TechShizz | All posts tagged 'Operating Systems'

Installing Exchange 2010

Good online install guide:

http://blogs.technet.com/b/ferris/archive/2010/03/05/howto-install-exchange-2010-step-by-step.aspx

 

Prerequisites

 

User installing Exchange must be member of 

 

Enterprise Admins

Domain Admins

Schema Admins

Local Admin on the Exchange Server

 

 

===================

Install .NET 3.5 on DC.

 

Server must be in domain.

On the DC that holds the Schema Master role, insert the Exchange ISO and run setup from CLI:

 

Setup /PrepareSchema

 

Setup /PrepareAD /OrganizationName:Lab

 

Setup /PrepareDomain  -  OR setup /PrepareAllDomains

 

(This can be done from any domain member machine, but it's best practice to do this locally on the DC)

 

Then:

==========================

On the Exchange server to be:

==========================

Install the Filter Pack

 

Download Filter Pack


Install a filter pack on any server that will be a hub transport or mailbox server.

 

PowerShell Command:

 

import server manager module:

 

Import-Module ServerManager

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy -Restart

 

 

Then:

 

Restart the Exchange server and run Power Shell command:

 

Import-Module ServerManager

Set-Service -Name NetTcpPortSharing -StartupType Automatic

 

 Then:

=======================

Install Exchange from the CD

=======================

DSC - Desired State Configuration

Installing and Removing Features with Powershell

================================================ 

To see a list of installed Roles/Features:

Get-WindowsFeature | Where-Object -FilterScript { $_.Installed -Eq $True }

Or for Remote machine

Get-WindowsFeature -computer VM1 | Where-Object -FilterScript { $_.Installed -Eq $True }

================================================


 

configuration FailOverCluster

{

    # One can evaluate expressions to get the node list

    # E.g: $AllNodes.Where("Role -eq Web").NodeName

    node ("Node1","Node2")

    {

        # Call Resource Provider

        # E.g: WindowsFeature

        WindowsFeature Failover-Clustering

        {

           Ensure = "Present"

           Name = "Failover-Clustering"

        } 

    }

}

FailOverCluster

 

 

==============================================

 

 

Start-DscConfiguration -ComputerName Node1,Node2 -Path FailOverCluster -Wait -Verbose

 

=================================================

Here is another exaplme but this time to configure a webserver to allow remote administration:

# create a DSC configuration to install IIS and support remote management
Configuration IISConfig {

    # define input parameter
    param(
        [string[]]$ComputerName = 'localhost'
    )

    # target machine(s) based on input param
    node $ComputerName {
        #Configure the LCM
        LocalConfigurationManager {
                ConfigurationMode = "ApplyAndAutoCorrect"
                ConfigurationModeFrequencyMins = 15
                RefreshMode = "Push"
}

        # install the IIS server role
        WindowsFeature IIS {
            Ensure = "Present"
            Name = "Web-Server"
        }

        # install the IIS remote management service
        WindowsFeature IISManagement {
            Name = 'Web-Mgmt-Service'
            Ensure = 'Present'
            DependsOn = @('[WindowsFeature]IIS')
        }

        # enable IIS remote management
        Registry RemoteManagement {
            Key = 'HKLM:\SOFTWARE\Microsoft\WebManagement\Server'
            ValueName = 'EnableRemoteManagement'
            ValueType = 'Dword'
            ValueData = '1'
            DependsOn = @('[WindowsFeature]IIS','[WindowsFeature]IISManagement')
        }

        # configure remote management service
        Service WMSVC {
            Name = 'WMSVC'
            StartupType = 'Automatic'
            State = 'Running'
            DependsOn = '[Registry]RemoteManagement'
        }

    }

}

# create the configuration (.mof)
IISConfig -ComputerName WEB-NUG -OutputPath c:\nuggetlab

# push the configuration to WEB-NUG
Start-DscConfiguration -Path c:\nuggetlab -Wait -Verbose


# enter powershell remote session
Enter-PSSession -ComputerName WEB-NUG

# view installed features
Get-WindowsFeature | Where-Object Installed -eq True

# view LCM properties
Get-DscLocalConfigurationManager

# view configuration state
Get-DscConfigurationStatus

# test configuration drift
Test-DscConfiguration

# exit powershell remote session
Exit-PSSession

 

Windows PowerShell Web Access

To remote connect to a server via PS to begin with connect like this:

 

Enter-PSSession -computername VM2

 

To install this feature:

 

On the PSWA host to-be, run:

 

Install-WindowsFeature -Name WindowsPowershellWebAccess

 

If credentials are required, add:    -credential $cred

A password prompt will appear.

 

 

Once installed, a certificate needs to be added. In a test environment a self signed certificate can be created by running the following:

 

Install-PSwaWebApplication -UseTestCertificate

 

Next, an allowed list of computers need to be configured.

[This was awkward]

 

Add-PswaAuthorizationRule -UserName lab\Administrator -ComputerName HV1.lab.local -ConfigurationName Microsoft.PowerShell

 

The -UserName switch has to be in domain\username format and didn’t work with UPN.

 

Finally, go to https://VM2/pswa

 

Remember: The server that the role is installed on is the PSWA Gateway. The allowed list of computers is what can actually be accessed so it needs to be listed in the last step to access that server. 

 

Time Sync Issues

w32tm /resync

[/computer:<computer>]

[/nowait]

[/rediscover]

[/soft]

Tells a computer that it should resynchronize its clock as soon as possible, throwing out all accumulated error statistics.

computer:<computer> – Specifies the computer that should resynchronize. If not specified, the local computer will resynchronize.

nowait – do not wait for the resynchronize to occur; return immediately. Otherwise, wait for the resynchronize to complete before returning.

rediscover – Redetect the network configuration and rediscover network sources, then resynchronize.

soft – resynchronize using existing error statistics. Not useful, provided for compatibility.


Example: w32tm /resync /computer:Server01

Sample Hosts File

# The localhost entry should be in every HOSTS file and is used

# to point back to yourself.

127.0.0.1        localhost

# My test server for the website

192.168.1.2        test.bleepingcomputer.com

#Blocking known malicious sites
127.0.0.1  admin.abcsearch.com
127.0.0.1  www3.abcsearch.com #[Browseraid]
127.0.0.1  www.abcsearch.com #[Restricted Zone site]