FTPInstall IIS on Server 2008

1. Click Start, point to Administrative Tools and then click Server Manager.

2. In Roles Summary, click Add Roles.

3. Use the Add Roles Wizard to add the Web server role.

Install the FTP service on Windows Server 2008

1. On the Start menu, click Administrative Tools, and then click Server Manager.

2. In the Server Manager Pane, in the Roles Summary section, click Web Server (IIS).

3. In the Web Server (IIS) section, click Add Role Services.

4. Under Role services, select FTP Publishing Service. This will install the FTP service and the

FTP management console.

5. Click Next, and then click Install.

Configure IIS for FTP using Anonymous Auth.

1. Go to IIS 7 Manager. In the Connections pane, click the Sites node in the tree.

2. Right-click the Sites node in the tree and click Add FTP Site, or click Add FTP Site in the

Actions pane.

3. When the Add FTP Site wizard appears:

• Enter "My New FTP Site" in the FTP site name box, then navigate to the "%SystemDrive%\

inetpub\ftproot" folder that you created. Note: If you choose to type in the path to your content

folder, you can use environment variables in your paths.

• Click Next.

4. On the next page of the wizard:

• Choose an IP address for your FTP site from the IP Address drop-down, or choose to accept the

default selection of "All Unassigned." Because you will be accessing this FTP site remotely, you

want to make sure that you do not restrict access to the local server and enter the local loopback

IP address for your computer by typing "127.0.0.1" in the IP Address box.

• You would normally enter the TCP/IP port for the FTP site in the Port box. For this walk-

through, you will choose to accept the default port of 21.

• For this walkthrough, you do not use a host name, so make sure that the Virtual Host box is

blank.

• Make sure that the Certificates drop-down is set to "Not Selected" and that the Allow SSL

option is selected.

• Click Next.

5. On the next page of the wizard:

• Select Anonymous for the Authentication settings.

• For the Authorization settings, choose "Anonymous users" from the Allow access to drop-

down. Select Read for the Permissions option.

• Click Finish.

6. Go to IIS 7 Manager. Click the node for the FTP site that you created. The icons for the entire

FTP features display.

Configure the passive port range for the FTP service

1. Go to IIS 7 Manager. In the Connections pane, click the server-level node in the tree. 2. Double-click the FTP Firewall Support icon in the list of features. 3. Enter a range of values for the Data Channel Port Range. 4. Once you have entered the port range for your FTP service, click Apply in the Actions pane to save your configuration settings.

Configure the external IPv4 Address for a Specific FTP Site 1. Go to IIS 7 Managers. In the Connections pane, click the FTP site that you created earlier in the tree, Double-click the FTP Firewall Support icon in the list of features. 2. Enter the IPv4 address of the external-facing address of your firewall server for the External IP Address of Firewall setting. 3. Once you have entered the external IPv4 address for your firewall server, click Apply in the Actions pane to save your configuration settings.

Open Firewall to FTP Traffic 1. Open a command prompt: click Start, then All Programs, then Accessories, then Command Prompt. 2. To open port 21 on the firewall, type the following syntax then hit enters: • netsh advfirewall firewall add rule name="FTP (non-SSL)" action=allow protocol=TCP dir=in localport=21 3. To enable stateful FTP filtering that will dynamically open ports for data connections, type the following syntax then hit enter: • netsh advfirewall set global StatefulFtp enable

WDSNote: If you already have an Active Directory setup and configured DNS then skip to Step 2 (Setup DHCP). If you have already configured AD, DNS and DHCP then please skip to Step 3 (Add the WDS role).

This guide assumes that you have first of all installed Windows 2008 server on your machine and partitioned it as c: (Operating system) and d: (data), note that you can change the partitions after the installation of Windows 2008 server by using disk management and right clicking on a disk and choosing to shrink or extend. This guide is to help you set things up in a LAB. In Production, you have to plan things according to Technet documentation.

Step 1. Setup and configure active directory

Click on Start and choose Server Manager, scroll down to Roles Summary and choose Add Roles.

When the wizard appears click next.

As WDS needs the folllowing:-Active Directory Domain Services, DHCP, DNS, we will add the following role first:-

Active Directory Domain ServicesWe must install this role first before continuing to add the other roles, so lets select it and click on next.

We will then be informed that installing AD requires us to run dcpromo.exe afterwards to make the server a fully functional domain controller. Click install to continue.

once done we'll get the success screen

click close to continue

Once done the server manager will list our ADDS service with a red X beside it, click on it to run Dcpromo.exe.

This will open up the Roles section of Server manager, and we'll see a summary which says This server is not yet running as a domain controller. Run the Active Directory Domain Services Installation Wizard (dcpromo.exe).

Click on the blue text to continue.

This will start the Active Directory Domain Services Installation Wizard. Click on next to continue.

Next we will get a screen telling us that older versions of Windows (pre Vista Sp1 ....) may have problems with a bunch of things including Windows Deployment Services (for more info read KB942564)

QuotePlatforms impacted by this change include Windows NT 4.0, as well as non-Microsoft SMB "clients" and network-attached storage (NAS) devices that do not support stronger cryptography algorithms. Some operations on clients running versions of Windows earlier than Vista with Service Pack 1 are also impacted, including domain join operations performed by the Active Directory Migration Tool or Windows Deployment Services.

click next to continue

Now we get to choose what type of domain we will setup, and for the purpose of this lab, we will select the second option, Create a new domain in a new forest.

next we are prompted for the fully qualified domain name of the forest root domain (eg: corp.contoso.com)

Note: if you have not already given this server a good computername, then cancel this process and do so now. The computername will be prepended to whatever FQDN you enter, so if you enter corp.contoso.com then the FQDN of this domain controller will be AD1.corp.contoso.com

after clicking next the wizard will check the validity of the fqdn,

next we get to choose the forest functional level, click the drop down menu and select Windows Server 2008 from the three choices (Windows 2000, Windows Server 2003, Windows Server 2008).As this is only a test lab, we are not concerned that we can only add Windows 2008 or later servers to this forest.

Clicking next will give some addtional options, leave them as they are (DNS Server selected) and click on Next again.

if you get a warning about dynamically assigned ip addresses ignore it (choose yes),

you will most likely get another DNS warning if like me you don't have a Windows DNS server in the forest. Click yes to continue.

Next we are asked where to store the AD database, logfiles and sysvol, stay with the defaults and click next.

and we are then prompted to set the Directory Services restore mode administrator account password

finally we get a summary of our actions

click next to get started

after a while you should see the AD wizard complete. Click Finish

you'll be prompted to restart, so please go ahead and click on Restart Now.

Step 2. Add the DHCP role

After completing Step 1, you now should see that Active Directory Domain Services and DNS server are installed (you can verify this in Server Manager, Roles, Roles Summary).

Now that we are in server manager lets click on Add roles again followed by next.

Select DHCP Server and click next.

Review the information about DHCP server...

and if you have more than one network card in your Windows 2008 server, select the one which will be handing out ip's (in my case that is 192.168.3.1), I removed the tick from the other network card listed

next you will need to clarify which DNS server ip address to listen to, I changed it from my second nic's ip address 192.168.3.1, clicking on Validate will verify that it's ok

enter your WINS settings, I went with the default and clicked next,

next we have to input our DHCP server scope options, to do this click on Add

enter your scope settings (mine are listed below)

click ok and your DHCP scope will now be listed

click next and you'll get IPV6 options, I chose to disable this as I'm not using IPv6 yet

Quote

Windows Server® 2008 supports stateless and stateful DHCPv6 server functionality. DHCPv6 stateless mode clients use DHCPv6 to obtain network configuration parameters other than the IPv6 address, such as DNS server addresses. Clients configure an IPv6 address through a non-DHCPv6 based mechanism such as IPv6 address auto-configuration (based on the IPv6 prefixes included in router advertisements), or static IP address configuration.

In DHCPv6 stateful mode, clients acquire both the IPv6 address as well as other network configuration parameters through DHCPv6.

next we are asked about DHCP credentials for the AD DS, I stayed with the default,

and then we will see a summary of our actions and choices for the DHCP server role

clicking on Install will apply these settings and after some time you should hopefully see the following:-

Step 3. Add the WDS role: -

In Server Manager, Highlight and select Windows Deployment Services and click next.

you will get an information screen which has some info including the following:-

Quote

Before you begin, you need to configure Windows Deployment Services by running either the Windows Deployment Services Configuration Wizard or WDSUtil.exe. You will also need to add at least one boot image and one install image in the image store.

Click next and notice the two role services listed, Deployment Server and Transport Server, make sure they are both selected and click next to continue.

view the summary and click install to install the WDS role...

after some copying you should see this

if you check server manager under roles you should now see the WDS role added.

Step 4. Configure the Windows Deployment Services gui (mmc snap in)

Click on Start/All Programs/Administrative tools/Windows Deployment Services.

at this point we can see that WDS is not configured yet, so let's do that now.

right click on the server name in the left pane and choose Configure Server

at the welcome page click next

change the remoteinstall path from the default C:\RemoteInstall to D:\RemoteInstall

I put a checkmark in each of the DHCP options then clicked next

I then chose to respond to all known and unknown computers (by default it's set to Do not respond to any)

Please note, if you want to set this option to only respond to known computers, then you can do so, but you will have to prestage your computers in Active Directory to do so

clicking on Finish applies these settings

when done, you'll be told that the configuration is complete and that you can now add images to the WDS server, click on Finish (again).

Step 5. Adding boot.wim and install.wim

Note: You should use only the boot.wim file from the Windows Server 2008 DVD. If you use the boot.wim file from the Windows Vista DVD, you will not be able to use the full functionality of Windows Deployment Services for example, multicasting. If you have the Windows Vista SP1 dvd, you can safely use that for the boot.wim.

The Windows Deployment Add image wizard will appear, insert your Windows 2008 Server DVD and click Browse, select the sources folder on the Windows 2008 DVD and then click next

you'll be prompted to create a new image group, lets call it ImageGroup1 (the default name, you can change it later to Windows Server 2008 or Windows Vista Sp1 or whatever...).

review your settings and click next when ready

After a long while, the selected images will be added to the WDS server

click finish and review the WDS server as it is now

in the Boot Images pane, you should see Microsoft Windows Longhorn Setup (x86) and this is

the original boot.wim file from the Windows 2008 Server DVD, please note that this is the default description name of the image, you could change it when addint the boot.wim image to something more descriptive as in this example

In the Install Images pane, we can see the six available images from the Windows 2008 Server DVD, these are based upon the install.wim file on the DVD.

you can now PXE boot your client computers to the Windows 2008 WDS server.

troubleshooting note: if you add a new image to WDS and attempt to pxe boot and then install the image but get an error saying something like 'could not display the list of' then make sure you have used BOOT.WIM from a Windows Server 2008 DVD or Windows Vista sp1.