Professional Documents
Culture Documents
blank.
Make sure that the Certificates drop-down is set to "Not Selected" and that the Allow SSL
option is selected.
Click Next.
5. On the next page of the wizard:
Select Anonymous for the Authentication settings.
For the Authorization settings, choose "Anonymous users" from the Allow access to dropdown. Select Read for the Permissions option.
Click Finish.
6. Go to IIS 7 Manager. Click the node for the FTP site that you created. The icons for the entire
FTP features display.
Configure the passive port range for the FTP service
1. Go to IIS 7 Manager. In the Connections pane, click the server-level node in the tree.
2. Double-click the FTP Firewall Support icon in the list of features.
3. Enter a range of values for the Data Channel Port Range.
4. Once you have entered the port range for your FTP service, click Apply in the Actions pane to
save your configuration settings.
Configure the external IPv4 Address for a Specific FTP Site
1. Go to IIS 7 Managers. In the Connections pane, click the FTP site that you created earlier in
the tree, Double-click the FTP Firewall Support icon in the list of features.
2. Enter the IPv4 address of the external-facing address of your firewall server for the External IP
Address of Firewall setting.
3. Once you have entered the external IPv4 address for your firewall server, click Apply in the
Actions pane to save your configuration settings.
Open Firewall to FTP Traffic
1. Open a command prompt: click Start, then All Programs, then Accessories, then Command
Prompt.
2. To open port 21 on the firewall, type the following syntax then hit enters:
netsh advfirewall firewall add rule name="FTP (non-SSL)" action=allow protocol=TCP dir=in
localport=21
3. To enable stateful FTP filtering that will dynamically open ports for data connections, type the
WDS
Note: If you already have an Active Directory setup and configured DNS then skip to
Step 2 (Setup DHCP). If you have already configured AD, DNS and DHCP then
please skip to Step 3 (Add the WDS role).
This guide assumes that you have first of all installed Windows 2008 server on your machine
and partitioned it as c: (Operating system) and d: (data), note that you can change the partitions
after the installation of Windows 2008 server by using disk management and right clicking on a
disk and choosing to shrink or extend. This guide is to help you set things up in a LAB. In
Production, you have to plan things according to Technet documentation.
As WDS needs the folllowing:Active Directory Domain Services, DHCP, DNS, we will add the following role first:Active Directory Domain Services
We must install this role first before continuing to add the other roles, so lets select it and click
on next.
We will then be informed that installing AD requires us to run dcpromo.exe afterwards to make
the server a fully functional domain controller. Click install to continue.
This will open up the Roles section of Server manager, and we'll see a summary which says This
server is not yet running as a domain controller. Run the Active Directory Domain Services
Installation Wizard (dcpromo.exe).
This will start the Active Directory Domain Services Installation Wizard. Click on next to
continue.
Next we will get a screen telling us that older versions of Windows (pre Vista Sp1 ....) may have
problems with a bunch of things including Windows Deployment Services (for more info read
KB942564)
Quote
Platforms impacted by this change include Windows NT 4.0, as well as non-Microsoft SMB
"clients" and network-attached storage (NAS) devices that do not support stronger cryptography
algorithms. Some operations on clients running versions of Windows earlier than Vista with
Service Pack 1 are also impacted, including domain join operations performed by the Active
Directory Migration Tool or Windows Deployment Services.
next we are prompted for the fully qualified domain name of the forest root domain (eg:
corp.contoso.com)
Note: if you have not already given this server a good computername, then cancel this
process and do so now. The computername will be prepended to whatever FQDN you enter,
so if you enter corp.contoso.com then the FQDN of this domain controller will be
AD1.corp.contoso.com
after clicking next the wizard will check the validity of the fqdn,
next we get to choose the forest functional level, click the drop down menu and select Windows
Server 2008 from the three choices (Windows 2000, Windows Server 2003, Windows Server
2008).
As this is only a test lab, we are not concerned that we can only add Windows 2008 or later
servers to this forest.
Clicking next will give some addtional options, leave them as they are (DNS Server selected)
and click on Next again.
if you get a warning about dynamically assigned ip addresses ignore it (choose yes),
you will most likely get another DNS warning if like me you don't have a Windows DNS server
in the forest. Click yes to continue.
Next we are asked where to store the AD database, logfiles and sysvol, stay with the defaults and
click next.
and we are then prompted to set the Directory Services restore mode administrator account
password
after a while you should see the AD wizard complete. Click Finish
Now that we are in server manager lets click on Add roles again followed by next.
Select DHCP Server and click next.
and if you have more than one network card in your Windows 2008 server, select the one which
will be handing out ip's (in my case that is 192.168.3.1), I removed the tick from the other
network card listed
next you will need to clarify which DNS server ip address to listen to, I changed it from my
second nic's ip address 192.168.3.1, clicking on Validate will verify that it's ok
enter your WINS settings, I went with the default and clicked next,
next we have to input our DHCP server scope options, to do this click on Add
click next and you'll get IPV6 options, I chose to disable this as I'm not using IPv6 yet
Quote
Windows Server 2008 supports stateless and stateful DHCPv6 server functionality. DHCPv6
stateless mode clients use DHCPv6 to obtain network configuration parameters other than the
IPv6 address, such as DNS server addresses. Clients configure an IPv6 address through a nonDHCPv6 based mechanism such as IPv6 address auto-configuration (based on the IPv6 prefixes
included in router advertisements), or static IP address configuration.
In DHCPv6 stateful mode, clients acquire both the IPv6 address as well as other network
configuration parameters through DHCPv6.
next we are asked about DHCP credentials for the AD DS, I stayed with the default,
and then we will see a summary of our actions and choices for the DHCP server role
clicking on Install will apply these settings and after some time you should hopefully see the
following:-
Step 3. Add the WDS role:In Server Manager, Highlight and select Windows Deployment Services and click next.
you will get an information screen which has some info including the following:Quote
Before you begin, you need to configure Windows Deployment Services by running either the
Windows Deployment Services Configuration Wizard or WDSUtil.exe. You will also need to add
at least one boot image and one install image in the image store.
Click next and notice the two role services listed, Deployment Server and Transport Server,
make sure they are both selected and click next to continue.
view the summary and click install to install the WDS role...
if you check server manager under roles you should now see the WDS role added.
Step 4. Configure the Windows Deployment Services gui (mmc snap in)
Click on Start/All Programs/Administrative tools/Windows Deployment Services.
at this point we can see that WDS is not configured yet, so let's do that now.
right click on the server name in the left pane and choose Configure Server
I then chose to respond to all known and unknown computers (by default it's set to Do not
respond to any)
Please note, if you want to set this option to only respond to known computers, then you can do so, but you will have to prestage
your computers in Active Directory to do so
The Windows Deployment Add image wizard will appear, insert your Windows 2008 Server
DVD and click Browse, select the sources folder on the Windows 2008 DVD and then click next
you'll be prompted to create a new image group, lets call it ImageGroup1 (the default name, you
can change it later to Windows Server 2008 or Windows Vista Sp1 or whatever...).
After a long while, the selected images will be added to the WDS server
the original boot.wim file from the Windows 2008 Server DVD, please note that this is the
default description name of the image, you could change it when addint the boot.wim image to
something more descriptive as in this example
In the Install Images pane, we can see the six available images from the Windows 2008 Server
DVD, these are based upon the install.wim file on the DVD.
you can now PXE boot your client computers to the Windows 2008 WDS server.
troubleshooting note: if you add a new image to WDS and attempt to pxe boot and then install
the image but get an error saying something like 'could not display the list of' then make sure you
have used BOOT.WIM from a Windows Server 2008 DVD or Windows Vista sp1.