Windows Server Notes

1. Windows Server 2022 Build

1.1. Installing Windows Server Essentials Experience

Windows Server 2022 Essentials doesn’t contain the Remote Desktop Gateway server role so the Anywhere Access/Remote Web Access feature will not be available.

This document describes the process of ripping the Essentials Experience functionality out of Windows Server 2016 and installing it on Windows Server 2019.

2. Enable Windows Hello for Domain Joined Computers

  • The following will allow domain joined computers to use Windows Hello as an alternative to using a username/password combination to securely login in to the domain via a:

    • fingerprint reader

    • facial recognition camera

    • secure PIN

  • The following step will enable this functionality:

    1. Launch Group Policy Management.

    2. Expand Group Policy Management → Domains → Dhante.local → Default Domain Policy

    3. Right mouse click on Default Domain Policy and click the Edit button. This will launch the Group Policy Management Editor window.

    4. Enable Secure PIN:

      1. Expand Computer Configuration  Policies  Administrative Templates  System  Logon

      2. Enable Turn on convenience PIN sign-in

    5. Enable Biometrics:

      1. Expand Computer Configuration  Policies  Administrative Templates  Windows Components  Biometrics.

      2. Enable all 3 of the Allow* policies.

3. Troubleshooting

3.1. EFI Boot Loader

If you are having issues booting into Windows the following procedure will help restore the Boot Configuration Data (BCD).

Original source documentation is here

  1. Boot the PC from the Microsoft Windows installation media iso.

  2. At the Windows Setup window click Shift+F10 to open a command prompt.

    2021-04-10 11_11_19-v-win10-test on HADES - Virtual Machine Connection

  3. Start the DiskPart tool:

    2021-04-10 11_29_14-Clipboard

  4. Get a listing of disks with the list disk command.

    This recovery guide is intended for GPT partitioned disks so confirm that your Window disk is GPT partitioned as indicated with an asterisk in the Gpt column:

    2021-04-10 11_37_02-v-win10-test on HADES - Virtual Machine Connection

    If your disk is not using the GPT partition table, then you’ll need to find a MBR related recovery guide.

  5. Select your system disk with the select disk command followed by the disk number. In this case the disk number is 0:

    2021-04-10 12_11_37-v-win10-test on HADES - Virtual Machine Connection

  6. Display both the partitions and volumes on the selected disk with the list partition and list volume commands:

    2021-04-10 12_19_29-Clipboard

    The EFI volume is indicated where Fs=FAT32, Size=100MB, Info=Hidden as highlighted in green above.

  7. Now we need to select the EFI volume and assign it a drive letter. We will use drive letter K:

    2021-04-10 12_47_08-v-win10-test on HADES - Virtual Machine Connection

  8. Exit the DiskPart tool:

    2021-04-10 17_45_52-v-win10-test on HADES - Virtual Machine Connection

  9. Enter the boot loader directory using the previously assigned drive letter K:

    2021-04-10 17_49_44-v-win10-test on HADES - Virtual Machine Connection

  10. Recreate the BCD store by copying the UEFI boot environment files to the boot partition from the Windows directory:

    2021-04-10 18_01_24-v-win10-test on HADES - Virtual Machine Connection

  11. Confirm:

    2021-04-10 18_04_55-v-win10-test on HADES - Virtual Machine Connection

  12. Now you can reboot with a working BCD.

3.2. Windows Server Essentials (Domain Join)

  • Open a browser and connect to https://remote.dhante.com/Connect/

  • If the connection takes a long time and fails you may have to enable Network Sharing. The error message will look like the following:

    can’t connect to server

  • Do the following to fix:

    1. Click on Network

      click on network

    2. Acknowledge

      click on acknowledge

    3. Click

      click on change

  • If the Configuration Wizard fails to download the package:

    2021-04-17 17_58_40-v-Serv2019-MID2 on NORCO - Virtual Machine Connection

    1. Execute the WSEClient msi contained within this repo.

    2. Retry the Configuration Wizard.