Configurin

g Servers
 Server Manager
• Allows for direct interaction with a remote or local server
handles post-installation configuration tasks

Some tasks:

• Configure network
connection
• NIC teaming
• Set time zone
• Rename Computer
• Join domain or
change workgroup
• Enable Remote
Desktop
• Configure Window
Update Settings
Server Manager
(tasks)
Rename computer

Join domain

Enable Remote Desktop

Configure Network connection

Configure Network connection

5
 Windows PowerShell
PowerShell is a task-based command-line shell (similar to Linux and
MacOS) and scripting language built on the .NET Framework.
PowerShell commands let you manage computers from the command
line; and includes a rich expression parser and a fully developed
scripting language

Windows Powershell 7.2

6
 Windows PowerShell
Cmdlets are native commands available in Windows PowerShell. They
follow a verb-noun naming pattern, such as get-process, get-service, get-
help, set-date, or stop-process. Common verbs include:
Add: Add a resource to a container, or attach an item to another item.
Get: Retrieve data from a resource.
New: Create a new resource.
Remove: Delete a resource from a container.
Set: Modify a resource, such as data or system parameters.
Start: Begin an operation, such as a process or a program.

7
 Command structure
GET-CHILDITEM
GET-CHILDITEM "C:\PROGRAM FILES“
GET-CHILDITEM "C:\PROGRAM FILES“ | SORT-
OBJECT
The cmdlets above are similar to the
DOS command called dir. dir is an alias
for get-childitem.
pipe – logical connection between
two commands. Output from the
get-alias cmdlet will list all the aliases
left command becomes the input
currently defined in Powershell
to the right command.
Processes and Services
Get-process – list all processes
Get-process powershell – list all powershell processes
Stop-process powershell – stop the powershell process
Get-process powershell | stop-process – list and stop
Get-help – display help for cmdlets
Get-help get-process – help for the get-process cmdlet
Get-help *-service – for all cmdlets with noun ‘service’
Get-command *-service – find all cmdlets with noun ‘service’
Stop-computer or restart-computer
 Powershell : WMI Object
Windows Management Instrumentation
Get-WmiObject -List
Get-WmiObject -List -ComputerName .
Get-WmiObject -List -ComputerName Admin01
Get-WmiObject -List -ComputerName [Link]
Get-WmiObject -List -ComputerName [Link]
Get-WmiObject -List -ComputerName localhost

Get-WmiObject Win32_OperatingSystem

Get-WmiObject -Class Win32_Service -ComputerName [Link]

Get-WmiObject -Class Win32_Bios | Format-List -Property

10
Installing the AD DS
Role
Active Directory must contain the
installation of DNS

Promote the server to a domain controller

Add to a forest

Set restore password

11
Installing the AD DS
Role (using powershell)
Install-Windowsfeature AD-Domain-Services

Install-ADDSForest
-CreateDnsDelegation:$false
-DatabasePath “C:\Windows\NTDS”
-DomainMode “Win2016”
-DomainName “[Link]”
-DomainNetbiosName “ADATUM”
-ForestMode “Win2016”
-InstallDns:$true
-LogPath “C:\Windows\NTDS”
-NoRebootOnCompletion:$false
-SysvolPath “C:\Windows\SYSVOL”
-Force:$true

12
 Using Remote Windows
PowerShell
PowerShell Remoting is a server-client application that allows you to securely
connect to a remote PowerShell host and run script interactively.
It allows you to run commands on a remote system as though you were sitting
physically at its console.
PowerShell Remoting is built upon the Web Services for Management protocol
and uses Windows Remote Management service to handle the authentication
and communication elements.

13
 Using Remote Windows
PowerShell
There are two types of remoting:
One-to-one remoting: Allows you to bring up the PowerShell prompt on a
remote computer. The credentials you use are delegated to the remote
computer. Any commands you run will run under those credentials.
One-to-many remoting: Allows you to send one or more commands, in
parallel, to multiple computers. Each of these computers runs the command,
produces the results into an XML file, and then returns the results to your
computer over the network. When the results are returned, they include the
computer name.

14
 Use PowerShell (One-to-One
Remoting)
Class Activity
GET READY. To connect to a target Windows Server 2016 computer using
PowerShell and one-to-one remoting, perform the following steps.
First, you need to enable PSRemoting on a target computer:
1. Log on with administrative privileges to LON-DC1 running Windows 10 or
Windows Server 2016.
2. Click Start and type PowerShell. From the results, click Windows
PowerShell.
3. From the Windows PowerShell window, type Enable-PSRemoting and
then press Enter.

15
 Use PowerShell (One-to-One
Remoting)
Class Activity
4. Enter the following 2 commands to allow unencrypted traffic and basic
authentication (Never use in a production environment)

winrm set winrm/config/service '@{AllowUnencrypted="true"}’

5. If any necessary tasks need to be done, read the tasks that will be
performed, type A, and then press Enter.
NEXT, from LON-SVR3, log on with administrative privileges to the domain and
perform the following steps.
6. Press the Windows logo key + r, type Powershell in the Run text box, and
then click OK.

16
 Use PowerShell (One-to-One
Remoting)
Class Activity
2. From the Windows PowerShell window, type the following and press
Enter:

Enter-pssession –ComputerName LON-DC1 -Authentication Basic -Credential $cred

A screen will popup for you to enter your user/pass credentials.

3. Type get-service and press Enter to see the services running on the
domain controller.

17
 Use PowerShell (One-to-One
Remoting)
Class Activity
4. Type get-process and press Enter to see a list of all processes running on
the domain controller.
5. Type get-acl c:\ and press Enter to see the access control list applied via
NTFS for the C drive.
6. Type exit-pssession and press Enter to exit PowerShell.

18
 Install Roles and Features Using the
Install-WindowsFeature Cmdlet
Class Activity
GET READY. To install roles and features using the Install-WindowsFeature
cmdlet on a computer running Windows Server 2016 Server Core, perform the
following steps.
1. Log on with administrative privileges to LON-SVR3.
2. To open Windows PowerShell, from the command prompt, type [Link].

Install-WindowsFeature
[-Name] <Feature[]>
[-Restart]
[-IncludeAllSubFeature]
[-IncludeManagementTools]
[-Source <String[]>]
[-ComputerName <String>]
[-Credential <PSCredential>]
[-LogPath <String>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]

19
 Install Roles and Features Using the
Install-WindowsFeature Cmdlet
Class Activity
3. To view the roles and features, execute Get-WindowsFeature
4. To install the IIS Role (Web Server), execute the following command:

Install-WindowsFeature -name Web-Server –IncludeManagementTools

5. From LON-DC1, open up Internet Explorer. Browse to [Link]

20
 The management and maintenance of
servers quickly becomes complex
without standardization.
What is
Desired DSC gives us a declarative model for
State system configuration management.
Basically, how we want a workstation
Configurati or server to be configured.
on (DSC)?

To reduce the time necessary to

21
 PowerShell Desired State Configuration: The Basics - Simple Talk ([Link])

What is Desired State Configuration

22
 When you manage several
servers in a data center,
configuring all of those
Implementi servers requires a lot of work.
ng
Windows
PowerShell
DSC The burden of managing
several is eased when those
servers share a common
configuration.

23
 Some of the configurations
that you can apply include:
Implementi • Enabling or disabling server roles
and features
ng • Managing registry settings
Windows • Managing files and directories
PowerShell • Starting, stopping, and managing
DSC processes and services
• Managing groups and user
accounts
• Deploying new software
• Managing environment variables
• Running Windows PowerShell
scripts

24
Implementing
Windows PowerShell
DSC
The Local Configuration Manager (LCM) is the
Windows PowerShell DSC engine.
It will periodically check whether the
configuration is still valid or if drift has
occurred.
You will then specify how often it will retrieve
the configuration and how often it will check
and apply the specified configuration.

25
 Configure a System with Windows
PowerShell DSC
Class Activity
GET READY. To configure a system with Windows PowerShell Desired State
Configuration, perform the following steps.
1. Log on to LON-SVR3 as adatum\administrator with the password of Pa$
$w0rd.
2. If Server Manager does not open, click Start and click Server Manager.
3. Click Tools > Windows PowerShell ISE.
4. When Windows PowerShell ISE opens, in the top white pane, type text
shown on the next slide.

26
Configure a System with Windows
PowerShell DSC
Class Activity
configuration CIS216
{
Import-DscResource –ModuleName 'PSDesiredStateConfiguration’

WindowsFeature snmp
{
Name = “SNMP-Service”;
Ensure = “Present”
}
WindowsFeature DSCServiceFeature
{
Name = “DSCServiceFeature”;
Ensure = “Present”
}
Script MakeMonitorTimeout-0
{
GetScript = { $true } #Do Nothing
SetScript = {
Write-Verbose -Message “Setting Monitor Timeout to 0"
powercfg -change -monitor-timeout-ac 0
}
TestScript = { $false }
}
}
CIS216

27
 Configure a System with Windows
PowerShell DSC
Class Activity
5. Click File > Save As. In the Save As dialog box, in the File name text box,
type C:\Config.ps1 and click the Save button.
6. Click the blue, bottom pane. Then in the blue, bottom pane, type cd \ and
press Enter.
7. To create the .mof file, from the Windows PowerShell command prompt,
execute\config1.ps1
8. At the Windows PowerShell command prompt, execute:
Start-DscConfiguration –Wait –Verbose –Path C:\CIS216 -Force

28
 Configure a System with Windows
PowerShell DSC
Class Activity
9. Query the current status of the machine and return the
current values for the configuration.
Get-DscConfiguration

29