You are the network administrator for a company that has decided to start using Windows containers. You download the wrong image from Docker. What command allows you to delete an image? A. docker del B. docker rm C. docker kill D. docker dl
You are the network administrator for a company that has decided to start using Windows containers. You want to create a new container. What command should you use? A. docker create B. docker build container C. docker new D. docker build
You are the network administrator for a company that has decided to start using Windows containers. You have built a number of containers. What PowerShell command allows you to view them? A. docker view B. docker see C. View- Container D. Get- Container
You are the network administrator for a company that has decided to start using Windows containers. You have created some images. What command allows you to see your images? A. docker images B. docker info C. docker view D. docker see
You are the administrator for an organization that has started using containers. You need to build and use a Dockerfile. You want to compile and create an image using the Dockerfile. What command do you use? A. Docker run B. Docker rm C. Docker build D. Docker compile
You are the administrator for an organization that has started using containers. You need to build and use a Dockerfile. You want to execute commands within the Dockerfile. What command should you use? A. Docker run B. Docker rm C. Docker build D. Docker compile
You are the network administrator for a company that has decided to start using Windows containers. You want to delete a container. What PowerShell command allows you to do that? A. docker delete B. docker kill container C. Remove- Container D. Delete- docker- Container
You are the administrator for an organization that has started using containers. You need to build a new image using Windows Server Core. What command would you use to get a Windows Server Core image? A. Docker run microsoft/windowsservercore B. docker pull microsoft/windowsservercore C. Docker build microsoft/windowsservercore D. Docker get microsoft/windowsservercore
You have a Windows Server 2022 server named Server1. Server1 has the Web Server (IIS) server role installed. Server1 hosts an ASP.NET Core web app named WebApp1 and the app’s source files. You install Docker on Server1. You want to ensure that you can deploy WebApp1 to an Azure App Service web app from the Azure Container Registry. Which three actions should you perform in sequence? (Choose three.) A. Run the docker push command. B. Run the docker run command. C. Run the docker build command. D. Create a Dockerfile. E. Run the docker pull command.
How do you add another virtual disk to an Azure virtual machine? A. Use the Virtual Hard Disk Wizard. B. Use the Edit Virtual Hard Disk Wizard. C. Choose Disks from the VM options. D. Use the New Virtual Machine Wizard.
In this section, you will get an overview of just some of the available Azure virtual machine settings. You can configure all of these settings by using the Azure portal, PowerShell, Azure CLI, or the Windows Admin Center.
The Azure Virtual Machine Settings page includes the following settings:
Networking The Networking section (shown in Figure 12.25) allows you to set up and configure the Inbound Rules, Outbound Rules, Application Security Groups, and Load Balancing settings. Setting Inbound and Outbound rules can help protect your network by stopping unauthorized traffic.
FIGURE 12.25 VM Networking settings
Connect The Connect section allows you to configure which protocols that you want to use to connect to the virtual machine. Here you can specify the protocols (RDP, SSH, and Bastion) that you want to use to connect to the VM.
Windows Admin Center The Windows Admin Center is a utility that allows you to manage servers, clients, clustering, and Azure VMs. The Windows Admin Center can be deployed in two different ways.
You can download the Windows Admin Center for free directly from Microsoft and then install it onto a server or a Windows client (Windows 10/11).
Also, Azure allows you to use the Windows Admin Center directly from Azure. There is no need to install the Windows Admin Center into Azure. By clicking the Windows Admin Center link, you can configure your settings and connect to your servers. Disks The Disks setting section allows you to create and manage your virtual machine hard drives. The Disks settings let you attach an existing or create a new virtual hard disk. You can also click the Additional Settings link to configure the virtual hard disk encryption.
Size One of the best advantages of using Azure is the ability to quickly and easily change the size of your VM based on the needs for CPU, network, or disk performance (see Figure 12.26). Remember, the more resources that you add to the VM, the more it’s going to cost your organization.
FIGURE 12.26 VM Size settings
Microsoft Defender for Cloud Microsoft Defender for Cloud constantly examines the configuration of your virtual machines to identify possible security vulnerabilities and recommends actions to help solve the issues.
Advisor Recommendations The Azure VM Advisor delivers relevant best practices so that an administrator can improve reliability, security, and performance, and reduce costs. You can target a specific server, resource, resource group, or subscription to verify that the servers and services are running to get the best performance. Access the Advisor through the Azure portal, the Azure CLI, or the Advisor API.
Extensions + Applications Azure Virtual Machine Extensions are smaller applications that run on Azure VMs. Azure Virtual Machine Extensions allow post- deployment configuration and automation of the Azure VMs. Azure has many different extensions that allow you to set up configuring, monitoring, security, and utility applications. You just need to provide mandatory parameters. You can view the available extensions by choosing a VM, then selecting Extensions from the left menu.
Azure VM extensions can be managed using the Azure CLI, PowerShell, Resource Manager templates, and the Azure portal. To try an extension, go to the Azure portal, select the Custom Script Extension, then pass in a command or script to run the extension.
Open a PowerShell window with administrative rights.
Type docker info at the PowerShell prompt. You should only have one container at this time.
Next we need see what images are in our repository. To do this, type docker images in the PowerShell window. This will show you your Docker images (see Figure 12.10).
FIGURE 12.10 Docker images
4. We need the Image ID from the Nano Server or Server Core that we downloaded in Exercise 12.2. The Image ID for my Nano Server is d9bccb9d4cac. We will use this ID to turn the image into a container. Type the following at a PowerShell prompt (your Image ID will be different) and press Enter (see Figure 12.11):
docker run d9bccb9d4cac
FIGURE 12.11 Docker run command
5. Type docker info at the PowerShell prompt. You should now have two containers instead of just one (see Figure 12.12).
EXERCISE 12.3
6. Close PowerShell.
Tagging an Image
You can change the tags associated with the images. Many administrators use tag names as version names so that they can keep track of the various images on their machine.
Having tags that you create allows you to easily access the images later by their tag names. To tag an image, you use the -t parameter. So to tag an image as WillPanekImage, you’d use the following:
docker build – t WillPanekImage
Uninstall an Operating System Image
One of the maintenance issues that many IT administrators must deal with is hard drive space. As you are downloading and using images, there may be a time when you need to remove images from your server that are no longer being used.
If you continue to download and use multiple images files, make sure that every once in a while you look at all of your images and delete any that are no longer valid or no longer in use.
Exercise 12.4 will show you how to remove an image file from your host system. To complete this exercise, make sure that you have completed the earlier exercises in this chapter.
EXERCISE 12.4
Uninstalling an Image
Open a PowerShell window with administrative rights.
Type docker images and get the ID number of the Nano Server image.
Type docker rmd9bccb9d4cac (replace d9bccb9d4cac with your ID number).
Windows containers are independent and isolated environments that run an operating system. These isolated environments allow you to place an application into its own container, thus not affecting any other applications or containers.
Think of containers as virtual environments that are used to run independent applications. They load much faster than virtual machines, and you can run as many containers as needed for all of the applications that you run.
One of the nice advantages of using Windows containers is that the containers can be managed the same way you manage an operating system. A container works the same way as a newly installed physical or virtual machine. So, once you know how to configure these containers, management is much easier than configuring a physical machine.
There are two different types of Windows containers:
Windows Server Containers This container allows you to isolate applications so they can run in their own space and not affect other applications. The question that you may be asking is, why not use a virtual machine? Well, the advantage of Windows Server containers is that they are already prebuilt and you don’t need all the other services that a virtual machine would need to run. So Windows containers are smaller, faster, and more efficient when isolating applications. In a Windows Server container, the kernel is shared between all the different Windows containers.
Hyper- V Containers Hyper- V containers and Windows containers work the same way. The difference between the two is that Hyper- V containers run within a virtual machine and the Windows containers don’t need to run in a Hyper- V environment. In a Hyper- V container, the container host’s kernel is not shared between the other Hyper-V containers.
Container Terminology
As with any new technology, it is important to understand the terminology that goes along with that new technology. The first thing that you may have noticed is that a container works a lot like a virtual machine. Just like a virtual machine, the container has a running operating system within the container.
The container, which has a filesystem, can also be accessed through the network the same way you access a virtual machine. The advantage is that a container is a more efficient operating system. But to truly understand how containers work, you need to understand all of the components that allow containers to function properly:
Container Host This component can be on a physical or virtual machine, and it’s the component that is configured with the Windows container feature. So the Windows container sits on top of the container host.
Container OS Image This component provides the operating system to the container. Containers are made up of multiple images that are stacked on top of each other.
Container Image This is the component that contains all the layers of the container. So the container image contains the operating system, the application, and all the services required to make that application function properly.
Container Registry This component is the heart and brain of the container. The container images are kept within the container’s registry. The advantage of doing containers this way is that you can download other registries to automatically add other applications or services quickly.
Docker Daemon This is the component that runs the Docker application. The Docker daemon is automatically installed after you complete the installation of the Docker application.
Dockerfile This component is used to create the container images. The advantage of using the Dockerfile is that you can automate how containers are created. Dockerfiles are batches of instructions (within a text file) and commands that are called on when an image is assembled.
Docker Hub Repositories This component is a location where all of your images are stored. By having a central location for stored images, the images can be used among coworkers and customers, or for the entire IT community. There are Docker hub repositories on the Internet where you can grab and use images for your organization.
Install and Configure Server Containers
So now that we have talked about the different components of a container, it’s time to look at installing containers on your Windows Server 2022 system. When it comes to Microsoft, it doesn’t matter if we are installing containers on a GUI- based system or non- GUI- based system. We are going to install the components needed by using Windows PowerShell.
But before we can look at installing and using containers, I need to show you what is required on the Windows Server 2022 system. So, the first step in using containers is looking at what we need on our network and computers for containers to run properly.
Requirements
Now that you have decided to work with containers, you must make sure that your network meets the minimum requirements to install and work with Windows containers:
■The Windows container feature is available on Windows Server 2022, Windows Server (Semi- Annual Channel), Windows Server 2019, Windows Server 2016, and Windows 10 Professional and Enterprise Editions (version 1607 and later).
■The Hyper- V role must be installed before running Hyper-V isolation.
■Windows Server Container hosts must have Windows installed to C:. This restriction does not apply if only Hyper- V isolated containers will be deployed.
Here are the requirements if you are going to be running virtualization with containers:
■For systems running the Hyper- V containers, the Hyper- V role must be installed on the system.
■If you are going to run a Windows container host from a Hyper-V virtual machine (and also hosting Hyper- V containers), you will need to enable nested virtualization. Nested virtualization also has some requirements:
■Operating system that allows nested virtualization (Windows Server 2022).
■Minimum of 4 GB of RAM available to the virtualized Hyper- V host.
■The processor needs to use Intel VT- x (this is only available for Intel processors).
■Two virtual processors for the container host VM.
On a domain controller, open the Group Policy Management Console.
In the Group Policy Management Console, expand the following path: Forest ➢ Domains ➢ Group Policy Objects. Make sure the domain you choose contains the BranchCache Windows 7/Windows 8 client computer accounts that you want to configure.
In the Group Policy Management Console, right- click Group Policy Objects and select New. Name the policy BranchCache Client and click OK. Right- click BranchCache Client and click Edit. The Group Policy Management Editor console opens.
4. In the Group Policy Management Editor console, expand the following path:
Computer Configuration ➢ Policies ➢ Windows Settings ➢ Security Settings ➢ Windows Firewall With Advanced Security ➢ Windows Firewall With Advanced Security – LDAP ➢ Inbound Rules.
5. Right- click Inbound Rules and then click New Rule. The New Inbound Rule Wizard opens.
6. On the Rule Type screen, click Predefined, expand the list of choices, and then click BranchCache – Content Retrieval (Uses HTTP). Click Next.
7. On the Predefined Rules screen, click Next.
8. On the Action screen, ensure that Allow The Connection is selected and then click Finish. You must select Allow The Connection for the BranchCache client to be able to receive traffic on this port.
9. To create the WS- Discovery firewall exception, right- click Inbound Rules and click New Rule. The New Inbound Rule Wizard opens.
10. On the Rule Type screen, click Predefined, expand the list of choices, and then click BranchCache – Peer Discovery (Uses WSD). Click Next.
11. On the Predefined Rules screen, click Next.
12. On the Action screen, ensure that Allow The Connection is selected and then click Finish.
13. In the Group Policy Management Editor console, right- click Outbound Rules and then click New Rule. The New Outbound Rule Wizard opens.
14. On the Rule Type screen, click Predefined, expand the list of choices, and then click BranchCache – Content Retrieval (Uses HTTP). Click Next.
15. On the Predefined Rules screen, click Next.
16. On the Action screen, make sure that Allow The Connection is selected and then click Finish.
17. Create the WS- Discovery firewall exception by right- clicking Outbound Rules and then clicking New Rule. The New Outbound Rule Wizard opens.
18. On the Rule Type screen, click Predefined, expand the list of choices, and then click BranchCache – Peer Discovery (Uses WSD). Click Next.
19. On the Predefined Rules screen, click Next.
20. On the Action screen, make sure that Allow The Connection is selected and then click Finish. Close the Group Policy Management console.
Now that you have looked at the distributed cache mode configuration, let’s take a look at the hosted mode configuration.
Hosted Mode Requirements
To set up a hosted mode BranchCache configuration, you must first set up a Windows Server 2022 hosted cache server at the main and branch offices. You also need to be running Windows 7 or above (except for home versions) at the branch offices.
The Windows client machines download the data from the main cache server, and then the hosted cache servers at the branch offices obtain a copy of the downloaded data for other users to access.
Your network infrastructure must also allow for physical connections between the main office and the branch offices. These connections can be VPNs or some type of WAN links. After these requirements are met, your cache server must obtain a server certificate so that the client computers in the branch offices can positively identify the cache servers.
Exercise 11.17 walks you through the process of installing the BranchCache feature on a Windows Server 2022 machine. To begin this exercise, you must be logged into the Windows Server 2022 machine as an administrator.
EXERCISE 11.17
Installing BranchCache on Windows Server 2022
Open Server Manager by clicking the Server Manager icon or by running server manager.exe.
Select Add Roles And Features.
Click Next in the Before You Begin pane (if shown).
Select role- based or feature- based installation and click Next to continue.
Select the Select A Server From The Server Pool option and click Next.
At the Select Server Roles screen, click Next.
At the Select Features screen, click the check box for BranchCache (see Figure 11.26). Then click Next.
FIGURE 11.26 BranchCache option
8. Check the Restart The Destination Server If Required option and then click Install. If a dialog box appears about restarting, click Yes. The system should restart.
9. After the system restarts, log in as the administrator.
Windows Server has come a long way in terms of its file and storage capabilities. I have talked quite a bit about the new features and functionality provided in Windows Server 2022. In this section, you will take a closer look at some of the advanced configuration options available in the Network File System (NFS), BranchCache, and the File Server Resource Manager (FSRM).
Configure the NFS Data Store
The NFS role service and feature set gives IT administrators the ability to integrate a Windows Server–based environment with Unix- based operating systems. Most corporate environments today consist of a mixed operating system infrastructure to some extent. Using a Windows NFS file server, you can configure file shares for use by multiple operating systems throughout the environment.
Windows Server 2022 takes those capabilities even further by enabling you to integrate with platforms such as ESXi. ESXi is vMware’s exclusive operating system–independent hypervisor. ESXi is referred to as a bare- metal operating system because once it is installed on server virtualization hardware, guest virtual machines can be installed without requiring the use of any other underlying operating system. With Windows Server 2022, you can use an NFS share efficiently as an ESXi data store to house all of your guest virtual machines.
Let’s take a look at configuring an NFS data store in Exercise 11.15.
For this exercise, you will need the following:
■A Windows Server 2022 server
■A vMware ESXi 5 server
EXERCISE 11.15
Configure the NFS Data Store
Open Server Manager on your Windows Server 2022 machine.
Launch the Add Roles And Features Wizard from the dashboard.
Install the Server for NFS role on the server. A reboot is not required.
Create a new folder on your server named NFS_Datastore, right- click and select Properties, and then navigate to the NFS Sharing tab.
Click the Manage NFS Sharing button to open the NFS Advanced Sharing page and then check the Share This Folder box. Notice how enabling the share also enables the share’s default settings. The share settings let you configure share authentication and user access further if the need arises. The default settings will work just fine for this exercise.
Click the Permissions tab to open the NFS Share Permissions page. This is where you will configure the type of access that will be allowed by machines accessing this NFS data store. By default, the NFS share permissions are set to Read- Only and do not include root access. For this exercise, you will need to change the type of access to Read- Write and check the box to allow root access.
Click OK to close the NFS Share Permissions page and then click Apply and OK on the NFS Advanced Sharing page. Your new NFS share is now built, ready to be presented as an NFS data store to a VMware ESXi host. Be sure to record the network path displayed on the NFS Sharing tab of the share’s Properties page. You will need that information to perform a proper mount on the ESXi host.
Switch to your ESXi host and launch the Add Storage Wizard from the Configuration tab.
On the Select Storage Type page of the wizard, select the Network File System storage type; click Next to continue to the Locate Network File System page.
On this page of the wizard, you will fill in the server and folder information for the NFS share that you will be using as a vSphere data store. Using the information recorded from step 7, properly fill out the server and folder fields and then name your new data store.
Click Next to continue to the Ready To Complete page of the wizard. Review the information and click Finish. Once the Create NAS data store task completes on the ESXi host, you are ready to use your Windows Server 2022 shared folder as a vSphere ESXi data store.
The previous exercise shows how versatile Windows Server 2022 shares can be. The same principles can be applied to making Windows Server shares available to other Unix- based operating systems such as ESXi. Now that you have configured an NFS data store, let’s take a look at what BranchCache has to offer.
Configure BranchCache
BranchCache is a technology that was introduced with Windows Server 2008 R2 and Windows 7. BranchCache allows an organization with slower links between offices to cache data so that downloads between offices do not have to occur each time a file is accessed.
For example, John comes into work and logs into the network. John accesses the corporate website and downloads a media file that takes four minutes to download. With BranchCache enabled, when Judy comes into work, connects to the corporate website, and tries to download the same media file, the file will be cached from the previous download and Judy will have immediate access to the file.
You can set up two types of BranchCache configurations:
Distributed Cache Mode In the distributed cache mode configuration, all Windows client machines cache the files locally on the client machines. Thus, in the previous example, after John downloaded the media file, Judy would receive the cached media file from John’s Windows 7 version or above (except for home versions).
Hosted Mode In the hosted mode configuration, the cache files are cached on a local
(within the site) Windows Server 2022 machine. So, in the previous example, after
John downloads the media file, the cached file would be placed on a Windows Server 2022 machine by default, and all other users (Judy) would download the media file from the Windows Server 2022 machine.
Distributed Cache Mode Requirements
If you decide to install BranchCache in the distributed cache mode configuration, a hosted cache server running Windows Server 2022 is not required at the branch office. To set up distributed cache mode, the client machines must be running Windows 7 or above (except for home versions).
The Windows client machines would download the data files from the content computer at the main branch office, and then these machines become the local cache servers. To set up distributed cache mode, you must install a content computer (the computer that will hold the original content) at the main office first. After the content server is installed, physical connections (WAN or VPN connections) between the sites and branch offices must be established.
Client computers running Windows 7 Enterprise or higher (from versions listed above) have BranchCache installed by default. However, you must enable and configure BranchCache and configure firewall exceptions. Complete Exercise 11.16 to configure BranchCache firewall rule exceptions.
The cipher command is useful when it comes to EFS. Cipher is a command- line utility that allows you to change and/or configure EFS. When it comes to using the cipher command, you should be aware of a few things:
■You can decrypt files by running Cipher.exe in the command prompt window (advanced users).
■You can use Cipher to modify an EFS- encrypted file.
■You can use Cipher to import EFS certificates and keys.
■You can also use Cipher to back up EFS certificates and keys.
Let’s take a look at some of the switches that you can use with cipher. Table 11.4 describes many of the cipher switches you can use. This table comes from Microsoft’s TechNet site. Microsoft continues to add and improve switches, so make sure you check Microsoft’s website to see whether there are any changes.
TABLE 11.4 Using the cipher switches
cipher switch
Description
/e
This switch allows you to encrypt specified folders. With this folder encrypted, any files added to this folder will automatically be encrypted.
/d
This switch allows you to decrypt specified folders.
/s: dir
With this switch, the operation you are running will be performed in the specified folder and all subfolders.
/i
By default, when an error occurs, cipher automatically halts. By using this switch, cipher will continue to operate even after errors occur.
/f
The force switch (/f) will encrypt or decrypt all of the specified objects, even if the files have been modified by using encryption previously. Cipher, by default, does not touch files that have been encrypted or decrypted previously.
/q
This switch shows you a report about the most critical information of the EFS object.
/h
Normally, system or hidden files are not touched by encryption. By using this switch, you can display files with hidden or system attributes.
/k
This switch will create a new file encryption key based on the user currently running the cipher command.
/?
This shows the cipher help command.
Configuring Distributed File System
One problem that network administrators have is deciding how to share folders and communicating to end users how to find the shares. For example, if you share a folder called StormWind Documents on server A, how do you make sure your users will find the folder and the files within it? The users have to know the server name and the share name. This can be a huge problem if you have hundreds of shares on multiple servers. If you want to have
multiple copies of the folder called StormWind Documents for fault tolerance and load balancing, the problem becomes even more complicated.
Distributed File System (DFS) in Windows Server 2022 offers a simplified way for users to access geographically dispersed files. DFS allows you to set up a tree structure of virtual directories that allows users to connect to shared folders throughout the entire network.
You have the ability to take shared folders that are located on different servers and transparently connect them to one or more DFS namespaces— virtual trees of shared folders throughout an organization. The advantage of using DFS is that if one of the folders becomes unavailable, DFS has failover capability that will allow your users to connect to the data on a different server.
You can use the DFS tools to choose which shared folders will appear in the namespace and also to decide how the names of these shared folders will show up in the virtual tree listing.
Advantages of DFS
One of the advantages of DFS is that when a user views this virtual tree, the shared folders appear to be located on a single machine. These are some of the other advantages of DFS:
Simplified Data Migration DFS gives you the ability to move data from one location to another without the user needing to know the physical location of the data. Because the users do not need to know the physical location of the shared data, you can simply move data from one location to another.
Security Integration You do not need to configure additional security for the DFS shared folders. The shared folders use the NTFS and shared folder permissions that you have already assigned when the share was set up.
Access- Based Enumeration (ABE) This DFS feature (disabled by default) displays only the files and folders that a user has permissions to access. If a user does not have access to a folder, Windows hides the folder from the user’s DFS view. This feature is not active if the user is viewing the files and folders locally.
Types of DFS
The following are types of DFS:
DFS Replication (DFSR) You have the ability to manage replication scheduling and bandwidth throttling using the DFS management console. Replication is the process of sharing data between multiple machines. Replicated shared folders allow you to balance the load and have fault tolerance. DFS also has read- only replication folders.
DFS Namespace The DFS Namespace service is the virtual tree listing in the DFS server. You can set up multiple namespaces on the DFS, allowing for multiple virtual trees within DFS. The DFS Namespace service was once known as Distributed File System in Windows 2000 Server and Windows Server 2003 (in case you still use Server 2003).
In Exercise 11.13, you will install the DFS Namespace service on the file server. You need to start the installation using the Server Manager MMC.
EXERCISE 11.13
Installing the DFS Namespace Service
Open Server Manager by clicking the Server Manager icon or running server manager.exe.
Select Add Roles And Features from the dashboard.
Select Next in the Before You Begin pane (if shown).
Select Role-B ased or Feature-Based installation and click Next to continue.
Select the Select A Server From The Server Pool option and click Next.
On the Select Server Roles screen, expand File And Storage Services and select the DFS Namespace and DFS Replication options (see Figure 11.20). Then click Next. If a dialog box appears, click the Add Features button.
FIGURE 11.20 Select Server Roles
7. At the Select Features screen, click Next.
8. At the Confirmation screen, click the Install button.
9. After the installation is complete, click the Close button.
10. Close Server Manager.
Once you have installed DFS, it’s time to learn how to manage DFS with the DFS Management MMC. The DFS Management console (see Figure 11.21) gives you one place to do all of your DFS configurations. The DFS Management console allows you to set up DFS Replication and DFS Namespace. Another task you can do in the DFS Management console is add a folder target— a folder that you add to the DFS namespace (the virtual tree) for all your users to share.
Database Cloning
For the first time ever in DFS, Windows Server 2022 includes a new DFS database cloning function. This new feature allows you to accelerate replication when creating folders, servers, or recovery systems. You will now have the ability to extract the DFS database from a single DFS server and then clone that database to multiple DFS servers.
You can use PowerShell and the Export- DfsrClone cmdlet to export the volume that contains the DFS database and configuration XML file settings. When you execute this PowerShell cmdlet, a trigger is engaged that exports the DFS service, and the system will not proceed until the service is completed. You then use the PowerShell cmdlet Import- DfsrClone to import the data to a specific volume. The service will then validate that the replication was transferred completely.
Recovering a DFS Database
Windows Server 2022 DFS database recovery is a feature that allows DFS to detect a corrupted database, thus allowing DFS to rebuild the database automatically and continue with normal operations of DFS replication. One advantage to this is that when DFS detects and fixes a corrupted database, it does so with no file conflicts.
Before the introduction of this feature, if a DFS database were determined to be corrupted, DFS Replication would delete the database and start again with an initial nonauthoritative sync process. This would cause newer file versions to be overwritten by older data, causing real data loss.
DFS in Windows Server 2022 uses local files and an update sequence number (USN) to fix a corrupted database, ensuring no loss of data.
Optimizing DFS
Windows Server 2022 DFS allows you to configure variable file staging sizes on individual DFS servers. This allows you to set a minimum file size for a file to stage. This increases the staging size of files, and that in turn increases the performance of the replication.
Prior to Windows Server 2022, DFS Replication used a hard- coded 256 KB file size to determine staging requirements. If a file size were larger than 256 KB, that file would be staged before it replicated. The more file staging that you have, the longer replication takes on a DFS system.
To install data duplication, you have two ways to choose from. You can install data duplication through Server Manager or through PowerShell. Let’s take a look at each way. To install data deduplication by using Server Manager:
On the Windows Server 2022 system, open Server Manager.
Click the Add Roles And Features link.
At the Before You Begin screen, click Next.
At the Select Installation Type screen, choose role- based or feature- based installation and then click Next.
Choose the server where you want to install Data Duplication and click Next.
On the Select Server Roles screen, select File and Storage Services ➢ File And iSCSI Services and then select the Data Deduplication option (shown in Figure 11.17). Click Next.
Click Next at the Selected Features screen.
Click the Install button once you’ve confirmed that all options are correct.
Once completed, close Server Manager.
Understanding Data Duplication
FIGURE 11.17 Selecting Data Deduplication
To install data deduplication by using PowerShell:
Click the Start button, then click Windows PowerShell ➢ More ➢ Run As Administrator.
In the Windows PowerShell console, enter the following commands (one at a time) followed by the Enter key: Import- Module ServerManager
Add- WindowsFeature – name FS- Data- Deduplication
Import- Module Deduplication
After you have installed data duplication, you must then enable it on the servers. To enable data duplication in Server Manager, you would need to complete the following steps:
In Server Manager, click File And Storage Services.
Click Volumes. On right side, click the volume where you want to set up Data Duplication. Right- click the volume and choose Configure Data Deduplication (see Figure 11.18).
FIGURE 11.18 Enabling Data Deduplication
3. The New Volume Deduplication Settings Wizard will start. From the Data Deduplication pull- down, choose General Purpose File Server (shown in Figure 11.19). Enter the number of days that should elapse from the date of file creation until files are deduplicated (I used 3 days), enter the extensions of any file types that should not be duplicated (I used .exe), and then click Add to browse to any folders with files that should not be deduplicated ( I included \test share). Click OK once completed. You can also set a deduplication schedule by clicking the Set Deduplication Schedule button.
Monitoring Data Deduplication
Finally, after data deduplication is installed and configured, you will want to monitor the progress of the data deduplication jobs. To do this, you can run the following PowerShell commands (these commands will show you the status of the duplication process):