- Event Id 1146 Failover Clustering Windows 2016
- Event Id 1146 Microsoft Windows Failover Clustering Tools 2017
- Event 1146 Microsoft-windows-failoverclustering
- Windows Failover Cluster Best Practices
Course Length: | 14 days |
Certifications: | MCSA: Windows 2016 Server MCSE: Core Infrastructure |
Number of Exams: | 4 |
Describes an issue is which SQL Server does not come online in Windows Failover Clustering. Provides a resolution. Event ID 17141 is logged when SQL Server does not come online in Windows Failover Clustering.
Log Name: Microsoft-Windows-FailoverClustering-Manager/Admin Source: Microsoft-Windows-FailoverClustering-Manager/Admin Event ID: 4694 Level: Warning Hyper-V management tools were not found on the system. Creation and management of virtual machines will be disabled in Failover Cluster Manager. Event ID 1282 — Node Membership in Cluster. Updated: November 25, 2009. Applies To: Windows Server 2008 R2. Failover cluster nodes must have the ability to start the Cluster service, form a cluster (when a given node starts but no other nodes are up) and join a cluster (when a given node starts and discovers that one or more nodes are already up). Nov 11, 2014 Failover is known to be less graceful in active-standby mode, and this is a known issue in a Windows Server 2012 environment that has LBFO teaming. Workaround Because the active-standby mode provides no benefits over the active-active mode, from the Microsoft Windows Clustering stand-point, we do not recommend an active-standby configuration. To open the failover cluster snap-in, click Start, click Administrative Tools, and then click Failover Cluster Management. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
| ||||||||||||
Prove your mastery of the primary set of Windows Server 2016 skills required to reduce IT costs and deliver more business value.
Earning an MCSA: Windows Server 2016 certification qualifies you for a position as a network or computer systems administrator or as a computer network specialist, and it is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).
OR take the 70-743 Exam to Upgrade from an existing MCSA: Windows Server 2008 or MCSA: Windows Server 2012.
Earning an MCSE: Core Infrastructure certification validates that you have the skills needed to run a highly efficient and modern data center, identity management, systems management, virtualization, storage, and networking.
Microsoft Course 20740
Exam 70-740: This course is designed primarily for IT professionals who have some experience with Windows Server. It is designed for professionals who will be responsible for managing storage and compute by using Windows Server 2016, and who need to understand the scenarios, requirements, and storage and compute options that are available and applicable to Windows Server 2016.
Audience profile
This course is intended for IT professionals who have some experiencing working with Windows Server, and who are looking for a single course that covers storage and compute technologies in Windows Server 2016. This course will help them update their knowledge and skills related to storage and compute for Windows Server 2016.
Candidates suitable for this course would be:
- Windows Server administrators who are relatively new to Windows Server administration and related technologies, and who want to learn more about the storage and compute features in Windows Server 2016.
- IT professionals with general IT knowledge, who are looking to gain knowledge about Windows Server, especially around storage and compute technologies in Windows Server 2016.
The secondary audience for this course are IT professionals looking to take the Microsoft 70-740 certification exam, Installation, Storage and Compute with Windows Server 2016.
At course completion
After completing this course, students will be able to:
- Prepare and install Nano Server, a Server Core installation, and plan a server upgrade and migration strategy.
- Describe the various storage options, including partition table formats, basic and dynamic disks, file systems, virtual hard disks, and drive hardware, and explain how to manage disks and volumes.
- Describe enterprise storage solutions, and select the appropriate solution for a given situation.
- Implement and manage Storage Spaces and Data Deduplication.
- Install and configure Microsoft Hyper-V.
- Deploy, configure, and manage Windows and Hyper-V containers.
- Describe the high availability and disaster recovery technologies in Windows Server 2016.
- Plan, create, and manage a failover cluster.
- Implement failover clustering for Hyper-V virtual machines.
- Configure a Network Load Balancing (NLB) cluster, and plan for an NLB implementation.
- Create and manage deployment images.
- Manage, monitor, and maintain virtual machine installations.
Prerequisites
Before attending this course, students must have:
- A basic understanding of networking fundamentals.
- An awareness and understanding of security best practices.
- An understanding of basic AD DS concepts.
- Basic knowledge of server hardware.
- Experience supporting and configuring Windows client operating systems such as Windows 8 or Windows 10.
Additionally, students would benefit from having some previous Windows Server operating system experience, such as experience as a Windows Server systems administrator.
Course Outline
Module 1: Installing, upgrading, and migrating servers and workloads
This module explains how to prepare and install Nano Server and Server Core. This module also explains how to upgrade and migrate server roles and workloads. Finally, this module explains how to choose an activation model based on your environment characteristics.
- Introducing Windows Server 2016
- Preparing and installing Nano Server and Server Core
- Preparing for upgrades and migrations
- Migrating server roles and workloads
- Windows Server activation models
After completing this module, students will be able to:
- Choose the appropriate version of the Windows Server operating system, and describe the installation options and new features of Windows Server 2016.
- Prepare and install Nano Server and Server Core.
- Consider whether an upgrade or migration is the best approach, and use tools to help determine upgrade or migration suitability.
- Migrate server roles and workloads within a domain and across domains or forests.
- Choose an activation model based on your environment characteristics.
Module 2: Configuring local storage
This module explains how to manage disks and volumes in Windows Server 2016.
- Managing disks in Windows Server 2016
- Managing volumes in Windows Server 2016
After completing this module, students will be able to:
- Manage disks in Windows Server 2016.
- Manage volumes in Windows Server 2016.
Module 3: Implementing enterprise storage solutions
This module describes the direct-attached storage (DAS), network-attached storage (NAS), and storage area networks (SANs). It also helps you understand Microsoft Internet Storage Name Service (iSNS) Server, data center bridging, and Multipath I/O (MPIO). Additionally, this module also compares Fibre Channel, Internet Small Computer System Interface (iSCSI), and Fibre Channel Over Ethernet (FCoE), and describes how to configure sharing in Windows Server 2016.
Event Id 1146 Failover Clustering Windows 2016
- Overview of direct-attached storage, network-attached storage, and storage area networks
- Comparing Fibre Channel, iSCSI, and FCoE
- Understanding iSNS, data centre bridging, and MPIO
- Configuring sharing in Windows Server 2016
After completing this module, students will be able to:
- Describe DAS, NAS, and SANs, and the usage scenarios for each topology.
- Compare Fibre Channel, FCoE, an iSCSI target and initiator.Describe iSNS, MPIO, data center bridging, and Windows Storage Server 2016 (two versions-Workgroup and Standard).
- Configure server message block (SMB) and network file system (NFS) shares by using Server Manager and Windows PowerShell.
Module 4: Implementing Storage Spaces and Data Deduplication
This module explains how to implement and manage Storage Spaces. This module also explains how to implement Data Deduplication.
- Implementing Storage Spaces
- Managing Storage Spaces
- Implementing Data Deduplication
After completing this module, students will be able to:
- Implement Storage Spaces as an enterprise storage solution.
- Manage Storage Spaces by using Server Manager and Windows PowerShell.
- Implement Data Deduplication.
Module 5: Installing and configuring Hyper-V and virtual machines
This module provides an overview of Hyper-V. This module also explains how to configure, manage, and install Hyper-V. Creo 3.0 free download.
- Overview of Hyper-V
- Installing Hyper-V
- Configuring storage on Hyper-V host servers
- Configuring networking on Hyper-V host servers
- Configuring Hyper-V virtual machines
- Managing Hyper-V virtual machines
After completing this module, students will be able to:
- Describe Hyper-V and virtualization.
- Prepare to install the Hyper-V role.
- Configure storage on Hyper-V host servers.
- Configure networking on Hyper-V host servers.
- Configure Hyper-V virtual machines.
- Move virtual machines from one host to another host, using PowerShell Direct to manage a virtual machine, and manage miscellaneous virtual machine settings.
Module 6: Deploying and managing Windows Server and Hyper-V containers
This module provides and overview of containers in Windows Server 2016. It also explains how to deploy, install, configure, and manage containers in Windows Server 2016.
- Overview of containers in Windows Server 2016
- Deploying Windows Server and Hyper-V containers
- Installing, configuring, and managing containers
After completing this module, students will be able to:
- Explain the purpose of Windows Server and Hyper-V containers.
- Deploy and manage Windows Server and Hyper-V containers.
- Install, configure, and manage containers.
Module 7: Overview of high availability and disaster recovery
This module provides an overview of high availability, business continuity, and disaster recovery. It further explains how to plan high availability and disaster recovery solutions. Additionally, in this module you will know how to back up and restore the Windows Server 2016 operating system and data by using Windows Server Backup. Finally, you will learn about Windows Server 2016 high availability with failover clustering.
- Defining levels of availability
- Planning high availability and disaster recovery solutions with Hyper-V virtual machines
- Backing up and restoring the Windows Server 2016 operating system and data by using Windows Server B
- High availability with failover clustering in Windows Server 2016
After completing this module, students will be able to:
- Describe high availability, business continuity, and disaster recovery.
- Plan for high availability and disaster recovery solutions with Hyper-V virtual machines.
- Back up and restore Hyper-V hosts, virtual machines, Active Directory Domain Services (AD DS), and file and web servers by using Windows Server Backup.
- Describe Windows Server 2016 high availability with failover clustering.
Module 8: Implementing and managing failover clustering
This module explains how to plan, create, configure, maintain, and troubleshoot a failover cluster. This module also explains how to implement site high availability with stretch clustering.
- Planning a failover cluster
- Creating and configuring a new failover cluster
- Maintaining a failover cluster
- Troubleshooting a failover cluster
- Implementing site high availability with stretch clustering
After completing this module, students will be able to:
- Describe the requirements and infrastructure considerations for a failover cluster.
- Create and configure a new failover cluster.
- Monitor and maintain failover clusters.
- Troubleshoot failover clusters by using various tools such as Performance Monitor, Event Viewer, and Windows PowerShell.
- Configure and implement a stretch cluster.
Module 9: Implementing failover clustering for Hyper-V virtual machines
This module describes integrating Hyper-V virtual machines in a clustered environment. It also explains how to implement and maintain Hyper-V virtual machines on failover clusters. Additionally, this module also explains how to configure network health protection.
- Overview of integrating Hyper-V in Windows Server 2016 with failover clustering
- Implementing and maintaining Hyper-V virtual machines on failover clusters
- Key features for virtual machines in a clustered environment
After completing this module, students will be able to:
- Explain the integration of Hyper-V in Windows Server 2016 with failover clustering.
- Implement and maintain Hyper-V virtual machines on failover clusters.
- Describe and configure network health protection.
Module 10: Implementing Network Load Balancing
This module provides an overview of NLB clusters. It also explains how to plan and configure an NLB cluster implementation.
- Overview of NLB clusters
- Configuring an NLB cluster
- Planning an NLB implementation
After completing this module, students will be able to:
- Describe NLB and how it works.
- Configure an NLB cluster.
- Describe the considerations for implementing NLB.
Module 11: Creating and managing deployment images
This module provides an introduction to deployment images. It also explains how to create and manage deployment images by using the Microsoft Deployment Toolkit (MDT). Additionally, it explains how to evaluate an organization's requirements for server virtualization.
- Introduction to deployment images
- Creating and managing deployment images by using MDT
- Virtual machine environments for different workloads
After completing this module, students will be able to:
- Explain the purpose of deployment images and the tools that you use to deploy and maintain them.
- Implement and manage deployment images by using MDT.
- Evaluate their organization's requirements for server virtualization.
Module 12: Managing, monitoring, and maintaining virtual machine installations
This module provides an overview on WSUS and explains the deployment options. It explains how to update management process with WSUS and also how to use Performance Monitor. Additionally, this module also provides an overview of PowerShell Desired State Configuration (DSC) and Windows Server 2016 monitoring tools. Finally, this module describes how to use Performance Monitor and monitor Event Logs.
- WSUS overview and deployment options
- Update management process with WSUS
- Overview of PowerShell DSC
- Overview of Windows Server 2016 monitoring tools
- Using Performance Monitor
- Monitoring Event Logs
After completing this module, students will be able to:
- Describe the purpose of Windows Server Update Services (WSUS) and the requirements to implement WSUS.
- Manage the update process with WSUS.
- Describe the purpose and benefits of PowerShell DSC.
- Describe the monitoring tools available in Windows Server 2016.
- Describe how to use Performance Monitor.
- Describe how to manage event logs.
Microsoft Course 20741
Exam 70-741: This course provides the fundamental networking skills required to deploy and support Windows Server 2016 in most organizations. It covers IP fundamentals, remote access technologies, and more advanced content including software defined networking.
Audience profile
This course is intended for existing IT professionals who have some networking knowledge and experience and are looking for a single course that provides insight into core and advanced networking technologies in Windows Server 2016. This audience would typically include:
- Network administrators who are looking to reinforce existing skills and learn about new networking technology changes and functionality in Windows Server 2016.
- System or Infrastructure Administrators with general networking knowledge who are looking to gain core and advanced networking knowledge and skills on Windows Server 2016.
The secondary audience for this course is those IT professionals who are looking to take the MCSA 70-741: Networking with Windows Server 2016 exam.
At course completion
After completing this course, students will be able to:
- Plan and implement an IPv4 network.
- Implement Dynamic Host Configuration Protocol (DHCP).
- Implement IPv6.
- Implement Domain Name System (DNS).
- Implement and manage IP address management (IPAM).
- Plan for remote access.
- Implement DirectAccess.
- Implement virtual private networks (VPNs).
- Implement networking for branch offices.
- Configure advanced networking features.
- Implement software defined networking.
Prerequisites
In addition to professional experience, students who attend this training should already have the following technical knowledge:
- Experience working with Windows Server 2008 or Windows Server 2012
- Experience working in a Windows Server infrastructure enterprise environment
- Knowledge of the Open Systems Interconnection (OSI) model
- Understanding of core networking infrastructure components and technologies such as cabling, routers, hubs, and switches
- Familiarity with networking topologies and architectures such as local area networks (LANs), wide area networks (WANs) and wireless networking
- Some basic knowledge of the TCP/IP protocol stack, addressing and name resolution
- Experience with and knowledge of Hyper-V and virtualization
- Hands-on experience working with the Windows client operating systems such as Windows 8.1 or Windows 10
Course Outline
Module 1: Planning and implementing an IPv4 network
This module explains how to plan and implement an IPv4 addressing scheme to support organizational needs. This module also explains how to use fundamental networking tools and techniques to configure and troubleshoot IPv4-based networks.
- Planning IPv4 addressing
- Configuring an IPv4 host
- Managing and troubleshooting IPv4 network connectivity
After completing this module, students will be able to:
- Plan IPv4 addressing.
- Configure an IPv4 host.
- Manage and troubleshoot IPv4 network connectivity.
Module 2: Implementing DHCP
This module explains how to plan and implement DHCP to support the IPv4 infrastructure.
- Overview of the DHCP server role
- Deploying DHCP
- Managing and troubleshooting DHCP
After completing this module, students will be able to:
- Explain the DHCP server role.
- Deploy DHCP.
- Manage and troubleshoot DHCP.
Module 3: Implementing IPv6
This module explains how to implement IPv6, and how to integrate IPv6 and IPv4 networks.
- Overview of IPv6 addressing
- Configuring an IPv6 host
- Implementing IPv6 and IPv4 coexistence
- Transitioning from IPv4 to IPv6
After completing this module, students will be able to:
- Describe the features and benefits of IPv6.
- Configure an IPv6 host.
- Implement the coexistence between IPv4 and IPv6 networks.
- Transition from an IPv4 network to an IPv6 network.
Module 4: Implementing DNS
This module explains how to install, configure, and troubleshoot DNS within the organization's network.
- Implementing DNS servers
- Configuring zones in DNS
- Configuring name resolution between DNS zones
- Configuring DNS integration with Active Directory Domain Services (AD DS)
- Configuring advanced DNS settings
After completing this module, students will be able to:
- Implement DNS servers.
- Configure zones in DNS.
- Configure name resolution between DNS zones.
- Configure DNS integration with AD DS.
- Configure advanced DNS settings.
Module 5: Implementing and managing IPAM
This module explains how to implement and manage the IPAM feature in Windows Server 2016. This module also explains how to use IPAM to manage services such as DHCP and DNS.
- IPAM overview
- Deploying IPAM
- Managing IP address spaces by using IPAM
After completing this module, students will be able to:
- Describe IPAM functionality and components.
- Deploy IPAM.
- Manage IP address spaces by using IPAM.
Module 6: Remote access in Windows Server 2016
This module explains how to plan for remote access in Windows Server 2016 and how to implement Web Application Proxy.
- Remote access overview
- Implementing Web Application Proxy
After completing this module, students will be able to:
- Describe remote access.
- Implement Web Application Proxy.
Module 7: Implementing DirectAccess
This module explains how to implement and manage DirectAccess in Windows Server 2016.
- Overview of DirectAccess
- Implementing DirectAccess by using the Getting Started Wizard
- Implementing and managing an advanced DirectAccess infrastructure
After completing this module, students will be able to:
- Explain DirectAccess and how it works.
- Implement DirectAccess by using the Getting Started Wizard.
- Implement and manage an advanced DirectAccess infrastructure.
Module 8: Implementing VPNs
This module explains how to implement and manage remote access in Windows Server 2016 by using VPNs.
- Planning VPNs
- Implementing VPNs
After completing this module, students will be able to:
- Plan for VPNs.
- Implement VPNs.
Module 9: Implementing networking for branch offices
This module explains how to implement network services for branch offices.
- Networking features and considerations for branch offices
- Implementing Distributed File System (DFS) for branch offices
- Implementing BranchCache for branch offices
After completing this module, students will be able to:
- Describe the networking features and considerations for branch offices.
- Implement DFS for branch offices.
- Implement BranchCache for branch offices.
Module 10: Configuring advanced networking features
This module explains how to implement an advanced networking infrastructure.
- Overview of high performance networking features
- Configuring advanced Hyper-V networking features
Event Id 1146 Microsoft Windows Failover Clustering Tools 2017
After completing this module, students will be able to:
- Describe high performance networking features.
- Configure advanced Hyper-V networking features.
Module 11: Implementing software defined networking
This module explains how to implement software defined networking.
- Overview of software defined networking
- Implementing network virtualization
- Implementing Network Controller
After completing this module, students will be able to:
- Describe software defined networking.
- Implement network virtualization.
- Implement Network Controller.
Microsoft Course 20742
Exam 70-742: This course teaches IT Pros how to deploy and configure Active Directory Domain Services (AD DS) in a distributed environment, how to implement Group Policy, how to perform backup and restore, and how to monitor and troubleshoot Active Directory-related issues with Windows Server 2016. Additionally, this course teaches how to deploy other Active Directory server roles such as Active Directory Federation Services (AD FS) and Active Directory Certificate Services (AD CS).
Audience profile
This course is primarily intended for existing IT professionals who have some AD DS knowledge and experience and who aim to develop knowledge about identity and access technologies in Windows Server 2016. This would typically include:
- AD DS administrators who are looking to train in identity and access technologies with Windows Server 2012 or Windows Server 2016.
- System or infrastructure administrators with general AD DS experience and knowledge who are looking to cross-train in core and advanced identity and access technologies in Windows Server 2012 or Windows Server 2016.
The secondary audience for this course includes IT professionals who are looking to consolidate their knowledge about AD DS and related technologies, in addition to IT professionals who want to prepare for the 70-742 exam.
At course completion
After completing this course, students will be able to:
- Install and configure domain controllers.
- Manage objects in AD DS by using graphical tools and Windows PowerShell.
- Implement AD DS in complex environments.
- Implement AD DS sites, and configure and manage replication.
- Implement and manage Group Policy Objects (GPOs).
- Manage user settings by using GPOs.
- Secure AD DS and user accounts.
- Implement and manage a certificate authority (CA) hierarchy with AD CS.
- Deploy and manage certificates.
- Implement and administer AD FS.
- Implement and administer Active Directory Rights Management Services (AD RMS).
- Implement synchronization between AD DS and Azure AD.
- Monitor, troubleshoot, and establish business continuity for AD DS services.
Prerequisites
Before attending this course, students must have:
- Some exposure to and experience with AD DS concepts and technologies in Windows Server 2012 or Windows Server 2016.
- Experience working with and configuring Windows Server 2012 or Windows Server 2016
- Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP).
- Experience working with and an understanding of Microsoft Hyper-V and basic server virtualization concepts.
- An awareness of basic security best practices.
- Hands-on working experience with Windows client operating systems such as Windows 7, Windows 8, Windows 8.1, or Windows 10.
- Basic experience with the Windows PowerShell command-line interface.
Course Outline
Module 1: Installing and configuring DCs
This module describes features of AD DS and how to install domain controllers (DCs). It also covers the considerations for deploying DCs.
- Overview of AD DS
- Overview of AD DS DCs
- Deploying DCs
After completing this module, students will be able to:
- Describe AD DS and its main components.
- Describe the purpose of DCs and the roles that a DC can hold.
- Describe the considerations for deploying DCs.
Module 2: Managing objects in AD DS
This module describes how to use various techniques to manage objects in AD DS. This includes creating and configuring user, group, and computer objects.
- Managing user accounts
- Managing groups in AD DS
- Managing computer accounts
- Using Windows PowerShell for AD DS administration
- Implementing and managing organizational units
After completing this module, students will be able to:
- Describe and perform various techniques to manage user accounts.
- Manage groups in AD DS.
- Manage computers in AD DS.
- Use Windows PowerShell to manage AD DS more efficiently.
- Delegate permission to perform AD DS administration.
Module 3: Advanced AD DS infrastructure management
This module describes how to plan and implement an AD DS deployment that includes multiple domains and forests. The module provides an overview of the components in an advanced AD DS deployment, the process of implementing a distributed AD DS environment, and the procedure for configuring AD DS trusts.
- Overview of advanced AD DS deployments
- Deploying a distributed AD DS environment
- Configuring AD DS trusts
Wowza streaming engine keygen. After completing this module, students will be able to:
- Describe the components of an advanced AD DS deployment.
- Implement a distributed AD DS environment.
- Configure AD DS trusts.
Module 4: Implementing and administering AD DS sites and replication
This module describes how to plan and implement an AD DS deployment that includes multiple locations. The module explains how replication works in a Windows Server 2016 AD DS environment.
- Overview of AD DS replication
- Configuring AD DS sites
- Configuring and monitoring AD DS replication
After completing this module, students will be able to:
- Describe how replication works in a Windows Server 2012 AD DS environment.
- Configure AD DS sites to optimize AD DS network traffic.
- Configure and monitor AD DS replication.
Module 5: Implementing Group Policy
This module describes how to implement a GPO infrastructure. The module provides an overview of the components and technologies that compose the Group Policy framework.
- Introducing Group Policy
- Implementing and administering GPOs
- Group Policy scope and Group Policy processing
- Troubleshooting the application of GPOs
After completing this module, students will be able to:
- Describe the components and technologies that compose the Group Policy framework.
- Configure and understand a variety of policy setting types.
- Scope GPOs by using links, security groups, Windows Management Instrumentation (WMI) filters, loopback processing, and preference targeting.
- Troubleshoot the application of GPOs.
Module 6: Managing user settings with GPOs
This module describes how to configure Group Policy settings and Group Policy preferences. This includes implementing administrative templates, configuring folder redirection and scripts, and configuring Group Policy preferences. How to tomato hacked client.
- Implementing administrative templates
- Configuring Folder Redirection and scripts
- Configuring Group Policy preferences
After completing this module, students will be able to:
- Describe administrative templates.
- Configure Folder Redirection and scripts.
- Configure GPO preferences.
Module 7: Securing AD DS
This module describes how to configure domain controller security, account security, password security, and Group Managed Service Accounts (gMSA).
- Securing domain controllers
- Implementing account security
- Audit authentication
- Configuring managed service accounts (MSAs)
After completing this module, students will be able to:
- Secure domain controllers.
- Implement password and lockout policies.
- Configure authentication auditing and examine the resulting audit log.
- Configure gMSAs.
Module 8: Deploying and managing AD CS
This module describes how to implement an AD CS deployment. This includes deploying, administering, and troubleshooting CAs.
- Deploying CAs
- Administering CAs
- Troubleshooting and maintaining CAs
After completing this module, students will be able to:
- Plan and implement an AD CS CA infrastructure.
- Administer CAs.
- Troubleshoot and maintain CAs.
Module 9: Deploying and managing certificates
This module describes how to deploy and manage certificates in an AD DS environment. This involves deploying and managing certificate templates, managing certificate revocation and recovery, using certificates in a business environment, and implementing smart cards.
- Deploying and managing certificate templates
- Managing certificate deployment, revocation, and recovery
- Using certificates in a business environment
- Implementing and managing smart cards
After completing this module, students will be able to:
- Plan and implement a certificate template deployment by using an AD CS CA.
- Describe and perform certificate enrollment, revocation, and recovery.
- Describe and use certificates in business environments.
- Describe how to use certificates with smart cards.
Module 10: Implementing and administering AD FS
This module describes AD FS and how to configure AD FS in a single-organization scenario and in a partner-organization scenario.
- Overview of AD FS
- AD FS requirements and planning
- Deploying and configuring AD FS
- Overview of Web Application Proxy
After completing this module, students will be able to:
- Describe identity federation business scenarios and how AD FS can address them.
- Configure AD FS prerequisites and plan AD FS services.
- Implement AD FS to enable single sign-on (SSO) in various scenarios.
- Describe Web Application Proxy.
Module 11: Implementing and administering AD RMS
This module describes how to implement an AD RMS deployment. The module provides an overview of AD RMS, explains how to deploy and manage an AD RMS infrastructure, and explains how to configure AD RMS content protection.
- Overview of AD RMS
- Deploying and managing an AD RMS infrastructure
- Configuring AD RMS content protection
After completing this module, students will be able to:
- Describe AD RMS and how it can help protect content.
- Deploy and manage an AD RMS infrastructure.
- Configure content protection by using AD RMS.
Module 12: Implementing AD DS synchronization with Azure AD
This module describes how to plan and configure directory syncing between Microsoft Azure Active Directory (Azure AD) and on-premises AD DS. The modules describes various sync scenarios, such as Azure AD sync, AD FS and Azure AD, and Azure AD Connect.
- Planning and preparing for directory synchronization
- Implementing directory synchronization by using Azure AD Connect
- Managing identities with directory synchronization
After completing this module, students will be able to:
- Plan and prepare for the deployment of directory synchronization.
- Configure directory synchronization by using Azure AD Connect.
- Manage identities after deploying directory synchronization.
Module 13: Monitoring, managing, and recovering AD DS
This module describes how to monitor, manage, and maintain AD DS to help achieve high availability of AD DS.
- Monitoring AD DS
- Managing the AD DS database
- Recovering AD DS objects
After completing this module, students will be able to:
- Monitor AD DS.
- Manage the AD DS database.
- Perform AD DS backup and restore operations, and to recover deleted objects from AD DS.
Microsoft Course 20744
Exam 70-744: This course teaches IT professionals how they can enhance the security of the IT infrastructure that they administer. This course begins by emphasizing the importance of assuming that network breaches have occurred already, and then teaches you how to protect administrative credentials and rights to help ensure that administrators can perform only the tasks that they need to, when they need to.
This course explains how you can use auditing and the Advanced Threat Analysis feature in Windows Server 2016 to identify security issues. You will also learn how to mitigate malware threats, secure your virtualization platform, and use deployment options such as Nano server and containers to enhance security. The course also explains how you can help protect access to files by using encryption and dynamic access control, and how you can enhance your network's security.
Audience profile
This course is for IT professionals who need to securely administer Windows Server 2016 networks. These professionals typically work with networks that are configured as Windows Server domain-based environments, with managed access to the internet and cloud services.
Students who seek certification in the 70-744 Securing Windows server exam also will benefit from this course.
At course completion
After completing this course, students will be able to:
- Secure Windows Server.
- Protect credentials and implement privileged access workstations.
- Limit administrator rights with Just Enough Administration.
- Manage privileged access.
- Mitigate malware and threats.
- Analyze activity with advanced auditing and log analytics.
- Deploy and configure Advanced Threat Analytics and Microsoft Operations Management Suite.
- Configure Guarded Fabric virtual machines (VMs).
- Use the Security Compliance Toolkit (SCT) and containers to improve security.
- Plan and protect data.
- Optimize and secure file services.
- Secure network traffic with firewalls and encryption.
- Secure network traffic by using DNSSEC and Message Analyzer.
Prerequisites
Students should have at least two years of experience in the IT field and should have:
- Completed courses 740, 741, and 742, or the equivalent.
- A solid, practical understanding of networking fundamentals, including TCP/IP, User Datagram Protocol (UDP), and Domain Name System (DNS).
- A solid, practical understanding of Active Directory Domain Services (AD DS) principles.
- A solid, practical understanding of Microsoft Hyper-V virtualization fundamentals.
- An understanding of Windows Server security principles.
Course Outline
Module 1: Attacks, breach detection, and Sysinternals tools
This module frames the course so that students are thinking about security in environments where the infrastructure's basis is predominantly Microsoft products. The module begins with teaching students about the 'assume breach' philosophy and getting them to understand the different types of attacks that can occur, including attack timelines and vectors. Additionally, it gets students thinking about key resources, how they respond when they detect an incident, and how an organization's direct needs and legislative requirements dictate its security policy.
- Understanding attacks
- Detecting security breaches
- Examining activity with the Sysinternals tools
After completing this module, students will be able to:
- Describe the types of attacks that can occur.
- Explain how to detect security breaches.
- Explain how to examine activity by using the Sysinternals suite of tools.
Module 2: Protecting credentials and privileged access
This module covers user accounts and rights, computer and service accounts, credentials, Privileged Access Workstations, and the Local Administrator Password Solution. In this module, students will learn about configuring user rights and security options, protecting credentials by using Credential Guard, implementing Privileged Access Workstations, and managing and deploying Local Administrator Password Solution to manage local administrator account passwords.
- Understanding user rights
- Computer and service accounts
- Protecting credentials
- Privileged Access Workstations and jump servers
- Local administrator password solution
After completing this module, students will be able to:
- Configure user rights.
- Implement computer and service accounts.
- Protect credentials.
- Describe how to configure Privileged Access Workstations and jump servers.
- Configure the Local Administrator Password Solution (LAPS).
Module 3: Limiting administrator rights with Just Enough Administration
This module explains how to deploy and configure Just Enough Administration (JEA), which is an administrative technology that allows students to apply role-based access control (RBAC) principles through Windows PowerShell remote sessions.
- Understanding JEA
- Verifying and deploying JEA
After completing this module, students will be able to:
- Understand JEA.
- Verify and deploy JEA.
Module 4: Privileged access management and administrative forests
This module explains the concepts of Enhanced Security Administrative Environment (ESAE) forests, Microsoft Identity Manager (MIM), and Just In Time (JIT) Administration, or Privileged Access Management (PAM).
- ESAE forests
- Overview of Microsoft Identity Manager
- Overview of JIT administration and PAM
After completing this module, students will be able to:
- Describe ESAE forests.
- Describe MIM.
- Understand JIT administration and PAM.
Module 5: Mitigating malware and threats
This module explains how to use tools such as Windows Defender, Windows AppLocker, Microsoft Device Guard, Windows Defender Application Guard, and Windows Defender Exploit Guard.
- Configuring and managing Windows Defender
- Restricting software
- Configuring and using the Device Guard feature
After completing this module, students will be able to:
Event 1146 Microsoft-windows-failoverclustering
- Configure and manage Windows Defender.
- Use software restriction policies and AppLocker.
- Configure and use the Device Guard feature.
Module 6: Analyzing activity with advanced auditing and log analytics
This module provides an overview of auditing, and then goes into detail about how to configure advanced auditing and Windows PowerShell auditing and logging.
- Overview of auditing
- Advanced auditing
- Windows PowerShell auditing and logging
After completing this module, students will be able to:
- Describe auditing.
- Understand advanced auditing.
- Configure Windows PowerShell auditing and logging.
Module 7: Deploying and configuring Advanced Threat Analytics and Microsoft Operations Management Suite
This module explains the Microsoft Advanced Threat Analytics tool and the Microsoft Operations Management suite (OMS). It also explains how you can use them to monitor and analyse the security of a Windows Server deployment. You will also learn about Microsoft Azure Security Center, which allows you to manage and monitor the security configuration of workloads both on-premises and in the cloud.
- Deploying and configuring ATA
- Deploying and configuring Microsoft Operations Management Suite
- Deploying and configuring Azure Security Center
After completing this module, students will be able to:
- Deploy and configure ATA.
- Deploy and configure Microsoft Operations Management Suite.
- Deploy and configure Azure Security Center.
Module 8: Secure Virtualization Infrastructure
This module explains how to configure Guarded Fabric VMs, including the requirements for shielded and encryption-supported VMs.
- Guarded fabric
- Shielded and encryption-supported virtual machines
After completing this module, students will be able to:
- Configure the guarded fabric.
- Describe shielded and encryption-supported VMs.
Module 9: Securing application development and server-workload infrastructure
This module describes the SCT, which is a free, downloadable set of tools that you can use to create and apply security settings. You will also learn about improving platform security by reducing the size and scope of application and compute resources by containerizing workloads.
- Using SCT
- Understanding containers
After completing this module, students will be able to:
- Install SCT, and create and deploy security baselines.
- Configure Windows and Hyper-V containers in Windows Server 2016.
Module 10: Planning and protecting data
This module explains how to configure Encrypting File System (EFS) and BitLocker drive encryption to protect data at rest. You will also learn about extending protection into the cloud by using Azure Information Protection.
- Planning and implementing encryption
- Planning and implementing BitLocker
- Protecting data by using Azure Information Protection
After completing this module, students will be able to:
- Plan and implement encryption.
- Plan and implement BitLocker.
- Plan and implement Azure Information Protection.
Module 11: Optimizing and securing file services
This module explains how to optimize file services by configuring File Server Resource Manager (FSRM) and Distributed File System (DFS). Students also will learn how to manage access to shared files by configuring Dynamic Access Control (DAC).
- File Server Resource Manager
- Implementing classification and file management tasks
- Dynamic Access Control
After completing this module, students will be able to:
- Describe File Server Resource Manager.
- Implement classification and file management tasks.
- Implement Dynamic Access Control.
Module 12: Securing network traffic with firewalls and encryption
This module explains how you can use Windows Firewall as an important part of an organization's protection strategy. It explains the use of Internet Protocol security (IPsec) to encrypt network traffic and to establish security zones on your network. You will also learn about the Datacenter Firewall feature that you can use to help protect your on-premises virtual environments.
- Understanding network-related security threats
- Understanding Windows Firewall with Advanced Security
- Configuring IPsec
- Datacenter Firewall
After completing this module, students will be able to:
- Describe network-related security threats and how to mitigate them.
- Configure Windows Firewall with Advanced Security.
- Configure IPsec.
- Describe Datacenter Firewall.
Module 13: Securing network traffic
This module explores some of the Windows Server 2016 technologies that you can use to help mitigate network-security threats. It explains how you can configure DNSSEC to help protect network traffic, and use Microsoft Message Analyzer to monitor network traffic. The module also describes how to secure Server Message Block (SMB) traffic.
- Configuring advanced DNS settings
- Examining network traffic with Message Analyzer
- Securing and analyzing SMB traffic
After completing this module, students will be able to:
- Configure advanced DNS settings.
- Use the Message Analyzer.
- Secure SMB traffic.
MCSEClasses.com is your best choice for MCSA Windows Server 2016, MCSA Windows Server 2016 training, MCSA Windows Server 2016 certification, MCSA Windows Server 2016 certification boot camp, MCSA Windows Server 2016 boot camp, MCSA Windows Server 2016 certification training, MCSA Windows Server 2016 boot camp training, MCSA Windows Server 2016 boot camp certification, MCSA Windows Server 2016 certification course, MCSA Windows Server 2016 course, training MCSA Windows Server 2016, certification MCSA Windows Server 2016, boot camp MCSA Windows Server 2016, certification MCSA Windows Server 2016 boot camp, certification MCSA Windows Server 2016 training, boot camp MCSA Windows Server 2016 training, certification MCSA Windows Server 2016 course.
-->Applies to: Windows Server 2019, Windows Server 2016, Windows Server
Windows Error Reporting (WER) is a flexible event-based feedback infrastructure designed to help advanced administrators or Tier 3 support gather information about the hardware and software problems that Windows can detect, report the information to Microsoft, and provide users with any available solutions. This reference provides descriptions and syntax for all WindowsErrorReporting cmdlets.
The information on troubleshooting presented below will be helpful for troubleshooting advanced issues that have been escalated and that may require data to be sent to Microsoft for triaging.
Enabling event channels
When Windows Server is installed, many event channels are enabled by default. But sometimes when diagnosing an issue, we want to be able to enable some of these event channels since it will help in triaging and diagnosing system issues.
You could enable additional event channels on each server node in your cluster as needed; however, this approach presents two problems:
- You have to remember to enable the same event channels on every new server node that you add to your cluster.
- When diagnosing, it can be tedious to enable specific event channels, reproduce the error, and repeat this process until you root cause.
To avoid these issues, you can enable event channels on cluster startup. The list of enabled event channels on your cluster can be configured using the public property EnabledEventLogs. By default, the following event channels are enabled:
Here's an example of the output:
The EnabledEventLogs property is a multistring, where each string is in the form: channel-name, log-level, keyword-mask. The keyword-mask can be a hexadecimal (prefix 0x), octal (prefix 0), or decimal number (no prefix) number. For instance, to add a new event channel to the list and to configure both log-level and keyword-mask you can run:
If you want to set the log-level but keep the keyword-mask at its default value, you can use either of the following commands:
If you want to keep the log-level at its default value, but set the keyword-mask you can run the following command:
If you want to keep both the log-level and the keyword-mask at their default values, you can run any of the following commands:
These event channels will be enabled on every cluster node when the cluster service starts or whenever the EnabledEventLogs property is changed.
Gathering Logs
After you have enabled event channels, you can use the DumpLogQuery to gather logs. The public resource type property DumpLogQuery is a mutistring value. Each string is an XPATH query as described here.
When troubleshooting, if you need to collect additional event channels, you can a modify the DumpLogQuery property by adding additional queries or modifying the list.
To do this, first test your XPATH query using the get-WinEvent PowerShell cmdlet:
Next, append your query to the DumpLogQuery property of the resource:
And if you want to get a list of queries to use, run:
Gathering Windows Error Reporting reports
Windows Error Reporting Reports are stored in %ProgramData%MicrosoftWindowsWER
Windows Failover Cluster Best Practices
Inside the WER folder, the ReportsQueue folder contains reports that are waiting to be uploaded to Watson.
Here's an example of the output:
Inside the WER folder, the ReportsArchive folder contains reports that have already been uploaded to Watson. Data in these reports is deleted, but the Report.wer file persists.
Here's an example of the output:
Windows Error Reporting provides many settings to customize the problem reporting experience. For further information, please refer to the Windows Error Reporting documentation.
Troubleshooting using Windows Error Reporting reports
Physical disk failed to come online
To diagnose this issue, navigate to the WER report folder:
Here's an example of the output:
Next, start triaging from the Report.wer file — this will tell you what failed.
Since the resource failed to come online, no dumps were collected, but the Windows Error Reporting report did collect logs. If you open all .evtx files using Microsoft Message Analyzer, you will see all of the information that was collected using the following queries through the system channel, application channel, failover cluster diagnostic channels, and a few other generic channels.
Here's an example of the output:
Message Analyzer enables you to capture, display, and analyze protocol messaging traffic. It also lets you trace and assess system events and other messages from Windows components. You can download Microsoft Message Analyzer from here. When you load the logs into Message Analyzer, you will see the following providers and messages from the log channels.
You can also group by providers to get the following view:
To identify why the disk failed, navigate to the events under FailoverClustering/Diagnostic and FailoverClustering/DiagnosticVerbose. Then run the following query: EventLog.EventData['LogString'] contains 'Cluster Disk 10'. This will give you give you the following output:
Physical disk timed out
To diagnose this issue, navigate to the WER report folder. The folder contains log files and dump files for RHS, clussvc.exe, and of the process that hosts the 'smphost' service, as shown below:
Here's an example of the output:
Next, start triaging from the Report.wer file — this will tell you what call or resource is hanging.
The list of services and processes that we collect in a dump is controlled by the following property: PS C:Windowssystem32> (Get-ClusterResourceType -Name 'Physical Disk').DumpServicesSmphost
To identify why the hang happened, open the dum files. Then run the following query: EventLog.EventData['LogString'] contains 'Cluster Disk 10' This will give you give you the following output:
We can cross-examine this with the thread from the memory.hdmp file: