1- Expand Forward Lookup Zones and select your external domain (xpertstec.com) On the right side imply place right-click and then select New Mail Exchange (MX).
2- So, click browse.
3- Select your DNS server > Forward lookup zones > your external domain (xpertstec.com) > select mail and then click ok.
Add Host A Record in DNS Manager Microsoft Windows Server 2012
Host A Record DNS Manager
Open DNS Manager in windows server 2012
1- Expand Forward Lookup Zones and select your external domain (xpertstec.com) On the right side imply place right-click and then select New Host (A or AAAA).
2- In the Name, field type the first name on your certificate. within the IP address field type the interior IP of your Exchange server. for instance, it is 10.0.0.24 Click Add Host
3- The host record created successfully and then click ok.
Forward Lookup Zone DNS Manager 2012, The internal DNS servers will grip a non-authoritative copy of our external namespace. In short, with the exception of a few minor tweaks to our Exchange records, we are cloning everything in our external DNS to an inside DNS server. this might only be used by our internal users.
Create Forward Lookup Zone DNS Manager 2012
1- On your active directory DNS server, open DNS ManagerRight clicks on Forward Lookup Zone and then choose New Zone.
In this article, I will discuss How to set up FTP Server on Windows. I will be able to describe the method of putting in and configuring the FTP server in Windows Server 2019.
How to install FTP Server 2019 (IIS)
1- Open the Server Manager > Left side select Dashboard option and click on Add roles and features under welcome to server manager.
2- Click next.
3- Select Role-based or feature-based installation and click on next because of the installation type.
4- Select the server from the server pool and click on next.
5- In the server roles, check the IIS web server role.
6- Click Add features required for Web Server (IIS).
7- After selecting the Web Server (IIS) role, click next.
8- On the features option page, click next.
9- Click next.
10- In the Role Services window, check the FTP server and FTP Extensibility and click next.
11- Review the confirm installation summary and click install.
12- Server role installation installed successfully. Click close.
Step by step, create FTP users and groups to access an FTP server in 2019
1- Create a replacement user to access the FTP server > open Server Manager > select tools and click on Computer Management.
2- Under computer management > Expand Local Users and Groups > select Users > right-click and select New User.
3- Type user name, Description, and Password, select Password never expires, and click create.
4- Now, a new user has been created.
How to Create a replacement Group for local users and computers.
1- After creating a user,> Now right-click on Groups under Users and Groups and click new group.
2- In the Group Name field, type the group’s name> a Description and click the Add button to add a user.
3- Enter a character under the object names to select field > click Check Names If Windows users exist > then click Ok.
4- After the user is added > Select Create button to create a group.
Step by step Creates an FTP site in the IIS Manager server 2019.
1- Open IIS Manager > select Tools and Internet Information Service (IIS) Manager.
2- Expand your FTP server, right-click Sites, and Add FTP Site.
3- Enter the FTP site name and path to the directory and click next.
4- type your IP address in the IP Address field, Port, for encryption, select No SSL and click next.
5- Under Authorization, select Basic > Specified roles or groups > type your FTP group name for users > choose read and write permissions and click Finish.
6- Now, my website is showing in the tree structure of the Windows web server.
How to add FTP virtual directory and add permission
1- Open This PC > open Local Disk (C) > open FTP directory > right-click, select New and click Folder to create a subdirectory.
2- Type a subdirectory name and press enter.
3- Right-click on your FTP site and select Add Virtual Directory.
4- In the Alias field, type a name and select … to add the user directory path,
5- Expand Local Drive (C) > FTP directory > select the subdirectory the one you have created and click ok.
6- After adding a virtual directory path, click ok.
7- To configure permissions in IIS Manager > right-click on a subdirectory (for example, Jamil) and select edit Permission.
8- Click on the Security tab and click the Advanced button.
9- Under advanced security settings and click the Disable inheritance button.
10- Select convert inherited permissions into explicit permission on the object.
11- After enabling inheritance, click ok.
12- Go back to the Security tab and click on the Edit button.
13- Select the Users group in which all users are located and click the Remove button. After removing all users, only the directory owner has access to it.
14- We need to add a Windows user with full access to the directory. Click the Add button.
15- Type the username of the virtual directory > click Check Names and click Ok.
16- Next, we need to permit complete control of the guide> Select the created user, check all fields Allow (Permissions), and click ok.
17- Click Ok.
How to set up FTP User Isolation
1- Now, we need to set up an isolation FTP For each user to get to their directory and not have access to other files after connecting to the server and selecting FTP User Isolation.
2- Select the user name directory and click Apply under the Action menu.
How to allow FTP port in windows firewall
You need to configure the firewall for an external connection to the FTP server.
1- Open Server Manager > select Tools and Windows Defender Firewall with Advanced Security.
2- Select Inbound Rules and a particular New Rule under the Action menu.
3- Select Predefined, select FTP Server from the drop-down list and click next.
4- Check all the predefined rules and click next.
5- Select Allow the connection, and click Finish. For these rules to take effect and restart the server.
How to Access an FTP Server in Windows Explorer and Internet Explorer
You can set up an FTP server in many ways, for example, through the standard Windows utility, Explorer, or the FileZilla program.
1- I am connecting through Windows Explorer. Type FTP address in the address bar and press enter: For example, (my FTP server address is – ftp://10.0.0.50)
2- Type user name, Password, check the save password box, and click Log On.
3- You will see the contents of the FTP server folder.
4- Now, I am connecting through Internet Explorer. Type FTP address in the address bar and press enter: For example, (my FTP server address is – ftp://10.0.0.50).
Type a user name, Password and click Log On.
5- You will see the contents of the FTP server folder.
How to map an FTP network location or a web share location in File Explorer.
1- Open This PC in Windows Explorer, and select Add a network locationto open the Add Network Location Wizard.
2- Click Next.
3- Select Choose a custom network location and click on Next.
4- Type your FTP address (Ex. ftp://10.0.0.50) and click next.
5- Uncheck Log on anonymously, type your user name provided as your FTP login credentials, and then click next.
6- Type a name for the Network location and click Finish.
7- Check the box Open this network location when I click Finish.
8- Type your Password in the password field, click on Save Password and click Log On to test your connection. This is the second last step in FTP setup.
9- After setting up FTP Server, you can see the FTP folder.
I think I did my best to Provide valuable information to you about How to set up FTP Server on Windows Server. I assure you that if you read this article entirely, You will be able to set up FTP on Windows Server.
1- Open Active Directory Users and Computers > right-click Users > select New and select User.
2- Type first name and last name and then a user logon name for the individual and click next.
3- Type Password and Confirm Password, I selected Password never expired or you can choose any of these options click Next.
4- Click finish.
5- Right-click on the newly created user and select properties. (here is the description of the user, their office, their telephone number, their email, their address information, etc.
Copy Users
6- To copy the user account right-click on it and select Copy.
7- type first name > Last name > user logon name and click next.
8- Type Password and Confirm Password, I selected Password never expired or you can choose any of these options click next.
9- Click Finish.
10- To delete a user account right-click on it and select delete.
Create an Active Directory Global Security Group
11- OpenActive Directory Users and Computers. Expand your local domain > Right-click on users > select New and then select Group.
12- Type the name of the new group. Use a reputation that you simply can easily accompany the role or service that you’re creating.
In the Group scope option, select Global. In Group type, choose Security.
Click OK.
Repeat steps for all remaining groups.
13- How to Create an Active Directory Global Security Group with PowerShell
Open
PowerShell with administrative privileges.
We can create a security group with actual values replaced. Here I’m creating the IT Group.
New-ADGroup “IT” -GroupScope Global -GroupCategory Security
By default, the security groups is going to be created in Users field.
After creating a security group you can add members to a security group. I am adding (user and user2) Add-ADGroupMember “IT” -Members user,user2
For more information on how to create users and groups in windows server 2019
1- Open Server Manager and select the Dashboard and select the Tools tab and click Active Directory Users and Computers To create OU in ADctive Directory.
2- In the Active Directory Users and Computers window right click on your Domain. (My domain name is xpertstec.local). So click new and then select the Organizational Unit.
3- Type OU name in the name box. Select protect the container from accidental deletion and then click on OK.
4- So you can see that the OU (Sales) is created.
Creating OUs in an Active Directory with PowerShell
5- You can create new ou in the Active Directory with PowerShell command. So the below command will create an OU named “Account” in the Domain Controller.
New-ADOrganizationalUnit “Account”
6- If you want a different OU LDAP path, specify its distinguished name using the –Pathcmdlet parameter.
In this blog, I will solve active directory domain configuration error “Verification of prerequisites” for Domain Controller promotion failed…..
Verification of prerequisites
1- In the Server Manager dashboard and select the tools tab and then choose Computer Management.
2- Under the Computer management expands Local Users and Groups. So select Users and right click on the administrator account and then select Set Password.
3- So click on Proceed.
4- Then type the administrator account password and click ok and ok.
5- Now open the windows PowerShell
Type cd\ press enter
and then type net user administrator /passwordreq:yes and hit enter.
The command completed successfully.
6- Now click on Rerun perquisites check.
7- All prerequisite checks passed successfully and click Install.
Active Directory Migration – In this blog, we’ll move the roles on our Server2008 (Windows Server 2008 R2 SP1) AD server to Server2019 (new Windows Server 2019 Standard).
Before proceeding to migrate an Active Directory from Windows Server 2008 R2 to Windows Server 2019, you want to first install Windows Server 2019 on a replacement machine which can then be promoted to Active Directory Server 2019.
The next step is to configure the IP and the DNS Addresses on the new server.
Windows Server 2008
R2
Windows Server 2019
Computer Name: Server2008 Server2019
Domain Name:
xpertstec.local
IP Address (Static): 10.0.0.20
10.0.0.22
Subnet Mask:
255.255.255.0 255.255.255.0
Default Gateway: 10.0.0.1 10.0.0.1
Preferred DNS Server: 10.0.0.20 10.0.0.20
Active Directory Migration 2008
1- First, let’s have a glance at my environment. we have a domain controller xpertstec.local which is installed on Windows Server 2008 R2.
Raise the Forest Functional Levels and Domain Functional Levels in Windows Server 2008 R2.
2- Click Start and select Administrative Tools and then Active Directory Domains and Trusts.
3- Right click on Active Directory Domains and Trusts and choose Raise Forest Functional Level.
4- Select an available forest functional level “Windows Server 2008 R2 and click Raise.
5- Now click on OK.
6- The forest functional level was raised successfully so click on ok.
Now Raising the Function Level of the Domain
7- Right click on the Domain name (xpertstec.local) and click Raise Domain Functional Level.
8- It has already got raised the Domain Functional Level to Windows Server 2008 R2 so click on close.
9- Now type the Netdom query fsmo command to check which server has installed FSMO roles.
10- DNS Manager.
Active Directory Migration Steps
Join Windows Server 2019 to an Active Directory Domain.
How to Join Windows Server 2019 to an Active Directory Domain, Click here
Now sign in Windows Server 2019 with the domain administrator account.
Create Additional Domain Controller (ADC) In Windows Server 2019
How to Create Additional Domain Controller (ADC) In Windows Server 2019 so Click here
11- Now have a look at my active directory Domain Controllers Server2008. We can now see that our server Server2019 is in the domain role.
Transferring the Flexible Single
Master Operations (FSMO) Role
I have a Windows Server 2008 Domain Controller (server2008) and have a further Windows Server 2019 domain controller (Server2019). To finish the migration. We’d like to transfer 5 FSMO roles to the new domain controller.
Schema Master
Domain Naming Master
PDC
RID pool manager
Infrastructure Master
12- To find which server is currently holding FSMO then run the following command. netdom query fsmo
The FSMO roles are currently with the Windows Server 2008 R2 Active Directory domain controller (server2008)
Using Active Directory Schema snap-in to transfer the Schema Master role 13- Open Command Prompt in administrative mode and type regsvr32 schmmgmt.dll and then click on ok.
Operations Master Roles Tranfer
14- On the Server2019 server, open Active Directory Users and Computers, right click domain xpertstec.local and then click Operations Masters.
15- On the Operations Masters, Select the RID tab and select the Change button.
16- Now click Yes.
17- The operations master role was successfully transferred so click ok.
18- Now you can verify that Operation master now transferred to our new Server Server2019.xpertstec.local
19- On the Operations Masters, select the PDC tab and then click the change button.
20- Now click Yes.
21- The operations master role was successfully transferred, then click ok.
22- Now you can verify that Operation master now transferred to our new Server Server2019.xpertstec.local
23- On the Operations Masters, select the Infrastructure tab and click on change button.
24- Then click Yes.
25- The operations master role was successfully transferred, then click ok.
26- Now you can verify that Operation master now transferred to our new Server Server2019.xpertstec.local
27- Open Server Manager and select Tools and then click Active Directory Domains and Trusts.
28- Right click on Active Directory Domains and Trusts and then select change active directory domain controller.
29- Select this Domain Controller or AD LDS Instance and click on the domain controller that you want to be the schema master role and then click ok.
Transfer Domain Master Role
30- Right click Active Directory Domains and Trusts and then select Operations Master.
31- Now click on Change
32- then click Yes.
33- The operations master was successfully transferred then click ok.
34- Confirmed the domain naming operation master role and click on Close.
35- Now we need to move our Schema Master role, so we need to register the schmmgmt.dll open command prompt and run the command below.
Regsvr32.exe C: \ windows \ system32 \ schmmgmt.dll
The process was completed successfully so click on ok.
36- Open Microsoft Management Console mmc type mmc and then hit enter.
Console
37- Select the File tab and then select Add/Remove Snap-in.
38- From the left side, under Available Snap-ins, Select Active Directory Schema, click Add button and then click ok.
39- Right click Active Directory Schema, and then select Change Active Directory Domain Controller.
40- Select this Domain Controller or AD LDS Instance, click on the domain controller that you want to be the schema master role and then click on ok.
41- Now click OK.
42- In the console1, right click Active Directory Schema (Server2019.xpertstec.local) and then select Operations Master.
43- Select the Change button.
44- then click Yes.
45- The active directory schema Operations Master successfully transferred then click ok.
46- Now confirm your current schema master which is Server2019 and then click Close.
47- Now run the Netdom query fsmo command, so we can now see that our roles have been moved to our Windows Server 2019 Additional Domain Controller.
48- Now change the DNS address of our additional Domain Controller server to be the IP address of our Windows Server 2019 Domain Controller server.
After completing Active Directory Migration, Now the ultimate step is to get rid of (uninstalling) server2008 Active Directory domain controller.
Remove Active Directory Domain Controller 2008
49- Open command prompt Type dcpromo and then hit Enter.
50- Click Next.
51- The Active Directory domain controller has the global catalog service, make sure your primary DC also has the service enabled and click on ok.
52- Confirmed that the delete this domain, because this server is the last domain controller in the domain, is UNCHECKED and then click next.
53- Type a password for the new Administrator account on this server and click next.
54- Review the remove active directory domain services Summary and click Next.
55- Check the Reboot on completion box to restart the server after the service has been removed
56- After rebooting server2008 DC. Now log in with the local administrator account and then open Server Manager.
57- In Server Manager click Roles under Roles Summary and click Remove Roles.
This blog, we will configure a basic 2-node cluster (Share Quorum Failover Cluster Configuring), where we have two servers (SRV2019-1 and SRV2019-2) running Windows Server 2019 and a Windows Server 2019 Domain controller (SRV2019-DC). It also assumes that SRV2019-1 and SRV2019-2 will communicate with each other over two network connections; I have labeled Primary and Cluster.
Add the Failover Clustering feature on both of the servers you need to add to the cluster.
Open the Server Manager Dashboard and choose Add roles and features.
1- User the Following PowerShell command to enable failover clustering and management Toole Node1 (SRV2019-1)
11- Failover cluster installation completed and then click Close.
After enabling the Failover Cluster on both servers (SRV2019-1 and SRV2019-2), on your SRV2019-1
Share Quorum Failover Cluster Validate Configuring
12- Open server manager, select tools and then select Failover Cluster Manager.
13- After opening Failover Cluster Manager under the action menu click on Validate Configuration.
14- Validate a Configuration Wizard open and then click next.
15- Select Servers or Cluster options and click the Browse button.
16- Select the servers you want to cluster so, in my setup I selected (SRV2019-1 and SRV2019-2).
17- After selecting Servers, click on next.
18- Select Run all tests (recommended) and then click next.
19- Cluster validate confirmation so click next.
20- Now default Running Process.
21- Summary options, so click View Report.
22- Click close and then click Finish.
Failover Cluster Configuration
23- Once Validation completed, Select Create Cluster.
24- Click Next.
25- Click the Browse button.
26- Type both node names and click check names and then click ok.
27- After selecting nodes so click next.
28- Type your cluster name in the cluster name box (XTCLUSTER) and pick an IP address that will be associated with this name in DNS. This name is to manage your cluster Once you create this access point a new computer object will be created in AD with this name and a DNS A record will be created with this name and IP address and click next.
29- On the confirmation screen you’ll see the name of the cluster and two nodes and IP address you chose and uncheck Add all eligible storage to the cluster and then click on next.
30- You have successfully completed the create cluster wizard, now click View Report to check out any warnings.
31- There may be some warnings. In my case, the warnings are probably related to the quorum configuration.
We have no shared storage; we’ll not be employing a Node and Disk Majority quorum as suggested. Instead, we’ll use and Node and File Share Majority quorum.
A File Share Witness (Share Quorum Failover Cluster Configuring) must be configured on a server that’s not a part of the cluster. A file share witness may be a basic file share that the cluster computer name (XTCLUSTER in my step) has read/write access. I’m getting to create a file share on my SRV2019-DC and provides XTCLUSTER read/write access thereto.
Share Disk Configuration
32- Open server manager in SRV2019-DC, Left side select file and storage services and select shares under volume click tasks and then click New Share.
33- Select share profile (SMB share quick) and then click next.
34- Share Location, select by volume and then click Next.
35- Type a share name, share descriptions and then click next.
36- Under other settings, uncheck Allow caching of share and click Next.
37- In Permissions options select customize permissions.
38- Advanced Security Settings for FSW, click Add button.
39- Click on select a principal.
40- Select Object Types.
41- Check Computers under object types and click next.
42- Type your cluster name in my case (XTCLUSTER) click check names and click ok.
43- Under Basic permissions, check Modify box and click ok.
44- Select the Share tab and click the Add button.
45- Click Select a principal.
46- Select Object Types.
47- Check the computers box and click ok.
48- Type your Cluster name, click check names and click ok.
49- Under Permissions, check change and click ok
50- Click Apply and click ok.
51- Click Next.
52- Read the confirmation summary and click Create.
53- The share was successfully created, click Close.
54- Now the file share created on SRV2019-DC, Go back to your SRV2019-1 right-click XTCLUSTER.xpertstec.local and Select More Actions and select configure cluster quorum settings.
Configure Cluster Quorum Settings
55- Configure Cluster Quorum Wizard windows will pop up, click next.
56- Select the quorum witness option and click on next.
57- Select configure a file share witness options and click on next.
58- Click the Browse button.
59- Type FWS name and click the Browse button.
60- Type quorum shared server name, click check names, click ok and ok again.
61- Click Next.
62- Click Next.
63- Review the cluster summary and click Finish.
64- Now Current Host Server Node1 is SRV2019-1.
65- After testing Current Host Server Node2 is SRV2019-2.
High availability is one of the main key points to supply continued services. In lately, everyone wants the specified services on-demand. Organizations use different technologies and solutions to supply high availability and redundancy. Network Load Balancing (NLB) is one of the foremost popular high availability and redundancy features utilized in Windows Server 2019 based networks.
Setup Details.
SRV2019-DC
IP Address: 10.0.0.20
SRV2019-1
NLB
Node1
IP Address: 10.0.0.30
SRV2019-2
NLB
Node2
IP Address: 10.0.0.40
NLB IP Address 10.0.0.100
Installing the Network Load Balancing Feature on NLB nodes (SRV2019-1, SRV2019-2)
1- Install using power shell command or follow the below steps to enable NLB.
3- On SRV2019-1 Open server manager and then select Add roles and features.
4- Then click Next
5- Click Next.
6- Select SRV2019-1 from the server pool and then click Next.
7- Check the WEB Server (IIS) roles box.
8- Click Add feature.
9- After selecting the Web Server (IIS) server role so click next.
10- Check the Network Load Balancing box.
11- Click Add features.
12- After selecting the Network Load Balancing feature so click next.
13- Click Next.
14- Click Next.
15- Click Install.
Configuring Network Load Balancing in Windows Server 2019 After installing the Network Load Balancing feature on all the participating NLB nodes, the subsequent step is to configure Network Load Balancing. For this, you would like to perform the subsequent steps.
Create a New Cluster
16- On the Server Manager console of the SRV2019-1 NLB node, click Tools and then choose Network Load Balancing Manager.
17- Right-click Network Load Balancing Clustering and then choose New Cluster.
18- On the New Cluster: Connect panel, type SRV2019-1.xpertstec.local (or IP Address) in the Host field then click Connect. Verify that the Interface name is listed then click next.
19- On the New Cluster, set the priority (unique host identifier) value 1. This NLB node will reply to the clients’ queries, first, also ensure that the default status has set as Started and click next.
20- Click the Add button to add a new Cluster IP address.
Note: The Cluster IP address is that the new virtual IP address on which the host service, during this case, IIS will run.
21- Type Cluster IP Address such as 10.0.0.100 and click ok.
22- Then click Next.
23- Select a cluster operation mode, Unicast and then click next.
24- So click Finish.
25- Wait until the SRV2019-1 NLB node is added successfully. The Icon Color of the added NLB node should be green.
Network Load Balancing add the host to a cluster
26- Right-click on Cluster name and then select Add Host to Cluster.
27- Connect dialog box, type SRV2019-2, and then click Connect to add one more NLB node.
Important: If you get the Host unreachable error while connecting SRV2019-2 as the NLB node, move on to SRV2019-2 and open the Network Load Balancing Manager console. Repeat the same steps as you used to add the DC1 NLB node.
28- On the Add Host to Cluster: Host Parameters dialog box, set the priority value as 2 and proceed to next.
29- Click Finish.
30- Finally, verify that the second NLB node SRV2019-1 is added successfully.
Configuring Default Website to Test the
NLB Configuration
To test the NLB cluster, use an NLB-Aware application like the IIS service role with the Cluster IP address. Hence, we’ll use the Default Website on NLB node1 (SRV2019-1) and NLB node2 (SRV2019-2). the web site is going to be mapped with the cluster IP address “10.0.0.100”. To do so, first, you would like to perform the subsequent steps on SRV2019-1 (NLB node1).
31-Open
the Internet Information Services (IIS) Manager console.
Expand the Sites node, select and right-click the Default internet site.
Select Add the Virtual Directory
32- In the Alias box, type a name. In the Physical path box, type \\SRV2019-1\C$\Intetpub\wwwroot\ and click ok.
We need to add the same shared directory on both the NLB nodes so the same content can be displayed when an NLB node from the configured NLB cluster is failed.
33- Double-click Directory Browsing.
34- Click Enable.
35- Right-click Default Web Site, select Manage Website and then select Restart.
36- Close the web Information Services (IIS) Manager window.
Repeat the same steps to activate the Default Website on SRV2019-2 NLB node.
Optionally, if you would like to access the web site through the hostname like www.xpertstec.local, add the www DNS host record with the ten .0.0.100 IP address.
Verifying Network Load Balancing Configuration
To verify that your NLB Cluster is configured successfully and functioning properly, perform the subsequent steps.
37- Type 10.0.0.100 within the Internet Explorer and verify that you simply are ready to access the Default Webs
Close Internet Explorer. On the SRV2019-1 node.
38- open the Network Load Balancing Manager window, select and right-click SRV2019-1(Ethernet), select Control Host and then select Stop to stop this node temporarily.
39- Switch back to SRV2019-DC and try again to open the Default Website. the Default Website should still be displayed. However, this time, the SRV2019-2 NLB node will serve the Website.
