How to authorize a Windows DHCP Server to Active Directory (AD, ADDS)

If you want to authorize please perform following steps.

1. In the DHCP Server MMC, click right on the Server Scope (IPv4 or IPv6) that you want to Authorize and click “Authorize”.

2. Now you should see a green hook on the Scope Symbol and that’s all. You authorized the DHCP Server Scope to your Domain.

 

 

 

How to add second Server to MMC (example DHCP Server)

1. Right click on “DHCP” and than “Add Server”.

2. Now you can add the server. You will not see the new DHCP Server in the list of authorized DHCP server because we didn’t authorize the server yet.

Mark “This server:” and click “Browse”.

 

3.  Now you type in the name of the server.

4. When you entered the name click “Check Names”. When the wizzard found the server, click “ok”.

5. Click “ok” and the server will attached to DHCP MMC.

6. Now you should see both DHCP Servers in the list.

Microsoft Hyper-V Error Message “Processor don’t support virtualisation technology” during Role installation

Hi Community,

when you install Microsoft Hyper-V role on a new system, it could be that you get the error and you can’t install Hyper-V. Mostly the error says that your CPU don’t support virtualisation technology.

Error Windows Server 2012

Error Windows Server 2008 and 2008 R2

In nearly all of the cases the issue is that Intel VT or AMD-V is disabled in BIOS or UEFI.

To fix this, you should restart your system and enter the BIOS or UEFI. Mostly you find the options in processor settings. You only have to enable it and than you can install the Hyper-V role.

For Windows Server 2012 you have also to enable the executional bit (NX-Bit).

See some example BIOS and UEFI settings.

UEFI settings for Dell PowerEdge 12th Generation with enabled Intel VT and disabled NX-Bit

 

BIOS settings for Dell PowerEdge with disabled Intel VT and disabled NX-Bit

 

BIOS settings for Dell PowerEdge-C (CloudEdge) with enabled Intel VT and disabled NX-Bit

 

BIOS settings for Dell PowerEdge-C (CloudEdge) with disabled Intel VT ,disabled NX-Bit and disabled Intel VT-d.

 

How to remove a role or feature in Windows Server 2012

Hi Community,

after intalling the wrong role in Windows Server 2012, I got the idea to blog how to remove the role.

1. First open the Server Manager.

2. Klick on “Manage” and than on “Remove Roles and Features”.

3. The wizzard starts.

4. Now you have to select the server were you want to remove a role.

5. Select the role you want to remove.

6. If you want to remove a feature, you can select it in this menu.

7. Now you get a small of all actions that will be performed. Klick “Remove” to start the actions.

First configuration of a fresh installed Windows Server 2012

Hi Community,

here some configuration steps, that you should perform after you installed a Windows Server 2012.

1. Open the “Server Manager” and “click on Configure this local server”

 

2. Now click on the “computername” or “workgroup” and than on “Change …”

3. In the “Computer Name/Domain Changes” menu you can change the servername and join your domain. In my case I will not join the domain because this system will become my first DC (Domain Controller) for a new domain.

!!! Attention !!! After this changes your server want’s to reboot! 

 

4.  After this we go on “Remote Desktop” to enable RDP (Remote Desktop Protocol”  on this server.

Best Pracitice Tipp: When you don’t need RDP leave it disabled. This could be the case when you use WinRM, RSAT (Remote Server Administration Tools) or Remote PowerShell.

5.  Now you can set the access level for RDP Sessions. When you are using Windows Vista, Windows 7 or Windows 8 or Windows Server 2008 and newer, you can leave the checkbox for Network Level Authentification checked. For all order RDP Clients you have to uncheck this box.

I will only use Windows Server 7/8 and Windows Server 2008 R2 or 2012 to connect, so I leave it checked.

What does authentifciation on network layer mean?

That means that your user credentials will be checked before you will connected to the server. In older versions from RDP you were connected first to the server and than your credentials were checked by the server. This was I high risk because there was a small door that hackers could use to get controll over your system or they could perform denied of service attacks.

It is also possible to configure teaming in the configuration menu but I will explain this seperate in a later blog.

6. If you don’t use DHCP for this server, you have also to set IP, default gateway and DNS. for this click on “Ethernet” and the Network Connection windows will open. Perform a rightklick on the NIC you want to configure and than selecte “Properties”

 

7. Than klick on “Internet Protocol Version 4” to configure static IP on IPv4 and than click on “Properties”. You can also configure IPv6, I only use IPv4 because my router has no IPv6 feature right now.

 

8. After this set static IP adress, Subnet mask, default gateway, preferred and alternated DNS Server. If your server will be one of the DNS servers (e.g. when the server is the first DC in your domain), set his static IP as primary.

!!! Attention !!! If this is not the only or first system in your network. Mark the “Validate settings upon exit” checkbox. This will validate your configuration and warn you when e.g. the default gateway or DNS  server is not reachable.

Klick close both windows by clicking on “OK”.

9. Now we want to configure the Windows Update Service. You should be back in the Local Server configuration Menu.

10. Click on “Windows Update” and in the upcoming window on “Let me choose my settings”.

 

11. Selecte the setting you want. Normaly I set it on “Download updates but let me choose whether to install them”. That gives me the chance to install the updates during a planed downtime. You can set this setting also via Group Policy, e.g. when you are using WSUS or SCCM.

 You can also include recommended update by enabling the checkbox for it. 

12. Click “OK” and the first check for updates will run.

 

13. After update Process is finished you should set the Internet Explorer Enhanced Security Configuration on off for Administrator. That will help you by using e.g. Webinterface for Blockstorages or Switches.

 

14. Last but not least we will activate our Windows Server 2012. For volume license this step could be different. Because most of you will use KMS or Volume Activation Serivce.

 

15. now reboot your server and you have finished the configuration.