IT and security stuff

Setup a Domain with Windows Server Core

neoh

At first it may seem like a nightmare to setup a Domain without any GUI. But any linux user don’t really care. The main reason you would use server core is for security. Without GUI, there are less installed apps, which reduces attack vectors for hackers. It’s also worth noting that your server will use less physical resources which can be something useful in a business.

Install Server 2019 and select Standard with no desktop.
Now the server core is installed, we will proceed with some post-installation setup

The first steps are to configure a static IP address, timezone and rename our machine. We will use PowerShell in this tutorial.

Rename the computer using Rename-Computer -NewName server

Now to setup a static IP address we first need to identify our NIC

Get-NetAdapter . Take note of the ifIndex number.

New-NetIPAddress -InterfaceIndex 6 -IPAddress 192.168.1.10 -PrefixLength 24 -DefaultGateway 192.168.1.1

Next we will configure the DNS for the server

Set-DnsClientServerAddress -InterfaceIndex 6 -ServerAddress 192.168.1.10
Using ipconfig /all , we can verify our settings so far. Remember that we need to reboot for the name to take effect. Restart-Computer

When the server has rebooted, open powershell again. We will then install ADDS server role.

Install-WindowsFeature AD-domain-services -IncludeAllSubFeature -IncludeManagementTools

Next step is to promote this server as a domain controller

Install-ADDSForest -DomainName "osullivan.local" . When asked if you want to continue with this operation choose “A”. This will perform the install and reboot.

Once rebooted, open powershell again. We will now install the DHCP feature.

Add-WindowsFeature -IncludeManagementTools DHCP
Add the Security Groups using Add-DhcpServerSecurityGroup

Now Restart the DHCP server.

Restart-Service DHCPServer

Next step is to add the DHCP to the domain controller.

Add-DHCPServerinDC 192.168.1.10

Now we are going to create our DHCP pool also know as scope. First we define the IP range and the subnet mask

Add-DhcpServerV4Scope -Name "mcdonalds" -StartRange 192.168.1.20 -EndRange 192.168.1.119 SubnetMask 255.255.255.0

Next we configure the DNS and the router(gateway) addresses and the pool lease duration.

Set-DhcpServerV4OptionValue -DnsServer 192.168.1.10 -Router 192.168.1.1 and Set-DhcpServerV4Scope -ScopeId 192.168.1.0 -LeaseDuration 00:00:30

At this point our server should be functional. We can open up a client machine on the same network to confirm DHCP works and as a little extra, install RSAT to remotely manage this server.

First we need a client machine which has internet access. On this client machine, download the Remote Server Admin tools from Microsoft and install it.

Install it.

Once RSAT is installed. Shut down this client VM and setup the Network to be in the same VMNet as the server.

And then power up. Login and check IPv4 settings.
The DHCP server works properly.

Now, we will add this client machine to our domain

Once the client machine has rebooted, we can see the domain connection was successful, now you can connect as your server admin account as you would on a normal Windows Server using this client machine to connect remotely

Use you server admin credentials
Open up server manager.
Right click and select add servers
Success! We can now manage our server core remotely!

Every commands on this tutorial was provided by Microsoft official documentation. You can check it out here : https://docs.microsoft.com/en-us/powershell/module/nettcpip/set-netipinterface?view=windowsserver2019-ps

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.