Welcome to MOBS Bangladesh   Click to listen highlighted text! Welcome to MOBS Bangladesh Powered By GSpeech
Aug 23

Install GUI on Windows Server 2016

Download PDF

I really got amazed or even startled that the first boot Windows Server presented a command line, along with the server manager. I closed the server manager console; and got stuck :) with the command line only. Laughed for couple of minutes of my ignorance of the new technology. Then I recall the command “servermanager”, and it popped up again. Kinda felt idiotic too at that time.

Now coming back to the original topic. My apologies, this post is an orchestration, as I couldn’t load mspaint to work, nothing was there to save the print screen snapshot….. LOL

Now I have chosen the first option to be installed which led me to a command prompt only screen. The following picture is taken from TechNet.

Wsvr2016

After Windows Server 2016 CTP2/3 completes it’s installation, restarts for the final time, login into the server and issue the following command in the command prompt:

ServerManager

Screenshot would look like the following, as you can see the feature is already installed.

desktopexperience

I typed all lowercase, when the Server Manager actually pops up, then follow the screenshot location to install the “Server Graphical Shell” along with the “Desktop Experience”, well if you need it. I also installed the Ink services for the server to support sound/recording services. Please do read the right side description of the feature getting installed. Now after finishing the installation you will get the look just like the following screenshot:

Windows2016 Desktop

Essentially, the Windows Server is getting lighter and lighter with each release comes out. Can’t wait to test the server out with my new DELL Latitude E7240 Ultrabook, and the video recordings will be released to my YouTube channel. Furthermore, use the following command to add more features:

 

  • Add-WindowsFeature
  • Get-WindowsFeature
  • Remove-WindowsFeature

By the way, you can run the following powershell command to checkout if the GUI feature is installed or not:

Get-WindowsFeature *gui*
And the screenshot follows:
guicheck
comments: Closed tags: ,
Aug 20

Enable BitLocker, and to Prompt for PIN During Startup

Download PDF

First you need to check if the following items are there in your laptop/server

  • TPM Chip
  • Windows 7 Enterprise or Higher (Ultimate with or without N)
  • Windows Server 2008 R2 Enterprise or Higher

You can achieve BitLocker encryption introduced into any number of drives, and you can do this in two ways:

  • BitLocker Encryption tied to the TPM chip
  • Password protected BitLocker without the integration with TPM

Enable BitLocker: This exercise is done using Windows 8.1 Enterprise N Edition. Now, you can do it in a short step. On your keyboard, press “Windows Key+E”, Select your boot drive, right click on it and click enable BitLocker on this drive. It will prompt you to save the recovery key elsewhere, other than the fixed drive, perhaps a memory stick is a good choice. Save or Print the recovery key and let the wizard start the encryption. A screenshot:

Bitlocker_Complete

 

 

 

 

 

 

 

 

 

 

 

 

 

 

As you can see there are three options available to manage. Suspend the protection, backup again the recovery key & completely turning off BitLocker.

Now Lets run the following command:

gpedit_msc

 

 

 

 

 

 

 

 

 

Go to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives. One the right pane/panel, double-click on the “Require additional authentication at startup”. Screenshot follows:

Bitlocker_GPO_PIN_Enable

 

 

 

 

 

 

 

 

 

 

 

First, Enable the policy, and set the fields as shown in the picture :) Press OK afterwards and close the local policy editor. DO NOT RESTART YET.

Nope, we are not done yet…haha. Now we are going to set the TPM PIN for the encrypted drive; type in the following command:

manage-bde -protectors -add c: -TPMAndPIN

Bitlocker_PIN_Set

 

 

 

 

 

 

 

 

Provide the PIN two times. Now run the following command:

manage-bde -status

You should get the following summary result:

Bitlocker_Status

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

As you can see key protectors are initiated with TPM And PIN. Wala you are done, restart and get ready to provide the PIN, otherwise, you are doomed. Word of advice, do keep your BitLocker keys in safe place(s)

BitLocker PIN Login

BitLocker drive encryption was originally an integral security feature in Windows SBS 2008. You can back up a source volume that is encrypted with BitLocker. However, if you restore the backup to your server, it is restored without BitLocker encryption. You must manually enable BitLocker on the restored volume. Afterwards BitLocker ported to Vista and so on

You can do this after BitLocker has encrypted the entire drive. First you have to enable the local policy to require a PIN during startup. You could also do that centrally enterprise wide through Group Policy (GPO).

Checkout the following links as well:

comments: Closed
Oct 15

Windows Servers: DNS Ports

Download PDF

The default DNS port is 53. You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following netsh commands:

  • netsh int ipv4 show dynamicport tcp
  • netsh int ipv4 show dynamicport udp
  • netsh int ipv6 show dynamicport tcp
  • netsh int ipv6 show dynamicport udp

To comply with Internet Assigned Numbers Authority (IANA) recommendations, Microsoft has increased the dynamic client port range for outgoing connections in Windows Vista and in Windows Server 2008. The new default start port is 49152, and the default end port is 65535.

Traffic Type Source of Transmission Source Port Destination of Transmission Destination Port
Queries from local DNS server Local DNS server A random port numbered 49152 or above Any remote DNS server 53
Responses to local DNS server Any remote DNS server 53 Local DNS server A random port numbered 49152 or above
Queries from remote DNS server Any remote DNS server A random port numbered 49152 or above Local DNS server 53
Responses to remote DNS server Local DNS server 53 Any remote DNS server A random port numbered 49152 or above

 

comments: Closed tags: ,
Oct 13

Windows 7 USB/DVD Tool – Make Your Own Bootable Memory Stick

Download PDF

Microsoft has a tool and it’s so easy to make an ISO file to be transferred to a USB drive using the tool. It will readily create a USB bootable OS. Now download the file from the following link:

Windows 7 USB/DVD Download Tool: http://wudt.codeplex.com/

The compatibility center also approves that the tool is compatible with Windows 7, 8 & 8.1. But it didn’t show if I wanted to create a Windows Server 2012 R2 bootable USB drive? Would it work then? Let’s check.

Compatibility Check for Client OS: http://www.microsoft.com/en-us/windows/compatibility/CompatCenter/ProductDetailsViewer?Type=Software&Name=Microsoft+Windows+7+USB%2FDVD+Download+Tool&ModelOrVersion=1&Vendor=Microsoft&Locale=&LastSearchTerm=&BreadcrumbPath=&TempOsid=Windows+8.1

Start the installation when you are ready:

USB_01

Click Next for the installation to forward.

USB_02

Click Install and wait for couple of minutes for the installation to complete

USB_03

And the installation completes. Run the program

USB_04

Choose the ISO file, here I chose the Windows Server 2012 R2 x64 version of the operating system ISO from my TechNet Subscription. You can also use the trial version ISO downloaded from the TechNet site.

USB_05

Choose the ISO file of which you want to make the USB out of

USB_06

Choose the USB drive and head for the installation to continue

 

USB_07

Click on begin copying

USB_08

Installation completes

USB_12

As the USB drive seems filled up :) I used a 16GB drive for the OS

USB_13And run the setup; follows the screenshot (Content of the USB screenshot follows):

USB_14

Now boot up the USB and following screen appears :)

win2k12r2

And the tool can use bootable ISO’s namely the following to make it a bootable USB stick.

  1. Windows Server 2012 R2
  2. Windows 8.1
  3. Windows 8
  4. Windows 7
Oct 8

PowerShell 2.0 – ShutDown VM Script

Download PDF

Here is the script for shutting down a Virtual Machine. Have a close look in the script and look for change needed, like your virtual machine name, exit reasons etc. This script is tested under Win2k8 and Win2k8R2 Environment. Thanks goes to the person who wrote this, I can’t remember his/her name or where I collected this script, but had it for a long time now, and used it regularly; now sharing this small script with you all.

# Shutdown a Virtual Machine (requires Integration Components)
 param([string]$vmName = $(throw "Must specify virtual machine name")  )
# Get the VM by name and request state to change to Enabled 
 $vm = gwmi -namespace root\virtualization Msvm_ComputerSystem -filter 
"ElementName='$vmName'"     # Get the associated Shutdown Component  
$shutdown = gwmi -namespace root\virtualization `      -query 
"Associators of {$vm} where ResultClass=Msvm_ShutdownComponent"
# Initiate a forced shutdown with simple reason string, 
return resulting error code  
return $shutdown.InitiateShutdown($true,"System Maintenance")
comments: Comments Off on PowerShell 2.0 – ShutDown VM Script tags:
Click to listen highlighted text! Powered By GSpeech