Saturday, February 27, 2016

Installing Windows 2012 R2 Domain Controller Step by Step Guidelines

Purpose of this document is to demonstrate installing and configuring Windows 2012 R2 Domain Controllers into Existing Forest/Domain Environment.

1. ADDING SERVER TO DOMAIN

1. Logon to Windows 2012 R2 Server with Administrator account and provide your credentials.

2. Click start, locate PowerShell and double click on it

3. In the PowerShell window type | Hostname| and press enter

clip_image002

4. This is default Server name came with installation

5. We will rename the server and restart it with following PS command

6. On the PS window type | Rename-Computer -NewName DC4 -Restart | and press enter

clip_image004

7. Logon to Server with administrator credentials, Open PS with administrator credentials and type |Hostname| and press enter to verify the new name.

8. On the PS type | NCPA.CPL | and press enter.

9. Locate network interface card make a right click, rename it to PROD and go to properties. Un-select TCP/IPv6

10. Select TCP/IPv4, click properties, select use the following IP address and assign Static IP address

clip_image006

Note: The Primary DNS Server is set to, one of the available Domain controller in the environment.

11. Close Network interface card configuration and open PowerShell and type | Lookup |and press enter

12. Verify valid domain controller is configured.

clip_image008

13. Now it is time to add the server into domain, Server has been named so far and we have configured with static IP address and pointed to valid Domain Controller on TCP/IP Properties with Primary DNS Configuration

14. Open PowerShell and type following command, when you are asked to supply credentials, you need to provide it as Domain\Administrator and the proper password. After joining to domain, server will re-start.

$Domain = “TekPros”

Add-Computer -DomainName $DomainName -Restart

clip_image010

15. Log back into “Domain”, provide your administrator credentials

clip_image012

Now server is prepped and we can move forward adding required futures to be Domain Controller

2.PREPARING SERVER, ADDING REQUIRED FUTURES

1. Log back into Server, Open PowerShell, on the PowerShell type | ServerManager | and press enter

2. Click manage and select add roles and futures

3. Click Next | Role based or future based installation | selected and click next | Select server from pool | selected

4. Select Server from pool and click next | click add futures |

clip_image014

5. Select DNS Server and click add futures | Next| Group Policy management | selected

6. Click | Next | Next | Next | and click Install

7. Required Roles has been added, now server is ready for promotions

3.PROMOTE SERVER TO BE DOMAIN CONTROLLER

1. From recently opened ServerManager window, click on top notifications section

2. Select | Promote this server to a domain controller |

clip_image016

3. Deployment Configuration Menu, | Add a domain controller to existing domain | selected

4. Domain is also selected, Domain administrator account credentials are selected

clip_image018

5. Click Next, | Global Catalog | selected, | Site name | select AD Site you wish to place this domain controller | Type DSRM password | click Next

clip_image020

6. Click Next twice, and now you have option to select what Domain Controller you would like to replicate from

clip_image022

7. Click next

clip_image024

8. Now select the database, log files and SYSVOL location

9. Click Next twice

clip_image026

10. Click Install

11. Once the replication is completed |. DIT Database | you can open site and services by typing | Dssite.msc | and locate the domain controller.

clip_image028

You can also download a copy from below link
http://1drv.ms/1oPBQcu

Oz Casey, Dedeal (MVP North America)
MCITP (EMA), MCITP (SA)
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)
https://twitter.com/Message_Talk (Twitter)

Sunday, February 14, 2016

Configure ISE Profile For More Efficient Scripting

Do you want your ISE to be more efficient, when writing scripts and getting your daily work done? If your answer is “yes” here is simple profile script to assist you. Download from TechNet Scripting Center.
https://gallery.technet.microsoft.com/scriptcenter/ISE-Profile-Setup-659ed86d
You can simply add more, make sure you replace the server names to make it fit to your environment. Download above profile script and add below adds-on.

# Connect Exchange 2010 Remote PowerShell
$psISE.CurrentPowerShellTab.AddOnsMenu.SubMenus.Add(
  "Connect to Exchange 2010",
    {
        $s = New-PSSession -ConfigurationName Microsoft.Exchange `
        -ConnectionUri
http://mail1.TekPros.com/PowerShell/ `
        -Authentication Kerberos
        Import-PSSession $s
    },
  "Control+Alt+E"
)

# Connect Lync Remote PowerShell
$psISE.CurrentPowerShellTab.AddOnsMenu.SubMenus.Add(
  "Connect to Lync Remote PowerShell",
    {
     $lync_S = New-PSSession -ConnectionUri
https://LyncServer.TekPros.com/ocspowershell `
               -SessionOption $lyncOptions `
               -Authentication NegotiateWithImplicitCredential `
               -Authentication Kerberos
     Import-PSSession $lync_S
    },
  "Control+Alt+L"
)

image

 

 

Oz Casey, Dedeal (MVP North America)
MCITP (EMA), MCITP (SA)
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)
https://twitter.com/Message_Talk (Twitter)

Wednesday, February 10, 2016

Windows 2012 R2 Deploy Certificate Authority Step by Step Part-1

  • Log on to <Your_Windows_2012_R2_Server> as a domain administrator.
  • Click Start, | PowerShell| Type "ServerManager" , press enter 
  • Click Add roles | next | leave default

clip_image001

  • Click | Next

clip_image002

  • Select | Active Directory Certificate Services

clip_image003

  • Add required Futures | Press twice Next

clip_image004

  • Click Next again | Select Certificate Authority | CA Web Enrolment

clip_image005

  • Next | Install

clip_image006

  • Go back to Server Manager | Post Deployment Configuration

clip_image007

  • Next

clip_image008

  • Select | Certificate Authority | CA Web Enrolment

clip_image009

  • Select | Enterprise CA | Next

clip_image010

  • Select | Root CA | Next

clip_image011

  • Select | Create a new Private Key | Next

clip_image012

  • Select | RSA # Microsoft Software Key Storage Provider | Key Length 4096 | SHA256

clip_image013

  • Click Next | Accept default

clip_image014

  • Accept Default | Click Next

clip_image015

  • Accept Defaults | Click Next

clip_image016

  • Click | Configure

clip_image017

  • Results page | Click Close

clip_image018

Part 1 is completed.

MS link

Oz Casey, Dedeal (MVP North America)
MCITP (EMA), MCITP (SA)
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)
https://twitter.com/Message_Talk (Twitter