IT NT Server Services Windows 2000 Installation .

010
Windows 2000 servers in the St. Paul, centralized environment, should not be installed with FTP, Telnet, or the Guest account active. If they are needed they need management justification before they are installed. If FTP is installed it must have anonymous FTP disabled. Create Driver diskettes if third party drivers are required. Installation and Configuration of Windows 2000: Operating System Install
1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. Boot from the Windows 2000 Server CD Press F6 if you need to load Third Party SCSI or RIAD Drivers Press Enter to continue setup at Welcome to setup If prompted Press “C” to continue setup if setup has determined that your hard disk is new Press F8 to accept license agreement Highlight unpartitioned space Press C to create a partition Create 9GB System Partition Enter to create Highlight New(unformatted) and press Enter to install Highlight Format the partition using NTFS file system and press Enter to Continue System will reboot when it has finished this portion of setup Remove any floppies from the A: Drive Select Next at the regional settings Enter Name/Organization (3M Company/3M Company)- Select Next Enter CD key (on back of CD case)– Select Next Select licensing per seat – Select Next Enter server name and administrators password (it must be complex) – Select Next Highlight Accessories and Utilities and Select Details Unselect Communications , Games, and Multimedia – Select OK UnCheck Indexing Service UnCheck Internet Information Services (IIS) Highlight Management and Monitoring Tools - Select Details Select Simple Network Management Protocol Select OK Unselect Script Debugger Highlight Terminal Services - Select Details Select Enable Terminal Services - Select OK Select Next to setup Windows 2000 components Set Date, Time, and Time zone - Select Next Select Remote Administration Mode for Terminal Services Setup - Select Next Select Custom settings networking Settings - Select Next Select Install Highlight Protocol – Select Add Highlight Network Monitor Driver – Select OK Highlight Internet Protocol (TCP/IP) and Select Properties Select Use the following IP Address Enter IP address, subnet mask and default gateway
1

Operating System Setup

2/10/08 /var/www/apps/collegelist/repos/collegelist/trunk/collegelist/tmp/scratch7/931842.doc

IT NT Server Services Windows 2000 Installation .010
38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50. 51. 52. 53. If local DNS enter in Preferred DNS Otherwise enter 169.10.8.5 for Preferred DNS server Enter 169.10.8.4 for Alternate DNS server Select Advanced Select WINS tab Select ADD and enter 169.10.8.36 Select ADD Select ADD and enter 169.10.9.141 Select ADD Select OK to Advanced TCP/IP Settings Select OK to Internet Protocol (TCP/IP) Properties Select Next to Networking Components Select Yes, make this computer a member of the following domain Enter domain name – Select Next Type in administrator ID and password for the domain you wish to join Select OK Remove CD and any floppies when prompted Select finish to finish setup System will reboot

Note If you have an HP LT6000 you must execute the following file \\integration\windows
2000\installation documentation\HP\w2kvp.reg on the server you are installing at this point in the installation. If you do not run this file now, you will experience lockups.

Operating System Configuration
54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65. 66. 67. 68. 69. 70. 71. 72. 73. 74. 75. 76. 77. 78. Logon as administrator Select I will configure this server later – Select Next Uncheck Show this screen at startup Close Windows 2000 configure your Server From Start/Settings/Control panel – Select System Select Advanced tab– Startup and Recovery - change Display List of Operating Systems for: to 5 sec – Select OK to Startup and Recovery OK to exit System Properties Select Display Select Screen saver tab- set screen saver to default screen saver, set wait to10 min. and password protect – Select OK to Display Properties Select Settings tab Set screen area to 800x600 – OK Select OK to display settings Select Yes to keep settings Close Control Panel Right Click on Menu Bar Select Properties UnCheck Use Personalized Menus Select Advanced Tab Check Display Logoff Select OK to Task Bar and Start Menu Properties From Start/Programs/Administrative tools – Select Event Viewer. Right click the application log – Select Properties Select - Overwrite Events as Needed – Set Maximum log size to 2048 - Select OK Repeat for Security and System logs Close Event Viewer

2/10/08 /var/www/apps/collegelist/repos/collegelist/trunk/collegelist/tmp/scratch7/931842.doc

2

IT NT Server Services Windows 2000 Installation .010
79. From My Computer/Explorer/Tools/Folder Options/View – Uncheck Hide file extensions for known file types 80. Select OK to Folder Options 81. Close My Computer 82. From Start/Programs/Administrative Tools – Select Services 83. Double click DHCP Client Service 84. Change startup Type for DHCP Client Service to Manual 85. Select OK to DHCP Client Service Properties 86. Double click Distributed File System Service 87. Change startup Type for Distributed File System Service to Manual 88. Select OK to Distributed File System Service Properties 89. Double click Distributed Transaction Coordinator Service 90. Change startup Type for Distributed Transaction Coordinator Service to Manual 91. Select OK to Distributed Transaction Coordinator Service Properties 92. Double click IPSEC Policy Agent Service 93. Change startup Type for IPSEC Policy Agent Service to Manual 94. Select OK to IPSEC Policy Agent Service Properties 95. Double click License Logging Service 96. Change startup Type for License Logging Service to Disable. 97. Select OK to License Logging Service Properties 98. Double click Print Spooler Service 99. Change startup Type for Print Spooler Service to Manual 100.Select OK to Print Spooler Service Properties 101.Double click Removable Storage Service 102. Change startup Type for Removable Storage Service to Manual 103.Select OK to Removable Storage Service Properties 104.Double click System Event Notification Service 105. Change startup Type for System Event Notification Service to Manual 106.Select OK to System Event Notification Service Properties 107.Double click Telnet Service 108. Change startup Type for Telnet Service to Disable 109.Select OK to Telnet Properties 110.Close Services 111.Open Notepad 112.Type “This file is used to skip the SMS Logon Script” 113.Save file as C:\skip.flg 114.Close Notepad 115.From Start/Programs/Administrative Tools – Select Computer Management 116.Under System Tools double click on Local Users and Groups 117.Double click on Users 118.Right click on TSInternetUser account – Select Disable 119.Set TSInternetUser Account Password (Auditing requirement) 120.Set Guest Account Password (Auditing requirement) 121.Right click on the Administrator account and select Rename 122.Rename Administrator account to snoitarepo 123.Close Computer Management Security Settings 124.From Start/Programs/Administrative Tools – Select Local Security Policy 125.Select Account Policies 126.Select Password Policy
2/10/08 /var/www/apps/collegelist/repos/collegelist/trunk/collegelist/tmp/scratch7/931842.doc

3

IT NT Server Services Windows 2000 Installation .010
127.Set Enforce Password History to 5 128.Set Maximum Password Age to 90 129.Set Minimum Password Age to 1 130.Set Minimum Password Length to 8 131.Set Password must meet Complexity Requirements to Enable 132.Select Account Lockout Policy 133.Set Account Lockout Duration to 0 134.OK to suggested settings 135.Set Reset Account Lockout Counter After to 60 minutes 136.Select Local Policies 137.Select Audit Policy 138.Select Audit Logon Events 139.Check Success and Failure – OK 140.Select Audit Policy Change 141.Check Success and Failure – OK 142.Select Audit System Events 143.Check Success and Failure - OK 144.Close Local Security Policies 145.From Start/Programs/Administrative Tools – Select Terminal Services Configuration 146.Select Connections 147.Double Click RDP-TCP 148.Select Sessions Tab 149.Check Override User Settings – Set End a disconnected Session to 5 minutes 150.Select OK to RDP-TCP Properties 151.Select Server Settings 152.Double Click Active Desktop 153.Check Disable Active Desktop 154.Select OK to Active Desktop 155.Close Terminal Services Configuration 156.Right Click My Computer - Select Properties 157.Select Network Identification Tab 158.Select Properties button 159.Select More button 160.Enter mmm.com for Primary DNS Suffix of this Computer 161.Select OK to DNS Suffix and NetBIOS Computer Name 162.Select OK to Identification Changes 163.Select OK to Reboot Required 164.Select OK to System Properties 165.Select Yes to Restart Computer

Windows Time Service
166. From Start/Run - Type Net time /Setsntp:ntptime

Configuring SNMP
167.From Start/Programs/Administrative Tools – Select Services 168.Double click SNMP Service 169.Select Agent Tab 170.Enter IT Operations for Contact 171.Enter BLDG 224 Bank ? Rack ? for Location 172.Select Traps Tab

2/10/08 /var/www/apps/collegelist/repos/collegelist/trunk/collegelist/tmp/scratch7/931842.doc

4

IT NT Server Services Windows 2000 Installation .010
173.Enter sniw-wins for Community Name – Select Add to List 174.Enter compaqhdm03 for the trap destination 175.Select Security Tab 176.Select Edit 177.Enter sniw-wins for Community Name 178.Set Community rights to Read Write 179.Select OK to SNMP Service Configuration 180.DeSelect “Send Authentication Trap” 181.Select OK to SNMP Service Properties (Local Machine) 182.Close SNMP Services

Installing Resource Kit
183. Map a network drive to \\integration\Windows 2000 – Use your WINS logon

184.Open folder “ReskitSupplement1” 185.Run “Setup.exe” 186.Select Next to Microsoft Windows 2000 Resource Kit Setup Wizard 187.Select I Agree to End User License Agreement – Select Next 188.Select Next to User information 189.Select Typical to Installation Type– Select Next 190.Select Next to begin Install 191.Select Yes to Install Active Perl 192.Select Next to Active Perl Welcome 193.Select Yes to Active Perl License Agreement 194.Select Yes to Active Perl Installation Notes 195.Select Next to Destination Location 196.Select Next to Active Perl Components 197.Select Next to Active Perl Options 198.Select Next to Active Perl IIS Options 199.Select Next to Active Perl Program Folder 200.Select Next to Start Copying files 201.Select No to Review Release Notes 202.Select Finish 203.Run “ircmd”

Installing Support Tools
204.Select Back to return to Windows 2000 directory on Integration server 205.Open folder “SUPPORT” 206.Open folder “TOOLS” 207.Run Setup.exe 208.Select Next to Windows 2000 Support Tools Setup Wizard 209.Select Next to User Information 210.Select Typical to Installation type – Select Next 211.Select Next to begin Installation 212.Select Finish
RCMD Server Install

213.From Start/Progarms/Administrative Tools – Select Services 214.Double click Remote Command Service 215.Select Automatic for Startup Type 216.Select OK to Remote Command Service Properties 217.Close Services
2/10/08 /var/www/apps/collegelist/repos/collegelist/trunk/collegelist/tmp/scratch7/931842.doc

5

IT NT Server Services Windows 2000 Installation .010
Installing Recovery Console 218.Insert your Windows 2000 Server or Advanced Server CD. 219.From Start/Run - Type D:\I386\WINNT32 /CMDCONS 220.Select Yes to install the Recovery Console. 221.Select OK to Recovery Console successfully Installed

Creating Server name on screen
222.From Start/Programs/accessories – Select paint 223.Open file c:\winnt\prairie wind 224.Select A button for text 225.Create rectangle across bottom of prairie wind image for server name location 226.Set font to Impact, point size to 26 and type to italic 227.Set cursor in lower left of rectangle and type in server name 228.Select File then save 229.Close Paint 230.Right click on the desktop – select properties 231.Background tab – select Prairie Wind 232.Select Picture Display - Stretch 233.Select OK

Drive Configuration
234.Right Click My Network Places - Select Properties 235.Right Click Local Area Connection – Select Properties 236.Select Configure button 237.Select Advanced Tab 238.Highlight Link Speed and Duplex 239.Set to Appropriate speed/Duplex (100Mbps/Full Duplex Datacenter) 240.Select OK to LAN Adapter Properties 241.Select OK to Local Area Connection Properites 242.Right Click Local Area Connection – Select Rename 243.Type in Appropriate name (Corporate ip or Backup ip) - Enter 244.Right Click Second Local Area Connection if Backup NIC is used - Repeat steps (59-66) 245.Close Network Dial-up Connections 246.Right click My Computer– Select Manage 247.Select Disk Management located under Storage 248.Select Next to Write Signature and Upgrade Disk Wizard 249.Check all disk 250.Select Next to write signature to disks 251.Select Next to Disks to want to upgrade 252.Select Finish 253.Highlight Disk you want to create 254.Right Click – Select Create Volume 255.Select Next to Create Volume Wizard Welcome 256.Select Simple Volume - Next 257.Select Next to Selected Disks for Volume 258.Select Next to Drive Letter 259.Check Perform Quick Format 260.Select Next 261.Select Finish 262.Repeat for all additional disks
2/10/08 /var/www/apps/collegelist/repos/collegelist/trunk/collegelist/tmp/scratch7/931842.doc

6

IT NT Server Services Windows 2000 Installation .010
263.Exit out of Computer Management

Securing Drives
264.Double click on My Computer 265.Right Click on E: Select Properties – Security tab - remove everyone from the permissions on e: drive and add the Local Administrator’s Group, full control 266.Select OK to Exit E: Properties 267.Repeat for all additional data drive letters 268.Close My Computer Diskperf Setup 269.From Start/Run enter CMD to get a Dos command prompt. 270.At the command prompt type DISKPERF -y and press enter. 271.A prompt comes up that all physical and logical disk performance tools are set to start at boot.

IE 6.0 Upgrade
272.Right click Internet Explorer – Select Properties 273.Select Connection tab 274.Select LAN Settings button 275.Uncheck - Automatically detect settings 276. Check “Use automatic configuration script” Address:http://dawn.mmm.com/proxy.pac 277.Check “Use a proxy server” Address:corpproxy1.mmm.com, Port:3128 278.Check “Bypass proxy server for local addresses” – OK 279.Select OK to Local Area Network (LAN) Settings 280.OK to Internet Properties 281. Map a network drive to \\integration\Software – Use your WINS logon 282.Open folder “IE 6.0sp1” 283.Run “ie6setip.exe” 284.Accept the License Agreement – Next 285.Select Next to Windows Update: Internet Explorer and Internet Tools 286.Select Finish when setup is complete 287.Server will reboot

MDAC Upgrade
288. Map a network drive to \\integration\Software – Use your WINS logon

289.Open folder “MDAC” 290.Open Folder “MDAC 2.7 SP1” 291.Run “mdac_typ.exe” 292.Accept the License Agreement – Next 293.Select Finish to begin installation 294.Select Close to exit MDAC setup

Service Pack and Hotfixes
295.Double click on My Computer 296. Open \\Integration\Windows 2000 297.Open Folder “Service Packs” 298.Install Service Pack 3 299. Server will reboot.

2/10/08 /var/www/apps/collegelist/repos/collegelist/trunk/collegelist/tmp/scratch7/931842.doc

7

IT NT Server Services Windows 2000 Installation .010
300. From \\Integration\Windows 2000 Open Folder “Hotfixes”

301.Double click on the file SP3HF-Q3-03 302. Install latest Perl Script BASE, located at \\Integration\Windows 2000\Base Script 303.Reboot the server.

HP ProLiant Agents and Drivers 202. Install latest HP ProLiant Agents and Drivers located at \\integration\ntcsp W2K = \\integration\ntcsp\6_20a_W2K\bp000128.cmd 203. Reboot Server. Install NAV - Set Live Update time to 3:00am Install Backup software as required Have Tivoli installed You have now completed the Default NTSPAS install, all other instructions are defined in “Windows 2000 Master Document.doc” located in \\integration\windows 2000

2/10/08 /var/www/apps/collegelist/repos/collegelist/trunk/collegelist/tmp/scratch7/931842.doc

8