Scribd
Upload
185 views75 pages

Chapter 2 - Installing and Managing Windows Server 2022

vsdgrf

Uploaded by

Tâm Ngô
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
185 views75 pages

Chapter 2 - Installing and Managing Windows Server 2022

vsdgrf

Uploaded by

Tâm Ngô
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 75

Chapter 2

Installing and Managing Windows Server 2022

Tran Thanh Dien, PhD


August, 2024
Content

• Requirements for installation


• Installing Windows Server 2022
• Installing roles and features
• Centralized management and monitoring
• Windows Admin Center (WAC)
• Enabling quick server rollouts with Sysprep
• In-place upgrading to Windows Server 2022

2
Technical requirements

• Many of the decisions that you need to make are licensing-type decisions
• What roles do you intend to install on this server?
• Do they require a special edition?
• Can the more common Server 2022 Standard edition handle it, or do we need the
Datacenter edition for our purposes?
• Is Server Core going to be beneficial from a security perspective, or do we need
the full Desktop Experience?
Technical requirements
Minimum system requirements

• CPU: 1.4 GHz 64-bit that supports: NX, DEP, CMPXCHG16b, LAHF/SAHF,
PrefetchW, and SLAT.
• RAM: 512 MB ECC memory minimum for Server Core, or a recommended 2 GB
minimum for a server running Desktop Experience.
• Disk: 32 GB
• Desktop Experience consumes about 4 GB more space than Server Core
• Requires a PCI Express (PCIe) storage adapter
• ATA/PATA/IDE are not allowed for boot drives
• Windows Server 2022 supports 48 TB of memory and 2,048 logical cores across
64 physical sockets
Installing Windows Server 2022

• Burning that ISO: Download a .ISO file from Microsoft, burn that .ISO to a DVD
or Creating a bootable USB stick
• Running the installer
• plug newly created DVD or
bootable USB into the new
server hardware.
• Boot to it, and the installation
wizard for Windows Server
2022 appear
• After choosing installation
language, the next screen is
Install now
Installing Windows Server 2022

• To run in trial mode click on “I don’t have a product key”

• Select installation
options for Windows
Server 2022
Installing Windows Server 2022
Installing roles and features

• Installing the operating system gets your foot in the door


• Not actually do anything useful with your server at this point
• Server’s job is to serve up data
• Need to utilize roles and features
Installing roles and features
Installing a role using the wizard

• Server Manager launches automatically every time you log in to Windows Server
2022
Installing roles and features
Installing a role using the wizard

• Select Role-based or feature-based installation


Installing roles and features
Installing a role using the wizard
Installing roles and features
Installing a role using the wizard

• Now we have our list of roles available to be


installed
• In this example, we will the core
infrastructural roles:
• Active Directory Domain Services role,
• DNS server and
• DHCP server.
Installing roles and features
Installing a role using the wizard

• When clicked on Active Directory


Domain Services role, a pop-up
message that requires some additional
features in order to work properly.
• This is normal behavior
• All you need to do is click on the Add
Features button
Installing roles and features
Installing a role using the wizard

• After the installation process


completed, you may or may not be
prompted to restart the server
• Once back inside Server Manager, there
may be a yellow exclamation mark near
the top
• Clicking here displays messages about
further configurations required to
complete the setup of new roles and
finalize their use on the server
Installing roles and features
Installing a feature using PowerShell

• Get-WindowsFeature
Installing roles and features
Installing a feature using PowerShell

• To see only the features that begin with the letters TEL
Installing roles and features
Installing a feature using PowerShell

• To quickly show
only the roles and
features currently
installed on a
server
Installing roles and features
Installing a feature using PowerShell

• To install Telnet-Client
Centralized management and monitoring

• To manage a server => log directly into the server that you need to work on
✓ walking up to the server and logging on with the keyboard and mouse plugged
right into that hardware
✓ Logging into our servers remotely using RDP
• Need some tools that we can utilize to make our management and monitoring, and
even configuration processes, more efficient
Centralized management and monitoring
Server Manager

• Auto-launching program
when logging in to any of
servers
• Help to manage the server
• Give a quick look into
what is currently installed
on the server

a very quick view of whether or


not the services running on this
server functioning properly
Centralized management and monitoring
Server Manager

a list of all the available


Administrative Tools
Centralized management and monitoring
Server Manager

o Managing many servers from a single server


Centralized management and monitoring
Server Manager

o Managing many servers from a single server

Find machines
available within the
network
choose the servers to
manage and move
them over to the
Selected column
Centralized management and monitoring
Server Manager

o Managing many servers from a single server


Centralized management and monitoring
Remote Server Administration Tools (RSAT)

• To manage and monitor all of the servers from client computer


• a regular Windows 10 client computer online and running in our network, also
domain-joined
• Add an optional feature to this Windows 10 computer to give it the RSAT toolset.
Centralized management and monitoring
Remote Server Administration Tools (RSAT)

1) Open up Settings and type the word


optional into the search bar.
2) Click on Manage optional features
3) Click the button to Add a feature
4) check the box next to every item that
begins with RSAT
5) Click Install
Windows 10 older than 1809: Download
and install the whole RSAT package from
https://www.microsoft.com/en-
us/download/details.aspx?id=45520
Centralized management and monitoring
Remote Server Administration Tools (RSAT)

• No program called Remote Server Administration Tool.


• In Start menu, you will now find Server Manager
• Open up Server Manager on your desktop computer
• Walk through the step to Add other servers to manage
Centralized management and monitoring
Does this mean RDP is dead?

• Certainly not!
• Need to access our servers directly sometimes
• Many administrators out there will continue using RDP and full desktop-based
access for all management and monitoring of their servers simply because that is
what they are more comfortable with
Centralized management and monitoring
Remote Desktop Connection Manager

• Useful platform for storing all of the different RDP connections


Windows Admin Center (WAC)

• A server and client management platform designed to administer machines in a


more efficient manner.
• A browser-based tool: once installed, you access WAC from a web browser
• No need to install a management tool or application onto your workstation
• To manage the servers (all the way back to Server 2008 R2) and the server clusters
• Ability to manage servers hosted on-premises as well as inside Azure
Windows Admin Center (WAC)
Installing Windows Admin Center

• Log into a server in the network


• Download WAC here:
https://aka.ms/WACDownload
• Run the installer
• Windows Admin Center cannot be
installed Active Directory Domain
Services (AD DS)
Windows Admin Center
Launching Windows Admin Center

• Open up a supported browser from any machine and browse to the WAC URL

• A certificate warning: because I of using a


self-signed certificate
Windows Admin Center
Launching Windows Admin Center

• Open up a supported browser from any machine and browse to the WAC URL

• A certificate warning: because I of using a


self-signed certificate
Windows Admin Center
Launching Windows Admin Center

• Even though logged into a domain-joined Windows 10 computer, the WAC website
does not automatically try to inject those credentials for its own use but rather
pauses to ask who you are

Input the domain


credentials
Windows Admin Center
Launching Windows Admin Center

• WAC interface
Windows Admin Center
Adding more servers to WAC

• Click the + Add button that is shown onscreen

• You will be presented with choices to add a new server, a new PC, a Windows
Server failover cluster, Azure Stack HCI, or even an Azure VM.
Windows Admin Center
Adding more servers to WAC

• The option to Search Active


Directory to search for a full list of
machines in the domain
• select the checkboxes next to each
server that you would like to
administer via Windows Admin
Center and click the Add button
Windows Admin Center
Adding more servers to WAC

• Server information in WAC


Windows Admin Center
Managing a server with WAC

• Clicking on the server name


• The ability to run backups
on server, view and install
certificates
• Monitor the performance of
the server
• Launch a remote PowerShell
connection to the server
• One-stop shop for remotely
managing your servers
Windows Admin Center
Changes are easy as pie

• Capabilities to manipulate
servers as well, straight from
this web interface
• Can add roles or features to
servers, create scheduled tasks,
start or stop services, edit the
registry and add Windows
Firewall rules …
• Example: Enable RDP from
inside WAC
Windows Admin Center
Azure integrations

• WAC that there are numerous tools related to Azure


• Can be used to administer both on-premises servers as well as Azure servers
• Used to bind your on-premises environment together with your Azure
environment through things like Azure File Sync and Azure Backup.
• A powerful way of creating a hybrid cloud configuration: maintain servers in both
environments
• Can also be used to help ease a transition from a traditional datacenter into a
cloud-only mentality
Enabling quick server rollouts with Sysprep

• An easier and faster way to roll out new servers as long as you are building them
all from a relatively similar hardware platform
• Save you quite a bit of time on new server builds
• Sysprep (Microsoft System Preparation Tool): A tool to prepare your system for
duplication
• Allows you to create a master image of your server to reuse as many times as you
want in order to roll out additional servers
• A key benefit to using Sysprep: can put customized settings onto your master
server and install things such as Windows Update prior to Sysprep
Enabling quick server rollouts with Sysprep

• Why Sysprep is even necessary?


• Could we simply use a hard disk imaging tool or copy and paste the .VHDX file
itself in order to make a copy of your new server
• an exact replica of the original one: hostname, Security Identifier (SID) number,
would be exactly the same => cause conflicts and collisions
• Each system within your network has a unique SID/GUID—their identifier within
Active Directory
• Sysprep fixes all of these inherent problems with the system duplication process
by randomizing the unique identifiers in the operating system
Enabling quick server rollouts with Sysprep

The steps to take


1. Install Windows Server 2022 onto a new server
2. Configure customizations and updates onto your new server
3. Run Sysprep to prepare and shut down your master server
4. Create your master image of the drive
5. Build new servers using copies of the master image
Enabling quick server rollouts with Sysprep

The steps to take


1. Install Windows Server 2022 onto a new server
2. Configure customizations and updates onto your new server
3. Run Sysprep to prepare and shut down your master server
4. Create your master image of the drive
5. Build new servers using copies of the master image
Enabling quick server rollouts with Sysprep
Install Windows Server 2022 onto a new server

• Prepare the master server by getting the Windows Server 2022 OS installed
• Not to install roles onto the master server
• Install OS and make sure device drivers all squared away
• And you’re ready for the next step
Enabling quick server rollouts with Sysprep
Configuring customizations and updates onto your new server

• Configure Customizations:
• start or stop services
• Put things such as files and folders on all of your servers, such as an Admin
Tools folder,..
• Windows Update install: Put any patches on this new server
• Help to save all of that download and installation time for each new server that
you spin up
Enabling quick server rollouts with Sysprep
Running Sysprep to prepare and shut down your master server

• Open up an administrative
Command Prompt and browse to
C:\Windows\System32\Sysprep
• Run sysprep.exe
Enabling quick server rollouts with Sysprep
Running Sysprep to prepare and shut down your master server

Sysprep.exe options:
• /quiet: without status messages on the screen
• /generalize: To remove all of the unique system information (SID) from the
Windows installation (each new server get a new, unique SID).
• /audit: Restarts the machine into a special audit mode for adding additional drivers
• /oobe: Launch the mini-setup wizard when Windows next boots
• /reboot: Restarts when Sysprep finished
• /shutdown: Shuts down the system (not a restart) when Sysprep finished
• /quit: closes Sysprep after it finishes
• /unattend: a special answer file to configure new servers as they come online
Enabling quick server rollouts with Sysprep
Running Sysprep to prepare and shut down your master server

sysprep.exe /generalize /oobe /shutdown

• Make sure NOT boot into Windows again until after you have created master
image or taken master copy of the .VHDX file.
Enabling quick server rollouts with Sysprep
Creating your master image of the drive

• Master server now shut down, and ready to create the master image
• For physical server:
✓ Use any hard disk imaging utility to create an image file from the drive
• For virtual world:
✓ Simply create a copy of the .VHDX file.
✓ Log in to your Hyper-V Server, copy and paste the hard disk file
✓ Renamed the.VHDX filr to help you keep track of the current status of this
image file.
✓ Copy of the .VHDX file somewhere safe
Enabling quick server rollouts with Sysprep
Building new servers using copies of the master image

• When you want to create new servers:


o Copy and paste the master file into a new location for the new server
o Rename the drive file to something appropriate
o And boot your new virtual machine from it
• As the new servers turn on for the first time and boot into Windows, they will run
through the out-of-box experience, mini-setup wizard.
• Also, in the background, the OS gives itself a new random and unique hostname
and SID information to be sure no conflicts on the network
Enabling quick server rollouts with Sysprep
Building new servers using copies of the master image

Change the server’s name


In-place upgrading to Windows Server 2022

• For so many years, it was normal that in-place upgrades were almost guaranteed
to tank your server, causing it to be useless in the end
• Due to this, server upgrades almost always meant replacing the server rather than
upgrading it
o Leave the production server running
o Spin up a new one in parallel
o Configure all of the roles and specs needed on that server
o Migration of data and apps to the new server (hopefully, everything up and
working on the new server)
o Then, shut the old server down. This is normal; this is Windows Server
upgrades.
In-place upgrading to Windows Server 2022

Things have changed…


• From Server 2012R2 to Server 2016, it was suddenly possible to be successful
with an in-place Windows Server upgrade.
• Not all the time, but sometimes. Since it was still sporadic, it was not commonly
attempted, and we continued to stick to old methods of replacing servers.
• Server 2019 came out, and in-place upgrades from 2016 to 2019 were actually
quite stable
• Windows Server 2022 continues that trend.
• Windows Server operating system in-place upgrades are stable and introduce us
to a much more efficient way to upgrade servers
Using Windows PowerShell

• Modern replacement for the MS-DOS shell


• Work with Windows PowerShell:
o Some key commands use to perform system administration
o How to query system information using WMI
o The creation and usage of PowerShell scripts.
Using Windows PowerShell
Working with Windows PowerShe

• Right-click the Windows PowerShell icon on the Start menu and choose More, Run
as administrator.
• After Windows PowerShell start, you are placed in your home directory on the
system and given a PS prompt, where you can type cmdlets
• If log into system as Administrator, you will receive the following prompt:
PS C:\Users\Administrator>
• Windows PowerShell used to execute most MS-DOS commands, as well as many
UNIX/Linux commands.
• For example, PS C:\Users\Administrator>copy C:\Windows\System32\calc.exe C:\
Using Windows PowerShell
Working with Windows PowerShell

• Support MS-DOS shell features: output redirection (>>) and command chaining (;)
• For example:
PS C:\Users\Administrator>ipconfig >> C:\IPconfig.txt ; cls
save the output to a file called C:\IPconfig.txt, and then clear the screen
• Commands in PowerShell called cmdlets
• Each cmdlet has an action-object or verb-noun structure.
• For example:
o Get-Host: “get” (verb) information about “host” computer (noun).
• Cmdlets are case-insensitive, so Get-Host and get-host are equivalent.
Using Windows PowerShell
Working with Windows PowerShell

• Some examples of common cmdlets: Get-Process, Set-Date, and Write-Error.


• To see a list of all cmdlets within Windows PowerShell, run the command:
PS C:\Users\Administrator>Get-Command | more
• Pipe symbol ( | ) sends the results of the Get-Command cmdlet to the MS-DOS
more command
• more command displays the output page-by-page
• pipe symbol: one of the most useful ways of sending information between cmdlets
to build more complex commands or filter output to display only the output that
they wish to see.
• This process called piping.
Using Windows PowerShell
Working with Windows PowerShell

• Cmdlets may also have several options:


o available to control their execution
o accept various arguments indicate the objects need to process.
• For example,
PS C:\Users\Administrator>Get-Process | more
lists all processes on the system
• Use the Get-Help cmdlet to list the usage of the Get-Process cmdlet (including
available options and arguments)
PS C:\Users\Administrator> Get-Help Get-Process
Using Windows PowerShell
System Administration Commands

• Some key PowerShell cmdlets and commands that administrators often use to
manage Windows Server 2019.
o Restart-Computer
o Stop-Computer
o Rename-Computer newcomputername: to rename a computer
o Add-Computer –DomainName domainname: to join it to an Active Directory.
o Get-WindowsFeature | ogv: display installed and available roles and features
o Install-WindowsFeature: install roles and features
Using Windows PowerShell
System Administration Commands

• For example:
o Install-WindowsFeature –IncludeAllSubfeature –IncludeManagementTools web-
server: Install IIS Web server
o Remove-WindowsFeature web-server: Remove Web server
• Windows PowerShell also used to configure and troubleshoot the network
o Test-NetConnection: Test a connection to identify problems with IP
configuration, firewall configuration, and name resolution.
o Test-NetConnection triosdevelopers.com –Port 443
o Test-NetConnection triosdevelopers.com –Traceroute
Using Windows PowerShell
System Administration Commands

• For example:
o Install-WindowsFeature –IncludeAllSubfeature –IncludeManagementTools web-
server: Install IIS Web server
o Remove-WindowsFeature web-server: Remove Web server
• Windows PowerShell also used to configure and troubleshoot the network
o Test-NetConnection: Test a connection to identify problems with IP
configuration, firewall configuration, and name resolution.
o Test-NetConnection triosdevelopers.com –Port 443
o Test-NetConnection triosdevelopers.com –Traceroute
Using Windows PowerShell
System Administration Commands

• Configure and troubleshoot the network


o Get-NetIPConfiguration: obtain information about IP configuration
o Get-NetAdapter: network interfaces
o Get-NetAdapterStatistics cmdlets: network statistics
• To configure a network interface called Ethernet with an IPv4 address of
192.168.1.50, 24-bit subnet mask, default gateway of 192.168.1.1, and preferred
DNS server of 8.8.8.8, you could run the commands:
New-NetIPAddress –InterfaceAlias Ethernet –IPAddress 192.168.1.50 –
PrefixLength 24 –DefaultGateway 192.168.1.1
Set-DNSClientServerAddress –InterfaceAlias Ethernet –ServerAddresses 8.8.8.8
Using Windows PowerShell
Using WMI within Windows PowerShel

• Management Instrumentation (WMI): allow programs and system software to query


the hardware and software on the Windows computer
• WMI infrastructure consists of three components that work together:
o WMI namespaces
o WMI providers
o WMI classes
Using Windows PowerShell
Using WMI within Windows PowerShel

• WMI namespaces: represent/organize different types of WMI data in much the same
way that a file cabinet organizes files.
• different namespaces for different purposes, and each namespace holds different
WMI providers
• Only namespace useful to IT administrators within Windows PowerShell is the
CIMv2 namespace (Common Information Model version 2)
o query the hardware and software components on systems
o modify software components as necessary
Using Windows PowerShell
Using WMI within Windows PowerShel

• WMI providers: like the drawers in a file cabinet.


o Each provider contains different WMI classes used to obtain/modify different
hardware and software information on your system.
• WMI classes: individual types of data and like the files in each drawer of a filing
cabinet.
o It is these classes that we can use within Windows PowerShell to work with
different pieces of hardware and software.
Using Windows PowerShell
Using WMI within Windows PowerShel

• Query and manipulate WMI classes


Get-WmiObject (alias gwmi) cmdlet
• For example, the following command queries the win32_bios class in the CIMv2
namespace on the local computer (“.”):
gwmi –class win32_bios –computer ".“ –namespace "root\cimv2"
• By default, PowerShell assumes the local computer and the CIMv2 namespace. So,
the following Windows PowerShell command equivalent to the previous one:
PS C:\Users\Administrator>gwmi win32_bios
Using Windows PowerShell
Using WMI within Windows PowerShel

• Instead of specifying the WMI class with Get-WmiObject cmdlet, we can instead
create a WMI query statement and specify it using the –query option.
• WMI query statements use a SQL database language called WQL (WMI Query
Language).
• For example, the following command within Windows PowerShell will select all
attributes/ methods (*) from the win32_share class as shown below:
PS C:\Users\Administrator>gwmi –query "select * from win32_share"
Using Windows PowerShell
Creating PowerShell Scripts

• PowerShell scripts simply text files with a .ps1 extension executed within
PowerShell
• PowerShell scripts can contain both Windows commands and PowerShell cmdlets,
as well as complex control structures.
• The script can be used to accept input that changes how the script works.
• The use of variables and constants, protecting metacharacters, coloring and
formatting output, and the use of decision and loop constructs.
Using Windows PowerShell
Creating PowerShell Scripts: Executing PowerShell Scripts

• Enable script support in Windows PowerShell:


o Set-ExecutionPolicy unrestricted
• To see current execution policy: run the Get-ExecutionPolicy cmdlet.
• Five different execution policies on a Windows system:
o Restricted: not run any scripts (script execution is disabled).
o AllSigned: only runs scripts that are signed by a trusted publisher.
o RemoteSigned: allows to run scripts that are downloaded from the Internet only if they
are signed by a trusted publisher.
o Unrestricted: runs all scripts (scripts downloaded from the Internet prompt for
confirmation before execution).
o Bypass: runs all scripts (no warnings).
o Undefined: indicates that a policy is not set.
Using Windows PowerShell
Creating PowerShell Scripts: Executing PowerShell Scripts

• To execute a PowerShell script, use a full path or a “forced” relative path (where “.”
refers to the current directory):
o Full path: C:\scripts\myscript.ps1
o Relative path (within the C:\scripts directory): .\myscript.ps1 or ./myscript.ps1
• To execute a PowerShell script outside Windows PowerShell, use the powershell
• For Example:
powershell C:\scripts\myscript.ps1 –noexit
–noexit prevents Windows PowerShell from closing after executing the script)
Using Windows PowerShell
Creating PowerShell Scripts: Using Windows PowerShell ISE

• Windows PowerShell Integrated


Scripting Environment (ISE):
tool for creating, testing, and
executing scripts
• Windows PowerShell pane on the
left
• Commands pane on the right
allows to search for and execute
commands
• click the Script opens a new
PowerShell script in the upper
pane called Untitled.ps1
Using Windows PowerShell
Creating PowerShell Scripts: Using Windows PowerShell ISE

• After adding content to Untitled.ps1, clicking the green Run script (play button)
icon or by pressing the F5 key to execute it
• File -> Save As, and choose to save it with a more descriptive file name to
location of your choice (e.g., C:\scripts\myscript.ps1).
• You can also create and test scripts on remote computers that have winRM started
within Windows PowerShell ISE.
• To do this, navigate to File, New Remote PowerShell Tab and specify the correct
computer name.
• If you are currently logged into an Active Directory domain with domain
administrative privileges, you will be allowed to connect to any computer within
your domain that has winRM started.
Summary

• Requirements for installation


• Installing Windows Server 2022
• Installing roles and features
• Centralized management and monitoring
• Windows Admin Center (WAC)
• Enabling quick server rollouts with Sysprep
• In-place upgrading to Windows Server 2022

You might also like