ja-cpanel-top

CuruIT - The System Administrator

An invaluable source of News, Tools, Scripts and Knowledge Base for Network Administrators Worldwide

Windows Server Core

Thursday, 27 March 2008 17:01 Misha Hanin
E-mail

Windows Server Core Characteristics:

  • Minimal server installation for running specific server roles
  • Reduces servicing, management and hardware requirements and attack surface
    • No Windows/Internet Explorer
    • No .NET Framework
    • No Powershell
    • No features or whatever depending on the features listed above this one like for example notifications and balloons

  • Disk space required for a normal server: approx (min.) 7-8 GB
  • Disk space required for a server core server: approx (min.) 2-3 GB
  • Supported server roles (OCLIST.EXE): IIS (without ASP.NET), Print Server, Hyper-V, ADDS, ADLDS, DHCP Server, DNS, File Server (incl. NTFRS, DFS-R and DFS)
    REMARK: available roles may depend on Server Edition (standard, enterprise, datacenter, web)

  • Supported server features (OCLIST.EXE): Bitlocker, Clustering, NLB, Subsystem for UNIX apps, Windows Server Backup, Multipath IO, Removable Storage Management, SNMP, WINS

Install and Upgrade:

  • Not possible to upgrade from whatever windows version to server core
  • Manual install and after the server still needs to be configured (initial configuration tasks)
  • Unattended install using a UNATTEND.XML file where it is possible to configure the "initial configuration tasks" and other settings (e.g. enabling TS, configuring screen resolution, enabling and configuring WinRM/WinRS) during unattended install.
    • UNATTEND.XML file can be created with the "Windows System Image Manager"
    • Boot using WinPE and execute SETUP /unattend:<path>\unattend.xml
      OR
    • Place UNATTEND.XML in a default location (e.g. floppy)
  • Can be managed through
    • Locally and remotely via the Command Prompt (tools and scripts)
    • Remotely via Terminal Server --> admin mode must be enabled first!
    • Remotely via Windows Remote Shell --> remote management must be enabled first!
    • Remotely via MMC --> watch out for the firewall on the server which is enabled by default!

 

Command Line Utilities:

Viewing installed roles/features
OCLIST.EXE

Install/Uninstall component (roles/features)
(To get a list of component names use OCLIST and copy the name into the command line. The name of the components is CASE-SENSITIVE!!!)
Start /W OCSETUP <component>
Start /W OCSETUP <component> /Uninstall

To install AD either one of the following IS required:
DCPROMO /UNATTEND:<answer file>
DCPROMO /ANSWER:<answer file>
DCPROMO /UNATTEND /OPTION1:<value1> /OPTION2:<value2> /OPTION1:<value3> /OPTION1:<value3> …..

Managing Registry
REGEDIT.EXE
REG.EXE

Creating notes/text files
NOTEPAD.EXE
EDIT.EXE
EDLIN.EXE

Disk/partition management:
DISKPART.EXE
FORMAT.EXE
CHKDSK.EXE
DEFRAG.EXE

Performance Related Stuff
DISKPERF.EXE
RELOG.EXE
LOGMAN.EXE
tracerpt.exe
typeperf.exe

Managing Power Related Options
POWERCFG.EXE

Managing Auditing on the local server
AUDITPOL.EXE

Network management (incl. firewall):
IPCONFIG.EXE
PATHPING.EXE
PING.EXE
TRACERT.EXE
NSLOOKUP.EXE
NBTSTAT.EXE
NETSTAT.EXE
NETSH.EXE

Service and driver management:
SC.EXE
NET STOP and NET START
DRVLOAD.EXE
PNPUTIL.EXE
PRINTUI.EXE
driverquery.exe

Backup and Restore
WBADMIN.EXE

Windows Management Interface (for all kinds of things to manage)
WMIC.EXE

Local User and group management:
(http://support.microsoft.com/?id=251394
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/net_group.mspx?mfr=true)
NET.EXE USER …
NET.EXE LOCALGROUP…

Domain and computer name/account management:
(http://technet2.microsoft.com/WindowsServer/en/Library/460e3705-9e5d-4f9b-a139-44341090cfd41033.mspx?mfr=true)
NETDOM.EXE
NLTEST.EXE

To change the time zone:
CONTROL.EXE TIMEDATE.CPL

To change international settings:
CONTROL.EXE INTL.CPL

To manage other CUSTOM CPLs (when available)
CONTROL.EXE <NAME>.CPL

Shutdown/reboot/restart server
SHUTDOWN.EXE

Manage Activation
CSCRIPT.EXE %WINDIR%\SYSTEM32\SLMGR.VBS

Manage Automatic Updates
CSCRIPT.EXE %WINDIR%\SYSTEM32\SCREGEDIT.WSF /AU [/v][value]

Allow Remote Administration Connections
CSCRIPT.EXE %WINDIR%\SYSTEM32\SCREGEDIT.WSF /AR [/v][value]

Allow connections from previous versions of Windows
CSCRIPT.EXE %WINDIR%\SYSTEM32\SCREGEDIT.WSF /CS [/v][value]

IP Security (IPSEC) Monitor - allow remote management
CSCRIPT.EXE %WINDIR%\SYSTEM32\SCREGEDIT.WSF /IM [/v][value]

Windows Remote Management/Shell
WINRM.CMD
WINRS.EXE

Applying a patch
Wusa.exe <patchname>.msu [/quiet] [/norestart]

Managing the Event Viewer
wecutil.exe
eventcreate.exe
wevtutil.exe

Managing CA & Certificates stuff
CERTREQ.EXE
CERTUTIL.EXE

File Server Management (role may need to be installed first):
NET.EXE SHARE …
NTFRSUTL.EXE
DFSCMD.EXE
DFSUTIL.EXE
FSUTIL.EXE
XCACLS.EXE
ICACLS.EXE
CACLS.EXE
dfsrdiag.exe
dfsradmin.exe
DFSDIAG.EXE

DNS Management:
DNSCMD.EXE (http://go.microsoft.com/fwlink/?LinkId=49656)
DNS SRV priority - changes the priority for DNS SRV records (only useful on Domain Controllers)

  • CSCRIPT.EXE %WINDIR%\SYSTEM32\SCREGEDIT.WSF /DP [/v][value]


DNS SRV weight - changes the weight for DNS SRV records (only useful on Domain Controllers)

  • CSCRIPT.EXE %WINDIR%\SYSTEM32\SCREGEDIT.WSF /DW [/v][value]


DHCP Management:
NETSH.EXE DHCP (http://go.microsoft.com/fwlink/?LinkId=49654)

AD Management
NTDSUTIL.EXE
DSAMAIN
dsadd.EXE
dsget.EXE
dsmod.EXE
dsmove.EXE
dsquery.EXE
dsrm.EXE
LDIFDE.EXE
GPUPDATE.EXE
GPRESULT.EXE
dcgpofix.exe
dfsrmig.exe
REPADMIN.EXE
redircmp.exe
redirusr.exe
gpfixup.exe
rendom.exe
DCDIAG.EXE
DSACLS.EXE

AD LDS Management
adaminstall.exe
adamuninstall.exe
adamsync.exe

 

Latest News

Popular News

License and Copyright

Microsoft and Microsoft Logo's are trademarks of Microsoft Corporation.

You are here: Home