Скачать книгу

I want to use, and DefaultGateway is the gateway address for the local network (see Figure 4-4).

       New-NetIPAddress -InterfaceIndex 4 -IPAddress 192.168.1.50 -PrefixLength 24 -DefaultGateway 192.168.1.1

      

I haven't discussed PowerShell much at this point, and this is a more complex bit of PowerShell. The New-NetIPAddress is a cmdlet that allows you to work with IP addresses on Windows Server systems. The parameters that come afterward, like -InterfaceIndex, help to identify the object you want to work with (the network adapter, in this case) or to make changes to the settings, like the -IPAddress parameter where you specify the IP address you want to set on the network adapter.

Snapshot of setting the IP address with PowerShell.

      FIGURE 4-4: Setting the IP address with PowerShell.

       Set-DNSClientServerAddress -InterfaceIndex 4 -ServerAddresses 8.8.8.8, 8.8.4.4

Snapshot of setting the DNS servers with PowerShell.

      FIGURE 4-5: Setting the DNS servers with PowerShell.

      After you have installed your brand-new Windows Server, and maybe even done some of the basic configuration work like changing the name and joining the domain, you'll want to update the server. Updates contain fixes for security vulnerabilities and new features, and should always be installed before turning a server over to the team that requested it.

      Windows Server 2022 with Desktop Experience

      Considering how important it is to stay up to date on Windows Server updates, most organizations are going to set up automatic updates. You may have a server that can’t be set to receive updates automatically, or there may be an emergency patch that was issued and you want to apply it right away. In this section, I explain how to do automatic updates and manual updates.

      Automatic updates

      Most organization use automatic updates. The following directions walk you through setting up your server to reach out to Microsoft’s update servers (the default behavior).

      

Many organizations have patching solutions that handle the scheduling of updates, and could still be considered an automatic update because the tool will schedule the deployment of approved patches.

      1 Click the Start menu and type gpedit.msc.

      2 Navigate to the Windows Update section by clicking on Computer Configuration, then Administrative Templates, then Windows Components, and finally Windows Update.

      3 Double-click Configure Automatic Updates.

      4 Select Enabled.You’re given configuration options.Under Configure Automatic Updating, you can see that it’s set to Auto Download and Notify to Install. This is the default setting.

      5 Click the drop-down box and select the setting that works best for your environment.In my case, I’ve chosen Auto Download and Schedule the Install. See Figure 4-6 for an example.

      6 Click OK to save the change.

Snapshot of using the Local Group Policy Editor to change the automatic updates setting in Windows Server 2022.

      Downloading and installing updates

      You hear about the next big security vulnerability on the news media, and vendors release patches to the vulnerability very quickly after that. When a security vulnerability impacts your Windows Server systems, you may want to start a manual update — that way, your systems are protected outside of your normal patching windows. If your organization uses a patching solution, the patch may be pushed from that system, but there are always a few systems that don’t take the patch for whatever reason. You may have to manually update when that occurs.

      1 With Server Manager open, click Local Server in the left-hand menu.

      2 Click the hyperlink next to Last Checked for Updates.This may say Never if it hasn’t been run yet.

      3 Click the Check for Updates button.The server will check to see if there are any updates available.

      Windows Server 2022 Core

      Automatic updates

      There are two ways you can enable automatic updates on Server Core: using the sconfig utility and using PowerShell.

      SETTING UPDATES TO AUTOMATIC VIA SCONFIG

      The text-driven menu provided by the sconfig utility makes enabling automatic updates very simple. You can set up automatic updates in just four quick steps:

      1 From the sconfig menu, type 5 to configure Windows Update settings, and then press Enter.You’re given the choice of selecting A for automatic download and install, D for download only (which is the default), or M for manual updates.

      2 Type A for automatic download and installation of Windows updates.You get a text confirmation that the change was successful.

      3 Press Enter to exit the updates section.

      SETTING UPDATES TO AUTOMATIC VIA PowerShell

      To set updates to automatic via PowerShell, you need to navigate to C:\Windows\system32 and stop the Windows Update service. It may already be stopped. Then you can use the script program to execute scregedit.wsf. Adding the switch /AU 4 enables automatic updates, /AU 1 would disable automatic updates. The following example enables Windows updates:

      1 Stop the Windows Update Server service. net stop wuauserv

      2 Set automatic updates to 4 which is enabled. cscript scregedit.wsf /AU 4

      3 Start the Windows Updates Server service. net start wuauserv

Snapshot of setting automatic updates in PowerShell.

      Downloading and installing updates

Скачать книгу