Preface | p. xix |
Acknowledgments | p. xxi |
Introduction | p. xxiii |
Planning for Windows Server 2003 | p. 1 |
Windows Server 2003 | p. 2 |
Building the Foundation of the Network | p. 3 |
The Server Lifecycle | p. 4 |
The Service Lifecycle | p. 5 |
A New Model for Server Construction and Management | p. 8 |
The Benefits of the PASS Model | p. 11 |
A Structured Approach: Using Standard Operating Procedures | p. 12 |
SOP Best Practices | p. 13 |
Enterprise Network Architectures | p. 14 |
Building on Windows 2000: The WS03 Model | p. 15 |
Product Activation | p. 17 |
The Windows Server Enterprise Architecture | p. 18 |
Designing the Enterprise Network Architecture | p. 19 |
The Architectural Design Process | p. 20 |
Performing a Situation Review and Needs Analysis | p. 22 |
The Changing Role of Servers | p. 22 |
Consolidating Servers with Windows Server 2003 | p. 23 |
Using the PASS Model | p. 24 |
Migration Considerations | p. 27 |
Upgrade versus Clean Installation | p. 28 |
Using the Technological Lab as a Testing Ground | p. 29 |
Moving On | p. 32 |
Best Practice Summary | p. 33 |
Chapter Roadmap | p. 33 |
Preparing for Massive Installations of Windows Server 2003 | p. 36 |
Choosing the Migration Approach | p. 37 |
Choosing What to Migrate First | p. 39 |
Detailed Inventories | p. 44 |
Security Considerations | p. 45 |
Licensing Considerations | p. 46 |
Installing and Configuring Servers | p. 47 |
Preparing for Massive Installations | p. 47 |
Using Installation Documentation | p. 54 |
The Installation Preparation Checklist | p. 54 |
Documenting Server Installations | p. 54 |
The Post-Installation Checklist | p. 55 |
Massive Installation Processes | p. 56 |
The Initial Installation | p. 57 |
Customizing Your Server | p. 60 |
Choosing the Massive Installation Method | p. 65 |
Scripting Upgrades | p. 66 |
Disk Imaging | p. 67 |
Remote Installation | p. 70 |
Putting the Server in Place | p. 75 |
Best Practice Summary | p. 75 |
Chapter Roadmap | p. 76 |
Designing the Active Directory | p. 78 |
Introducing Active Directory | p. 79 |
New Features for Active Directory | p. 83 |
The Nature of Active Directory | p. 85 |
Designing the Solution: Using the Active Directory Blueprint | p. 87 |
AD Partitioning | p. 88 |
AD Service Positioning | p. 88 |
Implementation Plan | p. 89 |
Putting the Blueprint into Action | p. 89 |
Forest/Tree/Domain Strategy | p. 91 |
Forest Design Example | p. 94 |
Production Forest Design | p. 95 |
Domain Strategy Design | p. 97 |
Other Forest Domain Designs | p. 100 |
Forest Design Best Practices | p. 100 |
Designing the Naming Strategy | p. 101 |
Naming Best Practices | p. 102 |
Designing the Production Domain OU Structure | p. 104 |
The OU Design Process | p. 104 |
The PCs Object OU Structure Design | p. 107 |
The Services Object OU Structure Design | p. 107 |
The People Object OU Structure Design | p. 108 |
Replicating the OU Structure to Other Domains | p. 109 |
Production OU Design Best Practices | p. 109 |
AD and Other Directories | p. 112 |
Microsoft Metadirectory Services | p. 113 |
Integrated Applications for NOS Directories | p. 114 |
AD Integration Best Practices | p. 115 |
Service Positioning | p. 116 |
Operation Masters Positioning | p. 116 |
Global Catalog Server Positioning | p. 118 |
Domain Controller Positioning | p. 119 |
DNS Server Positioning | p. 119 |
Service Positioning Best Practices | p. 120 |
Server Positioning Scenario | p. 120 |
Site Topology | p. 127 |
Site Topology Design | p. 128 |
Creating Site Link Bridges | p. 128 |
Best Practices for Site Topology Design | p. 130 |
T&T Corporation's Site Topology Scenario | p. 130 |
Schema Modification Strategy | p. 133 |
Schema Modification Strategy Best Practices | p. 135 |
AD Implementation Plan | p. 135 |
The Ongoing AD Design Process | p. 137 |
Best Practice Summary | p. 137 |
Chapter Roadmap | p. 138 |
Designing the Enterprise Network IP Infrastructure | p. 140 |
TCP/IP in Windows Server 2003 | p. 142 |
New IP Features in WS03 | p. 143 |
Implementing a New Enterprise Network | p. 147 |
Preparing the Parallel Network | p. 148 |
Creating the Production Active Directory | p. 152 |
Forest Staging Activities | p. 154 |
Installing the First Server in a Forest | p. 154 |
Creation of the Second DC in the Forest Root Domain | p. 167 |
Creation of the First DC in the Global Child Production Domain | p. 171 |
Creating the Second DC in the Global Child Production Domain | p. 173 |
Connecting the Enterprise Network | p. 176 |
Network Infrastructure Staging Activities | p. 176 |
Server Installation and Configuration | p. 176 |
Configuring the First Network Infrastructure Server | p. 177 |
Configuring the Second Network Infrastructure Server | p. 185 |
Moving Servers and Configuring Domain Replication | p. 185 |
Upgrading Active Directory from Windows 2000 to WS03 | p. 189 |
The Upgrade Process | p. 189 |
Ongoing Forest Management | p. 194 |
Best Practice Summary | p. 194 |
Chapter Roadmap | p. 196 |
Building the PC Organizational Unit Infrastructure | p. 198 |
Managing Objects with Active Directory | p. 199 |
Group Policy Concepts | p. 199 |
Group Policy Processing | p. 201 |
GPO Inheritance (and Blocking) | p. 202 |
Policy Loopback | p. 205 |
Policy Filtering | p. 207 |
Fast Logon Optimization | p. 209 |
Policy Design | p. 210 |
Designing a GOP Strategy | p. 212 |
GPO Application and Processing Speed | p. 212 |
Creating an OU Design for PC Management Purposes | p. 214 |
Centralized PC Administration | p. 214 |
Decentralized PC Administration | p. 219 |
Designing for Delegation | p. 220 |
Delegation in Active Directory | p. 221 |
Designing a Delegation Strategy | p. 225 |
Enterprise PC Management | p. 225 |
Software Installations with WS03 | p. 226 |
Enterprise Software Assets | p. 228 |
Software Delivery in the Enterprise | p. 229 |
Completing the OU Strategy | p. 234 |
Putting the PCs OU Infrastructure in Place | p. 235 |
Using the Group Policy Management Console | p. 239 |
Best Practice Summary | p. 240 |
Chapter Roadmap | p. 242 |
Preparing the User Organizational Unit Infrastructure | p. 244 |
Managing User Objects with Active Directory | p. 245 |
The Active Directory User Object | p. 246 |
Using Template Accounts | p. 254 |
Massive User Management | p. 255 |
Managing and Administering Groups | p. 257 |
WS03 Groups Types and Group Scopes | p. 258 |
Best Practices for Group Management/Creation | p. 260 |
Creating an OU Design for User Management Purposes | p. 266 |
The People OU Structure | p. 266 |
User-Related GPO Concepts | p. 269 |
Completing the People OU Structure | p. 279 |
Putting the People OU Infrastructure in Place | p. 280 |
Best Practice Summary | p. 282 |
Chapter Roadmap | p. 283 |
Designing the Network Services Infrastructure | p. 286 |
Preparing File and Print Servers | p. 288 |
Sharing Files and Folders | p. 288 |
Expanding Disks for File Storage | p. 289 |
Disk Structure Preparation | p. 290 |
Creating the File Server | p. 296 |
Creating the Folder Structure | p. 297 |
Enabling File Server Services | p. 298 |
Sharing Folders | p. 301 |
Publishing Shares in Active Directory | p. 302 |
Finding a Share in AD | p. 304 |
Managing Folder Availability | p. 305 |
Distributed Link Tracking | p. 305 |
Working with the Distributed File System | p. 306 |
Sharing Printing Services | p. 312 |
WS03 Printer Drivers | p. 313 |
Integration with Active Directory | p. 314 |
Managing Printer Permissions | p. 316 |
Internet Printing Protocol | p. 316 |
Establishing a Shared Printer Policy | p. 317 |
Creating the Print Server | p. 319 |
Sharing Files and Printers for Non-Windows Clients | p. 323 |
Macintosh Computers | p. 323 |
UNIX Integration | p. 324 |
Preparing Application Servers | p. 324 |
Sharing Applications: Commercial and Corporate | p. 324 |
Preparing Terminal Servers | p. 329 |
Sharing Applications: Terminal Services | p. 329 |
Collaboration Servers | p. 337 |
Additional Network Infrastructure Server Functions | p. 337 |
Preparing Remote Installation Services Servers | p. 337 |
Server System Requirements by Role | p. 339 |
Designing the Services OU Structure | p. 340 |
Considerations for the Migration of Services to the Parallel Network | p. 343 |
Best Practice Summary | p. 344 |
Chapter Roadmap | p. 346 |
Managing Enterprise Security | p. 348 |
Security Basics | p. 349 |
Designing a Security Policy | p. 351 |
The Castle Defense System | p. 351 |
The Security Plan | p. 355 |
The Microsoft Security Operations Guide | p. 356 |
Windows Server 2003 Security | p. 357 |
Applying the Castle Defense System | p. 359 |
Critical Information | p. 360 |
Physical Protection | p. 361 |
Operating System Hardening | p. 362 |
System Security Configuration | p. 363 |
Security Template Best Practices | p. 373 |
Antivirus Strategies | p. 374 |
General Active Directory Security | p. 375 |
File System Security | p. 378 |
Print System Security | p. 380 |
.NET Framework Security | p. 380 |
Internet Information Server 6.0 | p. 384 |
Final Operating System Hardening Activities | p. 386 |
Information Access | p. 387 |
Smart Card Authentication | p. 387 |
Securing User Identification | p. 388 |
Managing Trusts | p. 394 |
Web Server Access Control | p. 396 |
.NET Framework Authentication | p. 398 |
Access Audition and Monitoring | p. 399 |
External Access | p. 399 |
Designing an Internal Public Key Infrastructure | p. 400 |
Managing the Security Policy | p. 403 |
Best Practice Summary | p. 404 |
Chapter Roadmap | p. 406 |
Creating a Resilient Infrastructure | p. 408 |
Planning for System Redundancy | p. 409 |
Preparing for Potential Disasters | p. 411 |
Using WS03 Clustering Services | p. 412 |
Network Load Balancing | p. 414 |
Multiple-Node Server Clusters | p. 420 |
Server Consolidation | p. 425 |
Consolidation Through Server Baselining | p. 426 |
Planning for System Recovery | p. 428 |
Recovery Planning for the Enterprise Network | p. 428 |
Data Protection Strategies | p. 433 |
Finalizing Your Resiliency Strategy | p. 441 |
Best Practice Summary | p. 441 |
Chapter Roadmap | p. 443 |
Putting the Enterprise Network into Production | p. 446 |
Migrating Data, Users, and PCs to the Parallel Network | p. 447 |
Using the Active Directory Migration Tool | p. 450 |
Transferring Networked User Data | p. 454 |
Decommissioning the Legacy Network | p. 457 |
Revising the IT Role Structure | p. 457 |
New and Revised AD IT Roles | p. 458 |
Designing the Services Administration Plan | p. 460 |
WS03 Administrative Tools | p. 464 |
Final Recommendations | p. 466 |
Best Practice Summary | p. 467 |
Chapter Roadmap | p. 467 |
Index | p. 469 |
Table of Contents provided by Ingram. All Rights Reserved. |