Windows Server
Windows Server is Microsoft’s server OS family. It is the backbone of identity (Active Directory), file/print, virtualization (Hyper-V), and Microsoft application stacks (SQL Server, Exchange, SharePoint, IIS) in most enterprise environments.
Overview
Recent supported versions: 2019, 2022, 2025. Editions split into Standard and Datacenter; Datacenter gives unlimited Windows VM rights and Storage Spaces Direct. Install options: Desktop Experience or Server Core.
Common Roles
- Active Directory Domain Services (AD DS).
- DNS, DHCP.
- File & Storage Services (SMB, DFS, iSCSI).
- Hyper-V virtualization.
- IIS web server.
- Remote Desktop Services (RDS).
- Windows Server Update Services (WSUS).
- Print & certificate services (AD CS).
Active Directory
- Forest → domain → OU → object.
- Group Policy (GPO) — central config push to users/computers.
- Sites & replication; FSMO roles (Schema, Domain Naming, PDC, RID, Infrastructure).
- Kerberos auth; LDAP queries; SYSVOL replication via DFS-R.
- Trust types: external, forest, realm, shortcut.
PowerShell
- Object-pipeline shell —
Get-Service | Where Status -eq 'Running'. - Modules: ActiveDirectory, Hyper-V, DNSServer, GroupPolicy, Pester.
- Remoting:
Enter-PSSession,Invoke-Commandover WinRM. - Desired State Configuration (DSC) for idempotent config.
- PowerShell 7 (cross-platform) coexists with built-in 5.1.
Hyper-V
- Type-1 hypervisor, free with Windows Server.
- Generation 1 (BIOS) vs Generation 2 (UEFI + Secure Boot) VMs.
- Live Migration, Failover Clustering, Storage Migration.
- Checkpoints (standard / production) — not a backup.
- Integration Services for guest enlightenment.
Patching & Hardening
- WSUS, Windows Update for Business, SCCM/Intune, Azure Update Manager.
- Microsoft Security Baselines (Security Compliance Toolkit).
- Disable SMBv1, enforce SMB signing, prefer LDAPS over LDAP.
- LAPS for local admin password rotation.
- Restrict NTLM; deploy Credential Guard, Device Guard.