Sep 192021
 
Windows Server 2022 Logo

Today, I will show you how to create an Active Directory Domain on Windows Server 2022.

This video will demonstrate and explain the process of configuring, and deploying a Windows Server 2022 instance as a Domain Controller, DNS Server, and DHCP Server and then setting up a standard user.

Check it out and feel free to leave a comment! Scroll down below for more information and details on the guide.

Who’s this guide for

This guide is perfect for a seasoned IT professional or a beginner who is looking at getting experience with installing Windows Server 2022.

What’s included in the video

In this guide I will walk you through the following:

  • Document a new Server Installation and domain
  • Promote a Windows Server 2022 Server to a Domain Controller with Active Directory
    • Installation and configuration of Microsoft Active Directory
    • Promote a server as a new domain controller
      • Overview of Forest Functional Level
      • Overview of Domain Functional Level
      • Overview of DSRM (Domain Services Restore Mode) and Password
    • Installation and configuration of DNS Role
    • Installation and configuration of DHCP Role
  • Setup and configuration of a new user account on domain
  • Creation of DHCP Scope for Network

What’s required

To get started you’ll need:

  • 1 x Server (Virtual Machine or Physical Server)
  • Microsoft Windows Server 2022 Licensing
  • A running Windows Server 2022 Instance (OSE)
  • A network router and/or firewall

Hardware/Software used in this demonstration

  • VMware vSphere
  • HPE DL360p Gen8 Server
  • Microsoft Windows Server 2022
  • pfSense Firewall
Sep 182021
 
Windows Server 2022 Logo

With the recent release of Microsoft Windows Server 2022, I felt I needed to give it a shot. Join me as I install Windows Server 2022.

These instructions are also valid for previous versions of Microsoft Windows Server.

This video will demonstrate and explain the process of installing, configuring, and deploying a Windows Server 2022 instance.

Check it out and feel free to leave a comment! Scroll down below for more information and details on the guide.

Who’s this guide for

This guide is perfect for a seasoned IT professional or a beginner who is looking at getting experience with installing Windows Server 2022.

What’s included in the video

In this guide I will walk you through the following:

  • Installing Windows Server 2022 (with Desktop Experience)
  • Document a new Server Installation
  • VMware Tools Installation
  • Configuring Network Settings
  • Computer Name Change
  • Windows Server 2022 Server Manager Overview
  • Windows Updates

What’s required

To get started you’ll need:

  • 1 x Server (Virtual Machine or Physical Server)
  • Microsoft Windows Server 2022 Licensing
  • A network router and/or firewall

Hardware/Software used in this demonstration

  • VMware vSphere
  • HPE DL360p Gen8 Server
  • Microsoft Windows Server 2022
  • pfSense Firewall
Sep 182021
 

Welcome to Episode 03 of The Tech Journal Vlog at StephenWagner.com

In this episode

Fun Stuff

  • Homelab Video Demo (https://youtu.be/oaZv2hpQKac)
  • Telus Fiber 1G Internet (for Business)
    • Sophos UTM Dual WAN Balancing
  • Synology
    • Synology Diskstation DS1621+
    • DSM 7.0
    • Synology C2 Cloud Backup

Work Update

  • VDI Consulting
    • VDI Golden Images for Non-Persistent VDI
  • DUO MFA/2FA
    • Implementations of DUO with Horizon
  • Exchange Projects
  • IT Director as a Service 🙂

Life Update

  • Back at the Gym
  • Travel is Back (Regina, Vancouver)

New Blog Posts

Current Projects

  • Synology DS1621+
  • AMD S7150 x2 MxGPU
  • NVME Storage Server Project
  • 10ZiG Thin Clients

Don’t forget to like and subscribe!
Leave a comment, feedback, or suggestions!

Sep 132021
 
Synology C2 Cloud Logo

So if you’re like me, you’ve just deployed your Synology DiskStation DSM NAS to backup to the Synology C2 Cloud (C2 Backup) or access Synology Hybrid Shares (C2 Storage).

But wait, you’re having issues with disconnections or slow speeds? It could be your firewall!

If you have an advanced firewall or an enterprise grade firewall, you’ll need to make some exceptions to avoid HTTPS scanning and interception, IPS, and other mechanisms that could be blocking traffic destined for the Synology’s C2 Cloud.

The Problem

While I wouldn’t necessarily call it a problem, your Synology NAS uses HTTPS (Port 443) to connect to Synology’s C2 Cloud. This actually makes things very easy and in most cases works off the bat with most firewalls.

When it comes to more complicated firewalls or enterprise firewalls, you may have the following technologies deployed which could be causing connection issues to the Synology C2 Cloud:

  • HTTPS Scanning
  • IPS (Intrusion Prevention System)
  • Traffic tagging and identification
  • QoS

The above technologies may either be slowing down or causing issues with communication.

The Fix

Here’s how we’ll configure the Synology C2 Firewall Exceptions!

To fix this, we need to make a few exceptions on the firewall. In my case I’m using a Sophos UTM, however using the information below you should be able to create rules for your own firewall even if the vendor is different.

First, let’s start with Synology’s C2 Cloud DNS hostnames, domains, and IP ranges. I identified these through my own troubleshooting and packet analysis:

Synology C2 Cloud DNS

  • synology.com
  • c2.synology.com
  • us.c2.synology.com

Synology C2 IP Range (CIDR Block)

  • 66.150.175.0/24

Please Note that the above are for the Synology C2 Cloud datacenter in the US region.

We’ll need to create exception rules for the above hosts, and IP range to avoid any type of traffic interception or scanning.

HTTPS Scanning Exclusion

On the Sophos UTM, I created an exception on the HTTPS Scanner to exclude any type of scanning for web (HTTP and HTTPS) traffic destined for these hosts. The entries in the exception are below:

^https?://([A-Za-z0-9.-]*\.)?synology\.com/
^https?://([A-Za-z0-9.-]*\.)?c2\.synology\.com/
^https?://([A-Za-z0-9.-]*\.)?us\.c2\.synology\.com/

I also created a Network Definition Group (called it Synology C2 Group) for the IP CIDR range, along with the DNS hostnames, and added it to the transport mode skiplist under “Skip Transparent Destination Hosts/Nets”.

IPS (Intrusion Prevention)

IPS systems can slow down traffic significantly as they scan inbound and outbound data. This shouldn’t disrupt the connection to the Synology C2 Cloud, but will slow it down.

Using the network definition created above (Synology C2 Group), we’ll go to the IPS settings and create an exception. We’ll disable all IPS features on traffic “Going to these destinations” and apply it to the “Synology C2 Group” network group definition.

QoS and other Systems

You’ll also want to make sure that if your using QoS that you configure the applicable rules to put the priority you want on the Synology C2 Cloud traffic.

After that, you should be good to go and now enjoying the Synology C2 Cloud!