Archive for the ‘Active Directory’ Category

How to: Install Exchange 2019 on Windows Server 2019 Core Edition

In this blogpost I’m going to show you the steps to install Microsoft Exchange Server 2019 on Windows Server 2019 Core Edition. When you’re working with Windows Server Core the first time, it’s a little different then managing Windows with a GUI (Graphical User Interface).

Windows Server Core is just a command line interface, that’s all. There’re many advantages of using Windows Server Core edition, for example:

* Small footprint
* Less Windows Updates to install
* Less reboots needed after Windows Updates
* Reduced attack surface
* Less disk space required
* Reduced management

With the release of Exchange Server 2019, Windows Server Core is also supported!! YEAH!!!

Install Windows Server 2019 Core Edition

This step is really easy. Just hit next, next, next and finish!

image

Hit CTRL+ALT+DELETE, type the local administrator password and login to your server. After this, you can start configuring the server using SCONFIG.

image 

Network settings

Configure the network configuration using SCONFIG or Powershell.

Assign a static IP:

New-NetIPAddress -InterfaceIndex 6 -IPAddress 172.16.1.100 -PrefixLength 16 -DefaultGateway 172.16.1.101



Configure a DNS Server:

Set-DNSClientServerAddress -InterfaceIndex 6 -ServerAddress "172.16.1.100"



Enable Remote Desktop:

cscript C:\Windows\System32\Scregedit.wsf /ar 0

 

Windows features

Use the following PowerShell command to install the OS component required for Microsoft UCMA 4.0 and the OS component required for Active Directory Preparation.

Don’t forget to switch to powershell

Install-WindowsFeature Server-Media-Foundation, RSAT-ADDS


image

image

Download necessary software

From an admin workstation, download the following software and copy it over to the Server Core we are preparing for the Exchange installation (for example C:\_Install)

* Visual C++ Redistributable Packages for Visual Studio 2013

image

image

Install UCMA (Microsoft Unified Communications Managed API 4.0)

image

image

The UCMA installable is present on the Exchange Server 2019 media itself. Use the following PowerShell command to mount the Exchange Server media:

The UCMA installable is located under the “UCMARedist” folder on the Exchange Server 2019 .ISO. Start the UCMA installation:

Do not reboot the server just yet; join the computer to an AD domain and then reboot it.

Joining the computer to AD domain

* Rename the computer to 2019-EX01

* Add the computer to domain homelab.local

image

Add-Computer -DomainName homelab.local -NewName 2019-EX01 -DomainCredential homelab\administrator

Restart the server

Use the following PowerShell command to restart the computer:

Restart-Computer –Force

Exchange installation

After rebooting the server mount the Exchange .ISO image.

Use the following command to start Exchange Server installation. The PowerShell command will also install the required OS components for Exchange:

image    image

image    imageimage    image image   image image   image image   image image   image

image

.\Setup.exe /m:install /roles:m /IAcceptExchangeServerLicenseTerms /InstallWindowsComponents

Once Exchange is installed, you can launch the Exchange Management Shell using LaunchEMS command from the command line.

You can also start the Exchange Management Console from a different server using the URL below:

https://2019-EX01.homelab.local/ecp

image

Microsoft Ignite 2016 Slidedeck and Video downloader

MSIgnite_Atlanta_Skyline_Jan20_TW

Have you missed the Microsoft Ignite 2016 event…..no problem!! MVP Michel de Rooij has created a script to download all the content (videos and slidedecks). So you can watch all the content again.

This script will download all the Ignite 2016 slidedecks and videos that are available from Techcommunity via the OneDrive URL on the session page. Video downloads will leverage a utility which can be downloaded from https://yt-dl.org/latest/youtube-dl.exe, and put it in the same folder as the script. The script itself will try to download the utility when the utility is not present.

Special credits goes to:
Original scraper for slidedecks by Mattias Fors, http://deploywindows.info.
Adjusted for video downloading by Michel de Rooij, http://eightwone.com
Enhancements by Scott Ladewig http://ladewig.com

Download the script here.

2016-10-12_14h14_44

 

How to: Change computername in Windows Explorer on Windows Server 2012 R2

When you’re are using a lot of virtual machines or environments, it’s somethimes realy usefull to see in what environment or on what server you’re logged in. If created a really nice solution for my servers, basically Remote Desktop Services in different environments, that does exact my I need! I’ve changed the displayname in Windows Explorer to the value “user on server”, for example: “mark on prod-rds-01”.

You can set this new value with Group Policy Preferences or some other scripting.

1.) Create a new GPO in the Group Policy Management Console
2.) Navigate to “User Configuration / Preferences / Windows Settings / Registry
3.) Create a new registry item and browse to the following registry key:
HKCU/Software/Microsoft/Windows/CurrentVersion/Explorer/CLSID/{20D04FE0-3AEA-1069-A2D8-08002B30309D}
4.) Change the default REG_SZ value to “%username% on %computername%”
5.) Login to the specific server where you targeted the GPO and open Windows Explorer
6.) The name of your computer has changed to “username on computername”

2015-12-04_11h19_20    2015-12-04_11h20_16    2015-12-04_11h20_48

2015-12-04_11h21_11    2015-12-04_11h21_40    2015-12-04_11h37_48

How to: View configured mailbox quota’s in Exchange 2010/2013 using Out-GridView

When you’ve configured mailbox quota’s within your Exchange 2010/2013 environment, you’ve to check the configuration sometimes. Using Microsoft PowerShell, you can watch the current configuration within a few second, so this is extremely powerfull!! But, when you have to query for some specific user or result, it’s not that easy.

There’s a very usefull command within PowerShell that I’m using almost for all my scripts….Out-GridView. When using the parameter Out-GridView, the results are not showing within the PowerShell screen, but in a separate window! Within this window, you can very easy add some search criteria….for example: specific user, quota or an overview per database.

One requirement is that the Windows Feature “Windows PowerShell Integrated Scripting Environment (ISE)” is installed on the Exchange servers or mangement server from where you’re running the commands.

1.) Open the Exchange Management Shell (EMS)
2.) For an overview of the current mailbox quota, use the following command.
Get-Mailbox -Identity mswinkels | ft Name, IssueWarningQuota, ProhibitSendQuota, ProhibitSendReceiveQuota
3.) The results of this command is shown within the PowerShell window
4.) Now we’re running the same command, but replace “ft” (format-table) with “select” and add the parameter “Out-GridView”
Get-Mailbox -Identity mswinkels | Select Name, IssueWarningQuota, ProhibitSendQuota, ProhibitSendReceiveQuota | Out-GridView
5.) Now the results are in a separate window! Extreme usefull when you’ve have to search for a specific result or results.

25-06-2015 10-11-47    25-06-2015 10-13-47    25-06-2015 10-15-00

25-06-2015 10-16-22    25-06-2015 10-20-51    25-06-2015 10-21-12

How to: Deploy packages using collection variable with ConfigMgr 2012 R2

During a OS deployment you don’t want to deploy all your packages and software to every workstation. You can deploy the software after a full OS deployment, but you can also deploy packages during the OSD using collection variables. Now it is possible to deploy packages only if a specific machine is a member of a collection. This collection can be query based, for example OU membership or Active Directory security group, or it can be static (direct membership).

In this example I’ve created a realy simple deployment, Adobe Reader 11.0. I’ve two virtual machines, SCWIN81-01 and SCWIN81-02. Both machines are members of the collection “Deploy – Windows 8.1 Enterprise x64”, where the task sequence is deployed on. Machine SCWIN81-01 is also member of the collection “Install – Adobe Reader 11.0”. This collection has a limited collection of “Deploy – Windows 8.1 Enterprise x64”. Both machines are deployed on the same time, the only difference is that machine SCWIN81-01 has Adobe Reader 11.0 installed and machine SCWIN81-02 not. Why……based on the collection variable during the OSD 🙂

1.) First create the collections
2.) Make the specific machines members of the right collections (query based or direct membership)
3.) Open the properties of the collection “Install – Adobe Reader 11.0” and navigate to the “Collection Variables” tab
4.) Add one or more variables with some values. In this example the variable is “APP-AdobeReader” with the value “Yes”
5.) Open the task sequence and add a package installation step
6.) Add the package with the program and navigate to the “Options” tab
7.) Select “Add Condition” and select “Task Sequence Variable”
8.) Enter the collection variable you’ve created earlier with the same value. In my example:
Task Sequences Variable APP-AdobeReader equals “Yes”
9.) Select “Apply” and close the task sequence.
10.) Start the OSD on both machines and wait until the installation is done!
11.) Watch the differences between both machines, if everything is okay, one machine has Adobe Reader installed and the other not.

This is an extremely powerfull thing within ConfigMgr, and really helpfull is some scenario’s. For example VDI golden image deployments or hybrid environments with laptops/desktops or multiple organizations using one ConfigMgr environment. One main reason could be consolidation in task sequences. If you want, there should be only one task sequence for all you different deployments. This is why I’m loving collection varaibles! 🙂

2014-12-22_15h45_33    2014-12-22_15h46_26    2014-12-22_15h46_48

2014-12-22_15h47_23    2014-12-22_15h49_46    2014-12-22_15h50_15

2014-12-22_15h50_37    2014-12-22_15h51_16    2014-12-22_15h51_58

How to: Apply Windows updates during OSD with ConfigMgr 2012 R2

During a OS deployment with ConfigMgr 2012 R2, you definitely want to apply the latest Windows updates and patches, for example with Windows Server Update Service (WSUS). You can also integrate WSUS within ConfigMgr 2012 R2, but in this example WSUS is not integrated!!

This example is also very usefull to create a fully patches golden image in ConfigMgr 2012 R2 (Build & Capture). After the task sequence you’ve a fully patches Windows 8.1 machine that you can use for example VDI environments.

1.) Fist open your task sequence
2.) Create a new computer group “Desktops” within the WSUS console (or choose another name, for exmaple: servers, laptops, etc.)
3.) Add a custom group within the task sequence
4.) Add the following steps in your task sequence
Run Command Line:
reg ADD “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate” /v WUServer /t REG_SZ /d http://wsus01.cloud.local:8530 /f
Run Command Line:
reg ADD “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate” /v WUStatusServer /t REG_SZ /d http://wsus01.cloud.local:8530 /f
Run Command Line:
reg ADD “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate” /v TargetGroup /t REG_SZ /d “Desktops” /f
Run Command Line:
reg ADD “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate” /v TargetGroupEnabled /t REG_DWORD /d 1 /f
Run Command Line:
reg ADD “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU” /v UseWUServer /t REG_DWORD /d 1 /f
Run Command Line:
wuauclt.exe /resetauthorization /detectnow
5.) Don’t forget to set the name of your WSUS server and computer group in the commands above!
6.) Create a new package in ConfigMgr 2012 R2 with the following two files in it, located in the MDT 2013 deployment share directory
ZTIUtility.vbs
ZTIWindowsUpdate.wsf
7.) Don’t create a program in this package, but you only have to distribute it to the distribution point(s)
8.) Add a new step “Run Command Line” to the task sequence with the following command:
cscript.exe ZTIWindowsUpdate.wsf
Select the package where the source files are located
9.) Deploy the task sequence to your client collection!

COAU_01    COAU_02    COAU_03

COAU_04    COAU_05    COAU_06

COAU_07    COAU_08    COAU_09

COAU_10    COAU_11    COAU_12

How to: Disable first sign-in animation in Windows 8.1 using ConfigMgr 2012 R2

When a user login the very first time on a Windows 8 of 8.1 machine, they will see a “animation” with some helpful tips. During this stage the userprofile is being created and prepared. While the first sign-in animation may be helpful to new users to see, but it slows down the logintimes. So let’s turn this animation off using ConfigMgr 2012 R2.

1.) Open your task sequence
2.) Add a action “Run Command Line” after Setup Windows and ConfigMgr
3.) Copy and paste the following command line:
reg ADD “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System” /v EnableFirstLogonAnimation /t REG_DWORD /d 0 /f
4.) Give it the value 0 to disable and 1 to enable
5.) Deploy your task sequence to a collection of devices

FRA_01    2014-12-22_10h44_09    2014-12-22_10h44_50

How to: Add computer to security group with ConfigMgr 2012 during OSD

In some cases you’ve to add computer to a Active Directory security group. For example Direct Access laptops. In this example I’ve created a VBS script for adding a computer to an Active Directory security group during OSD in ConfigMgr 2012 R2.

1.)  Create a new package within ConfigMgr 2012 R2 without a program
2.) Distribute the new package to you distribution point(s)
3.) Copy the script “ADgroup.vbs” to the source location of your new package
4.) Add a step “Run Command Line” to your task sequence
5.) Add the command line: cscript.exe adgroup.vbs [name of your AD group]
6.) Select the package “Scripts”
7.) Select a account with enough privileges to add (new) computer object to the Active Directory
8.) Deploy your task sequence to a collection

You can download the script here. (Right-click and save…)

2014-12-12_15h53_47    2014-12-12_15h58_35    2014-12-12_15h59_14

2014-12-12_15h59_50    2014-12-12_16h42_54    2014-12-12_16h43_11

2014-12-12_16h43_34    2014-12-12_16h43_48