Server Administration

About the Picture

This picture is one of the multiple server clusters I have managed and maintained for the State of Oklahoma. This cluster is a collection of Sun Solaris, Windows 2003, Windows 2008R2 servers for running the State of Oklahoma's carrier class microwave system. Additional servers (not in picture) for the 3CX SIP PBX have been installed and setup recently by me in coordination with Ralph the Tower Communications Manager for OMES Wireless as we have worked together to provide Radio over IP functionality to the State of Oklahoma.

I also work with Windows 2012, Red Hat and Centos 7 servers in my duties with Intelligent Transportation Systems.

Windows Server Best Practices

  • Determine Server Role https://technet.microsoft.com/en-us/library/hh831669(v=ws.11).aspx
  • Name your server's hostname with a self-explanatory name indicating its role.
  • Use a naming convention.
  • Statically assign IP Addresses or exclude in DHCP.
  • Ensure that time settings are correct and that the server points to a qualified NTP server.
  • Ensure that both remote desktop services and a VNC client are operating for remote access.
  • Set security and firewall to highest protection possible and work backwards to admit accounts and change permissions.
  • Use IP address whitelisting for access.
  • Use strong passwords and require expiration.
  • Set automatic updates to enabled but point to one centralized update server to issue the updates to the rest of the domain/branch.
  • Document the server configuration and setup.
  • Set server for periodic backups.
  • Minimize 3rd party software installed on server. Only install tools that may be required to maintain the servers function.
  • Run services with the least privilege.

DNS

DHCP

Active Directory & Domain Controller

File Serving

Windows Server Update Services (WSUS)

Hyper-V

Application Services

Network Services (VPN/RADIUS/Dial-Up)

Virtual Machine Servers (PROXMOX)

SQL Server


Other

Troubleshooting

SQL Server