全新windows_server部署
1.创建账户“EFAdminRoot”,属性“管理员”。按照文档内规划,对EFAdminRoot配置密码 ******
2.注销administrator账户,使用EFAdminRoot登录
3.桌面显示“计算机”,选项栏最小化,锁定任务栏,在任务栏显示所有图标和通知。禁用administrator账户
4.显示隐藏文件,显示文件扩展名
5.从su服务器直接复制software、EastShushan至目标主机D盘根目录
6.打开服务,修改Windows Firewall状态为“自动”并启动。添加入站规则,TCP协议,端口2207,并备注名称“TCP2207”
服务Distributed Link Tracking Client停止,设置启动类型为禁止
服务Distributed Transaction Coordinator停止,设置启动类型为禁止
服务Remote Registry停止,设置启动类型为禁止
7.运行注册表文件port1,port2,修改远程端口为2207
(切记,先加防火墙,再修改端口,否则会远程不上)
8.安装emedit,默认下一步,选择典型安装,打开后选择“不自动更新”,然后使用SN激活
(安装过程中,更改通知时间,设置为从不通知)
9.安装WinRAR,默认下一步。复制rarreg.key到C:\Program Files\WinRAR,覆盖原有,使WinRAR为正式版
(覆盖过程中,提示需要管理员权限。选择“继续”,使用户对C盘有管理员权限)
10.安装CollabNetSubversion-client-1.8.13-1-x64.exe,默认路径即可
11.内网设备安装mysql-installer-community-5.6.13.1.msi,外网不安装。
安装过程,跳过更新检查,选择“Server Only”,程序路径和数据路径均修改为D盘。配置类型选择为Server,密码设置为“******”
程序路径d:\Program Files\MySQL\
数据路径d:\Program Files\MySQL\MySQL Server 5.6\
12.安装mysql-front,路径不改,修改为D盘即可。安装完后,修改登录信息,登录成功且激活
13.修改数据库信息,删除多余root账户选项,连接IP修改为10.10.%.%。修改完毕后,再次登录测试,确实修改正确
(修改过程中,记得密码再次输入“******”,否则会被清空)
14.输入msconfig,启动项,关闭emedit的自动启动,暂时不重启
15.安装更新文件,勾选重要和可选,全部安装。
16.确保补丁安装完成后,设备重启,远程端口生效
17.任务管理器,显示所有用户,内存-提交大小显示
18.所有操作完成后,再次使用新账户,新密码,新端口远程连接,确认一切正常
【service.bat】
sc config MpsSvc start= auto
sc start MpsSvc
netsh advfirewall set allprofiles state on
netsh advfirewall firewall add rule name=”Allow tcp 22071″ dir=in protocol=tcp localport=22071 action=allow
regedit d:/software/port1.reg
regedit d:/software/port2.reg
sc config TrkWks start= disabled
sc stop TrkWks
sc config MSDTC start= disabled
sc stop MSDTC
sc config RemoteRegistry start= disabled
sc stop RemoteRegistry
【port1.reg】
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp]
“InteractiveDelay”=dword:0000000a
“OutBufCount”=dword:00000006
“OutBufDelay”=dword:00000064
“OutBufLength”=dword:00000212
“PdClass”=dword:00000002
“PdDLL”=”tdtcp”
“PdFlag”=dword:0000004e
“PdName”=”tcp”
“PortNumber”=dword:00005637
“RequiredPds”=hex(7):74,00,73,00,73,00,65,00,63,00,73,00,72,00,76,00,00,00,00,\
00
“ServiceName”=”tcpip”
【port2.reg】
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
“AudioEnumeratorDll”=”rdpendp.dll”
“Callback”=dword:00000000
“CallbackNumber”=””
“CdClass”=dword:00000000
“CdDLL”=””
“CdFlag”=dword:00000000
“CdName”=””
“CfgDll”=”RDPCFGEX.DLL”
“ColorDepth”=dword:00000003
“Comment”=””
“Domain”=””
“DrawGdiplusSupportLevel”=dword:00000001
“fAllowSecProtocolNegotiation”=dword:00000001
“fAutoClientDrives”=dword:00000001
“fAutoClientLpts”=dword:00000001
“fDisableAudioCapture”=dword:00000001
“fDisableCam”=dword:00000001
“fDisableCcm”=dword:00000000
“fDisableCdm”=dword:00000000
“fDisableClip”=dword:00000000
“fDisableCpm”=dword:00000000
“fDisableEncryption”=dword:00000001
“fDisableExe”=dword:00000000
“fDisableLPT”=dword:00000000
“fEnableWinStation”=dword:00000001
“fForceClientLptDef”=dword:00000001
“fHomeDirectoryMapRoot”=dword:00000000
“fInheritAutoClient”=dword:00000001
“fInheritAutoLogon”=dword:00000001
“fInheritCallback”=dword:00000000
“fInheritCallbackNumber”=dword:00000001
“fInheritColorDepth”=dword:00000000
“fInheritInitialProgram”=dword:00000001
“fInheritMaxDisconnectionTime”=dword:00000001
“fInheritMaxIdleTime”=dword:00000001
“fInheritMaxSessionTime”=dword:00000001
“fInheritReconnectSame”=dword:00000001
“fInheritResetBroken”=dword:00000001
“fInheritSecurity”=dword:00000000
“fInheritShadow”=dword:00000001
“fLogonDisabled”=dword:00000000
“fPromptForPassword”=dword:00000000
“fReconnectSame”=dword:00000000
“fResetBroken”=dword:00000000
“fUseDefaultGina”=dword:00000000
“InitialProgram”=””
“InputBufferLength”=dword:00000800
“InteractiveDelay”=dword:00000032
“KeepAliveTimeout”=dword:00000000
“KeyboardLayout”=dword:00000000
“LanAdapter”=dword:00000000
“LoadableProtocol_Object”=”{18b726bb-6fe6-4fb9-9276-ed57ce7c7cb2}”
“MaxConnectionTime”=dword:00000000
“MaxDisconnectionTime”=dword:00000000
“MaxIdleTime”=dword:00000000
“MaxInstanceCount”=dword:ffffffff
“MinEncryptionLevel”=dword:00000002
“NWLogonServer”=””
“OutBufCount”=dword:00000006
“OutBufDelay”=dword:00000064
“OutBufLength”=dword:00000212
“Password”=””
“PdClass”=dword:00000002
“PdClass1″=dword:0000000b
“PdDLL”=”tdtcp”
“PdDLL1″=”tssecsrv”
“PdFlag”=dword:0000004e
“PdFlag1″=dword:00000000
“PdName”=”tcp”
“PdName1″=”tssecsrv”
“PortNumber”=dword:00005637
“SecurityLayer”=dword:00000001
“Shadow”=dword:00000001
“UserAuthentication”=dword:00000000
“Username”=””
“WdDLL”=”rdpwd”
“WdFlag”=dword:00000036
“WdName”=”Microsoft RDP 7.1”
“WdPrefix”=”RDP”
“WFProfilePath”=””
“WorkDirectory”=””
“WsxDLL”=”rdpwsx”
转载请注明:崔之龙–运维小崔的个人博客 » 全新windows_server部署
还没有人抢沙发呢~