I never seem to get that far into Active directory before something happens and I need to start over. I got too busy with other priorities and by the time I came back to it, I had decided that I needed to buy my own server for a home lab. For the time being I'm using a Lenovo ThinkCentre M910S with 16GB of RAM.
I added the Lenovo to my computer stack in my room under my file server, I got it all plugged in and I'm hoping to get it set up so that I don't have to keep worrying about monitors, mice or keyboards. I want to run this thing completely remotely from my laptop. The last time I worked on Active Directory I was doing it from my GPD pocket 3 laptop on top of Windows 11, Virtual Box, and Windows Server 2025. The laptop fan was running full blast the entire time which made me think, why not just set this up on a server at my house running Proxmox? And a friend of mine who was already in IT suggested I set up a home lab in another conversation.
So here we are, I plugged in a thumb drive with a Proxmox installer on it, I've got the system turned on, I spammed the F12 key while booting, it went to the boot loader, I selected the USB drive, and a bright, white screen with the options to install Proxmox with the GUI, or just with the Terminal, or with the Terminal and Serial Console, or advanced options appeared. I selected Graphical since for my purposes, I do want the GUI and am used to using it in class at school.
The difference between Terminal and Terminal with Serial Console is basically:
A few days later: trying to set up SMB share between file server and Proxmox, but in trying to SSH into the device and I am now doing so remotely through my VPN, it doesn't want to SHS. So I am checking to see if SSH is enabled in Proxmox or if that is even a thing. I have access to the web interface so I am in there and took a few minutes but I was looking for the shell in the Proxmox web interface, which is located in one of the two left-side panes, the one with the tree architecture and the one to the right of that which has the specific options for each part of that tree. After realizing that I need to click on the nose in this tree, and that the node on my machine is called simply Proxmox, the first thing under Datacenter in the tree, Shell then appeared in the other pane and I clicked it.
Now that I'm there, I am supposed to enter df -h in order to verify
A few days later, okay I just started by checking again to see if SSH worked remotely over my VPN since I am out and working on this, and this time SSH worked and I was able to get into Proxmox. I then went about trying to set up the SMB share between my file server and Proxmox so I can retrieve the Windows Server iso I have there. I entered the following to confirm the necessary packages for SMB was installed.
dpkg -l | grep samba
It returned:
ii libldb2:amd64 2:2.6.2+samba4.17.12+dfsg-0+deb12u1 amd64 LDAP-like embedded database - shared library ii samba-common 2:4.17.12+dfsg-0+deb12u1 all common files used by both the Samba server and client ii samba-libs:amd64 2:4.17.12+dfsg-0+deb12u1 amd64 Samba core libraries
Looking like SMB is installed, I went to make the mount point for the file server so I can share files between the file server and Proxmox server.
sudo mkdir /mnt/fileserver
But it said that
mkdir: cannot create directory ‘/mnt/fileserver’: File exists
Basically it's already there and another command:
ls -l /mnt
That showed
total 4 drwxr-xr-x 2 root root 4096 Feb 16 23:10 fileserver
So it already exists, checking to see if its empty:
ls /mnt/fileserver
This resulted in no return, there was no output to show.
mount -t cifs //192.168.50.200/sharedfolder /mnt/fileserver -o credentials=/etc/cifs- creds,uid=1000,gid=1000
It couldn't connect, there was a mount error of 111. Ways to resolve can be to check to make sure the share folder exists, check firewall settings, and check network connectivity. Now I feel like I already did this, but because I feel like there are things about Linux I don't understamd, I am going to try and resolve the first step anyway. I got into a tangent where I was entering sudo commands and every time I did so, it wouldn't work so I went about trying to resolve this. I was going to enter:
sudo pdbedit -L
I ran an update but got an error due to an attempt to access the Proxmox Enterprise repository which requires a subscription. To get around this, you edit the APT sources list.
nano /etc/apt/sources.list.d/pve-enterprise.list
Comment out the line that's already there and add another line (using # symbol)
# deb https://enterprise.proxmox.com/debian/pve bookworm pve-enterprise
Add this line below it:
deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription
Went to update again. It still errored out, but managed to retrieve the necessary packages for the time being. I rn:
apt install sudo
It installed this time. I went to add my user to the sudoers group (so I can use sudo).
usermod -aG sudo root
I was not familiar with what my user was called. I forgot that each line the curser is on tells you the user you're using. So I checked my SSH command at the beginning and it said that the IP address was a machine called root. But I ran the following command anyway to be sure.
sudo whoami
The answer was root. going to run:
sudo mount -t cifs //192.168.50.142/sharedfolder /mnt/fileserver -o credentials=/etc/cifs-creds,uid=1000,gid=1000
The device at the address could not be found. So I pinged myself. The ping was successful. So I entered:
systemctl status smbd
It returned:
Unit smbd.service could not be found.
Samba is not installed. Now I used to just assume that SMB and Samba were the same thing but a conversation I had with Doug like nine months ago revealed that Samba is just a flavor of SMB. I thought Samba was another name for Secure Shell abbreviated so it was easier to remember or something. But I guess not. So in this case, Samba is not installed.
apt install samba
I think I successfully installed Samba. I ran the following command to verify it was installed and is running properly.
systemctl status smbd
It was successful and is running.
mount -t cifs //192.168.50.142/sharedfolder /mnt/fileserver -o credentials=/etc/cifs-creds,uid=1000,gid=1000
Oh gosh how embarrassing. I just missed it, I needed to modify this last command with the information needed to get into the file server from the proxmox server. So I finally realized I needed to use the read only credentials I have for my file server. Okay, I went back to the nano file I think I created a while back with:
sudo nano /etc/cifs-creds
This was already done. I ran the mount command to start the smb share between my file server and proxmox server. And I keep getting errors like:
1000,vers=3.0
This is due to a formatting issue I think, and then:
1000,vers=3.0
mount error(16): Device or resource busy
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
So it looks like the mount was already done so I am checking to verify.
mount | grep /mnt/fileserver
It shows that it was mounted successfully. I chose to continue this through the GUI especially since I had so much trouble navigating my file server through the CLI because of the way I name folders. I logged back into Proxmox and went on the left side pane > clicked Datacenter > in next next side pane I selected Storage. However when I got there, only Local and Local-lvm were listed. So I started going about how to resolve this issue when I was wondering why the instructions were talking about CIFS instead of SMB.
My familiarity with CIFS from memorizing ports and their protocols is that SMB and CIFS both use port 445, and that CIFS is an older, legacy protocol. But the rabbit-hole doesn't end here. Proxmox prefers CIFS for redundancy, but as my file-server uses SMB 3.0, and CIFS is very similar to SMB 1.0, but Proxmox can still work with SMB 2 and 3.0, it'll just refer to them as CIFS. Proxmox will negotiate the highest available SMB version supported with both itself and the file server.
Using the GUI method of connecting Proxmox to my SMB server, I went Datacenter > Storage > Add, and this list was supposed to have the option CIFS to select. I had trouble finding it because it was listed under SMB/CIFS, then in the SMB/CIFS window I went: ID: Fileserver-READONLY, don't use spaces in this name! > Server [entered the file servers local IP address] > User: [the user you wish Proxmox to use to access the file server], which I have a read only user for > Password: [the password for that user on the file server] > Share: [the name of the share on your file server, which I have three, one for me called KeepOut, one for my mom called MotherF because of a joke we have where her computer gave the hard drive I named Mother the drive letter F, and a third share where only certain things KeepOut has access to are available to be shared just in case someone gets access to me server that I didn't intend to have access. I would give them that share and read only so they can't delete anything.
I clicked Add. This did not work because Proxmox wanted to add a folder to my file server and I only gave it read only access.
So I am trying again in such a way where Proxmox will not need to make any changes to my file server and will only just retrieve files from it. I went through the whole process again thinking I needed to select Disk Image just for the same problem to happen again. And I realized I am supposed to select ISO image, and this dropdown menu is weird, anything highlighted on this menu will be filled on the space for the selection. I only want ISO image, so make sure when you select ISO image to highlight it for selection, and click Disk image so it is no longer highlighted. When the line only says ISO image, continue.
That had the same error. I determined that no matter what method through the GUI I use, it is going to want to add a directory to my file server, which I don't want because I don't want it to have write access. But it must create a folder for Proxmox, and so I thought about just creating a folder of whatever name Proxmox would name the directory on my file server so when it tries to access my file server and create a folder, it will see its already there and hopefully just connect to that. But then research found that it may try to change directory attributes which would again...require write access. I decided to switch to the CLI, my SSH window is still open. I entered the mount command again forgetting I already did it. And the error was that it was already created. I used the next command to remove it and another mount that was created in Proxmox to avoid confusion:
sudo umount /mnt/fileserver
sudo umount /mnt/pve/Fileserver-READONLY
I entered the mount command again the way I wanted it, and verfied it with the following command:
ls /mnt/fileserver
This was successful, the shell listed files that are in my file server. Then I ran the following command to find the .ISO windows server file:
ls /mnt/fileserver/*.iso
It said there was no .iso file. But the ls command a minute earlier showed the "'- 3 P r o g r a m s'" folder on my file server, and the iso is in another folder inside that folder. I showed this to ChatGPT because navigating these folders in linux with my naming scheme in windows is a nightmare. So I showed it to ChatGPT and ChatGPT caught right on saying that there are spaces in the folders name, so to CD or change directory to that folder I needed to enter the following command:
cd /mnt/fileserver/-\ 3\ P\ r\ o\ g\ r\ a\ m\ s
It worked. Now I need to to the LS command, to see how linux displays the inner folder where the iso is located. It worked again. I did an LS command to show whats in the folder and there was the iso. I used the following command to copy the iso to proxmox for future use:
sudo cp "/mnt/fileserver/- 3 P r o g r a m s/OS's/WindowsServer2025.iso" /var/lib/vz/template/iso/
I also used this opportunity to copy over the other ISOs in there so I don't have to do this again. So I copied each over one by one to Proxmox and verified them. Now it is finally time to set up windows server on a vm!
Okay, Went to the Proxmox web interface, in the top right of the interface selected CREATE VM > under general tab of new window entered "WinServ2025" for my name of the VM > clicked next > In OS tab selected WINDOWS SERVER 2025 from the ISO image dropdown menu > for the OS TYPE or TYPE I selected Microsoft Windows > NEX > EFI STORAGE set to only option which was LOCAL-LVM > TPM STORAGE set to only option which was LOCAL-LVM > NEXT > under Disks for the BUS/DEVICE field I set it to SATA, leave the number 0 if you're using the default drive because this is to identify the drive being used > set DISK SIZE to 40 if just installing Windows Server with Active Directory and DNS and LDS and a domain controller, 60 to be safe if you plan on adding very many users or potential scalability, I went 60 for potential scalability > leave cache at NONE for simplicity unless you need performance.
In the CPU tab I thought about provisioning anywhere from one to three cores to this VM. ChatGPT suggested I allocate 2-4 depending on my needs. I expressed that I would not be running all VMs at one time but intend to install more than one, also having an Ubuntu Server VM as well as an Arch Linux VM just for practice and I wouldn't be adding many computers to the domain for Active Directory. I asked it what would happen if I assigned 2 cores to each and did have more than one running at the same time considering my server only has 4 cores to begin with, and no hyperthreading on this processor, and it said that the VMs would compete for resources, the system would get bogged down and be very load intensive on the processor. It would lag. ... For a second, I thought it was gonna be like that Simpsons episode where Bart meets a guy with a bursting appendix, and the doctor pulls out a pocket knife to cut it out and throws it, exploding like a grenade.
I realized there's a problem, I was thinking of using a couple of laptops I have sitting around to be apart of the Active Directory so I can simulate an actual environment at least somewhat and then asking my instructor to break it somehow by giving him access to my VPN so he can do it remotely as a favor to me, but I realized, wait, AD is for professional environments, so only Windows Professional, Enterprise, and Education Editions can be used with Active Directory. Which means I would have to create a VM in Proxmox to install Windows with either one of those three editions, and it would have to run at the same time as the Windows Server VM with Active Directory or else AD can't manage it. So if the host OS which is Proxmox needs at least one core and everything else has to share three total cores, which gets what? ChatGPT suggested Windows Server with Active Directory gets 2 cores and Windows Professional or whatever I decided to use will use one core.
Okay, maybe I can get it to run a bit stripped down. At least this Proxmox server has 16 GB of RAM otherwise this just wouldn't work at all I don't think. And even so I predict there will be some sluggish behavior. But also, this is running of an NVME M.2 which I assume will also result in less trouble. I remember just how monumentally faster my laptop got ten years ago when I switched out the 2.5" magnetic drive for a SATA SSD. And NVME is even faster than that. I wonder if I should consider switching out the processor since that seems to kind of be the only real bottleneck here.
I set the Windows Server VM to 2 cores, and then I will create another VM for Windows Pro or something with 1 core when that comes up. On the Memory tab I set RAM to 8GB or 8192MB, and will set the windows VM to 4 GM since the system only has 16 and I want to save 4GB for Proxmox. In the Network tab I set Model to VirtIO (paravirtualized) > Bridge to VMBR0.
I recall last time I set this up on VirtualBox on my laptop, there was an option to select SKIP UNATTENDED INSTALL. This caused quite the headache, and I had never seen it before and haven't seen it since. But I basically answered my question why just now because I have been wondering why I didn't see it any other time than when I installed it on the laptop and it was obviously because I was using VirtualBox and not Proxmox to run the VM. This caused quite the headache because I thought I understood instructions properly and no doubt because I think this option is poorly named, being called SKIP UNATTENDED INSTALL, it's a double-negative sort of thing and people have trouble with that. And I am struggling to keep straight if I want to skip it or not. It's not here in Proxmox so I don't have to worry about it but still!
I troubleshooted a connection error for a while, checking to make sure everything was fine in the temrinal, pinging the server and using trace route, everything was fine but I kept getting connection errors every time I would hit the finish button trying to create the VM, and so I retried creating it a few times, when I would click on the VM ID line a box would come up and that would say connection error. I tried:
systemctl restart pveproxy
but this didn't solve it either. I clicked around and pages were now having trouble loading. I remember last time I was instructed to clear browser cache and this caused a host of other problems so since I am almost certain that's not it, I tried all the other things first. Finally I just entered the IP address with the port number separated by a colon in the search bar of the browser, and it didn't like that either. So I just totally closed the tab and opened a new one and it navigated fine, I entered my credentials fine, now it seems to be working as if nothing happened. So note, if you have a period of inactivity, proxmox will start to act like it's not connecting even though it is apparently connected for the most part. Just close the window and reenter the web interface.
I re-entered all the info for the VM to be created and now the VM is created.
I had a huge problem for two hours trying to get passed the error:
BdsDxe: failed to start Boot0002 "UEFI QEMU " from /Pci (OxlF,Ox2) /Sata : Time out
BdsDxe: failed to load Boot0002 "UEFI QEMU HARDDISK QH00013 " from /Pci /Pci /Pci
/Sata Not Found
>Start PHE over IPv4.
I kept trying to play with boot order in Options tab and the CD/DVD tab making sure the windows server iso was selected. I went into the configuration file using the commands:
/etc/pve/qemu-server/
and
nano /etc/pve/qemu-server/100.conf
Changed the line:
efidisk0: local-lvm:vm-100-disk-0,efitype=4m,pre-enrolled-keys=1,size=4M
to:
efidisk0: local-lvm:vm-100-disk-0,efitype=4m,pre-enrolled-keys=1,size=512M
Then I found a post that said "the iso is not signed, and can't be started using SecureBoot (which is the default on the latest OVMF shipped with Proxmox). If you hit the escape key while it says 'Startup boot options' (and before it says the UEFI message about saying hitting escape that doesn't actually work), then you get into the UEFI menu which you can use to disable Secure Boot and then boot the iso" and so I tried to play with the little side menu on button to press the escae key in the Proxmox console but I just couldn't get it rpessed fast enough before the error appeared. So I nano-ed into the configuration file in the shell again and added a line below boot order saying:
It still didn't seem to fix anything, but I am hazy now if I turned the VM off again after this. I then tried removing the EFI line altogether so the config file went from this originally:
boot: order=ide2;sata0;net0
cores: 2
cpu: x86-64-v2-AES
efidisk0: local-lvm:vm-100-disk-0,efitype=4m,pre-enrolled-keys=1,size=512M
ide2: local:iso/WindowsServer2025.iso,media=cdrom,size=5873196K
machine: pc-q35-9.0
memory: 8192
meta: creation-qemu=9.0.2,ctime=1740692522
name: WinServ2025
net0: virtio=BC:24:11:E4:F3:D4,bridge=vmbr0,firewall=1
numa: 0
ostype: win11
sata0: local-lvm:vm-100-disk-1,size=50G
scsihw: virtio-scsi-single
smbios1: uuid=711b1975-1fa5-4927-a93b-9a1738dc0295
sockets: 1
tpmstate0: local-lvm:vm-100-disk-2,size=4M,version=v2.0
vmgenid: f17cb149-5774-45d1-9bd9-4e964f671c55
To this:
At some point while doing this and it still not working then going back to remove both the secure boot line and it had me remove the EFI line because I thought the configuration was broken and was going back to remove secure boot and add the EFI line back in, and then when refreshing Proxmox page and new web interface window and everything the start button was still grayed out, I entered the code to start the VM and it was already started so I went to the console and it had indeed started. The installation for windows server had started and was asking the language. I don't know what version of the configuration did it, because I had started to add the EFI line back and remove Secure Boot back out and it was working when I then went to add them back in thinking that fixed it but not being sure. I elect to not dig further into why this worked just to accidentally have it not work again. I will have to create another VM and try this again separately so I don't learn what happened just to not be able to fix it again and be back at square one.
I selected Windows Server Standard Desktop Experience > Accepted terms and drive configuration, took it a few seconds but it started installing.
I am working to try and get through this installation as fast as i can so I can stop or pause the VM and create another one and test the configuration file settings discussed above.
For future reference in case I can't find it I put WinServ2025 as the password to the login screen.
I have been unable to reproduce the total fluke that enabled me to install Windows Server 2025 on Proxmox. I have had friends suggest I redownload the iso, and also to just do 2019 instead of 2025. But I looked up the error again, realizing that when I googled it last time, the Power Toys text selection tool didn't perfectly reproduce the text when I pasted it so I searched it again and another page came up where they again explained the reason it wasn't working was because of a signature problem. But then a guy said that he just set the BIOS from (OVMF) UEFI to SeaBIOS, and it worked perfectly. So I have solace that I can at least reinstall the OS if I have to. But I still haven't figured out why the fluke happened. I created five different VMs ready to install just to try and figure it out and tried a different thing with each of them and only on the fifth one when I changed to SeaBIOS did I have success installing Windows Server again.
