You can actually run the eval for 3 years. If the number of days the license expires is getting shorter, you can reset the evaluation version of Windows Server 2022 6 times by starting the command prompt or PowerShell at any time and using the “slmgr -rearm” command. It is recommended to execute the “slmgr -rearm” command in an Internet connection environment. If you run it in an internet connection, the license extension period will be reset to 180 days. ※If executed in an offline environment, it will be extended for 10 days.
@@christianlempa You can rearm the license 4 times, so an evaluation server can be used for 2 1/2 years. I did that for almost 20 years with my servers. It's a pain when you have to reinstall everything after 2 1/2 years, but practice makes perfect...
Thanks! It's a great suggestion, and I will explore some interesting topics about Ansible in Windows Server. I guess there is much more that can be usefully automated. Could be a part3 video? :D
You should definitely change the default paths for SysVol on the DC. You don't want your OS drive getting full or somehow corrupting your AD data. A small 25 GB data drive is usually fine for labs.
Totally correct - for production. During promotion it is recommended (but not necessary) to change the default paths, to something like: - config of Active Directory Database Folder - D: -> 100 GB -> ‘D:\Windows\NTDS’ - config of Active Directory SYSVOL Folder - D: -> 100 GB -> ‘D:\Windows\SYSVOL’ - config of Active Directory Databse Log Files - E -> 100 GB -> ‘E:\Windows\NTDS' Having the NTDS.DIT on a separate drive allows some flexibility as well. Provisioning the OS and the DB/Sysvol/DB Log Files on separate virtual disks (if we are working with VMs) and those virtual disks is also recommended to be on separate storage LUNs. Those are general best practices, which are not necessary for functionality. But when you hit a performance issue or need restore - they come in handy. Cool video tough! We need more such videos because most of what (at least most of what I see) is coding videos, but not much infrastructure ;(.
Fully unnecessary. Drive space is ridiculously cheap, and if you can't provision enough space for your OS drive to not fill it up, you shouldn't be managing servers in the first place.
Hi man you are amazing you make the most beautiful topics about IT i suggest to make a complete playlist about active directory and go in depth like that you will be a reference to learn windows server i am pretty sure you will high rated because you are already one of the best guys who make IT content please make a Playlist About windows server thanks again for you time i know is not easy but i would not ask you to make a Playlist if i didn't see you that you are in the top 5 ❤️💎
Coming from the Unix/Linux side the WinSrv 2003 wasn’t a great experience. (My first Ms product to play with was MsDOS 0.1 ). It had all the same tools but rebranded and capsulated in strange ways. The best was the hours of support it generated for our engineers. It got better with every version. And we installed them as routine and the engineers could do it with minimum input from the sys.devs or us managers. Thus giving us time to deal with the more complicated systems. 2008 was ok and 2012 was nice and mature. Call me old and old fashioned but I prefer to run the original open source systems. Last one I used in my home-lab was 2012, 2016 never mad it past testing. But it’s definitely worth to now it! A great number of small-medium sized companies do run Windows Servers and IT Director’s love it.
Just for the record, you don't need a TPM for windows server 2022. I have baremetal and virtualized server 2022 running fine, and it never asked for a TPM.
I actually run two Windows Server 2019 instances myself. I have one with a desktop running as my primary domain controller on bare metal, and I have a virtualized server core on Proxmox as a backup domain controller. It's been a learning experience for me, and I'm covering it on my website.
I start to rebuild my whole homelab.Would you say setting up the AD should be the first step in a homelab? Or is there any step VM you would setup before? Since almost every service I want to host needs some user mangement, I would think the Windows Server with AD and DNS should be the basis before setting up anything else.
I either get boot from IPV4 or cannot find drivers despite the virtio being added as a cd drive... Why is windows always such a troublesome child. Linux just works.. anyone any idea's?
First things first, what classes are you using and head care kit, cause mannnnnn Shaving my head that smooth is a pain, any tips for keeping it smooth ^_^ after that THank you for doing this video!
Geralt has taken on a new monster hunt contract, first objective find the windows end users and admin them xD haha digging the sweater Christian thanks for another great intro video!
I would love to be able to use teleport, I think it's a grate program. however, I get my ssl through cloudflare which means I only get 1 level of subdomains which is obviously a problem as I I would like to use it for web applications (or whatever it was called). do you or eneryone else have any idea of a way around this?
Hello Christian - I wanted to try out wind 2022 server and when uploading the drivers, an error occurred: volume local:iso/virtio-win-0.1.229.iso does not exist (500) What could be the case? Hope you (anyone?) can help out with some suggestions. Marco
Any open version of LDAP server can be used in place of Windows Domain Controller and it'll work fine for Windows clients. However, if you run Microsoft Exchange you MUST use Windows Domain Controller as it needs additional attributes for it to work correctly.
When I installed win11 in proxmox to test it out I did so without virtIO drivers and all seems to work well. Wonder what the difference is and if I should reinstall
You are correct with this. AD servers needs full desktop experience for it to work. You can install AD tools on your Window 10 machine to admin the AD servers which is what I do daily. I rarely RDP into the DC unless something seriously wrong with it.
@@Darkk6969 Agree, I use Windows Admin Center as well to manage most windows resources nowadays. Also important tools as Microsoft Azure Active Directory Connect will require a GUI to be used.
Since I’m looking into Active Directory as well at the moment I was wondering if you have ever tried any Linux based alternative. While I’m not implying Linux is the better choice at this particular usecase I usually prefer the way Linux handles stuff… while I’ve worked with AD on Windows plenty of times I still dislike the fact that you have to use a Remote Desktop Connection in most cases to manage it which is the main reason I’m looking into alternatives… so to wrap it up I was just curious if you have ever tried any alternative and what’s your personal opinion on those if you have tried any…
No I haven’t. Currently I’m more interested in other ways to manage the AD like Powershell, Ansible and how to integrate it to Azure AD. However, Samba4 might be interesting to know at some point I might look at it, but it’s not high on my priority tbh.
@@christianlempa Sounds absolutely reasonable… maybe I’ll look into management of AD using Ansible as a first step… in general I’m mostly satisfied with the functionality and stability of the AD… so maybe I’ll just stick to it… but I’m definitely taking a closer look at samba4 as well…
I used Windows Server 2016 in a vm for several years and started looking into alternatives... I then set up Samba inside a container - it worked well but was hard to manage and maintain (even with Windows Server Manager) - I ended up breaking it after a few weeks so I went back to Windows and installed 2 instances of server core. (overkill for just a couple of home users and authelia - lol)
Take a look at Zentyal Community Edition. It's a Linux based DC. I've been playing with it and have had good success. It can also be managed via the RSAT tools from a Win10 machine.
I have a question that is a little off the topic. I want to be able to vpn into my home network when I am out of town using my macbook. I do not know what to setup in order to accomplish this. I have a proxmox host server and can setup a ubuntu vm. what do you suggest?
There is a pretty easy solution by using WireGuard vpn. A free service like tailscale is what you can use, I’ve made a video about it so just search for „the digital life tailscale“ and have a look ;)
Thank you so much for the awesome video! I am going to install windows server on my laptop for home labbing. I am curious about requirements for client access licenses. Will microsoft stop my client computers from utilizing the services or do the CALs operate on the honor system by which I would still have full access to all the features of windows server from my client PCs? Thank you
Thank you! Hope everything goes well on your homelab :) the CALs are, as far as I know, not needed for testing. Microsoft still doesn’t have a counter that shuts down something, however they do license audits in companies.
You saved me big time again my friend! I spent days trying to figure out why it wouldn't boot up in my Proxmox but finally it works with your instruction. Funny though that it works for you when you upload the server iso to Proxmox without facing any error '0'. I didn't have that too when I setup a fresh Proxmox.. So now I am relying on scp to transfer them. If you have some tutorial to teach how to avoid this error I'm sure that will help us beginners too!
Good question, I’ve just recorded a video about covering the best operating systems for home servers, featuring virtualization, containers and storage xD comes out next week!
@@weitanglau162 kind of. The host (proxmox) cpu must support VT-d (Directed I/O) which enables to pass-through ANY pcie device such as a gpu. While the gpu is in pass-through the host (proxmox) is unable to use it in any way.
@@christianlempa You make really good series. I've learned a lot from you since i've subscribed. I'm curios where this goes. I've had to build one to do some funky printer deployment polices after printnightmare hit the news.
Long story short your video is cool but a waste of your time. Sadly I am not always able to finish a lab in 180 days and if I actually want to try something like AD 180 days is not enough because I get bored max after 2 weeks and I don’t want to deal with a not working AD for example.
I've got multiple Server 2022 installs going on my Proxmox host and never once have I added a virtual TPM. I've also spun it up on ESXi, XCP-NG with XO, and Hyper-V without ever adding a virtual TPM. If it were a requirement, having to add a KMS and manage encryption for all small businesses in the Vmware ecosystem would also be unmanageable.
I'm so happy my school gives me access to Microsoft azure education where I can get windows server licenses for my home lab for free. saves me so much money and hassle
You can actually run the eval for 3 years.
If the number of days the license expires is getting shorter, you can reset the evaluation version of Windows Server 2022 6 times by starting the command prompt or PowerShell at any time and using the “slmgr -rearm” command.
It is recommended to execute the “slmgr -rearm” command in an Internet connection environment. If you run it in an internet connection, the license extension period will be reset to 180 days. ※If executed in an offline environment, it will be extended for 10 days.
Really? That’s the first time I hear about it, but that would be a real game changer for me! Thanks, I’ll try it out 😄🤘
@@christianlempa You can rearm the license 4 times, so an evaluation server can be used for 2 1/2 years. I did that for almost 20 years with my servers. It's a pain when you have to reinstall everything after 2 1/2 years, but practice makes perfect...
Really looking forward to the next video. Great work, as always !!!
Thank you! :)
Thank you for introducing Windows Server. Will definitely look forward for your take on this topic.
Hope you enjoy it!
BTW you can really easily set up a full active directory with Ansible. It's just 3 tasks ;)
Mind sharing more? A guide or documentation would be excellent!
kinda interested too
Where is the playbook? 🎉
Thanks! It's a great suggestion, and I will explore some interesting topics about Ansible in Windows Server. I guess there is much more that can be usefully automated. Could be a part3 video? :D
Thank you. Crystal clear and easy to understand
Excellent tutorial!! Call me old school, but I still install AD from the cmd prompt using the dcpromo command.
Oh nice xD I remember these days long ago :)
Good ole DCPROMO in CLI. :)
Nice start for this subject !
Thanks for sharing ^^
Glad you like it!
You should definitely change the default paths for SysVol on the DC. You don't want your OS drive getting full or somehow corrupting your AD data. A small 25 GB data drive is usually fine for labs.
I never changed them, sysvol is for group policies and has no much space
Totally correct - for production. During promotion it is recommended (but not necessary) to change the default paths, to something like:
- config of Active Directory Database Folder - D: -> 100 GB -> ‘D:\Windows\NTDS’
- config of Active Directory SYSVOL Folder - D: -> 100 GB -> ‘D:\Windows\SYSVOL’
- config of Active Directory Databse Log Files - E -> 100 GB -> ‘E:\Windows\NTDS'
Having the NTDS.DIT on a separate drive allows some flexibility as well. Provisioning the OS and the DB/Sysvol/DB Log Files on separate virtual disks (if we are working with VMs) and those virtual disks is also recommended to be on separate storage LUNs.
Those are general best practices, which are not necessary for functionality. But when you hit a performance issue or need restore - they come in handy.
Cool video tough! We need more such videos because most of what (at least most of what I see) is coding videos, but not much infrastructure ;(.
Fully unnecessary. Drive space is ridiculously cheap, and if you can't provision enough space for your OS drive to not fill it up, you shouldn't be managing servers in the first place.
Good video !! Might have to give this a shot too!
Thanks!
Looking forward to this series. Need a bit of a refresher on AD
Thanks! Stay tuned ;)
Hi man you are amazing you make the most beautiful topics about IT i suggest to make a complete playlist about active directory and go in depth like that you will be a reference to learn windows server i am pretty sure you will high rated because you are already one of the best guys who make IT content please make a Playlist About windows server thanks again for you time i know is not easy but i would not ask you to make a Playlist if i didn't see you that you are in the top 5 ❤️💎
Thank you so much! It's an awesome idea! I will collect a few topics and put them in a Windows Playlist ;)
Coming from the Unix/Linux side the WinSrv 2003 wasn’t a great experience. (My first Ms product to play with was MsDOS 0.1 ).
It had all the same tools but rebranded and capsulated in strange ways. The best was the hours of support it generated for our engineers.
It got better with every version. And we installed them as routine and the engineers could do it with minimum input from the sys.devs or us managers. Thus giving us time to deal with the more complicated systems.
2008 was ok and 2012 was nice and mature.
Call me old and old fashioned but I prefer to run the original open source systems. Last one I used in my home-lab was 2012, 2016 never mad it past testing.
But it’s definitely worth to now it! A great number of small-medium sized companies do run Windows Servers and IT Director’s love it.
who cares?????
Just for the record, you don't need a TPM for windows server 2022. I have baremetal and virtualized server 2022 running fine, and it never asked for a TPM.
you are crazy.
I actually run two Windows Server 2019 instances myself. I have one with a desktop running as my primary domain controller on bare metal, and I have a virtualized server core on Proxmox as a backup domain controller. It's been a learning experience for me, and I'm covering it on my website.
Oh, nice! I need to start playing around with server core ;)
@@christianlempa it is quite interesting. I haven't quite mastered it myself yet either.
whats your website man
I start to rebuild my whole homelab.Would you say setting up the AD should be the first step in a homelab? Or is there any step VM you would setup before? Since almost every service I want to host needs some user mangement, I would think the Windows Server with AD and DNS should be the basis before setting up anything else.
I either get boot from IPV4 or cannot find drivers despite the virtio being added as a cd drive... Why is windows always such a troublesome child. Linux just works.. anyone any idea's?
very cool! I don't know about it...for windows server.
You're welcome ;)
Can also make complete video on OpenLdap
Is there any specific reason why you decided to place this domain controller within DMZ? 10:13
That's where I place all my servers, mainly to isolate them from the rest of the home network
... a few months later ... no homelab anymore because we needed to sell all the equipment to pay the Windows Server license fees 😆
If you look a bit around, there are solutions to this ;)
First things first, what classes are you using and head care kit, cause mannnnnn Shaving my head that smooth is a pain, any tips for keeping it smooth ^_^ after that THank you for doing this video!
Yeah, the only tip I can give you is, that you should use a razor with a blade, not an electric one :D
Just installed it on one of my bare metal servers. Just for testing.
Geralt has taken on a new monster hunt contract, first objective find the windows end users and admin them xD haha digging the sweater Christian thanks for another great intro video!
Haha thank you so much! :)
Creating to test firewall policies and integration as I work for a cyber vendor.
I would love to be able to use teleport, I think it's a grate program. however, I get my ssl through cloudflare which means I only get 1 level of subdomains which is obviously a problem as I I would like to use it for web applications (or whatever it was called). do you or eneryone else have any idea of a way around this?
1000s of homelab videos in linux: i sleep
One single windows lab: Real shit
:D
Hello Christian -
I wanted to try out wind 2022 server and when uploading the drivers, an error occurred: volume local:iso/virtio-win-0.1.229.iso does not exist (500)
What could be the case? Hope you (anyone?) can help out with some suggestions.
Marco
Or you can be a student at an accredited school and get a free license!
I jumped from windows AD to Samba4 AD. You just need to install RSAT to a laptop to do all the admin things. Work like charms for 2 years.
I would prefer to use an Alternative to Windows AD, but is there a good Alternative? 🤔
There is samba4 which works as an ADDC as well, however I have no experience with it and don’t know how solid and easy it is.
You can use freeipa
Now we should get a freeipa tutorial! At one job I'm a Windows server admin, but my other gig I am setting up and admining freeipa. It's the best.
Any open version of LDAP server can be used in place of Windows Domain Controller and it'll work fine for Windows clients. However, if you run Microsoft Exchange you MUST use Windows Domain Controller as it needs additional attributes for it to work correctly.
@@Darkk6969 I wonder if that applies to running samba Active directory. Project for the future...
could you talk about license activation on the VM on proxmox
Before install / add a role in my server. It's advisable to get the latest windows updates, then snapshot it and work from there. Just my two cents...
What is Linux equivalent of Active Directory?
There's no 100% equivalent, an alternative that is somewhat compatible would be OpenLDAP
Get this error on proxmox and I cant find a away to fix it. Failed to start Boot0001 "UEFI QEMU DVD-ROM" Time out
Why are you doing a windows AD when you could do a samba ldap solution, linux ldap or an aad?
Yes, you are crazy!
When I installed win11 in proxmox to test it out I did so without virtIO drivers and all seems to work well. Wonder what the difference is and if I should reinstall
Very excited to see the rest of this series!
Thanks! Stay tuned ;)
Great video, should be mentioned that Active Directory installations actually require the Windows Desktop Experience to be installed.
I'm not sure this is really the case.
@@christianlempa Give it a go, I did a month ago with no success. All my other windows servers run server core, only the AD's use the GUI.
You are correct with this. AD servers needs full desktop experience for it to work. You can install AD tools on your Window 10 machine to admin the AD servers which is what I do daily. I rarely RDP into the DC unless something seriously wrong with it.
@@Darkk6969 Agree, I use Windows Admin Center as well to manage most windows resources nowadays. Also important tools as Microsoft Azure Active Directory Connect will require a GUI to be used.
Weird
Since I’m looking into Active Directory as well at the moment I was wondering if you have ever tried any Linux based alternative. While I’m not implying Linux is the better choice at this particular usecase I usually prefer the way Linux handles stuff… while I’ve worked with AD on Windows plenty of times I still dislike the fact that you have to use a Remote Desktop Connection in most cases to manage it which is the main reason I’m looking into alternatives… so to wrap it up I was just curious if you have ever tried any alternative and what’s your personal opinion on those if you have tried any…
No I haven’t. Currently I’m more interested in other ways to manage the AD like Powershell, Ansible and how to integrate it to Azure AD. However, Samba4 might be interesting to know at some point I might look at it, but it’s not high on my priority tbh.
@@christianlempa Sounds absolutely reasonable… maybe I’ll look into management of AD using Ansible as a first step… in general I’m mostly satisfied with the functionality and stability of the AD… so maybe I’ll just stick to it… but I’m definitely taking a closer look at samba4 as well…
I used Windows Server 2016 in a vm for several years and started looking into alternatives... I then set up Samba inside a container - it worked well but was hard to manage and maintain (even with Windows Server Manager) - I ended up breaking it after a few weeks so I went back to Windows and installed 2 instances of server core. (overkill for just a couple of home users and authelia - lol)
had good experience with FreeIPA
Take a look at Zentyal Community Edition. It's a Linux based DC. I've been playing with it and have had good success. It can also be managed via the RSAT tools from a Win10 machine.
Whats so crazy in installing ws in homelab? wtf
Great video as usual , the title is a little bit confusing though
Linux is also a good option to emulate Windows Active directory. ;-)
No idea man, I haven’t tried samba4 yet
@@christianlempa Runs great and its free. ;-)
@@knowledgeispower17 still dont
@@casparhughey5651 Why not? :D
@@knowledgeispower17 just shut up
awesome video can't wait for the rest of this series
Thanks :) Hope you'll enjoy
WDS for me
I have a question that is a little off the topic. I want to be able to vpn into my home network when I am out of town using my macbook. I do not know what to setup in order to accomplish this. I have a proxmox host server and can setup a ubuntu vm. what do you suggest?
There is a pretty easy solution by using WireGuard vpn. A free service like tailscale is what you can use, I’ve made a video about it so just search for „the digital life tailscale“ and have a look ;)
Next up, managing the Windows server using Ansible? ;)
That's actually really easy ;) You can even setup a full AD in one Task if you've got the roles installed
Great suggestions, maybe for a part3? :D
@@christianlempa sure that'd be great! ^^
Thank you so much for the awesome video! I am going to install windows server on my laptop for home labbing. I am curious about requirements for client access licenses. Will microsoft stop my client computers from utilizing the services or do the CALs operate on the honor system by which I would still have full access to all the features of windows server from my client PCs? Thank you
Thank you! Hope everything goes well on your homelab :) the CALs are, as far as I know, not needed for testing. Microsoft still doesn’t have a counter that shuts down something, however they do license audits in companies.
@@christianlempa That's what I needed to know. Thank you! Have a good one
Interesting, technical channel, but this video thumbnail is lame...
Don’t get off because of the thumbnails, just enjoy the content mate ;)
This video is like watching a huge highway pile-on: it's disgusting but I can't turn away
What do you mean by that?
@@christianlempa I mean that installing Windows Server goes against everything holy and reasonable for me :)
@@nekoill okay then it’s a compliment xD thanks!
@@christianlempa exactly, yes :D
You saved me big time again my friend! I spent days trying to figure out why it wouldn't boot up in my Proxmox but finally it works with your instruction. Funny though that it works for you when you upload the server iso to Proxmox without facing any error '0'. I didn't have that too when I setup a fresh Proxmox.. So now I am relying on scp to transfer them. If you have some tutorial to teach how to avoid this error I'm sure that will help us beginners too!
Well that’s strange, I never had this issue on proxmox
Generally it´s not a good idea to place domain controllers within the DMZ
It’s not a DMZ in the classic sense, I’m more using it as a separate zone for my servers
My guess, a seconds in, must be AD, like no other reason to run win :-)
:D
@19:03 you wanted to share documentation and RFCs . No links provided; :/
Oh yep, I completely forgot :D Added them now, thank you :)
@@christianlempa thx 4 adding
should i remove the attached isos after I'm done?
Yes
Digital Life uploads a new video = QUALITY!
Haha, thank you :D
Do you have any videos aimed at beginners looking to setup their first sever? What do you recommend for virtualisation for a someone fairly new?
Good question, I’ve just recorded a video about covering the best operating systems for home servers, featuring virtualization, containers and storage xD comes out next week!
@@christianlempa that’s perfect! I look forward to it!!
The Mac u using is it M1 based? Btw I’m waiting on the sec video
It's my MacBook Air M2 :)
Surprised you didnt run a Samba DC!
Too complicated man xD
Have you tried Zentyal Linux Server
No and I probably won't, just keep my windows server running as long as I can ;D
For laptop workers is this still good to use?
Yes when they connect to the AD from time to time
Why not FreeIPA?
Haven’t used it before
thanks for the video!
You’re welcome 😉
Does installing windows on proxmox with GPU passthrough works with monitor displays?
What do you mean by „monitor displays“?
@@Kesta1890 basically plugging HDMI/DP cable from the server's GPU to an external monitor
@@weitanglau162 Ok yes that’s possible with gpu passthru
@@Kesta1890 oh really? So it is treating as though the windows server as the "host" even though it is running as a VM?
@@weitanglau162 kind of. The host (proxmox) cpu must support VT-d (Directed I/O) which enables to pass-through ANY pcie device such as a gpu.
While the gpu is in pass-through the host (proxmox) is unable to use it in any way.
Great video. I"m definitely going to be following along!
Thanks! Hope you’ll like the series xD
@@christianlempa You make really good series. I've learned a lot from you since i've subscribed. I'm curios where this goes. I've had to build one to do some funky printer deployment polices after printnightmare hit the news.
awesome video thanks
Glad you liked it!
That hoodie is dope. I want one 😮
Haha, thanks :D It was a present from my wife, I love this hoodie so much :)
Nice
Ty
Long story short your video is cool but a waste of your time. Sadly I am not always able to finish a lab in 180 days and if I actually want to try something like AD 180 days is not enough because I get bored max after 2 weeks and I don’t want to deal with a not working AD for example.
Sounds very much like a you-problem :P
I've got multiple Server 2022 installs going on my Proxmox host and never once have I added a virtual TPM. I've also spun it up on ESXi, XCP-NG with XO, and Hyper-V without ever adding a virtual TPM. If it were a requirement, having to add a KMS and manage encryption for all small businesses in the Vmware ecosystem would also be unmanageable.
So, are you crazy now?
I guess so
I'm so happy my school gives me access to Microsoft azure education where I can get windows server licenses for my home lab for free. saves me so much money and hassle
Oh I'm officially jealous now :D
No front but you sound like a german
i am also a german boy :D
“Hmmm… I wonder if posting tech videos using a teenage makeup channel style thumbnail will get me more views.”
Who knows, only success is telling you ;)
Shortest IT joke:
"Windows Server"
I don’t get it
Make sure to automate your daily reboots in order to keep it up and running
Thanks for sharing!
you dont have to do that.
You can make money with soft there are différents ways
I'm unsubbing looool (I begrudgingly need to do this for some testing and to learn but I really don't wanna lol)
Thx for the Great Content. :-) Looking foward for the next part.
Thank you! :)