全新windows_server部署

    1.创建账户“EFAdminRoot”,属性“管理员”。按照文档内规划,对EFAdminRoot配置密码 ******
    2.注销administrator账户,使用EFAdminRoot登录
    3.桌面显示“计算机”,选项栏最小化,锁定任务栏,在任务栏显示所有图标和通知。禁用administrator账户
    4.显示隐藏文件,显示文件扩展名
    5.从su服务器直接复制software、EastShushan至目标主机D盘根目录
    6.打开服务,修改Windows Firewall状态为“自动”并启动。添加入站规则,TCP协议,端口2207,并备注名称“TCP2207”
    服务Distributed Link Tracking Client停止,设置启动类型为禁止
    服务Distributed Transaction Coordinator停止,设置启动类型为禁止
    服务Remote Registry停止,设置启动类型为禁止
    7.运行注册表文件port1,port2,修改远程端口为2207
    (切记,先加防火墙,再修改端口,否则会远程不上)

    8.安装emedit,默认下一步,选择典型安装,打开后选择“不自动更新”,然后使用SN激活
    (安装过程中,更改通知时间,设置为从不通知)
    9.安装WinRAR,默认下一步。复制rarreg.key到C:\Program Files\WinRAR,覆盖原有,使WinRAR为正式版
    (覆盖过程中,提示需要管理员权限。选择“继续”,使用户对C盘有管理员权限)
    10.安装CollabNetSubversion-client-1.8.13-1-x64.exe,默认路径即可
    11.内网设备安装mysql-installer-community-5.6.13.1.msi,外网不安装。
    安装过程,跳过更新检查,选择“Server Only”,程序路径和数据路径均修改为D盘。配置类型选择为Server,密码设置为“******”
    程序路径d:\Program Files\MySQL\
    数据路径d:\Program Files\MySQL\MySQL Server 5.6\
    12.安装mysql-front,路径不改,修改为D盘即可。安装完后,修改登录信息,登录成功且激活
    13.修改数据库信息,删除多余root账户选项,连接IP修改为10.10.%.%。修改完毕后,再次登录测试,确实修改正确
    (修改过程中,记得密码再次输入“******”,否则会被清空)

    14.输入msconfig,启动项,关闭emedit的自动启动,暂时不重启
    15.安装更新文件,勾选重要和可选,全部安装。
    16.确保补丁安装完成后,设备重启,远程端口生效
    17.任务管理器,显示所有用户,内存-提交大小显示
    18.所有操作完成后,再次使用新账户,新密码,新端口远程连接,确认一切正常

     

    【service.bat】

    sc config MpsSvc start= auto
    sc start MpsSvc
    netsh advfirewall set allprofiles state on
    netsh advfirewall firewall add rule name=”Allow tcp 22071″ dir=in protocol=tcp localport=22071 action=allow
    regedit d:/software/port1.reg
    regedit d:/software/port2.reg
    sc config TrkWks start= disabled
    sc stop TrkWks
    sc config MSDTC start= disabled
    sc stop MSDTC
    sc config RemoteRegistry start= disabled
    sc stop RemoteRegistry

     

    【port1.reg】

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp]
    “InteractiveDelay”=dword:0000000a
    “OutBufCount”=dword:00000006
    “OutBufDelay”=dword:00000064
    “OutBufLength”=dword:00000212
    “PdClass”=dword:00000002
    “PdDLL”=”tdtcp”
    “PdFlag”=dword:0000004e
    “PdName”=”tcp”
    “PortNumber”=dword:00005637
    “RequiredPds”=hex(7):74,00,73,00,73,00,65,00,63,00,73,00,72,00,76,00,00,00,00,\
    00
    “ServiceName”=”tcpip”

    【port2.reg】

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
    “AudioEnumeratorDll”=”rdpendp.dll”
    “Callback”=dword:00000000
    “CallbackNumber”=””
    “CdClass”=dword:00000000
    “CdDLL”=””
    “CdFlag”=dword:00000000
    “CdName”=””
    “CfgDll”=”RDPCFGEX.DLL”
    “ColorDepth”=dword:00000003
    “Comment”=””
    “Domain”=””
    “DrawGdiplusSupportLevel”=dword:00000001
    “fAllowSecProtocolNegotiation”=dword:00000001
    “fAutoClientDrives”=dword:00000001
    “fAutoClientLpts”=dword:00000001
    “fDisableAudioCapture”=dword:00000001
    “fDisableCam”=dword:00000001
    “fDisableCcm”=dword:00000000
    “fDisableCdm”=dword:00000000
    “fDisableClip”=dword:00000000
    “fDisableCpm”=dword:00000000
    “fDisableEncryption”=dword:00000001
    “fDisableExe”=dword:00000000
    “fDisableLPT”=dword:00000000
    “fEnableWinStation”=dword:00000001
    “fForceClientLptDef”=dword:00000001
    “fHomeDirectoryMapRoot”=dword:00000000
    “fInheritAutoClient”=dword:00000001
    “fInheritAutoLogon”=dword:00000001
    “fInheritCallback”=dword:00000000
    “fInheritCallbackNumber”=dword:00000001
    “fInheritColorDepth”=dword:00000000
    “fInheritInitialProgram”=dword:00000001
    “fInheritMaxDisconnectionTime”=dword:00000001
    “fInheritMaxIdleTime”=dword:00000001
    “fInheritMaxSessionTime”=dword:00000001
    “fInheritReconnectSame”=dword:00000001
    “fInheritResetBroken”=dword:00000001
    “fInheritSecurity”=dword:00000000
    “fInheritShadow”=dword:00000001
    “fLogonDisabled”=dword:00000000
    “fPromptForPassword”=dword:00000000
    “fReconnectSame”=dword:00000000
    “fResetBroken”=dword:00000000
    “fUseDefaultGina”=dword:00000000
    “InitialProgram”=””
    “InputBufferLength”=dword:00000800
    “InteractiveDelay”=dword:00000032
    “KeepAliveTimeout”=dword:00000000
    “KeyboardLayout”=dword:00000000
    “LanAdapter”=dword:00000000
    “LoadableProtocol_Object”=”{18b726bb-6fe6-4fb9-9276-ed57ce7c7cb2}”
    “MaxConnectionTime”=dword:00000000
    “MaxDisconnectionTime”=dword:00000000
    “MaxIdleTime”=dword:00000000
    “MaxInstanceCount”=dword:ffffffff
    “MinEncryptionLevel”=dword:00000002
    “NWLogonServer”=””
    “OutBufCount”=dword:00000006
    “OutBufDelay”=dword:00000064
    “OutBufLength”=dword:00000212
    “Password”=””
    “PdClass”=dword:00000002
    “PdClass1″=dword:0000000b
    “PdDLL”=”tdtcp”
    “PdDLL1″=”tssecsrv”
    “PdFlag”=dword:0000004e
    “PdFlag1″=dword:00000000
    “PdName”=”tcp”
    “PdName1″=”tssecsrv”
    “PortNumber”=dword:00005637
    “SecurityLayer”=dword:00000001
    “Shadow”=dword:00000001
    “UserAuthentication”=dword:00000000
    “Username”=””
    “WdDLL”=”rdpwd”
    “WdFlag”=dword:00000036
    “WdName”=”Microsoft RDP 7.1”
    “WdPrefix”=”RDP”
    “WFProfilePath”=””
    “WorkDirectory”=””
    “WsxDLL”=”rdpwsx”

     

    转载请注明:崔之龙–运维小崔的个人博客 » 全新windows_server部署

    喜欢 0
标签: , ,

还没有人抢沙发呢~