CTO. Trusted technology advisor. Geek.
Deploying Windows Small Business Server 2008
August 21, 2008
My notes from today’s Microsoft Partner Program webcast…
Requirements
Requirements for primary server
| Processor | 64-bit only, 2GHz minimum, maximum of 4 physical sockets (no limit on the number of cores) |
| Memory | 4GB RAM minimum. 32GB RAM maximum. |
| OS Drive Partition | 60GB minimum. |
| DVD-ROM | Bootable from system BIOS |
| Network Adapter | 1 x 100Mbps Ethernet adapteber |
| Monitor / video adapter | Minimum 1024×768 |
| Network devices | Router that supports IPv4 NAT |
| Internet Connection | Required |
| Firewall | External firewall required |
Requirements for second server (if you’re running SBS2008 Premium Edition)
| Processor | 2GHz (can be x86 OR x64) |
| Memory | 2GB RAM minimum. 32GB RAM maximum. |
| OS Partition | 10GB minimum. 40GB recommended. |
To enable backup, you need minimum of 1 external drive (this must be a separate physical disk from any of the disks holding any of the SBS components / data).
Installation planning, and creating the Answer File
Microsoft provides a Windows Small Business Server 2008 Installation Worksheet.
The new Answer File Tools allows you to streamline the installation, and make your installations consistent. Allows options for whether to do installation attended or unattended, time zone, ewhether to install OneCare for Server and ForeFront for Exchange, fully qualified internal domain name, network settings, root certification authority name, etc. To run, Insert SBS2008 DVD1 on Windows XP or Vista and run SBSAfg.exe.
When you are MIGRATING to SBS2008, you MUST use the Answer File Tool. The tool will guide you through the process.
You can use the Answer File while doing either an OEM or Manual install. Simply load unattended.xml file onto a USB Key.
Clients must be on Windows XP Business SP2 (or higher) or Windows Vista Business / Ultimate.
Preparing the network
When you are ready to deploy, configure your network such that your router/firewall is configured as 192.168.x.1, and that your SBS2008 machine is configured as 192.168.x.2.
The “Connect to the Internet” wizard will look for a router at 192.168.x.1 and 192.168.x.254. If it finds the router, it verifies NAT functionality to make sure it can connect to the Internet. Then it configures DHCP on SBS, and requests the router to turn off DHCP. The resulting DHCP on SBS2008 is configured to be almost identical to the DHCP scope that was configured on the router.
If SBS2008 cannot automatically configure your router, you must (1) disable DHCP on your router, and (2) forward the following ports to 19.168.x.2:
- SMTP – TCP 25
- HTTP – TCP 80
- HTTPS – TCP 443
- HTTPS for SharePoint – TCP 987
- VPN – TCP 1723
- Note that port 4125 is NO LONGER NEEDED, as terminal services now goes through TS Gateway, which transfers traffic across port 443
Windows SBS installation will fail if the following conditions exist:
- The computer doesn’t have a NIC
- There is no link light
- The computer is not connected to a local router
- The computer is connected directly to the Internet and getting an Internet address instead of a local address
Windows SBS Installation – After the first phase (baseline setup) is complete
The first step that you are prompted for is to confirm that the date, time, and timezone are correct (important for server migrations).
Next, you are prompted to go online and get any critical updates. This includes any updates that they put out to improve the installation process, as well as any security or performance related patches.
The next thing that runs is the networking discovery, which will attempt to connect out through the router, try to auto-configure the network, etc. If it can’t configure the router (or if you haven’t forwarded the ports yourself), it won’t go out and get the latest updates.
Next screens prompt for information about the business (name, address, etc), the server name and internal domain name (if running with an answer file, it also prompts you for FQDN, which lets you specify an extension other than .local), and network administrator name / username / password.
You are then prompted for whether you want to install Windows Live OneCare for Server and/or Microsoft Forefront Security for Exchange Server. Both of these are 120-day trial versions.
All information you entered is then confirmed, as the server name and internal domain name cannot be changed after the installation is complete. This is not shown if you are using an unattended answer file.
Installation is then performed, and if all is successful you receive a “Successful installation” screen.
Sometimes there may be minor issues, which will be reported in an “Installation Issues” window. Each issue has a help topic associated with it to walk you through resolving the issue.
Connect to the Internet Wizard (CTIW)
Detects the presence of a DHCP server and requests that you turn it off.
Detects existing routers.
Configures the network.
Detects and Internet connection.
Internet Address Management Wizard
Launch Partners: GoDaddy, Register.com, eNomCentral.
Allows you to purchase a domain name and automatically configure DNS with the appropriate records. Keeps those records up to date over time. Also manages Dynamic DNS for your environment (if necessary) and will update your IP address at the registrar. Configures mail.domain.com, www.domain.com, and remote.domain.com.
Automatically configures: Outlook Anywehre, Exchange, Remote Web Workplace, Mobile Device connectivity, Certificates.
Configure Internet Mail Wizard
Can configure your mail to go out through a smart host, which is useful if you are on a dynamic IP address, so your email is not flagged as spam.
Move Data Wizards
By default, everything gets installed onto Drive 0. You can then move the data onto a different drive after installation. Microsoft recommends separating application and user data from the system drive, using the storage migration tools that are available after setup. RAID 1 recommended for system drive, and RAID 1 or RAID 5 for user data drive.
Backup and Storage page, Storage tab provides information about all of the drives, available space, etc.
There are a series of tasks on the right side of the screen that allow you to move the Microsoft Exchange Server data, Windows SharePoint Services data, Users’ shared data, User’s redirected documents, and Windows Update Repository data.
The interface prompts you to back up your data before it does any data moving.
Read more posts from John R. Pattison about Windows Small Business Server 2008
|
Follow comments to this post through RSS 2.0. Both comments and pings are currently closed. |
Comments are closed.
about 4 years ago
Thanks, This is a nice summary. I was hoping to find a list of recommended routers. My current SBS 2003 box was connected directly to the internet. Bummer to find out I needed a router. So I connected it to my vonage router. Worked fine after that, but what happened to using 2 nics?
about 4 years ago
Tim,
Microsoft found that very few people were actually using SBS as a router to the Internet. Most of them were using a dedicated hardware device. Ther are so many nice hardware based routers that certainly are a better choice for 95% of small businesses that would be deploying Small Business Server. I tend to use a lot of WatchGuard’s entry-line routers if I need to set up a VPN, want to have firewall-level antivirus, etc. If I just simply need a router, something like a Linksys WRT54G works out fine.
One other comment… if you get Windows Small Business Server 2008 Premium Edition, you get a second license of Windows Server to run on a separte machine. You could use that second machine to run a software-based firewall if you want.
Good luck!
about 4 years ago
hi john,
i am not clear as to why SBS requires an administrator to disable DHCP on the router.
about 4 years ago
SBS2008 has to run the DHCP server because clients need to use its DNS Servers (that’s how Active Directory resolves server roles). So if you used your router’s DHCP server, it would be telling the client computers to use the DNS servers it gets from your ISP. And you can only run one DHCP server at a time on a subnet, so the one on your router would have to be turned off.
I am not positive, but I believe that SBS2008 can automatically turn off the DHCP server on certain routers. But certainly if it can’t turn off the DHCP server for you, it will remind you to do it yourself.
about 4 years ago
Thanks so much for the prompt reply!
Makes more sense to me now…but what if I manually enter the SBS IP address to the DNS entries on the client computers.
I will still have to turn DHCP off on the router because the fix it wizards will not run later on…
Yes I also think SBS is able to switch off a router’s DHCP server.
Thanks again!
about 4 years ago
can you still use a service like open dns with sbs 2008?
about 4 years ago
Anthony,
I can’t think of any problem using Open DNS with SBS 2008. You would just need to go into the DNS management console and configure your server with the proper forwarders to relay external DNS requests through OpenDNS instead of using root hints.
Best of luck,
John R. Pattison
about 4 years ago
Hi John,
I am pulling my hair out with the connect to internet wizard in SBS 2008. Here is my problem. I connect to the internet with my Dlink 615 Router. When I run the wizard for sbs 2008 to connect to the internet it asks me to turn off my dhcp server on the router. So I login to 192.168.0.1 and turn it off. Then I run the connect to internet wizard again and it says it cannot find a router, so the only way it seems it can find it is if it is turned off? Have you ever come across this?
Thank you
about 3 years ago
I ran into that problem but it was because i also had a wireless router connected as well. Once i disconnected that it found my main router and was able to complete the connection wizard.
about 3 years ago
Trying to access the sql server data on the second server via vpn. Is there a procedure for implmenting this?
about 3 years ago
For Steve I was having the same problem. Found it was caused by AVG anti virus installed on the server.
about 3 years ago
I am deploying sbs 2008 in a old windows 2000 network and it has a unix machine on the network and it uses a 221.21.21.0 subnet and as im working thru this configuration i finding that sbs will not allow you to use any other subnet but 192.168.1.0 is there a work around for this problem.
about 3 years ago
John great site thanks. I have a question. I would like to disable DHCP server on SBS 2008 long enough to get some things configured before calling files from the old server. Is this possible? Is it a good idea? I know that I may run into problems if I try to connect the new server to the network while the old server is still running if they both try to manage DHCP.
about 3 years ago
I need help in resolving these issues: I have 2 new servers with SBS 2008 Installation package. I connected both servers to a router and each has an IP address. I used the first dvd 64 bit for the first server and used a fourth dvd which is 64 bit labelled for additional server for the second server. After the installation, the second server is not shown in the MyBusiness ……..SBSServer folder in the first server. I am unable to join the second server to the domain. I have gone through the installations instructions about SBS installation of second server at the Microsoft support links. I have read these from A-Z and followed the steps indicted. I will like someone to give me suggestion on how to resolve these problems. I have resolved DNS issue with the first server. I am using 192.168.0.1 and 192.168.0.2 as IPs. Subnet is 255.255.255.0, Gateway as 192.168.0.10
When I use nslookup, it points to the first server with its IP.
about 2 years ago
I am having problems with the new installation of SBS 2008.
There is a cisco router which is handling dhcp and external ISP dns servers. The initial “Connect to Internet” detects the router, however it cannot configure it. I already have ports passed through and the router to the server ip, but it does not detect an internet connection.
The cisco lan ip is 192.168.2.1
and the server is 192.168.2.100
If I skip the connectivity test it sets up dns starting with 127.x.x.x
Is there a workaround for this?
Am I right in assuming that the server dns should point to itself, however do I have to go into the dns mgr to manually add the isp dns?
I realize that we also need to have dhcp turned off on the cisco – which isn’t a problem.. I just want to make sure that we get the setup correct the first time around without having to go back and fiddle with settings.
Thanks,
Robert
about 2 years ago
Robert-
Sorry, but I don’t have any specific advice for you based on the information you have provided. Yes – you will need to turn off DHCP on the Cisco and put it on the server instead. And yes – the server’s DNS should point to itself. You shouldn’t have to put the ISP’s DNS server into the equation anywhere — just let Windows Server resolve DNS using route hints like it is configured to do by default. I agree with you that you should try to work through whatever problem is causing the connectivity test to fail before you move forward.
John
about 2 years ago
I am trying to install SBS2008 on an HP server using their SmartStart DVD. I found out in the middle of the install that SBS requires a router so, I purchased a Cisco E3000 router. I connected the server to the router using a cable. The router’s IP is 192.168.1.1 but, I cannot set the server to 192.168.1.2 as you suggested above because I haven’t gotten to the desktop yet. It’s giving me the “cannot find the local network” error message and I’m stuck there.
about 2 years ago
The “Connect to the Internet Wizard” is unnecessary and problematic, in my opinion. Since I’ve already configured the destination sevrver NIC with a gateway IP I’m already connected to the Internet.
The wizard then proceeds to foul the existing DHCP by shutting it down without notice on the source server. And then activating it on the destination server, but not including the DHCP exclusions apart from the destination server itself. And assigning the entire IP range for DHCP use, and assigning the destination server as the only DNS server for DHCP clients.
There must be a reason for this. Why does Microsoft feel it is necessary to deliberately hijack and sabotage an already working DHCP configuration?
about 2 years ago
Jimmy,
Unfortunately, you’re bound to create a lot of trouble for yourself if you try to work around the SBS wizards. That’s not to say it’s impossible to get SBS running without the built-in wizards, but if you do then expect to be somewhat in a constant battle with SBS, and you’re probably better off just licensing Windows Server and Exchange directly. So my advice would be to use the wizards, them reapply any customizations such as DHCP reservations etc.
John R. Pattison
about 2 years ago
Hi John and folks here,
We are a small non-profit running a Dell Poweredge T110 (4GB memory, 2.53GHz) with Win Server Standard FE SP2, SBS 2008. We were running a n older serve with SBS 2003 that had been maintained by various people with various ideas about a network. We chose not to migrate but start fresh. We were careful to follow setup, during which we realized we bought a bulldozer to do a shovel’s job. All we need is a spot to share files, add users, add computers (14 currently) and have each worker access their client machine remotely. We use google apps for email.
I’ve researched the problems we’re having and no clear answer has come forth. I’ve gone over the list here on this blog as well.
Here’s what’s happening. We have a linksys router, at 192~.1 DHCP turned off, ports 443, 987, 3389 (we didn’t install Exchange) forwarded to our SBS server at 192~.2. The router is in gateway mode and it’s set for a static IP address.
To get the clients to connect to the new domain we had to add (ourdomain).local to the dns in the TCP/IP properties and they connected no problem. None of the clients were able to get internet access until we added the router address 192~.1 to their list of DNS servers in the TCP/IP properties. There are times when the interenet zooms along, other times pages time out and won’t load. One worker brought in her laptop and it connects just fine.
Also, the clients lose their connection to the shared folder. I’ve also noticed when I log into the server using Remote Desktop, each 30 minute session the connection drops at least once if not twice but only for a few seconds.
I suspect we have DNS issues at hand. Should the client DNS servers in the TCP/IP properties only point to the server at 192~.2? When I do that I can ping the server, and the router, but not the web. What about the server TCP/IP properties? We’ve done nothing to config DHCP other than to turn it on. The DNS properties tab is… difficult to understand. We did try to add OpenDNS server to the Name Servers window using resolver1.opendns.com. I’m also reading an article on linking DNS and DHCP, and somehow, WINS (whew!).
I can’t figure out what we are missing. Some websites go over this but I find the jargon impenetrable.
Also, if someone can throw me some links on setting up staff to access their client desktops remotely that would be incredible. Using Remote Desktop is fine. We’re not worried about security as far as someone intercepting our event flyers. The accounting machine is a stand alone.
Thanks for even reading this.
cheers
-Rudy
about 1 year ago
Hello John,
Thank you for this. I am not well versed in SBS 2008 at all, and I have what maybe a simple question.
I am working with a company using SBS 2008 and a sonicwall router/firewall. The people who set up the network set up the router as the DHCP and DNS server.
I want to set up the network properly and want to use the Server as DNS and DHCP server. But every time I enable the DHCP service (on the SBS), it turns itself off–do I have to disable DHCP on the router BEFORE I enable it on the SBS?
Thank you,
dp
about 1 year ago
@dpbklyn,
Yes, you need to disable DHCP on the router before you enable it on SBS.
Best wishes,
John Pattison
about 1 year ago
I have the router configured without DHCP and ports forwarded. My old SBS server had the following network settings for the router NIC
IP: 192.168.1.2
Mask:255.255.255.0
Gateway: 192.168.1.1
DNS: 192.168.16.3 (which is the internal network address of the second NIC in the server) This works, not sure why. Is this correct?