An overview of the Server Manager window (click on images for full-size).
1. Rename the server
Given that the installer provides the server with a generic name, most administrators immediately rename the server to match the organization's naming convention. This is the first option on the Server Manager window, in fact.
To change your server name, click the existing name of the server. When the System Properties page appears, click the Change button. Provide a new computer name in the appropriate box and click the OK button. Note that changing the server name will require you to restart the machine.
Change the server name and domain membership
2. Join a domain
If you look back at Figure B in item 1, you'll see information regarding domain membership at the bottom of the window. In the domain box, provide your domain name. This process is identical to what it used to look like in older versions of Windows.
3. Disable Windows firewallSome organizations use host-based firewalls and some don't. If you're in the group that prefers to disable host-based firewalls, that's step three of the initial server preparation. In Figure A, you will notice that my system currently has the Windows firewall enabled for domain connections. To make a change to the Windows firewall configuration, click the Domain: On label. You will get a screen like the one shown in Figure C.
Current Windows firewall statusAt the left-hand side of the window, click the Turn Windows Firewall on or off link to make changes. Select the radio button next to Turn off Windows Firewall for each network as shown in Figure D.
Disable the firewall for each network
4. Enable Remote Desktop for remote management
There are a lot of ways to manage a Windows Server, but many administrators will install a full GUI and connect remotely to the console. It's quick and it's easy. Item four on our list is configuring this option.
First, click the Disabled link next to the Remote Desktop entry in Server Manager. When the Server Manager Remote page opens, select the radio button next to Allow remote connections to this computer.Next, you need to add users that are allowed to connect remotely to the server. By default, the currently logged in user is granted this right once you enable Remote Desktop. To add additional users, click the Add button (Figure E).
Enable and configure Remote Desktop
5. Configure the server's IP settingsIn Figure A, you'll note that this server currently has an IP address provided by DHCP. Click that entry to provide this server with a static IP address. When you do so, a list of network adapters appears (Figure F). I have only a single network adapter in my server.
This system has just one network adapter.Double-click the listed adapter to open its information page (Figure G).
The information page for the network adapter
From here, click the Properties button to open the properties page and, from there, double-click Internet Protocol version 4. Provide IP address information for the server. Note that the server I'm using is a temporary domain controller.
Configure the adapter
6. Configure Windows UpdateKeeping your server protected is of paramount importance. To get started, click Not Configured next to Windows Update. When the screen shown in Figure I appears, click the Turn On Automatic Updates button. Windows will immediately begin looking for any updates that have yet to be applied to your system. The result is shown in Figure J where you can see that Windows Update is now enabled and there are updates pending installation.
Windows Update is not currently enabled
Windows Update is enabled as there are updates waiting.You can control the time at which updates are applied. Bear in mind that some updates require a system restart. To change Windows Update settings, click the Change Settings option at the left side of the screen. This will bring up the Change Settings window, shown in Figure K.
The Change Settings windowFrom this screen, click the link entitled Updates will be automatically installed during maintenance window to open the Automatic Maintenance settings window, shown in Figure L. In this window, change the time at which automatic maintenance should take place. Note that maintenance includes processes that include updates, security scans, and other system diagnostics.
Configure the system's maintenance window
7. Disable Internet Explorer Enhanced Security Configuration
By default, Internet Explorer in Windows Server is configured with Enhanced Security enabled. Although the purpose is sound — administrators shouldn't be browsing the web from servers — when the need to do so does arise, this configuration is beyond frustrating. Many administrators simply disable this security setting in order to get their work done.In Windows Server 2012, this setting is front and center. Click the On link next to IE Enhanced Security Configuration to open the window you see in Figure M. You'll note that there are two settings: One for administrative accounts and a second for users. If you're going to disable this feature on a regular server (i.e. a server that isn't going to host Terminal Services/Remote Desktop Services), I recommend that you disable this setting for administrators, but leave it enabled for general users.
Configure IE security settings
8. Configure time zone settingsThere are a whole lot of time zones. This one is pretty easy. Click the current time zone setting to open the Date and Time configuration window shown in Figure N. From there, click the Change Time Zone button and in the resulting window, choose the appropriate time zone.
Windows Date and Time configuration
9. Install antimalware software
Although I have yet to do this for my lab server, for production, antimalware server is a must in most environments. I've had fantastic success with Microsoft Forefront Endpoint Protection. Every organization uses different tools, though.
10. Make sure the server is "enlightened"
Most new servers these days are of the virtual variety. As such, they need tools installed which provide the server operating system with drivers that match the virtual environment and enable some of the capabilities of virtualization. If you're running Windows Server 2012, the Hyper-V Tools are baked into the operating system. However, if you're running a different version of Windows Server or are using VMware, make sure to install either the Hyper-V or VMware Tools.
Install VM tools
Since 1994, Scott Lowe has been providing technology solutions to a variety of organizations. After spending 10 years in multiple CIO roles, Scott is now an independent consultant, blogger, author, owner of The 1610 Group, and a Senior IT Executive with CampusWorks, Inc. Scott is available for consulting, writing, and speaking engagements and can be reached at email@example.com.