1.1.1 Planning a Server Installation
June 10, 2015
184.108.40.206 Windows Server 2012 R2 Editions and Installation Options
Since Windows Server 2008 R2, there has not been a 32 bit version of Windows Server. This is because most server processors are now manufactured to the 64 bit standard. This helps when deciding which version of Windows Server 2012 R2 to purchase because there are now only four editions to choose from (see Table 1).
Table 1: Windows Server 2012 R2 Editions and Features
For more information about the different server editions see: https://www.microsoft.com/en-us/download/details.aspx?id=41703
Factors affecting the choice of Windows Server edition are:
- Roles required for the server
- Virtualisation requirements
- Licensing plan
It is the job of the administrator to choose an edition which meets the requirements of their organisation with the best return on investment.
When installing the Windows Server 2012 R2 Standard or Datacenter editions there is the option to choose server Core, Minimal Interface and Full. The Core installation provices CLI acess to the server, minimal provides a cut down version of the GUI and the Full version provides the will GUI and CLI options.
The CLI option uses the least system resources and has the smallest attack face as many common attack vectors, such as Internet Explorer, are not available (see Table 2).
|Reduced hardware utilisation||Removes the some of the memory and processor intensive features of the operating system.|
|Reduced disk space||Requires less disk space for the operating system installation and the swap.|
|Reduced patch frequency||The GUIs for Windows Server are among the most patched aspects of the operating system. Removing them reduces the patch frequency of the server and in turn reduced restarts and downtime.|
|Reduced attack surface||Due to the reduced amount of software running on the server, there are less weaknesses for attackers to try and exploit.|
Table 2: Advantages of Server Core
Server Core is the default option when in stalling Windows Server 2012 R2. It does also allow for the install type to be changed after installing, unlike Windows Server 2008. This means the server can be configured using the full GUI, then maintained using the CLI should the administrator wish.
Due to the way Windows Server 2012 R2 can be configured, the CLI is not likely to be heavily used. This is because the Server Manager can be used to remotely manage Windows Servers across the network. This means only a few servers need to be configured with the GUI to manage all of the other servers in the network.
Minimal Server Interface
The minimal server interface provides some of the advantages of the Server Core, but also adds some useful GUI tools too. Most of the hardware intensive UI (User Interface) are removed:
- Some Windows Shell Features
- File Explorer
- Windows 8 Apps
- Internet Explorer
- Some Control Panel Features
- Programs and Features
- Network and Sharing
- Devices and Printers
- Windows Update
- Storage Spaces
It does provide
- Server Manager
- Device Manager
To install the minimum server interface, first install the Full server installation. Then navigate to “Remove Rolls and Features Wizard” in “Server Manager”. Look for “User Interfaces and Infastructure” feature, then display the sub features and uncheck “Desktop Experience”. This can also be achieved in Windows PowerShell with this command: “Remove-WindowsFeature -Name Server-GUI-Shell -Restart”. This will remove the selected feature and restart the computer in minimal server interface mode.
220.127.116.11 Server Roles
Server roles are collections of services which together make server functions. Roles can be configured in Windows Server 2012 R2 using the Server Manager or PowerShell. The edition selected will determine the role available.
When planning the server, the administrator not only needs to consider which roles the server will need to perform now, but which ones may be required in the future.
Server Core does not support all of the roles available in Windows Server 2012 R2. These are the unsupported roles:
- Active Directory Federation Services
- Application Server – this is because it is depreciated
- Fax Server
- Network Policy and Access Services
- Remote Desktop Gateway
- Remote Desktop Session Host
- Remote Desktop Web Access
- Volume Activation Services
- Windows Deployment Services
18.104.22.168 Virtualisation in Windows Server 2012 R2
Windows Server 2012 R2 Datacenter and Standard editions both support Hyper-V. Each licence allows for one POSE (Physical Operating System Environment) installation. The two editions differ when it comes to the number of VOSE (Virtual Operating System Environment) installations.
Datacenter edition allows for unlimited VOSE, whereas Standard edition allows for just two VOSE installations. Windows Server Essentials allows for either one POSE or VOSE installation. The Foundation edition is limited to one POSE installation only.
More POSE and VOSE installations can be acquired by purchasing additional licences.
22.214.171.124 System Requirements for Windows Server 2012 R2
Table 3 details the minimum hardware requirements to install Windows Server 2012 R2.
|Processor||64 bit 1.4Ghz or faster|
|HDD||32GB Available (more is required if installing over a network or the system has more then 16GB of RAM)|
|Display||Super VGA 1024×768 or higher|
|Peripherals||Keyboard and Mouse/Pointing Device|
Table 3: Minimum Windows Server 2012 R2 Hardware Requirements
There are also some maximum hardware restrictions which may need to be considered (see Table 4).
|Failover cluster nodes||64|
Table 4: Windows Server 2012 R2 Maximum Hardware Configurations
126.96.36.199 Features on Demand
In order to allow administrators to add and remove features to the Windows operating system as they please without having to provide the installation medium, all the required components are stored in a folder called “WinSxS”. These files are copied there when the system is installed and is about 5GB in size. Once a system is configured it is unlikely these files will be used and the disk space could be put to better use.
Features on Demand is a new feature to Windows Server 2012 and Windows 8. It allows administrators to remove these files from the local hard disk of the server. In the event the server requires these files, it can get the from a remote source instead, such as Windows Update, NAS (Network Attacked Storage) or from the installation media. Group policy can also be used to specify the new location for Windows Feature payloads. Features on Demand provides three states for features in a system:
- Disabled with payload removed
To remove the payload of a feature, the following command can be used in Windows PowerShell: “Unistall-WindowsFeature [feature] -Remove”. To reinstall the feature from a specific source (other than Windows Update) the following command can be using in Windows PowerShell: “Install-WindowsFeature [feature] -Source [source]”.
The ability to move the storage disabled components to a central local is very useful when disk space is limited and or expensive. Increased virtualisation and SSDs (Solid State Drives) have increased the need for Features on Demand.
1.1 Installing Servers
June 10, 2015
When deciding on a new server installation careful thought and planning needs to be taken. Some things which needs to be considered based on the functional requirements of the server are:
- Virtualisation technologies (if any)
- Operating system edition
- GUI (Graphical User Interface) or Server Core CLI (Command Line Interface)
- If the new server will be introducing new technologies or software, should it be first tested on a test network before it is put into production?
- Location in the network
- Number of users now and in the future
Introduction to 70-410
June 10, 2015
70-410 is the first exam in the Server 2012 R2 MCSA (Microsoft Certified Systems Associate). This blog contains some material to help you prepare for the exam.
I am studying for this exam now, so most of the content is based on my notes.
The main book that I am using for this exam is Installing and Configuring Windows Server 2012 R2 Exam Ref 70-410 along with other documentation on Microsoft Technet.
They say one of the best ways to learn something really well, is to learn it, then see if you can teach it. So here it goes; hope it helps.
June 10, 2015
What Makes a Concurrent Algorithm Correct?
May 17, 2015
First of all one must ask themselves what makes any algorithm correct? The answer is the algorithm does as it is required by a specification or set of interested properties. For example a specification which states the algorithm will sort as list of unsorted numbers in ascending order, is correct if it does just that.
This brings us onto defining what makes a correct concurrent algorithm. As with any algorithm or computer program, we require that it produces the expected output from the data that is input into the system. Additionally when concurrency is brought into the mix there are two more properties we are concerned with. The first is mutual exclusion of shared resources, in order to prevent the problematic results race conditions can produce. Secondly we want to be sure the algorithm doesn’t result in deadlock or livelock.
To conclude we can say that a concurrent algorithm is correct if it meets the following requirements:
- It is safe – shared resources are suitably protected
- The required result eventually happens – free from deadlock and livelock
The Mighty Doonans
August 4, 2014
The Doonan Family Band has now become mighty! With the addition of four of their younger family members, to form The Mighty Doonans. This is their first album together as The Mighty Doonans and it is not one to pass off. Many of songs on this album have a clear theme about the hard lives of the miners and their families in the north of England.
The album starts with a song about a poor man, trying to persuade his pretty daughter Mary, to marry a rich countryman and escape for a better life. Although this song is slightly sad in a way, because Mary is being forced into a marriage she does not want, it is a fairly lively song; perfectly starting the album and setting the scene for the commencing songs.
To make these songs even more profound and meaningful they cleverly involve the local lingo in their lyrics. For example “Ee Aye Aa Cud Hew” and “Cannily Cannily” both use local phrases and words to tell the story of the hardship, the mining families went through. Some of these phrases you may be familiar with, others you may not. However, understand them or not, the music is defiantly enjoyable and the meaning of the songs, regardless, is clear.
Their music style is distinctly folky and they use a variety of musical talents and instruments to create their mighty music. Throughout the album there is a mixture of songs both lively and calmer. This combination makes this album interesting and the slight change in style and speed prevents you from becoming tired of it in a hurry. Encouraging you to continue listening to their many and interesting tales…
The Malware Paradox
June 29, 2014
What is Malware?
Malware is short for “malicious software”. It is any type of software with a malicious intent. This includes computer viruses, spyware/trojan horses, worms, some online scripts and some tracking cookies. We tend to use the term “computer virus” to mean all of these things, but technically this is incorrect.
There are two parties who have an interest in the development of malware, both of which would lose their jobs if it was to go away. They are the malware developers and the security package developers; they are both, in most cases, after your cash. I shall point out here, there will always be those out there to cause damage, meaning we need some “good guys and girls” to help prevent and repair that damage.
The Anti Malware Problem
The problem occurs when there is so much money to be made in security products and too many people using insecure computers. This makes it easier for programmers to write more malware with increased scales of damage. These “bigger” and “worse” malware programs then reach the media, where they are hyped up out of proportion, in many cases. The “experts” then recommend everyone updates their anti virus software and make sure it is from a “decent” provider.
Securing Your Computer
The fact is there is so much more to securing a computer than just installing anti virus software and a firewall; they are simply the easiest things to do. Additionally the internet is a constant threat and there is no time to be spent with your feet up. Whether it is topical in the news or not, you should have good computer practices, which ensure that your computer is in the best possible state to fend off malicious software and attackers.
Some good practices are:
- Keeping all your software and drivers up-to-date
- Running up-to-date quality anti virus / malware software, free or paid – good free ones for include Avast and AVG – good paid ones include Bit Defender and my personal favourite ESET NOD32
- Running a well configured firewall on your computer and network
- Turning off unnecessary features
- Using strong passwords
- Being careful when opening email attachments – how to spot a phishing email
- Don’t click on anything that looks suspicious – check with someone else if you’re not sure
- Keep regular backups
Remember if you are running Windows, Mac OS or Linux/Unix, any computer to be precise, it can get malware/viruses. The chances are if you aren’t running Windows you won’t get any, yet it is important to remember they are out there and it is wise to take steps to prevent them. For those not running Windows you probably don’t need anti virus, but a firewall is very much advised as well as adhering to good practices will probably keep you safe.
What if You Get Malware?
If you suspect you have malware/viruses on your computer, I advise you get it checked out ASAP and don’t use the computer until you’re sure it’s safe. A really good free program for finding a removing malware is Malware Bytes. It has a good track record dealing with most occurrences of malware and it is easy-to-use.
All in all I’d consider malware to be the fourth biggest threat to IT. It’s important to take steps to prevent it, but more fuss is made about it than there needs to be. So keep calm, take steps to prevent malware and carry on!
Creating and Remembering Strong Passwords
April 25, 2014
With crackers becoming more and more cunning in their methods and attempts to steal your data, it is more important than ever to use “secure passwords” that make it difficult for crackers to break. Not only that, it is imperative that you use a range of different secure passwords for different sites. This is because in the event of one of your passwords being compromised, the others will remain safe.
What makes a password “secure”?
There a variety of things that make a password secure, these are some of them:
- 8 or more characters long
- Use of both upper and lower cases
- Use of letters, numbers and symbols
- Passwords not made of dictionary words, names and dates, etc.
How can I make a secure password that is also easy to remember?
This video from Sophos explains a very good way of creating secure passwords that you’ll remember and briefly covers a solution to managing lots of different passwords.
Sophos is UK computer security company who have been making security software for industry for decades. Find out more about Sophos here.
How can I test my password?
There are now a variety of tools available which try and guess how long it might take to crack your password. Why not test it and see how your new “secure” password compares to your old one.
How to Keep Using Windows After April the 8th 2014
March 25, 2014
For many people upgrading from Windows XP is just not an option for a variety of reasons, others may just choose to keep it. Microsoft will end support on April the 8th 2014 which means there will be no more security patches available. If your staying loyal to Windows XP and intend to keep using it after April the 8th 2014, these YouTube videos will help to improve your security after that time:
Securing Windows XP Part 1
Securing Windows XP Part 2
Securing Windows XP Part 3
Securing Windows XP Part 4