- How to install the PowerShell 7 Active Directory module - Mon, Jun 28 2021
- Active Directory Reports Professional: AD auditing made easy - Mon, May 3 2021
- First look at Windows Server 2022 - Wed, Mar 10 2021
Windows Server 2019 Essentials, formerly known as Small Business Server, is a reasonable choice for very small companies. As Microsoft is pushing everything into cloud computing, version 2019 is probably the last version that will have the Essentials edition available.
Benefits and limitations ^
Clearly the main benefit of Essentials is its price, which is roughly half that of the Standard edition. Also, you do not need to purchase any client access licenses (CALs). This makes the overall price even cheaper.
Windows Server 2019 Essentials comes with following limitations:
- 16 CPU cores; 64 GB RAM
- Maximum of 25 users/50 devices
- No virtualization rights; one physical or virtual installation
Over the past few years, as even small companies have used more and more applications, the computing demands have increased. You can have only a single installation of Essentials. Assuming it will be the only server in the environment, I would not recommend Essentials to a customer with more than 10 users or computers.
Administrative Dashboard removed ^
Administrative Dashboard formerly served to complete the server setup and simplify other management tasks. It was part of the Windows Server Essentials Experience role, which Microsoft removed from Windows Server 2019 along with the dashboard.
Instead of the Administrative Dashboard, only the Server Manager is now available. The configuration is very similar to any other Windows Server edition.
Configuring the server ^
Typically, Windows Server 2019 Essentials will be the first (and most likely the only) server in your environment. This means you will need to deploy and configure at least these roles and features:
- Active Directory Domain Services (AD DS)
- DNS Server
- DHCP Server
- Print and Document services (optional)
First, you should rename the server from the generated WIN-XXXX name to something more suitable. You can do this with the following command:
Rename-Computer -NewName "DC" -Force -Restart:$true
Before you can start with the Active Directory deployment, you need to configure a static IP address. First, use Get-NetAdapter command to find out the InterfaceIndex number of the network interface controller (NIC) you want to assign the IP to.
In my case, I am configuring the server with IP 192.168.1.10, mask 255.255.255.0, and gateway 192.168.1.1.
New-NetIPAddress -InterfaceIndex 5 -IPAddress "192.168.1.10" -AddressFamily IPv4 ‑PrefixLength 24 -DefaultGateway "192.168.1.1"
Note that at this point, we did not configure a DNS server. The setup will add this later automatically. Now you can install all needed roles using a single command. You can omit the ‑Verbose parameter; I just use it for presentation.
Add-WindowsFeature ‑Name AD-Domain-Services,DHCP,DNS,Print-Services ‑IncludeManagementTools ‑Verbose
Now it's time to promote the server to a domain controller using the following command:
Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "C:\Windows\NTDS" DomainMode "Default" -DomainName "LAB.local" -DomainNetbiosName "LAB" -ForestMode "Default" -InstallDns:$true -LogPath "C:\Windows\NTDS" -NoRebootOnCompletion:$false SysvolPath "C:\Windows\SYSVOL" -Force:$true
Make sure to change the ‑DomainName and ‑DomainNetbiosName parameters to fit your naming convention. Also, note the ‑DomainMode and ‑ForestMode parameters. These serve to set the forest and domain functional levels. However, for some strange reason, the setup does not offer the Win2016 value. Use the Default value to set the Windows Server 2016 forest and domain levels.
After you execute the command, the setup will prompt you to enter the Directory Services Restore Mode password. Next, it will show several warnings (the same ones as in the graphical interface) and will promote the server to a domain controller.
It will reboot the server automatically to complete the promotion. The functional level is indeed set to Windows Server 2016. Also, it set our network adapter DNS server IP address to 127.0.0.1.
At this point, we have a working Active Directory domain and DNS system, leaving us with DHCP and Print and Document services. As the Print and Document services role does not require any special configuration, the only configuration left for us to do is for the DHCP server.
For the initial DHCP configuration, you need to perform several steps. First, you need to create the DHCP management security groups DHCP Administrators and DHCP Users. You can do this using the old netsh command:
netsh dhcp add securitygroups
You need to restart the DHCP server service after this:
Next, you have to authorize the DHCP server against Active Directory using the following command:
Add-DhcpServerInDC -DnsName "DC.LAB.local" -IPAddress "192.168.1.10"
As the last step for DHCP initial configuration, you need to notify Server Manager you've done the configuration; otherwise, you will still see the notification.
Set-ItemProperty ‑Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\12 ‑Name ConfigurationState ‑Value 2
At this point, you can finally create and activate the DHCP scope for client computers. In my case, I am creating the DHCP scope named LAB with the IP address range from 192.168.1.100 to 192.168.1.200, the default gateway 192.168.1.1, and the DNS server 192.168.1.10. Excluded IPs are in the range from 192.168.1.1 to 192.168.1.99.
#Create scope named LAB with range 192.168.1.100 to 192.168.1.200
Add-DhcpServerv4Scope -name "LAB" -StartRange "192.168.1.100" -EndRange "192.168.1.200" -SubnetMask "255.255.255.0" -State Active
#Exclude IPs from range 192.168.1.1 to 192.168.1.99
Add-DhcpServerv4ExclusionRange -ScopeID "192.168.1.0" -StartRange "192.168.1.1" EndRange "192.168.1.99"
#Configure default gateway (router option) to 192.168.1.1
Set-DhcpServerv4OptionValue -OptionID 3 -Value "192.168.1.1" -ScopeID "192.168.1.0" ComputerName "DC.LAB.local"
#Configure DNS server option to 192.168.1.10
Set-DhcpServerv4OptionValue -DnsDomain "LAB.local" -DnsServer "192.168.1.10"
That's it for the initial configuration of Windows Server 2019 Essentials.
Subscribe to 4sysops newsletter!
With the removal of the Administrative Dashboard and the initial configuration wizard from Windows Server 2019 Essentials, the configuration is not as easy as it was in previous versions. After reading this post, you should be able to speed up the configuration using several PowerShell commands.