Small Business Server 2008 - Build Document III. Key Tasks after the Server is Installed

III. Key Tasks after the Server is Installed

div class="table-of-contents">

Table of Contents



MAKE A BACKUP

        At this time you may wish to make a full backup of the server before proceeding to the next step of moving data and installing updates.  SBS 2008's native backup is imaged based and can be used to restore the server from scratch.  Some people like the native SBS backup, some people prefer a third party  backup.  At this early state of building the server, before installing updates I'd recommend using the native backup to make a backup of the server.  Add an external usb hard drive, run the sbs backup wizard.  Ensure that you use an external usb hard drive of a different size than the partitions in your server as it will make determining which backup drive is the proper one easier.  More information on backup can be found in this wiki post.

INSTALL CERTAIN UPDATES FIRST


    After install I'd recommend ensuring that Windows Server 2008 SP2 is installed on the box.  After that you can manually install all of the updates after you flip the box over to Microsoft update.  While you can install using WSUS, using Microsoft update is a faster way to get the box updated.  Ensure you have installed update rollup 8 or later (including SP3) on Exchange to ensure that you don't have an issue where Outlook will prompt for passwords.


 SPEED UP REBOOTS

    To speed up the reboot process with SBS 2008, check out this blog post - this will save you a lot of time, especially when you go into the patching phase in the next step.  A similar version is also available from this site.  We recommend that you create your own GPO for this, and link it to the "Domain Controllers" OU.


 INSTALL A HOTFIX TO FIX THE DEFAULT GATEWAY


    Even with the install of Windows 2008 sp2, it is advisable to install a hotfix to fix an issue where the Default Gateway may disappear. 

 FIXING DNS

 

    1. Before running the Internet domain wizards determine if you will use the native DNS which points to root hints or will flip over to DNS forwarders.  There is a known issue with the DNS in Windows 2008 where the root hints may fail in certain circumstances.

                  To fix this perform the following:

                  If you want to use root hints, you can set the maxcachettl registry value on the Windows 2008 DNS Server as follows:

                       a. Start Registry Editor (Regedit.exe). 
              
                      
 b. Locate the following registry key: 
         &nbsnbsp;             &nbp;             HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters 
              
                      c. On the Edit menu, click New, click DWORD (32-bit) Value , and then add the following value: 
              
         Value: MaxCacheTtl 
                       Data Type: DWORD 
                       Data value: 0x2A300  (172800 in decimal = 2 days)

                       d. Click OK
                       e. Quit Registry Editor. 
                       f. Restart the DNS server.

                        Data type                       Range  
                        REG_DWORD 0x0 | 0x1 - 0xFFFFFFFF seconds Default value:0x15180 (86,400 seconds = 1 day)

                       You may see this behavior in Windows 2008, SBS 2008 and EBS 2008.

           2.  Setting DNS scavenging to ensure that Remote Web Workplace will properly work.

 

 IE TRUSTED SITES

 

    Using the server to browse the Internet is not recommended, However, you may need to download files from Microsoft when there is no workstation available. Add these URLs to Internet Explorer trusted sites to prevent downloads from Microsoft from being blocked:

  • Start up Internet Explorer, and click Tools > Internet Options > Security tab > Trusted Sites > Sites
  • Add following URLs
    • download.microsoft.com
    • *.download.microsoft.com

 

 MOVE DATA AND DISABLE IIS LOGGING

 

  1. Use the move data wizards in the console to move data from the c: drive to the additional partitions you have chosen. 
  2. If you move the location for storing user data, please turn on Shadow Copies for the volume where the files will reside.  Optionally enable Access Based Enumeration for the shares
  3. Following the SBS blog on cleaning up excessive log files, proactively disable the WSUS IIS logging on the server.  A script is available to schedule some of the cleanup from here
  4. You can also move the SUSDB following this blog post.

 

DHCP SCOPE BEST PRACTICES

 

  1. <to come>

To return to the outline of the SBS 2008 build document, click here.