Automated Server Setup, Part 1 #scripting, #powershell, #active #directory #(ad), #windows #server #2012, #windows #8


Posted On Aug 14 2017 by

#

Automated Server Setup in Windows Server 2012 and Windows 8, Part 1

I ve had a non-business Active Directory (AD) setup running at my home for years. This setup lets me test things that I wouldn t want to run on my company network, and it lets me centrally control updates to home machines, implement security configurations, and so on. It s a minor setup, containing only one domain controller (DC) and very basic hardware. (Hey, it does an image backup every night, so it s not that bad.) Anyway, the DC was old enough that I thought I should perhaps build a new one, and a physical one at that.

This project wasn t a crisis, so I had a few hours to build and re-build its successor to the point at which the process was about as automated as possible always quite educational. Along the way, I discovered, relearned, and/or refined a number of power tools. So, in this article and the next, I want to pass along some setup automation tips specific to Windows Server 2012. Server 2012 R2, and Windows 8. I covered a process like this back when Server Core in Windows Server 2008 appeared, but this time you ll see that PowerShell makes command-line setup automation a whole lot easier.

Tip #1: Set Up a USB 3.0 Installation Stick

This tip is not groundbreaking, but it s worth repeating. All the wipes-and-rebuilds I ve tried started with the same tool: a USB 3.0 stick containing the Server 2012 R2 installation image and an XML file built by Windows System Image Manager (WSIM) part of a free download of the Automation and Deployment Kit (ADK). WSIM presents a GUI that lets you pre-answer dozens of questions about a system that you re about to build, from product key to disk layout to disabling Internet Explorer s (IE s) Enhanced Security Configuration.

When you re done, you tell WSIM to produce a file named autounattend.xml. If you copy that file to the root of your installation USB stick, Windows Setup will read and obey the commands in autounattend.xml. (And if installing with a USB stick sounds goofy, it isn t: Server 2012 s Setup supports USB 3.0, and my wipes-and-rebuilds of a painfully underpowered system run in the three-to-four-minute range. And when I did something similar last year when building my new web server, some of the installs took no more than a minute.)

Tip #2: Dump the Tunnel Adapters, Tweak IPv6

I m sure Microsoft s heart was in the right place, but the amount of crap in the IPConfig output these days is excessive. Cut and paste these three lines, and IPConfig gets much less chatty:

If you re using IPv6, and your organization depends on the Teredo, Intrasite Automatic Tunnel Addressing Protocol (ISATAP), or 6to4 transition technologies, then leave them on. But it s safe to say that the vast majority of us can do without them.

To undo any of those commands, just replace Disabled with Default. Along those lines, I m not suggesting you disable IPv6 altogether, but I have many clients and associates who do. so if you want to go IPv6-less, you can do it on any given network adapter with this command:

Thus, if you re building a server on simple hardware with just one wired NIC, the command would look like

Alternatively, you can skip the long DisplayName values and use ComponentID:

You can find the DisplayName and ComponentID values for your NICs like so:

Tip #3: Set Up Your Server s TCP/IP and DNS Settings

Servers need static IP addresses, and setting them can be a pain in the neck. PowerShell simplifies things with the New-NetIPAddress and Set-DNSClientServerAddress cmdlets. They re lengthy but far more readable than the Netsh commands that were my only hope back when I was explaining how to set IP addresses for Windows Server 2008 Server Core. New-NetIPAddress looks like

On my simple system, it s

PrefixLength refers to the number of 1s in the subnet mask. It uses the shorter Classless Inter-Domain Routing (CIDR) method of describing an IPv4 subnet mask, such as 255.255.255.0. Why Microsoft didn t just add a –dnsserver option to this cmdlet is beyond me, but there s a pile of DNS-specific cmdlets for both the DNS server and the DNS client, so maybe it was a simple turf war in Redmond.

Anyway, to set a static DNS server address on a given NIC, just use Set-DNSClientServerAddress. It simply needs to know which NIC to assign it to and the IP address of the DNS server, as in

And in case you should ever want to tell the system to revert to finding a DNS server via DHCP, use ResetServerAddresses, as in

With just a bit of PowerShell help, we ve taken our new DC pretty far along. We ll continue the job next time. See you then!





Last Updated on: August 14th, 2017 at 1:19 am, by


Written by admin


Leave a Reply

Your email address will not be published. Required fields are marked *