Installing a Clean Version of Windows Server 2008 R2 Operating System (part 2) - Finalizing the Installation and Customizing the Configuration

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
1/16/2011 11:43:26 AM

7. Finalizing the Installation and Customizing the Configuration

After the Windows Server 2008 R2 Install Windows Wizard collects the information and installs the Windows operating system, the system will restart. The administrator must set a password before logging in to complete the installation process. When logged in, the Initial Configuration Tasks Wizard is automatically invoked. This wizard presents the following tasks, as shown in Figure 5, to initially configure the server. The high-level initial configuration tasks include the following:

Provide Computer Information

  • Activate Windows

  • Set Time Zone

  • Configure Networking

  • Provide Computer Name and Domain

Update This Server

  • Enable Automatic Updating and Feedback

  • Download and Install Updates

Customize This Server

  • Add Roles

  • Add Features

  • Enable Remote Desktop

  • Configure Windows Firewall

Figure 5. The Initial Configuration Tasks Wizard.

Traditionally, these configuration tasks were addressed during the initial installation of Windows; however, now these elements are configured after the initial installation of the operating system is complete. By removing these elements from the installation, the installation process is much faster.

Setting the Administrator Password

The first configuration task to perform after installing Windows Server 2008 R2 is to set an administrator password. This must be done before you can log on the first time. The installation process automatically creates the default administrator account called, surprisingly enough, Administrator. This account has local administrative privileges and enables you to manage all local configuration settings for the server.

As a best practice, you should rename this account after you complete the installation and assign a strong password. You must enter it twice: first in the Password text box and then again in the Confirm Password text box. As in previous Windows operating systems, the password is case sensitive and can contain up to 127 characters. In addition, a strong password should include both upper- and lowercase letters, numbers, and symbols.

You should choose your password carefully to ensure the security of the system. You can change both the Administrator account name and password in the Change Password dialog box.

Activate Windows

Once the administrator password has been set, initial configuration tasks can be executed, starting with Activation. As with other Microsoft operating systems, Windows Server 2008 R2 must be activated. Click Activate Windows, which is the first initial configuration task. In the Windows Activation dialog box, enter the product key and click Next to activate the product. Choose to Automatically Activate Windows if you want to have Windows activate the next time the server comes online or remove the checkmark if you want to manually choose to activate Windows later. Click Next to continue with the installation process.

Setting the Time Zone

Next on the initial task list is setting the date and time of the server. Click the Set Time Zone link in the Initial Configuration Tasks Wizard to invoke the Date and Time dialog box. On the Date and Time tab, set the time zone where the server will operate by clicking the Change Date and Time button. In addition, click the Change Time Zone button to configure the time zone for the server. The next tab, Additional Clocks, as displayed in Figure 6, should be utilized if there is a need to display the time in another time zone. Up to two clocks can be configured on this tab. The final tab, Internet Time, is where you configure a time server for the server to synchronize its clock with. is the default time server; however, other time servers can be selected by clicking the Change Settings button.

Figure 6. Configuring additional clocks.

Configuring Networking

The third setting in the Provide Computer Information section of the Initial Configuration Tasks Wizard is Configure Networking. You need to decide on network settings for the server so it can connect to other computers, networks, and the Internet. By default, Windows Server 2008 R2, as with previous versions of Windows, installs Client for Microsoft Networks, File and Printer Sharing for Microsoft Networks, and TCP/IPv4. In addition, Windows Server 2008 R2 installs QoS Packet Scheduler, Internet Protocol version 6 (TCP/IPv6), Link-Layer Topology Discovery Mapper I/O Driver, and Link-Layer Topology Discovery Responder.

Don’t be alarmed. The default client, service, and protocols that are installed by default will meet most companies’ needs and require little manual configuration. You will, however, likely want to change the TCP/IPv4 settings and assign a static address for the server.


Windows Server 2008 R2 utilizes IPv6 as the default protocol. If you do not have plans to utilize IPv6, you might want to disable this protocol to facilitate future server role installation. Many server roles, such as Domain Controller, DNS Server, and DHCP Server, require static IP addresses. You will either need to disable IPv6 or assign the server a static IPv6 address to install these roles. You can disable IPv6 by clearing the check box for Internet Protocol Version 6 (TCP/IPv6) and clicking OK.

Providing the Computer Name and Domain

Use the Provide Computer Name and Domain link to change the name of your computer and to add your computer to a domain or workgroup. If you are joining an existing domain, you will need the logon name and password for an account with appropriate domain permissions. Alternatively, you can have the administrator of the domain add your computer name into the domain so that your server can connect. If you do not know the name of the domain that the server will be a member of, or if you do not have the administrative rights to join the server to the domain, you can still change the computer name and you can always join the server to a domain at a later time.

Now that we configured the elements in the Provide Computer Information section of the Initial Configuration Tasks Wizard, the next step is to focus on the second configuration section called Update This Server.

Enabling Automatic Updating and Feedback

The Enable Automatic Updating and Feedback link in the Update This Server section is used to configure how your system maintains its health and security by automatically downloading and configuring software updates and the degree to which you want to participate in Microsoft’s information gathering efforts.

Although it’s easy to dismiss these features, the tools do provide you an easy way to patch your systems and contribute your experience with Microsoft products with very little or no effort. Anonymous information gathered from users shapes Microsoft products and technologies, so if you don’t have corporate policies around sharing technical information outside of your organization, give some thought to participating. If selected, the following options can be configured automatically, or you can manually configure the settings:

  • Automatic Updates— Automatic Updates are not configured by default. You can leave this setting as is or configure the server to check for updates automatically on a schedule that fits your maintenance procedures. When patching large enterprise environments, it is a best practice to control software updates via a patching solution, such as System Center Configuration Manager 2007 R2 or WSUS 3.0 SP1.

  • Windows Error Reporting— Windows Error Reporting, by default, prompts you to send detailed information to Microsoft when errors occur on your server. You can turn this function off or configure it to automatically send the error information to Microsoft. Reports contain information that is most useful for diagnosing and solving the problem that has occurred.

  • Customer Experience Improvement Program— The Customer Experience Improvement Program (CEIP) gathers anonymous information and periodically sends it to Microsoft. CEIP reports generally include information about the features and general tasks performed by a user as well as any problems encountered when using the Microsoft product.

Downloading and Installing Updates

Even though you might have selected the option in the previous steps to automatically configure server updates, it is still possible to download and install updates manually by selecting the Download and Install Updates link in the Update This Server section of the Initial Configuration Tasks Wizard. When selected, the server will connect to the Microsoft Windows Update site. Before configuring roles or features or making your server available to users on the network, it is a best practice to install the latest updates and patches from Microsoft. If your environment uses an automated tool such as WSUS, tested and approved patches might already be installed by your update and patching infrastructure if the system was joined to the domain and is configured to do so.


When selecting the Download and Install Updates link for the very first time, if updates are not being installed automatically, you will be prompted with the option to turn on automatic updates. In addition, it is possible to select the Find Out More link to obtain updates for other Microsoft products installed on the server.

The final section on the Initial Configuration Tasks Wizard is called Customize This Server. The options are covered in the following sections.

Adding Roles

Using the Add Roles link on the Initial Configuration Tasks Wizard, you can quickly install server roles, such as Active Directory Domain Services, Active Directory Rights Management Services, DNS Server, and much more to your server. The process also adds dependent services and components as needed (alerting you along the way). This ensures that as you are setting up your system, all the necessary components are installed—alleviating the need to use multiple tools to install, secure, and manage a given server role—and that the roles are set up securely. Although it’s critical to understand dependencies for whatever role or function the server might hold, getting the system set up quickly, efficiently, and accurately is always paramount, and these setup tools help accomplish just that.

Adding Features

You can use the Add Features link to help configure useful tools and system features installed on the server. Features such as RPC over HTTP Proxy for Exchange, Remote Assistance, .NET Framework 3.0 Features, Background Intelligent Transfer Service (BITS), and SMTP Server can be installed and configured. Backup and other management tools can also be installed using this tool.

Enabling Remote Desktop

By enabling Remote Desktop, you can connect to either a remote console or an RDP session while not physically at the server. Using Remote Desktop to manage systems greatly eases administration of servers but does open another door into each system; therefore, you should consider restricting access via Remote Desktop to users who have a need to access those systems. The two options for allowing Remote Desktop access include Allow Connections From Computers Running Any Version of Remote Desktop (Less Secure) and Allow Connections From Computers Running Remote Desktop with Network Level Authentication (More Secure).

Configuring Windows Firewall

By default, Windows Firewall is turned on when the base OS is first installed. Although the firewall only protects the server from inbound and outbound access (as opposed to compromises from within the OS, such as a virus or other malware), this is typically adequate protection on a newly built machine until the system is patched and loaded with antivirus software or any other protective systems. Unless you configure exceptions to the firewall, users will not be able to access resources or services on the server. Exceptions to this are services or resources that are made available using the Initial Configuration Tasks Wizard or other GUI-based tools, such as Server Manager, that automatically create the exceptions, enabling you to leave the firewall on while enabling access to specific functions on the server, if desired. With Windows Server 2008 R2, it is possible to configure incoming and outgoing firewall rules on each network connection.