How to rename a domain controller in Windows server 2008/R2

Understanding the concept

There are often scenarios that you need to rename your domain controllers, it can be either a primary domain controller or any of secondary controllers. This can be achieved by either through GUI or command line. However the recommended way to achieve this is through the command line using the command netdom. The netdom command updates the Service Principal Name (SPN) attributes in Active Directory Domain Services (AD DS) for the computer account. This command also registers Domain Name System (DNS) resource records for the new computer name. The SPN value of the computer account must be replicated to all domain controllers in the domain, and the DNS resource records for the new computer name must be distributed to all the authoritative DNS servers for the domain name. If the updates and registrations have not occurred before the removal of the old computer name, some clients might not be able to locate this computer using the new name or the old name. The only problem that may occur is that the corresponding nTFRSMember or msDFSR-Member object is not renamed automatically, but the reference attributes are correctly set so SYSVOL replication is not impacted. The potential problem with not renaming these objects is that if another domain controller is created at a later date with the same NetBIOS name of the old domain controller, then a conflict can occur. In order to avoid this conflict you can refer the MS article and avoid the issue that may occur in future.

Note: If you are renaming any of the secondary domain controllers please make sure that there is no replication issues between the domain controllers else you may face various issues during these steps.

Renaming the domain controller

Now let us consider that I am renaming my primary domain controller and its host name is that 'server-1' which we need to rename to 'server-001' and my domain is 'serverlabs.com'. To summarize the actions that we are going to perform, firstly we will add a secondary host name to the server which i want to rename and promote that secondary name as the primary host name of that server. Once it is done we will delete the old host name. 
1. Open a Command Prompt as an administrator: On the Start menu, right-click Command Prompt, and then click Run as administrator.
2.  type the following command to add the new domain controller name, and then press ENTER: The syntax is netdom computername CurrentComputerName/add:NewComputerName

<netdom computername> Manages the primary and alternate names for a computer.
<CurrentComputerName> The current, or primary, fully qualified DNS name of the computer that you are renaming.
</add:> Specifies that a new alternate DNS name should be added.
<NewComputerName> The new fully qualified DNS name for the computer that you are renaming.

In my case the command become,
netdom computername server-1 /add:server-001.serverlabs.com and press ENTER. Successfully executing the command will add a new domain controller name to your computer.

3. Now the domain controller has got two names. Make that secondary name of the server as its primary name for the domain controller.
netdom computername CurrentComputerName /makeprimary:NewComputerName
i.e, netdom computername server-1 /makeprimary:server-001.serverlabs.com and press ENTER.
Once the command is executed successfully you need to restart the server to make effect the changes. Please restart it and logon again.
4. If you check the domain controller's name you can observe that it's name has changed. Now you need to remove the old domain controller name. Once again open command prompt as administrator and execute the below command.
netdom computername NewComputerName /remove:OldComputerName
And here the command become, netdom computername server-001.serverlabs.com /remove:server-1.serverlabs.com
So that’s it the rename process of your domain controller is completed.
Note: During the execution of any of the command above if you may receive and error 'Element not found'. In that case make sure that you have specified the NewComputerName and OldComputerName as Fully qualified domain name.

Renaming the domain controller using GUI

As described earlier you can achieve the same graphically. Renaming a domain controller in this way may result in Active Directory replication latency, making it more difficult for clients to locate or authenticate the domain controller under its new name so the recommended method to rename the domain controller is using the command netdom. Lets see how to do this,

1. Right click My computer and select properties. Click Change settings and change button from System properties window. Now you will receive the warning message as below and click OK to continue with rename operation.
 
2. Edit the text box under computer name and you have to click OK button to apply the changes. Restart the domain controller to take effect the changes and this completes the process. 

How to configure DHCP superscope in Windows server 2008

Understanding the concept

superscope is an administrative feature of DHCP servers  that you can create and manage for configuring multiple scopes as a single administrative entity or you can say It allows you to add more than one scope (called child scopes, or member scopes) under one umbrella.  With this feature a DHCP server can:
  • Support DHCP clients on a single physical network segment (such as a single Ethernet LAN segment) where multiple logical IP networks are used. When more than one logical IP network is used on each physical subnet or network, such configurations are often called multinets.
  • Support remote DHCP clients located on the far side of DHCP and BOOTP relay agents (where the network on the far side of the relay agent uses multinets).
  • The available address pool for a currently active scope is nearly depleted and more computers need to be added to the physical network segment.
  • Clients need to be migrated to a new scope.
Always feel free to refer the MS article to get more knowledge on this which has described the roles with relevant images and tables.

Let us consider one of the scenario described above. The growth of the your company has surpassed beyond your expectations and obviously this will lead to larger network structure and networking devices. When the company has started as a small business with 100 PCs a few years ago, the 254 IP addresses a Class C subnet offered seemed more than enough for a long time. But now it's a different story. The company growth obviously leads to short of IP addresses and you need to get this resolved immediately. So what are the considerations here? Making another physical LAN(and thus another subnet)but that means you need to buy another router or another DHCP server but does that really required as it will increase the administrative tasks and expenses? Another possibility is changing to another IP address class, may be class B or class A which will provide you with more addresses but again not a very attractive one. This time you'll have to justify purchasing this address range from your ISP and then face the prospect of migrating from the existing address range (scope) to the new one. So here you can consider the creating superscope and over come the difficulties without much administrative headache and expenses.

Configuring superscope

1. Open DHCP console from administrative tools-> DHCP. Expand the server name and right click on IPV4-> New Superscope. 
 
2. Now the welcome windows will appear and click Next to start the configuration.
 3. Specify the name that you would like to assign for super scope and click Next.
4. Now it will automatically detect the presently available scopes in your DHCP server and you need to select the scope that you would make under superscope. Here I have two scopes and I want to set super scope only for one scope. Select the scope which you want and click Next.
 
5. Click Finish to create the superscope and once it is created you will notice that particular scope will be listed under the super scope that we defined.
That completes the super scope configuration on server. You can either create new scope under the new super scope by selecting the newly created super scope and select New scope. This will get you through the creation of new scopes in DHCP and completion of the same will result in adding the new scope under Super scope. Let me notify you once more thing. Once the super set is configured as above then we can say the network is multinets as described earlier.

If you wish to add any of the existing scopes to super scope, just right click the scope and you will have the option Add to super scope. Select the super scope name that you would like to add and click OKNow you will notice that the scope is listed undersuper scope that you selected.

The same way can be followed to remove a scope from Superscope. From the superscope select the scope that you would like to remove from super scope and you will have the option Remove from Superscope. Confirm the same by selecting Yes and the scope will be removed from superscope.
So that’s it the configuration of superscope and feel free to post your queries.

How to install and configuring windows deployment services

Understanding the concept

Windows deployment service(WDS) is the later and advanced version of remote installation service (RIS) which is introduced in Windows server 2008 onwards. This service allows  PXE BIOS enabled computers to remotely execute boot environment variables and install the various windows operating system. The main advantage of using WDS is, it reduces the complexity and cost when compared to manual installations. There are some prerequisites installation and configuration of WDS and that are listed below,
1. A Windows Deployment Services server must be either a member of an AD DS domain or a domain controller for an AD DS domain OR it can be on a standalone server.
2. You must have a working DHCP server with an active scope on the network because Windows Deployment Services uses PXE, which relies on DHCP for IP addressing.
3. The server running Windows Deployment Services requires an NTFS file system volume for the image store.
4. You must have a working DNS server on the network before you can run Windows Deployment Services.

Let us consider the scenario that when you are preparing a data center or an organization for first time, it is really necessary to have multiple computers with necessary operating system. It's a headache for administrators to get it done manually on each computer and WDS will help you to get it done automatically.

Installation and configuration

1. It’s a server role and you can  get it installed from server manager. Open Server manager and click on Add roles.
2. Click Next if you are presented with Before you begin window. Tick the check box against Windows deployment service on the window select server roles. 

3. Click Next on Over view of Windows deplyoment service. 

4. Now you have two options to select Transport Server and Deployment Server. Deployment Server enables the end-to-end Windows Deployment Services deploTrayment solution. nsport Server is a platform that you can use to create a custom multicast deployment solution. If you would like to know more about these services you can look at the MS article http://technet.microsoft.com/en-in/library/cc725964(v=ws.10).aspx . I would suggest to select both the option and click Next to continue.

5. Click Install on confirm installation selections window and wait for it to complete. Once completed, close the window. 

6. So this completes the installation of WDS roles. Now you need to configure the server and the below steps will help you. From start menu Administrative tools->Windows deployment service. Expand servers and right click on your server->Configure Server. 

7. We have already discussed in the prerequisites of WDS and next windows repeat the same. Simply click Next to if you have already met these. 

8. Now you need to specify where you want to save the configuration files that includes boot image, install image and network drivers which is called as remote installation folder. By default remote installation folder will be pointing to windows system drive(C:\)but it is not recommended to install remote installation folder on this drive. So I am changing the folder to H drive ,create a new folder named as 'Remoteinstall' and browse the location over here and click Next.
You can keep the default location as well but make sure to click YES on the System volume warning to continue. The problem that you may face in this case is that whenever the number of boot image, Install image and network drivers are increasing the free space on system volume will reduce and this can cause performance issues. 

9. You need to specify the PXE server initial settings. This defines the response of PXE server when a client is requesting for an image. The three options are as below,
Do not respond to any client computers- This defines WDS servers to do not respond to any clients and you cannot get any of the WDS operations as active.
Respond only to known clients computers- WDS will respond only to the clients that are known. We will define the clients as known or unknown based on its entry in active directory. You can authorize a client computer as known based on the clients MAC address or GUID and this process is known as Prestaging . I believe this link will help you to http://www.windows-noob.com/forums/index.php?/topic/506-how-can-i-prestage-a-computer-for-wds/ get it done.
Respond to all client computers(known and unknown)- WDS will respond to all clients which are requesting for PXE bot. For additional security you can tick the check box below to that. I am going got this option as it is easy to manage. Click Next, 

10. Now the configuration process will start and wait for it to complete. Click Finish on operation complete window. Untick the default option Add images to the server now and cli ckFinish. 
  
So the above steps completes basic configuration of WDS server. Now you need to specify the boot image and install Image.
Boot images- Boot images are Windows PE images that you boot a client computer into to perform an operating system installation. A boot image will contain the complete contents and structure of a Computer storage media.
Install images- Install images are the operating system images that you deploy to the client computer. From operating system Windows Vista onwards we have the pre-packed within product CD. For earlier versions of windows you must create a custom install image. If you need to do this you can follow the MS link which is pretty simple, http://technet.microsoft.com/en-in/library/dd637993(v=ws.10).aspx

To add the install image

1. Open windows deployment service and expand your server name. Right click the section Add install image. 

2. You can specify the install image group as required. Since I am creating the install image for first time select an existing image group will be disabled. Specify an install image group and click Next. 

3. The install image(install.wim) will be available inside the source folder of operating system CD. Browse the file and click Next. 

4. My install image contains multiple images inside it. Clear the check boxes for the images that you do not want to add to the server. You should add only the images for which you have licenses. Since I have the license only for Standard edition I have selected only standard and this option can be up to you based on the license that you have. Please note that the available image will be depending on your product CD. Click Next, 

5. Review the details on the summary window and click Next to continue with the configuration. Else press Back to change any of your previous selection. 

6. This will start the configuration. When it finishes click Finish to close the window. 

7. Once you click Finish you can see the install images are added into WDS console. This completes the steps for adding install image and below steps will help you to add the boot image.


 Adding the boot image

1. From windows deployment service console right click Boot images and select Add boot image. 


2. Browse and locate the boot.wmi file from the product CD and click Next. 

3. Based on the boot.wmi details the image name and image description will be named automatically. You can either keep the same or edit these details, Click Next. 

4. Select the image on summary page and click Next and Finish when it completes. 


5. You can see the boot image is added on WDS. 
This completes the configuration of windows deployment service server configuration. Now reboot the client and make sure that you are pressing F12 to boot the hardware into PXE. 

If you have failed to press F12 the operation will fail with the below error.
Restart the computer once again and press F12 whenever it required

How to install and configure remote desktop server(terminal server) in windows server 2008 part 2

I believe the part 1 has helped you to understand more about the remote desktop installation. Now let us see more about the detailed configuration of RDS.

1. Remote desktop web access configuration

This is the user interface that the client will interact with. In order to access this at first time you can Start->Administrative tools->Remote desktop services-> Remote desktop web access configuration. It will open the web page and when you login as an administrator user, there are three tabs to look at namely RemoteApp programes, Remote desktop and configuration.
RemoteApp programes- Here is where the users can see and access their virtualized applications. These applications are defined by RDS administrators.
Remote desktop- When you are accessing the remote desktop service from outside your network, you may need to get the services other than the virtual application. In this case you can remote into other computers that are allowed though RDS and its data based on the Remote desktop resource authorization policy(RD RAP).
Configuration- Use these settings to specify the source that provides the RemoteApp programs and desktops that are displayed to users through RemoteApp and Desktop Connection. Users can access RemoteApp and Desktop Connection through the Start menu on a computer that is running Windows 7 or through the RD Web Access Web site. Note that this can be edited only by administrator users. 

2. RemoteApp manager
You can Open it from Start->Administrative tools->Remote desktop services-> Remote desktop web access configuration. Initial stages of this will have some warning and error messages as below and this is because we have not defined some settings and below steps will help you to overcome those.

2.1. Consider the Digital signature settings, This warning message is because the SSL certificate is not defined and it can be achieved by clicking Change-> Tick the check box Sign with digital certificate-> Under digital certificate details click Change. It will automatically list out the certificate that are installed on your server's certificate, select the desired one and press OK. Once done click Apply->OK.

2.2. Distribution with RD web access- The warning message is because the TS web access computer list is empty. You can add the computers that are going to access the applications remotely. If you have installed remote desktop service in an active directory server you should add the computer group in Active directory users and computers. Open active directory users and computers-> From the container Users and double click on TS web access computers->Members->Click on Add button and specify the computers that are going to access remote desktop services. Click Apply->OK(If remote desktop service(RDS) is installed on a member server you need to add the computer details on the Local users and groups). Now get back to the screen of remoteapp manager and click refresh. Now you can see this warning message also resolved.
2.3. You can see the error The remoteapp program list is empty, this is because you have not specified any of the application for terminal server users. On the same window Remoteapp manager, at the bottom right click on the space Remoteapp program and select Add remoteapp program. Click Next on welcome screen,
  
Select the applications that are required to allow for users remotely and click Next.
  
Review the programs list that are shared and click Finish
  
So here we completed the configuration of remoteapp manager and the window will be as below,