Академический Документы
Профессиональный Документы
Культура Документы
WDS Pre-requisites
ADDS: What is it neede for?
DNS: What is it needed for? Server Locator
DHCP: What is it needed for? PXE Boot (if the DHCP Server will be on your WDS,
you need to prevent it from listening on UDP port 67.. You also need DHCP optio
n 60 enabled.. this enables the DHCP client to locate the WDS Server.. If the Se
rver is a DHCP Server first, then when you install WDS on that Server, it happen
s automatically.. you only have to do this if you are first a WDS Server and the
n decide to make it a DHCP Server)
- NTFS Volume (for storing images)
- Clients are PXE enabled
+ Post Installation Tasks
- Configure WDS: WDS Configuration Wizard or WDSUtil.exe
You will need to add at least one boot image and one install image to the image
store.
-
# MONITORING
~ Would we really use this in the real world or use a 3rd party monitoring solut
ion?
~ identify a potential performance bottleneck.
~ Viewing and Configuring Centralized Event Logs
~ Configure a Performance Counter Alert
~ You will have centralized event logs and examined these logs for performance-r
elated events.
Features
Network Deployments
PXE Boot capabilities (we can configure the response to PXE Boot)
Dynamic Driver Provisioning
Automating Deployments
Multicast
WDSUti;
Integrating WDS with other products like MDT and SCCM 2012
# Configuring DNS
# Configuring Advanced Auditing
- Auditing is managed through group policy.. So you'll need to create your "Audi
t Policy"
- You want to audit things not people.. things that are taking place on your net
work.. Also from a legal perspective, you dont want to audit people or certain i
ndividuals.. it could violate certain discrimination laws.. You want to audit co
mputers (mainly your servers); folders; objects; files... you also want to audit
both success and failure events
+ Computer Configuration --> Policies --> Windos Settings --> Security Settings
--> (local policies --> Audit Policy)
~ Object access needs to be enabled in the policy and in Windows explorer also (
Security tab --> Advanced --> Auditing --> add everyone --> and both success and
failures)
~ You want to be specific when it comes to object access.. you dont want your lo
gs to be too cluttered
~ Someone has to be responsible for reviewing audit logs for its benefit to be s
een.. It's also beneficial in times when evidence is needed.
- Computer Configuration --> Policies --> Windos Settings --> Security Settings
--> Advanced Audit Policy Configuration --> Audit Policies.
## Also you need to understand how to understand event viewer messages like spec
ial logon e.t.c and also how to export to a syslog server and view your logs fro
m there..