To learn how to use the Base ServerTemplate for Windows ServerTemplate to launch a basic Windows 2008R2/2012 server and start developing a custom ServerTemplate of your own.


  • 'actor', 'designer', 'security_manager', and 'library' user roles in order to complete the tutorial.
  • For Amazon EC2 and CloudStack-based clouds, you must have a security group defined with TCP port 3389 open for Remote Desktop Connection (RDC), and any other ports required by the server (for example, the default SQL Server port, TCP port 1433, and the mirroring listener port—5022 by default), for the required security groups and IP addresses. Also remember that for clouds other than Amazon EC2, Windows Firewall is turned on by default.
  • We strongly recommend that you set up credentials for password values and any other sensitive data included as inputs. See Create Credentials section below.


This tutorial describes the steps for launching a basic Windows server in a cloud and demonstrates how you can start customizing it for your own purposes.

Create Credentials

Prerequisite: Requires 'actor' user role privileges in the RightScale account.

In order to securely pass sensitive information to a script at runtime, you can use Credentials as a means of variable substitution. Later in this tutorial you will select these credentials when you define your inputs.

Create the following credentials. For more information on setting up credentials, see Create a New Credential.

  • WINDOWS_ADMIN_PASSWORD - Set a new password for the local Administrator account that will replace the initial password that's generated at boot time. You will use this password to create a Remote Desktop connection (RDP session) into the server when you login with the 'Administrator' username. It's suggested that you name the credential accordingly.

It is important to note that the password chosen for the WINDOWS_ADMIN_PASSWORD credential must satisfy Window's minimum requirements for a Windows administrator password. If minimum complexity requirements are not met the random password that is generated for you at boot time (located under the server's Info tab > 'Initial Admin Password' field) will be used instead. Password requirements are as follows:

  • At least 7 characters long
  • At least one upper case letter
  • One lower case letter
  • One digit


Import and Clone the ServerTemplate

  1. Create a new deployment, which you will use for custom development. See Create a New Deployment.
  2. Go to the MultiCloud Marketplace and import the most recently published revision of the Base ServerTemplate for Windows ServerTemplate.
  3. Clone the ServerTemplate to create an editable version that you can customize.
  4. Rename the ServerTemplate (e.g., My Custom Template) and commit the ServerTemplate so that the first revision of the ServerTemplate matches the original version, which will make it easier to track and compare your changes against the original (imported) version.
  5. After committing an initial version, ensure that you switch back to the HEAD revision of the template by using the revision selection bar towards the top of the template page (blue background).

Add a Server

  1. Using the HEAD version of the cloned ServerTemplate, add a server to the new deployment that you created earlier. See Add a Server to a Deployment.

Set Inputs

Set the following inputs at the deployment level.


Input Name Description Example Value
ADMIN_PASSWORD Set the new password for the local Administrator account. The password must satisfy Window's minimum requirements for a Windows administrator password, otherwise the random password that is generated for you at boot time (located under the server's Info tab > 'Initial Admin Password' field) will be used instead.
Password Requirements:
* At least 7 characters long
* At least one upper case letter
* One lower case letter
* One digit
When you RDP into the server, you will use this password to log in as the Windows 'Administrator' user. It is strongly recommended that you use a credential to hide this value. However, anyone who needs to log into the server will need to know the actual value.
SYS_WINDOWS_TZINFO Sets the system timezone to the timezone specified, which must be a valid Windows timezone entry. You can find a list of valid examples in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones. Some examples have been provided in the dropdown, which you may override and change if you do not see your timezone listed. text: GMT Standard Time

Launch the Server

  1. Launch the server and wait for it to become operational. (~15 minutes)

RDP into the Server (optional)

Once the server is operational, you can use the value that you used for the ADMIN_PASSWORD input to create a Remote Desktop Connection to the server. This requires the 'server_login' user role privilege in the RightScale account you are operating in.

  1. Using an external or 3rd party RDP client, open an RDP session to the public external IP of the server. Note: When opening an RDP session, you will need to use NLA authentication, which may require specific configuration with your given client.
  2. Use the following credentials to authenticate:
    • User: Administrator
    • Password: Value of Input/Credential

Develop and Test

Now that you have an operational server that was launched with the base ServerTemplate, you can start customizing the ServerTemplate by either adding new scripts of your own or cloning and modifying the existing ones. Since you are using a HEAD version of a ServerTemplate, you can add new scripts as operational scripts to the ServerTemplate and instantly test them on the running server. See Create Custom ServerTemplates for more details.

If you want to take advantage of some of the pre-built PowerShell functions developed by RightScale, add the SYS Install RightScale PowerShell library RightScript to the boot sequence. (It's listed as an operational script in the Base ServerTemplate.) See RightScale PowerShell Library.