Dark Developments Where Knowledge Meets Power


WIN2008 – Install Active Directory

Posted by Dark#Basics

Windows Server 2008 - Installing Active Directory
Active Directory is one of the core elements when using Windows Server. Active Directory provides the structure to centralize the network management and store information regarding the network resources across a domain. Domain Controllers keep al this information centralized and available to all network users.

Using the Graphical User Interface
In Windows Server 2008, just like previous server operating Systems, you can run DCPROMO to promote the server to Domain Controller and install Active Directory. Do note that Windows Server 2008 does require the server role Active Directory Domain Services. This is also installed using DCPROMO or pre-adding the role using Server Manager.

To run DCPROMO, enter Run and open DCPROMO. Alternative you can click on the DCPROMO link from Server Manager.

If AD-DS is already installed, the Active Direcotry Domain Services Installation Wizard will appear immediately or after a short while. If AD-DS isn't installed, this Active Directory Domain Services will be installed before the Active Directory Domain Services Installation wizard will appear.

Click Next on the welcome screen to start the wizard.

In the Operating System Compatibility window, read the information and click Next to continue.

Next is the Deployment Configuration window. Depending on what you are planning to do you'll need to select an option.

  • Existing forest - Add a domain controller to an existing domain - When there already is a forest and you want a backup domain controller.
  • Existing forest - Create a new domain in an existing forest (This server will become the first domain controller in the new domain). - If you want the new domain to be a child of an existing domain, select this option. For example, you could create a new domain named hq.root.local as a child domain of the domain root.local.
  • Create a new domain in a new forest - Select this option if this is the first domain in your organization or if you want the new domain the be completely independent of your current forest.

Enter a name for the new domain and click Next. Do not use single label domain names such as "mydomain" or similar. You MUST pick a full domain name such as "mydomain.local" or "mydomain.com" and so on.

Select the appropriate forest function level. Windows 2000 is selected by default, this means you can add Windows 2000, Windows Server 2003 and Windows Server 2008 Domain Controllers to the forest you're creating. The Windows 2000 forest functional level provides all Active Directory Domain Services features that are available in Windows 2000 Server. If you have domain controllers running later versions of Windows Server, some advanced features will not be available on those domain controllers while this forest is at the Windows 2000 functional level. The Windows Server 2003 forest functional level provides all features that are available in Windows 2000 forest functional level, and the following additional Domain Controller running Windows Server 2003 and Windows Server 2008. Windows Server 2008 functional level does not provide any new features over the Windows 2003 forest functional level. However, it ensures that any new Domain Controller is running Windows Server 2008, which does provide unique features.

If no DNS server has been configured, the wizard will offer to automatically install DNS on this server. The first DCs must also be a Global Catalog. Also, the first DCs in a forest cannot be a Read Only Domain controller.

You'll get a warning telling you that the server has dynamically assigned IP address(es). Mostly because IPv4 isn't manually configured or we IPv6 did not manually configure the IPv6 Address, hence the warning. In a network where IPv6 is not used, you can safely ignore this warning.

You'll probably get a warning about DNS delegation. Since no DNS has been configured yet, you can ignore the message and click Yes.

If necessary change the paths of the AD database, log files and SYSVOL folder. For example for large deployments use a different disk, RAID,... Carefully plan your DC configuration to get the maximum performance.

Enter the Restore Mode Administrator Password. Do not use the regular administrator's password and securely store it. With this password you'll be able to restore Active Directory when things go bad.

Review your selections and click Next. It is also possible to export the settings for future use in unattended installs.

The wizard will create the domain, when finished you'll need to press Finish and reboot the computer.

Using the Command Line Interface
DCPROMO will accept command line switches, and if provided correctly, it will use them to perform the required tasks.

Select All Code:
DCPROMO /unattend /replicaOrnewDomain:newDomain /replicaDomainDNSName:root.local /ConfirmGC:yes /username:root.local'administrator /Password:P@ssw0rd /safeModeAdminPassword:P@ssw0rd1

It is also possible to use an unattended or answer file. The file is a text file that provides automated user input for each page of the Active Directory Installation Wizard.

Select All Code:

After creating the unattended file start the DCPROMO process.

Select All Code:
DCPROMO /unattend:C:\

WIN2008 – Windows Updates

Posted by Dark#Basics

Windows Server 2008 - Windows Updates
To keep a pristine, up-to-date, bug free and secure server farm we'll need to update our systems. By default Windows Updates is disabled for every Server Operating System. There are four predefined modes:

2 - Notify before downloading any updates and notify again before installing them. When Windows finds updates that apply to this computer, an icon appears in the status area with a message that updates are ready to be downloaded. Clicking the icon or message provides the option to select the specific updates to download. Windows then downloads the selected updates in the background. When the download is complete, the icon appears in the status area again, with notification that the updates are ready to be installed. Clicking the icon or message provides the option to select which updates to install.

3 - (Default setting) Download the updates automatically and notify when they are ready to be installed. Windows finds updates that apply to your computer and downloads these updates in the background (the user is not notified or interrupted during this process). When the download is complete, the icon appears in the status area, with notification that the updates are ready to be installed. Clicking the icon or message provides the option to select which updates to install.

4 - Automatically download updates and install them on the schedule specified below. Specify the schedule using the options in the Group Policy Setting. If no schedule is specified, the default schedule for all installations will be everyday at 3:00 AM. If any of the updates require a restart to complete the installation, Windows will restart the computer automatically. (If a user is logged on to the computer when Windows is ready to restart, the user will be notified and given the option to delay the restart.)

5 - Allow local administrators to select the configuration mode that Automatic Updates should notify and install updates. With this option, the local administrators will be allowed to use the Automatic Updates control panel to select a configuration option of their choice. For example they can choose their own scheduled installation time. Local administrators will not be allowed to disable Automatic Updates' configuration.

Using the Graphical User Interface
Right click on Computer and select Properties.

In the overview select Windows Update.

As you can see Windows Update is disabled. Click View advanced options to get a detailed option overview.

Select the appropriate mode and confirm using OK.

Using the Command Line Interface (Windows Server Core ONLY)
Setting Windows Updates on Server Core is done with the scregedit.wsf script and specifying the correct mode. Because Windows Explorer isn't installed on a Server Core the notification balloons aren't shown. So there are two possible modes left namely 4 and 5. But because Server Core doesn't have a Control Panel option 5 isn't available as well.

When you want to enable Automatic Updates you may select scenario 4 and restart the Windows Updates Service by typing:

Select All Code:
cscript scregedit.wsd /AU 4
net stop wuaeserv
net start wuaserv

SCregEdit.wsf doesn't offer you a method to specify a scheduled time to reboot the machine when updates require a reboot. By default a Windows Server 2008 Server Core installation with Automatic Updates enabled will automatically download updates and install updates at 3:00 AM and reboot if necessary. This might not be the desired behaviour.

Disabling Automatic Updates and the Windows Automatic Updates Service can be done by typing:

Select All Code:
cscript scregedit /AU 1
net stop wuauserv

It is possible however to preform an on-demand check for updates.

Select All Code:
wuauclt /detectnow

TIP: It is also possible to set the Automatic Updates by using Group Policies using WindowsUpdate.admx. Another way to customize the behaviour is using WSUS. Or editing the registry entries HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update.


WIN2008 – Installing Language Pack(s) MUI

Posted by Dark#Basics

Windows Server 2008 - Installing Language Pack(s) MUI
Working internationally we often are asked to install multiple MUI (Multi User Interfaces) or Language Packs to support different regions. Also it is quit common to install the operating system in the US-English version and then apply a language pack or MUI. For Windows Server 2008 these language packs are provided in .CAB file extension.

The language packs can be download from the Download Center from Microsoft here. Download the appropriate file for you, remember you'll need to take in account the language needed and the type of system namely x86, x64 or Itanium.

Within Windows Server 2008 it is possible to use a new command line tool which allows us to install the language packs.

Installing Language Packs using GUI
It is possible to install the language pack using the GUI of lpksetup. First we'll need to start-up an instance of lpksetup and select Install Languages.

Next we'll browse to the correct path where the language packs are located and select the Select Folder.

Indicate which language packs that we want to install. If you've selected the packs of your choice continue by pressing Next.

Read and Accept the license and press Next.

We'll get an overview of the packs that need to install. Press Install to start the installation procedure.

After the installation has completed we'll indicate that we'll change the interface language and if necessary preform the same change on the system accounts.

As you'll see, we'll need to Log Off before the changes are in effect.

De-installing or adding more language packs can be done in the same manner.

Installing Language Packs using CLI
The command line let’s you install a single or even multiple language packs at once.

Select All Code:
lpksetup.exe /i en-US /p C:\languagepacksfolder\

De-installation of the package can also be done with the command line interface.

Select All Code:
lpksetup.exe /u en-US

Note: This also applies to Windows 7 Ultimate or Enterprise. Windows 7 language packs are available for computers that are running Windows 7 Ultimate or Windows 7 Enterprise. The Windows 7 language packs can be installed only from the Optional Updates section in Windows Update. However, these language packs are not available on the Microsoft Windows Server Update Services (WSUS) server or through the Microsoft Download Center.

More Information: technet.microsoft.com/en-us/library/cc766010%28WS.10%29.aspx www.microsoft.com/download/en/details.aspx?id=22681


WIN2008 – Product Activation

Posted by Dark#Basics

Windows Server 2008 - Product Activation
Microsoft Server 2008 needs to be activated before you can get the Microsoft Updates. For the activation you'll need the appropriate product code. There are two different licence methods namely MAK and KMS.

MAK or Multiple Activation Key allows a predetermined number of activations. The number depends on the type of agreement you have with Microsoft. In addition this license type requires your system to connect to a Microsoft activation server of Microsoft. After the activation no further communication with Microsoft is needed.

With KMS or Key Management Service you are able to complete activations on your local network, eliminating the need to connect to Microsoft for product activation.

Activation using the Graphical User Interface
To activate your product using the GUI, right click on Computer and select Properties.

In the overview select Change product key.

Next type in the correct product key and press Next.

If all goes well you'll and the product is successfully activated you'll be greeted with Activation Successfully. Note that also an additional add is placed in the computer overview.

Activation using the Command Line Interface
Activating the product using the CLI is quit straight forward. Step one is defining the product key and the final step is activating the product, both commands use the slmgr.vbs script.

Select All Code:
slmgr.vbs -ipk "productkeyhere"
slmgr.vbs -ato

Additional information: www.microsoft.com/licensing/existing-customers/product-activation-faq.aspx


WIN2008 – Rename Computer

Posted by Dark#Basics

Windows Server - Rename Computer
By default a fresh installation of an OS has a generated computer name, in 99% of the cases you want to rename the device.

Rename a computer by using the GUI
Enter the start menu, right click on Computer and select Properties. Next select Change settings and in the following screen select the option Change. Now you're able to edit the computer name. When you're satisfied with the new name press OK until you're back on the desktop. Do note that you'll need to restart Windows Server before the changes take effect.

Renaming by using the command line interface
Renaming a device can also be done by using the CLI with netdom. Netdom does need the current name of the server, the name can be found by using the %computername% environment variable.

Select All Code:
netdom renamecomputer theoldname /newname thenewname

Next, reboot the machine to let the changes take effect.

Select All Code:
shutdown -r -t 0

TIP: You can add additional info in the computer name. For example DDV-WIN2K8-AD means the server is from the company DarkDevelopments (DD), virtualised (V), runs Windows 2008 (2K8) and is used as Primary Domain Controller for Active Directory (AD).


WIN2008 – Network Interfaces: Static, DHCP & Rename

Posted by Dark#Basics

Windows Server 2008 - Network Interfaces: Static, DHCP & Rename
The best practice regarding IP's for servers is providing them with a static IP. Preferred in a different range than the clients or an IP out of the DHCP-scope, if it isn't possible to comply with one of these two I suggest you define a static IP on the server and exclude or reserve that IP in the DHCP-server for the server in question.

Using the Graphical User Interface
Defining a static IP using the GUI is pretty straight forward. First go to the Network and Sharing Center and select the Manage network connections. Finally right-click on the interface and select Properties.

Scroll down to the IPv4 and select Properties. When using a static IP select to option 'Use the following IP address' and provide the IP-address, subnet mask and Default gateway. You can also define the DNS server by selecting 'Use the following DNS server addresses' and insert one or more DNS server IP-addresses.

Enabling DHCP again for the IP address and DNS can be accomplished by selecting 'Obtain an IP address automaticly' and 'Obtain DNS server address automaticly'.

It is also possible to rename the interface by right clicking the interface and selecting Rename.

Using the CLI
The above can also be done by using the command line interface for example when running a Server Core version of Windows Server or just because you don't want to use the GUI.

First of is getting an overview of the interfaces that are available for IPv4, this can be done by running netsh interface ipv4 show interfaces. You'll get an overview of the current interfaces index, status, name, ... The second part is defining the static IP, this can be accomplished by running netsh interface ipv4 set address. The third command is setting the static DNS by running netsh interface set dns.

Select All Code:
netsh interface ipv4 show interfaces
netsh interface ipv4 set address name="interfacename" source=static address=IPADDRESS mask=SUBNETMASK gateway=GATEWAY
netsh interface ipv4 add dnsserver name="interfacename" address=DNSSERVER index=INDEX

Select All Code:
netsh interface ipv4 show interfaces
netsh interface ip set address name="interfacename" static ipaddress subnetmask gateway
netsh interface ip set dns "interfacename" static dnsserver

DHCP can be enabled for IP and DNS by using netsh as following.

Select All Code:
netsh interface ip set address "interfacename" dhcp
netsh interface ip set dns "interfacename" dhcp

It is also possible that you want to rename the interface name. This can be accomplished using the following command.

Select All Code:
netsh interface set interface name="interfacename" newname="newname"


WIN2008 – Installation

Posted by Dark#Basics

Windows Server 2008 - Installation
Boot up from the WIN2008 DVD, if necessary change the boot order or select the correct boot device. After the files are loaded we'll need to select the language to install, time and currency format and the keyboard input. After selecting the appropriate settings click Next and Install Now.

In the next screen you will be asked to select the appropriate operating system. Depending on your needs and future plans select your version, click Next, accept the License and click Next again. To continue a clean installation select the Advanced option.

The next item is choosing the installation type, it is possible doing an upgrade using the Upgrade button. Do note that this is only available for certain versions.

Next up is the selection of the hard disk where the OS needs to be installed. If needed use the Advanced option to create, delete, format, extend,... the partition(s). After selecting the appropriate partition select Next.

Now the installation will begin the installation of the operating system. When the installation is finished the machine will be rebooted automatic.

When the operating system is booted for the first time you'll be greeted with an error message that says that the user password needs to be changed. Do note that the referred user is the local administrator! After selecting OK you'll be able to provide a new password, insert it two times and press Enter or the arrow icon.

Congratulations, the installation has finished. You have a new Windows Server 2008!


WIN2008 – Editions

Posted by Dark#Basics

Windows Server 2008 - Editions
Windows Server 2008 is a operating system for servers. It is the follow-up for Windows Server 2003. Windows Server 2008 is the last version that is build for 32 and 64-bit.

Server Core
This is the most remarkable feature of Windows Server 2008. In essential Server Core is a slimmed down version of Windows Server 2008 without Windows Explorer. All the settings and maintenance must be done through the command line interface or remotely by using the Remote Management Console (RSAT). Server Core doesn't contain .NET or Internet Explorer. Do note that Server Core is only available for Standard, Enterprise and Datacenter.

A Server Core machine can be configured for several basic roles: Domain Controller, ADLDS, DNS-server, DHCP-server, file server, print server, Windows Media Server, IIS and Hyper-V.

Web, Standard, Enterprise, Datacenter
The biggest differences between these versions are maximum RAM, socket count and availability of Hyper V.

Storage Server
Built on Windows Server 2008 the Windows Storage Server provides a platform for network-attached storage appliances. It is optimised for delivering a better file serving experience.

Small Business Server
Is specially designed for small businesses to increase productivity and to protect the data better than before. SBS holds Exchange 1007, Sharepoint, Server Update, Forefront Security, Live OneCare and Integration with Office Live Small Business. As for the premium version of SBS, SQL Server 2008 is also included.

Windows Server 2008 R2
R2 is the most recent version of Windows Server do note that R2 can only be installed on a 64-bit CPU.