In these series of posts, we will go through the steps required to install Configuration Manager in a simple LAB environment. The LAB environment will be referenced in future posts as we explore Configuration Manager further. See Part 1 for an overview of the LAB environment.
Last time we got our Domain Controller up and running and in this post we will install a Management server for administrations purposes. This is an optional step in the series, but it makes life a lot easier having a single server with all the required management tools. LABADM01 should be used for this purpose and should only have the operating system installed.
Quick Jump:
Part 1 – Overview and Domain Controller installation
Part 2 – Management Server Installation
Part 3 – Installing SQL Server
Part 4 – Configuration Manager Prerequisites
Part 5 – Installing Configuration Manager
Basic Server Configuration
Since setting up the management server is rather straight forward and an optional component in the series, we will automate the process with PowerShell. Like before we will setup the networking then install the required management tools.
Issue the commands below to set the computers IP address or specify it manually.
Rename-Computer -NewName LABADM01
Write-Host "Computer Name Changed"
$AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
$UserKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0
Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 0
Write-Host "Disabled IE Enhanced Security Configuration"
New-NetIPAddress -InterfaceAlias "Ethernet" -AddressFamily IPv4 -IPAddress 192.168.3.30 -PrefixLength 24 -DefaultGateway 192.168.3.1
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 192.168.3.20
Write-Host "IP address and DNS set"
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
Write-Host "Enabled Remote Desktop"
Restart-ComputerNext, issue the following command to install all the required management tools:
Install-WindowsFeature -Name RSAT-ADDS, RSAT-ADDS-Tools, RSAT-AD-Powershell, RSAT-DHCP, RSAT-DNS-Server, RSAT-ADCS, RSAT-ADCS-Mgmt, RSAT-NPAS, GPMC, Telnet-Client, RSAT-ADLDS -VerboseThe final step is to join the Management Server to the domain by executing the following PowerShell command. Enter the LAB\Administrator credentials when prompted. The server will automatically restart.
Add-Computer -DomainName "lab.local" -RestartActive Directory Structure
Now that we have our Management Server up and running, lets create a structure in Active Directory for our Servers, Clients and Users. Create a structure manually by opening Active Directory Computers and Users (dsa.msc) from Server Manager or from Administrative Tools in the Control Panel or Start Menu. The script below can be used to create a simple Structure.
New-ADOrganizationalUnit -Name "LAB" -Path "DC=LAB,DC=local"
New-ADOrganizationalUnit -Name "Servers" -Path "OU=LAB,DC=LAB,DC=local"
New-ADOrganizationalUnit -Name "Clients" -Path "OU=LAB,DC=LAB,DC=local"
New-ADOrganizationalUnit -Name "Resources" -Path "OU=LAB,DC=LAB,DC=local"
New-ADOrganizationalUnit -Name "Users" -Path "OU=Resources,OU=LAB,DC=LAB,DC=local"
New-ADOrganizationalUnit -Name "Admins" -Path "OU=Resources,OU=LAB,DC=LAB,DC=local"
New-ADOrganizationalUnit -Name "Service Users" -Path "OU=Resources,OU=LAB,DC=LAB,DC=local"Use the following script to remove the Active Directory Example Structure and any sub OU’s within it.
$OUs = Get-ADObject -Filter * -SearchBase 'OU=LAB,DC=LAB,DC=local'
Foreach ($OU in $OUs) {
Set-ADObject -ProtectedFromAccidentalDeletion $false -Identity $OU
}
Remove-ADOrganizationalUnit -Identity "OU=LAB,DC=LAB,DC=local" -Recursive -Confirm:$falseIn part 3 we will be installing SQL Server to host the Configuration Manager database.
