I want to use, and DefaultGateway
is the gateway address for the local network (see Figure 4-4).
New-NetIPAddress -InterfaceIndex 4 -IPAddress 192.168.1.50 -PrefixLength 24 -DefaultGateway 192.168.1.1
I haven't discussed PowerShell much at this point, and this is a more complex bit of PowerShell. The
New-NetIPAddress
is a cmdlet that allows you to work with IP addresses on Windows Server systems. The parameters that come afterward, like -InterfaceIndex
, help to identify the object you want to work with (the network adapter, in this case) or to make changes to the settings, like the -IPAddress
parameter where you specify the IP address you want to set on the network adapter.
FIGURE 4-4: Setting the IP address with PowerShell.
To set the DNS Server after that, the command uses the same index number for my network card. ServerAddresses
is used to identify the DNS servers that the system should use (see Figure 4-5). If you have more than one, you can separate them with a comma.
Set-DNSClientServerAddress -InterfaceIndex 4 -ServerAddresses 8.8.8.8, 8.8.4.4
FIGURE 4-5: Setting the DNS servers with PowerShell.
Updating Windows Server 2022
After you have installed your brand-new Windows Server, and maybe even done some of the basic configuration work like changing the name and joining the domain, you'll want to update the server. Updates contain fixes for security vulnerabilities and new features, and should always be installed before turning a server over to the team that requested it.
Windows Server 2022 with Desktop Experience
Considering how important it is to stay up to date on Windows Server updates, most organizations are going to set up automatic updates. You may have a server that can’t be set to receive updates automatically, or there may be an emergency patch that was issued and you want to apply it right away. In this section, I explain how to do automatic updates and manual updates.
Automatic updates
Most organization use automatic updates. The following directions walk you through setting up your server to reach out to Microsoft’s update servers (the default behavior).
Many organizations have patching solutions that handle the scheduling of updates, and could still be considered an automatic update because the tool will schedule the deployment of approved patches.
1 Click the Start menu and type gpedit.msc.
2 Navigate to the Windows Update section by clicking on Computer Configuration, then Administrative Templates, then Windows Components, and finally Windows Update.
3 Double-click Configure Automatic Updates.
4 Select Enabled.You’re given configuration options.Under Configure Automatic Updating, you can see that it’s set to Auto Download and Notify to Install. This is the default setting.
5 Click the drop-down box and select the setting that works best for your environment.In my case, I’ve chosen Auto Download and Schedule the Install. See Figure 4-6 for an example.
6 Click OK to save the change.
FIGURE 4-6: Using the Local Group Policy Editor to change the automatic updates setting in Windows Server 2022.
Downloading and installing updates
You hear about the next big security vulnerability on the news media, and vendors release patches to the vulnerability very quickly after that. When a security vulnerability impacts your Windows Server systems, you may want to start a manual update — that way, your systems are protected outside of your normal patching windows. If your organization uses a patching solution, the patch may be pushed from that system, but there are always a few systems that don’t take the patch for whatever reason. You may have to manually update when that occurs.
1 With Server Manager open, click Local Server in the left-hand menu.
2 Click the hyperlink next to Last Checked for Updates.This may say Never if it hasn’t been run yet.
3 Click the Check for Updates button.The server will check to see if there are any updates available.
Windows Server 2022 Core
Windows Server Core has the same needs when it comes to receiving updates from Microsoft that Windows Server with Desktop Experience does. In this section, I show you how to set up automatic updates and how to perform manual updates from PowerShell.
Automatic updates
There are two ways you can enable automatic updates on Server Core: using the sconfig utility and using PowerShell.
SETTING UPDATES TO AUTOMATIC VIA SCONFIG
The text-driven menu provided by the sconfig utility makes enabling automatic updates very simple. You can set up automatic updates in just four quick steps:
1 From the sconfig menu, type 5 to configure Windows Update settings, and then press Enter.You’re given the choice of selecting A for automatic download and install, D for download only (which is the default), or M for manual updates.
2 Type A for automatic download and installation of Windows updates.You get a text confirmation that the change was successful.
3 Press Enter to exit the updates section.
SETTING UPDATES TO AUTOMATIC VIA PowerShell
To set updates to automatic via PowerShell, you need to navigate to C:\Windows\system32
and stop the Windows Update service. It may already be stopped. Then you can use the script program to execute scregedit.wsf. Adding the switch /AU 4 enables automatic updates, /AU 1 would disable automatic updates. The following example enables Windows updates:
1 Stop the Windows Update Server service. net stop wuauserv
2 Set automatic updates to 4 which is enabled. cscript scregedit.wsf /AU 4
3 Start the Windows Updates Server service. net start wuauserv
If you would like to see an example of what this looks like and what the responses should be, please see Figure 4-7.
FIGURE 4-7: Setting automatic updates in PowerShell.
Downloading and installing updates