部署新的Windows Server 2016/2012

1、激活Windows 2016:

class="lang:default decode:true">slmgr.vbs -upk
slmgr.vbs -ipk CB7KF-BWN84-R7R2Y-793K2-8XDDG
slmgr.vbs -skms 10.20.0.201
slmgr.vbs -ato
slmgr.vbs -dlv

2、激活Windows 2012:

slmgr.vbs -upk
slmgr.vbs -ipk W3GGN-FT8W3-Y4M27-J84CP-Q3VJ9
slmgr.vbs -skms 10.20.0.201
slmgr.vbs -ato
slmgr.vbs -dlv

3、安装.net 3.5

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU' -Name UseWUServer -Value 0
Restart-Service -Name wuauserv

Install-WindowsFeature Net-Framework-Core -source E:\sources\sxs

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU' -Name UseWUServer -Value 1
Restart-Service -Name wuauserv

get-windowsfeature power*
Install-WindowsFeature PowerShell-V2 -source E:\sources\sxs

4、安装IIS:

Install-WindowsFeature Web-server
Install-WindowsFeature Web-Cert-Auth , Web-IP-Security, Web-Url-Auth, Web-Windows-Auth, Web-Basic-Auth, Web-CertProvider, Web-Client-Auth,  Web-Digest-Auth,   Web-Http-Redirect

Install-WindowsFeature  Web-ODBC-Logging,  Web-Http-Tracing, Web-Request-Monitor, Web-Log-Libraries, Web-Custom-Logging, Web-App-Dev, Web-Net-Ext, Web-Net-Ext45, Web-ASP, Web-Asp-Net, Web-Asp-Net45
Install-WindowsFeature  Web-CGI, Web-ISAPI-Ext, Web-ISAPI-Filter,Web-WebSockets, Web-Includes, Web-AppInit, Web-Ftp-Server, Web-Ftp-Service, Web-Ftp-Ext, Web-Mgmt-Tools
Install-WindowsFeature  Web-Mgmt-Console, Web-Mgmt-Compat, Web-Metabase, Web-WMI, Web-Lgcy-Mgmt-Console, Web-Lgcy-Scripting, Web-Scripting-Tools, Web-Mgmt-Service, Web-Application-Proxy, Web-WHC, WebDAV-Redirector
Install-WindowsFeature Web-Dyn-Compression, Web-DAV-Publishing

Install-WindowsFeature Web-Mgmt-Compat, Web-Metabase, Web-WMI, Web-Lgcy-Mgmt-Console, Web-Lgcy-Scripting
Install-WindowsFeature  Web-Scripting-Tools, Web-Mgmt-Service, Web-Application-Proxy, Web-WHC

5、配置防火墙:

netsh advfirewall firewall add rule name="SQL Server TCP:1433" dir=in localport=1433 protocol=TCP action=allow
netsh advfirewall set allprofiles state on

Remove-NetFirewallRule -DisplayName "Sogou Pinyin Service"
Remove-NetFirewallRule -DisplayName "QQBrowserLiveup"
Remove-NetFirewallRule -DisplayName "QQBrowserBugReport"


netsh firewall set logging  %systemroot%system32LogFilesFirewallpfirewall.log 4096 ENABLE

6、配置RDP

set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -Value 0
set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 0

Get-NetFirewallRule -Name RemoteDesktop* | select DisplayName,Direction,Enabled
Get-NetFirewallRule -Name RemoteDesktop* | Set-NetFirewallRule -Enabled true

Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
Enable-NetFirewallRule -DisplayGroup "远程桌面"
Enable-NetFirewallRule -DisplayName "远程桌面 - 用户模式(TCP-In)"

netsh advfirewall firewall add rule name="allow RemoteDesktop" dir=in protocol=TCP localport=3389 action=allow

测试RDP:
PS C:\Users\Administrator> Test-NetConnection 10.20.0.208 -CommonTCPPort rdp

ComputerName : 10.20.0.208
RemoteAddress : 10.20.0.208
RemotePort : 3389
InterfaceAlias : Ethernet0
SourceAddress : 10.20.0.202
PingSucceeded : True
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded : True

7、配置NTP

w32tm /config /manualpeerlist:192.168.89.200 /syncfromflags:MANUAL
Stop-Service w32time
Start-Service w32time
w32tm /resync
w32tm /query /status
点赞

发表评论

电子邮件地址不会被公开。必填项已用 * 标注