Install Windows Server 2012

intro

This document lists the steps to install Windows Server 2012.

Attach the media (if its a virtual machine) or insert the DVD into the DVD drive and then boot the Virtual/Physical Machine.

A screen will show loading. When it completes you will get the screen below.

install1

  • Select your language, time and Keyboard method.
  • Click Next.

install2

  • Click on the “Install Now” button to start the installation.

install3

  • Enter in your product key and then click Next.

install4

  • Make your select if you want a GUI or Core installation and then click Next.

install5

  • Click on the checkbox to accept the license terms and then click Next.

install6

  • We are going to do an Custom Installation as this is a new install on a system with no OS.

install7

  • Select the partition you want to install on or create your custom partitions and then click Next.

install8

  • Progress screen. Sit back and wait for the install to complete.

install9

  • Once the setup has completed and after several reboots you will get to this screen. Enter in the local Administrator password and confirm it. Once done click Finish.

install10

  • Once done you will get the login screen. Press any key on the keyboard for the screen to show display the screen below.

install11

  • Type in the password you just created to login to the system.

Exchange 2013 Setup Step by Step

This guide shows you how to install Exchange 2013 step by step. It shows how to configure Active Directory and create a DAG with its network requirements.

The document shows you how to do the following:

  • Prepare & Configure Active Directory.
  • DNS Setup (Internal & External)
  • Exchange Installation.
  • Network Setup/Preparation for your DAG.
  • DAG setup.
  • Accepted Domain Setup.
  • Send/Receive Connector setup.
  • Setup SSL Certificate (I could not create this in my sandbox environment but provided links)
  • Public Folder Setup.
  • Create a Distribution List.
  • Create a Contact.
  • Create a Shared Mailbox.
  • Monitoring Queue and DAG Status.

Active Directory and DNS Preparation:

Minimum Domain Requirements:

  • Windows Server 2003 Standard with Service Pack 2 (SP2)
  • Support for Windows Server 2012 R2
  • Active Directory Forest Level – Windows Server 2003 or Higher
  • User Account member of the Domain, Schema and Enterprise Admins Groups.

Internal DNS Setup

exsetup1

  • Create a CNAME record for Autodiscover that points to your server.
  • Alias Name will be autodiscover (as shown above)
  • FQDN will be the full name in the forward lookup zone you added the CNAME in. for example, if it was domain.com then autodiscover would be autodiscover.domain.dom.
  • FQDN for Target host is your primary exchange server.

External DNS Setup

  •  Create an A record that will point to your public IP for that exchange server.

Server Preparation:

  • Server 2012 Operating System (Need to be the same version as we going to setup a DAG)
  • Join Server to Domain.
  • All Windows Updates installed.

Windows Features to be installed via Windows Powershell:

  • Install-WindowsFeature RSAT-ADDS
  • Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

Once the above features have installed restart your server.

Exchange Prerequisites:

**After installing the 3 Prerequisites reboot**

Prepare Active Directory and Schema:

Open up an elevated command prompt and run the following commands.

Schema Preparation:

  • E:\Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

AD Preparation:

  • E:\Setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms

**Replace E:\ with your own drive letter.

Install Exchange 2013

Open up ISO that you mounted and double click the Setup File. Always run the setup “As Administrator”.

exsetup2

  • Select whether you want to download updates and then click the Next.

exsetup3

  • If any updates are found it will list them, no updates found in this setup, click the Next button.

exsetup4

  • Exchange setup copying files, wait for it to finish.

exsetup5

  • Server Setup is initializing.

exsetup6

  • Introduction page, click the Next button.

exsetup7

  • Accept the License Agreement and then click Next.

exsetup8

  • Make your choice, this installation we went with the default settings. Click Next.

exsetup9

  • Select the roles you want to install, in this installation all roles were chosen. Click Next.

exsetup10

  • You can accept the default location or click Browse change the install location. Once done click Next.

exsetup11

  • Malware settings left on, you can make your selection here and then click next.

exsetup12

  • Once the readiness checks are complete, click on the Install Button to start the Exchange 2013 installation.

exsetup13

  • Exchange 2013 setup has 14 steps to complete. This can take a little while.

exsetup14

  • Once the installation is complete you will see the screen above. You can launch the Exchange Management Center by selecting the checkbox.
  • I recommend rebooting the server.
  • Once you have rebooted, you can login to the Exchange Admin Center as follows:

exsetup15

Post installation and setup tasks:

  • Setup Network.
  • Setup Permissions.
  • Create a DAG, Add servers to the DAG, create mailbox copies.
  • Accepted Domains.
  • Setup Send/Receive Connectors.
  • Setup SSL Certificate.
  • Public Folders.

Prerequisites: – AD

  • Create a computer account in Active Directory; you can call it EX2013DAG for example.
  • Disable the computer account.
  • Open up Active Directory Users and Computers. Make sure you have Advanced Features Enabled. Right click on the computer account just created and select properties. Click on the Security Tab.
  • Grant the Exchange Trusted Subsystem Full Control.
  • Add the DAG Members with Full Control.

Prerequisites: – Network

exsetup16

  • One NIC that has Internet Access.

exsetup17

  • Second NIC purely for DAG traffic. No Default Gateway to be setup or DNS servers. (Shown Above)

exsetup18

**Vitally important that you remove the checkbox that says “Registers this connection’s addresses in DNS on the Second NIC.

  • Make sure that your Binding Order is correct with NIC 1 first on the list.

For example, if you setup this server NIC 2 IP as 192.168.0.1 then your second server should be 192.168.0.2 with the same subnet.

Remember that the Second NIC needs to be on a different subnet to that of your LAN.

 DAG IP:

  • This is an IP address assigned to the DAG that is separate from the Server itself. Reserve an IP address in DHCP or give it an IP that is part of an exclusion range.

Witness Server:

  • Best practice is to use an Exchange 2013 CAS server. Any windows server will do, but you need to add the Exchange Trusted Subsystem as an administrator to that local PC before you can use it.
  • The file share witness also requires the File Server feature installed. (if not an exchange server)

Assign Permissions:

Login to the EAC -> Click on Permissions -> Admin Roles

exsetup19

  • Click on Organization Management and click the Pencil button next to the + button.
  • Scroll down and by Members click the + button and add in the users that will be managing exchange.
  • Click on “Outlook Web App Policies and modify or create a policy.
  • You can also define user roles.

Create a DAG:

GUI Setup: Click on Servers -> Database Availability Groups -> + button.

exsetup20

Exchange Management Shell Setup:

Open up the EMS and type in the following command:

  • New-DatabaseAvailabilityGroup –Name <DAGNAME> –WitnessServer <ServerName> –WitnessDirectory “C:\FSW” – DatabaseAvailabilityGroupIPAddresses <IP Address>

Add Servers to the DAG:

GUI -> Add Servers:

exsetup21

Exchange Management Shell Command:

  • Add-DatabaseAvailabilityGroupServer –Identity <DAGNAME> –MailboxServer <ServerName>

Once the command completes add in the second server.

Create Database Copies:

Now that your DAG has been created, you can add copies of mailbox databases to other mailbox servers.

GUI Setup.

exsetup22

  • Click browse to select the server.

If you have a Database called Database1 you can add it to Ex2013b server as an example.

Exchange Management Shell Command:

  • Add-MailboxDatabaseCopy –Identity <DatabaseName> –MailboxServer <ServerName>

Create a user mailbox:

GUI Setup: Click on Mailboxes -> + button -> User Mailbox.

exsetup23

  • Enter in all the information for the user, you can also specify a specific mailbox database and whether or not to show/hide the user from address lists.

Exchange Management Shell Setup:

  • New-Mailbox-Alias EdTest -Name “Ed Test” -Firstname Edward -LastName Test -DisplayName “Edward Test” -UserPrincipalName EdTest@maildomain.com -Password <ConvertTo-SercureString -String ‘TestPassword’ -AsPlainText -Force> -Database <ServerName>

Setup Accepted Domains:

In the ECP click on Mail Flow -> Accepted Domains.

exsetup24

  • Click the + sign to add in a new accepted domain.
  • Type in the Name (descriptive).
  • Type in the Domain.
  • Select if this is either Authoritative, Internal Relay or External Relay.
  • Click Save.

Configure Default Frontend Receive Connector:

In the ECP click on Mail Flow -> receive connectors.

exsetup25

  • Click on Default Frontend <ServerName> and then click the Pencil next to the +
  • Go to the security tab as shown above and make sure “Anonymous Users” checkbox is selected.
  • Click on save.

Create Send Connector:

In the ECP click on Mail Flow -> send connectors.

exsetup26

  • Click on the + to add a new Send Connector.
  • Type in a descriptive name and then select the Type.
  • Click Next.

exsetup27

  • Select your Network settings, if you routing mail through a smarthost then click the + button.

exsetup28

  • Type in the smart host info and then click save.
  • After that click Next.

exsetup29

  • Specify the authentication as per your ISP and click Next.

exsetup30

  • Click on the + button to setup the Address Space.

exsetup31

  • Enter your FQDN and your Type.
  • Click Save.
  • Click Next.

exsetup32

  • Click on the + button to add in a Source server. When the window comes up select your exchange server, click the Add -> button and then click ok.
  • Click finish and you have now have a send connector setup.

CSR Creation:

http://www.digicert.com/csr-creation-microsoft-exchange-2013.htm 

SSL Installation:

http://www.digicert.com/ssl-certificate-installation-microsoft-exchange-2013.htm

Public Folder Mailbox Setup:

In the ECP click on Public Folders -> Public Folders Mailbox.

exsetup33

  • Click on the + button.
  • Enter in the name for the PF Mailbox.
  • Select an Organizational Unit by clicking the browse button.
  • Select a Mailbox Database by clicking the browse button

Public Folder Setup:

In the ECP click on Public Folders -> Public Folders

exsetup34

  • Click on the + button.
  • Type in a folder name.
  • Click the Save button.

Additional Tasks:

  • Create Distribution List.
  • Create Contacts.
  • Create Shared Mailbox.

Distribution list creation:

In the EAC Click on Recipients -> Groups

 
Add DL
  • Click on the + button and select Distribution group.

Add DL1

  • Type in the display Name
  • Type in the Alias
  • Click the browse button to add it to a specific OU.
  • Click the + button to add a owner.
  • Scroll down to add in more info (screen shot below)

Add DL2

  • click the + button to add in the members of this group.
  • Select your option regarding the approval of this Distribution Group.

You can also create a distribution list using the EMS:

  • New-DistributionGroup -Name “Managers” -OrganizationalUnit “contoso.com/Users” -SamAccountName “Managers” -Type “Distribution”

Contact creation:

In the EAC Click on Recipients -> Contacts

Add cont1

  • Click on the + button and select Mail Contact.

Add cont2

  • Type in the information and then click Save.

Shared Mailbox creation:

In the EAC Click on Recipients -> Shared

add shared mailbox1

  • Click on the + button.

add shared mailbox2

  • Enter in the Display Name and Alias.
  • Click browse to select an OU.
  • Click on the + button to grant Send As Permissions.
  • If you click the More Options button you can set the Mailbox Database where this mailbox should be housed.
  • You can also select a policy.
  • Once done click Save.

Monitoring Queues and DAG:

Open up the Exchange Management Shell.

To find the status of the email Queue type in the following command:

  • Get-Queue

This will give output the status, Message Count, DeliveryType and NextHopDomain.

You can also use Exchange Queue Viewer located in the Exchange Toolbox.

To check the DAG status type in the following command:

  • Get-MailboxDatabaseCopyStatus * (This will show all servers)
  • Get-MailboxDatabaseCopyStatus (without the * it will show the current server)

Configure DHCP Failover for Server 2012 R2

Prerequisites List:

  • Install Server 2012 R2operating system on 2 servers.
  • Join server to the domain.
  • Install the DHCP role on both servers.
  • One of the servers needs to be configured with your DHCP Scopes.

Login to your main DHCP server that you configured and then go to Control Panel -> Administrative Tools -> DHCP

Or

Open Server Manager and then click on Tools -> DHCP

dhcp1

 

  • Expand the DHCP server and then right click on IPv4 and select “Configure Failover” as shown above.

dhcp2

  • Review the information (removed from screenshot) and then click on “Select All” to select specific scopes. Leave as default if you want all the scopes and then click Next.

dhcp3

  • Click on the “Add Server” Button, another screen will appear as below:

dhcp4

  • Click on the “This authorized DHCP Server”, select the server you want as the failover server and then click on okay.

dhcp5

  • The server name will show next to the “Partner Server” and then click Next.

dhcp6

  • Enter a Descriptive Relationship Name.
  • **NB** If your other DHCP server is on the same subnet then It is recommended to setup Loadbalancing. If your other DHCP server on another network then setup the mode to Hot Standby.
  • Modify the rest of the settings as per your network.
  • Add in a password for the Shared Secret to be used to authenticate the failover between your servers.

dhcp7

  • A summary is shown with the configuration you just set. In the scopes box it will show the scopes you chose and above that the name of the servers the failover is between.
  • Click on Finish.

dhcp8

  • A Dialog box will show. Click Close.

Login to your secondary DHCP Server. Go to Control Panel -> Administrative Tools -> DHCP

Or

Open Server Manager and then click on Tools -> DHCP

dhcp9

  • Expand the DHCP server and then right click on IPv4 and select “Properties” as shown above.

dhcp10

  • Click on the “Failover” tab and you should see the “Relationship Name” and “Partner Server” and it will display the mode you setup etc.

Hope it helps.

Win32 error code returned by the print processor: 5. Access is denied

Today I came across a problem whereby some users could print but others the print job goes through but then nothing happens.

Upon investigation in the log file located: Event Viewer\Application and Services Logs\Microsoft\Windows\PrintService, I got the error above for the users that could not print.

I enabled write access for the handful of users to the following folder and they were able to print again: system32/spools/printers

Hope it helps

Install CRM Dynamics 2011 on Windows Server 2012

Today I installed CRM for the first time. According to MS it is supported on Windows Server 2012 but as always there are always extra steps to follow.

Firstly I installed SQL Server 2012 Standard as it will ask you to select an instance in the install. I downloaded the full CRM package and when I ran the install you can see the .exe’s running in the background but nothing happens.

I then found this awesome article on the Web and followed it to install CRM 2011 on Windows Server 2012 without any issues.

http://niiranen.eu/crm/2013/05/dynamics-crm-2011-on-windows-server-2012/

Hope it helps

Windows Server 2012 Hyper-V host NIC problem

Currently I am consolidating my environments and one of things I am doing is moving VM’s to new or different hosts.

I moved my Pastel server, started up the machine and no network connectivity, however a  few minutes ago I just had.

Upon investigation the Microsoft Hyper-V Network Adapter had a yellow exclamation on it with error code 31 that windows could not load the driver for this card.

I then shutdown the machine and added a legacy NIC with the same result. I then ran SFC /Scannow and windows reported no errors.

The only real fix to this is adding a VHD (Virtual Hard drive) with updated NIC drivers and then updating it or re-installing the server. Quite painful as you are pretty stuck without a connection and especially that you cannot add USB devices to Virtual Machines without making them pass-through disks but not all of them can do that.

Another thing is that Windows Server 2012 has the Integration Components built in so you cannot remove this and re-install it.

Hope it helps

Upgrade a Domain Controller from Evaluation to Full

Today I am busy upgrading all my windows licenses and when trying to activate a Windows Server 2012 DC I ran into the following:

“Changing this Windows edition is not supported online for a domain controller”

Pretty straight forward, MS don’t support this for DC’s so to get around it you will need to do the following to upgrade the license:

1. Demote the Domain controller (only do this if you have multiple DC’s in your environment, if not first introduce another one and move the roles to the new DC)

2. Once the server has rebooted you can run the following command to change from Eval to Full: Dism /online /Set-Edition:ServerStandard /ProductKey:YourKey /AcceptEula

3. The server will reboot twice. Windows 2012 will then activate.

4. Promote your DC again. Activation complete.

Hope it helps

IPAM – Event Log Access Status: Blocked (DNS)

After letting IPAM do its discovery for 3 days the only problem I picked up was that the status below was still showing as blocked even though the firewall rules were adjusted and the IPAM server was part of the correct security groups.

IPAM Blocked

The data is refreshed once a day but I was manually refreshing it without success.

Seems to be a bug in IPAM as I added the IPAM server to the Administrators group in AD and all of a sudden everything was unblocked.

Hope it helps

IPAM Windows Server 2012

So Microsoft introduced this cool feature on Windows Server 2012 called IPAM (IP Address Management).

To install this make sure it is not on a Domain Controller.

Installation is pretty simple, open up server manager, Add new features and select IPAM.

Here are a few firewall inbound rules that need to be enabled on your DNS and DHCP Servers:

DNS Service (RPC)
DNS Service (RPC Endpoint Mapper)
Remote Service Management (RPC)
Remote Service Management (RPC-EPMAP)
Remote Event Log Management (RPC)
Remote Event Log Management (RPC-EPMAP)

Now you need to give IPAMUG access to the Event Log Readers Built-In Security group in AD.  Your machine running IPAM needs to be part of IPAMUG.

The key to this is patience, once all the Firewall Ports/Inbound Rules are correct and access give as above everything will be green.

For more info check out MS article:

http://technet.microsoft.com/en-us/library/hh831353.aspx

Hope it helps.

DPM Replica is inconsistent on Windows Server 2012 DC backup

Today I moved my DC System State backups to DPM 2012. After running the first initial sync the status goes to a green OK and then immediately to a red “replica is inconsistent”. Made sure that space was not an issue as this can cause problems but the servers had ample space.

So like Windows Server 2008 R2 I i installed the following feature: Windows Server Backup.

After a reboot I ran a consistency check and all the DC’s were showing OK now.

Hope it helps.