(Windows Server 2008 ICT Just For Understanding and Reference)

Initial Configuration Tasks

After completion of the installation of Server Operating System, and before you deploy the new
server in your enterprise, some configuration is required to identify the computer to other
computing resources on your network, secure the computer, enable administrators to perform
tasks on the computer, and customize the computer by adding server roles and features.

You can complete these tasks by using commands in the Initial Configuration Tasks window,
which opens immediately after the operating system installation is complete.

The Initial Configuration Tasks window opens at each startup, unless the Do not show this
window at logon check box is selected.

You can finish configuring Windows Server® 2008 R2 by performing the following three tasks,
identified in the Initial Configuration Tasks window that is opened when the operating system
installation is complete.

 Provide computer information

 Update This Server

 Customize This Server

1)Provide computer information
A) Activate Windows

Click the Activate Windows link in the Provide Computer Information area of the Initial
Configuration Tasks window to provide the product key that was included with your copy of
this Windows operating system. This command opens the Windows Activation dialog box.

Activation helps verify that your copy of Windows is genuine.

The Activate Windows field in the Initial Configuration Tasks window shows the activation
status for this copy of Windows. Not activated is displayed if an administrator has not provided
the product key associated with this copy of Windows.

B) Set the time zone

Click the Set time zone link in the Provide Computer Information area of the Initial
Configuration Tasks window to change the time zone in which the computer is located.

C) Configure networking

Network Connections provides connectivity between your computer and the Internet, a network,
or another computer. The New Connection Wizard helps you create Internet connections by
using your dial-up modem, ISDN, DSL or cable modem. You can also create incoming, direct,
and virtual private networking (VPN) connections by using the New Connection Wizard.

Recommended configuration for network connections includes the following tasks:

 Configuring static IP addresses (highly recommended)

 Configuring DNS settings

 Configuring WINS settings

2)Update This Server

By using the commands in the Update this Server area of the Initial Configuration
Tasks window, you can ensure that your server receives critical software updates and
enhancements directly from the Microsoft Web site.
The Windows automatic updating feature simplifies the task of updating the operating system,
and saves administrators time.

A) Downloading and installing updates

The Microsoft Update Web site runs an automated tool that identifies any software that installed
as part of your Windows operating system for which there is a more current version available.
When updates are available, the site prompts you to choose the updates you want to install.

B) Enable Windows automatic updating and feedback

On the Enable Windows automatic updating and feedback dialog box, clicking Enable
Windows automatic updating and feedback enrolls your computer in the following three
programs, and uses recommended default settings for each.

 Windows automatic updating.

 Windows Error Reporting.

 Customer Experience Improvement Program.

(Following steps are Just for Understanding start)

To configure Windows automatic updating settings from Control Panel

1. Click Start, click Control Panel, and then double-click Windows Automatic Updating.
2. Click Change Settings.
3. By default, Install updates automatically is selected on the Change Settings dialog box. Select one of the
following remaining settings to change the default setting.
o Download updates but let me choose whether to install them. Windows automatic updating
downloads updates automatically, but allows you to review downloaded updates and decide to install
only those updates you want.

o Check for updates but let me choose whether to download and install them. Windows automatic
updating checks for updates and informs you by using an alert icon in your desktop tray that updates are
available, but downloads and installs only the updates you choose.

o Never check for updates (not recommended). Windows automatic updating does not check for or
install updates unless you click Download and install updates in the Initial Configuration
Taskswindow, or open Windows Automatic Updating in Control Panel and manually command
Windows automatic updating to install updates.

4. In the Recommended updates area, if you want Windows automatic updating to identify those updates that are
recommended or most critical, select Include recommended updates when downloading, installing, or
notifying me about updates.
5. Click OK to save changes and close the Change Settings dialog box.
6. Close Control Panel.

Configuring Windows automatic updating settings from the Initial Configuration Tasks window
To configure Windows automatic updating settings from the Initial Configuration Tasks window

1. On the Enable Windows Automatic Updating and Feedback dialog box, click Manually configure settings.
2. In the Windows Automatic Updating area, click Change Setting.
3. By default, Install updates automatically is selected on the Change Settings dialog box. Select one of the
following remaining settings to change the default setting.
 o Download updates but let me choose whether to install them. Windows automatic updating
downloads updates automatically, but allows you to review downloaded updates and decide to install
only those updates you want.

o Check for updates but let me choose whether to download and install them. Windows automatic
updating checks for updates and informs you by using an alert icon in your desktop tray that updates are
available, but downloads and installs only the updates you choose.

o Never check for updates (not recommended). Windows automatic updating does not check for or
install updates unless you click Download and install updates in the Initial Configuration
Taskswindow, or open Windows Automatic Updating in Control Panel and manually command
Windows automatic updating to install updates.

4. In the Recommended updates area, if you want Windows automatic updating to identify those updates that are
recommended or most critical, select Include recommended updates when downloading, installing, or
notifying me about updates
5. Click OK to save changes and close the Change Settings dialog box.
Windows automatic updating provides high-priority updates, which include security and other critical updates that can
help protect your computer. It is a good idea to visit the Microsoft Update Web site on a regular basis to get optional
updates, such as recommended software and hardware updates, which can help improve your computer's performance.

(Ending Here)

3) Customize This Server

Windows Server® 2008 R2 includes Server Manager, a new tool with which administrators can
either install or remove server roles, or manage those roles after they are installed. Server
Manager provides centralized control of a server, regardless of the combination of roles installed.

A) Adding Roles to Your Server

In Windows Server 2008 R2, you can add roles to the server by using the Add Roles Wizard
You can start the Add Roles Wizard from either the Initial Configuration Tasks window or
from Server Manager.

Types of Roles Available for Installation

The following roles are available for installation by opening the Add Roles Wizard, either from
the Initial Configuration Tasks window, or from Server Manager.

(NOTE:- Bold lettersin following list is the explanation which is required else part is
just information )

Role Name Description

Active Directory Active Directory Certificate Services Active Directory Certificate
Certificate Services Services (AD CS) provides customizable services for issuing and
managing certificates in software security systems that use public key
technologies. You can use AD CS to create one or more certification authorities (CA)
to receive certificate requests, verify the information in the requests and the identity of the
requester, issue certificates, revoke certificates, and publish certificate revocation data.
Applications supported by Active Directory Certificate Services include
Secure/Multipurpose Internet Mail Extensions (S/MIME), secure wireless networks,
virtual private networks (VPN), IP security (IPSec), Encrypting File System (EFS), smart
card logon, Secure Socket Layer/Transport Layer Security (SSL/TLS), and digital
signatures.

Active Directory Active Directory Domain Services (AD DS) stores information about
Domain Services users, computers, and other devices on the network. AD DS helps
administrators securely manage this information and facilitates
resource sharing and collaboration between users.AD DS is also required to
be installed on the network in order to install directory-enabled applications such as
Microsoft Exchange Server and for applying other Windows Server technologies such as
Group Policy.

Active Directory Active Directory Federation Services (AD FS) provides Web single-
Federation Services sign-on (SSO) technologies to authenticate a user to multiple Web
applications that use a single user account. AD FS accomplishes this by
securely federating, or sharing, user identities and permissions, in the form of digital
claims, between partner organizations.

Active Directory Organizations that have applications which require a directory for
Lightweight Directory storing application data can use Active Directory Lightweight
Services Directory Services (AD LDS) as the data store. AD LDS runs as a non-
operating-system service. Therefore, AD LDS does not require deployment on a domain
controller. Running as a non-operating-system service allows multiple instances of
AD LDS to run at the same time on a single server, and each instance can be configured
independently for servicing multiple applications.

Active Directory Active Directory Rights Management Services is information

Rights Management protection technology that works with AD RMS -enabled applications
Services (AD RMS) to help safeguard digital information from unauthorized use.Content
owners can define exactly how a recipient can use the information, such as who can open,
change, print, forward, or take other actions with the information. Organizations can create
custom usage rights templates such as "Confidential – Read-Only" that can be applied
directly to information such as financial reports, product specifications, customer data, and
e-mail messages.

Application Server Application Server provides a complete solution for hosting and
managing high-performance distributed business applications. Integrated
services, such as the .NET Framework, Web Server Support, Message Queuing, COM+,
Windows Communication Foundation, and Failover Clustering support improve
 productivity throughout the application life cycle, from design and development through
deployment and operations.

Dynamic Host The Dynamic Host Configuration Protocol (DHCP) allows servers to
Configuration assign, or lease, IP addresses to computers and other devices that are
Protocol Server enabled as DHCP clients. Deploying DHCP servers on the network automatically
provides computers and other TCP/IP based network devices with valid IP addresses and
the additional configuration parameters these devices need./these are known as DHCP
options, which allow them to connect to other network resources, such as DNS servers,
WINS servers, and routers.

DNS Server Domain Name System (DNS) provides a standard method for
associating names with numeric Internet addresses. This lets users
refer to network computers by using easy-to-remember names instead
of a long series of numbers. Windows DNS services can be integrated with DHCP
services, eliminating the need to add DNS records as computers are added to the network.

Fax Server Fax Server sends and receives faxes, and lets you manage fax resources
such as jobs, settings, reports, and fax devices on this computer or on the
network.

File Services File Services provides technologies for storage management, file
replication, distributed namespace management, fast file searching, and
streamlined client access to files, such as UNIX-based client computers.

Hyper-V™ Hyper-V provides the services that you can use to create and manage
virtual computing environments and their resources. Virtual computers
operate in an isolated operating environment. This lets you to run multiple operating
systems at the same time. You can use a virtualized computing environment to improve
the efficiency of your computing resources by using more of your hardware resources.

Network Policy and Network Policy and Access Services delivers many different methods to
Access Services give users local and remote network connectivity, to connect network
segments, and to allow network administrators to centrally manage
network access and client health policies. With Network Access Services, you
can deploy VPN servers, dial-up servers, routers, and 802.11-protected wireless access.
You can also deploy RADIUS servers and proxies, and use Connection Manager
Administration Kit to create remote access profiles to let client computers to connect to the
network.

Print and Document Print and Document Services enables you to centralize print server and
Services network printer management tasks.With this role, you can also receive scanned
documents from network scanners, and route the documents to a shared network resource,
a Windows SharePoint Services site, or to e-mail addresses.

Remote Desktop Remote Desktop Services provides technologies that enable users to access
 Services Windows-based programs that are installed on a remote desktop server, or
to access the Windows desktop itself, from almost any computing device.
Users can connect to a remote desktop server to run programs and to use
network resources on that server.

Web Server (IIS) The Web Server (IIS) role in Windows Server 2008 R2 lets you share
information with users on the Internet, an intranet, or an extranet.
Windows Server 2008 R2 delivers IIS 7.5, a unified Web platform that integrates IIS,
ASP.NET, and Windows Communication Foundation.

Windows You can use Windows Deployment Services to install and configure
Deployment Services remotely Windows operating systems on computers that have Pre-boot
Execution Environment (PXE) boot ROMs. Administration overhead is
decreased through the implementation of the WdsMgmt Microsoft Management Console
(MMC) snap-in that manages all aspects of Windows Deployment Services. Windows
Deployment Services also provides end-users an experience consistent with Windows
Setup.

Windows Server Windows Server Update Services allows network administrators to specify
Update Services the Microsoft updates that should be installed, to create separate groups of
computers for different sets of updates, and to obtain reports on the
compliance levels of the computers and on the updates that must be
installed.

The Add Roles Wizard OR How to Add Roles

The Add Roles Wizard simplifies installing roles on the server, and allows you to install multiple
roles at one time. You no longer have to open Add or Remove Windows Components multiple
times to install all the roles, role services, and features that you want on the server.

The Add Roles Wizard verifies that all the software components that are required by a role install
with any role you select in the wizard. If it is necessary, the wizard prompts you to approve the
installation of other roles, role services, or software components that are required by roles that
you select.
Most roles and role services that are available for installation require you to make decisions
during the installation process that determine how the role operates in your enterprise. For
example, Active Directory Federation Services (ADFS) requires the installation of a certificate.

To start the Add Roles Wizard

 In the Roles Summary area of the Server Manager main window, click Add Roles.
-- or --
In the Customize this server area of the Initial Configuration Tasks window,
click Add Roles.

B) Adding Features to Your Server

In Windows Server 2008 R2, you can add available features to the server by using the Add
Features Wizard.
Adding Features to Your Server by Using the Add Features Wizard

Adding Features to Your Server by Using the Add Features Wizard

You can add the following features by using the Add Features Wizard.
NOTE:- Bold Features from following list should be Prepared well rest are there just for
information

Feature Description

.NET Framework The .NET Framework 3.5.1 builds incrementally on the features added in the
3.5.1 .NET Framework 3.0, such as enhancements to Windows Workflow
Foundation (WF), Windows Communication Foundation (WCF), Windows
Presentation Foundation (WPF) and Windows CardSpace.

Background Background Intelligent Transfer Service (BITS) asynchronously transfers files

Intelligent in the foreground or background, throttles the transfers to preserve the
Transfer Service responsiveness of other network applications, and automatically resumes file
transfers after network connection failures or computer restarts.

BitLocker Drive BitLocker Drive Encryption helps protect data on lost, stolen or
Encryption inappropriately decommissioned computers by encrypting the volume and
checking the integrity of early boot components. Data is only decrypted if
those components are successfully verified and the encrypted drive is located
in the original computer. Integrity checking requires a compatible trusted
platform module (TPM).

BranchCache BranchCache, available on both Windows Server 2008 R2 and Windows 7,

enables client computers in a branch office to retrieve content securely and
locally, instead of retrieving it from a central office server. Because branch
offices are typically connected over slower WAN links, BranchCache reduces
WAN traffic, and increases application responsiveness on the client computer.

Connection Connection Manager Administration Kit (CMAK) generates Connection

Manager Manager profiles.
Administration Kit

Desktop Desktop Experience includes features of Windows® 7, such as Windows

Experience Media Player, desktop themes, and photo management. Desktop Experience
does not enable any of the Windows 7 features by default. You must manually
 enable them.

Direct Access Direct Access Management Console provides direct access setup and
Management monitoring.
Console

Failover Clustering Failover Clustering allows multiple servers to work together to provide high
availability of services and applications. Failover Clustering is frequently
used for file and print services, database and mail applications.

Group Policy Group Policy Management makes it easier to deploy, manage, and
Management troubleshoot Group Policy implementations. The standard tool is Group
Policy Management Console (GPMC), a scriptable Microsoft Management
Console (MMC) snap-in that provides a single administrative tool for
managing Group Policy across the enterprise.

Ink and Ink and Handwriting Services, new for Windows Server 2008 R2, provides
Handwriting support for handwriting recognition in multiple languages, together with
Services support for using a pen or stylus with a pressure-sensitive computing
interface, such as a tablet computer.

Internet Printing Internet Printing Client enables users to connect and print to printers on the
Client local network or over the Internet by using Internet Printing Protocol (IPP).
You can use the Internet Printing Client and IPP to connect to the shared
printer by using a Web browser (if the print server has the Internet Printing
role service installed), or by using the Network Printer Installation Wizard.

Internet Storage Internet Storage Name Server (iSNS) provides discovery services foriSCSI
Name Server storage area networks. iSNS processes registration requests, deregistration
requests, and queries from iSNS clients.

LPR Port Monitor Line Printer Remote (LPR) Port Monitor allows users who have access to
UNIX-based computers to print on devices attached to them.

Message Queuing Message Queuing provides guaranteed message delivery, efficient routing,
security, and priority-based messaging between applications. Message
Queuing also accommodates message delivery between applications that run
on different operating systems, use dissimilar network infrastructures, are
temporarily offline, or that are running at different times.

Multipath I/O Multipath I/O (MPIO), together with the Microsoft Device Specific Module
(DSM) or a third-party DSM, provides support for using multiple data paths
to a storage device on Windows.

Network Load Network Load Balancing (NLB) distributes traffic across several servers, by
Balancing using the TCP/IP networking protocol. NLB is especially useful for ensuring
that stateless applications, such as a Web server that is running IIS, are
scalable by adding additional servers as the load increases.

Peer Name Peer Name Resolution Protocol (PNRP) allows applications to register on and
Resolution resolve names from your computer, so that other computers can communicate
Protocol with these applications.

Quality Windows Quality Windows Audio Video Experience (qWave) is a networking platform
Audio Video for audio and video (AV) streaming applications on IP-based home networks.
Experience qWave improves AV streaming performance and reliability by ensuring
(qWave) network quality-of-service for AV applications. It provides admission control,
run time monitoring and enforcement, application feedback, and traffic
prioritization. On Windows Server platforms, qWave provides only rate-of-
flow and prioritization services.

Remote Remote Assistance enables you (or a support person) to offer assistance to
Assistance users who have computer issues or questions. Remote Assistance lets you
view and share control of the user’s desktop in order to troubleshoot and fix
the issues. Users can also ask for help from friends or co-workers.

Remote The Remote Differential Compression (RDC) feature is a set of APIs that
Differential applications can use to determine whether a set of files have changed, and if
Compression that is the case, to detect which sections of the files contain the changes.

Remote Server Remote Server Administration Tools enables remote management of

Administration Windows Server 2008 and Windows Server 2008 R2 from a computer
Tools running Windows Server 2008 R2 by allowing you to run some of the
management tools and snap-ins for roles, role services, and features on a
remote computer.

RPC Over HTTP RPC Over HTTP Proxy is a proxy that is used by objects that receive remote
Proxy procedure calls (RPC) over HTTP. This proxy allows clients to discover these
objects even if the objects are moved between servers or if they exist in
discrete areas of the network, usually for security reasons.

Services for Services for Network File System (NFS) is a protocol that acts as a distributed
Network File file system, allowing a computer to access files over a network as easily as if
System they were on its local disks. This feature is available for installation in
Windows Server 2008 R2 for Itanium-based Systems only; in other versions
of Windows Server 2008 R2, Services for NFS is available as a role service of
the File Services role.

Simple TCP/IP Simple TCP/IP Services supports the following TCP/IP services: Character
Services Generator, Daytime, Discard, Echo, and Quote of the Day. Simple TCP/IP
Services is provided for backward compatibility and should not be installed
 unless it is required.

SMTP Server Simple Mail Transfer Protocol (SMTP) Server supports the transfer of e-mail
messages between e-mail systems.

SNMP Services Simple Network Management Protocol (SNMP) is the Internet standard
protocol for exchanging management information between management
console applications—such as HP Openview, Novell NMS, IBM NetView, or
Sun Net Manager—and managed entities. Managed entities can include hosts,
routers, bridges, and hubs.

Storage Manager Storage Manager for Storage Area Networks (SANs) helps you create and
for SANs manage logical unit numbers (LUNs) on Fibre Channel and iSCSI disk drive
subsystems that support Virtual Disk Service (VDS) in your SAN.

Subsystem for Subsystem for UNIX-based Applications (SUA), together with a package of
UNIX-based support utilities available for download from the Microsoft Web
Applications site (http://go.microsoft.com/fwlink/?LinkID=139521), enables you to run
UNIX-based programs, and compile and run custom UNIX-based applications
in the Windows environment.

Telnet Client Telnet Client uses the Telnet protocol to connect to a remote telnet server and
run applications on that server.

Telnet Server Telnet Server allows remote users, such as those running UNIX-based
operating systems, to perform command-line administration tasks and run
programs by using a telnet client.

Trivial File Trivial File Transfer Protocol (TFTP) Client is used to read files from, or
Transfer Protocol write files to, a remote TFTP server. TFTP is primarily used by embedded
Client devices or systems that retrieve firmware, configuration information, or a
system image during the boot process from a TFTP server.

Windows Windows Biometric Framework (WBF) allows fingerprint devices to be used

Biometric to identify and verify identities, and to log on to Windows. WBF includes sub
Framework features that are required to let you use fingerprint devices.

Windows Internal Windows Internal Database is a relational data store that can be used only by
Database Windows roles and features, such as AD RMS, Windows Server Update
Services, and Windows System Resource Manager.

Windows Process Windows Process Activation Service (WAS) generalizes the IIS process
Activation Service model, removing the dependency on HTTP. All the features of IIS that were
previously available only to HTTP applications are now available to
applications hosting Windows Communication Foundation (WCF) services by
 using non-HTTP protocols. IIS 7.5 also uses WAS for message-based
activation over HTTP.

Windows Server Windows Server Backup Features allow you to back up and recover your
Backup Features operating system, applications, and data. You can schedule backups to run
one time each day or more frequently, and can protect the complete server or
specific volumes.

Windows Server Windows Server Migration Tools lets an administrator migrate some server
Migration Tools roles, features, operating system settings, shares, and other data from
computers that are running certain editions of Windows Server 2003,
Windows Server 2008, or Windows Server 2008 R2 to computers that are
running Windows Server 2008 R2. For more information about Windows
Server Migration Tools and migrating roles, features, or other data to
Windows Server 2008 R2, see the Windows Server Migration
Portal (http://go.microsoft.com/fwlink/?LinkID=128554).

Windows System Windows System Resource Manager (WSRM) is a Windows Server operating
Resource Manager system administrative tool that can control how CPU and memory resources
are allocated. Managing resource allocation improves system performance
and lowers the risk that applications, services, or processes will interfere with
one another to reduce server efficiency and system response.

WinRM IIS Windows Remote Management (WinRM) IIS Extension enables a server to
Extension receive a management request from a client computer by using the WS-
Management protocol. WinRM is the Microsoft implementation of the WS-
Management protocol. This helps secure communication between local and
remote computers by using Web-based services.

Windows Internet Windows Internet Name Service (WINS) Server provides a distributed
Name Service database for registering and querying dynamic mappings of NetBIOS names
Server for computers and groups used on the network. WINS maps NetBIOS names
to IP addresses and solves the problems arising from NetBIOS name
resolution in routed environments.

Windows Internal Windows Internal Database is a relational data store that can be used only by
Database Windows roles and features, such as Active Directory Rights Management
Services (AD RMS), Windows Server Update Services, and Windows System
Resource Manager.

Windows Windows PowerShell ISE is a graphical host application for Windows

PowerShell PowerShell. Windows PowerShell ISE lets you run commands, and write,
Integrated edit, run, test, and debug scripts in an environment that displays syntax in
Scripting colors and that supports Unicode.
Environment (ISE)
 Windows TIFF Windows Tagged Image File Format (TIFF) iFilter uses optical character
iFilter recognition (OCR) software to enable users to search for TIFF documents
based on textual content in the images.

Wireless LAN Wireless LAN (WLAN) Service configures and starts the WLAN AutoConfig
Service service, regardless of whether the computer has any wireless adapters. WLAN
AutoConfig enumerates wireless adapters, and manages both wireless
connections and the wireless profiles that contain the settings required to
configure a wireless client to connect to a wireless network.

XPS Viewer An XML Paper Specification (XPS) document is a document format that you
can use to view, save, share, digitally sign, and protect your document’s
content. You can use XPS viewer to view, search, set permissions for, and
digitally sign XPS documents.

Open the Add Features Wizard in one of the following two ways.
To start the Add Features Wizard

 In the Features Summary area of the Server Manager main window, click Add Features.
-- or --
In the Customize this server area of the Initial Configuration Tasks window, click Add Features.

C) Enabling Remote Desktop

The Enable Remote Desktop command in the Initial Configuration Tasks window opens the System
Propertiesdialog box and displays the Remote tab.
Remote Desktop allows other users on a network to connect to the computer by providing the computer's
name or IP address, and typically, logon credentials. Connected users see the remote computer's desktop
and can use its installed programs as if they are working on a local computer.
D) Configuring the Windows Firewall
The Configure Windows Firewall command in the Initial Configuration Tasks window opens
the Windows Firewalldialog box.
In Windows Server 2008 R2, Windows Firewall is turned on by default. By default, roles, role services,
and features are installed with appropriate Windows Firewall settings. You only have to configure
specific Windows Firewall settings for roles, role services, and features installed on the computer if
specific conditions in your enterprise require modifications to default settings.
To change Windows Firewall settings, you must be a member of the Administrators group on the local
computer.