Tech Fix Daily

Enable Application and Virtualization Services on windows servers

🔹 Part 1: Install and Configure Hyper-V for Client VMs

✅ Method A: Using Server Manager (GUI)

1. Open Server Manager

2. Click Manage > Add Roles and Features

3. Choose Role-based or feature-based installation

4. Select your server from the list

5. In Server Roles, check Hyper-V

6. Add required features when prompted

7. On Virtual Switches screen, configure:

   • External switch (connected to NIC)

   • Internal/Private (for isolated networks)

8. Proceed and click Install

9. Reboot the server

---

✅ Method B: Using PowerShell

powershell
CopyEdit
Install-WindowsFeature -Name Hyper-V -IncludeManagementTools -Restart

After reboot:

powershell
CopyEdit
# Create External Virtual Switch
New-VMSwitch -Name "ClientNet" -NetAdapterName "Ethernet" -AllowManagementOS $true

---

✅ Create and Configure Virtual Machines

1. Open Hyper-V Manager

2. Click New > Virtual Machine

3. Use the wizard to:

   • Name VM (e.g., Client1-VM)

   • Assign generation (Gen 1 or Gen 2)

   • Allocate memory

   • Connect to virtual switch

   • Create new VHD (e.g., 60GB)

   • Mount ISO (Windows Server or Client OS)

4. Finish and start the VM

5. Install OS inside the VM

---

🔹 Part 2: Set Up Remote Desktop Services (RDS)

✅ Method A: Using Server Manager

1. Open Server Manager

2. Go to Manage > Add Roles and Features

3. In Installation Type, choose:

   • Remote Desktop Services Installation

4. Choose Quick Start or Standard Deployment

5. Select server to install roles:

   • RD Connection Broker

   • RD Session Host

   • RD Web Access

6. Proceed and click Install

7. After install, reboot if prompted

---

✅ Enable RDP Access for Users

1. Go to System > Remote Desktop Settings

2. Enable Allow remote connections

3. Add specific users under Select users

4. Open Windows Firewall > Inbound Rules:

   • Allow Remote Desktop (TCP-In)

---

✅ Method B: PowerShell Install

powershell
CopyEdit
Install-WindowsFeature -Name RDS-RD-Server

Then configure user/group access and firewall rules.

---

🔹 Part 3: Web Application Hosting (IIS)

✅ Method A: Using Server Manager (Install IIS)

1. Go to Manage > Add Roles and Features

2. In Server Roles, select Web Server (IIS)

3. Add features like:

   • ASP.NET, WebSocket, Management Tools (optional)

4. Click Next > Install

---

✅ Create New Website in IIS

1. Open IIS Manager (inetmgr)

2. Right-click Sites > Add Website

3. Enter:

   • Site Name: Client1WebApp

   • Physical Path: C:\inetpub\Client1

   • Binding: http, choose port (default 80 or custom)

4. Start the site

---

✅ Assign Site to Application Pool

1. In IIS Manager, go to Application Pools

2. Create new app pool for each client (e.g., Client1AppPool)

3. Assign app pool to corresponding site

---

🔒 Part 4: Application Isolation & Secure Access

✅ Option A: Use Separate VMs or App Pools Per Client

• Each client runs in a separate Hyper-V VM

• Web apps use separate application pools

• RDS sessions are controlled via GPO or RD Licensing

---

✅ Option B: Use Firewall Rules for Access Control

Use PowerShell or GUI to restrict access by IP or subnet:

powershell
CopyEdit
New-NetFirewallRule -DisplayName "Allow Client1 Access to WebApp" `
-Direction Inbound -Protocol TCP -LocalPort 80 `
-RemoteAddress 192.168.10.0/24 -Action Allow

---

✅ Option C: Configure User Groups and File Security

1. Create AD Groups: Client1-WebAdmins, Client2-RDP-Users, etc.

2. Set folder NTFS and IIS path permissions

3. Use GPOs to restrict RDP access or start-up programs

---

🛠 Suggested Tools for Management