Windows Server Administration/Configuration
This lesson covers Windows Server configuration. Activities include initial configuration of a new server installation.
Objectives and Skills
editObjectives and skills for the Understanding Server Installation portion of Windows Server Administration Fundamentals certification include:[1]
- Understand device drivers: installation; removal; disabling; update/upgrade; rollback; troubleshooting; Plug & Play; IRQ; interrupts; driver signing
- Understand services: what services are; which statuses a service can be in; startup types; recovery options; delayed startup; Run As settings for a service; stopping or pausing a service; service accounts, dependencies
Readings
editMultimedia
editActivities
edit- Review Windows Server 2019 Activation. If you have a license key and are ready to activate Windows Server, proceed with activation. Windows licenses for student use are available through Azure.
- Review Initial Configurations of Windows server. Configure a Windows Server installation by setting the time zone, networking, computer name, and domain if applicable.
- Review Youtube: Windows Server 2019 Windows Updates Settings and Options. Enable automatic updating and download and install updates. It is important to update your server before installing any roles or features to ensure all current security updates have been applied.
- Review Driver Signing. Check the current driver signing policy settings.
- Review Youtube: How to use Device Manager in Windows Admin Center website. Use the Windows Admin Center and Device Manager to check for driver updates on the display adapter and all network adapters.
- Review PnPUtil (Windows Drivers). Use PnPUtil to display third-party driver packages currently in the driver store.
- Review Services. Open the Services console and stop and restart the Print Spooler service.
Lesson Summary
edit- Microsoft Product Activation is a form of digital rights management used by Microsoft to enforce compliance with a program's end-user license agreement by transmitting information about both the product key used to install the program and the user's computer hardware to Microsoft and inhibiting or completely preventing the use of the program until the validity of its license is confirmed.[2]
- Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components.[3]
- Microsoft Update is an optional feature which replaces Windows Update and provides updates for both the operating system and Microsoft applications such as Microsoft Office.[4]
- Windows security updates are routinely provided on the second Tuesday of each month, but can be provided whenever a new update is urgently required to prevent a newly discovered or prevalent exploit targeting Windows users.[5]
- Control Panel is a part of the Microsoft Windows graphical user interface which allows users to view and manipulate basic system settings and controls via applets, such as adding hardware, adding and removing software, controlling user accounts, and changing accessibility options.[6]
- Device Manager is a Control Panel applet in Microsoft Windows operating systems that allows users to view and manage the hardware attached to a computer.[7]
- Device drivers are computer programs that operate or control a particular type of device that is attached to a computer. Device drivers may run in either kernel mode or user mode, with kernel mode having unrestricted access to the system, and user mode protecting access to other hardware and applications.[8]
- Drivers may be installed automatically through Plug and Play hardware detection and installed manually through Device Manager.[9]
- Drivers may be pre-staged by placing them in the DevicePath driver store. If a device driver is not found in the driver store, Windows will search Windows Updates for a driver. If a device driver is not found in Windows Update, Windows will ask the user for a path to the driver on local media.[10]
- By default, only administrators may install drivers that are not in the driver store. This restriction may be changed through a computer policy.[11]
- Drivers are removed by right-clicking on the device in Device Manager and removing the device. A dialog box will appear confirming device removal and allowing driver removal from the driver store.[12]
- Drivers are enabled and disabled by right-clicking on the device in Device Manager.[13]
- Drivers are updated automatically through Windows Update and manually by right-clicking on the device in Device Manager.[14]
- Drivers may be rolled back to a previous version by right-clicking on the device in Device Manager and then selecting the Drivers tab under device properties.[15]
- Troubleshoot drivers using Device Manager or Safe Mode.[16]
- The driver store may also be managed using the command line utility PNPUTIL.EXE.[17]
- A plug and play device or computer bus is one with a specification that facilitates the discovery of a hardware component in a system without the need for physical device configuration or user intervention in resolving resource conflicts.[18]
- The Intel / Microsoft Plug and Play standard requires configuration of devices to be handled by system firmware, which then provides details of resources allocations to the operating system. The process is invoked at boot time. When the computer is first turned on, compatible devices are identified and assigned non-conflicting addresses and interrupt request numbers.[19]
- Microsoft Management Console (MMC) is a component of Windows operating systems that provides advanced users an interface for configuring and monitoring the system through snap-in components.[20]
- A Windows service is a computer program that operates in the background, and is similar in concept to a Unix daemon. Services are managed using the Microsoft Management Console Services snap-in.[21]
- Services may be started, stopped, paused, or restarted.[22]
- Service startup types may be set to Automatic, Automatic (Delayed), Manual, or Disabled.[23]
- When a service fails, recovery actions may be set on the first failure, second failure, and subsequent failures. Options include restarting the service, running a program or script, and restarting the computer.[24]
- Because services run in the background, they must be configured to run in a given security context. Options include the Local System account, the Local Service account, the Network Service account, or a specific user account .[25]
- Starting with Windows Server 2008 R2, service accounts can automatically be managed by Windows as a managed service account.[26]
- Service dependencies may be configured to ensure that one or more services are started before starting another service. Service dependencies may be viewed in the Services console and configured using the Registry Editor.[27]
Key Terms
edit- certificate of authenticity
- A seal or small sticker on a proprietary computer program with a license number which verifies that the program is a genuine, legal copy.[28]
- denial-of-service attack
- An attempt to make a machine or network resource unavailable to its intended users.[29]
- digital rights management (DRM)
- A class of technologies that are used by hardware manufacturers, publishers, copyright holders, and individuals with the intent to control the use of digital content and devices after sale.[30]
- driver signing (code signing)
- The process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash.[31]
- end-user license agreement (EULA)
- The contract between a licensor and purchaser, establishing the purchaser's right to use software.[32]
- exploit
- A piece of software that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software or hardware, typically to gain control of a computer system or allow privilege escalation or a denial-of-service attack.[33]
- interrupt request (IRQ)
- A hardware signal sent to the processor that temporarily stops a running program and allows a special program, an interrupt handler, to run instead.[34]
- malware
- Malicious software used by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.[35]
- privilege escalation
- The act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.[36]
- System Locked Pre-installation (SLP) key
- A master product key issued to Original Equipment Manufacturers (OEMs) to automatically activate Windows without the need for interaction from the user.[37]
- volume license key
- A product key used when installing software licensed in bulk, which allows a single product key to be used for multiple installations.[38]
- Windows Registry
- A hierarchical database that stores configuration settings and options on Microsoft Windows operating systems.[39]
Review Questions
editClick on a question to see the answer.
-
Microsoft Product Activation is a form of _____ used by Microsoft to enforce compliance with a program's _____ by transmitting information about _____ to Microsoft and _____ of the program until the validity of its license is confirmed.Microsoft Product Activation is a form of digital rights management used by Microsoft to enforce compliance with a program's end-user license agreement by transmitting information about both the product key used to install the program and the user's computer hardware to Microsoft and inhibiting or completely preventing the use of the program until the validity of its license is confirmed.
-
Windows Update is a service provided by Microsoft that provides _____.Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components.
-
Microsoft Update is an optional feature which replaces _____ and provides _____.Microsoft Update is an optional feature which replaces Windows Update and provides updates for both the operating system and Microsoft applications such as Microsoft Office.
-
Windows security updates are routinely provided on the _____ of each month, but can be provided _____ to prevent a newly discovered or prevalent exploit targeting Windows users.Windows security updates are routinely provided on the second Tuesday of each month, but can be provided whenever a new update is urgently required to prevent a newly discovered or prevalent exploit targeting Windows users.
-
Control Panel is a part of the Microsoft Windows graphical user interface which allows users to _____.Control Panel is a part of the Microsoft Windows graphical user interface which allows users to view and manipulate basic system settings and controls via applets, such as adding hardware, adding and removing software, controlling user accounts, and changing accessibility options.
-
Device Manager is a Control Panel applet in Microsoft Windows operating systems that allows users to _____.Device Manager is a Control Panel applet in Microsoft Windows operating systems that allows users to view and manage the hardware attached to a computer.
-
Device drivers are computer programs that _____. Device drivers may run in either _____ mode or _____ mode, with _____ mode having _____, and _____ mode _____.Device drivers are computer programs that operate or control a particular type of device that is attached to a computer. Device drivers may run in either kernel mode or user mode, with kernel mode having unrestricted access to the system, and user mode protecting access to other hardware and applications.
-
Drivers may be installed automatically through _____ and installed manually through _____.Drivers may be installed automatically through Plug and Play hardware detection and installed manually through Device Manager.
-
Drivers may be pre-staged by placing them in the _____. If a device driver is not found in the _____, Windows will search _____ for a driver. If a device driver is not found in _____, Windows will _____.Drivers may be pre-staged by placing them in the DevicePath driver store. If a device driver is not found in the driver store, Windows will search Windows Updates for a driver. If a device driver is not found in Windows Update, Windows will ask the user for a path to the driver on local media.
-
By default, _____ may install drivers that are not in _____. This restriction may be changed through _____.By default, only administrators may install drivers that are not in the driver store. This restriction may be changed through a computer policy.
-
Drivers are removed by _____. A dialog box will appear _____.Drivers are removed by right-clicking on the device in Device Manager and removing the device. A dialog box will appear confirming device removal and allowing driver removal from the driver store.
-
Drivers are enabled and disabled by _____.Drivers are enabled and disabled by right-clicking on the device in Device Manager.
-
Drivers are updated automatically through _____ and manually by _____.Drivers are updated automatically through Windows Update and manually by right-clicking on the device in Device Manager.
-
Drivers may be rolled back to a previous version by _____.Drivers may be rolled back to a previous version by right-clicking on the device in Device Manager and then selecting the Drivers tab under device properties.
-
Troubleshoot drivers using _____ or _____.Troubleshoot drivers using Device Manager or Safe Mode.
-
The driver store may be managed using the command line utility _____.The driver store may be managed using the command line utility PNPUTIL.EXE.
-
A plug and play device or computer bus is one with a specification that facilitates _____ in a system without the need for _____.A plug and play device or computer bus is one with a specification that facilitates the discovery of a hardware component in a system without the need for physical device configuration or user intervention in resolving resource conflicts.
-
The Intel / Microsoft Plug and Play standard requires configuration of devices to be handled by _____, which then provides details of _____ to _____. The process is invoked _____. When the computer is _____, compatible devices are _____.The Intel / Microsoft Plug and Play standard requires configuration of devices to be handled by system firmware, which then provides details of resources allocations to the operating system. The process is invoked at boot time. When the computer is first turned on, compatible devices are identified and assigned non-conflicting addresses and interrupt request numbers.
-
Microsoft Management Console (MMC) is a _____ that provides _____ through _____.Microsoft Management Console (MMC) is a component of Windows operating systems that provides advanced users an interface for configuring and monitoring the system through snap-in components.
-
A Windows service is a _____ that operates _____, and is similar in concept to _____. Services are managed using _____.A Windows service is a computer program that operates in the background, and is similar in concept to a Unix daemon. Services are managed using the Microsoft Management Console Services snap-in.
-
Services may be _____, _____, _____, or _____.Services may be started, stopped, paused, or restarted.
-
Service startup types may be set to _____, _____, _____, or _____.Service startup types may be set to Automatic, Automatic (Delayed), Manual, or Disabled.
-
When a service fails, recovery actions may be set on _____, _____, and _____. Options include _____, _____, and _____.When a service fails, recovery actions may be set on the first failure, second failure, and subsequent failures. Options include restarting the service, running a program or script, and restarting the computer.
-
Because services run _____, they must be _____. Options include the _____ account, the _____ account, the _____ account, or a _____ account.Because services run in the background, they must be configured to run in a given security context. Options include the Local System account, the Local Service account, the Network Service account, or a specific user account .
-
Starting with Windows Server 2008 R2, service accounts can automatically be managed by Windows as a _____ account or _____ account.Starting with Windows Server 2008 R2, service accounts can automatically be managed by Windows as a managed service account or virtual account.
-
Service dependencies may be configured to ensure that one or more services are _____. Service dependencies may be viewed in _____ and configured using _____.Service dependencies may be configured to ensure that one or more services are started before starting another service. Service dependencies may be viewed in the Services console and configured using the Registry Editor.
Flashcards
editSee Also
editReferences
edit- ↑ Microsoft: Windows Server Administration Fundamentals Exam Details
- ↑ Wikipedia: Microsoft Product Activation
- ↑ Wikipedia: Windows Update
- ↑ Wikipedia: Windows Update
- ↑ Wikipedia: Windows Update
- ↑ Wikipedia: Control Panel (Windows)]]
- ↑ Wikipedia: Device Manager
- ↑ Wikipedia: Device driver
- ↑ Overview of Device and Driver Installation
- ↑ Overview of Device and Driver Installation
- ↑ Install a Plug and Play Device
- ↑ How to Use the Windows Device Manager for Troubleshooting
- ↑ How to Use the Windows Device Manager for Troubleshooting
- ↑ How to Use the Windows Device Manager for Troubleshooting
- ↑ How to Use the Windows Device Manager for Troubleshooting
- ↑ How to Use the Windows Device Manager for Troubleshooting
- ↑ How Devices and Driver Packages are Uninstalled
- ↑ Wikipedia: Plug and play
- ↑ Wikipedia: Legacy Plug and Play
- ↑ Microsoft Management Console
- ↑ Wikipedia: Windows service
- ↑ Wikipedia: Windows service
- ↑ Wikipedia: Windows service
- ↑ Windows Service : Setting Recovery Options
- ↑ Configure How a Service Is Started
- ↑ What's New for Managed Service Accounts
- ↑ View Service Dependencies
- ↑ Wikipedia: Certificate of authenticity
- ↑ Wikipedia: Denial-of-service attack
- ↑ Wikipedia: Digital rights management
- ↑ Wikipedia: Code signing
- ↑ Wikipedia: End-user license agreement
- ↑ Wikipedia: Exploit (computer security)
- ↑ Wikipedia: Interrupt request
- ↑ Wikipedia: Malware
- ↑ Wikipedia: Privilege escalation
- ↑ Wikipedia: Microsoft Product Activation
- ↑ Wikipedia: Volume license key
- ↑ Wikipedia: Windows Registry