Archive | Windows Server 2012 RSS for this section

Windows Server 2008R2 in-place upgrade to Windows Server 2012/2012R2

 

Previous article showed that in-place upgrade from Windows Server 2008 to Windows Server 2012 is possible only if it has Hyper-V role configured and it is impossible to do that on Windows Server 2012 R2.

Situation looks much better when you plan to do in-place upgrade of Windows Server 2008 R2 into Windows Server 2012/2012R2. This is supported but requires some administrator’s attention before server will be upgraded.

Below you can find some hints for that process.

First of all, you need to evaluate if software installed on your Windows Server 2008 R2 is compatible and supported on Windows Server 2012/2012R2. When you find any incompaticle software you need to

  • upgrade it to supported version before OS upgrade (recommended action)
  • uninstall it from the server before OS upgrade
  • leave it as is but remember that Windows Server after in-place upgrade may not function properly

Important! Some applications may be compatible with Windows Server 2012/2012R2 but their version might not be sufficient to support full application features. You need to evaluate it also before OS in-place upgrade.

When all appropriate steps were taken, are able to start in-place upgrade. To do that follow procedure listed below

Start Windows Server 2012/2012R2 setup wizard from DVD media

Windows setup wizard

Windows Server 2012 setup wizard

Windows Server 2012 R2 setup wizard

Windows Server 2012 R2 setup wizard

Wait for Windows to copy necessary files to the server

Setup is copying necessary files

Setup is copying necessary files

Setup is starting

Setup is starting

When those files were copied to local hard drive, you should go on-line and install all new Windows Server 2008 R2 updates (recommended)

Note! The Internet connection will be required!

Updating Windows Server 2008 before in-place ugrade

Updating Windows Server 2008 R2 before in-place ugrade

Wait for system update to finish the process

Windows Server 2008 R2 on-line update

Windows Server 2008 R2 on-line update

At this moment you have to provide valid Windows Server 2012/2012R2 product key to start installation

Provide valid Windows Server 2012/2012R2 product key

Provide valid Windows Server 2012/2012R2 product key

When system is updated, you’ll see a screen where you need to choose appropriate Windows Server 2012 edition to which you want to upgrade Windows Server 2008 R2

Select Windows Server 2012 edition to install

Select Windows Server 2012 edition to install

Accept license terms and go to the next step

License terms

License terms

Now, everything is ready to start in-place upgrade. Click on “Upgrade: Install Windows and keep files, settings, and applications

In-place upgrade initiation

In-place upgrade initiation

Review applications compatibility report and if there are no errors, continue the installation

Compatibility report

Compatibility report

Compatibility report

Compatibility report

Windows Server upgrade will start

Windows Server 2012 upgrade progress

Windows Server 2012 upgrade progress

During the upgrade process, several actions will be executed like:

  • collecting files
  • collecting settings
  • collecting applications
Windows Server 2012 upgrade progress

Windows Server 2012 upgrade progress

In the next step, Windows Server will install its own files

Windows Server 2012 upgrade progress

Windows Server 2012 upgrade progress

Your server will be restarted when all files were extracted. During system restart, you have short time to decide if you wish to continue in-place upgrade or you want to roll back to the previous Windows Server 2008 R2 OS

Windows Server 2012 upgrade progress

Windows Server 2012 upgrade progress

Windows Server 2012 starts preparing itself for devices configuration

Windows Server 2012 upgrade progress

Windows Server 2012 upgrade progress

Windows Server 2012 upgrade progress

Windows Server 2012 upgrade progress

The server will be restarted to finalize settings

Windows Server 2012 upgrade progress

Windows Server 2012 upgrade progress

and finally, logon screen will appear. That means the in-place upgrade process has been finished.

Windows Server 2012/2012R2 logon screen

Windows Server 2012/2012R2 logon screen

That’s all!

<<< Previous part

Author: Krzysztof Pytko

Windows Server 2008 in-place upgrade to Windows Server 2012/2012R2

 

This topic is about Windows Server 2008 in-place upgrade to Windows Server 2012/2012R2. Article will be really short because there is no possibility to do in-place upgrade of Windows Server 2008 to Windows Server 2012/2012R2 when it has no Hyper-V role configured.

The only one supported in-place upgarde is possible when your Windows Server 2008 has Hyper-V role configured.

Windows Server 2008 in-place upgrade to Windows Server 2012

When you insert Windows Server 2012 installation media on Windows Server 2008 and you’ll run setup.exe or autostart will do that, you will be able to start in-place installation process

Windows setup wizard

Windows setup wizard

Click on “Install now” button to initiate setup. Wizard will copy necessary files to start in-place upgrade process

Setup is copying necessary files

Setup is copying necessary files

Setup is starting

Setup is starting

Now, you should go on-line and install the lates Windows Server 2008 updates before you will continu in-place upgrade

Note! The Internet connection is required!

Updating Windows Server 2008 before in-place ugrade

Updating Windows Server 2008 before in-place ugrade

When all updates are applied you need to provide product key for this installation

Provide valid Windows Server 2012/2012R2 product key

Provide valid Windows Server 2012 product key

after that choose Windows Server 2012 edition to which you want to upgrade current Windows Server 2008

Select Windows Server 2012 edition to install

Select Windows Server 2012 edition to install

Accept license terms and go to the next step

License terms

License terms

Now, you can initiate in-place upgrade installation. Choose “Upgrade: Install Windows and keep files,settings, and applications

In-place upgrade initiation

In-place upgrade initiation

When you click to start in-place upgrade, setup wizard starts to check if there is any incompatible software on Windows Server 2008. In this case that process is skipped because of unsupported scenario. You will notice an error stating that you cannot do in-place upgrade to Windows Server 2012 (GUI or non-GUI installation) if no Hyper-V role is configured on the current server.

No in-place upgrade support for GUI edition of Windows Server 2012

No in-place upgrade support for GUI edition of Windows Server 2012

No in-place upgrade support for non-GUI edition of Windows Server 2012

No in-place upgrade support for non-GUI edition of Windows Server 2012

and that’s all in this case. Unfortunatelly, you need to do clean Windows Server 2012 installation.

Windows Server 2008 in-place upgrade to Windows Server 2012 R2

In this scenario, in-place upgrade path is shorter because when you start Windows Server 2012 R2 setup wizard, you get an error that this is not possible at all. Does not matter if current Windows Server 2008 has Hyper-V role configured or not. In-place upgrade to Windows Server 2012 R2 is not supported at all.
When you try to do that, you see an error similar to that below

Windows Server 2012 R2 setup wizard error

Windows Server 2012 R2 setup wizard error

That’s all, you need to use workaround in this case. First of all you have to perform in-place upgrade from Windows Server 2008 to Windows Server 2008 R2 and then to Windows Server 2012

Next part >>>

Author: Krzysztof Pytko

Microsoft Technology Questions – Question 1

 

Finally, I found some time to start something new on my blog 🙂

This time, I’ve decided to start a serie of Microsoft Technology Questions (MTQ).  Its form may be familiar for many of you who did take a Microsoft official exam. This form is only one common thing with official Microsoft exam. I will defintively NOT publish official questions from the real exams here. So, those people who are looking for exact questions for Microsoft exams will be disappointed!

I’ll try to publish in a monthly basis one Microsoft technology related question invented by me. The question will be prepared by me, based on my experience and you won’t find it anywhere before it will be published here 🙂 So, do not search the Internet to find an answer 😉

After two weeks, I will update particular post with an answer, containing detailed explanation. I would like to start sharing knowledge with you using this form.

I hope you would love this idea and we will meet here regularly to learn something new! 🙂

Please feel free to discuss this idea and comment the question. I would love to hear if the idea is worth developing or not.

So, let’s start with the first question. The answer will be provided in two weeks from now.

QUESTION

You are working in TESTENV company as Domain Administrator. There is a single forest, single domain environment.
All Domain Controllers are running on Windows Server 2003 R2 Enterprise x64 and they are physical machines.
FSMO roles are split. Both, forest and domain functional levels are set up to Windows Server 2003.

You need to promote two new Domain Controllers using the least administrative effort. One based on Windows Server 2008R2 and one based on Windows Server 2012.

How would you do that?
More than one answer is appropriate, choose the most suitable to the above requirements.

ANSWERS

A)
– Run adprep from Windows Server 2008R2 media
– Promote new Windows Server 2008R2 Domain Controller
– Run adprep from Windows Server 2012 media
– Promote new Windows Server 2012 Domain Controller
B)
– Run adprep from Windows Server 2012 media
– Promote Windows Server 2012 Domain Controller
– Run adprep from Windows Server 2008R2 media
– Promote Windows Server 2008R2 Domain Controller
C)
– Promote Windows Server 2012 Domain Controller
– Promote Windows Server 2008R2 Domain Controller
D)
– Run adprep from Windows Server 2008R2 media
– Promote Windows Server 2008R2 Domain Controller
– Decommission all Windows Server 2003R2 Domain Controllers
– Run adprep from Windows Server 2012 media
– Promote Windows Server 2012 Domain Controller
E)
– Run adprep from Windows Server 2008R2 media
– Promote Windows Server 2008R2 Domain Controller
– Promote Windows Server 2012 Domain Controller

Author: Krzysztof Pytko

Adding first Windows Server 2012 R2 Domain Controller within Windows 2003/2008/2008R2/2012 network

 

When you wish to do this action, please be informed that nothing has changed from the previous (Windows Server 2012) operating system release. That means, all those steps from Windows Server 2012 are still valid for Windows Server 2012 R2.

I would not rewrite that article again, and if you are interested please read the article about Adding first Windows Server 2012 Domain Controller within Windows 2003/2008/2008R2 network on my blog.

I hope you would find it useful.

Author: Krzysztof Pytko

WGUiSW Idol 3rd place award

 

Do you remember when I posted on my blog a topic “What’s new in Active Directory in Windows Server 2012” ?

I mentioned there that I presented this over LiveMeeting during WGUiSW Idol 2013 competition organized by WGUiSW group. Actually, it was over Skype as we had a LiveMeeting connection issue 🙂

Finally, I was able to present my presentation. At the end, I was awarded with statue for 3rd place in the competition. You may see my trophy below 😀

Thank you to all those people who voted for me!

Award for 3rd place in WGUiSW Idol competition

Award for 3rd place in WGUiSW Idol competition

Author: Krzysztof Pytko

Goodbye DCPROMO, I won’t be missing you!

 

As you maybe remember, I mentioned in one of my previous articles on this blog titled “What’s new in Active Directory in Windows Server 2012” that DCPROMO is deprecated and you cannot use it anymore to promote new Domain Controller.

You may wish to watch a historical DCPROMO in Microsoft company where they upgraded the largest Master User Domain on NT4 into Windows 2000 domain.

[youtube=http://www best ms project alternative.youtube.com/watch?v=cK-QCdRX1yY]

You were able to see an excitement because that was the first dcpromo in the world! Those people were proud that they invented something powerful and completely new.

And now, their tool has gone, you cannot use it anymore to promote new DC. DCPROMO is integrated with Domain Controller promotion wizard.

Author: Krzysztof Pytko

What’s new in Active Directory in Windows Server 2012

 

Recently, I had a chance to present some topic publicly over LiveMeeting in WGUiSW Idol competition about
What’s new in Active Directory in Windows Server 2012“.

That was a part of WGUiSW regular meeting organized in Poland. I would like to share with you that PowerPoint presentation and describe some of these news in this article.

As you know, Microsoft introduces something new in their Windows Server’s new realeases for Active Directory. This time some new features or improvements have been added. Just take a look for short list about them:

  • new Domain Controler promotion process
  • improved Active Directory Administrative Center console
  • new Domain Controller virtualization features
  • Dynamic Access Control
  • Active Directory Based Authentication
  • RID Operation Master improvements

and other improvements I did not describe.

All the news in AD in Windows Server 2012 are available at this link
http://technet.microsoft.com/en-us/library/hh831477.aspx

New Domain Controller promotion process

Microsoft simplified Domain Controller promotion process as much as they can. In Windows Server 2012 they do a really great improvement. Domain Controller promotion process allows much more simple introduction of the first Windows Server 2012 DC in your existing domain environment.

You don’t have to extend your schema and prepare domain environment for the first Windows Server 2012 Domain Controller. Previously, you had to extend schema and prepare domain using adprep manually with appropriate switches before you were able to promote DC based on newer operating system. Also dcpromo known from previous Windows versions is no longer used for server promotion. That command is integrated with new Windows Server Manager. Whole process for Windows Server 2012 Domain Controller introduction in the existing environment is based on GUI wizard in Server Manager.

You need to only be logged on with appropriate permissions and you can start the process very quickly. Just add Active Directory: Domain Services role from the new manager and after all, follow post-installation steps in notification area. When you are promoting new DC, you are informed that wizard extends schema and prepares domain for the new Domain Controller.

Automatic forest and domain preparation

Automatic forest and domain preparation

Automatic forest and domain preparation

As I mentioned above, dcpromo cannot be used for DC promotion as it was in the previous versions of Windows. It is integrated with Server Manager and if you try to run it from command-line, you will see that it is not possible and you have to run the process from new manager.

No dcpromo

However, you can still use dcpromo in command-line to:

  • forcefully decommission DC (/forceremoval switch)
  • install from media DC (/adv switch)

Note! You need to know that everything you will do in Server Manager is translated to PowerShell v3.0 code and run in the background.

More about introducing the first Windows Server 2012 in the existing domain environment on my blog in this article.

New Windows Server Manager allows you to promote remote server as Domain Controller. For more details, please read this artcile on my blog.

New Active Directory Administrative Center

Microsoft introduced for the first time ADAC in Windows Server 2008R2. We were able to use this console for:

  • User management
  • Computer management
  • Group management
  • OU management
  • Domain Functional Level management
  • Forest Functional Level management
  • LDAP queries

Now, new Active Directory Administrative Center console allows for more. Of course, all the previous features are still suported but some new are available:

You don’t have to use complicated PowerShell cmd-lets to restore deleted object(s) or create/modify Fine-Grained Password policy. From now, you can simply use GUI for that. Just run new ADAC (it is available in tools or execute dsac.exe in run box) and go to Deleted Objects container to restore deleted object(s)

GUI for AD Recycle Bin

The same situation is for Fine-Grained Password Policy, you don’t have to use ADSI Edit or PowerShell to create new PSO. This is also available over GUI method in ADAC console.

GUI for Fine-Grained Password Policy

Everything what you do in Active Directory Administrative Center is also translated into PowerShell v3.0 code and run in the background. In this case, ADAC has implemented new feature called PowerShell History viewer which allows you to see cmd-lets used for action and whole syntax. You can copy it into notepad and modify to run it later. This is really good method to learn PowerShell.

PowerShell History viewer is available at the bottom of Active Directory Administrative Center console

PowerShell History viewer

Completely new feature in Windows Server 2012 is Dynamic Access Controll. It is responsible for simplified management of claims in AD and allows to extend FileServer permissions out of standard ACL method. User does not need to be a member of many groups in Active Directory, You can allow him/her access to resources over claims in combination with DAC. This option reduces Kerberos token size which is really important in large domain environments where user is a member of many groups.

Domain Controller virtualization features

Introducing Hyper-V 3.0 Microsoft added some new features which allows for better virtualization management for Domain Controllers. From now, you don’t have to affraid USN Rollback when you restore your DC from snapshot or when you use DC’s clone in your environment. New Hyper-V 3.0 is “smarter” and it secures your environment. Thanks to that, you may use new feature for rapid DC deployment from the existing Domain Controller. You need to only allow cloning DC, adding it into appropriate domain group and prepare some XML config file with PowerShell v3.0 cmd-let. Then you can safely clone new DCs from the existing one(s).

In virtualized domain environments, this feature is also really good for disaster forest/domain recovery.

Important! To be able to use the new feature, you need at least one Windows Server 2012 Domain Controller on which you hold PDC Emulator operation master role.

More about Domain Controller virtualization process, you will read on Microsoft Technet at
http://technet.microsoft.com/en-us/library/hh831734.aspx

Active Directory Based Authentication

With Windows Server 2012, Microsoft presented new Windows activation method. This method is called Active Directory Based Authentication. That is available in Volume Activation Services role when you run Server Manager.

Volume Activation Services – Active DIrectory Based Authentication

When you use Windows 8 in your environment, you can simply activate it when client is being joined to the domain. It happens automatically, you don’t need to put an activation key and there is no need to access the Internet.

This much more secures your environment in comparison to KMS server. When KMS was present in the environment, you need to only know server name on which it was running (there is also other method for that but I would not describe it here 🙂 ) and you can simply activate your Windows copy. Now, with AD BA you need to add client to the domain to allow for OS activation. It is also important to limit users in your environment with permission for joining computers into domain.

For more details about user’s limit joining computers into domain, please read an article at this link.

Of course, you can still use KMS server for that. It is suported by AD BA. However, it is required for previous Windows OSes. AD BA may be only used for Windows 8 activation!

Important!To be able to use AD BA option, you need to extend Active Directory schema to Windows Server 2012 but you don’t need to have Windows Server 2012 Domain Controller

RID Operation Master

Microsoft improved RID FSMO role in Windows Server 2012. The most know improvement in this role is its RID pool incrementation. Previously we had 2^30 available RIDs and now we have one bit more 2^31. This bit incremented pool  from one billion to two billions of RIDs. Thanks to that improvement we have doubled RID’s pool. But we need to know one important thing. If we want to use that, we need to have Windows Server 2012 Domain Controllers or Windows Server 2008R2 with appropriate hotfix installed. Other Windows versions do not support extended RID pool.

Remember! Extended RID pool may be used only by Windows Server 2012 and Windows Server 2008R2 with appropriate hotfix installed. Additionally, you need to have RID Operation Master role on Windows Server 2012 Domain Controller!

Another great thing introduced with Windows Server 2012 is RID Pool re-use feature! Microsoft did not fix RID leak issue which happens mostly when you are creating new users in a script mode. When password set up by script does not meet domain password criteria, object cannot be created successfully and RID is lost. In case that your script was prepared to create many user objects, you are loosing many RIDs. With Windows Server 2012 on which RID Operation Master is held, those RIDs are going to RID Pool re-use. This pool catches all those RIDs and uses them for the next objects which are created. If pool is empty then standard RID is used from global DC’s pool.

Important! RID Pool  re-use is only available until you will restart Domain Controller. After server reboot that pool is empty!

In Windows Server 2012 Microsoft introduced also event logging for used RIDs. The first entry will appear when RID consumes 100.000.000 (10% of pool). Another entry will be recorded when 10% of remaining pool will be used (in this case 1.000.000.000 – 100.000.000 = 900.000.000 and 10% from remaining pool is 90.000.000).

Events are recorded every 10% consumption of remaining pool. Smaller RIDs pool more frequent logs in Event log.

Microsoft changed also, possibility to issue large pool of RIDs from RID Master to other Domain Controllers. By default RIDs are delivered in 500 in a pool for each Domain Controller. Administrator is able to change that value in registry but when he/she sets up too high value, RIDs may be exhausted in short time. In Windows Server 2012 Microsoft limited maximum amount of RIDs to issue. The maximum pool allowed for distribution is 15.000 (decimal). When you set up higher value in the registry, it won’t be issued to Domain Controller(s) because new mechanism will issue maximum 15.000 RIDs in a pool.

One more interesting thing introduced in new RID Mater FSMO role is RID Manager artificial ceiling protection mechanism. Microsoft knows that administrators do not read event log frequently and even if they read it, they do not react too fast to solve the issue recorded in Event log. They implemented new mechanism which blocks RID distribution when its pool exceeds 90%. From that point, RID Master does not issue any pool to other Domain Controllers. Administrator must manually unlock this. That mechanism informs administrator about pool exhaustion (90% RIDs in general pool are used) and informs that additional activity may be required to prevent complete exhausting RID pool.

Other new Active Directory features

  • Kerberos enhancements
  • Active Directory Replication and Topology Management
  • Off-Premises Domain Join
  • Group Managed Service Accounts (gMSA)
  • Deferred Index Creation

are described in Microsoft article at Technet. If you’re interested, you may read article(s) to get more information about new AD features in Windows Server 2012

Author: Krzysztof Pytko

Decommissioning Windows Server 2012 Domain Controller

 

As you know, Windows Server 2012 is completely new operating system. These days, the main point from domain administrator point of view is to install and promote server as Domain Controller based on that system. That’s fine and this is obvious reason 🙂 but what if, in some case, we would like to decommission it? How we can do that?

The first thing you can think of is dcpromo command. Generally, that’s true but remember, in Windows Server 2012 dcpromo cannot be used to promote/demote Domain Controller over regular way. Oh, what a big shame :/ what can I do to decommission Windows Server 2012 Domain Controller ?

The answer is simple…

… just use the new Windows Server Manager version. Thanks to that tool, you are able to decommission DC in few simple steps. Just take a look at below steps to fulfill the requirement

Log on to Domain Controller based on Windows Server 2012 and run Server Manager or wait until it will show up (if you did not change its default startup mode). Then you need to decide if you wish to decommission currently logged on DC or any other (remote DC). In case that you want to decommission remote Domain Controller just select “All servers” node in Server Manager and choose DC from the list of available servers

Selecting DC to decommission

if not, just stay in “Local Server” node. Now, it is time to start decommissioning Domain Controller. To do that, you need to “Manage” and select “Remove Roles and Features” option

Removing AD:DS role

When you run that option, you will see a window with all installed roles on a server but before that you would be able to change the server to demote (if you decided to choose another one in the meantime)

All roles available on a server

To start decommissioning DC, just unselect “Active Directory Domain Services” role and confirm uninstallation for all related features

Removing AD:DS role and features

When you confirm that, you will be informed that this option is not possible until current server is Domain Controller. In a window you would see a link to start server decommission process. Click on it and you will see a wizard responsible for DC removal

Starting decommission process

Now, you are in the first step known from dcpromo. This wizard is similar to the previous one but you can find there some new options. One of them is force DC removal which previously was available only when you ran “dcpromo /forceremoval” switch. This is also possible in Windows Server 2012 to use dcpromo with /forceremoval switch to forcefully decommission DC. But hey, this is new OS, let’s start using the new way for that 🙂

Options for DC decommission process

As you can see in that window, there is new feature for forceful AD:DS role removal. You can do that from GUI now, you don’t need to run dcpromo with separate switch for that.

Important! Do not select option “Last domain controller in the domain” unless it is really decommission for the last DC. You would corrupt your AD environment.

When you are demoting DC, you need to be logged on with appropriate privileges. In case that you do not use an account which allows DC decommission, you may specify it during that process. Click on “Change” button and provide appropriate account.

Selecting account for DC decommission process

Now, you are ready to start removing AD: DS role but you cannot do that without selecting “Proceed with removal” checkbox. This feature prevents from accidental Domain Controller decommission. To start process, select mentioned checkbox and press “Next” button.

Initiating decommission process

When you are decommissioning DC which is not the last one, just press “Next”, do not select any zones or application partitions to remove.

Initiating decommission process

At this step, you need to configure a password for local administrator account which was unavailable on a server as it was Domain Controller where local accounts do not exist

<img class="size-full wp-image-1356" title="Initiating decommission process" alt="" src="http://kpytko.pl/wp-content/uploads/2012/10/0019 website link.png” height=”380″ width=”519″ srcset=”http://kpytko.pl/wp-content/uploads/2012/10/0019.png 773w, http://kpytko.pl/wp-content/uploads/2012/10/0019-300×220.png 300w, http://kpytko.pl/wp-content/uploads/2012/10/0019-519×380.png 519w” sizes=”(max-width: 519px) 100vw, 519px” />
Initiating decommission process

Now, you are ready to start! Just press “Demote” button and wait for server reboot. After restart, your server would be a domain member server

Initiating decommission process

That’s all!

Author: Krzysztof Pytko

Windows Server 2012 – What’s new

 

I was recently asked in my company if I could introduce some new Windows Server 2012 features. I’ve decided to prepare some short Power Point presentation for that.

Now, I would like to share this presentation with you. If you’re interested, you can download it and review. Maybe something within it would be helpful to you or can help you to prepare your own presentation. I know that it is much more better to hear what author said during the presentation than reading it itself, but…

I would also like to hear your voice about shared presentation. What there should be added in your opinion or what should be removed. Maybe I forgot something really important?

Thank you in advance for you comments.

Presentation can be downloaded here: Windows Server 2012 What’s new

Author: Krzysztof Pytko

Windows Management Framework 3.0 for Windows Server 2008/2008R2

 

Microsoft has released Windows Management Framework 3.0 for Windows Server 2008/2008R2. You can download it from http://www.microsoft.com/en-us/download/details.aspx?id=34595

This allows you to use Windows Remote Management (WinRM) services, WMI and PowerShell in 3.0 version on Windows Server 2008/2008R2

To be able to run that package, you need to install Microsoft .NET Framework 4 first. Its package is available at http://www.microsoft.com/en-us/download/details.aspx?id=17718

Windows Management Framework 3.0 allows you to use PowerShell in version 3 and manage server over WinRM from new Server Manager on Windows Server 2012 (which required WinRM 3.0)

When you download required packages and install them on a server, you need to enable remote management to allow remote server management. To do that, run in command-line

winrm qc

or

winrm quickconfig

Windows Remote Management configuration

and confirm that you want to enable remote management.

Windows Remote Management configuration

After that, please ensure if all required ports are opened on Windows firewall or just disable required firewall’s profile before you would be able to manage that server over Server Manager in Windows Server 2012 or RSAT in Windows 8

Now, you are able to add those Windows Server 2008/2008R2 into Server Manager and manage them. However, there is one limitation for this kind of management. You cannot install roles/features remotely on Windows Server 2008/2008R2 machines.

Open Server Manager in Windows Server 2012 or RSAT in Windows 8, select “All Servers” on the left side and click right mouse button, choose “Add Servers

Adding Windows Server 2008/2008R2 into Server Manager for remote management

You will see new window where you can select a server to add. You can add servers by one of these criteria:

  • using Active Directory computer object

You can search AD for computers using their

  1. name
  2. OS type
  3. or just display them all and choose from the list

Adding server(s) to Server Manager

  • using existing DNS record
  1. host (A) record – machine name (forward lookup zone)
  2. pointer (PTR) record – machine IP address (reverse lookup zone)

Adding server(s) to Server Manager

  • using text file for import

Adding server(s) to Server Manager

Using one of above methods, add server to Server Manager and we promote it to Domain Controller (select server from the list and click an arrow to add it)

Adding server(s) to Server Manager

and as you can see, server is available on the list (ready to manage)

Windows Server 2008/2008R2 in new Server Manager

From now on, you can manage server(s). Select it on a list, click right mouse button and you will see all available options to manage (except roles/features installation)

Remote server management

Author: Krzysztof Pytko