Home

Windows 10 as Server OS


Sometimes ideal if 10 offers the best hardware drivers due to SOHO, SMB or homelab commodity hardware. These are the steps I like to take for setting up W10 on a dedicated whitebox for serving, in no particular order, head- and headless. Start with a clean Pro/Enterprise install where you say no to all initial telemetry and data sharing settings. I like to make a local account and afterwards activate the administrator then delete the initial account. Go into settings after this and turn off everything you don't want. Additional steps after this is listed below.
  • C:\> net user administrator /active:yes
    C:\> net user administrator * (for setting a password)
  • Log out and switch to the Administrator account, then remove the initial setup account.

  • Turn off automatic updates in gpedit.msc computer configuration area (if you have pro/ent) > admin templates > windows-components > windows updates.
  • If you also want to permanently turn off defender, it's in the same area, admin templates > windows-components > windows defender antivirus.
  • Windows firewall is under windows settings > security settings > windows defender firewall ...

  • Run "control panel" and go to system and security > security and maintenance > change settings for security and maintenance and check OFF messages about firewall and antivirus.

  • Read the article about Securing RDP connections
  • Download a script package to remove all non-essential apps.
The group policy steps taken should result in the security center being happy and not throw any red flags as you control it organization/DC style.

NOTE: The biggest caveat of using a desktop OS as a server OS for basic needs, is that the TCP connections for windows services are limited to 20 instead of thousands. This is usually not a big deal as most servers only need multiple connections for file sharing, and 20 is often more than enough for a small environment. This does not affect third party software. When I say basic needs I mean a stable pure OS for a few third party services, but also things like the integrated IIS web server (albeit with limitations) and file sharing with ownerships and permissions, just not quotes and servergrade features that in all honesty is rarely used in small environments.