III. Key Tasks after the Server is Installed
MAKE A BACKUP
At this time you may wish to make a full backup of the server before proceeding to the next step of moving data and installing updates. SBS 2008's native backup is imaged based and can be used to restore the server from scratch. Some people like the native SBS backup, some people prefer a third party backup. At this early state of building the server, before installing updates I'd recommend using the native backup to make a backup of the server. Add an external usb hard drive, run the sbs backup wizard. Ensure that you use an external usb hard drive of a different size than the partitions in your server as it will make determining which backup drive is the proper one easier. More information on backup can be found in this wiki post.INSTALL CERTAIN UPDATES FIRST
After install I'd recommend ensuring that Windows Server 2008 SP2 is installed on the box. After that you can manually install all of the updates after you flip the box over to Microsoft update. While you can install using WSUS, using Microsoft update is a faster way to get the box updated. Ensure you have installed update rollup 8 or later (including SP3) on Exchange to ensure that you don't have an issue where Outlook will prompt for passwords.
SPEED UP REBOOTS
To speed up the reboot process with SBS 2008, check out this
blog post - this will save you a lot of time, especially when you go into the patching phase in the next step. A similar version is also available from
this site. We recommend that you create your own GPO for this, and link it to the "Domain Controllers" OU.
INSTALL A HOTFIX TO FIX THE DEFAULT GATEWAY
Even with the install of Windows 2008 sp2, it is advisable to install a hotfix to fix an issue where the Default Gateway may disappear.
FIXING DNS
- Before running the Internet domain wizards determine if you will use the native DNS which points to root hints or will flip over to DNS forwarders. There is a known issue with the DNS in Windows 2008 where the root hints may fail in certain circumstances.
To fix this perform the following:
If you want to use root hints, you can set the maxcachettl registry value on the Windows 2008 DNS Server as follows:
a. Start Registry Editor (Regedit.exe).
b. Locate the following registry key:
&nbsnbsp; &nbp; HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
c. On the Edit menu, click New,
click DWORD (32-bit) Value , and then add the following value:
Value:
MaxCacheTtl
Data Type: DWORD
Data value: 0x2A300 (172800 in decimal = 2 days)
d. Click
OK .
e. Quit Registry Editor.
f. Restart the DNS server.
Data type Range
REG_DWORD 0x0 | 0x1 - 0xFFFFFFFF seconds Default value:0x15180 (86,400 seconds = 1 day)
You may see this behavior in Windows 2008, SBS 2008 and EBS 2008.
2. Setting DNS scavenging to ensure that Remote Web Workplace will properly work.
IE TRUSTED SITES
Using the server to browse the Internet is not recommended, However, you may need to download files from Microsoft when there is no workstation available. Add these URLs to Internet Explorer trusted sites to prevent downloads from Microsoft from being blocked:
- Start up Internet Explorer, and click Tools > Internet Options > Security tab > Trusted Sites > Sites
- Add following URLs
- download.microsoft.com
- *.download.microsoft.com
MOVE DATA AND DISABLE IIS LOGGING
- Use the move data wizards in the console to move data from the c: drive to the additional partitions you have chosen.
- If you move the location for storing user data, please turn on Shadow Copies for the volume where the files will reside. Optionally enable Access Based Enumeration for the shares
- Following the SBS blog on cleaning up excessive log files, proactively disable the WSUS IIS logging on the server. A script is available to schedule some of the cleanup from here
- You can also move the SUSDB following this blog post.
DHCP SCOPE BEST PRACTICES
- <to come>
To return to the outline of the SBS 2008 build document, click here.