Windows2016:DomainController: Difference between revisions
(Created page with "{{DISPLAYTITLE:{{TitleIcon|microsoft=true}} Windows Server 2016 Core: Domain Controller}}<metadesc>How to setup a domain controller on Windows Server 2016 Core as a virtual ma...") |
m (Kyau moved page Windows2016:Install to Windows2016:DomainController without leaving a redirect) |
(No difference)
| |
Revision as of 22:57, 7 July 2018
 | UNDER CONSTRUCTION: The document is currently being modified! |
Back to Category:Windows
Introduction
IntroductionThe Server Core option is a minimal installation option that is available when you are deploying the Standard or Datacenter edition of Windows Server. Server Core includes most but not all server roles. Server Core has a smaller disk footprint, and therefore a smaller attack surface due to a smaller code base.[1] Most notably, no Windows Explorer shell is installed. All configuration and maintenance is done entirely through command-line interface windows, or by connecting to the machine remotely using Microsoft Management Console (MMC), remote server administration tools, and PowerShell.[2]
Testing was done as a virtual machine on my Dell PowerEdge R610 using Hyper-V Server, the following image was used:
 en_windows_server_2016_x64_dvd_9718492.iso |
Installation
Insert the Windows Server 2016 boot media into the machine and reboot (or power on) the machine, booting from the inserted media. Follow the instructions on the screen to install, make sure you do not select (Desktop Experience) as this is not Server Core. Upon reboot you will be prompted to set an Administrator password, doing so will log into the machine finalizing the installation.
Use the command prompt provided to launch Windows PowerShell.
| C:\> powershell |
Networking
NetworkingBefore we can begin with the domain controller the network needs configuring.
Rename the computer.
| PS C:\> Rename-Computer -NewName DC1 |
List the current network adapters.
| PS C:\> Get-NetAdapter -Physical |
Locate the NIC that you want to setup.
Set the IP information.
| PS C:\> New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress 10.0.42.35 -AddressFamily IPv4 -PrefixLength 24 -DefaultGateway 10.0.42.1 |
Update the DNS servers.
| PS C:\> Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddress 127.0.0.1 |
 | Make sure the DNS server address is set to localhost or the domain controller will not function correctly. It needs to use it's own DNS. |
Remote Management
In order to use RSAT and Windows Admin Center remotely a few changes need to be made.
Enable WinRM.
| PS C:\> Enable-PSRemoting -Force |
Enable remote authentication acceptance.
| PS C:\> Enable-WSManCredSSP -Role server |
Enable firewall rules for remote management.
| PS C:\> Set-NetFirewallRule -DisplayGroup 'Windows Management Instrumentation (WMI)' -Enabled true -PassThru |
| PS C:\> Set-NetFirewallRule -DisplayGroup 'Remote Event Log Management' -Enabled true -PassThru |
Housekeeping
Remove Windows Defender.
| PS C:\> Uninstall-WindowsFeature -Name Windows-Defender-Features |
Check to see that the timezone is set properly.
| PS C:\> Get-TimeZone |
If you need to change it, use the following:
| PS C:\> Set-TimeZone -Id "Pacific Standard Time" |
Finally reboot the machine to commit the machine name and IP changes.
| PS C:\> Restart-Computer |
PowerShell
Since PowerShell will be used for a lot of the remote management it is a good idea to update to the latest version.
To install, copy to the server via windows SMB.
| PS C:\> msiexec /i PowerShell-6.1.0-preview.3-win-x64.msi |
Domain Controller
Install the Domain Controller feature for Windows.
| PS C:\> Install-WindowsFeature AD-Domain-Services -IncludeManagementTools |
Conclusion
The server should now be completely setup for production VMs.
References
