The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

How to install and deploy Network Controller on Windows Server

Download Windows Speedup Tool to fix errors and make PC run faster

If you want to manage and automate your network, be it physical or virtual, on a Windows Server, you will have to configure the Network Controller Server Role. This role provides a centralized solution for managing your router, switches, and firewall. In this post, we will explain how to install and deploy a Network Controller on a Windows server.

What is a Network Controller in Windows Server?

A Network Controller in Windows Server is a scalable and reliable server role designed for centralized management of physical and virtual network infrastructure. It serves as the central hub for configuring, monitoring, and troubleshooting network devices and services, allowing administrators to define and enforce network policies.

Read: What is a Network Adapter and What are its different types?

Install and deploy Network Controller on Windows Server

If you want to install and deploy a Network Controller on a Windows Server, follow the steps given below.

  1. Create a Security Group
  2. Install the Network Controller
  3. Deploy Network Controller

Let us talk about them in detail.

1] Create a Security Group

Before we deploy our Network Controller, we need to create an AD DS Security Group. Follow the steps below to do so.

  1. In Active Directory User and Computer, expand your domain, right-click on the organizational unit where you want to add your security group and select New > Group.
  2. Enter the group name (for example, Network Admin), select the scope (make it Global), and select the group type.
  3. Right-click on the group, and select Properties.
  4. Go to Members > Add, enter “administrator” in the Enter the object names to select, and click on Check Names. You can also add any other user if needed.
  5. Create another group, but this time, name it Network Ops and add the users you added earlier.

Once done, we need to request a certificate, to do so, launch the Certificate Enrollment Wizard on the server, choose a certificate template suitable for network controllers, and submit the request to a Certificate Authority (CA). Once approved, download and install the issued certificate on the server for secure operations.

2] Install the Network Controller

Network Controller on Windows Server

As mentioned earlier, the Network Controller is a Server role of Windows Server. Since it doesn’t come preinstalled, our first job is to install it on the system. To do the same, you need to follow the steps mentioned below.

  1. Open the Server Manager.
  2. Go to Manage > Add Roles and Features.
  3. Click Next once the Add Roles and Features wizard appears.
  4. Then, make sure that the Role-based or Feature-based installation is selected, and click on Next.
  5. Check Select a select from the server pool, select your server, and click on Next.
  6. Once you are on the Server Roles tab, tick the checkbox of the Network Controller, and click on Add Features once the options appear; click on Next.
  7. Since we have already installed the required features, click on Next to skip the Features tab.
  8. Once you are on the Network Controller tab, read the given details, and click on Next.
  9. Tick the Restart the destination server automatically checkbox, and then click on Install.

Wait for a while as the installation process takes some time. Once done, go to the next step.

3] Deploy Network Controller

To deploy the Network Controller, we need to configure the Network Controller cluster. For this, we first need to create a cluster node. To do so, open PowerShell as an administrator and then run the following command.

New-NetworkControllerNodeObject -Name <string> -Server <String> -FaultDomain <string>-RestInterface <string> [-NodeCertificate <X509Certificate2>]
  • Name <string>: Specifies the name of the network controller node.
  • Server <string>: Specifies the fully qualified domain name (FQDN) of the server that will host the network controller node.
  • FaultDomain <string>: Specifies the fault domain for the node. Fault domains are used to group servers that are likely to fail together due to shared physical dependencies, such as power and networking sources.
  • RestInterface <string>: Specifies the network interface on the server that will listen for REST requests.
  • NodeCertificate <X509Certificate2>: Specifies the certificate used for the node. This is optional and can be used for secure communications

Now, run the following command to configure the cluster.

Install-NetworkControllerCluster -Node <NetworkControllerNode[]> -ClusterAuthentication <ClusterAuthentication> [-ManagementSecurityGroup <string>][-DiagnosticLogLocation <string>][-LogLocationCredential <PSCredential>] [-CredentialEncryptionCertificate <X509Certificate2>][-Credential <PSCredential>][-CertificateThumbprint <String>] [-UseSSL][-ComputerName <string>][-LogSizeLimitInMBs<UInt32>] [-LogTimeLimitInDays<UInt32>]
  • Node <NetworkControllerNode[]>: Specifies an array of NetworkControllerNode objects representing the cluster nodes.
  • ClusterAuthentication <ClusterAuthentication>: Specifies the authentication method for the cluster. Options include None, Kerberos, and X509Certificate.
  • ManagementSecurityGroup <string>: Specifies the name of the security group that will manage the Network Controller.
  • DiagnosticLogLocation <string>: Specifies the location where diagnostic logs will be stored.
  • LogLocationCredential <PSCredential>: Specifies the credentials used to access the log location.
  • CredentialEncryptionCertificate <X509Certificate2>: Specifies the certificate used to encrypt credentials.
  • Credential <PSCredential>: Specifies the credentials used for the Network Controller.
  • CertificateThumbprint <String>: Specifies the thumbprint of the certificate used for the Network Controller.
  • UseSSL: Indicates whether SSL should be used for communications.
  • ComputerName <string>: Specifies the name of the computer where the cmdlet will run.
  • LogSizeLimitInMBs <UInt32>: Specifies the maximum size of the log files in megabytes.
  • LogTimeLimitInDays <UInt32>: Specifies the time limit for log files in days.

Finally, you can run Get-NetworkController to validate deployment.

Read: How to install Active Directory and add users?

How do I setup a Network Controller?

To set up a Network Controller, you first need to install the required server role. You can install the Server Role from the Server Manager. Once you have installed the role, use the PowerShell commands to configure and deploy the Network Controller.

Also Read: Install and configure DNS on Windows Server.

Yusuf@TWC

Yusuf is an Engineering graduate from Delhi. He has written over 1000 technical articles and has knowledge of programming languages including Java, and C++, and technologies such as Oracle 12C and MsSQL. Troubleshooting Windows is his favorite past-time.