Guest

Cisco Wide Area Application Services (WAAS) Software

Microsoft Windows Server on Cisco WAAS Deployment Guide

  • Viewing Options

  • PDF (713.7 KB)
  • Feedback

Overview

Cisco Wide Area Application Services (WAAS) is a comprehensive WAN optimization solution that accelerates applications over the WAN, delivers video to the branch and provides local hosting of branch IT services. This allows IT organizations to centralize applications and storage into the data center while maintaining LAN-like application performance and rapidly deliver local branch IT services while minimizing branch device footprint.
Cisco WAAS enables organizations to accomplish these primary IT objectives:

• Improve employee productivity by enhancing user experience of important business applications

• Reduce cost of branch operations by centralizing IT resources into the data center and minimizing the cost of WAN bandwidth

• Increase IT agility by reducing the time and resources required to deliver new IT services to the branch

• Simplify data protection and business continuance for regulatory compliance

Microsoft ® Windows Server on Cisco ® Wide Area Application Services (WAAS) (Windows Server on WAAS or WoW), is a jointly developed and supported program from Microsoft and Cisco to optimize branch-office IT infrastructure services delivery. WoW addresses branch-office IT delivery challenges by integrating Microsoft Windows Server and Cisco WAAS on the Cisco WAAS appliances.
With WAAS and Virtual Blades, you can centralize branch office infrastructure where possible, and consolidate services that must remain in the branch office onto the branch WAVE appliance. This allows you to minimize cost and complexity associated with the branch office I/T infrastructure, including rack space, power, cooling, and hardware maintenance and support costs.
With WoW, System Administrators can provide branch-office Windows Server infrastructure services, including Active Directory Services (ADS), Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), and print services.
To optimize the value of this solution for organizations, Cisco offers a prepackaged solution with the Windows Server 2008 Server Core image on Cisco WAAS. If you have your own Windows Server image or if you are migrating existing physical servers to a WAAS virtual blade, you can deploy your Windows Server 2003 or 2008 image on the Cisco WAAS virtual blade.
This paper provides the guidelines and best practices on the installation, configuration, management, and support process for the Windows Server on WAAS solution. You can use the virtual-blade feature to deploy other Windows and Linux branch-office services on Cisco WAAS appliances, but the configuration and support of these services are beyond the scope of this paper.

Supported Platforms

The virtual-blade feature is supported on all the Cisco Wide Area Virtualization Engines (WAVE) appliances, including WAVE 274, 474, and 574, as well as Cisco WAE-674 Wide Area Application Engine (WAE) running Cisco WAAS Release 4.1.1 and later. A virtual-blade license, in addition to the enterprise license, is required to enable the virtualization services. The WAVE platform data sheet on the Cisco website provides details about the hardware specifications available for virtualization services for each platform.

Support Structure for Microsoft Windows Server on Cisco WAAS

Table 1 provides support details for the Windows Server on WAAS solution and customer-installed Windows.

Table 1. Windows Server on WAAS Support

Item

Windows Server on WAAS

Customer-Installed Windows

Windows image

Cisco prepackaged

Customer-supplied and Installed

Windows license

Provided by Cisco

Acquired by customer; for example, Volume License Agreement (VLA)

Supported Windows Operating Systems

Windows Server 2008 Server Core, 64-bit image

Windows Server 2003 SP2, or SP3 32-bit images

Windows Server 2008 32- and 64-bit images

Supported services on Windows Server

ADS, DNS, DHCP, and print services

ADS, DNS, DHCP, and print services

Supported Cisco WAAS hardware platforms

WAVE 274 and 474

WAVE 574

WAE 674

WAVE 274 and 474

WAVE 574

WAE 674

Cisco WAAS platform and virtual-blade support

Cisco Technical Assistance Center (TAC)

Cisco TAC

Windows support

Cisco TAC: Level 1 and Level 2 support on supported services; warm handoff to Microsoft Network Operations Center (NOC) for further support

Support provided by the organization customer has Windows support agreement with, in accordance with industry-standard norms for virtualized Windows support

Deploying Microsoft Windows Server on Cisco WAAS Virtual Blade

On any supported platforms described in the previous section with required licenses, if you are running Cisco WAAS 4.1.1 or later, you can configure virtual blades to host a supported Windows Server image. This section discusses two common scenarios where an organization can install a supported Windows Server image on a Cisco WAAS virtual blade.

Note: Before configuring the virtual blade, you should complete all basic WAE configuration steps, including registration of WAE with the central manager and licenses configuration. For information about basic configuration of Cisco WAAS, please refer to the Cisco WAAS configuration guide at: http://www.cisco.com/en/US/products/ps6870/products_installation_and_configuration_guides_list.html.

Note: Both the GUI and command-line interface (CLI) are available to configure the virtual-blade services. When using the WAAS Central Manager GUI to configure, it can take up to the configured polling interval defined in the system property for the configuration changes to take effect.

Scenario 1: Cisco-Supplied Windows 2008 Server Image

In this scenario, you purchase the Cisco WAVE platforms or other virtual blade-capable Cisco WAE devices (such as the Cisco WAE-674) with Virtual Blade license and a Microsoft Windows 2008 Server license. Guest resources (disk partition, memory, and CPU) are pre-allocated and enabled by default in this scenario; the Windows 2008 Server image is preloaded in the staging area (/local1/vbs directory) on the Cisco WAAS hardware.
If you purchased a virtual blade-capable Cisco WAE device (such as the Cisco WAE-674) without WoW, the WAE device will be shipped without the guest resources pre-allocated. If you decide to add a Windows Server on these Cisco supported WAAS platforms after the initial hardware purchase, you can upgrade by using the "Microsoft Windows Server 2008 for Cisco WAAS" DVD provided by Cisco upon purchase.
You will need to add a virtual blade license as well as enable virtualization services following the directions outlined in the step: Enable virtualization services on a Cisco WAAS appliance. You should then copy the Windows Server on WAAS image using the "Microsoft Windows Server 2008 for Cisco WAAS" recovery DVD to the Cisco WAAS appliance following the steps outlined in the " Deployment Details" section before going through the steps outlined as follows.
The following lists the steps to configure the virtual blade and deploy supported Windows Server 2008 Core Services. Detailed deployment guides for each task are in the " Deployment Details" section.

1. Verify the virtualization services are enabled and Windows 2008 Server image is in the staging area.

2. Configure the virtual blade on Cisco WAAS.

3. Install Windows Server 2008.

4. Configure Windows Server 2008 for basic network functions, and enable the RDP.

5. Configure Windows Server 2008 Core Services.

a. Install and configure a Read Only Domain Controller (RODC).

b. Install and configure the DNS server role.

c. Install and configure the DHCP server role.

d. Install the Print Server role.

Note: If you need to reinstall Windows, delete the virtual blade, and then recreate it and reinstall Windows.

If you need to reinstall all of the Cisco WAAS software, reinstall the application by using the Cisco WAAS rescue CD, and then recreate the virtual blade and reinstall Windows following the steps listed previously.

Scenario 2: Customer-Supplied Windows 2003 or 2008 Server Image

This scenario describes the case of user-supplied Microsoft Windows Server image for the Cisco WAAS virtual blade.
Guest resources (disk partition, memory, and CPU) are pre-allocated on all Cisco WAVE platforms. On other virtual blade-capable Cisco WAE devices (such as the Cisco WAE-674) without WoW, guest resources need to be activated. You need to purchase a virtual-blade license, and enable the virtualization services following the steps outlined in the Enable virtualization services on a WAAS appliance subsection in the " Deployment Details" section.
You should create a virtual blade to run your own Windows image.
Detailed deployment guides for each task are in the "Deployment Details" section.

1. Upload Windows Server image to the staging area.

2. Configure the virtual blade on Cisco WAAS.

3. Install the Guest Windows Server OS image.
Connect to the Windows Server console by using a Virtual Network Computing (VNC) connection. Point to the primary IP address of the Cisco WAAS hardware and the virtual-blade number in the format of IP address: VB number. Install the Windows Server image following the standard installation process. If you use the Windows Server 2008 Server Core image, refer to the Install Windows Server 2008 section for details.

Windows activation is not automatic, so you need to activate Windows using the product key that came with your Windows Server installation DVD. If you are installing a Windows Server Core edition, which has no GUI interface, you can follow these steps to activate Windows:
a. Install your product key by executing the following command at the Windows prompt:
cscript %windir%\system32\slmgr.vbs -ipk productkey.

b. Activate Windows by executing the following command:

cscript %windir%\system32\slmgr.vbs -ato.
When installation of Windows completes, you can eject the CD or DVD (if you used a physical CD-ROM or DVD for the installation) and change the "boot from" image source. To do so, first stop the virtual blade, eject the CD or DVD from the tray, and then change the "boot from" to disk from the Virtual Blade configuration page, and then restart the virtual blade.

4. Configure basic network connectivity following the standard process. If you use the Windows Server 2008 Server Core image, refer to the Configure Windows Server 2008 for basic network functions, and then enable RDP section for details.

5. Configure core services (ADS, DNS, DHCP, and Print Services) following the standard installation process, as recommended by Microsoft. If you use the Windows Server 2008 Server Core image, refer to the Configure Windows Server 2008 Core Services, or refer to the Microsoft document at the following link for details: http://technet.microsoft.com/en-us/library/cc753802.aspx.

Note: If you need to reinstall Windows, delete the virtual blade, and then recreate it and reinstall Windows.

If you need to reinstall all of the Cisco WAAS software, reinstall the application by using the Cisco WAAS rescue CD, and then recreate the virtual blade and reinstall Windows by using your physical Windows installation DVD.

Management of Virtual Blades

You can manage the Windows Server component of the Microsoft Windows Server on Cisco WAAS solution by using commonly deployed Windows management tools, including Microsoft System Center Operations Manager tools.
The virtual blades are managed through the Cisco WAAS Central Manager GUI, or the Cisco WAE CLI interface. The Cisco WAAS Central Manager is a highly scalable tool used to manage Cisco WAAS devices deployed at the data center and branch offices from a single console. You can use the Cisco WAAS Central Manager to allocate and manage hardware resources for the virtual blades on the branch-office WoW appliances hosting the Windows Server. No additional tools are required to manage the Cisco WAAS virtual blades.
The Cisco WAAS Central Manager provides granular roles-based access control (RBAC) to isolate the duties of the windows server administrator and the network administrator to enable shared management of WoW.
Using the Cisco WAAS RBAC capability, Cisco WAAS administrators can create user(s) with a role to access only the virtualization services from the central manager GUI.
Figure 1 shows an example of a "sysadmin" role created to have read and write access to only the Actions page of the Virtualization Services.

Figure 1. Administrator-Created Sysadmin Role

When a user assigned with this role logs into the central manager, the access rights will be limited to the Virtualization tasks under the Admin drawer, with read-only access to the General Settings and Virtual Blades pages, and read and write access to the Actions Page (Figure 2).

Figure 2. Cisco WAAS Actions Page

RMA

If you need to replace Cisco WAAS hardware, you should have a backup image of the virtual blade so you can restore the virtualization services on the replacement.
You should follow the standard procedure to replace the Cisco WAAS platform to ensure that the new Cisco WAAS equipment will register to the central manager and assume the configuration of the replaced equipment.
Cisco recommends saving a backup image after complete configuration of the virtual blade. The virtual blade needs to be in "stopped" status when the image is being copied.

Back Up and Restore Virtual-Blade Image

The following CLI will back up the virtual-blade 1 image to the server as "VB1.img" file:
To restore the virtual-blade image from the FTP server, configure the virtual blade to boot from the disk (refer to the "Configure Virtual Blade on Cisco WAAS" section for other configuration details). Use the following command to copy the image to the virtual blade:

Other Deployment Considerations

Virtual-Blade Networking Interface

A virtual blade needs to be bridged to a physical interface on the Cisco WAE as part of the resource allocation. Use the following guidelines to select the proper networking resource for your virtual blade.
If an inline group is used for interception and management (IP on the inline-group), add one of the Gigabit Ethernet (GigE) interfaces as a virtual interface. If a GigE port is used for Cisco WAE appliance management with inline interception (assuming the management network is different from the client network), the virtual blade (VB) should use a separate GigE port as the virtual interface if the traffic from the virtual blade needs to be optimized. In all cases, place the virtual blade in the same subnet of the clients if traffic from the virtual blade needs to be optimized (Figure 3).

Figure 3. Virtual Blade Networking with Inline Interception

• If Web Cache Communication Protocol (WCCP) is used for interception, without generic-routing-encapsulation (GRE) return, the virtual blade must be in the same subnet as other clients if virtual-blade traffic needs to be optimized. This setup requires using a separate interface on the Cisco WAE. In this case, the virtual-blade virtual interface needs to be assigned to a separate interface, with an IP address that is on the client subnet (Figure 4).

Figure 4. Virtual Blade Networking with WCCP interception

• When WCCP interception is used with GRE return, the Cisco WAE and virtual blade can be placed in the same segment, because the WCCP return traffic will be encapsulated. This configuration is the simplest virtual-blade configuration that allows acceleration. In this case, the virtual-blade virtual interface can be assigned to the same interface that is used for WCCP interception (Figure 5).

Figure 5. Virtual Blade Networking with WCCP/GRE Return Interception

Physical-to-Virtual (P2V) Migration

Because the Microsoft Windows Server on Cisco WAAS solution offers Active Directory Services, it is usually a best practice to install a domain controller from scratch, or use an installation image that you have tested and validated. In this case common physical-to-virtual (P2V) migration methods do not apply.
The only exception to this statement is the migration of existing print queues configured on physical hardware onto the virtual blades. To migrate these queues, you can follow Microsoft's recommendation at: http://technet.microsoft.com/en-us/library/cc734757.aspx and http://technet.microsoft.com/en-us/library/cc722360.aspx for using the "Printer Migration Wizard" or the Printbrm.exe command-line tool to export print queues, printer settings, printer ports, and language monitors, and then import them on another print server that is running a Microsoft Windows Operating System. You can also use third-party tools to achieve the same results.

Migration from 2003 to 2008

Why upgrade to Windows Server 2008? Because Windows Server 2008 is a next-generation server operating system that helps IT maximize control over infrastructure, while providing exceptional availability and management that leads to a significantly more secure, reliable, and robust server environment. Windows Server 2008 builds on the success and strengths of the award-winning Windows Server 2003 Operating System, as well as on the innovations delivered in Service Pack 1 for Windows Server 2003 and Windows Server 2003 R2. However, Windows Server 2008 is far more than a refinement of preceding operating systems. It delivers exciting, valuable new functions and powerful improvements to the core operating system to help organizations of all sizes increase control and manageability, provide high availability, and have more flexibility for their changing business needs.
If you are migrating or incorporating Windows Server 2008 in your environment, you should consult Microsoft's guide "Installing and Upgrading to Windows Server 2008" at: http://technet.microsoft.com/en-us/library/cc755099.aspx.
For Windows Server 2008 Server Core installation, only a clean installation is supported.

Microsoft and Third-Party Server Management Tools

Windows administrators can manage their Windows Server 2008 Server Core with several different tools.
Administrators can manage Windows Server 2008 Server Core by connecting to the server core remotely using the Microsoft Management Console (MMC). Other management tools are Microsoft's System Center Operations Manager (SCOM) 2007 ( http://www.microsoft.com/systemcenter/operationsmanager/en/us/default.aspx) and System Center Configuration Manager (SCCM) 2007 ( http://www.microsoft.com/systemcenter/configurationmanager/en/us/default.aspx). SCOM 2007 is the end-to-end service-management product that works seamlessly with Microsoft software and applications, helping organizations increase efficiency while enabling greater control of their IT environment. SCCM 2007 is the solution to comprehensively assess, deploy, and update your servers, clients, and devices - across physical, virtual, distributed, and mobile environments. Optimized for Windows and extensible beyond, it is the best choice for gaining enhanced insight into and control over your IT systems.
You can also use third-party tools to manage Windows Server 2008 installations.

Windows Server Backup and Recovery Tools

The Windows Server Backup feature provides a basic backup and recovery solution for computers running the Windows Server 2008 Operating System. Windows Server Backup introduces new backup and recovery technology, replacing Ntbackup.exe that was available with earlier versions of the Windows Operating System. The new utility consists of a MMC snap-in and command-line tools that provide a complete solution for your day-to-day backup and recovery needs. It includes four wizards to guide you through running backups and recoveries. You can use it to back up a full server (all volumes), selected volumes, or the system state. You can use it to recover volumes, folders, files, certain applications, and the system state. And, in case of disasters such as hard disk failures, you can perform a system recovery to restore the complete system onto the new hard disk by using a full server backup and the Windows Recovery Environment. Windows system administrators can use Windows Server Backup to create and manage backups for the local computer or a remote computer.
More information about Windows backup and recovery is available at http://technet.microsoft.com/en-us/library/cc754097.aspx. For information about Windows Domain Controller Backup and Restore Strategies, refer to: http://technet.microsoft.com/en-us/library/cc770266.aspx.

Deployment Details

Enable Virtualization Services

To enable the virtual blade, from the Cisco WAAS Central Manager GUI, select the WAE from the My WAN/Managed Devices page. On the selected WAE device, from the navigation pane, choose Admin > Virtualization > General Settings, select the Enable check box, and click Submit (Figure 6).

Figure 6. Virtualization General Settings for WAE Page

Caution: You are prompted to confirm that you want to modify guest resources. You will need to reload the Cisco WAE for this modification to take effect. After the reboot the Cisco WAE will have a disk partition and other resources reserved for virtual-blade use. You will not be able to undo this change unless you restore the Cisco WAE from the rescue CD. All cached data will be lost after the reboot.

CLI Equivalent

You can enable virtualization support from the CLI by issuing this command:
wae(config)# virtual-blade enable
After reloading the Cisco WAE, verify the presence of the /vbspace GUEST mount point and virtual-blade resources by issuing the show disks details and show virtual-blade commands:
WAE# sh disks details
Mounted file systems:
WAE# sh virtual-blade
Virtual-blade resources:
VB Memory: 0MiB configured, 6144MiB available.
VB Disk space: 0GiB configured, 194GiB available.
/local1/vbs: 2656MiB used, 201142MiB available
CPU(s) assigned: 3 4
Virtual-blade(s) state:
No virtual-blades have been configured

Using Microsoft Windows Server 2008 for Cisco WAAS Recovery DVD

The Microsoft Windows Server 2008 for Cisco WAAS Recovery DVD is a single DVD that is an encrypted archive containing the Windows Server on WAAS 1.0.1.iso and the original equipment manufacturer (OEM) activation information. If you are installing the Windows Server on WAAS solution on a Cisco WAAS device that does not have the Windows Server on WAAS ISO image preinstalled, insert the Microsoft Windows Server 2008 for Cisco WAAS Recovery DVD and copy the ISO image to the WAE device with the following CLI command:
wae# copy cdrom wow-recovery / WoW_RECOVERY
This command copies the Windows Server on WAAS files to the proper directory (/local1/vbs) on the Cisco WAE.

Upload Guest OS ISO Image to Virtual-Blade Staging Area

Use the following command to copy the guest OS ISO image to the newly created virtual-blade staging area:
copy ftp disk <ftp server ip> <directory> <image.iso> /local1/vbs/<image.iso>
wae# copy ftp disk 10.0.2.4 WAAS WoW_1.0.1.iso /local1/vbs/WoW_1.0.1.iso
When the transfer completes, verify the contents of the /local1/vbs directory on the Cisco WAE:
WAE# dir /local1/vbs
Size Time of last change Name
2648248320 Tue Jul 29 17:19:44 2008 WoW_1.0.1.iso

Verify Guest Resource Allocation

To verify that the Guest Resources are enabled, from the Cisco WAAS Central Manager GUI, select the WAE from the My WAN/Managed Devices page. On the selected WAE device, from the navigation pane, choose Admin > Virtualization > General Settings, and verify that the Enable check box is selected (Figure 7).

Figure 7. Virtualization General Settings for Cisco WAE Page

From the Cisco WAE console, issue the show disks details command to verify the /vbspace directory exists, and verify the content of the local1/vbs directory on the Cisco WAE:
WAE# sh disks details
Mounted file systems:
WAE# dir /local1/vbs
Size Time of last change Name
2648248320 Tue Jul 29 17:19:44 2008 WoW_1.0.1.iso

Configure a Virtual Blade on Cisco WAAS

Note: Before configuring the virtual blade, please follow Microsoft's recommendation to determine the virtual-blade resources, including disk and memory, required for Windows Server 2003 or 2008 to properly run. Microsoft recommendations for system requirements are available on Microsoft's website. As an example, Windows Server 2008 System Requirements are available at this site:

To create a virtual blade, on the Cisco WAAS Central Manager GUI, from the navigation pane of the device, choose Admin > Virtualization > Virtual Blades. Select Create in the Virtual Blade Entries window, and the Virtual Blade configuration pane will be displayed.
First, configure the virtual-blade system parameters:

• Blade number: Enter a numeric value as the virtual blade number. The number of virtual blades supported per platform is published on the Cisco WAE data sheet.

• Boot from: Select cd-rom to boot the virtual blade from a CD image hosted on a disk or on a physical CD-ROM.

• CD image: Select "disk" to read the CD image from an ISO file on the Cisco WAAS hard drive, and type the ISO file path: /local1/vbs/WoW_1.0.1.iso. If you use the physical CD-ROM, select CD-ROM from the drop-down window and define the file path accordingly.

• Disk emulation: Choose IDE for 4.1.1 release; other options may be supported in future releases.

• Network-interface-card (NIC) emulation: Choose rt18139 for 4.1.1 release; other options may be supported in future releases.

• CPU emulation: Select qemu64 for 4.1.1 release; other options may be supported in future releases.

Next, configure the interface bridge you want to use between the virtual blade and the physical interfaces on your Cisco WAAS appliance by clicking the Add button next to the Virtual Interfaces menu. The Virtual Interface Add pane will be displayed (Figure 8).

Figure 8. Adding a Virtual Interface

Select a Cisco WAAS appliance network interface as the Bridge Interface, and generate the MAC address. Click the Add to List button to add the virtual interface to the virtual-blade interface list.

Note: Only Gigabit Ethernet or port-channel interfaces are supported as Bridge Interfaces. Refer to the Virtual-Blade Networking Interface section for more information.

Select the virtual interface by clicking its radio button on the display (Figure 9).

Figure 9. Selecting a Virtual Blade Network Interface

Submit the configuration changes. The virtual-blade configuration is completed.
Finally, start the virtual blade by selecting Admin > Virtualization > Actions; select the virtual-blade number from the drop-down menu, and then click the Start Virtual Blade button to start the virtual blade (Figure 10).

Figure 10. Starting the Virtual Blade

CLI Equivalent

The preceding GUI process can be achieved by issuing this command:
wae(config)#virtual-blade 1
wae(config-vb)#description VB1
wae(config-vb)#boot from cd-rom
wae(config-vb)#boot cd-image disk /local1/vbs/WoW_1.0.1.iso
wae(config-vb)#memory 1500
wae(config-vb)#disk 15
wae(config-vb)#interface 1 bridge gigabitEthernet 2/0
wae#virtual-blade 1 start
Use the show command to verify virtual-blade 1 configuration and state.
wae# sh virtual-blade 1
virtual-blade 1
config:
description VB1
memory 1500
disk 15
no boot fd-image
boot cd-image disk /local1/vbs/WoW_1.0.1.iso
boot from cd-rom
interface 1 bridge GigabitEthernet 2/0 mac-address 00:16:3E:6A:B0:27
device cpu qemu64
device nic rtl8139
device disk IDE
no autostart
state:
running
serial console session inactive
vnc client disconnected
current cd /local1/vbs/WoW_1.0.1.iso
current floppy [not inserted]
The virtual blade is now configured, and in running state.

Note: After a virtual blade is configured, the only resource parameters that you can change are memory and the bridged interface. To change any of these allocation parameters on a virtual blade, stop the virtual-blade process first, and then start the virtual blade after making changes.

Install Windows Server 2008 Server Core

Using the VNC Viewer, connect to the Windows Server console using the Cisco WAE primary IP address and the virtual-blade number in the format of IP address: VB number, as shown Figure 11.

Figure 11. Connecting to the Virtual Blade Console

The Windows Server 2008 Server Core guest OS installation will begin. The guest OS installation will reboot several times during the install, allowing the guest OS installation to complete. When the OS installation process completes, the administrative user can log on.
During the initial setup, select Other User at the Windows 2008 Server login. The administrative user needs to change the administrator password during the initial setup. To change the administrator password, enter the username administrator, leave the first password field blank, and enter the new password twice to confirm the change.
The Windows Server 2008 Server Core implementation loads with a command prompt.
You can verify that Windows Server 2008 is successfully activated by executing the following command at the Windows prompt:
cscript %windir%\system32\slmgr.vbs -dlv
The License Status field will read "Licensed" if activation was successful. The server is now ready for configuration.
At this point, you can eject the CD or DVD (if you used a physical CD-ROM or DVD for the installation) and change the "boot from" image source. To do so, first shut down the operating system, so the virtual blade will change status to stopped. Eject the CD or DVD from the tray, and then change the "boot from" to disk in the Virtual Blade configuration page, and then restart the virtual blade.

Configure Windows Server 2008 for Basic Network Setup

When the OS installation completes and the command prompt is presented, the server is ready for configuration. Before deploying the core services, you need to complete some basic configuration tasks. This section provides command references to configure server name, DNS resolver, time, IP connectivity, and enable RDP. Do the following to configure Windows Server 2008:

1. Rename the server.

a. From the command prompt, display the randomly generated computer name of the server with the hostname command.

b. Rename the server using the netdom command (Figure 12):

netdom renamecomputer <ComputerName> /NewName:<NewComputerName>

Figure 12. Usage of hostname and netdom Commands

2. Configure the IP address and default gateway.

a. Get the NIC index:

netsh interface ipv4 show interfaces

Verify the number in the IDX column of the local-area connection target NIC. Use this value as the <ID> field in following commands:

b. Set the static IPv4 address:

netsh interface ipv4 set address name="<ID>" source=static address=<StaticIP> mask=<SubnetMask> gateway=<DefaultGateway>
<ID> = the number in the IDX column of the local-area connection target NIC

c. Set a static DNS server address (Figure 13):

netsh interface ipv4 add dnsserver name="<ID>" address=<DNSIP> index=1

Figure 13. Obtaining the Network Card Index Number

3. Set the time and date for the system.

Bring up the Time/Date settings panel by issuing the following command:
Control timedate.cpl

4. Enable RDP access to the Windows Server (Figure 14).

This set of commands will enable RDP to the Windows Server.

Windows Command

Command Function

cscript C:\Windows\System32\
Scregedit.wsf /ar 0
Enable RDP.
cscript C:\Windows\System32\
Scregedit.wsf /ar /v
Verify RDP settings.
cscript C:\Windows\System32\
Scregedit.wsf /cs 0
Allow RDP connections from down-level RDP client.
netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
Adjust the rules in the firewall to allow RDP management.

Figure 14. Enabling RDP via the Command Line

You can now access the Windows Server through the RDP.

Configure Windows Server 2008 Core Services

Step-by-step instructions for installation of specific server roles are available on the Microsoft website at this link.
http://technet.microsoft.com/en-us/library/cc753802.aspx#bkmk_configuringservercore. Do the following to configure Windows Server 2008 Core Services:

1. Install and configure a Read Only Domain Controller (RODC).

This section provides the procedure to deploy RODC service on the Windows Server 2008 Server Core, using dcpromo in unattended mode with an answer file. More information about deploying RODC is available on the Microsoft Technet site: http://technet.microsoft.com/en-us/library/cc754629.aspx.

a. Copy the answer file.

Use the NET USE command to attach to the share that has the answer file for the unattended RODC installation:

C:\Users\administrator> net use Z: \\10.0.2.4\C$ /USER:csbu\administrator

Change the directory to where the answer.txt file is located, and copy the answer file to C:\users\administrator:

Z:\Users\Public\Documents> copy answer.txt c:\users\administrator
1 file(s) copied.
This is an example of the Answer.txt file, along with the explanation of the variables.

Unattended answer file option filed

Description

[DCINSTALL]
;Read-Only Replica DC promotion
RODC promotion
ReplicaOrNewDomain=ReadOnlyReplica
 
ReplicaDomainDNSName=csbu.local
Use the Fully Qualified Domain Name (FQDN) of the domain this server will be part of
PasswordReplicationDenied="BUILTIN\Administrators"
PasswordReplicationDenied="BUILTIN\Server Operators"
PasswordReplicationDenied="BUILTIN\Backup Operators"
PasswordReplicationDenied="BUILTIN\Account Operators"
The names of the user, group, and computer accounts whose passwords are not to be replicated to this RODC
PasswordReplicationDenied="csbu\Denied RODC Password
Replication Group"
Specify domain level user, group, and computer accounts whose passwords are not to be replicated to this RODC
PasswordReplicationAllowed="csbu\Allowed RODC Password Replication Group"
Specify domain level user, group, and computer accounts whose passwords can be replicated to this RODC
DelegatedAdmin="BUILTIN\Administrators"
The user or group account name that will install and administer the RODC
SiteName=Default-First-Site-Name
Get the site name from the windows administrator
InstallDNS=yes
ConfirmGc=yes
CreateDNSDelegation=no
 
UserName=csbu.local\administrator
The administrative account in the domain of the new domain controller
UserDomain=csbu.local
The name of the domain of the user account
Password=password
The password for the UserName account
; Run-time flags (optional)
CriticalReplicationOnly=yes
Specify whether to perform only important replication before restart. If "yes", noncritical replication occurs after dcpromo completes and system reboots
DatabasePath="%systemroot%\NTDS"
Path to the directory where the AD DS database is hosted
LogPath="%systemroot%\NTDS"
Path to the directory where the AD DS log files are hosted
SYSVOLPath="%systemroot%\SYSVOL"
Path to the directory where the AD DS log files are hosted
ReplicationSourceDC=dc-exch.csbu.local
Specify FQDN of a partner DC from which AD DS data is replicated. Used only if installing from media (IFM)
;Set SafeModeAdminPassword to the correct value prior to using the unattended file
SafeModeAdminPassword=Cisco1234p@ssword1
Used to supply the password for the offline administrator account that is used in Directory Service Restore Mode.
You cannot specify an empty password. Used only if
installing from media (IFM)
RebootOnCompletion=yes
Specifies whether to restart the computer after you install or remove AD DS regardless of whether the operation was successful.

b. Use the DCPROMO command to promote the server as a RODC:

Promote the server as a RODC:

C:\Users\administrator> dcpromo /unattend:answer.txt

The Windows Security dialog will launch; enter the password in the Windows Security dialog, and observe the progress of the DCPROMO process

Use the shutdown command to reboot the server:

C:\Users\administrator> shutdown /r /t 0

The Windows Server on the virtual blade is now set up as a RODC. To verify, use the dcdiag command to test basic connectivity of the RODC, Active Directory schema, global catalog, and DNS:

C:\Users\administrator.WAE674> dcdiag /a

2. Install and configure the DNS server role.

This section provides the procedure to install and configure the DNS server role on the Windows Server 2008 Server Core as a DNS stub server.

a. At the command prompt use the ocsetup command to install the DNS server role:

C:\Users\administrator.WAE674> start /w ocsetup DNS-Server-Core-Role

Note: Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed.

b. Configure a DNS zone at the command prompt by typing dnscmd or by remotely using the DNS MMC snap-in.

3. Install and configure the DHCP server role.

This section provides the procedure to install and configure the DHCP server role on the Windows Server 2008 Server Core.

a. Install the DHCP server role from the command prompt with the ocsetup command:

C:\Users\administrator.WAE674> start /w ocsetup DHCPServerCore

b. Configure a DHCP scope at the command prompt by using netsh, or by remotely using the DHCP snap-in from Windows Server 2008.

C:\Users\administrator.WAE674> netsh dhcp server add scope 10.10.71.0 255.255.255.0 ScopeName

c. If the DHCP server is installed in an Active Directory domain, you must authorize it in Active Directory. You can use the DHCP snap-in from a Windows Server 2008, or use the netsh command:

C:\Users\administrator.WAE674> netsh dhcp add server pod7-vb1.wae674.local 10.10.71.231

Adding server pod7-vb1.wae674.local, 10.10.71.231

Command completed successfully.

d. Configure the DHCP Server service, setting it to auto start upon boot. You can configure this service by using a remote MMC snap-in (services) or the command line.

C:\Users\administrator.WAE674> sc config dhcpserver start= auto (note the space between the equal sign and auto)

e. Start the service after configuration is completed.

C:\Users\administrator.WAE674> net start dhcpserver

Note: To uninstall the DHCP Server role, type start /w ocsetup DHCPServerCore /uninstall at the command prompt.

4. Install the Print Server role.

This section provides the procedure to install and configure the Print Server role on the Windows Server 2008 Server Core.

a. Install the Print Server role from the command line using ocsetup:

C:\Users\administrator.WAE674> start /w ocsetup Printing-ServerCore-Role

The system needs to be restarted to enable the changes.

b. Add the Line Printer Daemon (LPD) service using ocsetup:

C:\Users\administrator.WAE674> start /w ocsetup Printing-LPDPrintService

Note: At this point you must complete the remainder of the core print server configuration from the Print Management console on another Windows 2008 or Vista computer.