Home > Store

Windows Server 2016 Unleashed

Register your product to gain access to bonus material or receive a coupon.

Windows Server 2016 Unleashed


  • Your Price: $47.99
  • List Price: $59.99
  • Usually ships in 24 hours.



  • Comprehensive, practical reference to the new version of Microsoft's flagship server operating system
  • Provides insight into the new virtualisation tools, cloud platforms, Web resources, management enhancements, and Windows 10 integration
  • Loaded with practical, independent advice that will save IT Pros time, effort, and money
  • Two entirely new sections - the cloud and containers


  • Copyright 2018
  • Dimensions: 7" x 9-1/8"
  • Pages: 1584
  • Edition: 1st
  • Book
  • ISBN-10: 0-13-458375-2
  • ISBN-13: 978-0-13-458375-4

This is the most comprehensive and realistic guide to Windows Server 2016 planning, design, prototyping, implementation, migration, administration, and support. Extensively updated, it contains unsurpassed independent and objective coverage of Windows Server 2016's key innovations, including the cloud, containers, and Windows 10 integration.

Windows Server 2016 Unleashed reflects the authors’ extraordinary experience implementing Windows Server 2016 in large-scale environments since its earliest alpha releases, reaching back more than two years prior to its official launch. Microsoft MVP Rand Morimoto and his colleagues fully address every aspect of deploying and operating Windows Server 2016, including Active Directory, networking and core application services, security, migration from Windows Server 2003/2008, administration, fault tolerance, optimization, troubleshooting, and much more.

Valuable for Windows professionals at all skill levels, this book will be especially indispensable for intermediate-to-advanced level professionals seeking expert, in-depth solutions. Every chapter contains tips, tricks, best practices, and lessons learned from actual deployments: practical information for using Windows Server 2016 to solve real business problems.

Sample Content

Online Sample Chapter

Active Directory Domain Services Primer

Table of Contents

Introduction     1
How This Book Is Organized     1
Part I:  Windows Server 2016 Overview
Chapter 1  Windows Server 2016 Technology Primer     5

Windows Server 2016 Defined     6
When Is the Right Time to Migrate?     16
Versions of Windows Server 2016     18
Improvements for Continuous Availability     22
Enhancements for Flexible Identity and Security     25
Enabling Users to Work Anywhere     31
Simplifying the Datacenter     38
Addition of Migration Tools     48
Identifying Which Windows Server 2016 Service to Install or Migrate to First     49
Chapter 2  Planning, Prototyping, Migrating, and Deploying Windows Server 2016     55
Determining the Scope of Your Project     56
Identifying the Business Goals and Objectives to Implement Windows Server     56
Identifying the Technical Goals and Objectives to Implement Windows Server     59
The Discovery Phase: Understanding the Existing Environment     65
The Design Phase: Documenting the Vision and the Plan     69
The Migration Planning Phase: Documenting the Process for Migration     73
The Prototype Phase: Creating and Testing the Plan     79
The Pilot Phase: Validating the Plan to a Limited Number of Users     81
The Migration/Implementation Phase: Conducting the Migration or Installation     83
Chapter 3  Installing Windows Server 2016 and Server Core     89
Planning for a Server Installation     90
Installing a Clean Version of Windows Server 2016 Operating System     95
Upgrading to Windows Server 2016     104
Understanding Server Core Installation     107
Managing and Configuring a Server Core Installation     110
Performing an Unattended Windows Server 2016 Installation     118
Nano Server     118

Part II:  Windows Server 2016 Active Directory
Chapter 4  Active Directory Domain Services Primer     125

The Evolution of Directory Services     126
Understanding the Development of AD DS     128
AD DS Structure     128
Outlining AD DS Components     131
Understanding Domain Trusts     136
Defining Organizational Units     137
Outlining the Role of Groups in an AD DS Environment     139
Understanding AD DS Replication     141
Outlining the Role of DNS in AD DS     143
Outlining AD DS Security     145
Getting Familiar with AD DS Features in Windows Server 2016     145
Chapter 5  Designing a Windows Server 2016 Active Directory     159
Understanding AD DS Domain Design     160
Choosing a Domain Namespace     161
Examining Domain Design Features     163
Choosing a Domain Structure     164
Understanding the Single-Domain Model     165
Understanding the Multiple-Domain Model     168
Understanding the Multiple Trees in a Single-Forest Model     170
Reviewing the Federated-Forests Model     172
Understanding the Empty-Root Domain Model     175
Understanding the Placeholder Domain Model     178
Understanding the Special-Purpose Domain Model     179
Renaming an AD DS Domain     180
Chapter 6 Designing Organizational Unit and Group Structure     185
Defining Organizational Units in AD DS     186
Defining AD Groups     188
OU and Group Design     192
Starting an OU Design     193
Using OUs to Delegate Administration     194
Group Policies and OU Design     196
Understanding Group Design     197
Exploring Sample Design Models     199
Chapter 7  Active Directory Infrastructure     207
Understanding AD DS Replication in Depth     207
Understanding Active Directory Sites     212
Planning Replication Topology     219
Windows Server 2016 IPv6 Support     226
Detailing Real-World Replication Designs     229
Deploying Read-Only Domain Controllers     232
Deploying a Clone Virtualized DC     236
Chapter 8  Creating Federated Forests and Lightweight Directories     241
Keeping a Distributed Environment in Sync     241
Active Directory Federation Services     247
Synchronizing Directory Information with Microsoft Identity Manager     251
Harnessing the Power and Potential of MIM     254

Part III:  Networking Services
Chapter 9  Domain Name System, WINS, and DNSSEC     259

The Need for DNS     261
Getting Started with DNS on Windows Server 2016     264
Resource Records     267
Understanding DNS Zones     272
Performing Zone Transfers     276
Understanding DNS Queries     279
Other DNS Components     280
Understanding the Evolution of Microsoft DNS     288
DNS in Windows Server 2016     289
DNS in an Active Directory Domain Services Environment     291
Troubleshooting DNS     295
Secure DNS with DNSSEC     304
Reviewing the Windows Internet Naming Service     310
Installing and Configuring WINS     311
Planning, Migrating, and Maintaining WINS     316
Chapter 10  DHCP, IPv6, IPAM     321
Understanding the Components of an Enterprise Network     321
Exploring DHCP     323
Exploring DHCP Changes in Windows Server 2016     331
Enhancing DHCP Reliability     338
Exploring Advanced DHCP Concepts     349
Securing DHCP     350
IPv6 Introduction     351
Configuring IPv6 on Windows Server 2016     362
IP Address Management     370
Installing the IPAM Server and Client Features     371
Exploring the IPAM Console     387
Chapter 11  Internet Information Services     391
Understanding Internet Information Services     10     392
Planning and Designing IIS 10     396
Installing and Upgrading IIS 10     397
Installing and Configuring Websites     403
Installing and Configuring FTP Services     413
Securing IIS 10     422

Part IV:  Security
Chapter 12  Server-Level Security     433

Defining Windows Server 2016 Security     434
Deploying Physical Security     435
Using the Integrated Windows Firewall with Advanced Security     437
Hardening Servers     442
Examining File-Level Security     450
Malware and Backup Protection     454
Windows Server Update     456
Chapter 13  Securing Data in Transit     463
Introduction to Securing Data in Transit in Windows Server 2016     464
Deploying a Public Key Infrastructure with Windows Server 2016     465
Understanding Active Directory Certificate Services in Windows Server 2016     467
Active Directory Rights Management Services     476
Using IPsec Encryption with Windows Server 2016     479
Chapter 14  Network Policy and Access Services, Routing and Remote Access and DirectAccess     483
Installing a Network Policy Server     484
Deploying a Virtual Private Network Using RRAS     485
Configuring DirectAccess     491

Part V:  Migrating to Windows Server 2016
Chapter 15  Migrating to Active Directory 2016     495

Beginning the Migration Process     496
Big Bang Migration     499
Phased Migration     503
Multiple Domain Consolidation Migration     519
Chapter 16  Compatibility Testing     537
The Importance of Compatibility Testing     538
Preparing for Compatibility Testing     539
Researching Products and Applications     545
Verifying Compatibility with Vendors     548
Microsoft Assessment and Planning Toolkit     554
Lab-Testing Existing Applications     554
Documenting the Results of the Compatibility Testing     557
Determining Whether a Prototype Phase Is Required     557

Part VI:  Windows Server 2016 Administration and Management
Chapter 17  Windows Server 2016 Administration     561

Defining the Administrative Model     562
Examining Active Directory Site Administration     563
Configuring Sites     566
Windows Server 2016 Active Directory Groups     574
Creating Groups     575
Managing Users with Local Security and Group Policies     580
Managing Printers with the Print Management Console     588
Chapter 18  Windows Server 2016 Group Policies and Policy Management     595
Group Policy Overview     596
Group Policy Processing: How Does It Work?     597
Local Group Policies     600
Domain-Based Group Policies     601
Security Templates     602
Understanding Group Policy     603
Group Policy Policies Node     615
Group Policy Preferences Node     618
Policy Management Tools     618
Designing a Group Policy Infrastructure     626
GPO Administrative Tasks     629
Chapter 19 Windows Server 2016 Management and Maintenance Practices     651
Going Green with Windows Server 2016     652
Server Manager Dashboard     653
Managing Windows Server 2016 Roles and Features     655
Creating a Server Group     660
Viewing Events     660
Server Manager Storage Page     670
Auditing the Environment     673
Managing Windows Server 2016 Remotely     682
Common Practices for Securing and Managing Windows Server 2016     688
Keeping Up with Service Packs and Updates     689
Maintaining Windows Server 2016     693
Chapter 20  Automating Tasks Using PowerShell Scripting     707
Understanding Shells     708
Introduction to PowerShell     710
Understanding PowerShell Fundamentals     712
Using Windows PowerShell     739
Chapter 21  Documenting a Windows Server 2016 Environment     771
Benefits of Documentation     772
Types of Documents     773
Planning to Document the Windows Server 2016 Environment     774
Knowledge Sharing and Knowledge Management     774
Windows Server 2016 Project Documents     775
Administration and Maintenance Documents     788
Network Infrastructure     792
Disaster Recovery Documentation     793
Change Management Procedures     796
Performance Documentation     796
Baselining Records for Documentation Comparisons     796
Routine Reporting     796
Security Documentation     797

Part VII:  Remote and Mobile Technologies
Chapter 22  Server-to-Client Remote and Mobile Access     801

Remote Access in Windows Server 2016     803
VPN in Windows Server 2016     805
RAS System Authentication Options     808
VPN Protocols     810
DirectAccess in Windows Server 2016     815
Choosing Between Traditional VPN Technologies and DirectAccess     826
Setting Up the Unified Remote Access Role     829
DirectAccess Scenario     830
VPN Scenario     836
Monitoring the Remote Access Server     847
Chapter 23  Remote Desktop Services     851
Why Implement Remote Desktop Services?     852
How Remote Desktop Works     855
Understanding the Name Change     857
RDS Roles     857
Configuration Options and Fine-Tuning Terminology     865
Planning for RDS     872
Deploying RDS     877
Deploying Virtual Desktops     888
Enabling RemoteFX     896
Securing and Supporting RDS     898

Part VIII:  Desktop Administration
Chapter 24  Windows Server 2016 Administration Tools for Desktops     903

Managing Desktops and Servers     904
Operating System Deployment Options     905
Windows Server 2016 Windows Deployment Services     908
Installing Windows Deployment Services     910
Customizing Boot Images     921
Creating Discover Images     925
Pre-Creating Active Directory Computer Accounts for WDS (Prestaged Systems)     926
Creating Custom Installations Using Capture Images     930
Automating Image Deployment Using Unattend Files     933
General Desktop Administration Tasks     934
Chapter 25  Group Policy Management for Network Clients     937
The Need for Group Policies     938
Windows Group Policies     939
Group Policy Feature Set     942
Planning Workgroup and Standalone Local Group Policy Configuration     947
Planning Domain Group Policy Objects     950
Managing Computers with Domain Policies     959
Configuring Preference Item-Level Targeting     967
Managing Users with Policies     977
Managing Active Directory with Policies     984
Chapter 26  Storage     999
Storage Spaces and Storage Pools     999
Managing Windows Server 2016 Disks     1010
Configuring Storage Spaces Direct     1014

Part IX:  Fault-Tolerance Technologies
Chapter 27  File System Management     1023

File System Access Services and Technologies     1023
Adding the File and Storage Services Role     1027
Managing Data Access Using Windows Server 2016 Shares     1028
File Server Resource Manager     1032
The Distributed File System     1044
Planning a DFS Deployment     1048
Installing and Configuring DFS     1051
Using the Volume Shadow Copy Service     1057
Configuring Data Deduplication     1060
Dynamic Access Control     1062
Chapter 28  Operational Fault Tolerance (Clustering/Network Load Balancing)     1073
Building Fault-Tolerant Windows Server 2016 Systems     1075
Windows Server 2016 Clustering Technologies     1077
Determining the Correct Clustering Technology     1083
Overview of Failover Clusters     1085
Deploying Failover Clusters     1090
Backing Up and Restoring Failover Clusters     1113
Deploying Network Load-Balancing Clusters     1117
Managing NLB Clusters     1125
Network Teaming     1127
Chapter 29  Backing Up the Windows Server 2016 Environment     1131
Understanding Your Backup and Recovery Needs and Options     1132
Creating the Disaster Recovery Solution     1135
Documenting the Enterprise     1136
Developing a Backup Strategy     1137
Windows Server Backup Overview     1138
Using Windows Server Backup     1141
Managing Backups Using the Command-Line Utility Wbadmin.exe and Windows PowerShell Cmdlets     1146
Backing Up Active Directory     1150
Backing Up Windows Server 2016 Roles     1153
Volume Shadow Copy Service     1154
Extending Server Backup to the Enterprise with Data Protection Manager 2016     1155
Chapter 30  Recovering from a Disaster     1157
Ongoing Backup and Recovery Preparedness     1157
When Disasters Strike     1161
Disaster Scenario Troubleshooting     1163
Recovering from a Server or System Failure     1166
Managing and Accessing Windows Server Backup Media     1173
Windows Server Backup Volume Recovery     1174
Recovering Role Services and Features     1176

Part X:  Optimizing, Tuning, Debugging, and Problem Solving
Chapter 31  Optimizing Windows Server 2016 for Branch Office Communications     1185

Key Branch Office Features in Windows Server 2016     1186
Understanding Read-Only Domain Controllers     1186
Using BitLocker with Windows Server 2016     1202
BranchCache in Windows Server 2016     1213
Printing with Branch Office Direct Printing     1226
Chapter 32  Logging and Debugging     1229
Using the Task Manager for Logging and Debugging     1229
Using Event Viewer for Logging and Debugging     1237
Performance Monitoring     1248
Setting Baseline Values     1275
Using the Debugging Tools Available in Windows Server 2016     1277
Task Scheduler     1291
Chapter 33  Capacity Analysis and Performance Optimization     1299
Defining Capacity Analysis     1299
Using Capacity-Analysis Tools     1303
Monitoring System Performance     1317
Optimizing Performance by Server Roles     1325

Part XI:  Integrated Windows Application Services
Chapter 34  SharePoint 2016 Products     1333

History of SharePoint Technologies     1333
Identifying the Need for SharePoint 2016 Products     1335
Designing a SharePoint 2016 Farm     1339
Exploring a Basic SharePoint 2016 Site     1343
Lists and Libraries in SharePoint 2016     1345
Managing the Site Collection     1351
Chapter 35  Windows Server Virtualization     1357
Understanding Microsoft’s Virtualization Strategy     1357
Integration of Hypervisor Technology in Windows Server     1360
Windows Containers and Hyper-V Containers in Windows Server 2016     1368
Planning Your Implementation of Hyper-V     1368
Installing the Microsoft Hyper-V Role     1371
Becoming Familiar with the Hyper-V Administrative Console     1374
Installing a Guest Operating System Session     1380
Modifying Guest Session Configuration Settings     1384
Launching a Hyper-V Guest Session     1387
Using Snapshots of Guest Operating System Sessions     1389
Quick Migration and Live Migration     1391
Utilizing Hyper-V Replica for Site-to-Site Redundancy     1404
Hyper-V Containers in Windows Server 2016     1410
Windows Docker Containers     1412
Chapter 36  Integrating System Center Operations Manager 2016 with Windows Server 2016     1417
Windows Server 2016 Monitoring     1418
Understanding How OpsMgr Works     1419
OpsMgr Architecture Components     1423
Securing OpsMgr     1433
Fault Tolerance and Disaster Recovery     1438
Understanding OpsMgr Components     1444
Putting it All Together in a Design     1448
Index     1459



We've made every effort to ensure the accuracy of this book and its companion content. Any errors that have been confirmed since this book was published can be downloaded below.

Download the errata (45 KB .doc)

Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020