Home Archives Search Feed

🧩 Initial System Setup

  • Install Windows Server 2025 (UEFI + GPT mode)
  • Set computer name (e.g. srv-backup-01)
  • Install all available Windows Updates
  • Install VM tools or hardware drivers (e.g. Proxmox guest tools)
  • Set system time zone and verify NTP sync
  • Define and document common admin password

πŸ‘€ User and Access Management

  • Create local user accounts
  • Assign user roles (Administrator, Backup Operator, RDP user, etc.)
  • Configure unified β€œDocuments” folder for all users (e.g. D:\Documents)

🌐 Remote Access & Network

  • Enable Remote Desktop
  • Enable NLA (Network Level Authentication)
  • (Optional) Disable RDP firewall rule (if behind hardware firewall)
  • Set static IP or reserve DHCP lease

πŸ§… Tailscale Setup

  • Install Tailscale
  • Authenticate using auth key or login manually
  • Assign hostname and optional tags - I tend not to
  • Ensure ACLs allow RDP access to this node
  • Enable Tailscale β€œAlways On”

πŸ” Backup and Security

  • Install Veeam Agent for Windows (installer must be pre-downloaded)
  • Configure backup job (volume-level or file-level)
  • Set backup schedule and retention policy
  • Configure backup target (local drive or network share - BOTH)
  • Enable email notifications (optional)
  • (Optional) Enable BitLocker disk encryption - NOT YET
    • Install BITDEFENDER

πŸ–¨οΈ Printer Setup

  • Install Canon MAXIFY GX7050 driver
  • Set printer as SYSTEM default
  • Enable printing for all users without elevation

πŸ“ Storage & Folder Configuration

  • Mount any external data volumes (e.g. My Pegasus)
  • Create D:\Data, and D:\Documents
  • Set NTFS permissions and ACLs
  • (Optional) Use registry or group policy to map Documents folder globally - done

πŸ› οΈ Optional Enhancements

Not sure much about these

  • Install Chocolatey or winget for package management
  • Install common tools (e.g. 7-Zip, Notepad++, Git, etc.)
  • Disable Windows Error Reporting
  • Configure power settings (e.g. prevent sleep) yes
  • Create Scheduled Tasks (e.g. for network checks, health reports)

But all these β€œnice to haves” can wait.

ADD - agnostic partitioning

https://gparted.org/download.php

June 24, 2025

Previous post
Telephone modernisation This is assuming the existing DECT base is analog only, no sip. ======================================================== Short cuts to sites
Next post
πŸ“Š Windows Server 2025: Essentials vs. Standard β€” My Business-Focused Comparison A note: Two Different Standards at Play Standard What It Means Applies To UK/EU Licensing Law You’re allowed to resell and reuse perpetual