WindowsServer2016管理员操作手册.pdf-资料库

http://winteragain.blog.51cto.com Windows Server 2016 管理员手册作者：Robin 版本：v1.0 日期：2016 年 Blog：http://winteragain.blog.51cto.com 运维网职位：Windows Server 版主，Exchange 版主运维网（www.iyunv.com）全网首发，翻版必究。此次实验操作系统版本信息： Windows Storage Server 2016 (x64) - DVD (Chinese-Simplified) ISO Chinese - Simplified 发布日期： 2016/10/12 文件名：cn_windows_storage_server_2016_x64_dvd_9327778.iso 语言：Chinese - Simplified SHA1：A7DA6CC7D707C38AC89F9BB19187863569D524EB 目录

http://winteragain.blog.51cto.com 1、Nano Server................................................................................................................................................................................................ 3 1.1 创建 Nano 镜像 .............................................................................................................................................................................. 3 1.2 安装 Nano Server ............................................................................................................................................................................ 4 1.3PowerShell Direct 连接 Nano Server ......................................................................................................................................... 5 1.4PowerShell 远程连接 Nano Server ............................................................................................................................................. 6 1.5 使用保存的凭据连接到 Nano Server ....................................................................................................................................... 6 1.6 在 Nano Server 创建本地用户 .................................................................................................................................................... 7 1.7 更改 Nano Server Time Zone ...................................................................................................................................................... 8 1.8 添加 Package 到现有 Nano Server ........................................................................................................................................... 9 1.9 禁用 Nano Server Firewall .......................................................................................................................................................... 10 1.10 通过 PowerShell 远程复制文件至 Nano Server ............................................................................................................... 10 1.11 将 Nano Server 加入域 ............................................................................................................................................................. 11 1.12 设置 Nano Server DNS 服务器 .............................................................................................................................................. 16 1.13 安装 Nano Server PowerShell Package Provider ............................................................................................................. 17 1.14Nano Server 在线安装文件服务角色 .................................................................................................................................... 19 1.15 卸载 Nano Server 角色以及功能 ........................................................................................................................................... 19 1.16Nano Server 配置 NTP 服务器 ................................................................................................................................................ 20 1.17Monitor NTP Server .................................................................................................................................................................... 22 1.18Debug NTP Server ....................................................................................................................................................................... 23 1.19 重置 NTP 配置 ............................................................................................................................................................................. 24 2、Hyper-V 群集(Nano Server) ............................................................................................................................................................... 24 2.1 批量创建 Nano 镜像 ................................................................................................................................................................... 24 2.2 批量创建 Nano 虚拟机 .............................................................................................................................................................. 26 2.3 登陆 Nano Recovery Console .................................................................................................................................................. 28 2.4 Hyper-V 管理工具连接 Nano ................................................................................................................................................... 30 2.5 添加心跳网卡 ................................................................................................................................................................................ 30 2.6 GUI 创建群集 .................................................................................................................................................................................. 31 2.7 GUI 配置见证 .................................................................................................................................................................................. 35 2.8 配置群集故障域 ........................................................................................................................................................................... 39 2.9 Hyper-V 设置 ................................................................................................................................................................................. 40 3、配置 Nano S2D........................................................................................................................................................................................ 40 3.1 批量创建 Nano 镜像 ................................................................................................................................................................... 41 3.2 批量创建 Nano 虚拟机 .............................................................................................................................................................. 42 3.3 添加心跳网卡 ................................................................................................................................................................................ 44 3.4 批量添加磁盘到 Nano Server 用于 S2D .............................................................................................................................. 47 3.5 群集验证配置 ................................................................................................................................................................................ 49 3.6 PowerShell 创建群集 ................................................................................................................................................................... 49 3.7 创建群集见证 ................................................................................................................................................................................. 50 3.8 清理可池化磁盘 ........................................................................................................................................................................... 51 3.9 配置群集故障域 ........................................................................................................................................................................... 52 3.10 启用 S2D ....................................................................................................................................................................................... 54 3.11 配置磁盘类型为 SSD ................................................................................................................................................................ 55 3.12 配置存储分层 .............................................................................................................................................................................. 56 3.13 GUI 创建存储池 ........................................................................................................................................................................... 58 3.14 GUI 创建卷 .................................................................................................................................................................................... 60 3.15 添加群集共享卷 ......................................................................................................................................................................... 64 3.16 CSV 上创建共享 .......................................................................................................................................................................... 66 3.17 PowerShell 配置 S2D ................................................................................................................................................................. 76

http://winteragain.blog.51cto.com 3.18 存储空间故障容错 .................................................................................................................................................................... 79 4、存储副本.................................................................................................................................................................................................... 79 4.1 存储副本类型 ...................................................................................................................................................................... 80 4.2 先觉条件 ......................................................................................................................................................................................... 81 4.3 服务器到服务器的存储副本 .................................................................................................................................................... 81 5、故障转移群集 .......................................................................................................................................................................................... 81 5.1 VM 负载平衡 .................................................................................................................................................................................. 82 5.1.1 控制平衡的入侵 ............................................................................................................................................................... 82 5.1.2 控制 VM 负载平衡 ........................................................................................................................................................... 82 5.2 SMB 多通道以及多 NIC 群集网络 ........................................................................................................................................... 84 6、Hyper-V 特性 ........................................................................................................................................................................................... 84 6.1 Hyper-V Group .............................................................................................................................................................................. 84 7、Windows Server 2016 ADFS&WAP 实战 ........................................................................................................................................ 86 7.1 ADFS Web SSO & SharePoint ................................................................................................................................................... 86 7.2 ADFS & Exchange 2016 单点登陆 ........................................................................................................................................... 86 7.2.1 先觉条件准备 .................................................................................................................................................................... 86 7.2.2 安装 ADFS 服务 ................................................................................................................................................................ 88 7.2.3 部署 WAP ........................................................................................................................................................................... 97 7.3 WAP 传递方式发布 Exchange ............................................................................................................................................... 104 7.4 ADFS 配置 ..................................................................................................................................................................................... 110 7.4.1 签名以及解密证书替换 .............................................................................................................................................. 110 7.4.2 添加信赖方信任 ............................................................................................................................................................ 110 8、Exchange 2016 部署 ........................................................................................................................................................................... 111 9、Windows Container ............................................................................................................................................................................ 113 10、行业术语 .............................................................................................................................................................................................. 113 10.1 DR/DP/SLA/RTO/PRO ............................................................................................................................................................ 113 1、Nano Server 参考资料：http://www.ntweekly.com/?page_id=11089 1.1 创建 Nano 镜像首先加载英文版本 Windows Server 2016 镜像，并复制镜像根目录下的 NanoServer 文件夹到服务器磁盘分区，这里将此文件夹复制到 D 盘根目录下：

在 NanoServer 文件夹下，可以看到有如下目录： http://winteragain.blog.51cto.com 1. NanoServerImageGenerator----生成 Nano VHD 的 PowerShell 脚本文件以及模块 2. Packages--------------------Nano Server 可用的包 3. NanoServer.wim--------------制作 Nano Server WIM 镜像 4. ReadMe.txt------------------说明文件 1.2 安装 Nano Server 此示例以制作一个带有 Hyper-V、Cluster 以及 Storage 功能的 VHDX，脚本如下： Import-Module D:\NanoServer\NanoServerImageGenerator\NanoServerImageGenerator.psd1 Set-ExecutionPolicy RemoteSigned #Declare variables and build command $VMName = "NanoTest" $mediapath = "D:\" $basepath = "E:\NanoLab" $targetpath = "E:\NanoLab\NanoVM\$VMName.vhdx" $computername = "$VMName" $domain = "contoso" $interface = "Ethernet" $ipv4address = "172.16.10.21" $ipv4mask = "255.255.255.0" $ipvgateway = "172.16.10.1" $ipv4dns = "172.16.10.11" #Create a Nano server with Hyper-V and Cluster feature New-NanoServerImage -Edition Datacenter -DeploymentType Guest -Storage -Compute -Clustering -MediaPath $mediapath -BasePath $basepath -TargetPath $targetpath -ComputerName $computername -EnableRemoteManagementPort -DomainName $domain -InterfaceNameOrIndex $interface -Ipv4Address $ipv4address -Ipv4SubnetMask $ipv4mask -Ipv4Gateway $ipvgateway -Ipv4Dns $ipv4dns -MaxSize 500GB 创建完后，会在自定的目录下生成VHDX文件，复制此VHDX文件新建一台虚拟机，在新建时，建议选择第二代虚拟机。创建好虚拟机后，可以直接在宿主机上通过PowerShell直接远程到Nano Server： PS：在生成VHDX时，如果加入了加域开关：-DomainName,那么中途会提示输入域管理员密码，据官方说明，执行此操作，需要在加

域计算机上操作，但是实验中发现，如果工作组计算机本地管理员密码如果和域管理员相同，同样完成加域。在ADUC中可以查看到刚刚创建的NanoTest计算机对象 http://winteragain.blog.51cto.com 1.3PowerShell Direct 连接 Nano Server PS D:\> Enter-PSSession -VMName NanoTest -Credential contoso\administrator [NanoTest]: PS C:\Users\administrator\Documents> [NanoTest]: PS C:\Users\administrator\Documents> Get-Process Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName ------- ------ ----- ----- ------ -- -- ----------- 0 7 840 1964 0.06 508 0 csrss 0 5 892 4052 0.02 1372 0 EMT 0 0 0 4 0 0 Idle 0 26 3756 12088 1.19 580 0 lsass 0 56 35924 59680 4.86 1684 0 powershell

http://winteragain.blog.51cto.com 0 0 0 2536 0.00 408 0 Secure System 0 8 2136 5760 1.70 564 0 services 0 2 328 1140 0.06 412 0 smss 0 37 10732 22604 2.70 76 0 svchost 0 8 1992 6276 0.55 696 0 svchost 0 15 2496 7096 0.59 744 0 svchost 0 10 1656 5948 0.03 824 0 svchost 0 7 1580 6352 0.03 832 0 svchost 0 16 7548 13288 8.34 884 0 svchost 0 16 3424 9416 0.05 892 0 svchost 0 23 10524 21672 5.83 972 0 svchost 0 26 4608 10912 0.56 1100 0 svchost 0 13 4484 12428 0.25 1256 0 svchost 0 0 80 76 2.95 4 0 System 0 8 1544 6716 0.06 1544 0 vmcompute 0 19 8028 19272 0.20 1332 0 vmms 0 7 776 4056 0.00 536 0 wininit 0 8 2688 8400 0.13 336 0 WmiPrvSE 0 8 2084 7640 0.00 996 0 WmiPrvSE 0 11 4696 12244 0.36 1924 0 WmiPrvSE 1.4PowerShell 远程连接 Nano Server 如果执行远程连接的电脑未加入到当前域，则运行如下命令配置信任，如果已加入当前域，可以跳过此步骤： PS D:\> Set-Item WSMan:\localhost\Client\TrustedHosts -Value 172.16.10.21 -Concatenate 输入如下命令远程连接到远程 Nano Server PS D:\> Enter-PSSession -ComputerName 172.16.10.21 -Credential contoso\administrator [172.16.10.21]: PS C:\Users\administrator\Documents> 1.5 使用保存的凭据连接到 Nano Server PS D:\> $password = ConvertTo-SecureString "password" -AsPlainText -Force PS D:\> $cred= New-Object System.Management.Automation.PSCredential ("contoso\administrator", $password ) PS D:\> Enter-PSSession -computername 172.16.10.21 -Credential $cred

http://winteragain.blog.51cto.com [172.16.10.21]: PS C:\Users\administrator\Documents> 1.6 在 Nano Server 创建本地用户获取 Nano Server 当前本地组列表： [172.16.10.21]: PS C:\> Get-LocalGroup Name Description ---- ----------- Access Control Assistance Operators Members of this group can remotely query authorization attributes and permissions for resources on this computer. Administrators Administrators have complete and unrestricted access to the computer/domain Backup Operators Backup Operators can override security restrictions for the sole purpose of backing up or restoring files Certificate Service DCOM Access Members of this group are allowed to connect to Certification Authorities in the enterprise Cryptographic Operators Members are authorized to perform cryptographic operations. Distributed COM Users Members are allowed to launch, activate and use Distributed COM objects on this machine. Event Log Readers Members of this group can read event logs from local machine Guests Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted Hyper-V Administrators Members of this group have complete and unrestricted access to all features of Hyper-V. IIS_IUSRS Built-in group used by Internet Information Services. Network Configuration Operators Members in this group can have some administrative privileges to manage configuration of networking features Performance Log Users Members of this group may schedule logging of performance counters, enable trace providers, and collect event traces both locally and via remote access to this computer Performance Monitor Users Members of this group can access performance counter data locally and remotely Power Users Power Users are included for backwards compatibility and possess limited administrative powers Print Operators Members can administer printers installed on domain controllers RDS Endpoint Servers Servers in this group run virtual machines and host sessions where users RemoteApp programs and personal virtual desktops run. This group needs to be populated on servers running ... RDS Management Servers Servers in this group can perform routine administrative actions on servers running Remote Desktop Services. This group needs to be populated on all servers in a Remote Desktop Se... RDS Remote Access Servers Servers in this group enable users of RemoteApp programs and personal virtual desktops access to these resources. In Internet-facing deployments, these servers are typically deplo... Remote Desktop Users Members in this group are granted the right to logon remotely Remote Management Users Members of this group can access WMI resources over management protocols (such as WS-Management via the Windows Remote Management service). This applies only to WMI namespaces tha... Replicator Supports file replication in a domain Storage Replica Administrators Members of this group have complete and unrestricted access to all features of Storage Replica. System Managed Accounts Group Members of this group are managed by the system.

Users Users are prevented from making accidental or intentional system-wide changes and http://winteragain.blog.51cto.com can run most applications 下面创建一个本地用户并加入到本地管理员组： [172.16.10.21]: PS C:\> New-LocalUser "Robin.Pang" -Password (ConvertTo-SecureString -AsPlainText "abc.123" -Force) -FullName "Robin.Pang" -Description "Local Administrator" Name Enabled Description ---- ------- ----------- Robin.Pang True Local Administrator [172.16.10.21]: PS C:\> Add-LocalGroupMember -Group administrators -Member Robin.Pang -Verbose 详¨º细?信?息¡é: Performing the operation "Add member NANOTEST\Robin.Pang" on target "administrators". 获取当前本地管理员组成员列表： [172.16.10.21]: PS C:\> Get-LocalGroupMember administrators ObjectClass Name PrincipalSource ----------- ---- --------------- Group CONTOSO\Domain Admins ActiveDirectory User NANOTEST\Administrator Local User NANOTEST\Robin.Pang Local 1.7 更改 Nano Server Time Zone 使用 PowerShell 远程登陆到 Nano Server，运行如下命令获取当前十区“ [NanoTest]: PS C:\> tzutil.exe /g Pacific Standard Time 要查看所有的时区类型，可以运行如下命令： [NanoTest]: PS C:\> tzutil.exe /l (UTC-12:00) International Date Line West Dateline Standard Time (UTC-11:00) Coordinated Universal Time-11 UTC-11 (UTC-10:00) Aleutian Islands Aleutian Standard Time (UTC-10:00) Hawaii Hawaiian Standard Time (UTC-09:30) Marquesas Islands Marquesas Standard Time

资料库

WindowsServer2016管理员操作手册.pdf

相关推荐

操作系统

热门标签

最新资料