krypted.com

Tiny Deathstars of Foulness

Getting started with Messages Server couldn’t really be easier. Messages Server in the macOS Server 5.2 version of the Server app uses the open source jabber project as their back-end code base. The jabber binary is located at /Applications/Server.app/Contents/ServerRoot/private/var/jabberd directory and the autobuddy binary is at /Applications/Server.app/Contents/ServerRoot/usr/bin/jabber_autobuddy. The actual jabberd binary is also stored at /Applications/Server.app/Contents/ServerRoot/usr/libexec/jabberd, where there are a couple of perl scripts used to migrate the service between various versions as well.

Setting up the Messages service is simple. Open the Server app and click on Messages in the Server app sidebar.

screen-shot-2016-09-27-at-11-03-18-am

Click on the Edit… button for the Permissions. Here, define which users and interfaces are allowed to use the service.

screen-shot-2016-09-27-at-11-03-45-am

From Server app, click on the checkbox for “Enable server-to-server federation” if you have multiple iChat, er, I mean, Messages servers and provide the address for servers to federate to.

screen-shot-2016-09-27-at-11-04-14-am

Next, click on the checkbox for “Archive all chat messages” if you’d like transcripts of all Messages sessions that route through the server to be saved on the server.

screen-shot-2016-09-27-at-11-04-47-am

You should use an SSL certificate with the Messages service. If enabling federation so you can have multiple Messages servers, you have to. Before enabling the service, click on the name of the server in the sidebar of Server app and then click on the Settings tab. From here, click on Edit for the SSL Certificate (which should be plural btw) entry to bring up a screen to select SSL Certificates.

At the SSL Certificates screen (here it’s plural!), select the certificate the Messages service should use from the available list supplied beside that entry and click on the OK button. If you need to setup federation, click back on the Messages service in the sidebar of Server app and then click on the Edit button. Then, click on the checkbox for Require server-to-server federation (making sure each server has the other’s SSL certificate installed) and then choose whether to allow any server to federate with yours or to restrict which servers are allowed. I have always restricted unless I was specifically setting up a server I wanted to be public (like public as in everyone in the world can federate to it, including the gorram reavers that want to wear your skin).

screen-shot-2016-09-27-at-11-05-38-am

To restrict the service, then provide a list of each server address capable of communicating with your server. Once all the servers are entered, click the OK button. Obviously, if you only have one server, you can skip that. Once the settings are as you wish them to be, click on the ON/OFF switch to light up the service. To see the status of the service, once started, use the fullstatus option with serveradmin followed by the jabber indicator:

sudo serveradmin fullstatus jabber

The output includes whether the service is running, the location of jabber log files, the name of the server as well as the time the service was started, as can be seen here:

jabber:state = "RUNNING"
jabber:roomsState = "RUNNING"
jabber:logPaths:PROXY_LOG = "/private/var/jabberd/log/proxy65.log"
jabber:logPaths:MUC_STD_LOG = "/var/log/system.log"
jabber:logPaths:JABBER_LOG = "/var/log/system.log"
jabber:proxyState = "RUNNING"
jabber:currentConnections = "0"
jabber:currentConnectionsPort1 = "0"
jabber:currentConnectionsPort2 = "0"
jabber:pluginVersion = "10.8.211"
jabber:servicePortsAreRestricted = "NO"
jabber:servicePortsRestrictionInfo = _empty_array
jabber:hostsCommaDelimitedString = "osxserver.krypted.lan"
jabber:hosts:_array_index:0 = "osxserver.krypted.lan"
jabber:setStateVersion = 1
jabber:startedTime = ""
jabber:readWriteSettingsVersion = 1

There are also a few settings not available in the Server app. One of these that can be important is the port used to communicate between the Messages client and the Messages service on the server. For example, to customize this to 8080, use serveradmin followed by settings and then jabber:jabberdClientPortSSL = 8080, as follows:

sudo serveradmin settings jabber:jabberdClientPortSSL = 8080

To change the location of the saved Messages transcripts (here, we’ll set it to /Volumes/Pegasus/Book:

sudo serveradmin settings jabber:savedChatsLocation = “/Volumes/Pegasus/Book”

To see a full listing of the options, just run settings with the jabber service:

sudo serveradmin settings jabber

The output lists each setting configurable:

jabber:dataLocation = “/Library/Server/Messages”
jabber:s2sRestrictDomains = no
jabber:jabberdDatabasePath = “/Library/Server/Messages/Data/sqlite/jabberd2.db”
jabber:sslCAFile = “/etc/certificates/osxserver.krypted.com.31971C0C39DCBF4733FA671BCE3AF260769E4FB7.chain.pem”
jabber:jabberdClientPortTLS = 5222
jabber:sslKeyFile = “/etc/certificates/osxserver.krypted.com.31971C0C39DCBF4733FA671BCE3AF260769E4FB7.concat.pem”
jabber:initialized = yes
jabber:enableXMPP = yes
jabber:savedChatsArchiveInterval = 7
jabber:authLevel = “STANDARD”
jabber:hostsCommaDelimitedString = “osxserver.krypted.com”
jabber:jabberdClientPortSSL = 5223
jabber:requireSecureS2S = yes
jabber:savedChatsLocation = “/Library/Server/Messages/Data/message_archives”
jabber:enableSavedChats = yes
jabber:enableAutoBuddy = no
jabber:s2sAllowedDomains = _empty_array
jabber:logLevel = “ALL”
jabber:hosts:_array_index:0 = “osxserver.krypted.com”
jabber:eventLogArchiveInterval = 7
jabber:jabberdS2SPort = 5269

To stop the service:

sudo serveradmin stop jabber

And to start it back up:

sudo serveradmin start jabber

It’s also worth noting something that’s completely missing in this whole thing: Apple Push Notifications… Why is that important? Well, you use the Messages application to communicate not only with Mac OS X and other jabber clients, but you can also use Messages to send text messages. Given that there’s nothing in the server that has anything to do with texts, push or anything of the sort, it’s worth noting that these messages don’t route through the server and therefore still require an iCloud account. Not a huge deal, but worth mentioning that Messages server doesn’t have the same updates built into the Messages app. Because messages don’t traverse the server, there’s no transcripts.

October 12th, 2016

Posted In: Mac OS X Server

Tags: , , , , , , , , ,

Sometimes you need to write a record into a table in a SQL database. The INSERT INTO statement creates new records in a table and can work in one of two ways. The first form does not specify the column names where the data will be inserted, only their values. When doing so, each value needs to be inserted in the columned order they appear, here the table being the name of the table you’re adding a record into and each value would be replaced with the contents of your value (don’t insert the string ‘value’ into each!):

INSERT INTO table
VALUES (value,value,value,...);

If you don’t have every value to insert, you can also list the columns to insert data in and then include the values in the same order that the columns are listed in. The second form specifies both the column names and the values to insert:

INSERT INTO table (column,column,column,...)
VALUES (value,value,value,...);

Below is a selection from the “Customers” table that I put in the first article. We will use it to run some SQL statements using the INSERT keyword so that we can add data to our little database:

ID Site Contact Address City Zip Country
1 Krypted Charles Edge my house Minneapolis 55418 US
2 Apple Tim Cook spaceship Cupertino 95014 US
3 Microsoft Satya Nadella campus Redmond 98053 US
4 Facebook Mark Zuckerberg foodhall Menlo Park 94025 US
5 JAMF Dean Hager Grain Exchange Minneapolis 55418 US

To insert a new row in the “Customers” table, we’ll add a row for Huffington Post with Arianna Huffington as the owner, her address as “The Library, with a city of Los Angeles, a zip of 90077, and a country of the US.

INSERT INTO Customers (Site, Contact, Address, City, Zip, Country)
VALUES ('Huffington Post','Arianna Huffington','The Library','Los Angeles','90077','US');

The selection from the “Customers” table will now look like this, after the ID record incremented on its own, taking the next available integer:

ID Site Contact Address City Zip Country
1 Krypted Charles Edge my house Minneapolis 55418 US
2 Apple Tim Cook spaceship Cupertino 95014 US
3 Microsoft Satya Nadella campus Redmond 98053 US
4 Facebook Mark Zuckerberg foodhall Menlo Park 94025 US
5 JAMF Dean Hager Grain Exchange Minneapolis 55418 US
6 Huffington Post Arianna Huffington The Library Los Angeles 90077 US

As mentioned, you can also Insert Data Only in Specified Columns
It is also possible to only insert data in specific columns.

The following SQL statement will insert a new row, but only insert data in the Site, Contact, and Country columns:

INSERT INTO Customers (Site, Contact, Country)
VALUES ('Spotify', 'Daniel Elk', 'SE');

The selection from the “Customers” table will now look like this:

ID Site Contact Address City Zip Country
1 Krypted Charles Edge my house Minneapolis 55418 US
2 Apple Tim Cook spaceship Cupertino 95014 US
3 Microsoft Satya Nadella campus Redmond 98053 US
4 Facebook Mark Zuckerberg foodhall Menlo Park 94025 US
5 JAMF Dean Hager Grain Exchange Minneapolis 55418 US
6 Huffington Post Arianna Huffington The Library Los Angeles 90077 US
7 Spotify Daniel Elk SE

Overall, adding rows to SQL tables is really straight forward. I mean, you’re not replacing anything… Yet…

February 3rd, 2016

Posted In: SQL

Tags: , , , , , , , ,

Apple Configurator 2 is a great new evolution in iOS initial and configuration management. And there are lots of great options. And to help you wrap your head around all this new fun stuff, I’ve written up a quick and dirty guide for using Apple Configurator 2.

Screen Shot 2015-11-04 at 10.02.03 PM

It’s not completely done, but it will be shortly. Hope this help someone. Enjoy!

November 14th, 2015

Posted In: Apple Configurator, iPhone, Mass Deployment

Tags: , , , , , , , , , , , ,

The new fourth generation Apple TV is everything I hoped the third generation would be. We have a touch remote with a Mic, great video, USB-C, and most importantly, an App Store! And while I have security concerns around the setup process, I am sure Apple has thought through the myriad of questions I have surrounding sharing Apple ID keys over bluetooth from a phone to the Apple TV to streamline the setup process. So about that setup process. Configuring the new Apple TV is pretty straight forward. To get started, get your phone out. Yes, your phone. Then unwrap the Apple TV and plug it into the HDMI port on your TV and the AC adapter (which is the same as the second and third generation Apple TVs).

IMG_6014

Once plugged in, boot up your Apple TV. When prompted, click Set Up with Device on the fancy  new remote.

IMG_6015

At the Set Up Your Apple TV prompt, make sure that Bluetooth is enabled on your phone and then wait for it, the TV will see your phone!

Screen Shot 2015-11-02 at 8.03.45 PM

When prompted on your phone, tap Continue.

IMG_6017

When the TV tells you to enter the Apple ID on your phone, make sure your phone is unlocked and then provide that information.

IMG_6018

You’re then prompted for whether you’d like the Apple TV to retain your password. Obviously, if you have kids that love to buy in app purchases, this might be a bad idea. If you live alone, maybe a good idea.

IMG_6019

Make your selection and then you’ll be prompted for whether you’d like to send data to Apple. I usually tap OK here, as I prefer my experience to get better with products (and usually don’t go in for all the tin foil hat stuffs).

IMG_6020

Back on the TV, choose whether or not to enable Location Services. If you travel with Apple TV, this might be helpful. If not, then it’s likely not a biggee.

IMG_6021

One of the great new features is the new Siri integration with Apple TV. While Siri on my TV doesn’t seem to like me much, I’m sure it’s my fault, so I’d still click that Use Siri option.

IMG_6022

I loved the photos on the previous generation of Apple TV, so decided to let Apple give me some more. You may not want to use their background for a screensaver. Click Automatically Download if you’d like to use theirs, or Not Now if not.

IMG_6023

You’re then prompted for whether or not to send Diagnostics and Usage Data to Apple again. Choose if you’d like to do so.

IMG_6024

If you want your apps to get better, click Share with App Developers.

IMG_6025

Click Agree to agree to the warranty.

IMG_6026

Click Agree to agree to Apple’s Terms and Conditions (for these, you can’t proceed unless you agree to them; otherwise you can return the device).

IMG_6027

Now you’re at the Main Apple TV screen. If you’re used to using Netflix, the next thing you’ll want to do is head over to the App Store and install some apps. You can also go ahead and start buying media, etc. Enjoy!

 

November 3rd, 2015

Posted In: Apple TV

Tags: , , , , , ,

I’ve written a couple of articles about the Caching service in OS X Server 5 for El Capitan. As of OS X Server 5, the Caching service now caches local copies on the computer running the Caching service of iCloud content. This allows you to cache content once and then have it accessed by multiple devices faster. I’m torn on this option. On the one hand, I love the fact that I can cache things and on the other hand I find it frightening that a random user can cache things I might not want them to cache on behalf of another user. I know, I know, they’re encrypted with a device key. But when you have data on disk, it can always be decrypted. I almost feel like there should be a plist on machines that whitelists allowed caching servers. Maybe I should make a feature request on that.

Either way, as it stands now, I might be disabling this option in larger offices. To do so, I can write an AllowPersonalCaching key into the Config.plist file at /Library/Server/Caching/Config/. The most graceful way to do this is using the serveradmin command, followed by the settings verb and then caching:AllowPersonalCaching option, setting that equals no, as follows:

sudo serveradmin settings caching:AllowPersonalCaching = no

To turn it back on:

sudo serveradmin settings caching:AllowPersonalCaching = yes

This can also be done by dropping a Config.plist file into the correct location for new server installations. I’ll have an article out shortly on doing so, as you’d want to normalize a few options in the file before deploying en masse (e.g. if you have a large contingent of Caching servers to manage.

October 16th, 2015

Posted In: Mac OS X Server

Tags: , , , , , , ,

The first thing you’ll want to do on any server is setup the networking for the computer. To do this, open the System Preferences and click on Network. You usually want to use a wired Ethernet connection on a server, but in this case we’ll be using Wi-Fi. Here, click on the Wi-Fi interface and then click on the Advanced… button.

Screen Shot 2015-09-07 at 10.03.11 PM

At the setup screen for the interface, provide a good static IP address. Your network administrator can provide this fairly easily. Here, make sure you have an IP address and a subnet mask. Since we need to install the Server app from the Mac App Store, and that’s on the Internet, you’ll also need to include a gateway, which provides access to the Internet and using the DNS tab, the name servers for your Internet Service Provider (ISP).

Screen Shot 2015-09-07 at 10.05.40 PM

Once you have provided a static IP address, verify that you can route to the Internet (e.g. open Safari and visit a website). Provided you can, the first step to installing OS X Server is to download the Server app from the Mac App Store. If you install an El Capitan machine (or Yosemite), you can then open the App Store app and search for Server. In the available apps, you’ll see the Server app from Apple. Here, click on Buy and let the app download. That was pretty easy, right. Well, the fun has just gotten started. Next, open the app.

When you first open the Server app, you’ll see the OS X Server screen. Here, you can click on the following options:

  • Other Mac: Shows a list of Macs with the Server app that can be remotely configured. Choosing another system does not complete the setup process on the system you’re working on at the moment.
  • Cancel: Stops the Server app setup assistant and closes the Server App.
  • Continue: Continues installing the Server app on the computer you are using.
  • Help: Brings up the OS X Server manual.

Screen Shot 2015-09-07 at 9.46.12 PM

Click Continue to setup OS X Server on the machine you’re currently using. You’ll then be prompted for the licensing agreement from Apple. Here, check the box to “Use Apple services to determine this server’s Internet reachability” and click on Agree (assuming of course that you agree to Apple’s terms in the license agreement).

Screen Shot 2015-09-07 at 9.46.15 PM

Installing OS X Server must be done with elevated privileges. At the prompt, enter the credentials for an account with administrative access and click on the Allow button.

Screen Shot 2015-09-07 at 9.56.42 PM

The services are then configured as needed and the command line tools are made accessible. This can take some time, so be patient. When the app is finished with the automation portion of the configuration, you will be placed into the Server app for the first time. Your first order of business is to make sure that the host names are good on the computer. Here, first check the Host Name. If the name doesn’t resolve properly (forward and reverse) then you will likely have problems with the server at some point. Therefore, go ahead and click on Edit Host Name… Here, enter the fully qualified address that the server should have. In the DNS article, we’ll look at configuring a good DNS server, but for now, keep in mind that you’ll want your DNS record that points to the server to match what you enter here. And users will use this address to access your server, so use something that is easy to communicate verbally, when needed.

Screen Shot 2015-09-07 at 10.07.24 PM

At the Change Host Name screen, click Next. At the “Accessing your Server” screen, click on Internet and then click on the Next button.

Screen Shot 2015-09-07 at 10.08.44 PM

At the “Connecting to your Server” screen, provide the Computer Name and the Host Name. The Computer Name is what you will see when you connect to the server over Bonjour and what will be listed in the Sharing System Preference pane. The Host Name is the fully qualified host name (fqdn) of the computer. I usually like to take the computer name and put it in front of the domain name. For example, in the following screen, I have osxserver as the name of the computer and osxserver.krypted.com as the host name.

Screen Shot 2015-09-07 at 10.11.16 PM

Once you have entered the names, click on the Finish button. You are then prompted to Change Host Name. Click on Change Host Name at this screen.

Next, let’s open Terminal and run changeip with the -checkhostname option, to verify that the IP and hostname match:

sudo changeip -checkhostname

Provided that the IP address and hostname match, you’ll see the following response.

sudirserv:success = “success”

If the IP address and hostname do not match, then you might want to consider enabling the DNS server and configuring a record for the server. But at this point, you’ve finished setting up the initial server and are ready to start configuring whatever options you will need on the server.

October 4th, 2015

Posted In: Mac OS X Server

Tags: , , , , , , ,

You waited. And you tapped your fingers on the desk. And you sat and waited some more, for the UPS person. You stared at your mailbox. And then, after all of that, UPS showed up. And you signed. And then you had that box in your hands. The cardboard box, when opened, gave way to a sweet white box. You opened it by pulling the little tag off, and then you pulled the watch out of the box. You tried on the two bands. And you picked the one that fit you the best.

So now what? Turn on the watch by hitting the button on the side and watch that beautiful Apple logo light up the screen. But now you need to pair the watch with your phone for it to be useable. So what to do? Well, first of all, make sure your phone is updated to the latest and greatest version of iOS. From there, open the Apple Watch app on the iPhone.

IMG_3471

The app will prompt you to start pairing a watch with the phone. You can only pair one watch with an iPhone. Tap the Start Pairing button. When prompted, line up the screen on the watch with the image and the outline.

IMG_3472

Wait for the watch to complete pairing and then tap the Set Up Apple Watch button.

IMG_3473

You’ll then be prompted for which wrist to put the watch on. I used my dominant wrist, so right.

IMG_3474

You’ll then be prompted to accept the Terms and Conditions (aka license agreement) from Apple. Tap Agree.

IMG_3475

Tap Agree again.

IMG_3476

Next, when prompted for the Apple ID to use, if you’d like to use an Apple ID with the watch, provide the password for that Apple ID using the Enter Password button, or use the Skip This Step option to skip the Apple ID.

IMG_3477

At the Location Services screen, tap OK. This is really just informational to let you know that Location Services will be used. It’s kinda’ necessary to use the watch properly.

IMG_3478

At the Siri screen, again, you’re informed that Siri will be used. Tap OK.

IMG_3479

At the Diagnostics screen, same thing. You’re informed that diagnostics will be supplied to Apple. Tap OK.

IMG_3480

At the Apple Watch Passcode screen, choose whether you’d like to use a passcode on the watch. I’m not a fan of using a passcode on the watch; however, you will have to use one if you want to use Apple Pay on the watch. Tap Create a Passcode to set one up now and then provide the passcode you’d like to use.

IMG_3481

The Apple Watch will sync apps and show glances from apps that are on the phone. Tap Install All to go ahead and install any Apple Watch apps on the device. You can always turn them off later. Or you can tap Choose Later to go ahead and complete setup and wait until later to set up the watch and finish apps setup later. I’d recommend using Install All and then turn off the ones you don’t want later.

IMG_3482

Then the watch will start syncing with your devices. At the Apple Watch Is Syncing screen, wait. Don’t do anything else or get the watch too far from the phone or you’ll have to start over from scratch.

IMG_3483

The watch looks like this while it’s syncing.

IMG_3484

Once the watch is finished syncing, use the My Watch app to sync apps, show glances, setup Apple Pay and configure which built-in apps are shown on the device.

IMG_3508

The next and most important aspect of your new Apple Watch is to use it and love it. Go for a run, sync some apps, enjoy the hell out of your new watch. It’s great. Now, get to it!

May 9th, 2015

Posted In: Apple Watch

Tags: , , , , , , , , , , , , , ,

Bushel allows you to deploy settings for Wi-Fi networks to all of your users enrolled in Bushel. Bushel supports WEP, WPA, and WPA2.

For More On Adding Wi-Fi configurations with Bushel, Click Here

April 6th, 2015

Posted In: Bushel

Tags: , , , , ,

In Apple Configurator 1.4.3, which just dropped, you can reduce the setup time for iOS devices. This is pretty helpful in Configuration Centers and when warehousing/performing thin setups of devices. To access this new feature, open Configurator and go to the Prepare screen. From there, you will have the Setup tab. Click on Setup and then in the resultant screen, you will see each of the initial screens in iOS that you can now skip.

Screen Shot 2013-12-18 at 2.46.56 PMSo put this in perspective, if you check the Location Services box and then prepare a device, even if not restoring a backup, you then won’t be prompted for whether or not you want to enable Location Services. Instead, the device will accept the default option. Nice, small new feature, that will save a lot of people a lot of time, even if not using Apple Configurator to Supervise devices.

December 18th, 2013

Posted In: iPhone, Mac OS X Server, Mass Deployment

Tags: , , , , , , ,

Out of the box a Windows Server 2012 isn’t really that helpful. But luckily, it has these things called Roles. Roles are things like Hyper-V, File Sharing, Windows Update Services, Web Server, etc. Each role then has a collection of services that it can run as well, within the Role. Roles include (borrowing from Microsoft here):

  • Active Directory Certificate Services Overview
    This content provides an overview of Active Directory Certificate Services (AD CS) in Windows Server 2012. AD CS is the server role that allows you to build a public key infrastructure (PKI) and provide public key cryptography, digital certificates, and digital signature capabilities for your organization.
  • Active Directory Domain Services Overview
    By using the Active Directory Domain Services (AD DS) server role, you can create a scalable, secure, and manageable infrastructure for user and resource management, and provide support for directory-enabled applications such as Microsoft Exchange Server.
  • Active Directory Federation Services Overview
    This topic provides an overview of Active Directory Federation Services (AD FS) in Windows Server 2012.
  • Active Directory Lightweight Directory Services Overview
    Active Directory Lightweight Directory Services (AD LDS) is a Lightweight Directory Access Protocol (LDAP) directory service that provides flexible support for directory-enabled applications, without the dependencies and domain-related restrictions of AD DS.
  • Active Directory Rights Management Services Overview
    This document provides an overview of Active Directory Rights Management Services (AD RMS) in Windows Server 2012. AD RMS is the server role that provides you with management and development tools that work with industry security technologies—including encryption, certificates, and authentication—to help organizations create reliable information protection solutions.
  • Application Server Overview
    Application Server provides an integrated environment for deploying and running custom, server-based business applications.
  • Failover Clustering Overview
    This topic describes the Failover Clustering feature and provides links to additional guidance about creating, configuring, and managing failover clusters on up to 4,000 virtual machines or up to 64 physical nodes.
  • File and Storage Services Overview
    This topic discusses the File and Storage Services server role in Windows Server 2012, including what’s new, a list of role services, and where to find evaluation and deployment information.
  • Group Policy Overview
    This topic describes the Group Policy feature in Windows Server 2012 and Windows 8. Use this topic to find the documentation resources and other technical information you need to accomplish key Group Policy tasks, new or updated functionality in this version compared to previous versions of Group Policy, and ways to automate common Group Policy tasks using Windows PowerShell.
  • Hyper-V Overview
    This topic describes the Hyper-V role in Windows Server 2012—practical uses for the role, the most significant new or updated functionality in this version compared to previous versions of Hyper-V, hardware requirements, and a list of operating systems (known as guest operating systems) supported for use in a Hyper-V virtual machine.
  • Networking Overview
    This section contains detailed information about networking products and features for the IT professional to design, deploy, and maintain Windows Server 2012.
  • Network Load Balancing Overview
    By managing two or more servers as a single virtual cluster, Network Load Balancing (NLB) enhances the availability and scalability of Internet server applications such as those used on web, FTP, firewall, proxy, virtual private network (VPN), and other mission-critical servers. This topic describes the NLB feature and provides links to additional guidance about creating, configuring, and managing NLB clusters.
  • Network Policy and Access Services Overview
    This topic provides an overview of Network Policy and Access Services in Windows Server 2012, including the specific role services of Network Policy Server (NPS), Health Registration Authority (HRA), and Host Credential Authorization Protocol (HCAP). Use the Network Policy and Access Services server role to deploy and configure Network Access Protection (NAP), secure wired and wireless access points, and RADIUS servers and proxies.
  • Print and Document Services Overview
    This is an overview of Print and Document Services, including Print Server, Distributed Scan Server, and Fax Server in Windows Server 2012.
  • Remote Desktop Services Overview
    Remote Desktop Services accelerates and extends desktop and application deployments to any device, improving remote worker efficiency, while helping to keep critical intellectual property secure and simplify regulatory compliance. Remote Desktop Services enables both a virtual desktop infrastructure (VDI) and session-based desktops, allowing users to work anywhere.
  • Security and Protection Overview
    The table on this page provides links to available information for the IT pro about security technologies and features for Windows Server 2012 and Windows 8.
  • Telemetry Overview
    Find out about Windows Feedback Forwarder—a service that enables you to automatically send feedback to Microsoft by deploying a Group Policy setting to one or more organizational units. Windows Feedback Forwarder is available on all editions of Windows Server 2012.
  • Volume Activation Overview
    This technical overview for the IT pro describes the volume activation technologies in Windows Server 2012 and how your organization can benefit from using these technologies to deploy and manage volume licenses for a medium to large number of computers.
  • Web Server (IIS) Overview
    This document introduces the Web Server (IIS) role of Windows Server 2012, describes new IIS 8 features, and links to additional Microsoft and community information about IIS.
  • Windows Deployment Services Overview
    Windows Deployment Services enables you to deploy Windows operating systems over the network, which means that you do not have to install each operating system directly from a CD or DVD.
  • Windows Server Backup Feature Overview
    This section provides an overview of the Windows Server Backup feature and lists the new features in Windows Server 2012.
  • Windows Server Update Services Overview
    Windows Server Update Services (WSUS) enables information technology administrators to deploy the latest Microsoft product updates. By using WSUS, administrators can fully manage the distribution of updates that are released through Microsoft Update to computers in their network. In Windows Server 2012, this feature is integrated with the operating system as a server role. This topic provides an overview of this server role and more information about how to deploy and maintain WSUS.
  • Windows System Resource Manager Overview
    With Windows System Resource Manager for the Windows Server 2012 operating system, you can manage server processor and memory usage with standard or custom resource policies. Managing your resources can help ensure that all the services provided by a single server are available on an equal basis or that your resources will always be available to high-priority applications, services, or users.

To add a Role is a pretty straight forward process. To get started, open Server Manager and click on the Dashboard. From the Dashboard, click on the Manage menu and click on Add Roles and Features.

Screen Shot 2013-06-04 at 3.17.44 PM

At the Add Roles and Features Wizard click on Next at the Before You Begin Screen.

Screen Shot 2013-06-04 at 3.19.47 PM

At the Installation Type screen, click on Role-based or Feature-based Installation, unless you are installing Remote Desktop Services (formerly called Terminal Services), then click on that radio button instead.

Screen Shot 2013-06-04 at 3.20.00 PM

At the Server Selection screen, click on the server you’d like to install the role on and then click on Next.

Screen Shot 2013-06-04 at 3.22.17 PM

At the Add Roles or Features screen, choose the role you’d like to install.

Screen Shot 2013-06-04 at 3.23.41 PM

If there are any requirements to use the service, you’ll then be notified that those requirements exist. I usually leave the Include management tools (if applicable) box checked the first time I install a role and click on Add Features.

Screen Shot 2013-06-04 at 3.25.52 PM

If any issues are encountered, you’ll then be alerted that there was a problem. If you’d like to correct the issue, click cancel, correct the issue and then rerun the tool. Or if you’d like to proceed anyway, click Continue.

Screen Shot 2013-06-04 at 3.27.07 PM

Back at the Server Roles screen, the box will then be checked. Click on Next. At the Features screen, you can add a feature, although in this case we won’t be doing so. Then, click Next.

Screen Shot 2013-06-04 at 3.30.43 PM

At the screen for the role you just selected, read the information, then click Next.

Screen Shot 2013-06-04 at 3.32.04 PM

At the Confirmation screen, click Install. Optionally, you can also choose whether to reboot the server when the service is finished installing.

Screen Shot 2013-06-04 at 3.37.36 PM

Once installed, click Close. Also, at this screen, you can export the configuration settings for the service for future use.

That’s it. You’ve now installed DNS services in Windows Server (or whatever service you are setting up). The services still need to be configured, but the initial install should now be complete!

June 6th, 2013

Posted In: Windows Server

Tags: , , , , , , , ,

Next Page »