Explore Windows Server 2025 additions, hardware requirements, and deployment options for physical or virtual servers. Review servicing channels, updates, licensing, activation, and what's new and enhanced versus older editions.

Explore Windows Server 2025 editions—essential, standard, data center, and Azure edition—covering licensing, two included virtual machines, unlimited licenses, and cloud versus on-premises deployment.

Explore how Windows Server 2025 integrates with Microsoft Azure. Create Azure subscriptions, virtual machines, storage accounts, and Azure file shares, and synchronize on-premise Active Directory with Microsoft Intra ID.

Launch Windows Server 2025 as a cloud-optimized Azure Data Center edition VM from the Azure Marketplace; it cannot run on bare metal and updates arrive more quickly via Windows Update.

Explore Hyper-V edition on a bare-metal server that runs only virtual machines, with licensing implications, lifecycle notes for 2016–2019, and a shift toward Datacenter edition for dense VM environments.

Understand the Windows Server 2025 lifecycle, with mainstream support through November 13, 2029 and extended through November 14, 2034, plus an in-place upgrade path from 2012 R2 and security patches.

Determine hardware to install Windows Server 2025: 64-bit processor with DEP and SLAT, 1.4 ghz, 2 gb RAM, 32 gb storage, 1 gbps network adapter, plan server roles and virtualization.

Choose between a clean install and an in-place upgrade to deploy Windows Server 2025, balancing stability and migration efficiency, with clean install reducing cruft.

Learn to create a Windows Server 2025 virtual machine with Hyper-V, using generation 2, 4 GB startup memory with dynamic memory, a boot ISO, and configure networking and storage.

Install Windows Server 2025 in a virtual machine by booting from the ISO, choosing Data Center with the Desktop Experience or Server Core, and configuring the administrator password and sign-in.

Configure post-installation steps by creating isolated private network switches, enabling internet access for activation, setting a static 192.168.1.250 IP with DNS pointing to itself, rename RTS-DC1, and reboot.

Gracefully shut down the VM from the start menu. Or save the session with the orange save icon to resume exactly as is; turn off is a last resort.

License Windows Server by core counts, with 8 cores per processor and 16 cores per server, plus CALs, and activate via manual, KMS, or AD-based methods with DNS/DHCP and 1688.

Evaluate KMS and Active Directory activation for isolated networks, including phone activation, and compare standard and data center editions by 16 core licenses, Hyper-V, and CALs.

Explore using slmgr.vbs, the software licensing manager, to script product keys, view license details with dlv, and enable kms or active directory activation for Windows servers.

Compare Windows Server Core and the desktop experience, decide when to use each, install Server Core, add features, configure via the sconfig command line, and review Windows Server 2025 enhancements.

Install Windows Server 2025 core in Hyper-V, activate the OS, set a static IP, DNS, and computer name RTS-core, and manage via SConfig, Notepad, Regedit, and remote management tools.

Compare the disk size of RTS-DC1 and RTS-Core by inspecting their virtual hard disks through the SCSI controller. RTS-Core is smaller, offering higher security and efficiency with no local GUI.

Windows Server 2025 enhances security with real-time threat detection and automated response, secure core protection, credential guard improvements, hybrid cloud integration, and streamlined container and automation improvements.

Explore workgroups and domains in Windows Server 2025, and map Active Directory components such as user and computer accounts, groups, organizational units, domain controllers, and the global catalog.

Understand workgroups and domains, comparing no centralized authentication with centralized authentication, and learn how domain controllers and Active Directory enable centralized administration, authentication, and scalable user management.

Explore active directory domain services terms, including domains, domain trees, forests, OUs, containers, and domain controllers, and learn how logical and physical components relate to replication, trust, and administration.

Explore domain controllers, servers hosting the Active Directory Domain Services database (NTDS.DIT) and the sysvol for policy objects, and learn how two domain controllers enable Kerberos authentication via the KDC.

Map the ip layout with a domain controller dns server at 192.168.1.250 (no gateway, default subnet mask, loopback 127.0.0.1), rts-core at 192.168.1.252, and rts-svr1 at 192.168.1.251, joined to the domain.

Install Active Directory Domain Services and DNS on the root domain controller, promote to a new forest for rtsnetworking.local, and enable a global catalog while planning for two domain controllers.

Install RTS-SVR1 as a Hyper-V member server, mirroring RTS-DC1, to serve as a file and print server, then activate, set IP 192.168.1.251, DNS 192.168.1.250, and rename to RTS-SVR1.

Join a desktop server to the domain using the rtsnetworking.local domain, verify ip settings, reboot to apply policies, and confirm the computer appears under Active Directory computers or domain controllers.

Active Directory objects manage users, groups, and computers for centralized authentication and access control. Groups simplify permissions, domain join authenticates computers, and trust issues may require rejoining the domain.

Demonstrates creating new user objects in active directory, configuring logon names and upns, setting passwords with change at first logon, and populating office and contact details to aid directory search.

Learn to create new groups in Windows Server 2025, assign members to sales-users and sales-managers, and manage group membership through right-click, search, and the members tab.

Demonstrates setting up a shared folder with group-based permissions in Windows Server 2025, showing sales users read-only and sales managers modify rights, plus creating a scalable group structure.

Join the RTS core to the RTSnetworking.local domain using a domain administrator, restart, and verify the core appears in Active Directory as a domain member.

Promote RTSCore to a domain controller using Server Manager and AD DS, verify replication from RTSDC1, then demote RTSCore via GUI and PowerShell.

Organize domain objects with organizational units and containers, and learn how to apply group policies and delegate permissions for location-based administration.

Demonstrate creating organizational units in Active Directory, delegating control to groups like Help Desk, and applying policies at the OU level, including Paris and its departments.

The global catalog provides a partial attribute set for cross-domain forest queries. In single-domain environments, make every domain controller a global catalog; in multi-site deployments, place one per site.

Explore how to enable or disable the global catalog in Active Directory via the NTDS settings in Sites and Services, by checking or unchecking the global catalog box.

Configure group policy for client computers and users, and manage accounts with domain-based policy objects and preferences. Learn policy processing and inheritance, and use gpupdate and gpresult to troubleshoot.

Explore how group policy objects centralize security settings, including minimum password length, and network settings for users and computers, enable desktop and document redirection, and support application deployment.

Explore the two halves of a group policy object—computer configuration and user configuration—and learn how startup, login scripts, and administrative templates govern system and user settings.

Demonstrates setting up folder redirection with group policy and redirecting documents to a shared HR folder, including basic vs advanced options, UNC paths, permissions, and offline caching.

DCGPOFIX is a built-in Windows Server command line tool that restores the default domain policy and the default domain controllers policy to their original state; back up domain controllers first.

Run the DC GPO fix to repair domain and domain controller policies by targeting domain, DC, or both; handle schema mismatches with the ignore schema option.

Examine group policy preferences, optional configurations delivered by client-side extensions, enabling users to alter settings like the default printer while administrators target rules by OS, IP range, or MAC address.

Master group policy preferences to selectively enable or disable settings, such as power options and lid close actions, using F5–F8, with green and red indicators guiding selective processing.

Control replication and service localization by configuring active directory sites and subnets across global domain controllers, schedule intersite replication, and prefer using local resources first with site-based group policy sparingly.

Create Active Directory sites, assign subnets (172.17.0.0/16 for India, 172.18.0.0/16 for Brazil), and map domain controllers. Then link a GPO to a site to apply policies by IP location.

Explore how group policy applies at four levels: local, site, domain, and organizational unit, processed in the lsdo order, with organizational unit policies strongest and local policies weakest.

Learn to create and link GPOs A, B, and C across Brazil, domain, and Paris, resolve conflicts by precedence and enforcement, and manage security filtering and scope.

Explore hands-on gpupdate and gpresult steps, create a go green power plan via a GPO, and generate an HTML RSOP report to verify policy application.

Apply least privilege by using two accounts, admin and non-admin, granting sales users read access only and restricting read/write to a New York sales users group.

Delegate tailored rights with the delegation of control wizard to non-admin users in a domain, enabling tasks like resetting passwords and creating but not deleting accounts.

Demonstrates least privilege and delegated administration in Active Directory: create IT_admins, delegate permissions to manage users, reset passwords, group memberships, and group policy links, without full domain admin rights.

Manage on-premise and cloud resources through a single web-based console. Install Windows Admin Center on a client or server to administer servers, failover clusters, Hyper-V, Windows clients, and Azure resources.

Download Windows Admin Center from the Microsoft eval center as an MSI, install with Express Setup, and use a self-signed certificate for 60 days; access via the URL.

Master remote server management with Windows Admin Center, viewing stats and events, configuring shares and file permissions, firewall rules, and PowerShell-driven actions across domain controllers and Azure integrations.

Manage local and remote servers with Server Manager, configuring IPs, updates, event logs, and services. Use Best Practice Analyzers and connect to Azure for cloud access.

Use rsat to remotely manage server roles on a windows 10 or 11 client by turning on optional features and installing tools like active directory, dhcp, dns, and group policy.

Install RSAT on a Windows 11 client to remotely manage Active Directory, Group Policy, DNS, and Server Manager without needing to log into a domain controller.

Discover Windows PowerShell as a unified command line and scripting language; learn about cmdlets and modules, explore the console and PowerShell ISE GUI, and use IntelliSense to navigate verb-noun commands.

Use PowerShell help to find commands, view syntax, and access examples with get-help and dash full. Explore PowerShell ISE and IntelliSense for VPN connection scripting via a form-driven workflow.

Explore how DHCP assigns IP addresses, install and configure the DHCP role, create and manage DHCP scopes, authorize in Active Directory, and ensure high availability with failover.

Automate client IP configuration with DHCP scopes, using the DORA (discover, offer, request, ACK) sequence and lease renewals at 50% and 87.5% of the eight-day default.

Install and configure the DHCP role using Windows Admin Center, Server Manager, or PowerShell, ensuring management tools are included, create DHCP administrators and users groups, and configure address ranges.

Demonstrate installing and authorizing a DHCP server in a Windows Server 2025 lab, including static IP prerequisites, subnet planning, post deployment configuration, and DHCP administrators and DHCP users groups.

Plan a dhcp scope named building a with 192.168.1.1 to 192.168.1.254, excluding 1–25 and 250–254 for static addresses. Ranges can't be adjusted after creation; set gateway 192.168.1.1 and dns 192.168.1.250.

Create a dhcp scope named Building A for the 192.168.1.0/24 range with exclusions, set the gateway to 192.168.1.1 and define dns servers, then activate and authorize the scope.

Download and install Wireshark to capture and analyze traffic, including DHCP packets, across Windows 64-bit, Ubuntu, and Mac OS.

Demonstrates using wireshark to capture dhcp traffic on windows server, showing ipconfig release/renew, dhcp discover, offer, request, and acknowledge, then switching from dhcp to a static 192.168.1.251 with dns 192.168.1.250.

Explore DHCP policies and filters for remote access VPN clients, assign encapsulated IPs, and manage server versus scope options with MAC-based allow/deny lists.

Demonstrates backing up and restoring DHCP, including creating a backup folder under C:\Windows\System32\DHCP\backup, restoring a deleted scope, and relying on automatic 60-minute backups.

Configure DHCP high availability by adding a second DHCP server, enabling load balanced failover, and understanding maximum client lead time and state switchover interval for seamless failover.

Explore dns components, records, and zone types; configure zones across multiple dns servers, enable forwarding and replication, and integrate with Active Directory for reliable name resolution.

Explore the DNS big picture, including public and private namespaces, domain names, top-level domains, fully qualified domain names, and how DNS zones and resource records enable name resolution.

Explore how dns resolution moves from client cache and host file to recursive servers and root domains, with iterative versus recursive queries and Windows tools like ipconfig.

Explore common DNS records—A (host) and AAAA, CNAME alias, SRV service records, and PTR reverse lookups—and understand forward versus reverse name resolution and dynamic DNS updates.

Explore DNS records that map host names to IPs (host A, host quad A, and CNAME), SRV MSDCS records that locate domain controllers and Kerberos services across AD sites.

Explore DNS zones, including forward and reverse lookup zones, and learn how primary, secondary, stub, and Active Directory integrated zones store and replicate resource records across domain controllers.

Explore DNS zone types: primary, secondary, stub, and Active Directory integrated zones, and learn how replication, caching, and secure dynamic updates optimize name resolution.

Create a stub zone RTSNetworking.com with master 192.168.1.250; a stub stores only name server records, start of authority, and an A record for DNS servers.

Explore reverse lookup zones that map IP addresses to names, complementing forward lookups. Create a reverse zone for each subnet, such as 192.168.1.0, using 1.168.192.in-addr.arpa, with secure dynamic updates.

Explore dynamic updates in an Active Directory Integrated zone, and see how domain membership affects options like none, non-secure, and secure updates, with the default being secure only.

Explore how DNS forwarding and root hints enable internet name resolution: configure forwarders, conditional forwarders, and a root zone to isolate networks, or rely on root hints for iterative resolution.

Learn how aging and scavenging manage DNS records, with no refresh and refresh intervals controlling updates. Configure per zone or server, and understand when stale records get scavenged.

Master windows server file system management by configuring NTFS and share permissions, understanding permission inheritance for folder structures, and deploying File Server Resource Manager for quotas and file screens.

Master file and folder security on NTFS and Resilient File System. Learn to use the security tab to assign group permissions: read, read and execute, write, modify, and full control.

Understand how NTFS permissions combine across group memberships to yield the effective permission. See how read and modify rights apply to a folder, and why deny trumps allow.

Use advanced effective access in Active Directory to see a user’s permissions from group memberships, such as Bob Ross’s read, write, and delete rights from Sales Managers and Sales Users.

Explore advanced permissions in Windows Server 2025 by configuring delete subfolders and files for sales managers, using special permissions that apply to subfolders and files to protect the parent folder.

Learn to share folders with NTFS and share permissions, and understand how read, modify, and full control relate to the lowest share and highest NTFS permissions for effective access.

Learn how folder permissions inherit from parent folders, disable and convert inherited permissions to explicit settings, and simplify access control when managing sales subfolders.

Explore File Server Resource Manager (FSRM) for per-folder quotas that monitor space, enforce hard limits, and trigger notifications, plus file screens that block undesired extensions.

Install the File Server Resource Manager via roles and features on RTS-DC1, selecting File and Storage Services and accepting defaults, then verify FSRM appears in Tools and Server Manager.

Create quotas in File Server Resource Manager with custom properties and hard limits. Apply quota templates to folders like Marketing and Finance, and configure notifications and reports.

Demo storage reports in Windows Server 2025 Administration by scheduling reports, selecting data like user files, choosing formats (web, csv, text), and delivery options (email or local save).

Explore how basic disks use partitions and dynamic disks create volumes, enabling span, striped, mirrored, and RAID 5 configurations with varying fault tolerance.

Create and manage a Windows Server 2025 storage pool with three disks, then configure a virtual disk using a simple layout and NTFS volumes (e drive and q drive).

Enable data deduplication to consolidate duplicates and compress data, reducing storage costs with 30–50% savings on user documents, 50–60% on file shares, and up to 80–95% for virtualization libraries.

Explain how data deduplication scans files by optimization policies, chunks data into A, B, C, D, and E, stores unique chunks, and rebuilds files with reparse points.

Learn how data deduplication halved a 100 GB server to 50 GB, enabling faster backups and restores while preserving dedupe state with Windows Server Backup.

Install and configure data deduplication on a Windows file server. Use the ddp eval tool to estimate savings, then tailor schedules, filters, and resource usage for optimal performance.

Explore DFS namespace and DFS replication, learn how to implement them, decide when to use one or the other, and see how they can operate independently or together.

Delve into DFS namespace to create an artificial shared folder hierarchy that unifies multiple regional shares under one namespace, enabling seamless mapping and domain-based or standalone deployment.

Replicate a folder between servers using DFS replication to provide local access across branch offices, with options for bi-directional or unidirectional data flow.

Configure a domain-based DFS namespace named RTS-Sales, create and share folders nw-sales and east-sales, and map a persistent Z drive via group policy for domain users.

Explore the virtualization process and hypervisors, with Hyper-V and other options, and learn Hyper-V networking, virtual switches, installation on Windows Server and Windows client, nested virtualization, and best practices.

Explore how Hyper-V partitions hardware into multiple virtual machines, providing isolation and security with Secure Boot and Shielded VMs, and use integration services for time sync and automated shutdown.

Hyper-V inserts a hypervisor into boot process to control access to physical hardware, enabling virtual machines to run on virtualized hardware while drivers are installed only on the host OS.

Explore how hypervisors like Hyper-V allocate resources and isolate multiple virtual machines on a single physical computer, using an apartment building analogy to explain efficiency and management.

Explain Hyper-V virtual network adapter types, including legacy and synthetic adapters, Gen 1 versus Gen 2 VMs, BIOS versus UEFI, and when PXE boot applies.

Configure Hyper-V virtual switches to mirror physical networking by linking a host’s physical adapter to external, internal, or private switches, then connect each VM via its virtual network adapter.

Explore how to create and connect private, internal, and external Hyper-V virtual switches in the Hyper-V manager, and attach them to specific network adapters for VM communication.

Install Hyper-V on Windows Server via PowerShell with install-windowsfeature-name Hyper-V, -computername HV01, and -include management tools, then restart to enable the GUI tools.

Demonstrates how Hyper-V consolidates multiple servers into virtual machines on a single host to improve resource efficiency for a growing RTS, and how failover across hosts provides redundancy.

Provision your Hyper-V host with adequate hardware, dedicate the server for Hyper-V, use separate disks or cluster shared volumes for VMs, and manage remotely with RSAT; consider Server Core.

Master nested virtualization with Hyper-V by running Hyper-V inside a guest VM on the host, exposing virtualization extensions for testing environments, distinct from on-premise production and cloud setups.

Configure external access by creating an external Hyper-V switch and assigning a valid IP to each VM via static settings or DHCP. Private switches block internet access.

Configure virtual machines in Hyper-V by adjusting VM settings, virtual hard disks, and networking components, then manage checkpoints to snapshot changes and revert as needed.

Explore generation 1 virtual machines, their boot options (VFD, IDE VHD, ISO, PXE) and legacy network adapters, plus limits like 2 TB boot volume and up to 1 TB memory.

Explore generation 2 virtual machines, featuring 64-bit OS support, UEFI firmware with secure boot, shielded VMs, SCSI-only boot, memory up to 1 TB and up to 64 virtual processors.

Explore why generation two virtual machines lack a default virtual DVD drive, how to attach an ISO file, and how to use PowerShell to list VM details.

Learn how shared virtual hard disks and VHD sets in Hyper-V let multiple VMs share a VHDX disk on CSV or SMB, with online resizing and Hyper-V replication.

Understand virtual hard disk formats in Hyper-V, comparing VHD and VHDX, their sizes, and support; learn when to use fixed, dynamically expanding, differencing, and pass-through disks, plus conversion and mounting.

Explore creating and managing Hyper-V virtual machines, including choosing generation, adding a dynamic VHDX OS disk of 127 GB, converting to fixed disks, and using compact and expansion options.

Shows how to create differencing disks with a parent VHDX, disable checkpoints, and quickly spin up new virtual machines in a lab, while noting production risks of missing the parent.

Manage virtual machines by configuring integration services, heartbeat, time synchronization, checkpoints, and smart paging to optimize startup and host integration, plus automatic start and stop actions.

Explore how checkpoints function as time-stamped snapshots of a running VM, using differencing AVHDX disks when you apply or revert. Understand standard (application-consistent) versus production (data-consistent) checkpoints and default behaviors.

Configure additional virtual machine settings in Windows Server 2025, including operating system shutdown, automatic stop and start actions, enhanced session mode, and dynamic memory with memory weight.

Discover where Hyper-V stores virtual machine files in c:\programdata\microsoft\windows\hyper-v\virtual machines. These include the configuration file .vmcx, runtime state files .vmrs and .vmgs, and vhdx virtual hard disks with avhdx checkpoints.

Learn how Hyper-V administrators groups grant full control over Hyper-V settings, locally on a single machine or domain-wide across all Hyper-V servers in an Active Directory domain.

Explore how a Windows print server works, manage and secure it, and apply best practices. Configure options for permissions, pooling, and priority.

Centralize management of all printers and print jobs with a Windows print server, simplifying installation, driver updates, and troubleshooting from a single location. Spooling improves performance and access control.

Users send print jobs to a Windows print server, which spools and forwards them to the selected printer while monitoring status and issues. Install the role, add printers, configure permissions.

Implement a dedicated print server to improve performance and reliability, keep drivers up to date, test before deployment, and carefully manage printer permissions while monitoring usage for future growth.

Enable printer pooling on the Windows print server to balance jobs across printers as a single logical pool. This requires the same print driver and nearby placement.

Learn how Windows Server print priority works: higher priority leapfrogs queued jobs without interrupting current print, using two logical printers P1-Users and P1-Managers with priorities 1 and 99.

Install the print server role and use the print management console to manage drivers, ports, printers, and remote servers, with features like printer pooling and group policy deployment.

Learn to implement Windows server update services (wsus) on Windows server 2025, covering requirements, deployment options, the administration console, managing updates, and configuring clients to connect to wsus.

Prepare WSUS prerequisites by creating an external virtual switch in Hyper-V, connect VMs to it, and disable DHCP on the domain controller and RTS server 1 to ensure internet access.

Demonstrates installing and configuring WSUS on Windows Server, including network prerequisites, WID, IIS, synchronization from Microsoft Update, and an initial approval workflow for Windows 11 security and critical updates.

Discover remote access on Windows Server 2025 by examining VPN scenarios, tunneling protocols, and VPN authentication options, and by configuring a VPN server with certificate-based authentication.

Connect remote users and branch offices securely by deploying a client vpn and a site-to-site vpn, creating encrypted tunnels over the internet to access headquarters resources and cloud environments.

Explore the four native Windows VPN tunneling protocols—PPTP, L2TP over IPSec, SSTP, and IKEv2—highlighting encryption, ports, legacy status, plus OpenVPN support for Azure connections.

Explore VPN authentication options in Windows Server 2025, highlighting secure MSCHAP v2 and EAP with multi-factor methods, while noting PAP and CHAP as legacy, insecure choices.

Install and configure network policy and access service and remote access on Windows Server, selecting DirectAccess and VPN features (RTS-DC1 and RTS-SVR1) for VPN client setup.

Configure the network policy server to create a VPN client policy, define group-based conditions, set processing order, and review IP, encryption, and dial-in settings for secure remote access.

Demonstrates configuring a Windows server VPN client using the built-in tool and SSTP with ms-chat-version-2. Learn monitoring remote access, IP address pools, and VPN policy concepts across vendors.

Demonstrates deploying a vpn client via group policy by configuring the dns name rts-dc1.rtsnetworking.local, ms-chat version 2, and gpupdate /force for automated deployment across the Sales OU.