Jump to content
RESET Forums (homeservershow.com)

Essentials 2012 installation - notes (may be of use)


Recommended Posts

I made some notes when I did my install so that if I had to do it again I would know what I did! I didn't realise there would be so many trips and quirks to get it all running. Hopefully some of the below might be of use to someone :)




Initial install


Had to connect to network to complete install


Mandatory creation of domain admin account and user account 


Changed to static IP (and left the DNS as loopback)


Windows Update


Activated windows


Linked Office365 accounts and manually reverted passwords back



Going through alerts: 

    Created file system on RAID10 array

    Moved default Server Folders from C:\ to D:\


More windows updates


Set up Anywhere Access for Remote Web Access:

    Created A record for remote.xxxxxxxxxxxxxxxxx.co.uk

    Started manual configuration from wizard

    Manually forwarded ports 80 & 443 in router (DO NOT use automatic settings as it kills access to your router).

    Followed instructions from:


    Additional instructions - need to add domain to CAcert which needs email verification

    Follows this guide to set up alias 'admin' email for Office365 to enable verification


More windows updates


Tried to install SCEP but said unsupported OS


Installed .NET 3.5


More windows updates


Installed Forefront client instead of SCEP following this guide (needs two manual updates before windows update works):



Office 365 Integration Service reports not running after install Update Rollup 1 for Windows Server 2012 Essentials (KB2781267) - Fixed by following this guide:


Installed DHCP server (will not install unless the ethernet cable is disconnected WTF!?)


Removed volume icon from taskbar:


Configured static IPv6 address using this converter (due to nags in events)


Linked all users to their Office365 accounts (and reverted passwords again)


Changed loopback in ethernet DNS settings to local server IP address due to nags


Set up Anywhere Access VPN & Remote Domain Join:

    Followed instructions from:


    Installed Remote Access GUI and Command-Line Tools

    #### Requires a reboot of the server otherwise the next stage fails

    Set Up Anywhere Access for VPN


Configured Roaming Profiles using this guide:


Tried to connect first client computer, failed with "The server is not available. To resolve this issue, contact the person responsible for your network"

    Followed instructions from:

    Changed client NTP to 'time.windows.com'

    #### You must restart the client to pick up the NTP changes ####


Added client computers to Roaming Profile Group


Configured folder redirection following this guide:


Set up Outlook and shared calendars

    For some users the shared calendars did not show up in Outlook until manually logging into Office365 online and selecting calendar


Force IE10 to desktop mode using following guide:


Changed Outlook temperature:


Disabled backup of restore images causing client backup to fail after reading this:


Enabled inbound firewall rule for SQLExpress 2012:


Configured SQLExpress 2012 for remote connections:

    #### Enabled TCP/IP and edited port on IPall only to 1433 / disabled dynamic ports (removed 0) ####

    #### After enabling browser service still could not connect (using instance only) so used instance,port (SQLEXPRESS,1433) ####


Changed the default user for SQLExpress 2012 server service to domain admin to enable access to SharedFolder directories


Reinstated Quick View toolbar:

Edited by marky9074
Link to comment
Share on other sites

A SQL Service account is running as a "Domain Admin"?  Seriously?


Good point! I should fix that. I was logged in as domain admin as a quick fix to get it working. 

Link to comment
Share on other sites

Read Access I might could see, but never a Domain Admin.  Always think Least Privilege.....

Link to comment
Share on other sites

I was having issues with all these 'virtual accounts' in that I couldn't find the accounts to actually grant access to the folder that our client software makes SQL backups to. I need write access to be able to do the backups, and every time the software quits it does a backup...

I should also point out that there is a wizard to import the 365 accounts, but for some reason even though it imports and creates the AD accounts it does not link them! Hence why I have written that I linked the accounts twice (the first time was actually the wizard..)

Link to comment
Share on other sites

Coming from a Veritas and SQL background, I can tell you that a Service Account for Backups would be best.  Are you running the SQL backups from a Maintenance Plan? 


If so, the plan will create a folder and then the backup account can have access to that folder to make a secondary backup of that folder.  Make sense?

Link to comment
Share on other sites

Yeah all makes sense, unfortunately the client software hard codes the backup directory to a sub directory under its own directory so I have to look at a user that can access that shared folder.

Link to comment
Share on other sites

What are you using to backup the backups?


All you need is a Service Account for Backups and give it Full Control at the Root Level of those Folders being created.  The permissions will propagate down.

Link to comment
Share on other sites

In spirit, yes.  That shows an installation of Full SQL.  It's been so long since I fooled with Express that I cannot rememeber the screens.


Just see if you can find instructions for creating a Maintenance Plan for SQL Express.  Basically, the Maintenance Plan creates a file with the extension ".bak".  That's what you want to backup, not the live database.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...