EricHarlan

Hard CORE AD Core setup for SharePoint

Hard Core – Core Sever AD and SharePoint

When I initially underwent the ordeal to create my virtual environment I had to abide by a few restrictions.

The first restriction was that I joined Microsoft 3 months before they rolled out new 16 gig ram laptops, so I was stuck with 8 gigs for a while anyway. The second restriction was that I keep all of my lab environments on two 128 gig SSD drives. So doing the math, with a simple farm of 1 AD box, 1 WFE, and 1 SQL server all virtualized using Hyper-V that 128 gigs of storage gets eaten up very very quickly.

So the best solution to this issue is trying to run as many of the servers in your farm in “Core” mode. Core mode is essentially a cut down lean mean serving machine. There is no fat on this server at all. There’s no UI, there’s not start button and almost nothing clickable. Your first introduction into the world of CORE is booting up the machine for the first time and being presented with the taunting and somewhat seductive blinking cursor of a command prompt. That’s it.

So where do you go from here?

I decided in this particular farm (like I said I have a few) to run the domain controller or AD server in core mode and then have just a single server farm instance. So a total of 2 virtual servers, I have the AD server running at a breath taking 128 MEGS of ram….yes MEGS and only taking up slightly less than 4 gigs of actual disk space. Those numbers alone compared to the WFE with a full server 2008 R2 instance, patched and running SharePoint as well as Active Directory services (so I can administer my AD accounts) is running on 6 gigs of ram and taking up almost 14 gigs of storage. So you can see the value of keeping things as lean as possible and the rewards for doing so.

Ok enough chatter, how’d you do it. This is nothing new folks in fact Microsoft’s PFE Bob Fox writes about it in his article here http://www.spfoxhole.com/blog/Lists/Posts/Post.aspx?ID=2 . Bob provisioned his AD box the down and dirty in the trenches way. (pun intended..SP..Foxhole..get it?)

In a brief sentence he mentions the ability to use a tool called “CoreConfig” http://coreconfig.codeplex.com/ . This thing is freaking sweet. For folks that want to have a smoother transition into the CORE world and need to provision their AD environment but don’t want to build out answer files and such, this is a GREAT alternative. We’re going to use a combination of CoreConfig and all of the tools out of the box in Server Core to provision our box.

So maybe you’ve never done this before and you want to understand the networking side of things, the command line and PowerShell side of the house then the eventual install of SharePoint. Well here we go hold on to your hats; this is going to be a long one.

Just one last note, I need to make some assumptions first.
1) You need to have all the software to do this: Server 2008 R2 ISO (has the option for core or enterprise built in)SharePoint 2010 ISO All the licensing Keys associated to run them.
2) A host machine already built running server 2008+ with Hyper-V enabled
3) You’ve downloaded the “CoreConfig” package from http://coreconfig.codeplex.com/
4) A little bit of networking understanding and a little bit of SharePoint understanding.
5) Unless I specifically say “use quotes” don’t type any quotes in any commands I say
6) To send “Cntrl + Alt + Delete” to a virtual machine hit “ Cntrl + Alt + End “. Seems silly for the vets but if this is your first hyper v image, you’ll need that piece of information a lot.
7) If at any time you lose your command line window, you can either restart or hit “Cntrl-Alt-End” then click Start task manager, under the “Applications Tab” right click and hit “New Task (RUN)” then type “CMD” and hit enter.

Installing Core AD The very first step is to setup a new virtual private network. Think of this as a closed network where all the servers you’re working with in SharePoint are hooked up to the same router for example.

– Open up Hyper V and click on “Virtual Network Manager”
– Name the network something very specific that makes sense when you look at it.
– Select “Private virtual machine network”
– Hit Apply/Ok


Now in Hyper V on the right side you’ll see “Add new Virtual Machine”. Click this, as you will be starting to build your AD Core server.

– Give your server a name
– Give your server a location (always keep this location consistent, nothing worse than virtual’s in different places.
– Hit next

 

 


Next you’ll be giving your machine memory. I personally scale this up as much as I can until I’m fully configured then I scale it back down. Here you see I have it as a little shy of 2 gigs, I ended up going with 6 gigs.

 

 


Now you want to select the Virtual network you setup in step 1. And hit next

 

 


On the next step most of this should be setup for you based on the selections you made in earlier screens. If not, you’ll want to make sure you’re creating a virtual disk at this point and the size of the virtual disk is the size you want. Mine is scaled very high here you’ll need much less than this.

 

 


In installation options, you’ll be selecting your iso file needed to install the actual Operating system.

– Click on “Install and Operating System from a boot cd/dvd-rom”
– Select “Image file (.iso)”
– Browse to your Windows 2008 (R2) ISO file

 

 


Sum it all up and make sure it looks good then hit “Finish”

 

 


Now go back to your Hyper V main window.

– Highlight the server you just created
– Hit the start button at the bottom right (start, starts the server)
– Hit the connect button (connect actually opens it up so you can work with it)


The server will boot up and since you selected a boot image it will use the .ISO you selected to start the OS install process. Go through the process as you normally would, however when you get to the screen where you select which type of OS you want to install you’ll want to choose “Windows Server 2008 R2 Enterprise (Server Core Installation)”


Once that all installs and you login to your new machine this is what you get. It’s a shocker for most but don’t let it scare you, we can concur this.


Now we need to change the name of our server to match our Hyper V image and just to make it easier for us later and allow us to map to the machine. As well we need to enable remote management so we can remote into our Core box for AD manipulation later from our SharePoint WFE.

– From the command line type the following “ sconfig “ and hit enter
– The screen will change to blue you’ll want to type the number “ 4 “ and hit enter
– Enable “Allow MMC Remote Management (1)”, “ Allow Server Manager Remote Management (3)” as a minimum and #2 if you would like.
– Hit the number 5 to exit to the main menu then type the number “ 2 “ and hit enter
– Then you’ll type the new name of the server you want. Keep it simple then hit enter.
– You’ll need to restart the machine, got ahead and do so.

The watermark is covering up my server name “ADTEMP”


Now that we have your machine renamed we want to copy some files over to our Core server. Since there is no UI to map servers to and from, we have to map a drive from our host machine. In order to do that we need to go back into our settings for the server we’re working on in Hyper V and change the network adapter to the one that will allow us to talk back to our host machine.

– While the server is running, go to the Hyper V manager and click on your AD core server
– Now right click on that machine and hit “Settings”
– Next click on “Network Adapter” on the left
– On the right hit the drop down to “Local Area Connection – Virtual Network” (This name maybe different than mine in some cases. To test if you have the right one follow the steps in the next section. If you can’t connect, chances are you selected the wrong one.)


Now you want to go to the Host machine, the host machine refers to the actual physical hardware you are on. (not the virtual core machine you’re building)

– Click “Start” then “Run”
– Type in “ \\YourServersName\C$ ”
– You should get prompted for a username/password, or let right in.
– Once you’re in you get a friendly and welcoming site of an explorer window. Take it in now, it’s going to be the last you see of it for a while.
– Copy your “CoreConfig” folder (not zip file, extract that zip file to a folder) to the C drive of the AD core box you just mapped to.


Ok now let’s go and launch Coreconfig. With the command prompt that is up on your AD machine do the following:

– Type in the following with no quotes “ cd c:\ “ then you’ll hit enter
– Now type in “ cd Coreconfig “ (c:\Coreconfig is assuming you copied the files directly to the c drive, if you didn’t change the location you navigate to, to where the files are)
– You should see “ c:\CoreConfig> “ in the cmd prompt you’ll now want to type “ Start_Coreconfig.wsf ”
– You’ll see some things start happening if you navigated to your files correctly. A few more command lines open up then eventually you’ll get your coreconfig interface up. Feel free to poke around, just don’t change anything yet.


While you’re inside of CoreConfig we need to install some server roles.

– Hit the “Computer Settings” button
– Hit the “Add or Remove Roles” button
– Make sure “DHCPServerCore” and “DNS-Server_Core_Role” are selected (AD-PS isn’t needed)
– Hit Apply
– At this point you may also want to take the time to register and update your AD Core box. That’s your call but using CoreConfig makes it easy. Just find the licensing button on the main window.


Now you need to make a decision. You can go down the road of using CoreConfig to DCPromo (create your machine as a domain controller). It does work, however I’ve found I like doing it the old fashioned way so I can control more aspects of the process. In this blog I won’t talk or show how to DCPromo your machine using CoreConfig, however if you want to use it you can just look at the settings I’ll be doing in the next few sections and figure out how to do DCPromo right from Coreconfig.

To continue on, the next thing we have to do is create our machine as a domain controller, give it that domain and start the process that in the end will allow us to join our SharePoint machine to the domain we’ve created for our virtual network.


In this step we’re going to create an AnswerFile that DCPromo will use to provision the new domain.

– In an above step I walked you through changing the network your Core machine is running under, go back to that section and change the network back to the original one that you created.
– In your command line type “ notepad.exe “ This will bring up notepad. Notpad ends up being a good way to navigate the file system, so keep that in mind.
– In your notepad file is where you’ll create your answer file type the below
– Once you’re done save the file in the C drive as “answerfile.txt”

 

 

[DCINSTALL] InstallDNS=yes
NewDomain=forest
UserName=administrator
NewDomainDNSName=Contoso.com
DomainNetBiosName=Contoso
SiteName=Default-First-Site-Name
ReplicaOrNewDomain=Domain
ForestLevel=3
DomainLevel=3
DatabasePath=”c:\NTDS”
LogPath=”c:\NTDS”
RebootOnCompletion=yes
SYSVOLPath=”c:\SYSVOL”
SafeModeAdminPassword=pass@word1

Notes on Answer file
*UserName is whatever user name you need to use
*Domains are whatever you want to name your domain
*SiteName yes leave it the way it is “Default-First-Site-Name”
*SafeModeAdminPassword change to what you want it
*For all the path names leave the “” quotes in there, they are needed in the answerfile
*You can literally copy and paste all this into your answerfile that I’ve provided. If you type it just double check its correctly typed.


Ok we’ve created our answerfile, now we actually have to run DCPromo and use the file.

– In your command prompt type the following (no quotes & there is a space after .exe) “dcpromo.exe /unattended:c:\answerfile.txt”
– Hit enter and watch dcpromo do its thing. If you did it right you should see something to this effect.
– The machine will restart, or ask you to restart when it’s done. If you do it right you’ll see the server come back up but with a domain stuck on to the front of the Administrator login like in the last screen shot in this section.


Ok so we’ve created our domain now we have to setup our server to be DCHP. Ultimately we need to get the “Dhcp” and “DHCPServer” services running. I had just a heck of a time getting the DHCPServer service up and running. Each time I did, I would get an error saying:

“DHCP Server” cannot be started due to the following error: Cannot start service “Dhcpserver on computer’.’

An extremely vague error that doesn’t really help me with anything. So I had to pull in some outside help with this one. Special thanks goes out to Bruno Fonseca for helping me walk through this one and getting me up and running. @BrunosITWorld

If you go to your CoreConfig interface and select “control panel” and then click “services” and find that “dhcpserver” is not running and you cant start it. If that is not the case skip the next part.

In your command prompt window to the following:

– “netsh” and hit enter
– “dhcp” and hit enter
– “add server Contoso.com 192.168.0.50” and hit enter (contoso.com is your domain and the IP address is whatever you want your AD box’s IP address to be. Feel free to use .50 like I did
– After it successfully completes type “exit” and hit enter

Now for the next part. You’ll be in the same command prompt window but you will be out of your netsh “session”. We will be setting the service to auto start on reboot.

-Type “sc config dhcpserver start= auto” and hit enter (make sure you note the space after the = sign, but not before.)

 

Now we will be actually starting the DHCP server service.

– Type “ net start dhcpserver “and hit enter

Next we need to add a scope to the server so go back to your command prompt and do the following:

– “netsh” and hit enter
– “dhcp” and hit enter
– “server” and hit enter
– “192.168.0.50 add scope 192.168.0.0 255.255.255.0 YourScopeName” and hit enter (make sure spell it right unlike what I did)

Now we need to add an IP range to the scope we created.

– You should still be in “netsh dhcp server” if not do the steps above to get there, if you already are…
– “192.168.0.50 scope 192.168.0.0 add iprange 192.168.0.16 192.168.0.20” and hit enter.
*What I’m doing is basically allowing .16-.20 in the IP range to be addable to the scope.
So my servers in my SharePoint farm will be:
Web Front end number one – 192.168.0.16
Web Front end number two – 192.168.0.17

And so on for however many servers are in my farm, obviously you’ll want to allow enough range for however many servers COULD be in your farm in the future.

Now we have to set up the default routers.

– You should still be in “netsh dhcp server” if not do the steps above to get there, if you already are…
– type “192.168.0.50 scope 192.168.0.0 set optionvalue 003 IPADDRESS 192.168.0.50” and hit enter.

Coming into the home stretch, the DNS for DHCP.

– You should still be in “netsh dhcp server” if not do the steps above to get there, if you already are…
– Type “192.168.0.50 scope 192.168.0.0 set optionvalue 006 IPADDRESS 192.168.0.50” and hit enter.

And FINALLY!….. lets activate the scope.

– You should still be in “netsh dhcp server” if not do the steps above to get there, if you already are…

– Type “192.168.0.50 scope 192.168.0.0 set state 1” and hit enter.

 

 


Ok that was a lot and I’m sure your eyes hurt but now but lets go and validate the changes we made worked. Go back to your CoreConfig UI and select “Control Panel” then select “Services” scroll down in that window and make sure that both “Dhcp” and “DHCPServer” are running.

If it is not, you may want to go back and retrace your steps or try restarting. Now you’ll want to go into “Network Settings” at the main window of CoreConfig and validate the screen is showing you basically all the IP address information and subnet information you entered earlier.

– You need to add your primary and secondary DNS ipaddress in this screen as I have done here.


Ok that’s pretty much it, there is a bit of housekeeping that you’ll need to do to make sure that when you install your full GUI based windows server 2008 server to be your first SharePoint server everything goes smoothly.

First thing you really want to do is make sure that you have your AD Core server on the private network you setup earlier. Also, when you do provision your SharePoint server and then after you patch and update it in the open network (same network we used above to map a drive to our AD box) that you set it back to the private network which is the same network that the AD box is already on.

Basically you want all the servers in your farm to be on the same private network while in use.

After you provision the server that SharePoint will live on AND BEFORE you install SharePoint, you’ll want to join the SharePoint server to the domain you just created.

 

If you need a good tutorial on how to install SharePoint, check this out. http://www.ericharlan.com/Moss_SharePoint_2007_Blog/install-sharepoint-2010-and-manually-configure-service-accounts-a179.html

On the new server you created (not the AD Core server)

– Control Panel
– Network Connections
– Right click on your LAN adapter and select properties
– Uncheck Internet Protocol Version 6 (TCP/IPv6)
– Make sure “Obtain IP Address Automatically” is selected. You should be able to set the NIC card to automatically pick up settings in the NIC card and it should give you a .16 address if all other network settings are right.

– On the new server go to “Start” > “Run” and type in “cmd” and press enter
– type in “ping 192.168.0.50” you should get a response back letting you know the server you’re on can see your AD Core server
– After that ping type in “ipconfig” and press enter, you should see an IP address of 192.168.0.16 or one of the IP addresses in the range you set earlier 16-20

If all is well there we need to join your new server to the domain and reap all the rewards of your work

– Go to “Start” > and right click on “Computer” and select “Properties”
– About 2/3 the way down that window you’ll see “Change settings” on the right click that – A new window comes up labeled “System Properties” hit the “Change” button
– Select the radio button next to “Domain” and type in the domain you created in our case “Contoso.com”
– Hit OK and you should a login prompt that comes up and allows you to login to the Domain controller

 


The last thing you need to do is setup your new server so you can remote into your AD Core box to manage Active Directory itself. This way you won’t need to keep logging into the Core machine and try to manipulate Active Directory through command line.

– Go to “Start” > “Administrative Tools” > “Server Manager”
– Click on “Roles” on the left side
– The new window will come up showing the roles installed on the server, on the right side find “Add Roles” and click it
– Hit “Next” past the “before you begin part” > Find “Active Directory Domain Services” and hit the check box for it
– You’ll be told to install any required features for it which you can hit “Add Required Features” and finish out the installation (next, next, next finished)
– Then you’ll be able to go to “Start” > “Administrative Tools” > “Active Directory Users and Computers” – Once this comes up you’ll need to connect to the domain you created, I don’t have the steps off the top of my head, but it should be simple enough on the left side, usually right clicking will give you options to connect to your domain.

THATS IT! As if that wasn’t enough. Remember folks the point of this exercise is to give us a very lean Active directory environment. If storage isn’t an issue for you, or you dont care about having the bloat of the UI, this isn’t for you. If you want to be a lean mean, hard CORE machine. Then go at it. Hopefully I covered everything.

Tagged on:

Leave a Reply

Your email address will not be published.

No seriously, are you human? *