Wednesday, July 25, 2018

Windows Server 2012 Tips and Tricks

Building a lab to test some Windows services , AD, DNS, DHCP, ADCS, etc. in my VMware ESXi 6 environment, to get it running smoothly and reduce some headache, I used following tricks to make my life easier.

Most of work has to be done by Group Policy Management Editor. If you are running in a domain environment, create this setting accordingly in a GPO, otherwise configure the local GPO (gpedit.msc):

Edit Default Group Policy
Launch Group Policy Management

Note: In order to refresh the policy type the following command: “gpupdate /force”  in the CMD window and click ENTER.

1. Disable Password Complexity Verification
Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Account Policy -> Password Policy -> Password must meet complexity requirements -> Disabled

2. Disable Ctrl+Alt+Del
Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Interactive Logon: Do not require CTRL+ALT+DEL

3. Disable windows auto-lock timeout 

Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Interactive logon: Machine inactivity limit

If you wannt prevent lockout set it to zero, keep in mind the security impact this change can have dependent on your environment.

4. Disable IE Enhanced Security Configuration
In Windows Server 2012, advanced security is automatically enabled for Internet Explorer, which can interfere with downloading the software or browsing Internet. You can disable advanced security for Internet Explorer in Server Manager as follows: Open Server Manager and on the left side, click Local Server . On the right side, click the On link next to IE Enhanced Security Configuration in the Properties section.

5. Command Line : Server Configuration
SCONFIG was initially developed for Microsoft Hyper-V Server 2008, a free virtualization platform that is based on Windows Server 2008 RTM Core and that has the Hyper-V role pre-installed. There have been clients who have gone ahead and copied the script onto their Core installations on other machines. Since then, SCONFIG was made a  part of the R2 release of Windows Server 2008.

With SCONFIG you can manage many aspects of the Server Core machine. SCONFIG dramatically eases server configuration for Windows Server 2008 R2 core deployments. With SCONFIG, you can easily set your system up, get it on the network so you can easily manage the server remotely.

To run SCONFIG simply enter sconfig.cmd in the command prompt window, and press Enter.

1) Domain/Workgroup
2) Computer Name
3) Add Local Administrator
4) Configure Remote Management
5) Windows Update Settings
6) Download and Install Updates
7) Remote Desktop
8) Network Settings
9) Date and Time
10) Help improve the product with CEIP
11) Windows Activation
12) Log Off User
13) Restart Server
14) Shut Down Server
15) Exit to Command Line

No comments:

Post a Comment