Install Windows Server Essentials with a Custom Domain Suffix

After a brief argument with Susan Bradley, and i use the term brief and argument loosely, Grey Lancaster and i were left with a problem…

So can someone blog that/post that on TechNet so that folks aren’t hacking up what they are doing now?

Grey, of course, deferred to me. So here i am Saturday night and I’m writing this. I don’t mind of course because i have nothing better to do, but i digress.

Yes, you can install Essentials 2012 R2 (and probably other versions) with any domain suffix, not just the “.local” that the Essentials Configuration Wizard (ECW) will default to..

After the preinstall of your OS, on an Essentials SKU box, you will be launched directly into the ECW. You can close it, or ignore it. It will come back. If you are deploying the Essentials Role, just follow these steps before you install the role.


First thing, you will probably want to rename your Server, via the system properties.

Name 1

Now, open Server Manager. Wait for the inventory check to complete and hit  Manage then Add Roles and Features.

Add Roles

We are going to just add Active Directory Domain Services at this point, select that and accept the defaults on the popup regarding features and admin tools.

Add Roles 2

Add Roles 3

Click next and accept all the defaults.

The install should take a few minutes depending on the speed of your server but my VM is pretty low spec and didn’t take long.

Once that’s installed we can run the Post Deployment task, still ignore the Essentials task at this point.

Click on Promote this Server to a Domain Controller.

Post Deployment

The first step, is an important one.

Select ‘a new forest’ and choose a name.

There is a minefield of information out there about the right domain name to choose, some prefer a generic name, some insist on using the same name as your public name.

I am going to choose a sub domain of my public domain name.

Name the Forest

Name the Forest 2

You can accept the defaults on the rest of the wizard, unless you need to make changes to suit your environment. Chances are, you don’t. If you are not sure – ask before continuing!

You can review your settings, it is your last chance to change them and then when you are ready hit next.

Install AD 3

Some pre-requisite checks will be run, barring any major errors (which are unlikely) you can go ahead and hit install.

Install AD 4

Go and have a beer. That’s what I’m doing.


Of course when you come back you may be confused (depending on how many beers you consumed) to see your Server has rebooted itself.

You can now login as the domain admin. and as explained earlier the ECW will kick off again.

Logon to Domain

Now, before you continue with the Essentials setup you might want to do some other configuration.


Enable DNS Scavenging.

This is a really useful and often overlooked configuration change, and so easy with PowerShell.

Load up an Elevated PowerShell window..

$ipv4 = (Get-NetIPAddress -AddressFamily IPv4 | select *)
$ipA = $ipv4[0].IPAddress
$sMask = $ipv4[0].PrefixLength
$ipNet = $ipv4.IPAddress[0].Split(".")
$ipNet = $ipNet[0] + "." + $ipNet[1] + "." + $ipNet[2] + ".0"
$sNet = $ipNet + "/" + $sMask
Set-DnsServerScavenging -ScavengingState $true -ApplyonAllZones -ScavengingInterval "7.00:00:00"
Add-DnsServerPrimaryZone -NetworkID $sNet -ReplicationScope "Forest"

Set-DNS Scavenge

Install DHCP?

(You may get a warning if your server is still on a dynamic IP)

Save this as a ps1 file (don’t forget your PowerShell Execution Policy)

Write-Output "Detecting Network Settings.."
$server = $env:ComputerName
$domain = $env:UserDnsDomain
$domainName = $env:UserDomain
$serverDomain = $server + "." + $domain
$ipv4 = (Get-NetIPAddress -AddressFamily IPv4 | select *)
$ipA = $ipv4[0].IPAddress
$ipNet = $ipv4.IPAddress[0].Split(".")
$ipNet = $ipNet[0] + "." + $ipNet[1] + "." + $ipNet[2] + ".0"
$ipRouter = ((Get-NetIPConfiguration -InterfaceIndex ($ipv4[0].ifIndex) ).IPv4DefaultGateWay).NextHop
$dhcp = Get-WindowsFeature | where { $_.Name -match "DHCP" }
Write-Output "Installing DHCP.."
Add-WindowsFeature $dhcp -IncludeManagementTools
$dhcpStart = Read-Host -Prompt "Enter Start IP Of DHCP Scope"
$dhcpEnd = Read-Host -Prompt "Enter End IP Of DHCP Scope"
$exclusions = Read-Host -Prompt "Add Exclusions? Y/N"
$scopeName = "$domainName DHCP Scope"
Write-Output "Configuring DHCP.."
Add-DhcpServerInDC -DnsName $serverDomain -IPAddress $ipA
Add-DhcpServerv4Scope -Name $scopeName -StartRange $dhcpStart -EndRange $dhcpEnd -SubnetMask ""
$scopeID = (Get-DHCPServerv4Scope).ScopeID
if (($exclusions) -eq "y")
$dhcpEclStart = Read-Host "Exclusion Start IP?"
$dhcpEclEnd = Read-Host "Exclusion End IP?"
Add-DhcpServerv4ExclusionRange -ScopeId $scopeID -StartRange $dhcpEclStart -EndRange $dhcpEclEnd
Set-DHCPServerv4OptionValue -ComputerName $serverDomain -dnsServer $ipA -dnsDomain $domain -Router $ipRouter
Set-DhcpServerv4DnsSetting -ComputerName $serverDomain -DynamicUpdates Always -DeleteDnsRROnLeaseExpiry $true
$username = $env:USERNAME
$username = "$domainName\$userName"
$pwd = Read-Host -AsSecureString -Prompt "Enter Password for $username"
$cred = New-Object System.Management.Automation.PSCredential($username,$pwd)
Set-DHCPServerDNSCredential $cred
Set-DHCPServerSetting -ConflictDetectionAttempts 2
Write-Output "DHCP Configured"

With any luck that will run without errors, it does for me but hey its Saturday night and I’ve been drinking.

Add DHCP 4

Finish Essentials Wizard

Now we can finish our ECW.

Install Essentials


If you did choose to install DHCP you may want to disable the DNS Configuration of Essentials Clients before installing the connector. You can use my script here to do this.

Hopefully this is of use and not a drunken shambles.



About Robert Pearman
Robert Pearman is a UK based Small Business Server enthusiast. He has been working within the SMB IT Industry for what feels like forever. Robert likes Piña colada and taking walks in the rain, on occasion he also enjoys writing about Small Business Technology like Windows Server Essentials or more recently writing PowerShell Scripts. If you're in trouble, and you can find him, maybe you can ask him a question.

2 Responses to Install Windows Server Essentials with a Custom Domain Suffix

  1. Robert Dick says:

    Hey, Robert:

    I came across your blog because of a link Susan Bradley posted. I’m a fellow MVP (O365) and I’m hoping you can help a brother out. I recently migrated an SBS2011 system to straight Server 2012 R2 (single VM as a DC). Exchange removed from SBS before all the hoohah as the organization went onto O365. All well and good. I then decided to install the Essentials Experience role and that went well, at least it looked like it did. Of course preexisting domain clients didn’t show up in machine listings but all users did so that was good.

    Things fell apart went I went to enable the whole remote access. Wizards ran and I was able to apply the SSL cert but I hit issues with configuring router access. The wizards didn’t like the manual entries made on the RV042 router, then things got super weird when I enabled uPnP on the router and reran the wizard. In the end RWA worked as I could gain access from the WAN but all hell broke loose on the LAN as, suddenly, there was no web access to the outside world. All web access resulted in a 404 and trying to access the router IP (gateway) was redirected to IIS!

    Super weird. I ended up uninstalling the role as well as IIS and a few other bits the role had installed. I’m back to a working server and working Internet access from the LAN but I’m a bit stumped at what may have happened when the role enabled. I’d like to have the role in place but now I’m leery of trying again on the DC. I’m wondering if you have come across something like this in your travels? There really isn’t a lot of info out there about bringing the role up on an existing DC. Your comments and thoughts would be greatly appreciated.

    • Hi Robert,

      I don’t like to use UPnP as I don’t trust it. I know that some routers make things difficult with Essentials – the wizards don’t always recognise a port is open etc, which is usually due to something like NAT loopback or similar.

      The symptoms you describe sound like a router configuration error rather than an issue with Essentials, because their is no Web filtering component of Essentials that would interrupt and redirect web traffic back to IIS, maybe one of the port forwards got screwed up and any request to the defalt gateway on 80/443 was redirected back to the internal IP of the Essentials server?

      I would be happy to help you out if you do decide to reinstall the role.

      I have a tool here,, that checks Essentials for default values which might be useful if the same symptoms occur again. I might also try and get hold of an alternate router, just for testing, to rule out any issues there.


Leave a reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: