lets got for FULL install standard as that is fairly common
ok that& #39;s cooking!
Don& #39;t worry we are gonna encrypt the backups as well! so we& #39;ve got a nice 2012 R2 deploy going alongside this!
Im deffo going back in time here but yolo :P
FOr real, we used to deploy quest AD recovery manager. That was fucking sweeeet! it took the scare out of schema changes and upgrades/restores etc.
so we& #39;ve got 3 servers in the mix, a backup server, a DC and an RDP server! it& #39;s funny how slow the DC promo is compared to 2016+
so here& #39;s a quick overview
now here& #39;s where it& #39;s all going to start going wrong :(
yep for some stupid reason the admin has changed from default mode to NLA disabled.. DO NOT FUCKING DO THIS! there& #39;s 0 reason i can think of to NOT use NLA
so we joing this server to the domain!
whilst we are at that let& #39;s get veeam deployed! @Veeam rocks but way too many people do what i& #39;m doing in the lab here (on purpose) and deploy it domain joined! DO NOT DO THIS ANYWHERE like for real just don& #39;t!
@jayzengland @smoon_lee this is why people turn off NLA :P
ok we gotta patch this before veeam will install! ;)
so whilst we wait lets emulate IRL a bit more and let& #39;s ensure not ONLY IS RDP exposed (TCP 3398) but we are also going to expose WINRM TCP 5985
also fuck it lets& #39;s deploy a web server as wel! (this is gettting more IRL that u realise)
MOAR fun :) this is really some of the shit u will find IRL when u look :(
zzzzzzzzzzzzzzzzzzzzz
ok we got a few plates spinning now but ez pz
this might work this time, there& #39;s a missing file on the MS site...
ok cool veeam install on its way :)
sweeet! pro top don& #39;t fucking domain join this shit or expose it to the net
ok gang we now have 1x DC, 1 X RDS box with IIS and FTP, 1 x Backup server (domain joined) and a PAWS
You can follow @UK_Daniel_Card.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: