Errata

For

MCTS Guide to Microsoft Windows Server 2008 Network Configuration

Exam 70-642

By

Michael Bender

This erratum contains errors, corrections, and omissions from the current text along with suggested changes for future editions of the book. If you come across additional errors or have suggestions for future releases, please email the author at .

The author would like to thank the following instructors for their comments which help to complete this document:

·  Mike Fuszner, St. Charles Community College

·  Randy Graves,

Note on Operating System updates: The text and all activities are based on the RTM version of Windows Server 2008, not SP1, SP2, or Windows Server 2008 R2 RTM. There are known issues with specific activities such as BitLocker when working with SP2. It is recommended that you run the RTM version of Windows. If you choose to apply any available service packs and/or updates, you may experience issues or functionality change compared with the textbook. Also, additions of the software such as WSUS and Network Monitor specified in the text may not be available from Microsoft. Please provide your students with the current software version you wish for them to use. Keep in mind that newer versions of software may have different functionality and appearance so some steps in activities may change.

Chapter 1

Chapter 1 - p. 3 should read

Trusts between Active Directory domains in a forest are created automatically when you create domains in Windows Server 2008. These are called transitive trusts. In Windows NT domains prior to Windows 2000, administrators created all trusts manually.

Pg. 8, Step 5 should read:

Enter your product key if you have one and are required to enter the key. You can install Windows Server 2008 without a product key.

Chapter 2

Pg. 46 Should Read:

Out-of-Box Experience The most common cleanup action with Sysprep is to use the system OOBE when generalizing images. This combination will remove the computer security identifier (SID), reset the computer activation, and boot the computer into Windows Welcome.

Pg. 50 title should read:

Installing Windows Server 2008

Pg. 50 should read:

This section explores the three installation methods available for Windows Server 2008. Each of the following methods has a purpose and place within a network:

•  DVD/USB boot installation

•  Network distribution share installation

•  Image-based installation

DVD/USB Boot Installation Probably the most familiar of the installation methods is using physical installation media. Windows Server 2008 can be installed via optical drive (that is a DVD drive) or via USB flash drive. This type of installation is called a DVD boot installation and is the most common media-based type. Installing with a USB flash drive is new and not yet as popular as using a DVD. However, with the advent of USB 2.0 and servers that can boot from the drives in their USB ports, USB flash drives are the perfect media for installing Windows Server 2008. Whether using optical or flash media, this installation method requires you to be present at the server. Activity 1-1, where you installed Windows Server 2008, is an example of a DVD installation.

Page 52 Activity 2-4 should read:

1.  Log onto your server.

2.  Click Start, type Windows PE Command Prompt in the Start Search box. When it Windows PE Command Prompt appears, select it and press enter to launch.

3.  Type md c:\MCTS_70642\Ch2\ImageFolder and then press Enter to create a new directory called ImageFolder in the folder created for this chapter. This represents a distribution point to contain the .wim file created with ImageX.

4.  Change to the directory containing ImageX by using the following cd command:

cd \Program Files\Windows AIK\Tools\x86\

5. Next, run the following ImageX command to create an image of the c:\windows\fonts direc
tory from the command prompt:

imagex /capture “c:\Windows\fonts”

“c:\MCTS_70642\Ch2\imagefolder\Server2008Fonts.wim” “All

Installed Fonts”

6. Leave the command prompt window open for the next exercise.

Pg 53 should read:

Consider an example of this command:

imagex /mount “c:\Images\Server2008.wim” “Standard” c:\imagefolder\

In this command, you are using ImageX to mount the image named “Standard” from the Server2008.wim file to c:\imagefolder\. Remember that the image is read-only. If you want to write to this image, use /mountrw instead of /mount, as shown in the following command:

imagex /mountrw “c:\Images\Server2008.wim” “Standard_RW” c:\imagefolder\

Pg 53 Activity 2-5 should read:

1. Open the Windows PE Command Prompt from the start menu, if necessary.

2. Type md c:\MCTS_70642\Ch2\ImageMountFolder to create a new directory called ImageMountFolder. This is the mount point for your image within the file system.

3. Next, run the following ImageX command to mount the image Server2008Fonts.wim to the c:\MCTS_40642\Ch2\ImageMountFolder directory from the command prompt:

imagex /mount “c:\MCTS_70642\Ch2\imagefolder\Server2008fonts.wim” “All Installed Ionts” “c:\MCTS_70642\Ch2\imagemountfolder”

4. Open Windows Explorer and browse to c:\MCTS_70642\Ch2\ImageMountFolder.5. Create a file named Server2008SuperFont.txt by right-clicking a blank spot in the folder window, pointing to New on the shortcut menu, and then clicking Text Document. Use Server2008SuperFont.txt as the file name. Note that access is denied because you did not mount the image as read/write.

5. Before mounting the image as read/write, unmount the current image as follows:

imagex /unmount “c:\MCTS_70642\Ch2\imagemountfolder”

6. Rerun the ImageX command as follows using the /mountrw option:

imagex /mountrw “c:\MCTS_70642\Ch2\imagefolder\Server2008fonts.wim” “All Installed Fonts” “c:\MCTS_70642\Ch2\imagemountfolder”

7. Create a file named Server2008SuperFont.txt and leave Windows Explorer open. This time you should be successful.

8. Commit and dismount the image using the following command:

imagex /unmount /commit “c:\MCTS_70642\Ch2\imagemountfolder”

9. In your Windows Explorer window, press F5 to refresh the screen. You should no longer have any files listed in c:\MCTS_70642\Ch2\ImageMountFolder.

10. Close the Command Prompt.

Pg. 54 step 9 should read:

Imagex /mountrw “c:\MCTS_70642\Ch2\imagefolder\Server2008fonts.wim” “all installed fonts” “C:\MCTS_70642\Ch2\imagemountfolder”

Pg 61, Paragraph 1 should read:

·  There is no way to upgrade from a previous version of the Windows Server operating system to a Server Core installation. Only a clean installation is supported.

·  There is no way to upgrade from a full installation of Windows Server 2008 to a Server Core installation. Only a clean installation is supported.

·  There is no way to upgrade from a Server Core installation to a full installation of Windows Server 2008. If you need the Windows® user interface or a server role that is not supported in a Server Core installation, you will need to install a full installation of Windows Server 2008.

Pg. 66 Should read:

If you want to install the DHCP services role and the BitLocker Drive Encryption feature on a Server Core installation, use the following commands:

Pg. 66 step 4. Should read:

WMIC ComputerSystem Where name=”%computername%” call Rename Name=”MSN-SC-0XX”

Pg. 67 should read:

You can use Windows Remote Management (WinRM) to configure and manage Server Core installations. As discussed in Chapter 1, WinRM is a suite of tools that allows you to remotely manage your servers. WinRM, rmtshare, and other management utilities are covered in depth in Chapter 11.

Chapter 3

Pg. 83 Should read:

Network Bridges Network bridges connect one or more networks segments. Like a switch, a bridge uses MAC addresses for managing traffic. A bridge learns from the traffic it processes, so it can associate a port with the specific MAC address to which it is connected. After the bridge associates a port and an address, it sends traffic for that address only to that port. This creates more efficient traffic on the network. Bridges work on the Layer 2 of the OSI model.

Pg 83 should read:

•  The Data Link layer is responsible for communications between adjacent network nodes. Bridges and switches operate at the Data Link layer.

Pg 94 Activity table should look like this:

Table 3-10: IPv6 address simplification

Full Address / Simplified Address
1075:0000:0000:0000:0005:0600:300c:422d
ff06::d5
1055:0000:0000:0000:000b:1bda:0041:25ab
abcd:12bc::34:1a
50ab:0353:2003:0001:0000:0000:abaf:0003

Pg 97 should read:

In cases where you cannot contact a DHCP server, even though the client is configured for dynamic addressing, Windows uses Automatic Private IP Addressing (APIPA) to assign a unique random IP address from the usable address range of 169.254.0.1 to 169.254.255.254.

Pg 103, Step 2 should read:

Click Start, Run and enter ncpa.cpl. This will launch the Network Connections console from Control Panel.

Pg 104 Activity 3-10 step 2 should read:

Preferred DNS server: 2001:db8:8765:4321:2 (instead of ::3)

Pg 104 Activity 3-10 step 4 should read:

Netsh interface ipv6 add dnsserver “local area connection” 2001:db8:8765:4321:2

Pg 108, Activity 3-11 should read:

1. On MSN-SC-0XX, type the following netsh command and then press Enter to check the ISATAP status on the computer:

netsh interface isatap show state

2. At the command prompt, enter the following netsh command and then press Enter to enable
ISATAP on the computer:

netsh interface isatap set state enabled

3. Type ipconfig /all and then press Enter to verify that an ISATAP address has been added to your network adapters. If changes do not appear promptly, wait about 30 seconds and rerun ipconfig /all.

4.  4. At the command prompt, enter the following netsh command and then press Enter to dis-able ISATAP on the computer:

netsh interface isatap set state disable

5. Type ipconfig /all and then press Enter to verify that ISATAP has been removed.

Pg 109 should read:

reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v DisabledComponents /t REG_DWORD /d 255

Pg 116 Steps should be added to open the ICMP firewall ports on both servers. The following command will perform the task on both servers:

netsh advfirewall firewall add rule name=”ICMP Allow incoming V4 echo request” protocol=icmpv4:8,any dir=in action=allow

Pg 116 step 4 should read:

tracert 192.168.100.10 > CLI.txt

Pg 122, question 13, answer c should read:

c. 11000000.10101000. 01100100.11010100

At the Completion of this Chapter, all students should disable IPv6 on all current lab machines. The following steps should be completed on each machine:

Disable TCP/IPv6
1. Uncheck “Internet Protocol version 6 (TCP/IPv6)” from all of your connections and adapters and component in the list under “This connection uses the following items.” This will not be an option on Server Core so you will just modify the registry.
2. Open Registry Editor, Regedit.exe
3. Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\
4. Right click on “Parameters”, choose “New”, choose “DWORD (32-bit) Value”
5. Change the name of the key to “DisabledComponents”, set the value to ff and be sure to choose Hexadecimal. This should resolve to a decimal of 255.
6. Restart the computer for the registry value to take effect.

Chapter 4

Pg 134 DHCPInform should read:

If a DHCP client already has an IP address, it sends this type of message to a DHCP server …..

Activity 4-5 (page 142) should read:
10. Return to MSN-SRV-0XX, expand Scope [192.168.100.0] Partner Scope, and click Address Leases. Verify that you see a lease for msn-sc-0XX.bentech.local of 192.168.100.201.


Activity 4-7 (page 144) should read:
10. Return to MSN-SRV-0XX, expand Scope [192.168.100.0] Partner Scope, and then click Address Leases. Verify that you see a lease for msn-sc-0XX.bentech.local of 192.168.100.211. (Press F5 to update the display.)

Pg 145, Activity 4-8 should read:

Description: Your organization has decided to implement a DNS server on your network. This server will provide updated name resolution for your clients. In this activity, you modify the server scope so all scopes in your environment use the DNS server, 192.168.100.10.

1.  Start Server Manager on the MSN-SRV-0XX computer.

2.  In the left pane of Server Manager, expand the Roles section and the DHCP Server role and then click MSN-SRV-0XX. The DHCP Server administration console opens.

3.  In the left pane, expand IPv4 and then click Server Options.

4.  Click More Actions and then click Configure Options.

5.  In the Server Options dialog box, click 006 DNS Servers and then enter 192.168.100.10 in the String Value text box.

6.  Click OK to close the Server Options dialog box.

7.  Verify that the server option for DNS Servers appears in the Server Options pane.

8.  Log onto MSN-SC-0XX, if necessary.

9.  In the Command Prompt, type ipconfig /renew.

10.  Type ipconfig /all to verify the new settings. You should now receive a new DNS server of 192.168.100.10.

11.  Leave the DHCP console open for the next activity.

Pg 154, should read:

Windows Server 2008 performs an automated backup of the DHCP database every 60 minutes to the %systemroot%\ dhcp\backup directory...

Pg 154 should read:

Like automatic backups, manual backups are stored in the %systemroot%\ dhcp\backup folder by default.

Chapter 5

Pg 167 Activity 5-1, Step 11 should read:

Open a command prompt from the Start menu and then enter the following command to change the IP address and DNS information:

netsh int ip set address name=“Local Area Connection” static 192.168.100.10 255.255.255.0

Pg 167 Activity 5-1, Step 13 should read:

At the command prompt, enter the following command to change the Internet Protocol version 4 (IPv4) address:

netsh int ip set address name=“Local Area Connection” static 192.168.100.20 255.255.255.0

Pg. 169 Activity5-2 Note should read:

For this activity, your server needs to have access to the Internet and be able to resolve Internet-based DNS zones.

Pg. 172 Activity 5-4 step 1 should read:

On the MSN-SRV-0XX computer, open a command prompt form the Start menu, type ncpa.cpl and then press Enter to open the Network Properties windows.

Pg. 172 Activity 5-4 step 7 should read:

At the command prompt, type nslookup cengage.com and then press Enter. You should receive an error message because you do not have DNS name resolution from 192.168.100.10.

Pg. 172 Activity 5-4 step 8 should read:

At the command prompt, type nslookup cengage.com 4.2.2.1 and then press Enter. This forces nslookup to query the name server at 4.2.2.1 instead of your preferred DNS server. This time, you should receive a nonauthoritative answer for cengage.com of 69.32.133.79. If the IP address is different, it simply means that the record for cengage.com has been changed.

Pg. 185, Activity 5-9 have the following step inserted as step 11 and renumber remaining steps:

11.  In the command prompt, enter the following commands. You will need to wait for each to complete before entering the next.