Mastering Windows Server 2019, Third Edition E-Book

Mastering Windows Server 2019

Third Edition

The complete guide for system administrators to install, manage, and deploy new capabilities with Windows Server 2019

Jordan Krause

BIRMINGHAM - MUMBAI

Mastering Windows Server 2019

Third Edition

Copyright © 2021 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Producers: Caitlin Meadows, Suman Sen

Acquisition Editor – Peer Reviews: Saby D'silva

Project Editor: Rianna Rodrigues

Content Development Editors: Bhavesh Amin

Copy Editor: Safis Editing

Technical Editor: Karan Sonawane

Proofreader: Safis Editing

Indexer: Manju Arasan

Presentation Designer: Ganesh Bhadwalkar

First published: October 2016

Second edition: March 2019

Third edition: July 2021

Production reference: 2280721

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham B3 2PB, UK.

ISBN 978-1-80107-831-3

www.packt.com

Contributors

About the author

Jordan Krause is an IT professional of more than 20 years and has received 9 Microsoft MVP awards for his work with Microsoft server and networking technologies. One of the world's first experts on Microsoft DirectAccess, he has a passion for helping companies find the best ways to enable a remote workforce. Committed to continuous learning, Jordan holds certifications as an MCSE, MCSA, and MCITP Enterprise Administrator and has authored numerous books on Microsoft technologies. Jordan lives in beautiful West Michigan (USA) but works daily with companies around the world.

I would never have the capacity, focus, or drive to work on a writing project like this without the support of my wonderful wife. Thank you for being by my side for all of those 5:00am starts, Laura!

About the reviewer

Luka Manojlović works as an external consultant, architect, and implementer for IT infrastructure solutions. With more than 20 years of experience in storage, networking, virtualization, and servers, Luka still enthusiastically approaches challenges and projects he works on.

First of all, I would like to thank the author, Jordan Krause. It was a pleasure to read the book as it was written. I think it will help the reader to better understand the magical world of Windows Server technologies. I would also like to thank the staff at Packt for their great collaboration.

We'd also like to thank Aaron Guilmette and Dishan Francis for their feedback on Chapter 3, Active Directory.

Preface

The world is changing. When my wife and I had our first child, I remember numerous people telling us all about how quickly life would fly past now. This is one of those things that everyone hears, but nobody believes until they suddenly realize it has been 5…10…20 years and suddenly we're looking back wondering, "Where did it go?"

So it is with technology. Computers are ever-changing, ever-improving. My first computer at my first IT job was running Windows 98. Some of you reading this have likely never heard of Windows 98, because you weren't born yet. Ouch.

Entering the technology workforce today is very different than it was back then. Nowadays you're often expected to know everything there is to know about current on-premises infrastructures such as Windows 10, Windows Server 2019, switching and routing, and firewalls, and even have a pretty good bearing on security risks, prevention, and remediation. In addition to current systems, it is extremely helpful to know and have experience with previous versions of these technologies so that you aren't completely lost when you encounter one for the first time. Tack on to that all the quickly escalating cloud options provided by Azure, which seem to change daily, and I imagine it can all feel a bit overwhelming.

While marketing engines around the world are working hard to make everyone believe that on-premises resources are a thing of the past, it simply isn't true. Most businesses, and especially most enterprises, will continue to run on-premises servers, storage, and impressively complex networking for decades to come. What is it that drives the processing power of these physical datacenters for the majority of companies around the world? Windows Server. In fact, even if you have gone all-in for cloud adoption and host 100% of your serving resources in Azure, you are still making use of Windows Server 2019. It is the operating system that underpins Azure!

Over the last few years, we have all become familiar with software-defined computing, using virtualization technology to turn our server workloads into a software layer. Now, Microsoft is expanding on this idea with new terms such as software-defined networking, software-defined storage, and even an entire Software-Defined Data Center. The technologies that make these happen allow us to virtualize and share resources on a grand scale.

To make our workloads more flexible and cloud-ready, Microsoft is taking major steps in shrinking the server compute platform and creating new ways of interfacing with those servers. There is an underlying preference for new Windows Servers to be running the smaller, more efficient, and more secure Server Core interface. Additionally, application containers have made huge advancements over the past few years, and Server 2019 allows us to transition our applications into containers to run them in isolation from each other and on a mass scale. We also have new centralized management tools for administering our servers and networks, namely, the newly updated Windows Admin Center.

We'll take some time to discover together the inner workings of the newest version of this server operating system, which will drive and support so many of our business infrastructures over the coming years. Windows servers have dominated our datacenter rack spaces for more than two decades. Will this newest iteration in the form of Windows Server 2019 continue that trend?

Who this book is for

Anyone interested in Windows Server 2019 or in learning more in general about a Microsoft-centric datacenter will benefit from this book. An important deciding factor when choosing which content was appropriate for such a volume was making sure that anyone who had a baseline in working with computers could pick this up and start making use of it within their own networks. If you are already proficient in Microsoft infrastructure technologies and have worked with prior versions of Windows Server, then there are some focused topics on the aspects and parts that are brand new and only available in Server 2019. On the other hand, if you are currently in a desktop support role, or if you are coming fresh into the IT workforce, care was taken in the pages of this book to ensure that you will receive a rounded understanding, not only of what is brand new in Server 2019, but also what core capabilities it includes as carryovers from previous versions of the operating system, and that are still crucial to be aware of when working in a Microsoft-driven datacenter.

What this book covers

Chapter 1, Getting Started with Windows Server 2019, gives us an introduction to the latest Server operating system and an overview of the new technologies and capabilities that it can provide. We will also spend a little bit of time exploring the updated interface for those who may not be comfortable with it yet.

Chapter 2, Installing and Managing Windows Server 2019, dives right into the very first thing we will have to do when working with Server 2019: install it! While this seems like a simple task, there are a number of versioning and licensing variables that need to be understood before you proceed with your own install. From there, we will start to expand upon Microsoft's centralized management mentality, exploring how we can now manage and interact with our servers without ever having to log into them.

Chapter 3, Active Directory, leads us into the most core and essential role that exists in a Windows Server environment. AD is the central repository for many different types of data inside most corporate infrastructures, and without understanding the tools that exist to interface with this directory you will not be able to do much work with those fancy new servers.

Chapter 4, DNS and DHCP, segues into two other important roles that exist in almost every network. DNS and DHCP are both necessary technologies and concepts to understand for any IT administrator, and both happen to be roles that can be serviced from Windows Server 2019. We'll dig into both.

Chapter 5, Group Policy, showcases a fantastic policy engine that can be used inside any Active Directory environment to create a centralized management location for your users and workstations. Whether you are interested in setting up password policies, configuring lockdowns on your systems, automatically mapping network drives, or even distributing software, Group Policy is a powerful tool that is often underutilized.

Chapter 6, Certificates in Windows Server 2019, jumps into one of the pieces of Windows Server that has existed for many years, and yet most server administrators that I meet are unfamiliar with it. We'll take a closer look at certificates as they become more and more commonly required for new technologies that we roll out. By the end of this chapter, you should be able to spin up your own PKI and start issuing certificates for free!

Chapter 7, Networking with Windows Server 2019, begins with an introduction to that big, scary IPv6, and continues from there into building a toolbox of items that are baked into Windows Server 2019 and can be used in your daily networking tasks. We will also discuss the parts and pieces that make up Software-Defined Networking.

Chapter 8, Remote Access, takes a look at the different remote access technologies that are built into Windows Server 2019. Follow along as we explore the capabilities provided by VPN, DirectAccess, Web Application Proxy, and the new Always On VPN.

Chapter 9, Hardening and Security, gives some insight into security and encryption functions that are built into Windows Server 2019. Security is the primary focus of CIOs everywhere, so we'll explore what protection mechanisms are available to us out of the box.

Chapter 10, Server Core, throws us into the shrinking world of headless servers. Server Core has flown under the radar for many years but is critical to understand as we bring our infrastructures into a more security-conscious mindset. We'll make sure you have the information necessary to make your environment more secure and more efficient, all while lowering the amount of space and resources that are consumed by those servers.

Chapter 11, PowerShell, gets us into the new, blue command-line interface so that we can become comfortable using it and also learn why it is so much more powerful than Command Prompt. PowerShell is quickly becoming an indispensable tool for administering servers, especially in cases where you are adopting a centralized management and administration mindset.

Chapter 12, Redundancy in Windows Server 2019, looks at some platforms in Server 2019 that provide powerful data and computing redundancy. Follow along as we discuss Network Load Balancing, Failover Clustering, Storage Spaces Direct, and build our own instance of Storage Replica.

Chapter 13, Containers and Nano Server, incorporates the terms open source and Linux into a Microsoft book! Application containers are quickly becoming the new standard for hosting modern, scalable applications. Learn how to start enhancing your DevOps story using tools such as Windows Server containers, Hyper-V containers, Docker, and Kubernetes.

Chapter 14, Hyper-V, covers a topic that every server administrator should be very familiar with. Organizations have been moving their servers over to virtual machines en masse for many years. We'll use this chapter to make sure you understand how that hypervisor works and give you the resources required to build and manage one if and when you have the need.

Chapter 15, Troubleshooting Windows Server 2019, provides information about tools and software included with Windows Server that can be used to troubleshoot common problems. Server 2019 seems to be Microsoft's most stable and reliable server operating system to date, yet as you all know nothing is perfect, and issues are bound to present themselves. Here we discover tools like Resource Manager, Performance Monitor, and System Insights that help to keep our servers tuned and running well.

To get the most out of this book

Each technology that we discuss within the pages of this book is included in, or relates directly to, Windows Server 2019. If you can get your hands on a piece of server hardware and the Server 2019 installer files, you will be equipped to follow along and try these things out for yourself. We will talk about and reference some enterprise-class technologies that come with stiffer infrastructure requirements to make them work fully, and so you may have to put the actual testing of those items on hold until you are working in a more comprehensive test lab or environment, but the concepts are all still included in this book.

We will also discuss some items that are not included in Server 2019 itself, but that are used to extend its the capabilities and features. Some of these items help tie us into an Azure cloud environment, and some are provided by third parties, such as using Docker and Kubernetes on your Server 2019 to interact with application containers. Ultimately, you do not need to use these tools to manage your new Windows Server 2019 environment, but they do facilitate some pretty cool things that I think you will want to explore.

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://static.packt-cdn.com/downloads/9781801078313_ColorImages.pdf.

Conventions used

There are several text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. For example: "Inside DNS, I am going to create an alias record that redirects intranet to web1."

Any command-line input or output is written as follows:

Bold: Indicates a new term, an important word, or words that you see on the screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Simply find the appropriate OU for his account to reside within, right-click on the OU, and navigate to New | User."

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected], and mention the book's title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book we would be grateful if you would report this to us. Please visit, http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit http://authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Share Your Thoughts

Once you've read Mastering Windows Server 2019, Third Edition, we'd love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.

Your review is important to us and the tech community and will help us make sure we're delivering excellent quality content.

1

Getting Started with Windows Server 2019

Many years ago, Microsoft adjusted its operating system release ideology so that the latest Windows Server operating system is always structured very similarly to the latest Windows client operating system. This has been the trend for some time now, with Server 2008 R2 closely reflecting Windows 7, Server 2012 feeling a lot like Windows 8, and many of the same usability features that came with the Windows 8.1 update are also included with Server 2012 R2. This, of course, carried over to Server 2016 as well—giving it the same look and feel as if you were logged into a Windows 10 workstation.

Now that we are all familiar and comfortable with the Windows 10 interface, we typically have no problems jumping right into the Server 2016 interface and giving it a test drive. Windows Server 2019 is once again no exception to this rule, except that the release of client-side operating systems has shifted a little bit. Now, instead of releasing new versions of Windows (11, 12, 13, and so on), we are, for the time being, simply sticking with Windows 10 and giving it sub-version numbers, indicative of the dates when that operating system version was released. For example, Windows 10 version 1703 was released around March of 2017. Windows 10 version 1709 was released in September of 2017.

Then came 1803 and 1809—although 1809 was delayed a little and didn't release until somewhere closer to November, which wasn't the original plan. Follow that up with 1903 and 1909 and you start to see a pattern emerge. Then we moved into the year 2020, and suddenly our spring release of Windows 10 was called 2004. Hmm…2004 sounds fine when you pronounce it twenty-oh-four indicating the year 2020 and the month of April, but when seeing 2004 on paper, most folks started calling it two-thousand four, which sounds quite old and outdated, don't you think? I can't say for sure, but perhaps this is part of the reason that the newest (as of the time of writing) release version of Windows 10 goes by the name 20H2. All in all, you can see that Microsoft's current plan is to continue releasing a new feature release version of the Windows operating system every six months or so. However, expecting IT departments to lift and shift all of their servers just for the purposes of moving to an OS that is six months newer is crazy; sometimes it takes longer than that just to plan a migration.

Anyway, I'm getting ahead of myself a little, as we will be discussing the versioning of Windows Server later in this chapter, in our Windows Server versions and licensing section. The point here is that Windows Server 2019 looks and feels like the latest version of the Windows client operating system that was released at about the same time—that OS being Windows 10 1809. Before we get started talking about the features of Windows Server, it is important to establish a baseline for usability and familiarity in the operating system itself before diving deeper into the technologies running under the hood.

Let's spend a few minutes exploring the new graphical interface and options that are available for finding your way around this latest release of Windows Server, with a view to covering the following topics in this chapter:

The purpose of Windows Server

Is asking what is the purpose of Windows Server a silly question? I don't think so. It's a good question to ponder, especially now that the definition for servers and server workloads is changing on a regular basis. The answer to this question for Windows clients is simpler. A Windows client machine is a requester, consumer, and contributor of data.

From where is this data being pushed and pulled? What enables the mechanisms and applications running on the client operating systems to interface with this data? What secures these users and their data? The answers to these questions reveal the purpose of servers in general. They house, protect, and serve up data to be consumed by clients.

Everything revolves around data in business today. Our email, documents, databases, customer lists—everything that we need to do business well is data. That data is critical to us. Servers are what we use to build the fabric upon which we trust our data to reside.

We traditionally think about servers using a client-server interface mentality. A user opens a program on their client computer, this program reaches out to a server in order to retrieve something, and the server responds as needed. This idea can be correctly applied to just about every transaction you may have with a server. When your domain-joined computer needs to authenticate you as a user, it reaches out to Active Directory on the server to validate your credentials and get an authentication token. When you need to contact a resource by name, your computer asks a DNS server how to get there. If you need to open a file, you ask the file server to send it your way.

Servers are designed to be the brains of our operation, and often by doing so transparently. In recent years, large strides have been taken to ensure resources are always available and accessible in ways that don't require training or a large effort on the part of our employees. It used to be true that the general user population knew the name of your server and how to contact it because that was generally required for them to be able to get to the information they needed. If their mapped drives disappeared, it wasn't uncommon that everyone would know how to throw \\server\share into File Explorer to get there via Plan B. It also used to be the case that your average business only ran one single server, enabling this to be true. Today our server landscape is vastly different, with even small businesses running a virtualization host that typically contains a dozen or more virtual servers, and much effort is made so that your workforce doesn't know or care anything about that server infrastructure; they simply expect it to work 100% of the time.

In most organizations, many different servers are needed in order to provide your workforce with the capabilities they require. Each service inside Windows Server is provided as, or as part of, a role. When you talk about needing new servers or configuring a new server for any particular task, what you are really referring to is the individual role or roles that are going to be configured on that server to get the work done. A server without any roles installed is useless, though depending on the chassis can make an excellent paperweight. A 3U SAN device could weigh upward of 100 pounds and keep your desk orderly even in the middle of a hurricane!

If you think of roles as the meat and potatoes of a server, then the next bit we will discuss is sort of like adding salt and pepper. Beyond the overhead roles you will install and configure on your servers, Windows also contains many features that can be installed, which sometimes stand alone, but more often complement specific roles in the operating system. Features may complement and add functionality to the base operating system such as Telnet Client. Or a feature may be added to a server in order to enhance an existing role, such as adding the Network Load Balancing feature to an already equipped remote access or IIS server. The combination of roles and features inside Windows Server is what equips that piece of metal to do work.

This book will, quite obviously, focus on a Microsoft-centric infrastructure. In these environments, the Windows Server operating system is king and is prevalent across all facets of technology. There are alternatives to Windows Server and different products that can provide some of the same functions to an organization, but it is quite rare to find a business environment anywhere that is running without some semblance of a Microsoft infrastructure.

Windows Server contains an incredible amount of technology, all wrapped up in one small installation disk. With Windows Server 2019, Microsoft has got us thinking out of the box about what it means to be a server in the first place and comes with some exciting new capabilities that we will spend some time covering in these pages. Things such as PowerShell, Windows Admin Center, software-defined storage, and software-defined networking are changing the way that we manage and size our computing environments; these are exciting times to be or to become a server administrator!

It's getting cloudy out there

There's this new term out there, you may have even heard of it...the cloud. I say this tongue in cheek of course, and if smiley faces were appropriate within published works, I would insert one here. While the word "cloud" has certainly turned into a buzzword that is often misused and spoken of inappropriately, the idea of cloud infrastructure is an incredibly powerful one.

A cloud fabric is one that revolves around virtual resources—virtual machines, virtual disks, and even virtual networks. Being plugged into the cloud typically enables things like the ability to spin up new servers on a whim, or even the ability for particular services themselves to increase or decrease their needed resources automatically, based on utilization.

Think of a simple e-commerce website where a consumer can go to order goods. Perhaps 75% of the year, they can operate this website on a single web server with limited resources, resulting in a fairly low cost of service. But, the other 25% of the year, maybe around the holiday seasons, utilization ramps way up, requiring much more computing power. Prior to the cloud mentality, this would mean that the company would need to size their environment to fit the maximum requirements all the time, in case it was ever needed. They would be paying for more servers and much more computing power than was needed for the majority of the year. With a cloud fabric, giving the website the ability to increase or decrease the number of servers it has at its disposal as needed, the total cost of such a website or service can be drastically decreased. This is a major driving factor of the cloud in business today.

The public cloud

Most of the time, when your neighbor Suzzi Knowitall talks to you about the cloud, she is simply talking about the internet. Well, more accurately, she is talking about some service that she uses, which she connects to by using the internet. For example, Office 365, Google Drive, OneDrive, Dropbox—these are all public cloud resources, as they store your data in the cloud. In reality, your data is just sitting on servers that you access via the internet, but you can't see those servers and you don't have to administer and maintain those servers, which is why it feels like magic and is then referred to as the cloud.

To IT departments, the term cloud more often means one of the big three cloud hosting providers. Since this is a Microsoft-driven book, and since I truly feel this way anyway, Azure is top-notch in this category. Azure itself is another topic for another book (or many other books) but is a centralized cloud computing architecture that can host your data, your services, or even your entire network of servers.

Moving your datacenter to Azure enables you to stop worrying or caring about server hardware, replacing hard drives, and much more. Rather than purchasing servers, unboxing them, racking them, installing Windows on them, and then setting up the roles you want configured, you simply click a few buttons to spin up new virtual servers that can be resized at any time for growth. You then pay ongoing op-ex costs for these servers—monthly or annual fees for running systems in the cloud—rather than the big cap-ex costs for server hardware in the first place.

Other cloud providers with similar capabilities are numerous, but the big three are Azure, Amazon (AWS), and Google. As far as enterprise is concerned, Azure simply takes the cake and eats it too. I'm not sure that the others will ever be able to catch up with all of the changes and updates that Microsoft constantly makes to the Azure infrastructure.

The private cloud

While most people working in the IT sector these days have a pretty good understanding of what it means to be part of a cloud service, and many are indeed doing so today, a term that is being pushed into enterprises everywhere and is still many times misunderstood is private cloud. At first, I took this to be a silly marketing ploy, a gross misuse of the term "cloud" to try and appeal to those hooked by buzzwords. Boy was I wrong. In the early days of private clouds, the technology wasn't quite ready to stand up to what was being advertised.

Today, however, that story has changed. It is now entirely possible to take the same fabric that is running up in the true, public cloud, and install that fabric right inside your datacenter. This enables you to provide your company with cloud benefits such as the ability to spin resources up and down and to run everything virtualized, and to implement all of the neat tips and tricks of cloud environments, with all of the serving power and data storage remaining locally owned and secured by you. Trusting cloud storage companies to keep data safe and secure is absolutely one of the biggest blockers to implementation on the true public cloud, but, by installing your own private cloud, you get the best of both worlds, specifically stretchable compute environments with the security of knowing you still control and own all of your data.

This is not a book about clouds, public or private. I mention this to give a baseline for some of the items we will discuss in later chapters, and also to get your mouth watering a little bit to dig in and do a little reading yourself on cloud technology. You will see the Windows Server 2019 interface in many new ways with the cloud and will notice that so many of the underlying systems available in Server 2019 are similar to, if not the same as, those becoming available in Microsoft Azure.

In these pages, we will not focus on the capabilities of Azure, but rather a more traditional sense of Windows Server that would be utilized on-premise. With the big push toward cloud technologies, it's easy to get caught with blinders on and think that everything and everyone is quickly running to the cloud for all of their technology needs, but it simply isn't true. Most companies will have the need for many on-premise servers for many years to come; in fact, many may never put full trust in the cloud and will forever maintain their own datacenters. These datacenters will have local servers that will require server administrators to manage them. That is where you come in.

Windows Server versions and licensing

Anyone who has worked with the design or installation of a Windows Server in recent years is probably wondering which direction we are taking in this book. You see, there are different capability editions, different technical versions, plus different licensing models of Windows Server. Let's take a few minutes to cover those differences so that you can have a well-rounded knowledge of the different options, and so that we can define which portions we plan to discuss over the course of this book.

Standard versus Datacenter

When installing the Windows Server 2019 operating system onto a piece of hardware, as you will experience in Chapter 2, Installing and Managing Windows Server 2019, you will have two different choices of server capability. The first is Server 2019 Standard, which is the default option and one that includes most of your traditional Windows Server roles. While I cannot give you details on pricing because that could potentially be different for every company depending on your agreements with Microsoft, Standard is the cheaper option and is used most commonly for installations of Windows Server 2019.

Datacenter, on the other hand, is the luxury model. There are some roles and features within Windows Server 2019 that only work with the Datacenter version of the operating system, and they are not available in Standard. If ever you are looking for a new piece of Microsoft technology to serve a purpose in your environment, make sure to check the requirements to find out whether you will have to build a Datacenter server. Keep in mind that Datacenter can cost significantly more money than Standard, so you generally only use it in places where it is actually required. For example, if you are interested in hosting shielded VMs or working with Storage Spaces Direct, you will be required to run the Server 2019 Datacenter edition on the servers related to those technologies.

One of the biggest functional differences between Standard and Datacenter that even small businesses may need to consider is the number of virtual machines (VMs) that they can host. Server 2019 Standard can only run two VMs on it at any given time, which is a pretty limiting factor if you are looking to build out a Hyper-V server. Datacenter allows you to run unlimited numbers of VMs, which makes it a no-brainer when building your virtualization host servers. For running Hyper-V, Datacenter is the way to go.

Running a container infrastructure will also impact your decision making on Windows Server licensing. While your host container server can run an unlimited number of traditional containers whether that host server is Windows Server Standard or Datacenter, if you want to move into the new and enhanced world of Hyper-V-isolated containers, the same rules apply. A container host server running Windows Server Standard is limited to running two Hyper-V containers, but bumping your host to Windows Server Datacenter will bring you back into the unlimited category. An easy way to remember this is that each Hyper-V container is essentially its own VM, and so the limit of two applies in the Standard OS, whether talking about regular VMs or Hyper-V container VMs.

Three different interfaces

Now let's discuss the different footprints and user interfaces that you can run on your Windows Server 2019 machines. There are three variants of Windows Server that can be used, and the correct one for you depends on what capabilities and security you are looking for.

Desktop Experience

This is the most common choice among Windows Servers everywhere. Whether you are building a Windows Server 2019 Standard or Datacenter, you have a choice of running Windows Server with or without a graphical user interface. The traditional look and feel and point-and-click interface is called Desktop Experience. This allows things such as RDPing into your servers, having a traditional desktop, being able to use the graphical Server Manager right from your logged-in server, and all in all is the best way to go if you are new to server administration.

If you are familiar with navigating around inside Windows 10, then you should be able to at least make your way around Windows Server 2019 running Desktop Experience. This is the version of Windows Server 2019 that we will be focusing on for the majority of this book, and almost all of the screenshots will be taken from within a Desktop Experience environment.

Server Core

As you will see when we install Windows Server 2019 together, the default option for installation is not Desktop Experience. What this means is that choosing the default install path would instead place a headless version of Windows Server onto your machine, most commonly referred to as Server Core. The nature of being headless makes Server Core faster and more efficient than the Desktop version, which makes sense because it doesn't have to run all of that extra code and consume all of those extra resources for launching and displaying a huge graphical interface.

Almost anything that you want to do within Windows Server is possible to do on either Server Core or Desktop Experience, the main differences being the interface and security. To be able to use Server Core, you definitely have to be comfortable with a command-line interface (namely PowerShell), and you also have to consider remote server management to be a reliable way of interacting with your servers. We will talk much more about Server Core in Chapter 10, Server Core.

The largest benefit that Server Core brings to the table, other than performance, is security. Most malware that attempts to attack Windows Servers is reliant upon items that exist inside the GUI of Desktop Experience. Since those things aren't even running inside Server Core—alas, you couldn't get to a desktop even if you wanted to—attacks against Server Core machines are much, much less successful.

Nano Server – now only for containers

A third platform for Windows Server 2019 does exist, known as Nano Server. This is a tiny version of Windows Server, headless like Server Core but running an even smaller footprint. The last time I booted up Nano Server, it consumed less than 500 MB of data for the complete operating system, which is incredible.

It seemed like Nano Server was discussed much more surrounding the release of Server 2016, because at that time Microsoft was pressing forward with plans to include a whole bunch of roles inside Nano Server so that we could start replacing some of our bloated, oversized everyday servers with Nano. It used to be the case that you could use the Windows Server installation media (I suppose you could still make it happen with Server 2016 installation media) to spin out a VHDX file that allowed you to boot into Nano Server and check it out, but that mentality of Nano Server as an actual server has since gone by the wayside.

As of Windows Server version 1803 (we'll discuss what Server 1803 means in the next section of this chapter), Nano Server is married to the use of containers. In fact, the only way to spin up a Nano Server is to download it as a container base OS image, and then boot that image on an existing container host server. We will discuss both in more detail in Chapter 13, Containers and Nano Server. If you know what containers and modern applications are, and are interested in using them, then you will benefit from learning all there is to know about Nano Server. If you are not in a position to work with containers, you will probably never run into Nano Server in your environment.

Licensing models – SAC and LTSC

Another decision about how to set up your Windows Server is what licensing/support model and release cadence you would like to follow. There are two different paths that you can take. It is possible to have a mix of these in a single environment if you have a need for both.

Semi-Annual Channel (SAC)

If you opt to run SAC releases of Windows Server, your naming convention for the operating system changes. Rather than calling it Server 2019, you are really running Windows Server 1803, 1809, 1903, 1909, and so on. It follows the same mentality and release cadence that Windows 10 does. What that implies is that these new versions of Windows Server SAC are released at much shorter intervals than we have ever seen for servers in the past. The SAC channel is planned to receive two major releases every year—generally in the spring and the fall. Because of the fast release cadence, support for SAC versions of Windows Server lasts for a short 18 months. If you use SAC, you had better get used to always jumping on the latest version shortly after it releases.

If swapping out your server operating systems twice a year sounds daunting, you're not alone. Thankfully, Microsoft recognizes this and realizes that the general server administrator population is not going to use this model for their regular, everyday servers. Rather, SAC versions of Windows Server are only going to be used for running containers and containerized applications. In this new world of flexible application hosting, where applications are being written in ways that the infrastructure resources behind those applications can be spun up or spun down as needed, containers are a very important piece of that DevOps puzzle. If you host or build these kinds of applications, you will almost certainly be using containers—now or in the future. When you find yourself in the position of researching and figuring out containers, you will then probably find that the best way to accomplish a highly performant container environment is by hosting it on SAC server releases.

Long-Term Servicing Channel (LTSC)

Some of you probably think that LTSC is a typo, as in previous years this model was called Long-Term Servicing Branch (LTSB). While you can go with either and people will generally know what you are talking about, LTSC is now the proper term.

Windows Server 2019 is an LTSC release. Essentially, LTSC releases are what we have always thought of as our traditional Windows Server operating system releases. Server 2008, Server 2008 R2, Server 2012, Server 2012 R2, Server 2016, and now Server 2019 are all LTSC releases. What has changed is that the LTSC releases will now be coming with fewer things that are wow, that's so awesome and brand new, because we will be seeing and getting hints about those brand new things as they are created and rolled out in a more short-term fashion through the SAC releases. So, your SAC releases will come out roughly every six months, and then every two to three years we will experience a new LTSC release that rolls up all of those changes into a new full version that also grants you access to the desktop experience graphical interface.

While SAC is generally all about DevOps and containers, LTSC servers are for running pretty much everything else. You wouldn't want to install a domain controller, certificate server, or file server and have to replace that server every six months. So, for any of these scenarios, you will always look to LTSC.

Also keep in mind that most Windows Server administrators still deploy their servers with the Desktop Experience graphical interface, which means you are only interested in LTSC for these server purposes. The SAC versions of Windows Server do NOT include Desktop Experience—SAC is focused only on Server Core, which has no GUI.

With LTSC versions of Windows Server, you continue to get the same support we are used to: five years of mainstream support followed by five years of available extended support.

Throughout this book, we will be working and gaining experience with Windows Server 2019 – LTSC release.

Overview of new and updated features

The newest version of the Windows Server operating system is always an evolution of its predecessor. There are certainly pieces of technology contained inside that are brand new, but there are even more places where existing technologies have been updated to include new features and functionality. Let's spend a few minutes providing an overview of some of the new capabilities that exist in Windows Server 2019.

The Windows 10 experience continued

Historically, a new release of any Microsoft operating system has meant learning a slightly new and changed user interface, or sometimes a drastically new and changed interface like that of Windows 8. Server 2019 is an exception to this rule, and subsequent versions will likely follow suit. The ongoing Windows 10 releases give us first looks into the same graphical platform that will reside on our newest LTSC release of Windows Server. This idea started when Windows Server 2016 was first released. Now that Windows 10 updates are releasing but continuing on with essentially the same desktop interface, the same is true for Server 2019. Logging in and using Windows Server 2019 is, in a lot of ways, the same experience that you have had inside Windows Server 2016. Even so, some reading this book have never experienced logging into a server of any kind before, and so we will certainly be looking over that interface and learning some tips and tricks for navigating around smoothly and efficiently within Server 2019.

Hyper-Converged Infrastructure

When you see the phrase Hyper-Converged Infrastructure (HCI), it is important to understand that we are not talking about a specific technology that exists within your server environment. Rather, HCI is a culmination of a number of different technologies that can work together and be managed together, all for the purposes of creating the mentality of a Software-Defined Datacenter (SDDC as it is sometimes referred to). Specifically, HCI in the Microsoft world is most often referred to as the combination of Hyper-V and Storage Spaces Direct (S2D) on the same cluster of servers. Clustering these services together enables some big speed and reliability benefits over hosting these roles separately, and on their own systems.

Another component that is part of, or related to, a software-defined datacenter is Software-Defined Networking (SDN). Similar to how compute virtualization platforms (like Hyper-V) completely changed the landscape of what server computing looked like 12 or more years ago, we are now finding ourselves capable of lifting the network layer away from physical hardware and shifting the design and administration of our networks to be virtual and managed by the Windows Server platform.

A newly