How To Plan, Install, Manage, Maintain, Secure, Backup and Restore Small Business Server 2003 R2
Part Five - Post Install Steps
Please see what the Legal Eagles Make us say Here.Ok, now you have a base SBS R2 Server. Well Done! But before you can break out your choice of celebratory beverage there are still some things you need to do to make it fully functional. Some of this comes under the heading of Installation, and some of is more properly called Configuration, and some of it may be thought of as Setup-Maintenance because the steps fall into the area of Maintenance that you will be doing so long as you work with SBS.
The really important thing to do here is to decide what to do next. The order is not mandatory, but preserving your work might be a good idea. So I might consider proceeding in the following order:
NOTE: At this point you should be connected to your internal switch on NIC1 and to your Router on NIC2, but DO NOT connect the Router to the source of the Internet. That is, unplug the Wan Side of the Router.
1. Make a backup: No point in not, and it is good practice. If at this point you have a snapshot of your base install, you can put it back to new drives or in case something goes wrong in the next few days. Open Server Management, select Backup, and run the wizard to copy the installation to the media of your choice. It is fairly small at this point, so you could copy it to a d:\backup\backup.bks file on your data drive. However, better would be an external USB or Firewire drive in case your internal drives fail.
2. If you have not already, add a static IP address to your second network adapter (NIC), assuming you have one. (for a discussion of the pros and cons, go here). The IP of the "external" NIC must be in the same subnet as your router's LAN ports. For example, in the ever popular Linksys BE41, the default IP is 192.168.1.1. Since so many home systems use this or similiar IP schemes, change the router to an IP that is not likely to be used by a remote connection such as 192.168.61.1. Then make the NIC 192.168.61.2. This has the advantage of mimicking your primary, or internal NIC's default address of 192.168.16.2, and makes them easier to remember. Add this information to your documentation.
3. Back to Server Management and run the Configure Email and Internet Connection Wizard (CEICW). Since you already know which NIC is internal and external, this is easy. The Wizard walks you though it, but if you need more, go here. DO NOT allow the wizard to configure the router/firewall for you. Finish all the steps, and your server is good to go for Email, Internet and Remote Access if you enabled it.
4. Now open your routers configuration pages. The steps may vary depending on the model, but in general you open your browser and navigate to the IP address of the router. In the Linksys example in step 2, it would be http://192.168.61.1. First, enable a strong pass phrase. Save that. Write it down in your Documentation. Make it different than your Servers Admin Pass Phrase. Then, go to the routers application or port forwarding page and open the SBS ports that you need (check here) and forward them to the IP address of your external NIC. In this case 192.168.61.2. Using our friend Alt+PrintScrn, capture a screen shot and include it in your documentation.
5. Now you have a few installation steps left. If you have SBS Premium you can install either SQL 2005 Workgroup Edition (SQL), or Internet Security and Acceleration (ISA). You don't have to install either, and you can do it later. If you want to take advantage of the R2 Technologies you also need to install the applications on the R2 CD. Neither of these is difficult nor time consuming. I put WSUS and its databases on a separate physical drive that also (sometimes) holds the Windows Page File, pagefile.sys. Many do that or install it on a separate partition reserved for that purpose when the system was first installed (look here).
PLEASE READ THIS: Before you proceed, go to Start > Administrative Tools > Services and make a screen shot of what is Automatic, what is started and what is not. Save this by highlighting the Services Window, then Press Alt+PrintScrn. This copies the active window to the buffer. Then open Word Pad (NOT MS Word, which should not be installed on your server) and paste in the picture. If you can't fit it all into one screen shot, scroll down and make another. Save this so you can see it if you need a reminder.
Do the same for MSCONFIG.EXE. Helpful if you suspect some rouge services are running on your system.
Ok, with all of that out of the way, you are almost ready to connect to the internet by plugging the cable into the wan side of your router. Before you do, you must install your Anti Virus and Anti Spam software. If you don't your server will be overrun with rubbish and or REALLY BAD STUFF. There are many different AV and AS software programs, so follow the manufactures instructions, and look at this document from Microsoft regarding exclusions you should make from the scanning process. For further recommendations about what NOT to scan, look here.
After the Anti Virus and Anti Spam solutions have been installed, STOP the MS Exchange Information Store. This will prevent any email from coming into your system until you are ready. Change the startup type to disabled for both the Information Store and the System Attendant.
Finally, you can plug your internet cable into your router and open a connection from your server to the internet. Oops! You can't, and you shouldn't. But if you must, agree to all the warnings and go someplace you can trust, like http://support.microsoft.com That's actually one of the few places you should go from a server, IF ANY.
About the only other things you can do to see if your internet connection is working is to manually update your Anti Virus program and run Windows Update. If your configuration is correct, both of these things will go as expected. Look here for recommendations on what patches to apply.
If all of that is done, you can finally turn on your Exchange Server Services. Start > Control Panel > Administrative Tools > Services. Find the MS services you turned off earlier and turn them back on.
Top.