With this nice tool you’re able to manage your Windows 2008 R2 server Core Edition through a graphical user interface. This tool is open source, so if you want something more in it, go ahead!

Core Configuration tasks include:

- Product Licensing
- Networking Features
- DCPromo Tool
- ISCSI Settings
- Server Roles and Features
- User and Group Permissions
- Share Creation and Deletion
- Dynamic Firewall settings
- Display | Screensaver Settings
- Add & Remove Drivers
- Proxy settings
- Windows Updates (Including WSUS)
- Multipath I/O
-Hyper-V including virtual machine thumbnails
- JoinDomain and Computer rename
- Add/remove programs
- Services
- WinRM
-Complete logging of all commands executed

You can download the tool here.

Microsoft has published a free Windows Server 2008 R2 E-book. Download it now…..

A new nice feature in Windows Server 2008 R2 is the Active Directory Recycle Bin. Deleted items can be restored without rebooting the Domain Controller(s), restarting the Active Directory Services and even without any backuptapes!! Let’s have a look on that.

The first step is to enable the Recycle Bin feature. Make sure your functional level is Windows Server 2008 R2 and keep in mind that when you enable this feature, you can’t disable this feature anymore!!

1.) Start the  Active Directory Module for Windows PowerShell
Import-Module ActiveDirectory

2.) View the actual settings of the Recycle Bin feature 
Get-ADOptionalFeature -Filter { name -like “Recycle*” }

3.) Enable the feature for your Active Directory environment 
Enable-ADOptionalFeature “Recycle Bin Feature” -Scope ForestOrConfigurationSet -Target E2K7SP2.LOCAL

4.) View all the deleted Active Directory objects 
Get-ADObject -SearchScope subtree -SearchBase “cn=Deleted Objects,dc=E2K7SP2,dc=LOCAL” -includeDeletedObjects -filter { name -notlike “Deleted*” }

5.) Restore the user objects you want 
Restore-ADObject -Identity “CN=User01\0ADEL:cc40dfd4-f671-4e90-90cc-3c8a33b18391,CN=Deleted Objects,DC=E2K7SP2,DC=LOCAL”
Restore-ADObject -Identity “CN=User02\0ADEL:394ec482-5bb2-4131-bdb4-7c92d7193987,CN=Deleted Objects,DC=E2K7SP2,DC=LOCAL”
Restore-ADObject -Identity “CN=User03\0ADEL:19f1bf8b-0227-486a-bc8d-ca72a342e116,CN=Deleted Objects,DC=E2K7SP2,DC=LOCAL”
Restore-ADObject -Identity “CN=User04\0ADEL:1b00b1c9-1f1f-4b74-b027-fa88feb4069d,CN=Deleted Objects,DC=E2K7SP2,DC=LOCAL”
Restore-ADObject -Identity “CN=User05\0ADEL:970b2597-4cf3-4971-87ea-9ada827e376d,CN=Deleted Objects,DC=E2K7SP2,DC=LOCAL”

6.) With this command you restore all the deleted items (Not Recommended!!)
Get-ADObject -SearchScope subtree -SearchBase “cn=Deleted Objects,dc=E2K7SP2,dc=LOCAL” -IncludeDeletedObjects -filter { name -notlike “Deleted*” } | Restore-ADObject

7.) All deleted Active Directory objects are restored now. Even the group membership of the users are restored!! Cool

In this article I’m going to set up a Read Only Domain Controller in a Windows 2008 environment. There’s already a writable Domain Controller available in the domain GPO.LOCAL. The first step is to Install a new Windows 2008 Server, in my example it’s a Core Edition. After the installation, you can begin configuring your new server.

– Enter the productkey:
slmgr.vbs -ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx

– Activate Windows:
slmgr.vbs -ato

– Rename the computer:
Netdom renamecomputer “%computername%” /newname:SRV-RODC01 /reboot:15

– Show all network interfaces:
Netsh interface ipv4 show interface

– Set a static IP address:
Netsh interface ipv4 set address name=2 source=static address=172.16.1.11 mask=255.255.0.0 gateway=172.16.1.1
(make sure that you’re choosing the right network interface. In this example it’s 2, so name=2 it means interface 2)

– Set a static DNS server:
Netsh interface ipv4 add dnsserver name=2 address=172.16.1.10 index=1

– Turn Remote Desktop (RDP) on:
Cscript %windir%\system32\SCRegEdit.wsf /ar 0

– Enable Remote Desktop (RDP) in the Windows Firewall:
netsh advfirewall firewall set rule group=”remote desktop” new enable=yes
(Note: type this rule in by your self, copy past will give an error!)

– Enable Remote Management (RemoteCMD) in the Windows Firewall:
netsh advfirewall firewall set rule group=”Remote Administration” new enable=yes
(Note: type this rule in by your self, copy past will give an error!)Making the unattended.txt:
Copy and past the following test into the new textfile and save this file on the C: drive of the Core Server.
==================================================
[DCInstall]
InstallDNS=Yes
ConfirmGc=Yes
CriticalReplicationOnly=No
DisableCancelForDnsInstall=No
Password=********
RebootOnCompletion=No
ReplicaDomainDNSName=GPO.local
ReplicaOrNewDomain=ReadOnlyReplica
ReplicationSourceDC=srv-w2k8dc01.gpo.local
SafeModeAdminPassword=********
SiteName=Default-First-Site-Name
UserDomain=GPO.local
UserName=Administrator
==================================================

 – Run the DCPROMO
dcpromo /unattend:c:\unattend.txt15)

– Reboot the Domain Controller
shutdown -r -t 0

As you can see, when you make a connection to the RODC, you’re not be able to make any changes to existing users or groups and the option “New” is hidden when you right-click in your environment.

In the next post i’m going to delete a RODC from the environment. (for example if your server is stolen or something like that).

If you are like me, you were both excited and surprised to see Windows Storage Server 2008 available for download from the MSDN Subscriber Site. Unlike other Windows 2008 Server installations, Storage Server never asks you to create an Administrator password, so you are stuck at a login prompt with no idea on how to login.

Well, I’ve done the scouring for you and the default password is wSS2008!

Hopefully that helps someone out!

A cool new feature in Windows Server 2008 are the User Preferences. With this user preferences you’re able to create a lot of things, such as:

- Drive Maps
- Environment variables
- Files
- Folders
- Ini files
- Registry keys
- Shortcuts

In my testenvironment I’ve build a custom start menu for the user in my environment. You can do this by using the User Preferences. When you’re using Item-Level targeting, you can manage what users are getting some shortcuts. In this example I’m using Item-Level targeting with Security Groups, so when a user is member of a specific security group, he’ll receive the shortcut in his start menu.

1.) First make a new Group Polciy
2.) Go to User Configuration, Preferences, Windows Settings, Shortcuts
3.) Create a new shortcut
4.) Fill in the right path’s **picture 3**
5.) Go to the Common tab
6.) Enable “Remove this item when it is no longer applied” (note: this will change the “Action” to Replace)
7.) Enable “Item-level targeting” and click “Targeting”
8.) Select the way off targeting (note: in this example I’m using Security Group)
9.) Make the right users members of the security group
10.) Logon to your workstation and check your start menu

As you can see, based on the group membership, User01 get’s his shorcuts to the different applications. This can also be configured on the other User Preferences.

After a default installation of a Windows 2008 Server Core Edition, the screen is locked in 600 seconds. You can change this with a registry key.

Hive: HKEY_CURRENT_USER
Key: Control Panel\Desktop
Name: ScreenSaveTimeOut
Type: REG_SZ
Value: 3600
(default is 600, 10 minutes)

Use the following registry keys to prevent Windows from auto logon.

Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: AutoAdminLogon
Type: REG_SZ
Value: 1 enable auto logon
Value: 0 disable auto logon

Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: DefaultUserName
Type: REG_SZ
Value: account to logon automatically (for example: Administrator)