollersthatmightnotbephysicallys

    ithlimitedWANconn oundaccountlockouts

    BetterlogonperformanceforbranchofficeswPotentialusersupportandsecurityissuesar

    Potentialapplicationcompatibilityconcerns

    Tip,Trick,Technique3:NoMoreCHKDSKInthepast,acorruptedfileorsegmentofdiskstoragecouldtypicallyonlyberepairedbytakingtheentireserverofflineandrunningonofflineCHKDSK.Nomore:UnderWin2008,anewservicedetectscorruptedfilesautomaticallyandspawnsathreadthatattemptstofixthem.Theaffectedfilesremainoffline,meaningapplicationsincludingtheServerservicethatprovidesfilesharingcantaccessthefilebuteverythingelseondiskremainsaccessibleandtheserveritselfremainsonline.AccesstothefileisrestoredautomaticallyifWindowsisabletorepairthecorruption;ifnot,thatareaofdiskismarkedofflimitssothatnootherprocessestrytowritefilesthere.

    Youdontevenneedtodoanythingtotakeadvantageofthisfeature,butyoudoneedtobeawarethatitshappening.Clientapplicationsmaydisplaymisleadingaccessdeniedmessages,forexample,whenafileisunderrepair.ItsnotapermissionsissuebutratherthefactthatWindowshastakenthefileoutofservicewhileattemptingtofixit.Yourfirsttroubleshootingstep,therefore,shouldbetoseewhetheryoucanaccessthefileasafullprivilegeadministratortoeliminatepermissionsasapossiblecauseoftheerror(keepinginmindthatwithUserAccountControlenabledonyourownworkstation,youwontappeartobearealadministratorunlessyouexplicitlylaunchExploreroranotherapplicationasAdministrator.)

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    9

    Tip,Trick,Technique4:InternetInformationServices7IIS7isprettymuchatotalrewriteofIIS.Itssuchadrasticchange,infact,thatWin2008continuestoshipwiththeoldIIS6managementtoolssothatyoucanmanageexistingIIS6installations!ManyofthecommonIISmanagementtaskshavechangedcompletely,allthewaydowntohowyouinstallandsetupFTPservices.

    AllNewConsoleAsbefore,IISmaintainsatoplevel,serverwidesetofconfigurationoptions,andWebsitescaninheritthese.YoucanalsoconfigurepersitesettingsoneachindividualWebsite.Whatsnewishowyoudoso:TheIISManagementconsolehasbeenvastlyextended,somakingeverythingaccessiblefromasinglePropertiesdialogboxwasnolongerpractical.Instead,theserverandeachsitepresentapageofconfigurationicons,anddoubleclickingoneopensapageforthatspecificitem.

    Figure1:IIS7Manager.

    Inmostcases,thelayoutoftheseitemspecificpagesisnew,too,becausemostofthemarealsoextensible.Authentication,forexample,isnolongerasetoffourradiobuttonsbutratheralistofallinstalledauthenticationchoices,andtheabilitytoenableordisableeach.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    10

    Figure2:Authenticationconfiguration.

    Insomecases,itcanbeabittrickytofindthesettingyoureafter:Editingsitebindings,forexample(whichdeterminesthehostnames,IPaddresses,andportnumbersasitewillrespondto),isaccessedfromtherighthandsidebar,asarefunctionsforstoppingandrestartingsites.

    ApplicationPoolsIIScontinuestohostsiteswithinApplicationPools,whichareusedtoconfigurethenumberofthreadsservicingoneormoresites,theuseridentitythesitesoperateunder,andsoforth.UnlikeIIS6,though,IIS7willbydefaultcreateanewAppPoolforeachnewWebsiteyoucreate.Itsaneasytochangesettingwhenyoucreateanewsite,butitsalsoeasytomiss,andtherearedisadvantagestohavingoneApplicationPoolpersite.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    11

    Figure3:ConfiguringApplicationPools.

    EachApplicationPoolconsistsofatleastonethreadofexecution.Infrequentlyusedsitescaneasilyshareasinglethread,whilebusiersitesmaybenefitfrommultiplethreadsforparallelservicingofmultipleincomingrequests.Eachthread,however,bringsasmallamountofoverhead,sohavingonethreadapieceforseverallessbusysitesmayactuallyhamperserverperformance.Themoral?Dontacceptthedefaultsuntilyouvedecidedwhetherthatssuitableforyourspecificsituation.

    WebPlatformInstallerIIS7isprobablythemostextensibleversionofIISever,andMicrosoftaswellasthirdpartiesismakingnumerousextensionsavailable.Tomakeinstallingalloftheseeasier,MicrosofthascreatedtheWebPlatformInstaller,whichisavailableforfreeatwww.iis.net.ThisinstallerqueriesavailableextensionsandofferstoinstallthemforyouuptoandincludingnonMicrosoftplatformssuchasPHP,whichenjoysbettersupportthaneverunderIIS7.

    http://www.iis.net/

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    12

    Figure4:WebPlatformInstaller.

    Oncesetup,theInstallerisavailablefromthemanagementpageofanyWebsite.ItllremindyouabitoftheeasytouseWebbasedmanagementconsolesthatmanyhostingcompaniesprovide:YoucanevenuseittoinstallselectedprepackagedWebapplicationssuchasDasBlog,Drupal,Subtext,WordPress,andmore.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    13

    Figure5:InstallingWebapplications.

    TheWebPlatformInstallerisprobablytheeasiestwaytoextendIISweveeverhad.

    FTPAlthoughWin2008includestheoldFTPPublishingService,youdontwantit.Infact,ifitsalreadyinstalled,uninstallitusingServerManager(gototheWebServerrole,andclickRemoveRoleServices),andusethenewFTPserviceavailablethroughtheWebPlatformInstaller.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    14

    Figure6:ThenewFTPservice.

    Thisnewservice,whichcannotbeinstallediftheoldIIS6compatibleFTPPublishingServiceisinstalled,offerssecureFTP,FTPfirewallsupport,betterFTPlogging,andmuchmore.ItsamorescalableandmoreefficientFTPservicethatcanbemanagedfromwithintheIIS7Managerconsole(theoldservicerequirestheuseoftheoldIIS6console).

    URLRewritingOneofthemostannoyingaspectsofusingIIS,asopposedtosomethinglikeApache,istheavailabilityofURLrewriting.NumerouspopularWebapplicationsmakeuseofthisfeaturetoprovidesearchenginefriendlyURLsaswellasothercapabilities.Apachemakesiteasybyusinganindustrystandardrewritingsyntaxinasimpletextfile,named.htaccess.Droppingan.htaccessfileintoaWebsitesrootfolder,oranysubfolder,enablesrewritingforthatsiteorfolder.UnderIIS,thirdpartycommercialtoolswererequiredtoprovidethiscapabilityuntilIIS7.TheWebPlatformInstallercanbeusedtogetafreeURLrewritingmodule,whichappearsasaconfigurationoptioninIISManager.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    15

    Figure7:EditingaURLrewriterule.

    AlthoughIISstill(somewhatirritatingly)doesntusesimply.htaccessfiles,itcanimportthosefilesintoitsownURLrewritingmodule.Youcancreatecustomrules,andawizardprovidesshortcutsforcreatingcommontypesofrules.Forexample,onerule(seeFigure8)canbeusedtoremovethewwwfromincomingrequests,forcinguserstorealtimepublishers.comratherthanwww.realtimepublishers.com.ThisisacommontrickforhelpingsearchenginesseeonlyoneversionofthesiteandavoidingtheduplicatecontentpenaltymanyenginesimposewhentheythinktheyreseeingthesamecontentontwodifferentWebsites(onestartingwithwww,andtheotherwithout).

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    16

    Figure8:TheNoWWWrule.

    Tocreatethisrule,createanew,blankURLrewriterule.Setittomatchthepattern:

    ^(.*)$

    Whichisaregularexpression(regex)foranyURLcomingintothesite(thesitesbindingswillensurethatonlyrequestsintendedforthatsitemakeitthisfar).Undertherulesconditi ecifyasinglecondition:ons,sp

    {HTTP_HOST}Input:

    tchesthepatt rnType:Ma e

    Pattern:^(www\.)(.*)$Andsettheactiontoredirectto:

    http://yoursiteURLwithoutwww{PATH_INFO}

    SelecttheAppendquerystringcheckboxandmaketheredirectaPermanent(301)redirect.ThiswillgrabwhateverURLtheuserwastryingtoreach,ifitstartswithwww,andredirecttothenonwwwversionoftheURL.Youcanalsousethistocaptureolddomainnamesandpermanentlyredirectthemtoanewone.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    17

    Tip,Trick,Technique5:EvaluatingWindowsServerBackupWindowsServerBackuphasbeenentirelyrewrittenforWin2008,anditsfinallyaftermorethanadecadeofWindowsexistenceasaserveroperatingsystem(OS)aviablechoiceformanyrealworldbackupandrecoverytasks,especiallyinsmallerenvironments.However,itsnotadoitallsolution;youshouldbepreparedforsignificantdisadvantagesandweaknesses.

    InstallingWindowsServerBackupLikenearlyeverycomponentofWin2008,WindowsServerBackup(WSBackup)isntinstalledbydefault.YoullneedtoopenServerManager,gotoFeatures,andasshowninFigure9,manuallyaddtheWindowsServerBackupfeature.ItsagoodideatoaddtheCommandlineToolssubfeaturebecauseyoullgaintheabilitytoaddbackupstootherautomatedprocessesinWindowsPowerShellcommandsandscripts.

    Figure9:AddingWindowsServerBackup.

    NoteTheneedtoaddthisfeaturecanactuallybealittleconfusingbecauseWindowsinstallsashortcutontheStartmenuforWindowsServerBackupevenifthefeatureitselfisntinstalled.Clickingtheshortcutopensaconsolethattellsyouthatyouneedtoinstallthefeature.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    18

    UsingWindowsServerBackupLetsbeperfectlyclearinthatWSBackupisintendedtobackupdataandapplicationsonthelocalcomputer;Microsoftdoesntpositionthisfeatureasanythingmorethanaverybasic,local,barebonesutility.Operationsareprimarilywizarddriven,suchastheBackupScheduleWizardthatFigure10shows.Withthiswizard,youcanselectwhatyouwanttobackup,whenyouwanttobackitup,wherethebackupwillbestored(diskonlynotapesupport),andsoon.

    Figure10:Configuringabackup.

    Youcanrestoreabackupthatwasmadefromthelocalcomputerorfromanothercomputer(ifyouretryingtorecoveranentiresystem,forexample,orneedtograbafewfilesfromabackupthatwasmadeofanothercomputer).Inaddition,youcanrestoreindividualitemsfromabackupaswellastheentirething.

    AsFigure11shows,youcanconfigurebackupperformancebysimplyselectingthetypeofbackupthatwillbemade:afullbackup(doesnthithardtheserveritselfintermsofperformanceandcleansupVolumeShadowCopyfiles),oranincrementalbackup(leavesbehindWindowsVolumeShadowCopyfilesandmaydiminishserverperformancesomewhat).Youcanalsomakethisdecisiononapervolumebasis.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    19

    Figure11:Configuringbackupperformance.

    NoteVolumeShadowCopy(VSC)isdesignedtokeepoldversionsoffileshandyinadiskbasedstoreforeasierrecovery;userscanuseWindowsPreviousVersionstabonafilesPropertiesdialogboxtoaccessVSCversions.Uponmakingafullbackup,VSCfilesarenormallyclearedbecausethefilesprotectedbyVSCarenowsafelyinabackup.

    AlthoughWSBackupitselfisdesignedtobackupthelocalcomputeronly,youcanusethemanagementconsoletoconnecttoWSBackuprunningonothercomputers,allowingyoutomanagetheirlocalbackupoperationswithouthavingtophysicallylogontotheirconsoles.Figure12showsthistaskinaction.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    20

    Figure12:ConnectingtheWSBackupConsoletoanothercomputer.

    ProsandConsMostexperiencedadministratorsprettymuchignoreWindowsbuiltinbackup,andWSBackupisntgoingtochangetheirminds.Foraverysmallenvironmentdealingprimarilywithfileandprintservers,WSBackupisareasonablyeffective,ifbarebones,meansofmakingthebackupsyouneedtobesafe.Youllneedtomovethebackupsoffserver,ofcourse,ortheyreatriskofacompletediskorsystemfailure,andWSBackupdoesntmakeiteasytomovethosefilesaround(itexpectsthemtoprettymuchremainlocal).YoucantsavebackupstoanydiskvolumethatcontainsWindowsitselforapplicationdata,whichmeansyoullneedtoinstalladedicatedvolumeoftennotanoptiononaserverthatsalreadyhadallitsdiskspaceallocated.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    21

    Tip,Trick,Technique6:UsingWindowsPowerShellAlthoughWindowsPowerShellisntspecificallynewinWin2008(itwaspreviouslymadeavailableforWindowsXP,WindowsServer2003,andWindowsVista),Win2008isthefirstversionofWindowsthatincludesWindowsPowerShell.AcompletediscussiononPowerShellisabookuntoitself,butthereareafewthingsyoushouldbeawareofandplantotakeadvantageofrightaway.

    WhatIsWindowsPowerShell?EveryonewhohasheardofPowerShellhasanideaofwhatitis:acommandlinetool,ascriptinglanguage,orsomething.ItsalmosteasiertoexplainwhatPowerShellisnt:

    Itsnotascriptinglanguage.True,itdoeshavescriptingcapabilities,butitsnotquitethesameassomethinglikeVBScript.ItsmorelikethebatchlanguageintheoldCmd.exeshellbutabitmorerefined.Itssimplejust14keywordsinPowerShellv1butitsveryflexibleandextensible.

    Itsnotashell.Not,atleast,inthesamesenseasCmd.exe.PowerShelltheactual,underthehoodgutsofPowerShellisanenginecapableofrunningcommandsand

    scripts;themostcommonwayforushumanbeingstotellitwhichcommandstorunistotypethosecommandsintoahostwindow,whichisacommandlineinterface.

    PowerShellisastandardizedmeansforMicrosofttopackageadministrativefunctionality.Theyrenotquitecommandlinetools,althoughwehumanscanaccessthemthroughacommandlineinterface.ThebigpartthereisstandardizedbecausePowerShellisthefirsttimethatMicrosofthascreatedaclear,documentedstandardforexposingadministrativefunctionality.PowerShellcanbeaccessedfromacommandlinewindow,true,butitcanalsobehostedbygraphicalapplicationsthatruncommandsinthebackground.Insomecases,youmightbeusingaGUIconsoleandnotrealizethatPowerShellisactuallydoingalltheworkbehindthescenes.

    Itssafe,incasualconversation,torefertoPowerShellasacommandlineinterfacebecausethatshowmostofuswillexperienceitdirectly.

    EnablingWindowsPowerShellAlthoughPowerShellisincludedwithWin2008,itisntinstalledbydefault:AsFigure13shows,youhavetoenableitsfeatureinordertostartusingit.Doingsowillalsoenablethe.NETFrameworkv3.0,whichistheversionthatshipswithPowerShell.PowerShellactuallyrequiresv2.0,whichisasubsetofv3.0.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    22

    Figure13:WindowsPowerShellisanoptionalfeature.

    NoteTheR2releaseofWin2008actuallydoesinstallWindowsPowerShellv2bydefault,whichmeansthelatestversionoftheFramework(3.5)isalsoinstalledbydefault.BecauseofPowerShellv2snewfeatures,MicrosoftfeelsandIagreethateveryonewillwantandneedPowerShelloneverycomputer.

    WindowsPowerShellSecurityandProfilesPowerShellhastheabilitytoexecutescriptfiles,whichareessentiallyabatchofcommandsexecutedinsequence,soMicrosofthasobviousconcernsaboutPowerShellandsecurity.ThelastscriptinglanguageMicrosoftpushedout,VBScript,wasadismalfailureintermsofsecurity,enablingmassvirusattackssuchasILoveYou,Melissa,andotherfamousmalware;thecompanycertainlydidntwantPowerShelllandinginthesameboat.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    23

    UnderstandthatthepotentialdangerinPowerShelldoesnotcomefromrunningcommandsinteractively.Typingacommand,gettingthesyntaxright,anddoinganythingrequiresacertainamountofexpertiseandisntsomethingyoucantypicallytricksomeoneintodoing.Inanyevent,nocommandwillworkunlesstheuserhasthenecessaryunderlyingpermissionsinthefirstplacePowerShellisntawaytobypassWindowssecurity.No,therealdangerinPowerShellcomesfromscripts.Thatsbecauseascriptissomethingyoucantricksomeoneintorunning,andascriptmaycontainentiresequencesofcommandsthatthetrickedpersonmightnormallyknownottorun.Trickinganadminisespeciallydeadly,becausetheadminwillusuallyhavepermissiontodoallkindsofdangerousthings.

    SoPowerShellssecurityfocusesonscriptexecution,primarilythroughamechanismcalledtheexecutionpolicy.Bydefault,thispolicyissettoRestricted,whichpreventsscripts

    ved.fromrunningentirely.Problemsol

    ChangingthepolicybyusingtheSetExecutionPolicycommandwithinPowerShellitselfrequireslocalAdministratorprivileges,asthesettingisstoredintheHKEY_LOCAL_MACHINEportionoftheWindowsregistry.YoucanalsocontrolthissettingcentrallyusingaGroupPolicyadministrativetemplatethatsavailablefromhttp://download.microsoft.com(justpunchinPowerShelladminthesearchboxtofindthedownload).AGroupPolicyappliedsettingoverridesanythingelse.

    Sowhatmightyouchangethepolicyto?Unrestricted,theloosestsetting,isstupid;youreputtingPowerShellrightbackintotheVBScriptdays,allowinganyscripttoexecuteatanytime.Thenexthighersetting,RemoteSigned,mightsoundpromising.ItallowslocalscriptstoexecutewithoutrestrictionbutrequiresremotescriptsthosedownloadedfromtheInternetoraccessedviaUNCtocontainadigitalsignature.ThissettingisntanysaferthanUnrestricted,nomatterwhatanyonetellsyou.Illexplain.

    Whenascriptisdigitallysigned(somethingyoucanaccomplishusingtheSetAuthenticodeSignaturecommand),anencryptedcopyofthescriptisaddedtotheendofthescriptfileinaspecialblockofcomments.Whenrunningthescript,PowerShelldecryptsthissignatureandcomparesitwiththecleartextcopyofthescript.Ifthetwomatch,thesignatureisintactandthescriptexecutes.Ifthesignaturedoesntmatchthescript,thesignatureisbrokenandthescriptwontexecute.Thisinandofitselfdoesntpreventmaliciousness,buthereswhatdoes:ObtainingthenecessarydigitalcertificateaClassIIIAuthenticodeCodeSigningCertificate,tobespecifictypicallyrequiresyoutoproveyouridentity,insomefashion,tothecertificateissuer.Youridentitybecomesapartofthecertificateandofanysignaturesyoucreateusingthatcertificate.Thus,ifyoucreateamaliciousscript,andsignit,PowerShellwillrunitandanyoneaffectedbyitwillbeabletodivineyouridentityandhuntyoudown.So,inverygeneralterms,signedscript=safescript.

    http://download.microsoft.com/

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    24

    NoteThissafedependsentirelyonthecertificateissuerdoingagoodjobofactuallycheckingyouridentitywhenissuingacertificate.YoucanconfigureWindowstotrustcertificateissuerswhoyoubelievedoagoodjob;youcanconfigureittonottrustissuerswhoyoudontbelievedoagoodjob.IfPowerShellencountersasignaturethatcamefromanuntrustedissuer,thesignatureandthescriptarealsoconsidereduntrustedandthescriptwontrun.

    So,imagineascenario:Yourcomputergetsinfectedwithapieceofmalware.Only,ratherthantryingtodoanythingnasty,itjustmodifiesaninnocentlittletextfileonyourcomputer.Onewith,say,a.ps1filenameextensionaPowerShellscript,inotherwords,thatyouvealreadywritten.Thenexttimeyougotorunthislocalscript,thecommandsaddedbythemalwarealsoexecuteandchaosensues.

    Or,evenworse,themalwarecreatesasimpletextfilewiththenameprofile.ps1,insideafoldernamedWindowsPowerShell,rightinyourDocumentsfolder.Nobigdeal,right?Wrong:ThisisaPowerShellprofilescript,anditisgoingtoexecuteautomaticallythenexttimeyouopentheshell!Worse,thisfiledoesntexistbydefault,soitseasyforapieceofmalwaretocreateitwithoutyouknowing.UserAccountControl(UAC)wontsaveyouherebecauseitsjustasimpletextfileinyourDocumentsfoldernothingyouneedAdministratorprivilegestoaccess.

    Thesolution?PowerShellsthirdexecutionpolicy,AllSigned.Thissettingrequiresallscriptstocarryasignature,createdbyusingacertificatethatcamefromatrustedissuer.Createyourownprofilescript(ablankoneisfine)andsignittopreventapieceofmalwarefromploppingdownaprofilescript,andyoureprotected.Sure,youhavetosignyourscriptsbeforetheyllrunnobigdeal.Thebettercommercialscripteditors(PrimalScriptandPowerShellPlusProfessionalEditioncometomind)willdothatautomaticallyforyou,ifyouwantthemto.Dontwanttobuyacertificate?Runhelpabout_signinginPowerShellandreadhowtousetheMakeCertutilitytocreateafree,localuseonlycertificateforyourownscripts.

    UsingWindowsPowerShell:TheBasicsAsacommandlineshell,PowerShellworksalotliketheCmd.exeshellyoureprobablyfamiliarwith:typeacommand,addonanynecessaryparameters,andyourereadytohit

    Enter.Needtotryagain?Hittheuparrow,modifythecommand,hitEnter,andyouredone.

    SohowdoyougetaroundyoursysteminPowerShell?IfyouveevernavigatedadiskdriveinCmd.exe,thenyouknowhowtodoitinPowerShell.

    TypeDirtogetalistingoffilesandfoldersortypeLs,ifyoupreferthat.Cdwillchangefolders.Delwilldeletefiles,sowillRm.Typewilldisplaythecontentsofatextfile,aswillCat.Abackslashisapathseparator,asisaforwardslash.SowhetheryourecomfortablewithUNIXorDOSstylesyntax,youregoodtogo.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    25

    Therearesomecaveats.cd..wontgouponefolderlevel;youneedtousecd..withaspace.ThatsbecausePowerShellassignsaspecialmeaningtothespacecharacter:itsaseparatorbetweenacommandanditsarguments.ThatswhyCdc:\programfilesdoesntworkthespacebetweenprogramandfilesconfusesit.AddquoteseithersingleordoubleandrunCdc:\programfilesinstead.ThatsprettymuchwhatyouwoulddoinCmd.exeorevenmostUNIXshells,bytheway.

    Sothereyouhaveit:Acompletelyarbitrary(likeLsisintuitive?)setofcommandsthatyouveprobablyalreadymemorizedandcanusetonavigatethroughahierarchicaldatabase.Yes,adatabasethatswhatthefilesystemreallyis,afterall.ItsnotrelationallikeanAccessorSQLServerdatabase,butitshierarchical,notunlikeanExchangeServermailstore,ortheWindowsregistry,orevenActiveDirectory(AD).Speakingofwhich,wouldyouliketolearnawholenewsetofcommandsthatletyounavigatetheregistryorevenAD?

    IhopeyousaidnobecausewhowantstolearnawholenewsetofcommandswhenYOUALREADYKNOWASETthatshoulddothejob?Inotherwords,whycantwejustrunCdHKCU:tochangeintotheHKEY_CURRENT_USERregistryhive?WhycantwerunLstogetalistofregistrykeys?RunCdSoftwaretochangeintothatkey,andDel*todeleteeverythingwhoops.

    Well,itturnsoutyoucaninPowerShell.Tryit.ThatsbecausePowerShellhaslittleadapterscalledPSDrivesthatallowPowerShelltoseedifferentformsofstorageasiftheywerediskdrives.TheCertificateStore,environmentvariables,registry,andmorearejustthebeginning.MorePSDriveadapterscanbeaddedin,andproductslikeSQLServer2008,AD(inWin2008R2),andothersdojustthat.RunGetPSDrivetoseealistofallthedrivescurrentlyavailable,anduseNewPSDrivetocreatenewdrivemappings(remember,thesearePSDrives,sotheyonlyliveinPowerShellyouwontseetheminWindowsExplorer).

    PSDrivesillustrateakeypartofPowerShellsdesignphilosophy:TakeONEsetofskillspreferablyaskillthatadministratorsalreadyhaveandleverageitaswidelyaspossible.Thatmeanslesslearningforyouwhileexpandingthenumberofthingsyoucando.Itslikethemovingwalkwayattheairport:slowpeoplearesupposedtokeeprightsothatfasterpeoplecanpassontheleft.Itsthesameskillthatweresupposedtouseonthehighway,leveragedinanewlocation.Sadly,mostpeopleseemtolacktheskillineitherscenario,butyougettheidea.Andeventhatmakesagoodpoint:PowerShellisleveragingskillsthatadministratorsSHOULDalreadyhave;ifyouvestayedawayfromanykindofcommandlineadministration,youhavedoneyourselfadisservicebecausePowerShellassumesyouveworkedatleastalittlefromthecommandline.Ifyouhavent,PowerShellwontbeimpossibletouse,butitwillbeabitmoreofalearningcurvebecauseyoulacksomeofthe

    .backgroundexperiencethatPowerShellistryingtoleveragetomakethingseasieronyou

    LetTHATbealessonforyou.AbigreasontolearnPowerShellNOWisbecausetherewillbefutureversionsthataddMOREfunctionality.BylearningPowerShellNOW,youcanstartgainingthebackgroundexperiencethatwillmakefutureversionsmoreincrementalandeasiertolearn;thelongeryouwait,theharderitwillbetolearneachsuccessiveversion.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    26

    AllAboutCommands,Aliases,andParametersSoallofthesethingsweranCD,DIR,LS,andwhatnotareallcommands.Technically,becausetheyrewithinPowerShell,theyrecalledcmdlets(pronouncedcommandlets,

    ).Actually,technically,whatwevebeenusingsofararealiases.notceeemdeelets

    Letmebackupabit.

    PowerShellsfunctionalitycomesprimarilyfromthesecmdlets,allofwhicharewrittenbydevelopersworkingina.NETlanguagesuchasC#orVisualBasic.Cmdletscomepackagedinasnapin,whichisbasicallyaDLLfile.YoucanthinkofthemassimilartothesnapinsusedbytheMicrosoftManagementConsole(MMC),inthattheyaddproductspecificfunctionalitytoanotherwiseemptyshellorconsole.

    CmdletsuseaconsistentnamingschemedevisedbyMicrosoft.Cmdletnamesconsistofaverb,suchasGet,adash,andthenasingularnoun,suchasService(forexample,GetService).Thelistofverbsisactuallyfairlyshortandisintendedtobeusedconsistently.ChangingsomethingusestheSetverb,soyouhavecmdletssuchasSetServiceandSetExecutionPolicyneverChangePolicyorConfigureService.Usingconsistentverbshelpsfolkslikeusguesstherightcommandnamewithouthavingtoporethroughmanuals.Forexample,basedsolelyonwhatIvewrittenhere,canyouguesstheExchangeServercommandthatwouldretrieveusermailboxes?GetMailbox.

    Thedownsideofthesecommandnamesisthattheycanbelong.Notthatlongisinherentlybadlongalsomeansclearerandeasiertoremember.Butlongdoesmeanhardertotype,andnobodywantsthat.SoPowerShellhasasystemforaliases,whicharesimplynicknamesforacommand.DirisanaliasforGetChildItem,TypeisanaliasforGetContent,PsisanaliasforGetProcess,andsoforth.Thealiasissimplyawayofshorteningthecommandnameormakingthecmdletnamelooklikeafamiliarcommand(suchasDirorDel).Thealiasdoesntchangeanythingaboutthewaythecmdletworks.RunDir/sandyoullsee.ThatgeneratesanerrorbecausetheGetChildItemcmdlet,whichiswhatsreallybeingrunwhenyoutypeDir,doesntsupporta/sparameter.

    Whichbringsustoparameters,Isuppose.Instickingwiththeconsistencytheme,PowerShellfinallybringsusaconsistentcommandlinesyntaxforparameters.Parametersalwaysbeginwithadashnotaslashandtheparameternamesarereallyclear:computerName,path,filter,exclude,credential,andsoforth.Theparameternameisfollowedbyaspaceandthenwhatevervaluegoeswiththeparameter,ifappropriate.Aparametersuchasappendwouldntusuallytakeavalue;itsjustaswitch,tellingthecmdlettoappendcontenttoexistingcontent.AparametersuchascomputerNameobviouslydoesneedavaluethecomputernameyouwanttopassalong.SothatswhyDir/sdoesntwork:theGetChildItemcommanddoesntrecognize/sasaparameter.Actually,itllthinkitssupposedtobeapathbecausePowerShellusesboth/and\aspathseparators.However,thecommanddoeshavearecurseparameterthatlldowhatyouwant.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    27

    TheresnowaytocreateanaliassothatDir/sbehavesasGetChildItemrecursealiasesarenicknamesonlyforcommandnames,notforanythingelse,andnotforanyparameters.Usinganaliasdoesntchangethecommandsyntaxinanyway;youresimplysubstitutingashorternameforthecommand,nothingmore.

    Thatsaid,youdonthavetotypethewholeparameternamehonestly,typingcomputerNameallthetimewouldbeahassle.Youonlyhavetotypeasmuchoftheparameternameasneededtodistinguishitfromotherparameters.So,forGetChildItem,insteadoftypingrecurse,youcouldtyperbecausetherearenootherparametersofthatcommandthatbeginwithr.Theraloneisenoughtolettheshellfigureoutwhichcommandyoumeant.Inothercases,afewmorelettersmaybeneeded:IusuallytypecompforcomputerName,forexample.ItsprobablymorelettersthanItechnicallyhavetotypeinmostcases,butitsenoughtohelpmevisuallydeterminewhatparameterImeant.

    AndtheresalwaysHelp:PowerShellsbuiltinhelpsystemevenacceptswildcards,sorunningHelp*Service*willhelpyoufindallthecommandsrelatedtoservices,whilerunningsomethinglikeHelpGetWmiObjectwilloffercompletehelpforthatentirecommandandallitsparameters.InPowerShellv2(withWin2008R2),theHelpcommandpicksupanonlineparameter,whichpopsupthelatestandmostaccuratehelpinaWebbrowser,straightfromMicrosoftsWebsite.

    Tip,Trick,Technique7:UnderstandingHyperVHyperVisanexcitingnewfeatureofWindowsServer2008.Althoughmuchhasbeen,andwillbeforsometimetocome,writtenonHyperVanditsmajorcompetitorsVMwarevSphere(ESXServer),andCitrixXenServeritsimportanttounderstandwhatHyperVisandisntbecauseitcomeswithWin2008.

    HyperV,HypervisorWhatsitAllMean?HyperVisMicrosoftsbrandnamefortheirWindowsbasedhypervisor.Ahypervisorisaspecialtypeofsoftwarethatsspecificallydesignedtoenablevirtualization:theabilityforonecomputertoeffectivelymimictheoperationofmanyvirtualcomputersatthesametime.Thehypervisorinstallsonahostcomputerandhasdirect(moreorless)accesstoitshardware;itthenenablesoneormorevirtualmachinestoexecuteinmemory.Eachvirtualmachine,orguest,canrunitsownoperatingsystem(OS)whichneednotbeWindowsandeachguestOSthinksitsrunningonitsowndedicatedhardware.

    HyperVistechnicallyatype1hypervisor,meaningthehypervisoritselfrunsonbaremetal,ordirectlyontheservershardware.Win2008automaticallycreatesaspecialvirtualmachinewheretherestofWin2008isinstalled.So,whenyoureusingaWin2008machinethathasHyperVinstalled,yourealwaysrunningatleastonevirtualmachinetheonethatWin2008itselfisrunningon.Thatprimaryvirtualmachineistheonethatgetstotellthehypervisorwhattodo.Itsnotquiteaguestvirtualmachinebecauseitdoeshaveaspecialmanagementrelationshiptotheunderlyinghypervisor.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    28

    HowDoesHyperVLicensingWork?YouneedtoownaWin2008licensetorunHyperV.Beyondthat,youllalsoneedlicensesforwhateverguestOSsyouplantoruninsideyourvirtualmachines.Thefree,downloadableWindowsHyperVServerproductdoesntincludelicensesforanythingbutHyperVitself;anyguestOSswillneedalicense.

    WhenyoubuyacopyofWin2008,however,itcomeswithacertainnumberoflicensesforguestvirtualmachinesrunningcopiesofWin2008.TheDatacentereditionofWin2008,forexample,letsyourunanunlimitednumberofvirtualmachinesthatrunanyothereditionsofWin2008;Win2008sEnterpriseeditionincludesguestlicensesforuptofourWin2008guests.

    IsHyperVaBareMetalHypervisor?Yes.LotsofpeopleliketoarguethisbecausewhenyouinstallHyperV,youappeartobeusingafullcopyofWindows.So,theyargue,ifHyperVrequiresWindows,itstechnicallyatype2hypervisor,meaningthehypervisordoesnttalkdirectlytothehardware.Thiswasthecasewiththepredecessor,MicrosoftVirtualServer.ItsarchitecturelookedabitlikewhatsshowninFigure14,withthehypervisorclearlyrunningatopWindowsanddependingonWindowstoprovideaccesstothehardware.Here,thehypervisorrunsasanapplication,atthesamelevelassomethinglikeExchangeServer.

    Figure14:Atype2hypervisor.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    29

    HyperVsarchitectureisshowninFigure15.WhatfoolsfolksaboutHyperVisthatitalwaysinstallsavirtualmachinetechnically,apartition,touseMicrosoftsterminologycontainingafullWin2008install.SoyoualwaysseeWindows,eventhoughHyperVitselfisnttalkingthroughWindowstogettothehardware.

    Figure15:HyperVarchitecture.

    AlsoshownaresomeuniquefeaturesofHyperV,suchastheabilityofOSsthatknowaboutHyperVtorealizethattheyrerunninginaguestvirtualmachine.Thisletsthemfeedspecifictypesofinformation(suchasperformance)tothehostforbettermanageability,andletsHyperVcommunicatewiththeguestOStoperformkeytasks,suchasbettermanagingshutdowns.NonawareguestOSscanalsorunbutgetfewermanageabilityimprovements.

    Infact,thereisawaytorunHyperVwithoutrunningthefullcopyofWindows:WindowsServerCore.ThefreeWindowsHyperVServerdownloadableproductusesthis,andyoucansetuponeyourself.ItsimplyinstallsServerCoreintotherootpartitionsothatyougetasmallerWindowsfootprintintherootandmoreresourcesfreedupforrunningyourotherpartition.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    30

    Tip,Trick,Technique8:RemoteServerManagerinR2ServerManagerhasproventobeagreatwayofadministeringWin2008scomplexsetofserverrolesandfeatures.Itoffersacentralmeansofadding,configuring,andremovingrolesandfeatures,andprovidescentralaccesstoanumberofsecurityandconfigurationrelatedfeaturesthatwouldotherwisebescatteredacrosstheoperatingsystem(OS)andrequirealotofdigging.IfServerManagerhadonesignificantfailing,though,itwasitsinabilitytoworkwithremotecomputers.IfyouwantedtouseServerManager,youwerestuckloggingontotheserverconsoledirectlywhichisareallimitationandreallybreaksthesingleseatadministrationmodelMicrosofthasbeenslowlytryingtoimplement.

    InWindowsServer2008R2(R2forshort),though,ServerManagerhasbeenimprovedtosupportremotemanagement.AsFigure16shows,thischangeissubtleandonethatseasytomiss:YousimplypickupaConnecttoComputermenuoption.

    Figure16:Connectingtoaremotecomputer.

    ThisfeaturemeansyoucannowusealocalcopyofServerManagertomanagefeaturesandrolesonallyourR2serversexceptthoserunningServerCore;unfortunately,theServerManagerconsolecantinstallrolesonthestrippeddownServerCoreversionoftheOS.Hopefullythatcapabilitywillcomeintime,asitwouldgoalongwaytowardmakingServerCoremoreapproachableforawiderrangeofadministrators.

    Tip,Trick,Technique9:LeveragingServerCoreinR2R2offersanimprovedversionofServerCorethatmakesupforalotoftheshortcomingsofpreviousversions,albeitatapotentiallyhigherlevelofmaintenanceoverhead.OneofthemostimportantnewfeaturesistheSConfig.exeutility(seeFigure17).Thisutilityoffersatextbasedmenuthathelpsadministratorsconfigurethecoreoperatingsystem(OS)settingssuchasdomainmembership,computername,WindowsUpdate,networksettings,andsoforth.Thisisawelcomeimprovement,asmanyofthesetasksinthepastrequiredcomplex,fairlyarcanecommandlinetools.Thosesametoolsarestillinuse;theyrejust

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    31

    calledinthebackgroundbySConfig.ThinkofSConfigasasortoflightweightServerManagerspecificallyforServerCore.

    Figure17:UsingSConfiginServerCoreR2.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    32

    ServerCorealsooffersasubsetofthe.NETFramework.Thissubsetincludesportionsofv2.0andv3.0;itspecificallyexcludestheWindowsFormsclassesandWindowsPresentationFramework,whichrequiregraphicaluserinterface(GUI)elementsnotpresentinServerCore.TheinclusionofthisFrameworksubsethasacoupleofreallyimportant,farreachingconsequences.Oneofthoseisthepotentialforadditionalpatches,astheFrameworkisanadditionalsetofmovingpartsthatdocomewiththeirownpotentialproblemsandtheresultinghotfixesandservicepacks.AmajorbenefitofServerCorehasalwaysbeenthatitrequiresfewerpatcheshistorically,aboutathirdofwhatthefullWindowsOSrequires.TheFrameworkisnthistoricallyaheavilypatchedsetofcodebutitdoesgetpatched.

    Thetradeoff,however,issignificant:ServerCoreR2nowsupportsASP.NETWebapplicationsunderIIS7.5,whichisamajorimprovementovertheoriginalServerCorereleasewhichdidnthaveanyFrameworkanddidntsupportASP.NETatall.TheinclusionoftheFrameworkinServerCoreR2alsopermitsremotemanagementofIISthroughthestandardIISmanagementconsoleanothermajorbenefitforadministrators(youhavetoenabletheremotemanagementservicetomakethishappen).

    PerhapsthebiggestimprovementofferedbytheFrameworksubset,however,istheinclusionofWindowsPowerShellv2asapreinstalledcomponentofServerCoreR2.ThisadditionbringssignificantnewadministrativecapabilitytoServerCore,includingtheabilitytoremotelyconnecttoServerCoresPowerShellinstancesfromremotemachines,enablingremotecommandlinemanagementofsingleandmultipleservers.

    CrossReferenceSeeTip,Trick,Technique12:RemoteCommandLineAdministrationinR2formoredetailsonPowerShellv2sremotemanagementcapabilities.

    ActiveDirectoryCertificateServices(ADCS,formerlyjustCertificateServices)isalsosupportedasaserverroleonServerCoreR2.ThismeansthatyetanotherkeyinfrastructurecomponentPublicKeyInfrastructure(PKI)cannowbemigratedtothislowermaintenance,smallerfootprintOS.

    KeepinginmindthatR2isonlybeingmadeavailableina64bitedition,ServerCoreR2optionallysupportsaWoW64layerthatmakesitpossibletorun32bitapplications.Iprimarilyseethisasbeingusedtosupportoldermanagementagentsorantimalwareapplications,althougheveryeffortshouldbemadetoacquirenative64bitversionsoftheseitemsasquicklyaspossible.

    Finally,ServerCoreR2alsosupportsFileServerResourceManager(FSRM),whichfinallynablesadvancedfilequotasandotherFSRMrelatedfunctionalityinServerCore.e

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    33

    Tip,Trick,Technique10:DeletedADObjectRecoveryinR2MuchhasbeenmadeabouttheActiveDirectoryRecycleBininWindowsServer2008R2,buttherealityfallssomewhatshortofthehype.Althoughthisfeatureprovidesgreatcapabilities,italsohassomelimitationsthatarentimmediatelyobviousandthetermRecycleBinactuallyimpliesaleveloffunctionalityandeaseofaccessthatsimplyisntpresent.Butfirst,somebackground.

    Asyoumayknow,deletedobjectsinActiveDirectory(AD)arentdeletedimmediately.Instead,theyremarkedwithatombstoneflag,whichisreplicatedtoalldomaincontrollersinthedomain.Tombstonedobjects,astheyrecalled,continuetohangaroundinthedirectoryforsometime180daysinthemostrecentversionsofAD.Althoughtheycantbeusedtologonorforanyotherpurposes,keepingtheobjectsaroundinthis

    .tombstonedconditionhelpsensurethateverydomaincontrollerknowsaboutthedeletion

    SomethirdpartyRecycleBinliketoolsofthepastsimplytakeadvantageofthesituation,givingyouagraphicaluserinterface(GUI)forseeingtombstonedobjects,andenablingyoutoremovethetombstoneflag(andreplicatethatchange),bringingtheobjectbacktolifereanimatingit,tostickwiththegraveyardterminology.Somethirdpartyrecoverytoolsprovidenootherfunctionality,infact,especiallythoseofthesharewarevariety,andyoudontevenneedatoolifyourecomfortableusingADSIEditorotherfree,lowleveltoolsthatenableyoutochangethetombstoneattributeyourself.

    Theresadownside,though:Whenanobjectisdeleted,ADremovesmostofitsattributesatthesametimeitappliesthetombstoneflag.Thatmeansmanyoftheobjectsattributesarenolongeravailable,sotheobjectisntcomplete.Thisisespeciallyfrustratingwithuserobjects,aswetendtopopulatemanyoftheusersattributes.Sosimplyreanimatinganobjectoftenisntthatsimpleatallbecauseyoumayalsoneedtorepopulatethemajorityofitsattributestomakeitfullyfunctionalagain.

    WindowsServer2008R2makesoneimportantchangetothedeletingprocess:Itplacesdeletedobjectsintoarecycledstatewheretheirattributesareleftintact.Thus,reanimatingthem,byflippingthetombstoneflag,iseasier,becausetheobjectispreservedinitsoriginalform.

    Unfortunately,WindowsServer2008R2willnotprovideanactualRecycleBinintheformofaniconorcontainerthatyoucanusetoeasilyaccessdeletedobjects.DeletedobjectswillstillbeessentiallyinaccessiblefrommostnativeADmanagementtools,andyoullneedtouselowleveldirectoryeditors,scripting,orotherfranklycomplexmeanstoreanimateobjectsfromtheirrecycledstate.ThetermRecycleBiniskindofmisleading,becausealthoughthefeaturedoesprovideasortofundocapability,itdoesntdosointhesameeasytoaccesswaythattheWindowsExplorerRecycleBindoes.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    34

    Also,thisnewrecycledstatedependsonchangesmadetoADinWindowsServer2008R2meaningyoucantleveragethisnewfeatureuntileverydomaincontrollerhasbeenupgradedtothisnewversionofWindows.YoualsohavetoupgradeeverydomaininyourenvironmenttotheWindowsServer2008R2functionallevel,andupgradeyourforesttotheWindowsServer2008R2functionallevel.Thatsaseriouscommitmentformostorganizations,requiringplanning,newsoftwarelicenses,andasignificantamountofeffortinordertoreducetheriskofoutagesinaproductionenvironment.Figure18showshowtomaketheupgradeusingthenewWindowsPowerShellADcmdletsincludedinR2.

    Figure18:Upgradingtheforestfunctionallevel.

    Butwait,theresmoretodo:Onceyourdomaincontrollers,domains,andforestsareupgraded,youhavetomanuallyenabletheRecycleBinfunctionalityinAD.Figure19showsthisbeingdonefromWindowsPowerShell.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    35

    Figure19:EnablingtheRecycleBin.

    Onceyouvedonethat,youcanstartwritingscriptsthatactuallyletyourecoverdeletedobjectswiththeirattributesintact.Oh,andoncetheRecycleBinfunctionalityisturnedon,youcantturnitoff.Sobeforeenablingit,makeabsolutelycertainthatthisnewfeaturewontbeinviolationofanyinternalsecurityrules,legislativesecurityrequirements,orindustrysecurityrequirements.Forexample,inmanyEuropeancountries,itsillegaltoretainpersonallyidentifiableinformation(PII)incertaincircumstances;enablingtheRecycleBinmayunacceptablyretainPIIwithoutyourealizingit,asobjectattributesarentdeleted.

    AccessingdeletedobjectsisntassimpleasopeningaRecycleBiniconintheADmanagementconsole;farfromit.Youllneedalowerleveltool,likeLdp.exe,toaccessthenewlycreatedDeletedObjectscontainer,asshowninFigure20.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    36

    Figure20:Accessingdeletedobj Ldp.exe.

    TheRecycleBinisalsoonlyusefulfordeletedobjects:Changestoobjectsarentcapturedandpreserved.Restoringmultipleobjects,especiallythoseinadeephierarchy,isstillcomplicated.Nondirectoryobjects,includingGroupPolicyObjects(GPOs,whichliveonthefilesystem,notinthedirectory)arentprotectedbytheRecycleBin.TheRecycleBinalsoreliesonADitselfbeingfunctional;ifsomethinggoeswrongatthedomainorforest

    ectsin

    level,youllstillneedtohaveabackupmadebyothermeans.

    SothenewRecycleBinfeaturecancertainlybeusefulbutyouneedtounderstanditslimitationsbeforeyourelyonit,andyoumaystillwanttohavethirdpartyrecoverytoolsinplaceforotherscenariosandforeaseofuse.Youllcertainlystillwantregulardomaincontrollerbackups.

    Tip,Trick,Technique11:ClassifyingFilesinR2AnentirelynewfeatureinWindowsServer2008R2istheWindowsFileClassificationInfrastructure(FCI).Thisfeatureisdesignedtohelpadministratorsbettermanagefilestorageresources,enforcecompanypoliciesregardingstoreddata,andsoon.FCIisessentiallydesignedtohelpclassifythedataonyourfileserversandtoautomateotherwisemanualprocessesusingpredefinedpoliciesthatarebasedonthebusinessvalueofyourdata.FCIisaninfrastructurefeature,meaningitprovidesalotofwaysforthirdpartyvendorstohookinandprovidefeaturesaboveandbeyondwhatWindowsincludesnatively.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    37

    HeresthebasicproblemFCIseekstosolve:Organizationswouldlovetobeabletocleanuptheirfileservers.Butsomedataneedstobepreservedforlongperiodsoftime,andtodayitsverydifficultandtimeconsumingtosortthekeeperdatafromthedontneeditdata.FCIisdesignedtosupportpredefinedrulesthathelpWindowsautomaticallyclassifydata,andthenallowmanagementprocessessuchasfilecleanupandarchiving,orsecurityauditstooperatefromtheclassifications.

    Natively,R2sFCIhelpsclassifyfilesbasedoncontentandlocation.Oneclassified,sensitivedatamightbemovedorsecureddifferently,backupsolutionsmightprioritizehighlyvaluablefilesoverlessvaluableoneswithinabackupwindow,orstaledatamightbeautomaticallyarchivedordeleted.

    ThenativeFCIcapabilitiesareaccessedthroughtheFileServerResourceManager(FSRM)console,showninFigure21.

    Figure21:AccessingFCIthroughFSRM.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    38

    Asyoucansee,classificationstartswithalistofclassificationproperties.Inthisexample,filescanbeclassifiedashavingpersonallyidentifiableinformation(PII)ornot,andcanhaveasecrecylevelapplied.Thesepropertiesessentiallydefinethekeyaspectsofinformationthatmightdriveabusinesstomakedifferentdecisionsaboutthefile:FilescontainingPIImightbesecureddifferently,orfileswithahighsecrecylevelmightbebackedupmorefrequently.

    Next,rulesarecreatedtohelpautomaticallypopulatethesepropertiesforeachfile.Figure22showsthecreationofarule,wherefilesinaparticularlocationhaveaspecificsecrecylevelappliedautomatically.

    Figure22:Automaticclassificationrules.

    Thecontentoffiles,ratherthanjusttheirlocation,canalsodrivetheclassification.Figure23showstheContentClassifierbeingusedtosetthePIIclassificationproperty.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    39

    Figure23:DefiningaContentClassifierrule.

    Figure24showsthecontentthatsbeingsearchedforinthisexample,aregularexpressionthatmatchesonUSSocialSecurityNumberpatterns.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    40

    Figure24:Definingthecontenttosearchfor.

    Thirdpartiescanprovideadditionalclassifiers,andthirdpartiescanalsousetheFCIapplicationprogramminginterface(API)toapplyclassificationpropertiesortoreadthosepropertiesforexample,anauditingsolutionmightusethesepropertiestoprioritizethefilesthatareincludedinasecurityaudit.

    NoteThescreenshotsforFCIweretakenfromprereleaseversionsofR2andmaychangeinthefinalshippingproduct.Thesescreenshotsweredrawninpartfromhttp://blogs.technet.com/filecab/archive/2009/05/11/classifyingfilesbasedonlocationandcontentusingthefileclassificationinfrastructurefciinwindowsserver2008r2.aspx,whichincludesafulldiscussionofthefeature.

    http://blogs.technet.com/filecab/archive/2009/05/11/classifying-files-based-on-location-and-content-using-the-file-classification-infrastructure-fci-in-windows-server-2008-r2.aspxhttp://blogs.technet.com/filecab/archive/2009/05/11/classifying-files-based-on-location-and-content-using-the-file-classification-infrastructure-fci-in-windows-server-2008-r2.aspxhttp://blogs.technet.com/filecab/archive/2009/05/11/classifying-files-based-on-location-and-content-using-the-file-classification-infrastructure-fci-in-windows-server-2008-r2.aspx

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    41

    Tip,Trick,Technique12:RemoteCommandLineAdministrationinRWindowsPowerShellv2introducesanewformofremotemanagementbasedupontheindustrystandardWebServicesforManagement(WSMAN)andMicrosoftsWindows

    2

    implementation,WindowsRemoteManagement(WinRM).

    WinRMisaWebServicesbasedprotocol,meaningitoperatesoverHTTP.Bydefault,thismeansitusesports80and443,althoughthoseportnumbersareconfigurable.TheWinRMservicelistensforincomingrequests,thenpassesthoserequeststoregisteredapplicationsincludingPowerShell.Forsecuritypurposes,administratorscangoverntheapplicationsthatareallowedtoregisterwithWinRM.Essentially,WinRMreplacestheolderandmorecumbersomeRemoteProcedureCall(RPC)protocol;WinRMofferseasiercompatibilitywithfirewalls.

    PowerShellv2includesasetofcmdletsdesignedtoconfigureandenableremotingthroughWinRM,andasetofcmdletsdesignedtoestablishsessionswithremotecomputers.OnceyouhavecreatedanauthenticatedsessionfromyourlocalPowerShellinstancetoaremoteinstance,youcanengageintwodistinctmanagementscenarios:1:1and1:n.

    A1:1scenariobasicallyprovidesyouwitharemoteinteractivecommandlinewindow,notatallunlikeSSHfoundonmostUnix/Linuxoperatingsystems(OSs).A1:nscenarioallowsyoutoinvokePowerShellcommandsandhavethemrunonmultipleremotecomputersinparallel,withtheresultsbeingbroughtbacktoyourcomputer.ThismakesmultiplecomputermanagementvirtuallythesameassinglecomputermanagementandmakesiteasiertomanageevenahighlydistributedITinfrastructure.

    Tip,Trick,Technique13:ConfiguringServerCoreinWindowsServer2008R2Asmentionedinaprevioustip,WindowsServer2008R2sServerCoreinstallationmodeoffersanew,easierwaytoperformtheinitialserverconfiguration:theSconfigutility.Insomeways,Sconfigiskindoflikeatextbased,miniServerManageranditcanbeusedtoenableevengreatermanagementflexibility.

    AsFigure25shows,SconfigcanberunimmediatelyaftertheServerCoreinstallationcompletesandyoulogontotheconsoleforthefirsttime.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    42

    Figure25:RunningSconfig.

    Theutilitymakesiteasiertoperformallbutoneofthemajorinitialconfigurationtasksyouneedtodoonanynewserver(moreonthatmissingoneiteminamoment).Youcanjoinadomain,setthecomputername(althoughcomputernameshouldreallybethefirstitem,notthesecond,sincechangingthenameshouldoccurbeforejoiningadomain).YoucanconfigureWindowsUpdate,runaWindowsUpdatecheck,andconfigureavarietyofremotemanagementoptions,whichyoushoulddefinitelydo.InFigure26,youllseethatImenablingMMCremotemanagement,ataskthatalsoenablesthenecessaryfirewallexceptionsontheserver.

    Figure26:EnablingMMCRemoteManagement.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    43

    IalsorecommendallowingServerManagerRemoteManagement.AnewfeatureinWindowsServer2008R2sServerManagerconsole,RemoteManagementwillenablearemoteinstanceofServerManagertoconnectto,andmanage,yourServerCoreinstancemakingitvastlyeasiertoexaminerolesandfeaturesinstalledonServerCore,forexample.YoucanalsoenableRemoteDesktop,asFigure27shows.KeepinmindthatonServerCore,RemoteDesktoponlybuysyouaremotecommandlinewindow;itdoesntmagicallygiveyouafullGUItoworkwithremotely.Infact,althoughIalwaysenableRemoteDesktop,ImainlyuseitforemergenciesIprefertouseremoteGUIbasedtoolstoconnectto,andmanage,ServerCoreinstallations.

    Figure27:EnablingRemoteDesktop.

    Finally,asFigure28shows,Sconfigevenallowsyoutoconfigurenetworksettingsforeachinstallednetworkadapter.ConfigureastaticIPoranyothersettings.(AlthoughIfranklyprefertoleaveServerCoreusingDHCPandtoinsteadconfigureaDHCPreservationinmyDHCPserver.ThatwayifIeverreinstallServerCoreforsomereason,IdonthavetoreconfigurethestaticIPitlljustpickupthedesiredIPfromDHCP).

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    44

    Figure28:Configuringnetworkadaptersettings.

    ItseemsasifSconfigwilldoeverythingyouneed,butyouwontfindanoptiononitsmenuforactivatingWindows,whichseemslikeaprettyseriousoversight.Instead,youllstillneedtomanuallyinstallyourproductkeyusingSlmgr,asFigure29shows.

    Figure29:InstallingaproductkeyinServerCore.

    Afterinstallingtheproductkey,youllhavetoactivateWindows.Ifyoureusinganormalretailkey,justrunSlmgratotoinitiateactivation.

    Sconfigisabighelp,althoughitwouldbeniceifitalsohandledtheproductactivation.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    45

    Tip,Trick,Technique14:WhatAreMicrosoftsManyVirtualizationOptions?IfyouthoughtWindowsHyperVwasMicrosoftsonlyforayintovirtualization,youreinforabitofasurprise.Microsoftisslappingthevwordonmanydifferentproductsandtechnologiessomeofwhichhavebeenaroundforyearswithoutanyoneapparentlyrealizingtheywerevirtualization!

    HyperVTherealvirtualizationinWindows,HyperVisatype1hypervisorthatsdesignedtoemulatePChardwareforthepurposeofrunningguestoperatingsystems(OSs).DerivingfromMicrosoftVirtualServerbutinfactbuiltinanentirelydifferentwayHyperVisthebasisforMicrosoftsenterprisevirtualizationefforts.ItcompeteswithVMwaresvSphere/ESXproductsandCitrixXenfamily.

    AppVAppVisdesignedtorunonWindowsclientcomputersoronTerminalServicesservers.Itessentiallyallowsyoutocreateimagesofcompletelyinstalledapplications,thendeploythoseimagesratherthanactuallyinstallingtheapplicationoneachofyourclientcomputers.AppVcreatesasortofsandboxorbubblearoundtheapplication,preventingitfromhavingapermanentimpactontheclientsfilesystem,registry,andotherresources,andprotectingapplicationsfromconflictingwithoneanother.Centralmanagementtoolsprovidedeployment,management,deprovisioning,andotherfunctionality.AppVisavailableaspartoftheMicrosoftDesktopOptimizationPack(MDOP),whichisonlyofferedtoMicrosoftcustomerswhohavepurchasedSoftwareAssurancefortheirenterpriseOSs.

    VirtualPCSortofastrippeddownVirtualServer,VirtualPCisMicrosoftsworkstationgradevirtualizationsoftware.Conceptually,itdoesthesamethingasHyperV:RunningguestOSsonWindows(orMacs).Underthehood,itsaverydifferenttypeofhypervisorwithlesserperformance.ItsusefulforsoftwaretestersandotheremployeeswhoneedtorunanalternateOSontheirclientcomputer;Windows7sWindowsXPModeisessentiallyabuiltinVirtualPCrunningapreconfiguredWindowsXPguestOS.VirtualPCcompeteswithVMwareWorkstationandsimilarproductsfromParallels.

    DeskVorMEDVMicrosoftEnterpriseDesktopVirtualization(MEDV)isalsoapartoftheMDOP.ItsdesignedtoprovidecentralmanagementandcontrolofVirtualPCimages,enablingyoutodeploy,manage,andcontroltheseimages.Forexample,subcontractorsworkinginyourenvironmentmightbegivenacorporatestandardVirtualPCimage,whichallowsthemtoaccesscorporateresourceswithoutjoiningtheirlaptopordesktopcomputertoyourdomain.YoucanthencontrolthesecurityanduseofthatVirtualPCimage.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    46

    RemoteDesktopServicesCalledpresentationvirtualization,RemoteDesktopServices(RDS)usedtobeknownasTerminalServices.ItgotanamechangeinWindowsServer2008,andisofficiallypartofMicrosoftsvirtualizationeffortsnow.Technically,ithasalwaysofferedvirtualdesktops,althoughitsvirtualizationinaverydifferentwaythan,say,HyperV.RDScompeteswithCitrixinaway,andinawayiscomplementedbycertainCitrixproducts.

    ItsallVVirtualizationhastakenonsomanymeaningsdueinparttothewordspopularityandmarketingcloutthatithasbecomeanalmostmeaninglessterm,likeActiveXand.NETwerebackintheirdays.SufficetosaythatMicrosofthasanumberofcreativeandusefulproductsandtechnologiesthatvirtualizesomethinginsomeway;focusonindividualsolutionsmoresothanthevword.

    Tip,Trick,Technique15:TheNewWindowsLogFilesFormorethanadecade,WindowsadministratorshavesufferedwiththenativeWindowseventlogs.Wevestruggledtofindrelevanteventstohelpusauditandtroubleshootoursystems,wevehuntedforthemeaningbehindobscuremessagesandeventIDnumbers,andwehavetriedtomakeascienceoutofaprettyrawandlowlevelstoreofinformation.Worse,thethingsarentcentralized,meaningyouwinduphuntingacrossmultipleserverstofindtheinformationyouneed.

    InWindowsServer2008,thingsarealittlebetter.Sure,yougetafancynewuserinterface(UI)embeddedwithinServerManager(showninFigure30),butyoualsogetsomeimportantnewfeatures.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    47

    Figure30: eventlogviewinginServerManager.

    Nowyoucancreatecustomviews,whichcontainfilterandsortcriteriathatmakeiteasierforyoutorepeatedlycomebackandfindspecificevents.Youmightsetupaviewforeventsrelatedtoaspecificapplication,forexample.Figure31showsanexample,usingthebuiltinAdministrativeEventscustomview.

    New

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    48

    Figure31:Viewingeventsthroughacustomview.

    Logdatahasbeensegregatedoutintomorelogs,helpingbreakdowninformationlogicallybyproductortechnology.AsFigure32shows,afairlybarebonesWindowsServer2008installationhasdozensofindividuallogs;fortunately,thosecustomviewscanaggregateeventsfrommultiplelogs,givingyouaconsolidatedviewifyousodesire.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    49

    Figure32:Multiplelogshelpcategorizeinformationbetter.

    EventforwardingandsubscriptionsprovideasysloglikecapabilitytoforwardselectedeventstoacentralWindowsserverforconsolidation.IttookmorethanadecadetogetthisfeatureinWindows,butyoushouldbegladyouhaveit!Youcansetitupthrougheventsubscriptions,allowingyoutosetupacentrallogserverthataggregatesallyourlogs.Figure33showstheconfigurationforasubscription,andyoucanseethatyoucanevenselectspecificeventstobecollected.

    ResourceYoullfindagreatarticleathttp://redmondmag.com/articles/2007/08/01/syslog20yearslater.aspxthatgoesintomoredetailabouthowtousethese.

    http://redmondmag.com/articles/2007/08/01/syslog--20-years-later.aspx

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    50

    Figure33:Settingupeventsubscriptions.

    Noteverythingisperfect,though.Insomecases,theoldeventIDsyoureusedtoseeingaregone,replacedbyeventIDsthathavehad4,096addedtotheirnumericID.ThiswasdonetohelpmakeroomforneweventIDs,andcanbefrustratinguntilyourealizewhatshappened.

    Tip,Trick,Technique16:GeographicallyDispersedClusterNodesMultisiteclusteringistheofficialnameoftheimprovementtoWindowsbuiltinclusteringcapabilitiesthatallowsclusternodestoexistindifferentgeographiclocations.Theideaisthatadispersedclustercansurviveevenmajorfacilitydisasters,likefireorflood,becausetheindividualnodesarewidelyseparated.LikeothertypesofWindowsServerclusters,multisiteclustersofferautomaticfailoverwhenanodefails.Eachsitehasatleastonestoragearray,andnodesareconnectedtostorageinsuchawaythateachnodecanaccessthestorageattheirownsiteintheeventofacommunicationsfailure.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    51

    Thus,theclusternodesinDenvercanaccessstorageinDenver,andclusternodesinLasVegascanaccessstorageinLasVegas.TheDenvernodescanfunctionwithouttalkingtotheLasVegasstorageaswouldbethecaseintheeventofadisasterthere.ThestoragefabricmustprovideawaytomirrororreplicatedatabetweensitessothatdatainDenverisbeingreplicatedtoLasVegasandviceversa.Thisisthetrickybit,andyoullneedthirdpartyhelptosolveit,becauseWindowsdoesntprovidethatreplicationfunctionalityitself.However,someMicrosoftapplicationsdoprovidetheneededcapabilitysuchasExchangeServer2007sContinuousClusterReplicationfeature.

    Windowsclustershaveinthepastreliedprimarilyuponasharedstorageresourcethatisalwaysaccessibletoeverynode,sosomechangesneededtobemade.Quorums,forexample,havemovedtotheconceptofvotes.Eachnodegetsavotetodecidewhichnodegetstocontrolwhichresources;awitnessaWindowsserverthatisntintheclusterservesasanindependenttiebreaker.

    ThinkofaclusterthathasNode1andNode2andanindependentwitness.Node1votesforitself,Node2votesforitself,andthewitnessvotesforoneortheother,breakingthetie.Thatvotedetermineswhichclusternodeisactiveandwhichisonstandbyforparticularresources.Ideally,thewitnesslivesatadifferentsitefromthetwonodes;whichevernodesitethewitnesscanseemustbealiveandonline,soitmakessenseforthatclusternodetobeactivewithinthecluster.

    Multisiteclustersareagreatnewfeature,especiallyforlargerorganizationswithdistributeddatacenters.

    Tip,Trick,Technique17:IdentifyingThreatsofDataLossinaWindowsServerEnvironmentNomatterhowrobust,reliable,andsecureWindowsServer2008is,wefacerisksofdataloss.Systemsadministratorsknowalltoowellhowoftensomeoneaccidentlydeletesafileandthensomehowmanagestoaccidentlycleartherecyclingbinaswell.DatalosslikethatfallsattheeasyendofthespectrumofproblemswefacewithprotectingdataonWindowsServer2008platforms.Attheotherendofthespectrum,wehaveabigchallengewhenitcomestodataloss:disasterrecovery.Howwilltheorganizationcontinuetofunctionifcriticalapplicationsaredownbecauseserversweredestroyedinafire,flood,hurricane,orsomeothernaturaldisasterthatmightbeafamiliarthreatinyourarea.Betweenthesimple ofdatalossrisks:andthecomplex,wehaveawholerange

    Accidentaldatalossduetohumanerror

    nerrorAccidentaldatalossduetoapplicatio

    Intentionaldatalossduetomalware

    nactionsIntentionaldatalossduetohuma

    Datalossduetonaturaldisaster

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    52

    Wecanquicklyseefromthislist,thethreatsunderlyingtheriskofdatalosscanberoughlygroupedalongtwodimensions:intentionalversusaccidentalandprogrammaticversushumanaction.Naturaldisastersaresomethingofaspecialcase,andwewilldiscussthatindifferentterms.Onefinalnoteaboutthegrouping,thedimensionsarenotmutuallyexclusive.Wecouldhaveasituationwhereaprobleminanapplication,sayabuginapatch,combineswithmistakesapplyingthepatchbytheadministratortocreateacompoundedthreat.Clearly,thereisnoshortageofwaysinwhichourdatacanbelost.

    Note tTerminology:RisksandThreatsAbou

    Thetermsriskandthreataresometimesusedinwaysthatobscuretheirprecisedefinitions.Ariskisahazardorpotentialloss,suchastheriskoflosingdata,havingdatatamperedwith,orhavinglogininformationstolen.Athreatisameansforrealizingarisk.Asingleriskcanhavemanythreatsthatcanbringabouttheunwantedoutcome.Forexample,someonecouldstealyouronlinebankingcredentialsbyoverlookingyourshoulderandwatchingyoutypeorbyinstallingakeyloggerthatcaptureskeystrokesasyoutype.

    Figure34:Theriskofdatalossisduetomultiplethreats.

    Thefirststepinunderstandingtheriskofdatalossistounderstandhowthesedifferentthreatsoperatetounderminetheintegrityandavailabilityofourdata.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    53

    AccidentalDataLossDuetoHumanErrorThethreatofhumanerrorisconstant;ourbesthopeistomitigatetheriskbyputtinginplacecontrolsandproceduresthatreducethelikelihoodofaccidents.Itishelpfultothinkofhumanerrorintermsofusererrors,whichcanbebad,andadministratorerrors,whichcanbeexceptionallybad.

    Endusererrorsleadtorelativelyisolateddataloss:deletedfiles,corruptedrecordsinadatabase,andoverwrittenfilesinashareddirectory.Thesetypesoferrorscanbemitigatedwithaccesscontrolsthatlimitdeleteandwriteprivilegestoonlynecessaryusers.Inthecaseofapplicationrelatederrors,improvingusabilityandpromptingforconfirmationfordestructivechangescanhelpreducetheriskofdataloss.

    Administratorerrorsaremoredifficulttoprevent.Ifyouvebeeninsystemsadministrationlongenough,youprobablyhavetalesofmistakesthatstillmakeyoucringe.Onewaytoreducetheriskofdatalossfromadministratorerrorsistodocumentproceduresandusecheckliststoensuretheproceduresarefollowed.Byitsnature,systemsadministrationoftenrequiresustoperformuniquetasks,suchasapplyingaparticularservicepack;however,afteryouhaveperformedthistaskafewtimes,youcandevelopapatternthatcanbegeneralizedenoughtocreateachecklistofessentialsteps(nottheleastofwhichiscreatingabackupbeforeyoustart).

    AccidentalDataLossDuetoApplicationErrorThebluescreenofdeathhasbeenawellknownphrasesincethedaysofWindowsNT.Ifanapplicationmadeanerroranddidnotproperlytrapforitandtheoperatingsystem(OS)didnotproperlyisolatetheerror,thenitwastimetoabandonallhopeandreboot.TodaysapplicationcodeandOSslikeWindowsServer2008aremoreresilientthantheir1990scounterparts,butaccidentaldatalossduetoapplicationerrorisstillaproblem.Notsurprisingly,itisthecomplexityandinteroperabilityofapplicationsthatcreatesignificantthreatsofdatalosstoday.ConsidersomeofthewaysaWebapplicationwitharichInternetapplication(RIA)interfacemaylosedata:

    AbuginabrowseraddoncrashesInternetExplorerwhileexecutingamultistepworkflow

    AnerrorinaSQLServerstoredprocedurerunningintheapplicationsdatabasemistakenlycorruptsdatabeforefinishingatransaction

    AmisconfiguredsettinginInternetInformationServices(IIS)causesaWebserverfailureintheWebserverbeforedataispostedtothebackenddatabase

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    54

    Figure35:Applicationstacksarebecomingmorecomplex;evenbrowsersare

    collectionsofaddonseachofwhichcanharborapplicationvulnerabilitiesthatcanleadtodataloss.

    Althoughtherehavebeenadvancesinsomeareasofapplicationdevelopment,especiallyintheareaofOSrobustness,theadditionalcomplexityintodaysapplicationsharborthepotentialfordataloss.

    IntentionalDataLossDuetoMalwareMalicioussoftware,commonlyknownasmalware,comesinanumberofforms,allofwhichcaneitherdirectlyorindirectlyresultindatalossifaserverorclientdevicebecomesinfected.Sometypicaltypesofmalwareinclude:

    Viruses,whichareprogramsthatcompromiseotherprogramsinordertocarryoutanattack

    Worms,whichareprogramsthatcanspreadandoperateindependentlyofotherprograms(unlikeviruses)

    Keyloggersareprogramsthatcapturekeystrokes,includingauthenticationdetails,whichcanbeusedatalatertimetocompromiseasystem

    Trojans,programsthatappeartobeonething(forexample,autility)butcarryoutunwantedoperations,suchasstealinginformation

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    55

    RootkitsareoneofthemostperniciousformsofmalwaretheyhidethemselvesbycorruptingOSlevelservices;gettingrideofarootkitisdifficultandvictimsmayhavetoresorttowipingtheharddriveorscanningandrepairingfromaknownsafebootdevice

    BlendedthreatscombinemultipletypesofmalwareinasingleattackvectorMalwarecancausedatalosseitherbecausethemalwaredevelopersdesignedtheircodetodestroydataorbecausethemalwareinterfereswithotheroperationsresultingindataloss.Althoughdatalossisaproblem,abiggerconcernwithmalwareislossofconfidentialitywithmaliciouscodethatstealsfilesorlogskeystrokes.

    IntentionalDataLossDuetoHumanActionsDisgruntledemployeesarenothingnew.Somemaynotliketheirjobs,somemayhavepsychologicalissues,andsomemightbelookingforpaybackafteralayofforperceivedunjustsanction.Concernsaboutinsiderabuseareprobablymoreattheforefrontofourmindsduringchallengingeconomictimesthatinevitablyleadtolayoffs.Thewaysadisgruntledemployeecancausedatalossarelimitedonlybytheirimagination.

    Oneparticularlydifficultformisthelogicbomb.Thisshouldbeincludedwiththelistofmalware,butweaddressitherebecauseitismaliciouscodeintroducedbyaninsider.Alogicbombsiscodethatissettoexecuteatsometimeafterthecodeisintroducedandwilldestroy,corrupt,orotherwisetamperwithdataorapplications.Thedamagesfromalogicbombcanextendbeyondthebusinessororganizationthatistheinitialvictim.In2008,aformersystemsadministratoratahealthservicescompanywasconvictedofcreatingalogicbombthatwouldhavedestroyedvirtuallyallinformationonthecompanyservers,accordingtoonereport,includinghealthcareinformation(Source:SharonGaudin,MedcoSysAdminGets30MonthsforPlantingLogicBomb,Computerworld,January8,2008.http://www.computerworld.com/s/article/9056284/Medco_sys_admin_gets_30_months_for_planting_logic_bomb).

    Atsomepoint,thelevelofdatalosscausedbyintentionalhumanactioncrossestheboundaryintoamoredisasterlikesituation.Forexample,ifanarsonistsucceedsinseriouslydamagingadatacenter,thelevelofdatalosswouldapproachthatofalossduetoanaturaldisaster.

    DataLossDuetoNaturalDisasterTherearetwoaspectsofdatalossduetonaturaldisasterthatdistinguishitfromotherthreatsofdataloss:thescaleofdatalostandtheaccompanyinglossofinfrastructure.Naturaldisastersdonotselectivelytargetdata,thewaymalwaremight,anditisnotlimitedtoasingleapplicationordatabase,thewayanapplicationerrormightbe;naturaldisastercanwipeitallout.Whenconsideringhowtomitigatethethreatofdatalossduetonaturaldisaster,wemustconsiderhowwewillprovidetemporaryserversandotherinfrastructuretoruncriticalapplications.

    http://www.computerworld.com/s/article/9056284/Medco_sys_admin_gets_30_months_for_planting_logic_bomb

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    56

    Figure36:Failoversystemsreplicatedatafromaprimarytoasecondarysystemso

    thatthelattercantakeoverintheeventofafailureintheprimaryserver.

    WealsoneedtoconsiderhowlongITservicescanbedownbeforethereissignificantadverseeffectonthebusinessororganization.Ifrapidrecoveryisessential,thenweneedtoconsiderhighavailabilitysolutions.Withthesesystems,dataisreplicatedfromprimaryserverstostandbyservers.Primaryserversmaybemonitoredandiftheyfail,applicationswillfailovertothestandbyserver;inothercases,manualinterventionisrequiredtoswitchtothestandbyserver.(Wewillhavemuchmoredetailonhighavailabilityanddatareplicationservicesinafuturevolume).

    Oncethethreatsthatcanleadtodatalossareunderstood,wecandeviseaplantomitigatetherisk.Clearly,backupswillplayaroleindatalossprotection,butaswewillsee,thereismuchmoretoreducingtheriskofdatalossthansimplymakingbackups.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    57

    Tip,Trick,Technique18:UnderstandingtheBuildingBlocksofaRecoveryManagementStrategyArecoverymanagementstrategyisaplanforreducingthechanceofdatalossduetoanyofthethreatsdescribedinTip,Trick,andTechnique17.Withanoverviewunderstandingofthethreats,howdowegoaboutprotectingourWindowsServer2008serversandotherinfr tras ucture?Itstartswithafourstepprocess:

    1. Createadataclassificationsystemandcategorizedatatobeprotected 2. Identifycriticalserversandapplicationsneededfordifferentcategoriesofdata

    3. Foreachcategoryofdata,determinerecoverypointobjectives(RPOs)andrecoverytimeobjectives(RTOs)

    4. Fordisasterrecoverypurposes,determinethelevelofperformancerequiredwhenoperatingindisasterrecoverymode

    Attheendoftheprocess,wehavedescribedthelevelofprotectionrequiredtomitigatetheriskofdatalossbalancedagainsttherequirementsandresourcesoftheorganization.

    CreatingaDataClassificationSchemeThinkaboutallthedifferenttypesofdatainatypicalmidsizebusiness.(Theprincipleswedevelopapplyequallywelltononbusinessorganizations,butforsimplicity,welluseabusinessexamplehere).Thereistransactiondataaboutsales,customerdetailsandaccountsummaries,HRdataaboutemployees,datawarehousesandexecutivereportingdata,emails,documents,andotherunstructureddata.Nowweneedtoask,Isallthisdataequallyvaluable?Anotherwaytothinkaboutitis,Howwouldthebusinessbeaffectedifthedatawerelost?

    Wouldtherebeasuddenandsignificantnegativeimpactonthebusiness?Losingasalesorderdatabasewouldprobablyfallintothiscategory.

    Iftheentiredatawarehousewerelost,howbadwouldthataffectthebusiness?Asdatawarehousesaretraditionallyusedformanagementreportingbutnotcoreoperations,theimpactwouldbelimited.Furthermore,somepartsofthedatawarehousecouldbereconstructedfromdataintransactionalsystems,althoughsomehistoricaldatamaybelost.

    IfanHRcontentmanagementsystemcontainingemployeeworkplanswerelost,therewouldbesomeneedtorecreatethisdata.Thistaskcouldbedoneoveralongishperiodoftimewithouthavingasignificantadverseimpactonthebusinesses.

    Fromtheseexamples,wecanseethreecategoriesfordataclassification:critical,important,andoptional.Criticaldatadeservesthegreatestlevelofprotection(welldefinewhatthatmeansinoperationaltermsshortly),importantdatashouldbeprotectedbutnotattheexpenseofcriticaldata,andfinally,optionaldatashouldbeprotectedifpossiblebutisoflowerprioritythantheothertypesofdata.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    58

    Akeybenefitofhavingadataclassificationschemeisthatisallowsustoprioritizehowwecommitresourcestoprotectingdata,andthatpriorityisbasedonbusiness,nottechnical,requirements.Forexample,abusinessmayhavetwoWindowsServer2008systemsrunningSQLServer;oneishostinganordersdatabaseandtheotherisusedforadatawarehouse.Itisthetypeofdatainthedatabase,notthefactthattheserverisusedforSQLServer,thatdeterminesitsdataprotectionpriorities.

    DataClassificationCategory

    Description Priority Example

    Critical

    Datathatisessentialtothecontinuedoperationoftheorganization.Ifthedatawerelost,itwouldseverelyandadverselyimpacttheorganization.

    Highest Financials,Customerdatabase

    Important

    Datathatisneededfornormaloperations.Ifthedatawerelost,itcouldberecreatedwithsomeeffort.Itslosswouldnothaveanimmediateadverseimpactalthoughlongtermlosswould.

    Medium Datawarehouse,Marketingdata

    Optional

    Lowvaluedatathatwouldnotadverselyimpacttheorganizationifitwerelostforanextendedperiod.Iseasilyrecreatedatlowcost.

    Low

    Copiesofpublicallyavailabledata(forexample,censusdatausedinmarketing)

    Table1:Dataclassificationschemespartitiondatabyvalueandimpactonbusinessoperations.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    59

    IdentifyingCriticalServersandApplicationsJustassomedataismoreimportantthanotherdata,someserversaremoreimportanttoabusinessororganization.Toidentifywhichserversaremostimportant,weneedtounderstandwhatfunctionstheservercarriesout,intermsofbusinessprocesses,andwhatdatatheserverstores.Often,butnotalways,therewillbeoverlap;criticalbusinessdataresidesoncriticalservers.Thisisnotalwaysthecase.Forexample,adevelopmentserveriscriticaltoasoftwaredevelopmentgroupbutitdoesnot(oratleastshouldnot)haveanycriticalorganizationaldatastoredforanythingbutdevelopmentpurposes.

    CriticalServersHostCriticalApplicationsThefirststepinidentifyingcriticalserversistocreateahighlevelmapofwheredifferenttypesofdatareside.Forexample,serverscouldbelabeledasstoringcritical,important,oroptionaldataaswellasacombinationofmultipletypes.Inthecaseofmultipletypes,theservershouldbeconsideredashavingthehigherprioritycategoryofdata.

    Figure37:Serversareconsideredcriticaliftheircorefunctionisacriticalbusiness

    functionorifanothercriticalserverisdependentonthem.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    60

    Considerasimplescenarioofasmallbusinessoradepartmentwithinalargerorganization.Thereareseveralapplicationsrunningonanapplicationserverandallofthosesystemsareconsideredcritical.Thataddstheapplicationservertothecriticallist.Butwecantstopthere.TheapplicationsrunningonthatserverdependonaSQLServerdatabasethatishostedonanotherserver.AuthenticationtotheapplicationsdependonanActiveDirectory(AD)serveronyetanotherserver.Finally,theapplicationsareoflittleusewithouttheWebinterfacethatallowsuserstointeractwiththeapplication.Whatstartedasonecriticalserverquicklybecamefourbecauseofapplicationdependencies.

    Whencreatingtheseprioritizedlistsofservers,ithelpstohavesomeonewithknowledgeoftheapplicationarchitecturetohelprundownallthedependencies.Thelastthinganyofuswantistogetintoadisasterrecoverysituationonlytolearnwemissedacriticaldependency.

    Ofcourse,whenwespeakofdataontheserver,wereallymeandatathatislogicallymanagedbythatserver.Thedatamayactuallyresideonastoragearraythatissharedbymultipleservers.Fromtheperspectiveofprotectingagainstdataloss,thatdoesnotmatter.Iftheserverisdown,thedataitmanagesisnotreadilyaccessibleevenifthestoragearrayisfunctioning.

    CriticalServersSupportCriticalBusinessProcessesIfweconductedasurveyandaskedITandbusinessprofessionalstodefinethecriticalapplicationsusedintheirbusiness,wewouldprobablygetmanyanswersaboutsalesordersystems,customerrelationshipmanagementsystems,financials,andotherbackofficeapplications.Thesecertainlyfitintothecriticalcategory,buttheydonotcoverthefullspectrumofessentialsystems.Takemessaging,forexample.Manyoftheapplicationslistedmakeminimaluseofemailservicesyetemailsystemsareessentialinmanyorganizations.Wejusthavetoaskhowlongwecouldcontinuetooperatewithoutafunctioningemailsystem.Chancesareitwouldbelongerthanifouronlinesalessystemwasdown,butwewouldnotwanttogolongwithoutemail.Thisdemonstratesthepointthatcriticalsystemscomeinmanyforms.

    ImportantButNonCriticalServersDependingonyourorganizationanditsdependenceonemail,anExchangeServermightbeconsideredcriticalorimportant.Importantservers,likethecategoryofdataclassification,indicat itythancriticalservers.Someexamplesofimportantserversinclude:ealowerprior

    Emailservers Databaseservershostingnoncriticalapplicationsdata ntserverswithnoncriticaldataCollaborationservers,suchasSharePoi Fileservershostingshareddirectories

    Attheendofthisexercise,wehaveabreakdownofthetypesofdataandserversbycriticality.Thisallowsustoorganizetheserversbasedontheirimportancetoessentialoperations.Thereisjustonemorestepbeforewecancreateasummarized,consolidatedreportofourrecoverymanagementneedsthatwillallowustodefineaninformedsetofbackupanddisasterrecoveryprocedures.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    61

    DeterminingRPOsandRTOsRPOandRTOareacoupleoftermsthatarefrequentlyusedwhendiscussingrecoverymanagement,backup,andrecovery.Letsstartwithacoupleofdefinitions.RPOisthemaximumamountofdatathatcanbelostexpressedinthetimefromadatalosseventtothetimeofthelastbackup.Forexample,anRPOofonedaymeanswecanacceptthelossofonedaysworthofdata.RTOisthemaximumamountoftimethatdataorsystemsmaybeunavailablewhilerestorationordisasterrecoveryproceduresoccur.Ifwemusthaveadatabasebackedupandfullyrestoredwithinonehourofafailure,thenwehaveaonehourRTO.

    ThelaststepinputtingtogetherthepiecesrequiredtoformulatearecoverymanagementstrategyistodefinetheRPOsandRTOsforeachserverorapplication.Table2showsanexampleofasummarizedreportwithRTOsandRPOsassigned.

    ServerDescription Applications DataCategories

    ServerCategory RTO RPO

    WebServer IIS N/A Critical 1hour 1day

    ApplicationServer

    Financials Critical Critical 1hour 1dayExecutiveReporting Important 8hours

    5days

    HumanResourceMgmt Important 8hours

    5days

    Database1

    Financials Critical Critical 1hour 1day

    Marketing Important 8hours5days

    Database2

    HumanResourceMgmt Important Important 8hours

    5days

    DirectoryServer

    ActiveDirectory Critical Critical 1hour 1day

    FileServer1WindowsServer Important Important 8hours

    5days

    FileServer2WindowsServer Important Important 8hours

    5days

    CollaborationServer

    SharePointServer Important Important 8hours

    5days

    EmailServerExchangeServer Critical Critical 1hour 1day

    DevelopmentServer

    WindowsServer N/A Important 8hours

    5days

    Table2:ExamplesummaryassessmentofdataandserverclassificationsandassociatedRPOsandRTOs.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    62

    Inthisexamplescenario,wehavelimitedourselvestotwolevelsofRPOsandRTOs.Inpractice,weshouldcrafttheseobjectivesasthebusinessrequirementsdemand,butweneedtobalancethosewithmanagementconsiderations.Themorevariationwehave,themorebackuppolicieswewillneedtodefineandmanage.Remember,complexityisoftentheenemyofreliability.Keepingbackupschedulesassimpleaspossible,butnotsimpler,canhelpreducemanagementoverheadandthepotentialforerrors.

    Letsusetheinformationwevecompiledheretohelpformulateadisasterrecoverypolicy.

    CreatingaDisasterRecoveryPolicyRPOsandRTOsdefinehowlongwecanbewithoutcriticalandimportantsystemsandtheirdata.Theseobjectivesguideourdecisionmakingwhenitcomestodecidingarangeofissuesregardingdatalossprevention:

    Howoftenshouldwebackupservers?

    mental,ordifferential)?Whattypesofbackupsshouldweuse(full,incre

    Howlongshouldwekeepeachtypeofbackup?

    Howlongdowehavetorestoredatafromabackup?

    objectives?Isatapebasedsolutionfastenoughtomeetrecovery

    IsdiskstorageneededforshortperiodRPOsystems?Thisinformationalsoguidesusindisasterrecovery,especiallywithregardtohowlongwehavetorestoreservices.That,inturn,influencesourchoiceofarchitecturesforimplem include:entingdisasterrecovery.Keyquestionsthatariseindisasterrecovery

    meetRTOs?Cansystemsanddataberestoredfrombackupsintimeto

    tomeetRPOs?Arebackupsperformedfrequentlyenough

    Whatserverswilltheapplicationsrunon?

    Howwillthebackupmedia,suchastapes,betransportedtothedisasterrecoverysite?

    Willtheapplicationsneedsimilarlyconfiguredserversindisasterrecoverymodeorissomelevelofdegradedperformanceacceptable?

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    63

    Dependingontheanswerstothesequestions,wecanformulatethedisasterrecoveryplan.Atthehighestlevels,adisasterrecoveryplanwilldocumentthefollowing:

    Thelocationofadisasterrecoverysite.Thissitemaybearemoteoffice,adedicatedfacility,oranondemandinfrastructureservice,suchasacloudprovider.

    Ifbackupmediawillbeusedtorestoresystems,theplanshouldincludeaprocedureforensuringbackupsarekeptuptodateatthedisasterrecoverysite.

    When,ifatall,dataisreplicatedfromprimaryserverstostandbyserversbecauserestoringfrombackupmediawilleithertaketoolongorwillnotmeetRPOs.

    Ascheduleshowinghowapplicationsanddataintheprimaryenvironmentwillmaptoserversinthedisasterrecoveryenvironment.Thisscheduleisespeciallyimportantifvirtualserverswillbeusedtohostmultipleapplicationsindisasterrecoverymode.

    Aplanforsynchronizingdatafromthedisasterrecoverycenterbacktotheprimaryserversoncetheyarerestored.

    Alistofdecisionmakersresponsiblefordeterminingwhentoswitchtothedisasterrecoverycenterandswitchbacktotheprimaryservers.

    Figure38:Indisasterrecoverymode,multiplevirtualserverscanbehostedona

    singlephysicalhost,reducingthecostofmaintainingdisasterrecoveryinfrastructure.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    64

    Thistip,trick,andtechniquehasoutlinedthebasicbuildingblocksofarecoverymanagementstrategy;unfortunately,analyzingthepartsdoesnotalwaysgiveacomprehensivepictureofthewhole.Oneaspectofrecoverymanagementthatwasnotaddressedhereissecurity,sowewillturntothatnext.

    Tip,Trick,Technique19:UnderstandingSecurityIssueswithBackups,Archives,andDisasterRecoveryWeexpendalotofefforttokeepourdatasecure.Wesetupaccesscontrols,implementauthenticationmechanisms,andlimitprivilegestoreducetheriskofsomeonetamperingwithdataoraccessingdatatheyshouldnotsee.Manyofthemechanismsweusearenotabletoprotectdataonceitmovesfromtheserversthatnormallyhouseittobackupmedia.Forexample,filebasedoperatingsystem(OS)accesscontrolsdonotlimitaccesstofilesinabackupset.Theneedtoprotectagainstdatalosshasimplicationsthatconflictwithourneedtoprotecttheconfidentialityofdata.

    ProtectingConfidentialityofBackupDataThereareafewkeydriversfortheneedforconfidentialityofdata.Dependingonthetypeofbusinessororganization,theremayberegulationsthatproscribelevelsofprivacyprotectionthatshouldbeensuredforpersonalinformation.Healthcareandfinancialservicesindustriesareobviousexampleswheresuchisthecase.Eveninindustrieswithoutwelldefinedregulations,therearestillincentivestopreservetheprivacyofcustomerorclientdata.Awellpublicizeddatabreachcandamageabusinessimage,leadtothelossofcustomers,andeventuallyimpactthebottomline.HeartlandPaymentSystemsandtheTJXCompanies,Inc.receivedquiteabitofpressabouttheirrecordbreakingdatabreachesin2009and2007,respectively.Intellectualpropertyisaparticularlyimportanttargetinsomeindustriesinwhichhighresearchanddevelopmentcostsprovideincentivetostealratherthandevelopintellectualproperty.

    BuildingaBusinessCaseforSecurity

    TheOpenSecurityFoundationmaintainstheDataLossDatabaseathttp://datalossdb.org/.Thesitehasawealthofinformationaboutdatalossincidentsthatmaybeusefulifyouneedstatisticstojustifyabusinesscasefortheneedforinformationsecurity.Forthreatstointellectualproperty,seeKimZettersReportDetailsHacksTargetingGoogle,Others,Wired,February3,2010(http://www.wired.com/threatlevel/tag/apt/),andtheChristianScienceMonitorsUSOilIndustryHitbyCyberattacks:WasChinaInvolved,January25,2010(http://www.csmonitor.com/USA/2010/0125/USoilindustryhitbycyberattacksWasChinainvolved).

    http://datalossdb.org/http://www.wired.com/threatlevel/tag/apt/http://www.csmonitor.com/USA/2010/0125/US-oil-industry-hit-by-cyberattacks-Was-China-involvedhttp://www.csmonitor.com/USA/2010/0125/US-oil-industry-hit-by-cyberattacks-Was-China-involved

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    65

    Securitybreachescomeinmanyforms,includingthelossortheftofbackupmedia.Confidentialandprivatedatashouldbeencryptedwhenitisbackedupandthebackupmedialeavesthecontroloftheorganization.Withencryption,evenifthemediaislostorstolen,thereislittlechancethedatawillbecompromised.

    Oneotherpointtokeepinmindaboutencryptionisthatthedefinitionofstrongencryptionchangesovertime.Usestrongencryptionalgorithmsandlongencryptionkeystomaximizetheprotectionprovidedbyencryption.

    Tip,Trick,Technique20:UnderstandingtheSourcesofGrowingVolumesofDataSystemsadministratorsarethelastpeoplewhoneedtobetoldthevolumesofdataaregrowingatstaggeringratesandwillprobablycontinueonthesametrajectory.Astheyaretheonesresponsibleforkeepingupwiththisgrowth,itsworthtakingalookatwhereallthisdataiscomingfrom.Afterall,computersarenothingnew;theyhavebeenrunningbusinessapplicationssincethe1950s.Whatisitabouttodaysuseofinformationtechnologythatisgeneratingsuchhighgrowthrates?Theansweristhatthereisnosingleculprit;ratheraconfluenceoftechnicalandorganizationalissuesdrivesthisgrowth.Someofthem ibutingtothisphenomenonare:ostimportantdriverscontr

    Dataintensiveapplications

    importanceofunstructureddataThegrowing

    ComplianceSystemsadministratorswillhaveinfluenceonsomeofthesedrivers,suchasnewapplications,whileotherareas,suchascompliance,havemorerigidrequirementsthatmaynotleavemuchroomforoptimization.

    DataIntensiveApplicationsThedaysofbusinessrunningalimitednumberofbackofficeapplicationsareover.Ofcourse,prettymuchanybusinesswillberunningfinancialpackagesthattrackrevenuesandexpendituresalongwithwhateverformofsalestheymayhavethatis,productsorservices.Anybutthesmallestwilllikelyhavesomekindofcustomerrelationshipmanagement,humanresources,andinventorymanagementpackageaswell.Thesewilloftengenerateafairlyconstantrateofdataorgrowinproportiontothebusinessactivity.Thesekindsofapplicationsdonotgeneratesignificantgrowthindatathatcomesfromotherdataintensiveapplications.

    Dataintensiveapplicationscomeinmanyforms,includingthosethatcapturedetailedinteractionswithcustomers,instrumentation,dataanalysisapplications,andcontentmanagementsystems.Wewillconsidereachoftheseinturn.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    66

    CustomerInteractionDataMoreandmoreinteractionswithcustomersarebeingtracked.Inthepast,wecouldtrackcustomerinteractionsatapointofsale.Forexample,whenweshopatanationalretailer,thebusinesscapturestheirfirstpiecesofdataaboutusatthepointofsalesystem.Atthatpoint,wearedoneshopping,wehaveafullcart,andwearereadytopay.Theretailercancapture ut:informationabo

    Itemspurchased

    tusedTypeofpaymen

    Amountofsale

    Ifprovided,additionaltrackingdatasuchaspostalcodeorphonenumberThatisarelativelysmallamountofdatacomparedwithwhatcouldbegatheredthroughanonlinecatalog.IfweweretoshopatthesameretailersWebsite,thelistofdataelementsthatcouldbetrackedwouldgrowtoinclude:

    Itemspurchased

    tusedTypeofpaymen

    Amountofsale

    Listofproductsviewed

    Typesofpagesviewed,suchasproductdescription,customerreviews,ratings,andsoon

    Contentsofabandonedcarts

    ghtheWebsiteNavigationpathsthrou

    Searchtermsentered

    TimespentatWebsite

    AdditionaldemographicdataprovidedbythirdpartytrackingandWebanalyticsservices

    IfweweretomultiplythesizeofthenewdatabytheadditionalnumberofcustomersthatcometoWebsitesoverretailstores,wewouldstarttogetasenseofhowmuchadditionaldatacanbegenerated.

    Trackingcustomerinteractionindetailisonlyusefulifwedosomethingwiththatdata,andthatiswherebusinessintelligenceandanalyticscomein.

    BusinessIntelligenceandAnalyticsBusinessintelligenceandanalyticsareapplicationsdesignedforinternaluse.Customersreviewingproductofferings,checkingthestatusoforders,ormakingpurchasesworkwithonlinetransactionprocessingsystems.Theseareoptimizedforrapidresponsetohighvolumesofconcurrentusers.Businessintelligencesystemsareadifferentbreedofapplication.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    67

    Figure39:Businessintelligenceenvironmentsduplicatedatafoundintransaction

    processingsystems.

    Businessintelligencesystemsaredesignedformanagers,analysts,andotherswhoneedtodelveintodataandmakecomparisonsacrosstime,productslines,salesregions,andsoon.Forexample,ifyouwanttoknowhowsalesintheSoutheastsalesregionaredoingthisquartercomparedwiththesametimelastquarter,youwoulduseabusinessintelligencesystem.Similarly,ifyouwantedtofindbranchofficeswiththepoorestrevenuetoexpenseratio,youwoulduseabusinessintelligencesystem.Theproblemfromadatastorageperspectiveisthatthebusinessintelligencesystemsduplicatethedatafoundintransactionprocessingsystemsusingoperationsknownasextraction,transformation,andload(ETL)processes.

    Whyduplicatedata?Afterall,ifisalreadyinthetransactionprocessingsystem,whynotusethat?Acompleteanswerisbeyondthescopeofthistopic,butthequickanswertothatquestionis:

    Onlinetransactionprocessingsystemsaredesignedtorapidlyretrieve,update,anddeleteindividualrecords;theyarenotdesignedtorapidlyreturnaggregatedata,suchasthesumofallsalesinagivenquarter.

    Onlinetransactionprocessingsystemsmaynotkeepsufficienthistorytoanswerbusinessintelligencequestions;keepinglargevolumesofhistoricaldatacouldslowtheresponsetimeofinteractivequeries.

    Businessintelligencesystemsusedatawarehousesthataredesignedtostorelargevolumesofhistoricaldataorganizedinaformthatallowsforrapidqueryingofaggregatedata.Forexample,abusinessanalystcanquicklymovefromlookingatannualsummariestoquarterlytomonthlytoweeklydata.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    68

    Manybusinessintelligencereportingtoolsaredesignedtotakeadvantageofthestems.datamodelsusedindatawarehousesbutnotonlinetransactionprocessingsy

    Databaseschemasofonlinetransactionprocessingareoftendifficultfornondatabaseprofessionalstonavigate;datawarehouseschemasaresimplerandmoreintuitiveallowingformoreadhocreportingandexploratoryanalysis.

    Inadditiontotraditionalbusinessintelligencereporting,thereisagrowinguseofstatisticalanalysisanddataminingtechniquesknowncollectivelyasbusinessanalytics.Theseapplicationsareconsumersofdataandthemoredata,thebetterinsomecases.Likedatawarehousing,theyrequiredatainaparticularformatthatdoesnotusuallycorrespondtothewayonlinetransactionprocessingsystemsstructuredata.Asaresult,dataiscopiedfromsourcesystemsandreformattedintoaformatmoreamenabletoanalysis.

    Businessintelligenceandanalyticsareformalizedprocessesthatduplicatedata;informationpracticescontributetodataduplicationaswell.MicrosoftExcelandotherspreadsheetsaresomethingofadoubleedgeswordfordatawarehousedesigners.Ontheonehand,itisconvenienttohavetheoptionofexportingdatafromthedatawarehouseintoaspreadsheetsothatuserscantakeadvantageoftheadditionalfeaturesoftheapplication.Ontheotherhand,userstakeadvantageofthis.Datathatwasoriginallyinanonlinetransactionprocessingsystemisnowinadatawarehouseandsomeunknownnumberofspreadsheetsinuserdirectories.Ofcourse,someofthesewillbeemailedtomultiplerecipientswhomaypotentiallysavetheirownversion.

    Figure40:Usefuldatawarehousingfeatures,suchastheabilitytoexporttospreadsheets,canquicklybecomeameanstoduplicatedatamanytimesover.

    Dataintensiveapplicationsaresignificantdriversbehindthegrowthindatavolumesduetobothimprovedmethodsforcollectingdataandtheneedtoduplicatedatatomeetmultipleneeds.Theseexamplesfocusonwhatistypicallyknownasstructureddata.Theytellonlypartofthestory.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    69

    GrowingImportanceofUnstructuredDataUnstructureddataisdatathatdoesnotfitintowelldefineddatastructures,suchasdatabasetablesorspreadsheets.Freeformtext,audio,andvideoareallexamplesofunstructureddata.Unstructureddataisubiquitousintodaysorganizationswithsourcesincluding:

    Emailmessages

    unicationsInstantmessaging,texting,andothershortcomm

    Wordprocessingdocumentsandpresentations

    Webpages,includingcontentmanagementsystems,Wikis,andsoonInadditiontothefactthatmanyofusgenerateunstructureddataonadailybasis,weareconstantlyduplicatingit.Whenwereplytoanemailmessageandembeddedtheoriginaltextinourresponse,wecreatemoreunstructureddata.Whenwesaveattachmentsaspersonalcopies,weaddtothegrowingvolumeofunstructureddata.TheWebmakesiteasytobringinadditionaldatafromoutsidetheorganizationaswell.Findanespeciallyusefularticle?Youmightsavealocalcopysothatyoudonothavetosearchagainorriskhavingthesiteremovethecontent.Therateatwhichwecreateandduplicateunstructureddataisyetanotherdriverbehindthegrowthindatavolumes.

    TheUnstructuredMisnomer

    Callingtextunstructuredissomethingofamisnomer.Linguistsstudythestructureofnaturallanguagesandcandescribetheircomplexstructuresindetail.Ifanything,naturallanguageishighlystructured.FormostITneeds,though,wecansafelyignorethestructureofnaturallanguage.Instead,wetreattheentiretextasasingleobjectanddonotdelveintothestructurewithin.

    Toappreciatetheimportanceofunstructureddata,weonlyhavetoconsiderhowourorganizationswouldfunctionwithoutemail,shareddirectories,orSharePointservers.Applicationssuchasthesecanbejustasbusinesscriticalasapplicationserversanddatabases.Bothstructuredandunstructureddatacanbesubjecttoyetanotherfactorindatagrowth:compliance.

    ComplianceandDataGenerationRegulatorycomplianceandotherlegaldrivers,suchasediscovery,areshapingthewaywegenerate,store,andarchivedata.RegulationssuchastheSarbanesOxleyAct(SOX),theHealthInsurancePortabilityandAccountabilityAct(HIPAA),andothersdefinecertainrequirementswithregardtohowbusinessesreportontheirfinancialstatusandprotectcustomerprivacy.Acommonaspectofmanyregulationsrequiresbusinessestonotonlycomplywiththeregulationbutalsobeabletoprovethattheyareincompliance.Todoso,theymustdocument,indetail,withpolicies,procedures,documentationandaudittrails.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    70

    Atfirstglimpse,thisdocumentationrequirementmaysoundsimpleandnotterriblydataintensive;however,inmanycases,thelevelofdetailrequiredcanresultinsignificantdatagenera erthetypeofeventsthatmayhavetobelogged:tion.Forexample,consid

    Userloginsandlogouts

    Changestoaccesscontrolsonfiles

    sChangestoprivilegesondatabasetable

    Grantingofprivilegestouseraccounts

    Additionofuserstoadministratorgroups

    Updatestosensitiveinformation,suchascorporatefinancials

    Transmissionofprotectedinformation,suchaspatientrecordsArelateddriverisknownasediscovery.Duringlegalproceedings,acompanymayberequiredtoproduceelectronicdocuments,suchasemailsandwordprocessingdocuments,relevanttothecase.Inthepast,companiesthathavebeenunabletoproducethosedocumentshavebeensubjecttoseverefines.In2008,Qualcommwasfined$8.5milliondollarsforediscoveryviolations(Source:KristineL.Roberts,QualcommFinedforMonumentalEDiscoveryViolationsPossibleSanctionsAgainstCounselRemainPendingathttp://www.abanet.org/litigation/litigationnews/2008/may/0508_article_qualcomm.html).Itdoesnottakemanysuchexamplestomotivatebusinessestoretainandcatalogelectroniccommunications.

    Dataintensiveapplications,boththosethataredesignedtocaptureandgeneratedataaswellasthosedesignedtoanalyzeit,aresignificantcontributorstodatavolumegrowth.Unstructureddataiseasilycreatedandduplicated,furthercontributingtothatgrowth.Ifthesefactorswerenotenough,complianceandediscoveryconcernsarepromptingbusinessestopreservedataandtomaintainitlongerthantheymightotherwise.

    Tip,Trick,Technique21:UnderstandingSystemsAdministratorsResponsibilitiesforGrowingVolumesofDataWhoisresponsibleformanagingthegrowingvolumesofdata?Itisasharedresponsibilityofthebusinessowners,whoareresponsibleforsettingpoliciesandproceduresgoverningthegeneration,use,anddestructionofdata;applicationmanagers,whoareresponsibleformaintainingtheirapplicationsandensuringtheyfunctionasrequired;andsystemsadministrators.Inmanyways,itisthesystemsadministratorwhoisonthefrontlineofmanagingdatainanorganization.

    http://www.abanet.org/litigation/litigationnews/2008/may/0508_article_qualcomm.html

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    71

    Someofthekeyresponsibilitiesofsystemsadministrators,withrespecttogrowingvolumesofdata,iskeepingupwith

    ndrecoveryBackupa

    Security

    tInfrastructuremanagemen

    PlanningandarchitectureTheseresponsibilitiesrangefromthemundanebutessential,suchassettingandverifyingaccesscontrolsonfiles,tomakingrecommendationsontheuseofemergingtechnologies,suchascloudcomputing,toaccommodateevenmoredata.

    BackupandRecoveryBackupandrecoveryproceduresarestandardoperatingtasksforsystemsadministrators,butthesetasksbecomemoredifficultwithgrowingvolumesofdata.Inparticular,systemsadministratorshavetograpplewith:

    Howtoperformbackupsinthetimewindowsallottedforthem

    Howtorestorefastenoughtomeetrecoverytimeobjectives(RTOs)

    Howtocapturechangeddatafrequentlyenoughtomeetrecoverypointobjectives(RPOs)

    Howtodetecttrendsindatagrowthbeforecurrentprocedurebreakdownbecauseofinsufficienttimeorstoragespacetoperformnecessaryoperations

    Partofthesolutionistounderstandwhathastobebackedupandhowfrequently;arelatedpartistounderstandhowlongdifferenttypesofdatahavetobekept.Informationlifecyclemanagementpracticescanhelphere;theyarediscussedinmoredetailinTip,Trick,Technique22.

    Mostofthedifficultiespreviouslylistedcanbeatleastmitigatedwithdeduplicationtechnologies.Backupvendorsareincorporatingdeduplicationtechnologiesintheirsoftwarepackagestocombattheproblemofgrowingdatavolumes.Thebasicideabehinddeduplicationisthatdataisoftenduplicatedandratherthanstoringmultiplecopiesofidenticaldatablocks,abackupcanbeconstructedusingasinglecopyofsuchdatablocksandreferencesorpointersbacktothatcopy.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    72

    SecuritySecurityconcernscanbedistilledtothreewords:confidentiality,integrityandavailability.Inthecaseofconfidentiality,securitycomesdowntothequestion:Howdoweensurethatprivateandsensitivedataisaccessedonlybythosewithlegitimatereasonstohaveit?Tomaintaintheintegrityofdata,wehavetoensurethatonlyprocessesthatfollowestablishedprotocolscanchangedata.ThistranslatesintoaquestionofHowdoweensurethatnoonetamperswithdata,forexample,makinganunauthorizedchangetoarevenuestatementordeleteentriesfromasystemlogfile?Availabilityisabitdifferentfromtheothertwosecurityfundamentals.Inonesense,systemsadministrationisallaboutensuringavailability.Inasecuritycontext,though,ithasmoretodowithpreventingadverseeventsfromdisruptingservices(thinkDenialofServiceDoSattacks)butalsoincludesrecoveringfromadverseevents(recoveringfrombackupsmadepriortoamalwareinfection).

    Thechallengeofgrowingvolumesofdatahasnotintroducedsecurityresponsibilities;ithasonlymadethemmoredifficult.Letsjustconsidersomeofthewaysthatincreasingvolumesofdatacantaxpoliciesandprocedures.

    ChallengestoMaintainingConfidentialityandIntegrityOneofthewaysweprotectconfidentialityandintegrityofdataiswiththeuseofaccesscontrols.Theseconsistofthreeparts:

    Identitymanagementelementsthatareusedtoauthenticateindividualsorprocessesandassigntothemprivileges

    ilesResourcesthatareassignedaccesscontrols,suchasdevices,directories,andf

    meoperation Privileges,whicharerightsgrantedtoanidentitytoperformsoFigure41showsthebasicsecuritydialogontheWindowsfilesystem.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    73

    Figure41:Windowssupportsseveraltypesofprivilegesonfiles,whichareusedto

    preserveconfidentialityandintegrityoffiledata.

    Withgrowingvolumesofdata,thesesimplebuildingblocksforprotectingconfidentialityandintegritybecomemoredifficulttoapply,track,andmonitor.Someofthereasonsforthisinclude:

    Dataisstoredindifferentforms,suchasfiles;contentmanagementsystems,suchasSharePoint;relationaldatabases,suchasSQLServer;andspecializedapplicationsthatmayusedifferentsetsofaccesscontrols.

    Individualsmayhavemultipleidentities,suchasoneuseraccountforadomainandanothersharedidentityforworkingwithadatabaseapplication.Thisproblemcanarisewhenapplicationadministratorsdecideitiseasiertohaveasmallnumberofsharedaccessaccountsratherthanmaintainindividualaccountsforeachuser.

    Applicationsandservers,suchasdatabasesandcontentmanagementsystemsmayhavedifferentdefaultconfigurationsandaccesssettings.Asdepartmentsandindividualusersstarttoadapttheseapplicationstohelpmanagegrowingvolumesofdata,theymaynotunderstandthesecurityimplicationsofdefaultconfigurations,whichcouldleavesomedatavulnerabletoviewingortampering.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    74

    Ironically,withgrowingvolumesofdatacomegrowingchallengestoprotectingthedatainthefirstplace.

    ChallengestoMaintainingAvailabilityWithmoredatacomesmoreservers,morestorage,andpotentiallymoreapplicationsandthisultimatelyleadstomorepotentialpointsoffailure.Recoverymanagementpractices,suchasbackupsanddisasterrecoveryplanning,canmitigatetheriskoflosingdatatoahardwarefailure,humanerror,naturaldisaster,andinsomecasestomaliciousattackorothersecuritybreach.Anotherareathatshouldbeconsideredisapplicationvulnerabilities(thisappliestoprotectingconfidentialityandintegrityaswell).

    Asnotedearlier,oneofthereasonsforgrowingdatavolumesisnewapplications,bothcustomerfacingapplicationsandinternallyorientedsystemssuchasdecisionsupportapplications.Eachofthesenewapplicationsincreasestheoptionsavailabletomaliciousattackerslookingtoeitherstealprivateandconfidentialdataordisruptservices.Thisiscalledincreasingtheattacksurfaceinsecurityparlanceanditessentiallymeansthemoreapplicationsandthemorecomplexity,themoreopportunityforvulnerabilities.

    Onethingweshouldunderstandisthatattackersdonotneeddetailedknowledgeofourapplications(althoughthathelps).Automatedvulnerabilityscanningtoolscanbeusedtodetectvulnerabilitiestowellestablishedattackmethodssuchascrosssitescriptingattacks,whichexploitweaknessesinWebapplicationstocompromisethem.Anotherclassoftools,knownasfuzzers,probeapplicationprogramminginterfaceslookingforexploitableerrors.Fuzzers,forexample,cangeneraterandominputofvaryingsizestodetectunhandlederrorsinapplicationsacceptinguserinput.

    HowRealIstheRisktoCyberSecurity?

    Itsreal.Thedaysofcybervandalismlookbenigninretrospect.Identitytheftandcreditcardfraudarerealthreats,butalarger,morecostlythreatistobusinesses,governmentagencies,andotherorganizationswithvaluablesensitiveinformation.RecentCongressionalhearingsonthreatstocybersecuritysummarizedthesituationascomputerbasednetworkattacksareslowlybleedingUSbusinessesofrevenueandmarketadvantage(Source:ElinorMills,ExpertsWarnofCatastrophicCyberattackathttp://news.cnet.com/830127080_310458759245.html).Businessesarenowfacingthekindofsophisticated,longtermattacksoncelimitedtogovernments;seeReportDetailsHacksTargetingGoogleandOthersathttp://www.wired.com/threatlevel/2010/02/apthacks/foraglimpseintotheworldofadvancedpersistentthreats.

    http://news.cnet.com/8301-27080_3-10458759-245.htmlhttp://www.wired.com/threatlevel/2010/02/apt-hacks/

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    75

    Thegrowingvolumesofdataincreasetheamountofdatatobeprotectedwhilelikelybeaccompaniedbyanincreasingnumberofapplicationsformanipulatingthatdata.Forsystemsadministrators,thismeanstwothings:

    Moredatahastobeprotectedwithaccesscontrolsavailableinthedatamanagementsystemsinusetheseincludefilesystems,databasemanagementsystems,andcontentmanagementandrelatedportalsystems,suchasSharePoint.Accesscontrolscanminimizethedamagecausedbymalware,applicationvulnerabilities,socialengineering,andinsiderabuse.

    Moreapplicationshavetobeassessedforvulnerabilitiesthatcouldpotentiallyexposedata.

    Systemsadministratorsnotonlyhavetoprotectthegrowingvolumesofdatabutalsohelpcontrolthatgrowthbyutilizinginformationlifecyclemanagementpractices.

    Figure42:Increasingamountsofdatacombinedwithincreasingnumbersof

    applicationsexpandtheopportunitiesforexploitingexistingthreatstocompromiseconfidentiality,integrity,andavailabilityofdata.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    76

    Tip,Trick,Technique22:GettingControlofDataGrowthwithInformationLifeCycleManagementWiththegrowingvolumesofdatanaturallycomesaresponsefromthosewhoaretaskedwithmanagingit.Theterminformationlifecyclemanagementisusedtodescribeanarrayofmanagementpracticesdesignedtorationalizetheprocessofcreating,collecting,storing,andinsomecasesdestroyingdata.Informationlifecyclemanagementmakesuseoftoolsandtechnologies,suchasbackupandrecoverysoftwareandinformationclassificationsystems,butitisprimarilyabusinesspractice.

    Initsmostbasicform,informationlifecyclemanagementanswerskeyquestionsaboutdatawithinanorganization:

    eorganization?Whatisthevalueofthisdatatoth

    Howlongmustthisdatabekept?

    Whataretheretrievalrequirementsfordifferenttypesofdata?

    ifferenttypesofdata?Whatsecurityprotectionsareappropriateford

    Underwhatconditionscandatabedestroyed?Toanswerthesequestions,wehavetolookatthebusinesscaseforkeepingdata.Thereareseveralimportantdrivers:

    CustomerexpectationsForexample,customersmayexpecttolookupaccounthistoryforthepast3years.Ifthecustomerselfserviceapplicationprovidesabrieferhistory,thenakeybusinessrequirementmaynotbemet.

    CompliancesGovernmentandindustryregulationscanspecifythekindsofdatathatmustbekeptaboutbusinessoperationsandthetypesofprotectionsthatmustbeappliedtodata,suchasprivateinformationaboutpatients.

    NoncompliancelegalrequirementsWementionedediscoverybriefly.Thefocusngs.wasontheneedtobeabletoproducedocumentsrelevanttolegalproceedi

    MaintaininginstitutionalknowledgeDocuments,emails,wikis,andotherunstructureddatasourcescancapturevaluableintellectualpropertyandinstitutionalknowledge.Thisissueisespeciallyimportantinindustriesinwhichtheagingworkforcebringsthepotentialtoloseinstitutionalknowledgewhensignificantnumbersofemployeesretire.

    eMitigatingriskMissioncriticalapplicationsarebackedupfrequentlyandinsomcasestheirdataisreplicatedtoenablerapidfailoverandrecovery.

    Thesedriversshowtherangeofreasonswegenerate,store,andmaintaindata.Nowletsturnourattentiontoimplementinganinformationlifecyclemanagementpractice.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    77

    Step1:ClassifyingDataThefirststepininformationlifecyclemanagementisdifferentiatingdatasothatwecantreatdataaccordingtoitsvaluetotheorganization.Forexample,confidentialengineeringdiagramsmayneedtobeencryptedwhentheyarebackedup;whereas,thecontentsofthepublicW tashouldincludedeterminingebsitedonot.Classifyingda

    Wheredatashouldbestored

    Howitshouldbebackedupandarchived

    dforautomaticfailoverWhetheritshouldbereplicate

    WhetheritshouldbedeletedClassifyingdatawouldbeatediousandcostlyoperationwithoutautomation.Fortunately,withWindowsServer2008R2,additionalcapabilitiesinFileSeverResourceManagerprovidethetoolsweneedtoclassifydataefficiently.WindowsServer2008R2includestheFileClassificationInfrastructure(FCI),whichcanbeusedtoclassifydatafileattributessuchas:

    Filename

    Datatype

    Location

    ContentThesepropertiescanbeusedtoexecuteparticularcommandsbasedontheclassification.Forexample,ifafileisonahighperformancediskarraybuthasnotbeenaccessedformorethan2years,itmaybemovedtoaslower,lessexpensivediskarchive.Inaddition,theFCIprovidesreportsalongwiththeabilitytoapplypoliciesaccordingtoclassifications.

    CrossReferenceSeeTip,Trick,Technique22:ClassifyingFilesinR2formoredetailsonhowtousetheFCI.

    Step2:DeterminingAccessRequirementsforCategoriesofDataThisstepisalsopartofasecuritymanagementprocess.Thegoalhereistoensurethatonlyuserswithlegitimatebusinessneedfordatahaveaccesstothatdata.Thisinformationcanbeusedto

    Determinewhetherdirectoryprotectionsareproperforthetypeofdatainadirectory

    tectconfidentialityDeterminewhatfilesneedtobeencryptedduringbackuptopro

    Identifyalluserswithaccessprivilegestosensitiveinformation

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    78

    Step3:DefiningRecoveryRequirementsforDataThenextstepisdefiningrecoveryrequirementsfordata.ThisincludesdefiningRecoveryPointObjectives(RPOs)andRecoveryTimeObjectives(RTOs).TheRPOspecifiesthepointintimeinwhichdatashouldberecoverable,suchasanydayinthepastweekoranyweekinthepastmonth.RTOsdefinehowlongtherecoveryoperationshouldtake.Criticalsystemsmayhaveshortrecoverywindows,suchasafewminutes,whileotherrelativelystalesystemsmaynotbeneededfordays.

    Step4:DefiningExplicitPoliciesforDestroyingDataWithsomuchemphasisonprotectingdatafromtamperingandkeepingmultiplebackupcopiessothatwecanrestore,itiseasytoforgetaboutdestroyingdata.Letsfaceit,noteveryemailwewrite,spreadsheetweputtogether,ordatabasewecompileisworthyofstudybysomefuturearcheologist.Itoftenisnotworthkeepingafterafewyears.Someexamplesofdatathatcanbepurgedinclude:

    Draftversionsofdocumentspreservedelsewhereinfinalform

    Documentsinuserdirectoriesthathavenotbeenaccessedin2yearsbutarearchived

    olonger Copiesofdatainanalyticdatabasesthataremorethan3yearsoldandnusedforreportingandanalysis

    Thefirstfourstepsaddresstheorganizationalfactorsofinformationlifecyclemanagement.Thefifthstepfocusesonimplementingthosepolicies.

    Step5:ImplementingInformationLifeCyclePoliciesTheFCImentionedinStep1forclassifyingdatacanalsobeusedtoenforcepolicies.(PoliciesareessentiallyrulesthatfitintoapatternofIFacertainsetofconditionsaremet,thenexecutethisscript.)Policiesthemselveshavetobemanaged,sooncetheyaredefinedintheFCI,besureto:

    Determinewhowillmonitortheprocesstoensurethepoliciesareappliedasexpected

    Setascheduletoreviewandrevisepolicies

    Occasionallyauditfilesystemstoensurepolicesareappliedproperlyandcomprehensively

    Whendealingwithunstructureddata,policiesmaybeappliedinunintentionalways.Forexample,apolicymayspecifythatanydocumentwithwordconfidentialinthetitlebecategorizedasproprietaryinformation.ThisrulewouldapplytoadocumententitledIntroductiontoDataClassificationPoliciesforDocumentsRangingfromPublictoConfidential.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    79

    LimitsofInformationLifeCycleManagementInformationlifecyclemanagementisnopanaceaforthechallengesofdatagrowth.Atbest,thesepracticeswillhelp:

    Protectourdatabyguidingsecuritydecisions

    Ensureproperlevelsofbackupsandarchivesaremade

    Controlthecostofstoringdatabyoptimizingthedistributionofdatabasedonaccessrequirementsandusehighcost/highperformancestorageonlywhereneeded

    Acoupleofproblemswillcontinuetochallengeinformationlifecyclemanagement.First,automatedclassificationtechniquesarenotfoolproofandtheirresultsshouldbereviewed.Second,dataiseasilycopiedbothinformallytoemployeesdirectoriesandworkstationsandformallytobackupsandfailoverservers.Destroyingolddatamayneverbe100%successful;copiesmaylingerforyearsinunexpectedplaces.

    Tip,Trick,Technique23:BusinessDriversBehindtheNeedforHighAvailabilityTherearegrowingneedsforcontinuousaccesstobusinessservices.Weexpectbusinessservices,suchasWebapplications,databaseservers,emailsystems,andotheressentialbusinesssoftware,tobefunctioningandperformingwhenweneedtousethemnotjustwhenitisconvenienttohavethemupandrunning.Partofthisneedisdrivenbyourexpectationsandpartisdrivenbythewaywenowdesignhighlydistributedapplications.

    UserExpectationforContinuousAvailabilityLetsstartbyconsideringourexpectationsregardingemail.Manyofuscheckouremailfrequentlyduringtheday(perhapstoofrequentlyinsomecases).Wehavecometodependonemailasaprimarymeansofbusinesscommunication.Emailissoimportanttousthatwehaveadoptedsmartphonesinlargenumbersinordertohaveanytime,anywhereaccesstoemail.Ifyouareunfortunateenoughtobeinanareawithpoorcellphonecoverageandcannotaccessyouremailorcanonlyworkwithitatslowspeeds,youknowthefrustrationoflackofavailability.

    Nowconsiderhowthatsametypeofexpectationhasspreadtootherservicessuchas:

    Databases

    plicationsDesktopofficeproductivityap

    BrowsingandInternetaccess

    nandauthorizationservicesAuthenticatio

    Filesystems

    Missioncriticalbusinessapplications,suchasCustomerResourceManagement(CRM)systemsandEnterpriseResourcePlanning(ERP)systems

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    80

    Itiseasytoseehoweachofthesecouldbeessentialsystemsinsomeoneswork.Ifoneormoreofthesesystemsisunavailable,productivityfalls,tasksarenotcompleted,andservicelevelexpectationsarenotmet.

    Figure43:Maintainingavailabilityofsomesystemsismoreimportantthandoingso

    forothers.Developingahighavailabilitystrategyentailsbalancingcostsandbenefits.

    ApplicationDesignConsiderationsandHighAvailabilityWhenacustomerattemptstobrowseyourWebsiteandgetsatimeouterrorinstead,itisprettyobviousthereisaproblem.Similarly,ifaWebserverisupandresponsivebutanunderlyingdatabasehasfailed,theproblemmaymanifestitselfwithblankspacewheredatashouldbelisted,orworse,anerrormessageappearsaboutnotbeingabletoconnecttothedatabase.Theseserverlevelfailuresareprobablytheonesthataremostlikelytocometomindwhenyouthinkoffailoverandhighavailabilitysolutions.Thereare,however,finergrainedfailuresyoumustcontendwithaswell.

    Applicationdesignshaveshiftedfromsingle,tightlycoupledmonolithicprogramstomoredistributedsetsofsoftwarecomponents.TheWebservicesmodelofapplicationdevelopmentallowsfinergrainedsoftwarecomponentstobecombinedinmultipleways.Forexample,amoduleforcalculatingtaxonacustomerordercouldbeusedtosupportmultiplecustomerfacingWebsites.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    81

    Figure44:ApplicationsbuiltwithWebservicesmayhavedependenciesonseveralotherservices,perhapssomesharedwithotherapplications.Afailureinalowlevel

    servicecanhaveadverseeffectsonmultipleservices.

    Fromabusinessperspective,itdoesnotmatterwhetherasystemisunavailablebecauseofamajorhardwarefailureonadatabaseserverorthereisanobscureerrorinalowlevelWebservice;anycomponentthatiscriticaltodeliveringacriticalservicemustbeavailableondemand.

    Oneofthefirststepsindevelopingahighavailabilitystrategyismappingoutthecriticalcomponentsthatarerequiredtoprovideservices.Needlesstosay,notallservicesareequallyimportant.Acustomerfacingsupportsiteoronlinecatalogneedstobeupcontinually.Asharedfilesystemusedinternallybyemployeesshouldbeupcontinuallybutifitweredownforshortperiodsoftimewouldnotcausesignificantadverseeffectsonthecompany.Thekeyistobalancethecostofhighavailabilitywiththebenefitsofcontinuousoperationsofessentialbusinessservices.

    CrossReferenceSeeTip,Trick,Technique18formoreinformationabouthowtoidentifycriticalsystems,establishRecoveryPointObjectives(RPOs),RecoveryTimeObjectives(RTOs),andotherfactorsrelatedtoacomprehensiverecoverymanagementstrategy.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    82

    Tip,Trick,Technique24:UnderstandingtheKeyElementsofHighAvailabilityHighavailabilityisthepropertyofsystemsthatareupandrunningatexpectedperformancelevelsalmostallthetime.Thedefinitionofalmostwillvarywithyourrequirements,buttheideaisthatapplications,servers,anddataareavailabletouserswhentheyexpecttousethosesystems.

    Highlevelsofavailabilitymayallowforseveralminutesofdowntimeinamonthbutnotmuchmore.Forexample,99.99%availabilityoverthecourseofamonthisequivalentto4.32minutesofdowntime.(Thatisbasedon60minutesper24hoursper30daysor43,200minutes).Lessthan5minutespermonthdoesnotleavemuchtimeforpatchingandothermaintenanceoperationsletaloneunexpecteddowntime.Demandingbusinessrequirementssuchas99.99%availabilityrequiresystemstobedesignedtoaccommodatecomponentfailuresandkeepworking.Stringentservicelevelagreements(SLAs)alsorequirethatservicesbeavailableduringmaintenance,whichclearlyrequiresredundancytoprovideservicesduringplannedmaintenance.

    Thekeyelementsofanapplicationsarchitecturethatyouneedtodesignforredundancyinclude:

    Hardware

    )Operatingsystem(OS

    ApplicationsoftwareIfanyofthesethreefails,thesystemispotentiallyunavailableorunabletomeetSLArequirements.

    Figure45:Serviceavailabilitydependsonastackofapplications,OSs,andhardware;

    failuresinanyoneofthesecandisruptserviceavailability.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    83

    TheNeedforHardwareRedundancyOneofthesimplestwaystodealwithafailedcomponentistouseanothercomponent;hardwarevendorscanprovideuswithserverswithbuiltinredundancyofcriticalcompon istofredundantcomponentsincludes:ents.Atypicall

    rsuppliesPowe

    Fans

    erfacecards(NICs)Networkint

    Diskdrives

    I/OpathstostoragearraysFullyfaulttolerantserverswillalsohaveredundantprocessorsandmemorybuiltintotheserver.AcommonlyusedalternativeistousemultipleserversinaclusterandifaCPUfails,theworkloadontheprimary,failedservercanbeswitchedtothestandbyserver.Thetwoconfigurationsgivethesamelevelofredundancybutdosowithdifferenthardwareconfigurationsandcorrespondinglydifferentmethodsforfailuredetectionandworkloadswitching.

    Figure46:Anyofthemanyhardwarecomponentsofacomputercanfail,butredundancyisonlyrequiredforthosecomponentsthatcoulddisruptservice

    deliveryiftheyfail.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    84

    TheNeedforOSRedundancyTheWindowsOSsaremuchmoreresilienttodaythantheywereintheearlydaysofWindowsNT.SystemsadministratorscametounderstandthebluescreensystemdumpthatfollowedafatalerroraspartoftheprocessofmaintainingtheOS.EvenwithsignificantimprovementsinstabilityattheOSlevel,youhavetoplanforitsfailureatsomepointintime.

    PlanningforOSfailureismorecomplexinavirtualizedenvironmentthatsupportsmultipleOSs;thereisthehostOSandoneormoreguestOSs.RecoveringservicesrequiresmovingguestOSstonewhostOSswheretheymaybeinthesameordifferentcombinationsofvirtualmachinesonthenewhost.

    SpecialIssueswithApplicationSoftwareRedundancyRedundanthardwareandfailovercopiesoftheOSaretwothirdsofthehighavailabilityissue;thelastpieceisapplicationsoftware.Whenapplicationsfail,youneedtorestartthem,possiblyonthesameserverandinstanceoftheOSorperhapsonthesamevirtualmachinerunningonadifferenthostserver.Whereveritisrunning,ithastorecoverfromitsfailedstate.Howwerecoverfromthatfailuredependsonwhethertheapplicationisstatelessorstateful.

    Astatelessapplicationisonethatpassesinformationfromaclienttoaserver;theserverusestheinformationtocomputearesultandthenreturnsthoseresults.Noadditionalinformation,uniquetothatuserssession,isrequired.Inthecaseofastatefultransaction,anexchangewiththeclientcanresultinchangestoinformationstoredontheserver,whichisusedtocalculateresultsforthatsession.Forexample,anexampleofastatelesstransactionisaWebservicethatacceptsthenameofataxjurisdictionandasalesamountandcalculatesthetax.Nodatastoredontheserveraboutthesessionwouldinfluencetheresults.Morecomplexservices,suchasonethatprovidesanundofeature,maymaintainstateinformationaboutactionstakensothatthoseactionscouldbereversedifnecessary.Asyoushallsee,thedistinctionbetweenstatelessandstatefulapplicationsisanimportantfactorwhenchoosingahighavailabilityoptionforanapplication.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    85

    Figure47:Statelessapplicationscompleteunitsofworkinasinglebackandforthexchange.Statefulapplicationsmaintaininformationbetweenexchangesanduse

    thatinformationwhencomputingresultstoreturntotheclients.

    Tosummarize,thekeycomponentsofhighavailabilityarehardware,OSs,andapplicationsoftware.Theneedforresiliencyineachofthesecanbeaddressedinmultiplewaysbutthereareconstraints,rangingfromthemostcosteffectivewaytobalanceredundancywithinandacrossserverstotheneedtosupportstatefulsessionsinWebapplications.Now,letsturnourattentiontoWindowsServersupportforhighavailability.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    86

    Tip,Trick,Technique25:WindowsServerOptionsforHighAvailabWindow utoftheboxforsupportinghighavailability:sServersoffertwomethodso

    lancing(NLB)

    ility

    NetworkLoadBa

    FailoverclustersBothmethodsuseredundantserversbutbringwiththemdifferentadvantagesanddisadvantages.

    UsingNLBtoEnsurePerformanceLevelsNLBisasoftwareservicefordistributingaworkloadacrossmultipleservers.NLBrunsonaWebserverandallocatesportionsoftheworkloadtoeachserverintheclusteraccordingtotheNLBconfiguration.Taskscanbedistributedinaroundrobinfashioninwhicheachnewtaskisassignedtothenextserverinanorderedlistthatwrapsaround(forexample,inafourservercluster,thetasksareassignedtoserver1,2,3,4,1,2,3,andsoon).

    Figure48:NLBdistributesclientrequestsoverasetofclusteredservers.Bysharing

    storage,eachserverhasaccesstothesamepersistentdata.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    87

    NLBclusterssuchastheonedepictedinFigure48canhelpmaintainperformancelevelsasdemandforapplicationservicesgrows.AdditionalserverscanbeaddedtotheclusterinordertomeetServiceLevelAgreements(SLAs).Theyalsoprovidefailoverprotection;ifoneoftheserversinanNLBclusterfails,theNLBserverdistributesrequeststotheotherserversinthecluster.

    NLBworkswellforstatelessapplicationsbecauseeachinteractionbetweentheclientandserverisindependent.Noinformationhastobestoredontheserver,therefore,one

    ther.requestcanbeservicedbyoneserverandthenextrequestcanbeservicedbyano

    AnNLBclustercanbeusedforapplicationsthatmaintainstateinformationiftheapplicationwritesthatdatatoashared,persistentdatastore,preferablyadatabase.Inthiscase,however,youintroduceapotentialsinglepointoffailureunlessthedatabaseitselfissetupinahighavailabilityconfiguration.SQLServerdatabasescanbeconfiguredinfailoverclusters,whichwouldaddressthisissue.FailoverclustersadifferenttypeofclusterthanNLBclusters.Theformerprovidesredundancyforrunninganapplication;thelatterisusedtodistributeTCP/IPtrafficamongmultipleservers.

    ApplicationRedundancyinFailoverClustersFailoverclusterseliminatesinglepointsoffailurewithregardtoserversbyhavingstandbyserversinplaceandreadytoassumethefunctionoftheprimaryserversincasetheprimaryserversbecomeunavailable.Failoverclusterscanbeconfiguredinoneoftwoways:Active/ActiveandActive/Passive.

    TheActive/ActivemodelissimilartoNLBclustersinthatallthenodestypicallyshareintheworkloadatalltimes.InthecaseofActive/Passiveclusters,oneoftheserversistheprimaryserver,whichhandlesalltheworkloadwhilethestandbyserverremainspassive.Whenthefailoversoftwaredetectstheprimaryisnolongeravailable,thepassiveserverbecomesactiveandstartsservingrequests.

    Failoverclustersareconfiguredwithmultipleservers.Inthesimplestcaseoftwoservers,thepassiveserverwouldonlyassumeresponsibilityforprovidingapplicationservicesiftheactiveserverisnolongeravailable.(Amonitoringmechanismknownasaheartbeatisusedtodetectwhenaserverfails.Moreonthecomplexitiesofdetectingfailuresinaminute).Whenmorethantwoserversareinafailovercluster,youneedamechanismtoensurethatthetwopassiveserversdonotbothattempttoassumetheroleoftheactiveserver.Topreventmultipleactiveservers,aquorummodelisused.

    Thequorummodelisavotingsysteminwhicheachserverhasavoteandthestoragesystemmayhaveavoteaswell.Amajorityofvotesisneededtoelevateapassiveservertoanactiveserver.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    88

    Figure49:Failoverclustersusemultipleserverswiththeabilitytodetectfailureinotherservers.Iftheactiveserverweretofail,thepassiveserverwouldtakeonthe

    workloadofthefailedserver.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    89

    WindowsServer2008introducedanumberoffeaturesinfailoverclustersthateasethejobofdeployingandmanagingclusters:

    MicrosoftManagementConsole(MMC)FailoverClusterManagementsnapinforthe

    HighAvailabilityWizardtoassistwithsetup

    Clustervalidationtooltocheckwhetherahardwareconfigurationwillsupportfailoverclusters

    Improvedsupportformultisiteclusters,whichisespeciallyhelpfulfordisasterrecoveryconfigurations

    BothNLBandfailoverclustersprovideapplicationhighavailability.NLBiswellsuitedforstatelessapplicationswhilefailoverclustersworkwellforprovidingresiliencyinothertypesofservices,suchasfileandprintservicesorapplicationssupportingclusteredenvironments,suchasMicrosoftExchangeandMicrosoftSQLServer.

    Tip,Trick,Technique26:EnsuringHighAvailabilityforSQLServerDatabasesUptothispoint,thefocushasbeenongeneralapproachestohighavailability.InthisTip,Trick,Technique,wefocusonensuringhighavailabilitywithSQLServerdatabases.DatabaseshavecharacteristicssuchasI/Oandcomputeintensiveoperationsnotfoundinotherapplications.Asdatabasesaredesignedtostorepersistentdata,highavailabilityhastoaddresstheneedforsavingdataaswellasrestartingcomputationsafterthefailureofaprimaryserver.

    AsofSQLServer2008,thereareseveraloptionsforprovidinghighavailabilitydatabases:

    Failoverclusters

    roringDatabasemir

    Logshipping

    ReplicationNotsurprisingly,therearetradeoffsbetweenfunctionalityandeaseofmanagement.Dependingonyourrequirements,oneormoreofthesesolutionsmaybemoreappropriatethantheothers.

    FailoverClustersAfailoverclusterisasetoftwoormoreserversthatsupportasingleinstanceofaSQLServerdatabase.Aninstanceisdatabaseparlanceforasinglemanageddatabasethatuserscanconnecttoforpersistentdatastorageandmanagementservices.Thedatabaseinstanceisinstalledonaclusterofservers,knownasaresourcegroup.Aresourcegroupisasetofserversthatlogicallyfunctionasasinglecomputingresource.Allserversinthegroupsharestorage.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    90

    Oneoftheadvantagesoffailoverclustersisthatserversintheresourcegroupcandetectwhethertheserverrunningthedatabasehasfailed.Ifso,oneoftheothermembersofthegroupassumesresponsibilityforprovidingdatabaseservices.Anotheradvantageisthattheresourcegroupappearsasasingleserver,soapplicationsconnecttothegroupratherthanaspecificserver.Withthismethod,thereisnoneedtochangeconnectioninformationtoredirectapplicationstoanotherserver.

    Figure50:ASQLServerfailoverclusterisasetofserversthatfunctionasasingledatabaseserver;whenaserverfails,anotherserverintheresourcegroupassumes

    itsfunction.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    91

    DatabaseMirroringAnotherwaytoimproveavailabilitywithSQLServer2005and2008isdatabasemirroring.Thebasicideaisthateverychangeappliedtoaprimarydatabaseisalsosenttoabackupdatabase.Forexample,ifauserexecutesaSQLstatementsuchas:

    UPDATEsales.customerSETactive=YWHEREcust_id=78973;

    Thecustomerrecordwillbeupdatedontheprimaryserver,alsoknownastheprincipalserver.Thesametransactionissenttothesecondary,ormirrored,serverforexecutionaswell.

    Oneconsiderationwithdatabasemirroringiswhentocommitatransactionontheprimaryserver.Insynchronousmode,alsoknownashighsafetymode,thetransactionissenttothesecondaryserverandtheprimaryserverwaitsuntilthattransactioncompletesbeforecompletingthetransactionontheprimaryserver.Thissetupguaranteestheupdateis

    .writtentothesecondaryserverbeforetheprimaryconsidersthetransactioncomplete

    Inasynchronousmode,alsoknownashighperformancemode,theprimarysendsthetransactiontothesecondaryserverbutdoesnotwaitforverificationthatthetransactioncompletes.Itisconceivablethatatransactionsuccessfullyperformedontheprimaryserverfailsonthesecondary.(Therecouldbeinsufficientspaceonthesecondary,forexample).Thetradeoffhereisthattheprimarydoesnothavetowaitforbothtransactionstocompletebeforeitcanmoveontothenextoperation.

    LogShippingLogshippingisanothertechniqueforduplicatingtransactionsonasecondaryserver.Unlikedatabasemirroringwhereindividualtransactionsaresenttothesecondaryserver,withlogshipping,abackupofthetransactionlogontheprimaryiscopiedandsenttothesecondaryserverwhereitisapplied.

    Thereisapotentialtolosetransactionswiththismethod.Forexample,ifalogisshippedfromtheprimarytothesecondaryserverandthenothertransactionsareappliedtotheprimaryandtheprimaryfails,thoselatertransactionswillnotberecovered.Inspiteofthislimitation,logshippingmaybesuitableforlowtransactiondatabases,suchasreportingsystemsthatarereplicatedtoimproveperformance.

    ReplicationReplicationisawayofduplicatingdatausingapublishandsubscribemodel.SQLServer2008p lication:rovidesthreetypesofrep

    tionTransactionalreplica

    nSnapshotreplicatio

    Mergereplication

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    92

    Transactionalreplicationisusefulforhighavailabilityapplicationswhereasteadystreamoftransactionsneedtobecopiedfromoneservertoanother.Snapshotreplicationisusefulforcopyingdataenmassefromoneservertoanother;forexample,toamakeasecondarycopythatisthenmaintainedwithtransactionalreplication.Mergereplicationismoreusefulfordistributedapplicationsthatmayresultinconflictswhendataisupdated,suchasmobileapplications.

    ClearlytherearemanyoptionsforensuringhighavailabilitywithSQLServer.Failoverclustersprovidecomputingredundancywithsharedstorage.Ifyouaremoreconcernedwithserversfailingthanahighlyreliablediskarray,failoverclustersmaybeanappropriatechoice.Ifyouarelookingfordisasterrecoveryfeaturesaswellashighavailability,youwillberunningtwostoragesystemsaswell.Datamirroring,logshipping,andreplicationwithapublishandsubscribemethodcanbeusedinthatcase.

    Tip,Trick,Technique27:EnsuringHighAvailabilityforMicrosoftExchangeWhenitcomestoensuringhighavailabilityofemailservices,youroptionsdependontheversionofMicrosoftExchangeyouarerunning.MicrosoftExchange2007hadafewoptions,includingafailoverclusteroption;withtheadventofMicrosoftExchange2010,highavailabilitywasbuiltintoMicrosoftExchangeitself.Thelaterversionoftheemailservermadehighavailabilitylesscumbersomeandeasiertomanage.Thetwoversionsapproachestoreplicationaresodifferent,wewillconsiderthemseparately.

    HighAvailabilityinMicrosoftExchange2007MicrosoftExchange2007offeredemailadministratorsafewoptionsforimplementinghighavailabilitysolutions:

    licationLocalcontinuousrep

    Singlecopyclusters

    ClusteredmailboxserversLocalcontinuousreplicationusesasynchronousreplicationtocreatecopiesofdatathatarethenkeptsynchronizedusingtransactionlogshipping.Thecopiesarekeptonasecondsetofdisksonthesameserver.Thisoptiondoesnotprovideserverfailoverprotectionbutdoeskeepasecondcopyofdata,whichcanhelpiftheprimarycopyiscorruptedorotherwiseunusable.

    Singlecopyclustersarebuiltonfailoverclusters.Aswithotherfailoverclusters,theserverswithintheclustershareasinglestoragesystem.Configuringtheseclustersandmaintainingthemcanbechallengingandtimeconsuming.

  • The Tips and Tricks Guide to Windows Administration Don Jones and Dan Sullivan

    93

    Clusteredmailboxserversuseclusteringtechnologyforserverfailoverbutdonotusesharedstorage.Instead,acopyofthemaildataismaintainedwithasynchronouslogshipping.Thisoptionhasbothmultipleserversandmultiplecopiesofdata,soitcanprovidearecoverypathforbothserveranddatafailure.Iftheserversarelocatedindifferentdatacenters,thisoptionprovidesdisasterrecoveryprotectionaswell.

    HighAvailabilityinMicrosoftExchange2010MicrosoftExchange2010makesabreakwiththefailoverclustermodelusedinMicrosoftExchange2007andinsteadbuildshighavailabilityfeaturesintotheapplicationitself.SomeofthenewfeaturesofExchange2010include:

    serversActivelypushinglogdatafromprimarytosecondary

    elevelContinuousreplicationisdoneatthedatabas

    ImprovedprotectionformessagesintransitTheresultisimprovedprotectionandeasiermanagement.

    Thisisatrendofpushingavailabilityfeaturesintotheapplicationlevelthatislikelytocontinueashighavailabilitymovesfromlowlevelnetwork/serverfunctiontohigherlevelusinessprocessandapplicationlevel.b

    DownloadAdditionalBooksfromRealtimeNexus!RealtimeNexusTheDigitalLibraryprovidesworldclassexpertresourcesthatITprofessionalsdependontolearnaboutthenewesttechnologies.Ifyoufoundthisbooktobeinformative,weencourageyoutodownloadmoreofourindustryleadingtechnologybooksandvideoguidesatRealtimeNexus.Pleasevisithttp://nexus.realtimepublishers.com.

    http://nexus.realtimepublishers.com/

    Introduction to Realtime PublishersTip, Trick, Technique 1: Setting up a Server Core Domain ControllerStarting the InstallationBasic ConfigurationActivating WindowsCustomize the ServerInstalling Roles

    Tip, Trick, Technique 2: Read-Only Domain ControllersPassword CachingCaveatsFiltered AttributesRead-Only DNSBonus: Administrative SeparationApplication CompatibilityUltimate SecurityEdge CasesRODCs: Pros and Cons

    Tip, Trick, Technique 3: No More CHKDSKTip, Trick, Technique 4: Internet Information Services 7All-New ConsoleApplication PoolsWeb Platform InstallerFTPURL Rewriting

    Tip, Trick, Technique 5: Evaluating Windows Server BackupInstalling Windows Server BackupUsing Windows Server BackupPros and Cons

    Tip, Trick, Technique 6: Using Windows PowerShellWhat Is Windows PowerShell?Enabling Windows PowerShellWindows PowerShell Security and ProfilesUsing Windows PowerShell: The BasicsAll About Commands, Aliases, and Parameters

    Tip, Trick, Technique 7: Understanding Hyper-VHyper-V, HypervisorWhats it All Mean?How Does Hyper-V Licensing Work?Is Hyper-V a Bare Metal Hypervisor?

    Tip, Trick, Technique 8: Remote Server Manager in R2Tip, Trick, Technique 9: Leveraging Server Core in R2Tip, Trick, Technique 10: Deleted AD Object Recovery in R2Tip, Trick, Technique 11: Classifying Files in R2Tip, Trick, Technique 12: Remote Command-Line Administration in R2Tip, Trick, Technique 13: Configuring Server Core in Windows Server 2008 R2Tip, Trick, Technique 14: What Are Microsofts Many Virtualization Options?Hyper-VApp-VVirtual PCDesk-V or MED-VRemote Desktop ServicesIts all V

    Tip, Trick, Technique 15: The New Windows Log FilesTip, Trick, Technique 16: Geographically-Dispersed Cluster NodesTip, Trick, Technique 17: Identifying Threats of Data Loss in a Windows Server EnvironmentAccidental Data Loss Due to Human ErrorAccidental Data Loss Due to Application ErrorIntentional Data Loss Due to MalwareIntentional Data Loss Due to Human ActionsData Loss Due to Natural Disaster

    Tip, Trick, Technique 18: Understanding the Building Blocks of a Recovery Management StrategyCreating a Data Classification SchemeIdentifying Critical Servers and ApplicationsCritical Servers Host Critical ApplicationsCritical Servers Support Critical Business ProcessesImportant But Non-Critical Servers

    Determining RPOs and RTOsCreating a Disaster Recovery Policy

    Tip, Trick, Technique 19: Understanding Security Issues with Backups, Archives, and Disaster RecoveryProtecting Confidentiality of Backup Data

    Tip, Trick, Technique 20: Understanding the Sources of Growing Volumes of DataData-Intensive ApplicationsCustomer Interaction DataBusiness Intelligence and Analytics

    Growing Importance of Unstructured DataCompliance and Data Generation

    Tip, Trick, Technique 21: Understanding Systems Administrators Responsibilities for Growing Volumes of DataBackup and RecoverySecurityChallenges to Maintaining Confidentiality and IntegrityChallenges to Maintaining Availability

    Tip, Trick, Technique 22: Getting Control of Data Growth with Information Life Cycle ManagementStep 1: Classifying DataStep 2: Determining Access Requirements for Categories of DataStep 3: Defining Recovery Requirements for DataStep 4: Defining Explicit Policies for Destroying DataStep 5: Implementing Information Life Cycle PoliciesLimits of Information Life Cycle Management

    Tip, Trick, Technique 23: Business Drivers Behind the Need for High AvailabilityUser Expectation for Continuous AvailabilityApplication Design Considerations and High Availability

    Tip, Trick, Technique 24: Understanding the Key Elements of High AvailabilityThe Need for Hardware RedundancyThe Need for OS RedundancySpecial Issues with Application Software Redundancy

    Tip, Trick, Technique 25: Windows Server Options for High AvailabilityUsing NLB to Ensure Performance LevelsApplication Redundancy in Failover Clusters

    Tip, Trick, Technique 26: Ensuring High Availability for SQL Server DatabasesFailover ClustersDatabase MirroringLog ShippingReplication

    Tip, Trick, Technique 27: Ensuring High Availability for Microsoft ExchangeHigh Availability in Microsoft Exchange 2007High Availability in Microsoft Exchange 2010

    Download Additional Books from Realtime Nexus!