Home Blog Page 2

Configuring a Nano Server


Logging on to a Nano Server

Once you have deployed the VHDX image in a VM and started it. Now it’s time to log on and configure the basic settings of the VM. Previously, we deployed a Nano server with non-domain joined VM, so we just need to enter username and password. See the previous post, Deploying a nano server, for more information.

Figure 1. Logging on a Nano Server

After logging on the Nano Server, we will see there are only the minimal controls from Nano Server console that we might need to configure the server like the network interfaces, Windows Firewall rules, and Windows remote Management (WinRM) (See
figure 2. Basic configuration). We will go through each configuration in this article.

Figure 2. Basic configuration

Configuring a Nano Server IP address

By default, the Nano Server obtains an IP address from DHCP server on your network and configure the system’s network adapter. However, we can configure the network adapter manually by using either Nano Server Recovery Console or the New-NanoServerImage command line which you used to created a Nano Server from previous article, Deploying a nano server. In this article, we will manually configure the network adapter to use a static IP address from the Nano Server Recovery Console use the following procedure:

  1. Select the Networking item and press Enter.

  2. On the Network Settings screen, select network adapter and hit Enter

  3. Press F11 to configure the IPv4 Settings for the adapter.

  4. Press F4 to toggle the DHCP client to Disabled

  5. Use the Tab key to enter the IP Address (for example:, Subnet Mask (for example:, and Default Gateway (for example:
  6. Press Enter to save your settings. Press Enter again to confirm then continue to press Esc few times to return to the Nano Server Recovery Console.

Configuring Firewall rules

From the Nano Server Recovery Console screen, select the Inbound Firewall Rules or Outbound Firewall Rules, all the default rules on the system will display as below.

Figure 3. Inbound Firewall rules

Figure 4. Outbound Firewall Rules

The above screens only support you to activate or deactivate an existing rule by using F4 key, you cannot modify rules themselves or create new ones. Once we have remote access to the Nano Server, we can use standard tools, such as the Windows Firewall with Advanced Security console, to manage all other settings.

Configuring Windows Remote Management

From Nano Server Recovery Console screen, there is only one function that provide the ability to reset the WinRM service and firewall to their default settings, in the event that we did something wrongs and cannot remote the server.

Figure 5. Reset the WinRM firewall and service configuration to default

Figure 6. Confirm resetting of WinRM

Connecting to a Nano Server using PowerShell

Now the server is ready to connect/remote in. The following PowerShell cmdlet will allow us to connect to the server.

new-pssession -computername name -credential domain\username

Deploying a Nano Server


As you know, there is no wizard for installing Nano Server, like Windows Server and Server Core. You install it by creating a Virtual Hard Disk (VHD or VHDX), from the PowerShell command line. After that, you use the VHD or VHDX to create a Hyper-V virtual machine or a boot drive for a physical server.
If you look at the Windows Server 2016 directory on its installation disk or image file, you will see folders that support us to create and edit Nano Server images (a PowerShell module in NanoServerImageGenerator folder, a subdirectory containing the package files for the roles and features the operating system supports, and the Nano Server image).

Figure 1. NanoServer folder in the Windows Server 2016 installation disk

Create a Nano Server image

Import Nano Server Powershell module

Open Windows PowerShell with administrative privileges (run as administrator). Navigate to the NanoServerImageGenerator folder on the installation disk (In this case, it is mounted as D: drive) and import the Windows PowerShell module required to provide the cmdlets for Nano Server.

CD D:\NanoServer\NanoServerImageGenerator

Set-ExecutionPolicy RemoteSigned -Scope CurrentUser

Import-Module .\NanoServerImageGenerator -Verbose

Figure 2. The output of the Import of NanoServer PowerShell module.

New-NanoServerImage cmdlet

Run the New-NanoServerImage cmdlet.

New-NanoServerImage -DeploymentType Guest -Edition Standard -MediaPath D:\ -TargetPath C:\Temp\NanoServer1.vhdx -ComputerName NanoServer1

  • DeploymentType Specifies whether the image file is used on a Hyper-V virtual machine (Guest) or a physical server (Host).
  • Edition Specifies whether to install the Standard or Datacenter edition of Nano Server.
  • MediaPath Specifies the path to the root of the Windows Server 2016 installation disk. or mounted image.\
  • TargetPath Species the full path and filename of the new image to be created. The filename extension (.vhd or .vhdx) specifies whether the new image should be Generation 1 or Generation 2.
  • ComputerName Specifies the computer name that should be assigned to the new image.

When the cmdlet runs, it will prompt you for a password that is applied to the Administrator account in the Nano Server image.

Figure 3. Enter a password that is applied to the Administrator account.

You will need to keep this password for logging on the server later.
It takes around two or three minutes to complete the process. The output generated as shown below:

Figure 4. The output of the New-NanoServerImage cmdlet.

Common Ports and Their Associated Protocols in Networking

Port Number Associated Protocol (or Keyword) TCP/UDP Usage Secure Version and Port Usage
21 FTP TCP FTPS, port 989/990 Transfers files from host to host.
22 SSH TCP or UDP Secure Shell: Remotely administers network devices and systems. Also used by Secure Copy (SCP) and Secure FTP (SFTP).
23 Telnet TCP or UDP Remotely administers network devices (deprecated).
25 SMTP TCP SMTP with SSL/TLS, port 465 or 587 Sends e-mail.
49 TACACS+ TCP Remote authentication.
Can also use UDP, but TCP is the default. Compare with RADIUS.
53 DNS TCP or UDP DNSSEC Resolves hostnames to IP addresses and vice versa.
69 TFTP UDP Basic version of FTP.
80 HTTP TCP HTTPS (uses SSL/TLS), port 443 Transmits web page data.
88 Kerberos TCP or UDP Network authentication, uses tickets.
110 POP3 TCP POP3 with SSL/TLS, port 995 Receives e-mail.
119 NNTP TCP Transports Usenet articles.
135 RPC/epmap/ dcom-scm TCP or UDP Used to locate DCOM ports. Also known as RPC (Remote Procedure Call).
137–139 NetBIOS TCP or UDP Name querying, sending data, NetBIOS connections.
143 IMAP TCP IMAP4 with SSL/TLS, port 993 Retrieval of e-mail, with advantages over POP3.
161 SNMP UDP Remotely monitor network devices.
162 SNMPTRAP TCP or UDP Traps and InformRequests are sent to the SNMP Manager on this port.
389 LDAP TCP or UDP LDAP over SSL/TLS, port 636 Maintains directories of users and other objects.
445 SMB TCP Provides shared access to files and other resources.
514 Syslog UDP Used for computer message logging, especially for router and firewall logs.
A secure version (Syslog over TLS) uses TCP as the transport mechanism and port 6514.
860 iSCSI TCP IP-based protocol used for linking data storage facilities.
Also uses port 3260 for the iSCSI target.
1433 Ms-sql-s TCP Opens queries to Microsoft SQL server.
1701 L2TP UDP VPN protocol with no inherent security. Often used with IPsec.
1723 PPTP TCP or UDP VPN protocol with built-in security.
1812/1813 RADIUS UDP An AAA protocol used for authentication (port 1812), authorization, and accounting (port 1813) of users.
Also, ports 1645 and 1646.
3225 FCIP TCP or UDP Encapsulates Fibre Channel frames within TCP/IP packets.
Contrast with Fibre Channel over Ethernet (FCoE), which relies on the data link layer and doesn’t rely on TCP/IP directly.
3389 RDP TCP or UDP Remotely views and controls other Windows systems.
3868 Diameter TCP (or SCTP) An AAA protocol; can replace the RADIUS protocol.

SharePoint 2016 Prerequisites fails while installing Windows Server AppFabric


When installing SharePoint Server 2016 on either Windows Server 2016 standard or 2012 R2 Standard. There is a common issue with Windows Server AppFabric. The following is one of the solutions may help you fix the issue. (I tried all solutions from a Technet blog but there is no luck.)

    1. Go to Control Panel and uninstalled AppFabric 1.1.
    2. Then, run the following command again:
      D:\SP16_Sources\prerequisiteinstaller.exe /appFabric:D:\SP16_Pre\WindowsServerAppFabricSetup_x64.exe
    3. Lastly, download the CU 7 for Microsoft AppFabric 1.1 and install it. You run the following PowerShell command to install it as well.
      D:\SP16_Sources\prerequisiteinstaller.exe /KB3092423:D:\SP16_Pre\AppFabric-KB3092423-x64-ENU.exe


  • D:\SP16_Sources\prerequisiteinstaller.exe is the location of preparation tool.
  • D:\SP16_Pre\ is the location of the prerequisites files I downloaded.

After that, you can install the SharePoint prerequisites again by using either preparation tool or PowerShell command line, the installation will be completed successfully.

Secure your email by using a digital signature

digital signature email

Secure your email by using a digital signature is an option to make your email more secure. A digital signature isn’t the same as a signature you routinely include with an outgoing message. Anyone can copy an email signature, which essentially is a customizable closing salutation. But your digital signature, which includes your certificate and public key, originates from your digital ID. And that digital ID serves as your unique digital mark and signals the recipient that the content hasn’t been altered in transit.
It seems like a complicated task to make this happens but it is very easy to setup with the following steps:

Get a digital ID from Comodo

Sign up an account with Comodo service

  • Go to Comodo website or click the following link


  • Click on FREE DOWNLOAD button

  • There will be a pop-up windows dialog box, Web Access Confirmation, asks your permission to let the website perform a digital certification operation on your behalf.
  • Click Yes to accept

  • Enter your first name, last name, email (which you intend to get the certificate for), and select Country.
  • Enter revocation password
  • Select Accept agreement term checkbox.
  • Click NEXT.

  • Click Yes one more time to accept the digital certification operation

  • You will see a confirmation page as below. Now is time to go to your mailbox, check an email from Comodo and get the digital certification for your email address.


Download Digital Cert file from Comodo email

  • From the welcome email from Comodo, you will have all information you need to download/get your digital certification. The following picture demonstrate how to get the cert file.

Create a Free Dynamic DNS with No-IP


Sign up a free account

  • Go to No-IP website sign up link: https://www.noip.com/sign-up.
  • Enter your email and password in box 1 and 2.
  • Select a name for your Dynamic DNS and enter in box 3.
  • Click on Create My Free Account and you will see the “thank you” page from No-IP website. (You will be also received an email from No-IP to activate the account)

Confirm and activate your No-IP free account

  • Now is time to open your email and check an email which was sent from No-IP Notices with subject Confirm Your No-IP Account.
  • Click on the Confirm Account link and it will open up the activation confirmation web page. Now you have done with a free Dynamic DNS account with No-IP. Next step is setting up your Dynamic DNS.

View Your Result

  • From your Dashboard account page (https://my.noip.com/), click on Dynamic DNS link under Dashboard link.
  • You will see your Dynamic DNS record displays in the main section.

“You can how to create Dynamic DNS with Google here

Next Step

I will show you how to setup your home network to remote in or build up your home web server and public to internet.

Install SQL Server 2014 SP2 for SharePoint Server 2016


This is part of Install SharePoint Server 2016 article
The following is step by step pictures which demonstrate how to install SQL Server 2014 SP2 for SharePoint Server 2016.

Install SQL Server 2014 SP2

Step 1: Add .NET Framework 3.5 Features by running Add Roles and Features Wizard

In order to install SQL Server 2014 SP2 successful, you will need to enable .NET Framework 3.5 Features.

Step 2: Install SQL Server 2014 SP2 (SQLServer2014SP2-FullSlipstream-x64-ENU.iso)

You can turn the firewall off during the installation step as the optional step. For me, I keep it as it is.

Step 3 (Optional): Update the SQL Server services to run with the sql_service account. This step isn’t needed for a successful SharePoint 2016 installation.

Step 4: Configuring permission for the SharePoint accounts: sp_farm and sp_setup

Following the description from preparation step, the sp_farm and sp_setup need to be configured with appropriate permission in SQL Server. See the following pictures for details.

If the sp_farm account has not created in SQL Server, we can add it from here and then configure its permissions as needed.

Install SharePoint 2016 Step by Step


This is part of Install SharePoint Server 2016 article

The following is step by step pictures which demonstrate how to install SharePoint Server 2016 on a server

Install SharePoint Server 2016 Step by Step

Step 1:  Turn off the IE Enhanced Security Configuration

This step I use the internet connection to install the prerequisite. Hence, the server has to be able to download and install from the internet. The following picture demonstrates how I turn it the IE Enhanced Security Configuration off
From Server Manager windows, Click on Local Server on the left navigation ⇒ Click on the On link next to IE Enhanced Security Configuration to turn it off

Step 2: Run “Microsoft SharePoint 2016 Products Preparation Tool”


After restarting the server, if the prerequisite doesn’t start automatically, you can start it manually by using the following command
Start “Launch SharePoint preparation tool” “E:\prerequisiteinstaller.exe” /continue

Step 3:  Install SharePoint Server

Run SharePoint 2016 “Setup.exe”

Use the trial key NQGJR-63HC8-XCRQH-MYVCH-3J3QR

Create a Dynamic DNS with Google

A picture from Google search
A picture from Google search

If your domains are hosted at Google, you have a free option to create a Dynamic DNS with Google Domains registrar.
Step 1: Go to https://domains.google ⇒ Log on with your Google credential ⇒ Click on MANAGE MY DOMAINS

Step 2: From My domains page, click on DNS icon of the domain you want to set up a dynamic DNS.

Step 3: Under Synthetic records section, select Synthetic DNS from dropdown box ⇒ Enter a name of the name of the resource you plan to have assigned a Dynamic IP ⇒ Click Add

Step 3: Click the expand triangle to the left of the record to view its values. ⇒ Click View credentials to view the details of username and password which you will need when setting up a dynamic dns on your router or dynamic dns software.

Install SharePoint Server 2016


Install SharePoint Server 2016 on Server 2016 Standard with SQL Server 2014 SP2

This post is a quick note of step by step when I install a SharePoint 2016 farm for evaluation/development purposes by using “Single server role that uses SQL Server” installation scenario.


This evaluation scenario includes a SharePoint 2016 single-server installation (SharePoint 2016 + SQL 2014 SP2 on Windows Server 2016 Standard), basic installation accounts and an existing domain control.


  1. Make sure you meet the requirement for “Single server role” installation. See Hardware and software requirements for SharePoint Server 2016 at https://technet.microsoft.com/en-us/library/cc262485(v=office.16).aspx. In my case, I use a Hyper-V virtual server with the following configuration.
Installation scenario RAM Processor Hard disk space
Single server role that uses SQL Server 16 GB 64-bit, 4 cores 80 GB for system drive; No need Data drive at installation step
  1. Ensure that you have prepared required accounts with appropriate permissions. For detailed information, see Initial deployment administrative and service accounts in SharePoint Server.

In my case, I use the following accounts.

Account Purpose Requirements
(SQL Server service account)
The service account for:

Domain user account (or a Local System account)
The service account isn’t needed for a successful SharePoint 2016 installation.
(Setup user account)
The Setup user account is used to run the following:

  • Setup
  • SharePoint Products Configuration Wizard
Domain user account.
Member of the Administrators group
SQL Server login
Member of the following SQL Server roles:

  • securityadmin
  • dbcreator
(Server farm account or database access account)
  • Configure and manage the server farm.
  • Act as the application pool identity for the SharePoint Central Administration website.
  • Run the Microsoft SharePoint Foundation Workflow Timer Service.
Domain user account.
SQL Server security roles:

  • dbcreator
  • securityadmin
  • db_owner fixed database role for all SharePoint databases in the server farm
sp_service Use as services account for Service Application and Services
  • Domain user account

  1. Ensure the Max degree of parallelism is set to 1.For additional information about max degree of parallelism see, Configure the max degree of parallelism Server Configuration Option and Degree of Parallelism

The following is what I set for the SQL Server I plan to install SharePoint Server 2016.

  1. Installation Sources:
  2. Lastly, a Virtual Server. In my case, I use Windows Server 2016 Standard version with 16 GB RAM and 80 GB with OS drive. I use minimum values as recommended by Microsoft for Single Server with SQL Server MinRole 🙂


Install SQL Server 2014 SP2

Click here to view the installation of SQL Server 2014 SP 2

Install SharePoint Server 2016

Click here to view the installation of SharePoint 2016 step by step pictures