Page 1
Standard

How to enable Remote Desktop remotely using Powershell

In Windows Server 2012, remote management is enabled by default but not Remote Desktop. To enable RDP on the server, add the target server to the Server Manager and run remote Powershell console.

On the remote Powershell console, enable remote desktop and firewall using the following cmdlets:

1) Enable Remote Desktop
set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server’-name “fDenyTSConnections” -Value 0

2) Allow incoming RDP on firewall
Enable-NetFirewallRule -DisplayGroup “Remote Desktop”

3) Enable secure RDP authentication
set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp’ -name “UserAuthentication” -Value 1

Standard

Seize the Operations Master Role

You can use the Ntdsutil.exe command-line tool to transfer and seize any operations master (also known as flexible single master operations or FSMO) role. You must use Ntdsutil.exe to seize the schema operations master, domain naming operations master, and relative ID (RID) operations master roles. When you use Ntdsutil.exe to seize an operations master role, the tool first attempts a transfer from the current role owner. If the current role owner is not available, the tool seizes the role.

When you use Ntdsutil.exe to seize an operations master role, the procedure is nearly identical for all roles. For more information about using Ntdsutil.exe, type ? at the ntdsutil: command prompt.

To seize an operations master role

  1. Open a Command Prompt as an administrator: On the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  2. At the command prompt, type ntdsutil, and then press ENTER.
  3. At the ntdsutil: prompt, type roles, and then press ENTER.
  4. At the fsmo maintenance: prompt, type connections, and then press ENTER.
  5. At the server connections: prompt, type connect to server <servername> (where <servername> is the name of the domain controller that will assume the operations master role), and then press ENTER.
  6. After you receive confirmation of the connection, type quit, and then press ENTER.
  7. Depending on the role that you want to seize, at the fsmo maintenance: prompt, type the appropriate command, and then press ENTER.

    Role Credentials Command
    Domain naming master Enterprise Admins Seize naming master
    Schema master Enterprise Admins Seize schema master
    Infrastructure master Domain Admins Seize infrastructure master
    Primary domain controller (PDC) emulator Domain Admins Seize pdc
    RID master Domain Admins Seize rid master

    The system asks for confirmation. It then attempts to transfer the role. When the transfer fails, some error information appears and the system proceeds with the seizure of the role. After the seizure of the role is complete, a list of the roles and the Lightweight Directory Access Protocol (LDAP) name of the server that currently holds each role appears.

    During seizure of the relative ID (RID) operations master role, the current role holder attempts to synchronize with its replication partners. If it cannot establish a connection with a replication partner during the seizure operation, it displays a warning and asks for confirmation that you want the seizure of the role to proceed. Click Yes to proceed.

  8. Type quit, and then press ENTER. Type quit again, and then press ENTER to exit Ntdsutil.exe.
Standard

DHCP database transfer

Login to the DHCP server with appropriate credentials

Click start – run – type cmd and press enter

DHCP1

In the command console

Type:
netsh dhcp server export c:\dhcp.txt all

Then press enter. You can change the path and filename to suit your needs.

DHCP2

You should see confirmation after a short bit

The amount of time to backup your database will be dependent upon the size. You should get a confirmation that it was completed successfully.

DHCP3

Login to your target server

Login with the appropriate credentials on your target server for importing. If you haven’t installed the DHCP role yet open the server manager console and click on Add Roles.

DHCP4

click the DHCP Server box to add the role

then click Next, then Next again

DHCP5

Make sure the correct IP is selected for binding

then click Next

DHCP6

Configure DNS

Set parent domain, Primary and Secondary DNS server IPs and click Next (in this instance the primary is the loopback for the DC that is being used as an example)

DHCP7

If WINS is in use…

click the radio button for “WINS is required…” and configure your Primary and Secondary server IPs then click Next, if you don’t use WINS, leave the default setting and click Next

DHCP8

Since we are importing a database, just click Next on this screen

DHCP9

Usually you can disable DHCPv6 stateless mode

If you aren’t sure you I can’t tell you if you need it or not so either accept the default or change it and click Next

DHCP10

You should get a confirmation message saying the install succeeded.

I wouldn’t import the database onto the new server until you have gone to your old DHCP server and either disabled the DHCP Server service, deactivated the scopes or Unauthorized it.

DHCP11

Open a command prompt on the new server

DHCP12

In the command console

type:
netsh dhcp server import c:\dhcp.txt all

Then press enter. You can change the path and filename to whatever you are using. This how to skips the step of copying the file you exported to the root of C: on the new server.

DHCP13

Authorize the DHCP server

Click Start, point to All Programs, point to Administrative Tools, and then click DHCP.

In the console tree of the DHCP snap-in, expand the new DHCP server. If there is a red arrow in the lower-right corner of the server object, the server has not yet been authorized.
Right-click the server object, and then click Authorize.
After several moments, right-click the server again, and then click Refresh. A green arrow indicates that the DHCP server is authorized.

DHCP14

Standard

Transferring FSMO Roles

Schema Master:

Go to WS 2008 R2 DC, Run below command

regsvr32 schmmgmt.dll

FSMO1

Open MMC & add Active Directory Schema

FSMO2

OK

FSMO3

Change Active Directory Domain Controller

FSMO4

Select WS2012 server

FSMO5

OK

FSMO6

Select Operational Master

FSMO7

Change

FSMO8

Yes

FSMO9

PDC, RID, Infrastructure Master:

Go to Active Directory Users & Computers in WS 2012 DC

FSMO10

Operations Masters

FSMO11

Change

FSMO12

Yes

FSMO13

OK,

FSMO14

Go to PDC

FSMO18

Change

FSMO16

Yes

FSMO17

OK

FSMO18

Go to Infrastructure

FSMO19

Change

FSMO20

Yes

FSMO21

OK

FSMO22

Domain Naming Master:

Open ADSI Edit in WS2012 DC

FSMO23

Connect To

FSMO24

OK

FSMO25

IN WS 2008 R2 Server, Go to Active directory Domains & Trusts

FSMO26

Select Operations Master

FSMO27

Change

FSMO28

Yes

FSMO29

OK

FSMO30

Close

All FSMO roles are moved to New WS2012 DC

FSMO31