Best way to setup Windows Server 2012 R2


I am doing a fresh install for my business running Windows Server 2012 R2 and was wondering what people thought is the best way to set it up and a general order to set up. ie: Setup AD,DC and DHCP. Then start setting up 2nd virtual server.

My business has 3 stores with only ADSL2 connecting them. One of the stores is my Head Office and it is bonding 2 x ADSL2 connections and 1 x 4G connection (to help with the up speed for the stores.)

1 x Store (Head Office) has 25 users, 2 x Trucks, 1 x Callout vehicle (Trucks and callout vehicle is running full network for Laptops and printers)
2nd Store (2 Users)
3rd Store (3 Users) 1 x Truck, 1 x Callout vehicle (With full computer setup.)
Exchange 365 (In cloud)

With this in mind what I was thinking of doing was setting up:
1 x Physical Server running Hyper-V
1 x Virtual Server running AD,DC and DHCP
1 x Virtual Server running SQL 2014 (For Business systems)
1 x Virtual Server running Remote Desktop Settings

I do have another physical server that is exact same hardware as 1st Server. Was thinking of setting that one up to replicate the first server so that if one server has a problem then the users and business does not know that 1 server has gone down and also would be handy for working on 1 server for updates instead of waiting for the staff to leave. But I was going to leave that server for 2 weeks or so till I got the first one up and going.

What I have done so far is setup Hyper-V, installed 1 x Virtual server running AD,DC, DNS and DHCP. I have setup 2nd Server with SQL 2014 and installed the business systems.

I need to also setup a Federation Server for the Exchange Cloud, which server
What should I do next?
Should I setup up print server on the RD (Remote Desktop Server)?

My old server system is 1 x Physical Windows Server 2007 SBS with AD, DC, DNS, DHCP, Print Server, Exchange 2007, SQL.  
1 x Physical server running Remote Desktop Server.

Any help and guidance would be welcomed.


PS. Am loving the new Virtual Server system and the flexibility that it offers :)
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mal OsborneAlpha GeekCommented:
Were it me, I would probably get a dedicated machine to act as a DC, holding all FSMO roles, and have that replicate with a VM CD.  Need not be anything fancy, an old workstation would be just fine.

Microsoft recommend against virtualizing DCs, and it can cause some problems with booting, replication, and time sync.

Also, looks like you might have 30+ Terminal Server users. I would probably run 2 separate VMs for these.
Darkner007Author Commented:

Is it possible to do that after the roll out or do I need to do that now?

What should I go on with next?
Mal OsborneAlpha GeekCommented:
Either way would work, but I would probably get the main, standalone DC up and running  first, then join the HyperV server to the domain. Any old PC will work for the DC, although best if it is a "commercial"  machine, and with mirrored hard drives. An i3 with 2Gb RAM and a pair of 200Gb HDDs is fine.
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Darkner007Author Commented:
I would like to just push forward as I need to get this up and going this weekend. I will setup a stand alone dc though later on after the roll out. I am just out of time before the old servers die I think.

Any other suggestions at all? What order that I should do things at all?
Muhammad BurhanManager I.T.Commented:
make this one thing clear in your scenario.
suppose you add hyper-v role in 2nd server and replicate all VMs to the 2nd server one by one, now all of the VMs are switched off after replication in the 2nd server and both hypr-v replicating the changes after every 5 minutes.
if 1st physical server went down so the 2nd physical server doesn't start VM automatically.
you have to start each VM manually.

in order to automate (which is required) you have to configure another server which have Fail Over Clustering and then add both hyper-v host and enable fail over on them.
Darkner007Author Commented:
Hi Muhammad,

Is there a way that I can make it so that there is not any downtime if I have to take one down for maintenance?

Ie if there was a server Hardware Failure I could live with 10 mins downtime while the 2nd one kicked in.

But would be great if I could take one down without any users knowing that it has happened though.
Muhammad BurhanManager I.T.Commented:
the answer is YES for your question.
but you have to start all of the VMs manually on 2nd server

and as you know that the servers and workstation frequently queries for the services which they required.
so Active Directory, DNS, DHCP and File Servers if any of them down for even 5 mins, every thing in network would know that the services are not accessible.

but if the downtime is planned as you ask 'what happen if you down 1st server for maintenance', it take 2 to 5 mins to start VMs on 2nd server.
but as you manually shutdown 1st server similarly you have to start all of the VMs on 2nd server.
Darkner007Author Commented:
Ok thanks for helping.

Sorry if this seems like a silly question but is it possible to make it so that there is no downtime?
Muhammad BurhanManager I.T.Commented:
yes you can make it, but you have to add another server/node to do that.
Darkner007Author Commented:
Ok thanks for your help :), I will look into it more once I have this server rolled out.

Any thing else that I need to be aware of?

I am thinking that I will set up the Remote Desktop Virtual Server next and then setup up printers other things.
Muhammad BurhanManager I.T.Commented:
let me know when configuring 2nd server.
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
I have an EE article that should be helpful: Some Hyper-V Hardware and Software Best Practices.

Use ADSync for O365 or its current replacement not ADFS. ADFS = continuously available, that is clustered and fully redundant Internet, otherwise no ADFS = no logons.

If the setup had a previous domain configuration make sure the new domain is named slightly different. Examples:
Group Policy Tattoos are policies that will not drop. Since AD and GP use GUIDs naming the domain the same will cause issues where clients will request settings from the right "name" but the wrong GUIDs.

If Windows Server Standard you get four VMs (1+2 per license).
 + VM2: RDSH
 + VM3: SQL
 + VM4: File Services, User Profile Disk Host, Print Services, WSUS, ETC

That's how we'd set things up for this particular solution.

Hyper-V Replica could be used with that second server. Where would it be located? What kind of bandwidth between the two?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Darkner007Author Commented:
Hi Philip,

I have Windows Server 2012 R2 Std with another Pair of Licences for the VM's So 4 in total.

That setup with the 4 VM's looks great, I will use that, Thank you very much :)

With the File Services, I was wondering if I could use my synology NAS for that as I have around 100Tb of space available there in a redundant raid configuation. Also the NAS allows expansions for another rack of hard drives if needed. Would that be okay?

Also the Second Server will be running in the same cabinet as the first one as the internet is not that fast till the Fibre network gets release around Feb next year. Then I might be able to move it to another city where the second store is.

Thanks for answering my questions :)
Darkner007Author Commented:
I have read your article before on the Server hardware and base setups. Very informative thanks. :)

I have been trolling experts-exchange and technet for a while now trying to figure out how to handle the change over, but like everything in business, other things come up. The 2 servers have been built sitting there waiting for the last 14 months. Now that the existing servers is starting to fail I am moving to get it replaced before something bad happens.

Is there also an easy way to transfer user profiles so that all their info and website info is intact at all?

I have started a new setup completely as I did not want any errors or loss of functionality for the 2012 R2.

Domain was FQDN.local
The new one is

Thanks in advance
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
ForensiT Profile Wizard is well worth the money for transferring user profiles between systems, domains, and operating system environments (we used it for a Novell to Windows migration a year or two ago).

NAS LUNs can be hooked into the host or the guests via iSCSI Initiator. It works okay. At 100TB what is going to back that up?
Darkner007Author Commented:
I was using the 100TB for server backups (I use Shadow Protect on Servers and Key client machines) also I run 80 IP Security Cameras in my head office so it was meant to be used for that but have not configured the security system to offload. The security system keeps about 3-4 months footage as it is so never thought it was a priority.

Also I have found that if I logged into the client machine with the user details I could just copy all the user date into another folder that I just called Old Profile and then sign the computer into the new domain and then copy that info back. It seems to work, can you see any problems by me doing it that way at all?
Muhammad BurhanManager I.T.Commented:
Users data will not be affected in you case.
But ensure that the data exist in user's PCs and is not redirected to any server.
Changing the domain name didn't affect data, but may be you have to set NTFS permission if required. This is also not the important thing because it will easily be done after you copying.
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Believe me when I tell you ForensiT is the better way to go.

It's zero touch in the paid version. And, users don't lose Pretty Kitty.

Going the manual route means _all_ aspects of the user's profile needs to be set up again. Its a real pain to do it that way. BTDT burnt the T-Shirt.
David Johnson, CD, MVPOwnerCommented:
Utilize DFSR as much as possible for all shares even if you only have 1 target. This saves a lot of work down the road, add the 2nd target, wait for replication, now you can shutdown 1 machine and the users don't know as it will switch in the background. There can be some latency problems depending on the network topology and network speed between the various targets.
Minimum of 2 DC's
have more than 1 hyper-v Host and use hyper-v replication (this is not real time) but can be close.

The more redundant the more you need to have multiple segregated networks. Vlans are good until the link usage gets high then you need separate physical networks.  This is to keep the replication traffic at full speed all of the time.

What it all boils down to is cost. both in hardware and operating system licensing. If an OS is used for even 1 second it requires a separate license. System Center for its almost $2K cost is a wise investment if you can't afford SA licensing.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.