Tuesday, 24 September 2013

Step-by-Step Guide to Adding and Managing Additional Servers in a Windows Small Business Server Network?

The Microsoft® Windows® Small Business Server 2003 server software (Windows SBS) is designed to be the core of the IT solution for a small business. Windows SBS provides the basics for any company that has up to 75 users or devices and that is looking to build a solid infrastructure at an affordable cost. But the server that is running Windows SBS does not have to be the only server in a network. You can add other servers to the network, and Windows SBS can manage them. This paper describes how to add additional servers to your Windows SBS network and how to manage them after they are installed.

Before You Begin

  • To complete the steps in this document, you must have a general knowledge of how to install, configure, and update Windows SBS and the Microsoft Windows Server™ 2003 operating system for use on a network.
  • You cannot join a server that is running the Microsoft Windows NT® Server 4.0 operating system to a Windows SBS domain because Windows°NT Server°4.0 does not support the Active Directory® directory service. Instead, you must either migrate the server to the Windows® 2000 Server operating system or back up your application data and restore it on a new installation of Windows Server 2003.
  • It is possible to install Windows SBS into an existing Active Directory domain, but this is not recommended unless you are experienced with installing and configuring Active Directory. If you need to perform this procedure, see the article "How to install Small Business Server 2003 in an existing Active Directory domain" at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkID=58906) for more information.
  • This document does not cover adding an additional domain controller to your Windows SBS network. You can always add additional domain controllers to your Windows SBS network, especially if you have remote offices or require redundant Active Directory services on your local network.

Process Steps to Add a Server to the Network

To add a server to your Windows SBS network, complete the following steps:
  1. Determine your server's IP addressing method. You should determine whether to use static or dynamic IP addresses for servers on your network. It is easier for Windows SBS to manage your network using dynamic addressing, but you can use either type on your network.
  2. Verify the hardware requirements. Ensure that your new server has sufficient hardware and capacity to perform the tasks and to run the software that you need on your network.
  3. Verify that your software is up-to-date. Download and install the latest drivers, service packs, and hotfixes for all of your hardware and software.
  4. Add a server to the Windows SBS network. Use the Windows SBS wizards to quickly and easily add the new server to your Windows SBS network.

Step 1: Determine Your Server's IP Addressing Method

Small networks, such as those in home offices, might already have routers and firewalls that provide IP addresses and routing information to computers on the network. This consumer solution is ideal for home networks, but for businesses that have more sophisticated IT needs, these entry-level devices are not sufficient.
Windows SBS is designed to be the core of a small-business network, and for good reason. When it manages DHCP, DNS, and Active Directory, it makes system and network administration easier for all users, no matter whether they are casual or sophisticated users. After you add Windows SBS to a network, it uses the information provided by DHCP, DNS, and Active Directory to maintain a record of which users, computers, and services are on the network. This information is not provided by the type of DHCP server you find in entry-level routers or firewalls. Because Windows SBS provides a powerful, integrated solution, it is strongly recommended that you disable the DHCP functions on other devices and let Windows SBS provide DHCP services.
ImportantImportant
Do not disable the existing DHCP server on your router or firewall device until you are prompted to by the Configure E-mail and Internet Connection Wizard. This allows the wizard to determine the range of IP addresses that are already in use on your network.
If another device provides DHCP services on your network, you need to configure DHCP scopes for computers and devices that use DHCP addressing. You also need to configure exclusion lists or reservations for servers, gateways, routers, and other devices such as printers that require static IP addresses. By convention, the xxx.xxx.xxx.1 address is assigned to the router's local interface, and it is excluded from a DHCP address scope. Exclude the Windows SBS local network adapter's address from the scope as well.
noteNote
For more information about working with DHCP and configuring DHCP scopes and exclusions, open the Help and Support Center and search for "Network Configuration Settings: Getting Started."
For the purpose of setting up an additional server on your network, decide whether the additional server should use dynamic or static IP addresses, and use the same configuration for all other servers that you add to the network. It is strongly recommended that you use static IP addressing for all of the servers on your network, especially if any of the client computers are running operating systems other than Windows. This provides a known, stable environment for any services that are provided to client computers on the network.

Step 2: Verify the Hardware Requirements

Your hardware should be able to do all of the following:
  • Run Windows Server. Make sure the hardware for your additional server can run Windows Server. Your hardware should surpass the recommended system requirements and should be listed in the Windows Server Catalog at the Microsoft Web site(http://go.microsoft.com/fwlink/?LinkId=58908).
  • Perform specific roles. File and print servers have different requirements for CPU, RAM, disk space, disk performance, network throughput, and fault tolerance than do terminal servers or application servers. Make sure your new server has appropriate hardware to support the server roles that you want to run on it.
  • Run your applications. If you have specific line-of-business applications that you want to run on the new server, check the application's Web site for both minimum and recommended hardware requirements. You can also check message boards to get additional information from other users.

Step 3: Verify that Your Software is Up-to-Date

The next step is to ensure that your server's firmware and device drivers are up-to-date. Check for updates to your BIOS, SCSI drivers, network adapter, and tape backup or external hard drive. Download any updates and device drivers for your hardware.
Also, download service packs and hotfixes for Windows 2000 Server or for Windows Server 2003. You can't always depend on an Internet connection being available when you first install an operating system; before you start a new installation, have the operating-system updates available.
Lastly, make sure you download the service packs or patches for all of your server applications, including anti-virus software, line-of-business software and any third-party administration tools. As with the hardware, check message boards to find out if there are specific recommendations from other users about the updates.
noteNote
Best practice. Create a CD that has all of the latest hardware, firmware, and software updates for each server. This makes it easy to locate the proper updates for each server without having to guess at what hardware is installed. Create a new CD every six months as part of your ongoing network maintenance.

Step 4: Add a Server to the Windows SBS Network

Add a server to the Windows SBS network by completing the following tasks:
  1. Set up the additional server in Windows SBS.
  2. Configure the operating system on the additional server.
  3. Run the Connect Computer Wizard.
  4. Synchronize the new server's time clock with Windows SBS.
  5. Configure the server's roles (optional).
  6. Install additional software (optional).
When you finish these steps, you have an additional server that is ready to use on the network.

Set Up the Additional Server in Windows SBS

The Windows SBS network must be set up with your new server's name in Active Directory. When you run the Set Up Server Wizard, it makes the necessary changes to Windows SBS.
CautionCaution
When you add a server name to Windows SBS, you should use all lowercase letters for the server name. Otherwise, you might encounter some name and addressing issues when you are setting up the server. For more information about uppercase letters in server names, see the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkID=59778).
To set up an additional server in Windows SBS
  1. Open the Server Management console. To do so, click Start, and then click Server Management.
  2. In the console tree, click Server Computers.
  3. In the details pane, click Set Up Server Computers.
  4. When the Set Up Server Wizard begins, click Next.
  5. Type the server name in the Server Name text box. The server name must follow standard naming conventions: no more than 15 alphanumeric characters and no spaces or other reserved characters. Create a name that other users can recognize. For example, acctsrv is a great name for a server that is running your accounting software.
  6. Click Next.
  7. In the IP Address Configuration dialog box, select the method that the new server uses to obtain IP addresses. If you select Use the following Static IP address, make sure your address is excluded from the DHCP scope that is used on your network.
  8. Click Next.
  9. Review the Completing the Set Up Server Wizard page. It contains a summary of the configuration of your new server, including a link to the Connect Computer Wizard on the Windows SBS Web site. To print, save, or e-mail the configuration details, click the link at the bottom of the page.
  10. After you have recorded the information about the new server, click Finish.

Configure the operating system on the additional server

After you have added the name of the additional server to Windows SBS, there are two ways to set up the additional server for the Windows SBS network, depending on how you arrived at the configuration for your new server.
noteNote
You cannot run Windows NT Server 4.0 on a member server unless you first upgrade to Windows 2000 Server. You can then upgrade from Windows 2000 Server to Windows Server 2003, if you choose to.
If you perform a clean installation of Windows Server 2003, you need to make four configuration changes during the Setup process:
  • Configure licensing. You must do this so that Windows SBS client-access licenses (CALs) can be used to access the new server. Windows SBS CALs allow users to access any additional Windows–based servers on your network. Other applications must be licensed separately, such as line-of-business applications or anti-virus software.
  • Configure the additional server computer name. You must use the name that you added to Windows SBS.
  • Configure the IP addressing method. Set up Windows Server 2003 to use the correct addressing method.
  • Connect to a workgroup. This is an intermediate step, until you join the server to the Windows SBS domain in a later task.
CautionCaution
If your new server has multiple network adapters and you are using static IP addresses, disable any adapters that are not connected to the network, otherwise your server might receive a dynamic IP address. For more information, see KB article 887307 "A new server that you connect to your domain does not receive the static IP address that you assigned in Windows Small Business Server 2003" at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkID=59779).
To configure the operating system on the additional server
  1. Begin the setup process for Windows Server 2003 on the additional server.
  2. On the Licensing Modes page, select Per Device or Per User, and then click Next. This mode is used whether your Windows SBS CALs are per device or per user. The number of licenses must equal the total number of Windows SBS CALs on the server running Windows SBS.
  3. On the Computer Name and Administrator Password page, type the name of the additional server in Computer name. You must use the same name that you added to the Manage Server Computers dialog in Windows SBS. Click Next.
  4. Continue with the setup process. On the Network Settings page, if you want the additional server to use DHCP with Windows SBS or with another DHCP server, click Typical Settings. If you want to use a static IP address, click Custom Settings. Click Next.
  5. If you chose Custom Settings, the Networking Components page appears. Click Internet Protocol (TCP/IP), and then click Properties. On the General tab, type the static IP information for the adapter. If you use static IP addresses on your servers, the gateway address is the address for either your router or for your Windows SBS local adapter. The DNS server is the Windows SBS local adapter. Click OK.
  6. On the Workgroup or Computer Domain page, click Workgroup. The Windows SBS Connect Computer Wizard joins your additional server to the domain, makes the necessary changes to Active Directory on both computers, and ensures that the additional server is properly configured for the network.
  7. Continue with the rest of the setup process.
  8. Once the setup process is complete, log on to the additional server as Administrator. You can then install new device drivers, service packs, and hotfixes.
You can also reconfigure an existing Windows Server 2003 installation to join a Windows SBS network. You must make the same changes to your existing server as you make for a clean installation, but you make all of changes through Control Panel. You do not need to run the setup process again.
To reconfigure an existing Windows Server 2003 installation
  1. Log on to your existing server using an account that has local administrator rights.
  2. Open Control Panel. To do this, click Start, and then click Control Panel.
  3. To change the licensing mode, click Licensing. Make sure Windows Server is selected in the Product drop-down list. Click Per Device or Per User, and then click OK. This mode is used whether your Windows SBS CALs are per device or per user. The number of licenses must equal the total number of Windows SBS CALs on the server that is running Windows SBS.
  4. To change the computer name, click System, click the Computer Name tab, and then click Change. Type the new name of the server in Computer name. You must use the same name that you added to Manage Server Computers in Windows SBS.
  5. To join a workgroup, in the Member of section, click Workgroup. Type a new workgroup name (such as WORKGROUP), and then click OK.
  6. To change the network settings, click Network Connections, right-click the name of your connection (usually Local Area Connection), and then click Properties.
  7. Click Internet Protocol (TCP/IP), making sure the checkbox is selected, and then click Properties.
  8. If you want the server to use DHCP, click Obtain an IP address automatically. If instead you want the server to use a static IP address, click Use the following IP address. If you use static IP addresses on your servers, the gateway address is the address of either your router or your Windows SBS local adapter. The DNS server address must be that of the Windows SBS local adapter. Do not point your DNS address at an external DNS server, because this prevents your names from resolving. Click OK twice.
  9. You might need to reboot the server for your changes to take effect.

Run the Connect Computer Wizard

After you install the operating system on your additional server, you can join it to the Windows SBS domain by running the Connect Computer Wizard.
To run the Connect Computer Wizard
  1. On your additional server, open Internet Explorer.
  2. Click Tools, click Internet Options, and then click the Security tab.
  3. Click Trusted Sites, click Sites, and then in Add this Web site to the zone, type http://SBSServerName, where SBSServerName is the name of your server that is running Windows SBS. Click Add.
  4. Make sure that the Require Server Verification (https:) for all sites in this zone check box is clear, and then click Close.
  5. Click OK.
  6. In the address bar for Internet Explorer, type http://SBSServerName/ConnectComputer, where SBSServerName is the name of your server that is running Windows SBS. Press Enter.
  7. Click Connect to the network now. Your server might need to be restarted.
When the configuration is complete, your new server is a member of the Windows SBS domain.

Synchronize the new server's time clock with Windows SBS

In order to synchronize your new server's time clock with Windows SBS, the new server uses the Windows Time Service (WTS). WTS in turn uses Network Time Service (NTS) to connect across the Internet to other synchronized time servers. The correct time data is retrieved and then used to set the new server's internal clock. When this is finished, your new server's internal clock is typically accurate to within a tenth of a second.
In theory, the root domain controller acts as the authoritative time server for a domain, and other computers, including servers, look to the authoritative server for synchronization. In practice, the service sometimes doesn't synchronize when scheduled, such as when an Internet connection is unavailable or a server is offline for maintenance. In those situations, it helps to have a backup plan for synchronizing with your server that is running Windows SBS. This helps ensures that computer communications, especially Active Directory data replication, function smoothly.
noteNote
By default, Windows SBS receives its time clock information from time.microsoft.com. You can find a list of other time servers that are available on the Internet at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=60499).
In order to synchronize your servers, you must perform these tasks:
  1. Configure Windows SBS to synchronize with an Internet time clock.
  2. Restart the time service in Windows SBS.
  3. Edit the logon script for Windows SBS.
CautionCaution
Do not configure Windows SBS to use the server's internal clock as the synchronization source. This generates numerous error messages in the event log and it causes the time service to fail.
To configure Windows SBS to synchronize with an Internet time clock
  1. Click StartRun, type gpedit.msc, and then click OK.
  2. In the tree pane, click Computer ConfigurationAdministrative TemplatesSystem, and then Windows Time Service.
  3. In the details pane, double-click Global Configuration Settings. Click Enabled, and then click OK.
  4. In the details pane, double-click Time Providers,. double-click Enable Windows NTP Client, click Enabled, and then click OK.
  5. Double-click Configure Windows NTP Client, and then click Enabled. In the NtpServer text box, type the IP address or fully-qualified domain name of the Internet time provider you want to use. You must append ,0x1 without any spaces to the end of the time provider, otherwise the time service fails (example: time.windows.com,0x1).
  6. Ensure the Type drop-down list is set to NT5DS.
  7. Click OK.
  8. Double-click Enable Windows NTP Server, click Enabled, and then click OK. Close Group Policy Object Editor.
Once the external time resource is configured, you must restart the Windows Time Service.
To restart the Windows Time Service
  1. Click Start, click Run, type services.msc, and then click OK.
  2. In the details pane, click Windows Time. In the toolbar, click the Restart Service button.
  3. Double-click Windows Time. Verify that the startup type is set to Automatic. Click OK.
When Windows SBS is configured as the authoritative time source for your network, other servers and clients use the Windows Time Service to synchronize their internal clocks. If you want to ensure that your servers and client computers synchronize with Windows SBS, you must edit the logon script for Windows SBS.
To edit the logon script for Windows SBS
  1. Open Windows Explorer on your server that is running Windows SBS. To do this, click Start, and then click Windows Explorer.
  2. Browse to %SystemRoot%\SYSVOL\sysvol\%DomainName%\scripts, where %SystemRoot% is your installation directory for Windows SBS and %DomainName% is the NetBIOS domain name for your Windows SBS network.
  3. Right-click SBS_LOGIN_SCRIPT.bat, and then click Edit.
  4. At the end of the file, type net time \\SBSServerName /set /y, where SBSServerName is the NetBIOS name of your server that is running Windows SBS. Be sure to include the spaces where the example indicates.
  5. Save your changes to the batch file.
When users log on to the domain, the logon script runs and synchronizes the time with Windows SBS.
For more information about configuring the Windows Time Service, see "How to configure an authoritative time server in Windows Server 2003" at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkID=60402).

Configure the Server's Roles (optional)

You can configure Windows Server 2003 to support particular server roles, where the operating system is optimized for the type of services that the server provides to the network. Windows Server also creates specific access control lists and applies them to the server. These lists help to prevent unauthorized access and to limit potentially harmful events from affecting end users.
The roles are typical Windows Server networking functions, such as domain controllers, terminal servers, or application servers. There are no specific roles for database servers or line-of-business servers, although depending on the application you might be able to use one of the existing Windows Server roles as a foundation. When you select roles, limit the server to the one or two functions that you need for your network.
ImportantImportant
If you are configuring your new server as a terminal server, do not configure the new server as a domain controller. This increases your security risk, so these two roles should not be configured on the same server.
To configure a role on your new server
  1. Click Start.
  2. Click Manage Your Server.
  3. For more information about the roles your server can provide, click Read about server roles.
  4. Click Add or remove a role.
  5. Read the Preliminary Steps and verify that your server is ready for configuring.
  6. Click Next.
  7. On the Server Role page, select the role that you want to configure on your server. For more information about each role, click Read about.
  8. After you have selected a role, click Next. The server copies and installs files, and you might need to reboot the server, depending on the role you have chosen. After this is complete, your server can perform its role on the network.
You can add only one role at a time, but you can complete this procedure more than once if you want to configure more roles on the server.
noteNote
If you want your new server to be a domain controller on your Windows SBS network, open Help and Support Center and search for "Create an Additional Domain Controller: Active Directory."

Install Additional Software (optional)

You can now install additional software that the business needs. This software can be anti-virus software, line-of-business software, accounting software, inventory applications, or other services. Follow the manufacturer's instructions for installing the software.
noteNote
Best Practice. Before you install additional software, back up your new server. That way you have a known good image that you can restore if needed.

Manage Your Servers

Windows SBS excels at centralized server management. By using server management tools, you can provide remote administration and support, which in turn reduces the number of site visits that you might need to make.
The two primary server-management tools are the Computer Management snap-in for the Microsoft Management Console (MMC) and the Remote Administration desktop. Both are found in the Server Management console for Windows SBS. This section shows you where the tools are and how to start them; it does not describe in depth how to use each tool. For more information about particular tools, open Help and Support Center and search for the tool in question.

Open the Computer Management snap-in

The Computer Management snap-in is a versatile tool. You can use it to connect to any computer on the network and to manage many of the hardware and software settings for your new server, including starting and stopping services on the remote machine. It is a good place to start when you need to check on server settings or to view messages in the event logs.
To open the Computer Management snap-in
  1. Open the Server Management console. To do so, click Start, and then click Server Management.
  2. In the console tree, click Server Computers.
  3. In the details pane, select a server, and then click Manage Computer. You can also right-click a server and then click Manage Computer.

Connect to the Server via Remote Desktop Protocol

When you need to see the server's desktop, you can connect to it by using Remote Desktop Protocol (RDP). With RDP you can see the desktop of the remote server in its own window, and you can interact with the server as if you were using its own keyboard and mouse.
noteNote
Your server has two administrative sessions available for remote management, which means it is possible for two administrators to be logged on and making changes to the server simultaneously. If both sessions are being used, additional connection attempts receive a notice that no more sessions are available. If you need to log on to the server exclusively, click Start, click Run, and then type mstsc /v:ComputerName /console, where ComputerName is the name of a member server or a desktop client computer. Be sure to include the spaces where the example indicates. This command logs off any other users who are logged on to the server.
To connect to the server via Terminal Services
  1. Open the Server Management console. To do so, click Start, and then click Server Management.
  2. In the console tree, click Server Computers.
  3. In the details pane, select a server, and then click Connect to Computer via Terminal Services. You can also right-click a server and then click Connect using Terminal Services.
  4. The logon screen for the remote server appears. Log on with the user name and password of an account that has local administrator privileges, and then click OK.
The desktop of the remote server appears, and you can interact with it remotely.

No comments:

Post a Comment