03_Server_2019_PDQ_Deploy

This post comes way after the fact, but here is what happened. I was able to join my Windows 11 computer to the mylab.local domain and then I was able to find it in Active Directory. Next, I created a user in AD and then I was able to login as that user on the domain. So far so good. Now comes the hard part. After installing PDQ Deploy onto my Windows Server 2019 I tried deploying Filezilla, a simple and small program that should install without a hitch. Guess what? There was a hitch!

 So what was the problem? Well, I had to consult Gemini and it turns out the firewall was the problem. To test this I disabled the firewall on the Windows 11 machine and then deployed Filezilla successfully and then I uninstalled it successfully.

 But hey, we don't want to leave our Windows 11 defenses down! Lord knows that any Windows machine has an attack surface the size of Texas! Our solution, let's brainstorm with Google Gemini! Google Gemini helped walk me through pushing Group Policy I called GP_PDQ_Firewall_Rules which opened up ports 445 (SMB) and port 135 (RPC). After I pushed this policy I restarted the Windows 11 machine and then after it took affect I ran PDQ Deploy again and install Filezilla onto the Windows 11 machine. This time it was successful. After I installed Filezilla, I also uninstalled it and checked the Windows 11 machine. I would say that doing this a few times would help a person like me to understand how to use PDQ Deploy and configuring GPO to do different things helps to learn the GPO process, even though in my opinion, the GPO interface and process seems the least user friendly feature so far on Windows Server 2019 (YIKES!).

02_Windows_11_Domain_Join

Joining my Windows 11 computer to the mylab.local domain.

I'll be honest here, being out of the I.T. game for 10 years has left me a little out of touch with Enterprise level desktop support. Of course there is only one way to fix that, get some hands on experience! Let's dive in.

The scenario: I need to join my HP Z2 to the domain mylab.local. Of course in a Enterprise level enviroment a Windows 11 image would be pushed to the computer using methods like Microsoft Deployment Toolkit (MDT) or PDQ Smart Deploy. In this case though, I already have Windows 11 Pro installed on my HP Z2. This is generally my other main computer because it is running Windows 11, but after backing up my data, I'm going to make this computer my test subject.

It should be noted that I use Google Gemini as my go to for technology and coding related solutions. While ChatGPT is great, I have found that the Engineers at Google are very thorough when it comes to the different operatinng systems like Windows, Linux, and the BSD's. Gemini is also great at helping to solve coding related issues. So I went to Google Gemini as my tutoring buddy. What Gemini told me was that on the Windows 11 computer, I needed to make sure that I set the preferred dns in the IP4 settings is set to the IP address of the server. Ok, done!

What's next? Now we join the domain. In Windows 11: Right Click the Start Button->Settings->About->Domain or workgroup->Change. Now that is just a quick "how I got there". If I was writing an actual SOP I would go into more detail and use images. Ok, so I got the domain joined and that means we need to make sure we can see the HP Z2 in Active Directory and then we'll create a user account in AD and log into the Windows 11 computer with the new credentials.

01_Server_2019_Part_1

Setting up Windows Server 2019

I'm currently working on bring my skills up to date after a 10 year leave from the I.T. field. Here is the current setup: Windows Server 2019 Standard installed on Virtual Box on my main PC.

How did I learn how to do this? I went to youtube and found this video series here: Windows Server 2019 Beginners Video Tutorial

Why Server 2019? In applying for jobs there was one in particular that listed Server 2016/2019 experience so I went with Server 2019 since it is newer than Server 2016. I went through the first three videos in this series which covers installing Server 2019, assign the server a static IP address, change the time zone, run system updates, rename the server, and enable remote desktop. After these initial steps then I installed Active Directory Domain Service and DNS server role.

Here is what my Server 2019 install looks like after I finished it:

Click on image to enlarge it.

Image of Windows Server 2019 Local Server

I named the domain "mylab.local" to keep things simple. I didn't go any further in the video series yet as it was enough to get the basics of Server 2019 going so I can get started working with it. I plan on coming back later to work through the rest of the videos, but for now I need to get some hands on experience. Which leads us to my next post: Joining my Windows 11 computer to the domain.

00_README.md

Initializing system connection to mysyslog.com... Successful. This repository serves as the primary documentation for all my home lab experiments, network configurations, and software deployments.

[System_Specs]

  • Node: Primary Lab
  • Environment: Windows 10
  • Architecture: x86_64
  • Edition: Windows 10 IoT Enterprise LTSC
  • Version: 21H2
  • OS Build: 19044.7058

[Current_Status]

The following protocols have been successfully initialized:

  • [x] Domain migration to mysyslog.com complete.
  • [x] MIT License (v1.0.4) theme deployment verified.
  • [ ] Initial network security audit (Pending...).

[Raw_README_Source]

# > SysLog_Project

## [Project_Goal]
To document the intersection of networking and automation.

## [Hardware_Stack]
- Custom Built PC
- Raspberry Pi 4 Model B (DNS/Pi-hole)
- HP Z2 Mini Tower

## [License]
Licensed under the MIT License. See footer for details.

End of Log Entry.