|
|
|
|
General Set-up
|
|
|
|
|
|
Install updates
|
|
|
|
|
|
Change server name
|
|
|
|
|
|
Set static IP address
|
|
|
|
|
|
Optional
|
|
|
|
|
|
Enable Remote Desktop if working from a remote management workstation
|
|
|
|
|
|
Disable IE Enhanced Security Configuration
|
|
|
|
|
|
Turn off Firewall in your testing environment
|
|
|
|
|
|
Require administrator to use a password if you’ve done an express virtual machine set-up: net user Administrator /passwordreq:yes
|
|
|
|
|
|
Configure Internet Time on server (Elevated Command Prompt) net stop w32time w32tm /config /syncfromflags:manual /manualpeerlist:"<hostname>" w32tm /config /reliable:yes net start w32time w32tm /query /source w32tm /resync /force
|
|
|
|
|
|
00:00 - Add Roles (Server Manager)
|
|
|
|
|
|
Active Directory Domain Services
|
|
|
|
|
|
DNS Server
|
|
|
|
|
|
File Services
|
|
|
|
|
|
Network Policy and Access Services
|
|
|
|
|
|
Remote Access
|
|
|
|
|
|
Web Server (IIS)
|
|
|
|
|
|
Add Features
|
|
|
|
|
|
Telnet Client
|
|
|
|
|
|
Windows Search Service
|
|
|
|
|
|
Add Role Services
|
|
|
|
|
|
Direct Access and VPN (RAS)
|
|
|
|
|
|
01:50 - DC Promo - Use Server Manager to promote server to domain controller
|
|
|
|
|
|
02:58 - Launch DNS, add reverse zone, update PTR for the server’s A record
|
|
|
|
|
|
03:50 - Organize AD
|
|
|
|
|
|
Create OU for Org
|
|
|
|
|
|
Create Users OU
|
|
|
|
|
|
Create Groups OU
|
|
|
|
|
|
Create Computers OU
|
|
|
|
|
|
Create Servers OU
|
|
|
|
|
|
Create Roles OU
|
|
|
|
|
|
Add Groups (e.g. VPN, RADIUS, or share access), add users to groups
|
|
|
|
|
|
04:42 - Shares
|
|
|
|
|
|
Create “Homes” share, for housing user home folders
|
|
|
|
|
|
Create other shares, for anything else (if required for testing)
|
|
|
|
|
|
05:43 - Add Users
|
|
|
|
|
|
Set user’s home profile location, e.g. H = \\server\Homes\testuser
|
|
|
|
|
|
07:27 - Rename Default Site
|
|
|
|
|
|
07:47 - Launch IIS > Server Certificates > Create self-signed cert
|
|
|
|
|
|
08:19 - Configure RRAS
|
|
|
|
|
|
Enable RRAS Network Policy (Grant Access)
|
|
|
|
|
|
Check Network Policy Conditions
|
|
|
|
|
|
NAS Port Type (VPN)
|
|
|
|
|
|
Tunnel Type (ESP, L2TP)
|
|
|
|
|
|
User Group (VPN Group)
|
|
|
|
|
|
Launch wizard for wireless RADIUS configuration
|
|
|
|
|
|
10:26 - Enable Shadow Copy (Start > Admin Tools > Computer Mgmt > Shared Folders > RC-All Tasks > Select Volume > Enable
|
|
|
|
|
|
10:57 - Mac client
|
|
|
|
|
|
Bind Mac client to AD
|
|
|
|
|
|
Check AD plug-in settings:
|
|
|
|
|
|
NHD testing
|
|
|
|
|
|
Uncheck “Force local home directory on startup disk”
|
|
|
|
|
|
Check “Use UNC path from Active Directory to derive network home location”
|
|
|
|
|
|
Confirm protocol (SMB or AFP), choose AFP if using ExtremeZ-IP, for instance
|
|
|
|
|
|
PHD testing
|
|
|
|
|
|
Check “Create mobile account at login”, and “Force local home directory on startup disk”
|
|
|
|
|
|
Log out of Mac client admin account, login as test AD user
|
|
|
|
|
|
13:41 - Install ExtremeZ-IP
|
|
|
|
|
|
15:55 - Test Mac client with AFP connection
|
|
|