Managing and automating your network, whether it consists of physical or virtual components on a Windows Server, involves configuring the Network Controller Server Role. This role offers a unified approach for overseeing your routers, switches, and firewall systems. In this article, we’ll guide you through the process of installing and deploying a Network Controller on a Windows Server.
Understanding the Network Controller in Windows Server
The Network Controller in Windows Server is an essential server role that is both scalable and reliable, serving as a central hub for managing your physical and virtual networking infrastructure.
Steps to Install and Deploy a Network Controller on Windows Server
To successfully install and deploy a Network Controller on a Windows Server, adhere to the steps outlined below.
- Create a Security Group.
- Proceed with the Network Controller installation.
- Deploy the Network Controller.
Let’s delve deeper into each of these steps.
1] Creating a Security Group
Prior to deploying the Network Controller, it’s necessary to establish an Active Directory Domain Services (AD DS) Security Group. Follow these steps:
- In Active Directory Users and Computers, locate your domain, right-click on the appropriate organizational unit, and select New > Group.
- Input a name for the group (e.g., Network Admin), set the scope to Global, and choose the desired group type.
- Right-click on the group and select Properties.
- Navigate to Members > Add, type “administrator” in the Enter the object names to select field, and click on Check Names. Additional users can be included as needed.
- Create a second group, naming it Network Ops, and add the previously added users.
After completing this, request a certificate by launching the Certificate Enrollment Wizard on the server, choosing a suitable template for network controllers, and submitting the request to a Certificate Authority (CA). Once the request is approved, download and install the issued certificate on the server to ensure secure operations.
2] Installing the Network Controller
As previously mentioned, the Network Controller is a Server Role in Windows Server, and since it does not come pre-installed, we will need to set it up manually. Follow these steps for installation:
- Launch the Server Manager.
- Navigate to Manage > Add Roles and Features.
- Click Next when the Add Roles and Features wizard opens.
- Select the Role-based or Feature-based installation option and click Next.
- Choose Select a server from the server pool, select your server, and click Next.
- Under the Server Roles tab, check the box next to Network Controller, then click Add Features when prompted, and click Next.
- Assuming the necessary features are already installed, click Next to bypass the Features tab.
- Review the information provided on the Network Controller tab and click Next.
- Select the Restart the destination server automatically option, then click Install.
Allow some time for the installation to complete. Once it’s finished, proceed to the next step.
3] Deploying the Network Controller
To deploy the Network Controller, it’s essential to configure the Network Controller cluster, beginning with the creation of a cluster node. Open PowerShell as an administrator and execute the following command:
New-NetworkControllerNodeObject -Name <string> -Server <String> -FaultDomain <string> -RestInterface <string> [-NodeCertificate <X509Certificate2>]
- Name <string>: Defines the name for the network controller node.
- Server <string>: Indicates the fully qualified domain name (FQDN) of the server hosting the network controller node.
- FaultDomain <string>: Denotes the fault domain for the node, grouping servers that could potentially fail together due to shared physical dependencies.
- RestInterface <string>: Specifies the network interface that listens for REST requests on the server.
- NodeCertificate <X509Certificate2>: Optional parameter for the certificate utilized by the node to enable secure communications.
Next, execute the following command to configure your cluster.
Install-NetworkControllerCluster -Node <NetworkControllerNode[]> -ClusterAuthentication <ClusterAuthentication> [-ManagementSecurityGroup <string>][-DiagnosticLogLocation <string>][-LogLocationCredential <PSCredential>] [-CredentialEncryptionCertificate <X509Certificate2>][-Credential <PSCredential>][-CertificateThumbprint <String>] [-UseSSL][-ComputerName <string>][-LogSizeLimitInMBs<UInt32>] [-LogTimeLimitInDays <UInt32>]
- Node <NetworkControllerNode[]>: Represents an array of NetworkControllerNode objects that constitute the cluster nodes.
- ClusterAuthentication <ClusterAuthentication>: Specifies the authentication method for the cluster, with options including None, Kerberos, and X509Certificate.
- ManagementSecurityGroup <string>: Identifies the security group responsible for managing the Network Controller.
- DiagnosticLogLocation <string>: Indicates where diagnostic logs will be maintained.
- LogLocationCredential <PSCredential>: Specifies the credentials required to access the log location.
- CredentialEncryptionCertificate <X509Certificate2>: Denotes the certificate used for encrypting credentials.
- Credential <PSCredential>: Specifies the credentials employed for the Network Controller.
- CertificateThumbprint <String>: Points to the thumbprint of the certificate utilized by the Network Controller.
- UseSSL: Indicates whether to employ SSL for communication.
- ComputerName <string>: Identifies the computer executing the cmdlet.
- LogSizeLimitInMBs <UInt32>: Sets the maximum allowable size for the log files in megabytes.
- LogTimeLimitInDays <UInt32>: Specifies the duration limit for the log files in days.
Lastly, run Get-NetworkController to verify that the deployment was successful.
How to Set Up a Network Controller?
To establish a Network Controller, you need to begin with the installation of the required server role. This can be done through the Server Manager. After the role is installed, utilize PowerShell commands to properly configure and deploy your Network Controller.