Windows Server 2008 R2

Published on May 2016 | Categories: Documents | Downloads: 49 | Comments: 0 | Views: 611
of 29
Download PDF   Embed   Report

Comments

Content

Introduction
It has been a long time since I have done one of those “old school” articles that starts from the beginning and does not assume that you are already a Windows Server pro. Over the last few years I have written hundreds of articles on much of the arcane of Windows computing. In most of these articles, I take a lot for granted in terms of what I expected you to know. I did that because there was some little trick, some hard to configure feature, or some obscure issue in configuration that I wanted to demonstrate. While all that stuff is pretty interesting to the three people who are interested in those issues, it sort of leaves everyone else out. A long, long time ago, in a world far away, this site was called “World of Windows Networking” or WOWN. During those days, the site was filled with a lot of articles that showed you how to get common Windows networking tasks done. This was a lot less of the Active Directory, Group Policy, installation and other non-networking complexities covered at that time. While the site has matured and focused more on experienced IT professionals, there is still some value in providing content for people entering into the business and who want to learn the basics. That got me to thinking about doing an article and perhaps a series from the ground up. What better time to try something like this than with the recent release of Windows Server 2008 R2? OK, so I thought I would do a basic “let’s install Windows Server 2008 R2” article—but then I thought “how about using this as a launch point for a broader series?” The more I thought about it, the better it sounded. Since there is a ton of great new networking and security features in Windows Server 2008 R2, why not start with building the lab network first, and then take you into all the cool features? That way we can be working with the same basic lab network and go through the long trip together. Let us do it. The first step is to pick the virtualization software of your choice. For this kind of lab network I prefer VMware Workstation. I do not have strong technical reasons for preferring VMware Workstation, I just prefer to use it because I have been using this application for almost a decade and know how it works. I do not have to learn a new language like I do with Hyper-V and it works nicely for me. However, if you want to use Hyper-V or ESX, those are good options too. As this series builds, I expect that we will need to be running up to 8 virtual machines at a time. Because of this, I recommend that you have a computer that can support at least 8 GB of RAM and has a quad core processor. For all the articles I will be writing in this series, I will be using a workstation that has 12 GB of DDR3 triple channel memory and a quad core Core i7 processor. If you are using any quad core Xeon or quad core Core 2 processor, you’ll be in good shape. Of course, AMD equivalents are good too. We will start with installing the first machine on our lab network. This is going to be a Windows Server 2008 R2 machine using one virtual processor and 512 MB of virtual memory. During the installation, I am going to use bridged networking on my virtual NIC. Some people like to use NAT, and that should be fine. The point is that you will want to be able to connect a live network so that you can access updates during the initial installation. After the initial installation is complete, we’ll move this virtual machine to another virtual network, since we want it to be placed behind a virtual TMG firewall. The TMG firewall VM will have the live network connection and all the other VMs will be located behind it.

In VMw Works ware station 6.5 I will create a new virtu machine and bind th Window Server ual e he ws 2008 R2 .iso file to the CD drive so that it boots th .iso. Wh the mac 2 d t hat hen chine first starts up, s you wil see the fir page of the installa ll rst ation wizard that asks for what La d anguage to install, o Time an currenc format and Keyboa or input method. nd cy a ard Click N Next after making your selections.

Figure 1 h ductions! Th installer g he gives you th option to Install now Let’s do it. he w. So much for introd

Figure 2 The .iso file actuall has all th versions o Windows Server 2008 R2 on it and we can choose o ly he of t n the opti we wan to install here. Note that you can even in ion nt e c nstall the Se erver Core versions from he I would rather pu a bobcat tail whil in a phone booth w ere. d ull t’s le with that ca so we at, would n be doi not ing a core installation Let us choose the Windows Server 2008 R2 n. e s 2 Enterpr (Full Installation) option and click Next. rise d

Figure 3 Put a ch heckmark in the I accept the lice nse terms checkbox on the licen se terms page and n e n p click Ne ext.

Figure 4 stallation do you wan Honestly I want on that wor and doe what I d nt? y, ne rks es Which type of ins o at hoice here. This is a cle install, so the upgr ean rade option does not tell it to do, but tha is not a ch make se ense. Click the Custom (advance option. Notice that there is no “Next” option on m ed) t o this pag just to th ge, hrow you off a little bit. ff .

Figure 5 Here yo decide w ou where you want to insta the system files (which used to be called boot files w all m b in the p past, but the new crew of Microso engineer did not ta the Win e oft rs ake ndows NT 4 MCSE training so they do not know that with W g, o w Windows NT based sy N ystem and a above, you boot the system files and yo “system” the boot f ou ” files). I crea ated a 24 GB dynamic virtual disk file for B k the OS which will be more th enough room. Rem han member, with dynamic disk files th only hey use the space they n need – they do not full allocate all the space until it is n y ly a e needed. Click N Next.

Figure 6 Yay! In nstallation is starting – and it is go s oing to take a very lon time. Giv it an hou or two e ng ve ur and com back and see what happened on your own installation me d h n n.

Figure 7 During first log on the installe will ask y to create a passwor Click OK when you see the er you e rd. K u display as it appear below. rs

Figure 8 Enter a password a confirm the passw and m word and do not click OK (because there is no OK to O e n click). I Instead, clic that “arro thing” t ck ow that does no have a name, which sits to the right of ot h the conf firm passwo text box ord x.

Figure 9 Very go ood! The pa assword has been chang Click OK. ged. O

Figure 10 You might rememb the Initial Configu ber uration Tas window if you use Window Server sks ws ed ws 2008. If you have not used Windows Ser f W rver 2008 and are mov a ving up from Window Server m ws 2003, th Initial Co he onfiguration Tasks win n ndow provides you acc to man of the thi cess ny ings you software is installed. After looki need to do once t operatin system s o the ng ing at som of the me options in this window, you might notice that many of the optio that you configured during m e ons u

installat tion for earl version of Windo are now configure here. The goal was to make lier ns ows w ed e for fewe inputs du er uring installa ation and le eaving them for the end Very nice m d. e!

Figure 11 From th Initial Co he onfiguratio Tasks w on window, I wi set the fo ill ollowing:
  

Set time zon ne C Configure n networking P Provide com mputer nam and doma me ain

I will ta care of the other st once I g this mac ake tuff get chine an IP address on the networ I will n rk. rename this compu FFWIN uter N2008R2DC since this is going to be a doma controller in my C, s o ain B FF or nt” l efront testing on this g FFLAB domain. F is short fo “Forefron as we’ll be doing a lot of Fore lab netw work. The IP addressing informatio is: P g on

   

IP address – 10.0.0.2 Default Gateway – 10.0.0.1 DNS – 10.0.0.2 WINS – 10.0.0.2

Sure, we probably will not need WINS much, but you never know, and it is not like it is going to suck up a lot of memory or processor cycles in the lab environment. The default gateway will be a TMG 2010 firewall – which we will install in a later article.

Promoting the Windows Server 2008 R2 Virtual Machine to a Domain Controller
adv ert is emen t

The next step is to make this machine a domain controller. If you are coming from the Windows Server 2003 world, you will find this step to be a lot different. Yes, you will still need to run dcpromo from the Run command, but there is a little twist here – you need to install the Active Directory Domain Controller role. Server roles are sort of a new concept in Windows Server 2008 – where major server services are considered “roles”. The Active Directory Domain Controller role is a bit different, because it is actually a two-step process to get the Active Directory DC installed: first you install the role and second you run dcpromo. Enter the Server Manager and click the Roles node in the left pane of the console. Then click the Add Roles link in the right pane.

Figure 12 This bri ings up the Before Yo Begin pa ou age. If this is the first time you h have installe a role ed using th Server M he Manager, the go ahead and read th informat en d he tion on this page. If yo are an ou old pro with the Se erver Manag go ahea and click Next. ger, ad k

Figure 13 Here yo select w ou what Server Roles you want to in nstall. We will install other Serve Roles w er later, bu we want the DC rol installed first. Selec Active Directory D omain Services by ut le ct putting a checkma in the checkbox. N ark c Notice that the wizard will show you a nu d w umber of features that will b installed along with the Activ Directory Server Ro Click the Add s be d h ve y Role. t Require Feature button to get those features in ed es o nstalled with the Activ Directory Server h ve y Role.

Figure 14 After se electing the Active Di e irectory DC Server Role, you will see info C R w ormation ab bout that Server R Role. Some interesting things to no here: ote


 



Y should install at least two D on your network for fault tol You d l DCs f lerance. Ins stalling a s single DC on a netwo is an in ork nvitation fo disaster. However, since this is a lab or n network an we can take snapsh nd t hots of our DCs, we’re not so co oncerned ab bout this r requiremen nt. D DNS is requ uired. Howe ever, when we run dcp promo, we will install t DNS server role w the t support A to Active Direc ctory servic ces. Y need to run dcpro You o omo after in nstalling the role. You won’t have to go throu extra e w ugh s steps like th when in his nstalling oth server roles, as the entire role installation can be her r e e n d done throug the Serv Manager The Active Director Domain Services ro is the gh ver r. ry ole o only one that takes two steps to ge it installed. o et N Note that i installing th Active D he Directory Domain Ser D rvices Role also insta DFS e alls N Namespace DFS Rep es, plication an File Repl nd lication Serv vices – all o these are used by of A Active Dire ectory Domain Service s so they’re automatica installed e ally d.

Figure 15 Click In nstall to install the files required to run dcpromo. s s o o

Figure 16 Yay! In nstallation was successful. Click C lose. f

Figure 17 Now go to the Star menu and type dcpr o rt romo in the search box. You will find it in th list as e x he shown i the figure below. Cli dcprom in e ick mo.

Figure 18 This sta the Wel arts lcome to th Active D he Directory Domain Ser D rvice Install lation Wizard. We do not n need advanc options in this scen ced nario, so just click Next t.

Figure 19 On the Operating System Compatibil g C lity page, you are wa y arned that y your NT and nona Microso SMB cli oft ients are go oing to have problems with some cryptograph algorith used e hic hms by Win ndows Serve 2008 R2. We don’t have this problem on our lab ne er t p n etwork so ju click ust Next.

Figure 20 On the Choose a Deploymen Configu nt uration page, select the Create a new domain in a new for option. We do this because, of all reasons, this is a new domain in a new fo rest f n n orest :)

Figure 21 On the N Name the F Forest Roo Domain page, enter the name of the doma in the FQDN of ot r o ain F the fore root dom est main text box. In this example we are going to name th domain ff b e he flab.net. That is short for “F Forefront Lab”. You c an name it whatever you like, but if you use a name L y ut e that is a already in u on the Internet (tha is to say, a name that has alrea been registered, use I at , ady then be aware of po otential spli naming is it ssues). Click Next. k

Figure 22 On the Set Forest Functiona Level pag select th Window Server 2 008 R2 opt al ge, he ws tion (not the Win ndows Serv 2003 option you see in the figure be ver o e elow). We want to se elect the Window Server 2 ws 2008 R2 opt tion so that we can tak advantag of all the cool new features t ke ge e included in Window Server 2008 R2. Cl d ws 2 lick Next.

Figure 23 On the Additional Domain Controller Options page, we ha only a s l C p ave single choic DNS ce: server. The Global catalog op l ption is chec cked and no an option because thi is the onl DC so ot is ly far in th domain, so it has to be a Glob Catalog server. The Read-only domain controller his o bal e y (RODC option is deselected because you have to ha another non-RODC on the network to C) b u ave r C enable t option. Select the DNS server option and click Next this D r d t.

Figure 24 A dialo box will appear tha says that a delegatio for this DNS server cannot be created og at on D r e because the author e ritative par rent zone c cannot be found or it does not r f run Window DNS ws server. T reason for this is that this is the first DC on the ne The C etwork. Don worry ab n’t bout this and clic Yes to co ck ontinue.

Figure 25 Leave th Database, Log Files and SYSV OL folder in their default location and click Next. he e s V a ns k

Figure 26 On the D Directory S Service Restore Mode Administ e trator Password, enter a strong password r in the P Password an Confirm password text boxes. nd m d .

Figure 27 Confirm the information on the Summar y page and click Next. m m h r

Figure 28 Active Directory w install. The first D installs pretty qui will DC s ickly. Put a checkmar in the rk Reboot on comp pletion chec ckbox so t that the machine auto m omatically reboots when DC installat tion is comp plete.

Figure 29 The ma achine will a automatical restart si lly ince we sel lected that option. The installation will be o n complet when you log on. If I recall co te u f orrectly, wit Windows Server 200 there was some th s 08, w configu uration that took place after you l logged on, but that is not happen ning with Windows W Server 2 2008 R2. The DN service was installed during A NS Active Dire ectory insta allation, so we do not need to worry a about that. T There are several other services we want to in e nstall on this domain co s ontroller. These in nclude:
  

D DHCP W WINS E Enterprise C Certificate Services S

Unfortu unately, only DHCP and Certificat Services are considered “roles”.. The WINS service y te S is considered a feat ture. I supp pose they ha a reason for this, bu I was not at that mee ad ut eting and did not get the mem mo.
  http://w www.window wsnetworking g.com/article es_tutorials/ /Running‐Windows‐Serve er‐2008‐R2‐ Installing g‐Creating‐La ab‐Domain‐C Controller‐Pa art1.html 

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close