ptg6432687 110 4 Installing Windows 2008 Server and the Hyper-V Role FIGURE 4.3 Specifying whether to upgrade or install a clean copy of Windows. NOTE With older versions of the Windows operating system, you had two options when parti- tioning the hard drive: NTFS or FAT/FAT32. When creating and formatting partitions in Windows Server 2008, FAT and FAT32 are no longer supported because NTFS is the only file system that can be sustained. FIGURE 4.4 Specifying the location for the installation. Download at www.wowebook.com ptg6432687 111 Installing a Clean Version of Windows Server 2008 Operating System 4 8. Finalizing the Installation and Customizing the Configuration After the Windows Server 2008 Install Windows Wizard collects the information and installs Windows, the system prompts you to enter a password. You must key in a pass- word that will be associated with the administrator account on the server. Once you enter in the password, you are prompted to log on to the server system. NOTE As a best practice, rename the administrator account after you complete the installa- tion and assign a strong password. You must enter it twice: first in the Password text box, and then in the Confirm Password text box. As in previous Windows operating systems, the password is case sensitive and can contain up to 127 characters. In addition, a strong password should include both upper- and lowercase letters, numbers, and symbols. Many organizations choose to use passphrases that are mini- sentences instead of single words. It’s harder to decode a phrase “I like my brown d0g Spot!” than a single 8- or 10-character single word. Choose your password carefully to ensure the security of the system. You can change both the administrator account name and password in the Change Password dialog box. When you enter the administrator name and your new password, an Initial Configuration Tasks Wizard is automatically invoked. This wizard presents the following tasks, as shown in Figure 4.5, to initially configure the server. The high-level initial configuration tasks include the following: 1. Provide Computer Information . Set the Administrator Password . Set Time Zone . Configure Networking . Provide Computer Name and Domain 2. Update This Server . Enable Automatic Updating and Feedback . Download and Install Updates 3. Customize This Server . Add Roles . Add Features . Enable Remote Desktop . Configure Windows Firewall Download at www.wowebook.com ptg6432687 112 4 Installing Windows 2008 Server and the Hyper-V Role FIGURE 4.5 The Initial Configuration Tasks Wizard. Traditionally, these configuration tasks were addressed during the initial installation of Windows; however, now these elements are configured after the initial installation of the operating system is complete. If these elements are removed from the installation, the installation process is much faster. Setting the Time Zone The first task that should be configured after the installation is the date and time of the server. Click the Set Time Zone link in the Initial Configuration Tasks Wizard to invoke the Date and Time dialog box. On the Date and Time tab, set the time zone where the server will operate by clicking the Change Date and Time button. In addition, click the Change Time Zone button to configure the time zone for the server. The next tab, Additional Clocks, as displayed in Figure 4.6, should be used if there is a need to display the time in another time zone. Up to two clocks can be configured on this tab. The final tab, Internet Time, is where you configure a time server for the server to synchronize its clock with. Time.windows.com is the default time server; however, other time servers can be selected by clicking the Change Settings button. Download at www.wowebook.com ptg6432687 113 Installing a Clean Version of Windows Server 2008 Operating System 4 FIGURE 4.6 Configuring additional clocks for Windows. Configuring Networking The second setting in the Provide Computer Information section of the Initial Configuration Tasks Wizard is Configure Networking. You need to decide on network settings for the server so that it can connect to other computers, networks, and the Internet. By default, Windows 2008, as with earlier versions of Windows, installs Client for Microsoft Networks, File and Printer Sharing for Microsoft Networks, and TCP/IPv4. In addition, Windows 2008 installs QoS Packet Scheduler, Internet Protocol version 6 (TCP/IPv6), Link-Layer Topology Discover Mapper I/O Driver, and Link-Layer Topology Discover Responder. Don’t be alarmed. The default client, service, and protocols that are installed by default will meet most companies’ needs and require little manual configuration. You will, however, likely want to change the TCP/IPv4 settings and assign a static address for the server. Providing the Computer Name and Domain Use the Provide Computer Name and Domain link to change the name of your computer and to add your computer to a domain or workgroup. If you are joining an existing domain, you need the logon name and password for a domain administrator account in that domain. Alternatively, you can have the administrator of the domain add your computer name into the domain so that your server can connect. If you do not know the name of the domain that the server will be a member of, or if you do not have the admin- istrative rights to join the server to the domain, you can still change the computer name and you can always join the server to a domain at a later time. Download at www.wowebook.com ptg6432687 114 4 Installing Windows 2008 Server and the Hyper-V Role Now that we configured the elements in the Provide Computer Information section of the Initial Configuration Tasks Wizard, the next step is to focus on the second configuration section called Update This Server. Enabling Automatic Updating and Feedback The Enable Automatic Updating and Feedback link in the Update This Server section is used to configure how your system maintains its health and security by automatically downloading and configuring software updates and the degree to which you want to participate in Microsoft’s information-gathering efforts. Although it’s easy to dismiss these features, the tools do provide you with an easy way to patch your systems and contribute your experience with Microsoft products with little or no effort. Anonymous information gathered from users shapes Microsoft products and technologies, so if you don’t have corporate policies around sharing technical information outside of your organization, give some thought to participating before shutting these systems down. If selected, the following options can be configured automatically, or you can manually configure the settings: . Automatic Updates—Automatic Updates are not configured by default. You can leave this setting as is or configure the server to check for updates automatically on a schedule that fits your maintenance procedures. When patching large enterprise environments, it is a best practice to control software updates via a patching solu- tion, such as System Center Operations Manager 2007 or WSUS 3.0. . Windows Error Reporting—Windows Error Reporting, by default, automatically sends detailed information to Microsoft when errors occur on your server. You can turn this function off or configure it to alert a user who is logged on to the console before sending any information to Microsoft. Reports contain information that is most useful for diagnosing and solving the problem that has occurred. . Customer Experience Improvement Program—The Customer Experience Improvement Program, or more benignly, CEIP, gathers anonymous information and periodically sends it to Microsoft. CEIP reports generally include information about the features and general tasks performed by a user and any problems encountered when using the Microsoft product. Downloading and Installing Updates Even though you might have selected the option in the previous steps to automatically configure server updates, it is still possible to download and install updates manually by selecting the Download and Install Updates link in the Update This Server section of the Initial Configuration Tasks Wizard. When selected, the server will connect to the Microsoft Windows Update site. Before configuring roles or features or making your server available to users on the network, it is a best practice to install the latest updates and patches from Microsoft. If your environment uses an automated tool such as WSUS, tested and approved patches might already be installed by your update and patching infrastruc- ture if the system was joined to the domain and is configured to do so. The final section on the Initial Configuration Tasks Wizard is called Customize This Server. The options are covered in the following sections. Download at www.wowebook.com ptg6432687 115 Installing the Hyper-V Server Role 4 Adding Roles Using the Add Roles link on the Initial Configuration Tasks Wizard, you can quickly install core server roles, such as Active Directory Domain Services, DNS, and much more to your server. The process also adds dependent services and components as needed (alert- ing you along the way). This ensures that as you are setting up your system, all the neces- sary components are installed—alleviating the need to use multiple tools to install, secure, and manage a given server role—and that the roles are set up securely. Although it’s criti- cal to understand dependencies for whatever role or function the server might hold, getting the system set up quickly, efficiently, and accurately is always paramount, and these setup tools help accomplish just that. We address the addition of the Hyper-V role in the next section, “Installing the Hyper-V Server Role.” Adding Features You can use the Add Features link to help configure useful tools and system features installed on the server. Features such as RPC over HTTP Proxy for Exchange, Terminal Services, Gateway, and SMTP Server can be installed and configured. Backup and other management tools can also be installed using this tool. Enabling Remote Desktop By enabling Remote Desktop, you can connect to either a remote console or an RDP session while not physically at the server. Using Remote Desktop to manage systems greatly eases administration of servers but does open another door into each system; therefore, consider restricting access via Remote Desktop to users who have a need to access those systems. Configuring Windows Firewall By default, Windows Firewall is turned on when the base OS is first run. Although the fire- wall protects the server only from outside access (as opposed to compromises from within the OS, such as a virus or other malware), this is typically adequate protection on a newly built machine until the system is patched and loaded with antivirus software or any other protective systems. Unless you configure exceptions to the firewall, users will not be able to access resources or services on the server. Exceptions to this are services or resources that are made available using the Initial Configuration Tasks Wizard or other GUI-based tools that automatically create the exceptions, enabling you to leave the firewall on while enabling access to specific functions on the server, if desired. Installing the Hyper-V Server Role With the background on sizing and planning for server capacity and storage covered in Chapter 3, and the basic installation of Windows Server 2008 covered so far in this chapter, this section now focuses on the installation of the Microsoft Hyper-V server role on the Windows Server 2008 system. Download at www.wowebook.com ptg6432687 116 4 Installing Windows 2008 Server and the Hyper-V Role Running Server Manager to Add the Hyper-V Role After the base image of Windows 2008 has been installed, some basic initial tasks should have been completed as noted in the section “Finalizing the Installation and Customizing the Configuration.” The basic tasks are as follows: 1. Make sure to have changed the server name to be a name that you want the virtual server to be. 2. Configure the server to have a static IP address. 3. Join the server to an Active Directory domain (assuming the server will be part of a managed Active Directory environment with centralized administration). 4. Run Windows Update to confirm that all patches and updates have been installed and applied to the server. After these basic tasks have been completed, the next step is to install the server virtualiza- tion software on the server and then add in the Hyper-V role to the server system. Because Windows virtualization did not ship with Windows 2008 at the time of the Windows 2008 product release, you first must download the Hyper-V role software from Microsoft and install it on the server system. A beta version of the Hyper-V software is included on the original Windows 2008 disc and should not be installed for a production installation of the server now the Hyper-V is available. Go to www.microsoft.com/downloads and download the latest version of the Hyper-V server role onto the server system. After the Hyper-V code has been installed on the system, do the following to add the server role to the system: 1. Make sure to be logged on to the server with local administrator or domain admin privileges. 2. Click Start, All Program Files, Administrative Tools, and choose Server Manager. This will start the Server Manager console if it is not already running on the system. 3. Right-click Roles in the left pane of the console, and select Add Roles, as shown in Figure 4.7. 4. After the Add Roles Wizard loads, click Next to continue past the Welcome screen. 5. On the Select Server Roles page, select the Hyper-V Server role, and click Next. Download at www.wowebook.com ptg6432687 117 Installing the Hyper-V Server Role 4 FIGURE 4.7 Adding a role to the Server Manager console. NOTE Hyper-V requires a system with hardware-assisted virtualization suppor t. Both Intel EM64T and AMD64 chipsets are supported by Hyper-V. In addition, virtualization must be enabled in the BIOS. Check your server documentation for details on how to enable this setting. Although you may successfully install the Hyper-V server role software onto the server and reboot the system, if Hyper-V is not working, check your BIOS (common- ly pressing the F2 key or F10 key on power up of the server to enter the “setup” of the BIOS) because hardware-assisted virtualization support is frequently not enabled by default. After making a change in the BIOS to support hardware-assisted virtualization and saving the setting, you might want to ensure the settings have successfully taken place by completely powering off the system instead of just letting the BIOS soft boot the system. 6. On the Hyper-V page, read the notes and information about the role, and then click Next. 7. On the Create Virtual Networks page, select the LAN adapters you want to have shared with guest sessions. Click Next to continue. 8. On the Confirm Installation Selections page, review the selections made, and then click Install. 9. On the Installation Results page, review the results, and click Close. Download at www.wowebook.com ptg6432687 118 4 Installing Windows 2008 Server and the Hyper-V Role 10. When prompted to restart the server, click Yes. 11. After the server restarts, log on to the server with local administrator or domain admin privileges. 12. After logging on, the installation and configuration will continue for a few more moments. When complete, the Installation Results page will display. Review the results in the page and confirm that the Windows Hyper-V role has been installed successfully. Click Close. After installing the Hyper-V role, you need to reboot the server. With the Hyper-V role installed, the server now loads the HvBoot.sys loader, which is the hypervisor for the system. The continuation of the boot of Windows is actually loading Windows into the first partition on the system, effectively having the host session parallel to the guest sessions as opposed to a monolithic virtualization technology that has all guest sessions running on top of the host session. With Hyper-V installed, you can now begin to load guest sessions on Hyper-V. See Chapter 5, “Installing a Guest Session on Hyper-V,” for detailed instructions about installing virtual guest sessions onto Hyper-V. Understanding Server Core Installation Windows Server Core is one of the innovative and highly anticipated features of Windows 2008. The Windows Server Core installation provides a minimal environment for running a specific server role, including, but not limited to, a domain controller, web server, DHCP server, or in the context of this book, the Hyper-V role on Server Core. With Server Core, only a subset of the Windows Server 2008 binaries is utilized. The Server Core installation is so stripped that traditional installation components, such as a desktop shell, GUI, Windows Explorer, Microsoft Internet Explorer, and the Microsoft Management Console (MMC), are not included. Therefore, the server must be fully managed and configured via the command prompt or remotely from an Administration tool running on another system. By maintaining a minimized installation footprint by stripping out the typical compo- nents and only supporting specific roles, the Server Core installation reduces mainte- nance, attack surface, management, and disk space required to support the installation. Another great feature, particularly for administrators who do not understand scripting commands and who heavily rely on the GUI tools to manage a server, is the ability to remotely manage the Server Core installation through the MMC. Performing a Server Core Installation When installing Windows Server 2008 Server Core, the actual installation process is similar to a regular server install, which was conducted in the earlier sections of this chapter. To recap, an administrator agrees to the licensing terms, supplies configuration responses, and the Windows Server 2008 Install Windows Wizard copies the files and configures the server. However, unlike a traditional installation of Windows, when the Download at www.wowebook.com ptg6432687 119 Understanding Server Core Installation 4 FIGURE 4.8 Selecting the Server Core installation. installation is complete and you log on, there isn’t a GUI to configure the server. The server can be configured and managed only via the command prompt. The Server Core installation will reboot your server a couple of times when device detec- tion and the installation takes place. Eventually, you’ll be presented with the logon screen. Follow these steps to conduct a Windows Server 2008 Server Core installation: 1. Insert the Windows Server 2008 media. The Install Windows page will automatically be launched; otherwise, click Setup.exe. 2. Specify the Language to Install, Time and Currency Format, and Keyboard or Input Method, and then click Next. 3. Click Install Now to begin the installation process. 4. On the Type Your Product Key for Activation page, enter the product key included with the software. In addition, enable the option to Automatically Activate Windows When I’m Online, and then click Next. 5. On the Select the Operating System You Want to Install page, select the Windows Server 2008 Server Core, as shown in Figure 4.8. Click Next to continue. 6. Review the license terms and select the I Accept the License Terms option, and then click Next. 7. On the Which Type of Installation Do You Want page, select Custom (Advanced), as shown in Figure 4.9. Because you cannot upgrade a legacy Windows operating system to Server Core, the Upgrade option has been disabled. Download at www.wowebook.com . installation footprint by stripping out the typical compo- nents and only supporting specific roles, the Server Core installation reduces mainte- nance, attack surface, management, and disk space required. a role to the Server Manager console. NOTE Hyper-V requires a system with hardware-assisted virtualization suppor t. Both Intel EM64T and AMD64 chipsets are supported by Hyper-V. In addition,. Internet Protocol version 6 (TCP/IPv6), Link-Layer Topology Discover Mapper I/O Driver, and Link-Layer Topology Discover Responder. Don’t be alarmed. The default client, service, and protocols