More Musings

βœ… Windows Server 2025 My Setup Checklist

Anthony

🧩 Initial System Setup

  • [ ] Install Windows Server 2025 (UEFI + GPT mode)
  • [ ] Set computer name (e.g. srv-backup-01)
  • [ ] Install all available Windows Updates
  • [ ] Install VM tools or hardware drivers (e.g. Proxmox guest tools)
  • [ ] Set system time zone and verify NTP sync
  • [ ] Define and document common admin password

πŸ‘€ User and Access Management

  • [ ] Create local user accounts
  • [ ] Assign user roles (Administrator, Backup Operator, RDP user, etc.)
  • [ ] Configure unified “Documents” folder for all users (e.g. D:\Documents)

🌐 Remote Access & Network

  • [ ] Enable Remote Desktop
  • [ ] Enable NLA (Network Level Authentication)
  • [ ] (Optional) Disable RDP firewall rule (if behind hardware firewall)
  • [ ] Set static IP or reserve DHCP lease

πŸ§… Tailscale Setup

  • [ ] Install Tailscale
  • [ ] Authenticate using auth key or login manually
  • [ ] Assign hostname and optional tags – I tend not to
  • [ ] Ensure ACLs allow RDP access to this node
  • [ ] Enable Tailscale “Always On”

πŸ” Backup and Security

  • [ ] Install Veeam Agent for Windows (installer must be pre-downloaded)
  • [ ] Configure backup job (volume-level or file-level)
  • [ ] Set backup schedule and retention policy
  • [ ] Configure backup target (local drive or network share – BOTH)
  • [ ] Enable email notifications (optional)
  • [ ] (Optional) Enable BitLocker disk encryption – NOT YET
    • Install BITDEFENDER

πŸ–¨οΈ Printer Setup

  • [ ] Install Canon MAXIFY GX7050 driver
  • [ ] Set printer as SYSTEM default
  • [ ] Enable printing for all users without elevation

πŸ“ Storage & Folder Configuration

  • [ ] Mount any external data volumes (e.g. My Pegasus)
  • [ ] Create D:\Data, and D:\Documents
  • [ ] Set NTFS permissions and ACLs
  • [ ] (Optional) Use registry or group policy to map Documents folder globally – done

πŸ› οΈ Optional Enhancements

Not sure much about these

  • [ ] Install Chocolatey or winget for package management
  • [ ] Install common tools (e.g. 7-Zip, Notepad++, Git, etc.)
  • [ ] Disable Windows Error Reporting
  • [ ] Configure power settings (e.g. prevent sleep) yes
  • [ ] Create Scheduled Tasks (e.g. for network checks, health reports)

But all these “nice to haves” can wait.

ADD – agnostic partitioning

https://gparted.org/download.php