Welcome! Community Launch 2008

Mark WilsonInfrastructure Architect/Technology lead for Windows Server 2008 and Hyper-V, Fujitsu Servicesmarkw@markwilson.co.ukhttp://www.markwilson.co.uk/blog/

{ }

A community for everyone who is interested in Microsoft's Windows Server technologies - especially Windows Server 2008Formed in 2007 – just getting startedHave run a few events – more to comeFind out more (join us!) at http://winserverteam.org.uk/

Windows Server 2008: Server Core

What? Why? How?

Agenda

What is server core? And why do we need it?How does it work (architecture)How is it managed?

LocallyRemotely

Questions? (and hopefully some answers!)

Demo environment

UK090922LTFujitsu-Siemens S7210Intel Core 2 Duo T7500 (2.2GHz)4GB RAM

(joined to my organisation’s Active Directory)

Full installation (x64)UK090922VM31 vCPU1GB RAM

Standalone (not domain-joined)

Server core installation (x64)

What is server core?and why do we need it?

Windows Server is frequently deployed to support a single role or a fixed workload

Still need to install (and manage) a full installation

Server Core is a new installation option:Minimal installation option for WS08

Benefits:Servers optimized by role are easier to manage and maintainIncreased reliability and securityLess installed and less running

Roles and featuresRoles:

Role Web Standard Enterprise Datacenter

AD DS

AD LDS

DHCP Server

DNS Server

File Services

Hyper-V

Print Services

Web Services (IIS)Features:

Backup; BitLocker; Failover Clustering; UNIX Subsystem; Multipath IO; QoS; Removable Storage Management; SNMP; Telnet Client; WINS

Not available Partial support Full support

Architecture

Server CoreSecurity; TCP/IP; File systems; RPC and other core sub-

systems

ServerGUI; .NET

Framework; Shell; Internet Explorer; MMC;

Media; etc.

Server Core Roles (and Features)

Server Roles (and Features)

AD DS

AD LDS

DHCP DNS FileHype

r-V

Print IIS

NPAS TS WDS

etc.

Server core architectureServer Core Roles (and Features)

AD DS

AD LDS

DHCP DNS FileHype

r-V

Print IIS

Server Core

Hardware

Hardware Support Components

Resolved Category Dependencies

Thin Management Tools (Local and Remote)

Core Subsystems

Infrastructure Features

Disk, network

card, etc.

HAL, kernel, VGA, logon,

etc.

Command shell, domain join, event log, performance

counter, WS-Management, WMI,

licensing, WFP, HTTP support, IPSec, etc.

Security (logon scenarios),

networking (TCP/IP), file systems,

WinLogon, RPC, necessary

dependencies

Configure IP address, join a

domain, create users,

etc.

Server Core

Getting started

Demonstration

How is it managed?

Locally:CLI with a few GUI tools that are tied into core features.

Remotely:Remote desktop protocol (RDP)Publish Server Core command shell via Terminal Services RemoteAppWS-Management (WinRS and WinRM)MMC snap-insPowerShellThird-party applications (management agents, anti-virus, etc.)

Automatic updates

Server core does include the automatic updates clientNo notification functionalityManage patch deployment via WSUS (or another method)Same patches as for a full Windows Server 2008 installation – just less of them to apply!

Server Core

Local management

Demonstration

Getting startedChange the machine name (before joining a domain):netdom renamecomputer %computername% /newname:newcomputername Change the computer name (after joining a domain):netdom.exe renamecomputer %computername% /NewName:newcomputername /userd:domainname\username /passwordd:*Set the IP address for the primary NIC:netsh interface ipv4 set address "Local Area Connection" static ipaddress subnetmask gatewayipaddress Set the DNS server addresses:netsh interface ipv4 add dns "Local Area Connection" ipaddress [index=indexnumber] Join a domain:netdom join %computername% /domain:domainname /userd:domainname\username /passwordd:* Restart the server:shutdown -r –t 0Add a domain user to a local group:net localgroup groupname /add domainname\username

More basic commandsEnable remote desktop (from a Windows Vista or Server 2008 client):cscript %windir%\system32\SCRegEdit.wsf /ar 0 Enable remote desktop (from a Windows XP or Server 2003 client):cscript %windir%\system32\SCRegEdit.wsf /cs 0 Disable the firewall (not recommended):netsh firewall set opmode disable Allow Remote Desktop connections through the firewall:netsh advfirewall firewall set rule group="Remote Desktop" new enable=yesView the current Automatic Updates settings:scregedit.wsf /AU /v

The following values correspond to the response generated by the scregedit.wsf script.

1 = Automatic Updates Disabled4 = Automatic Updates Enabled

Enable Automatic Updates:scregedit.wsf /AU 4Disable Automatic Updates:scregedit.wsf /AU 1Activate Windows:cscript %windir%\system32\slmgr.vbs -ato

TweakingSet the screen resolution:

Run regedit.exe and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{BBF118A6-4C44-4FE4-A8A3-965A9A577F98}0000 (or whichever GUID key has a subkey named VolatileSettings with a value of 0000), then change DefaultSettings.XResolution and DefaultSettings.YResolution to the desired values (in decimal format).

Change the drive letter allocation for an existing disk (e.g. the CD-ROM drive):diskpartselect volume volumenumberassign letter=driveletter Format additional disks:diskpartselect disk disknumberselect partition partitionnumberformat fs=ntfs label=volumelable quietLabel a disk (e.g. the system disk):label driveletter: volumelable

Server Core

Remote management with WS-Management, MMC and Windows PowerShell

Demonstration

Is server core anapplication platform?

Microsoft do not see server core as an application platform:

“Server core is not an application platform [but it] does support development of management tools, utilities and agents”

[Andrew Mason, Microsoft]

But think about it from a customer perspective:

Smaller attack surfaceLess patching

You can run applications on server core:Cannot have shell or GUI dependenciesCannot use managed code

Server Core

Installing third party applications {optional}

Demonstration

The future?

MinWin:A minimalistic variation of the Windows kernel, being developed for use in Windows 7 (codenamed MinWin)Publicly demonstrated by Eric Traut (Microsoft Distinguished Engineer) - http://www.youtube.com/watch?v=NNsS_0wSfoUSounds similar to server core but:

Server core constrains OS by server roles:Unneeded components removedDependencies still exist in code (must be present to compile)

MinWin consolidates dependencies into the kernel. Code compiles even without any extraneous components resulting in a stripped-down self-contained OS kernel image

.NET Framework subset, PowerShell support, limited ASP.NET support, Windows Communications FrameworkSome extra roles

Server core takeaways

Server core is a minimal installation option for Windows Server 2008

More secure and less to patch

Local management is possible, especially with third party tools such as GNU Wget and CoreConfiguratorRemote management is the preferred approach:

RDP, TS RemoteApp, MMC, WS-Management, Windows PowerShell

Microsoft don’t see server core as an application platform – but why not?

Resources (Microsoft)Ask the Core Team: http://blogs.technet.com/askcore/Server Core blog: http://blogs.technet.com/server_core/ Windows Server 2008 Technical Library: http://technet2.microsoft.com/windowsserver2008/en/library/bab0f1a1-54aa-4cef-9164-139e8bcc44751033.mspx?mfr=true

A-Z Command Line reference: http://technet2.microsoft.com/windowsserver2008/en/library/f7cedeb1-4996-4d29-8fcb-b44d9de7cd581033.mspx?mfr=true (not all of these are available in server core)Server Core installation option – step-by-step guide: http://technet2.microsoft.com/windowsserver2008/en/library/47a23a74-e13c-46de-8d30-ad0afb1eaffc1033.mspx?mfr=true

Andrew Mason’s TechNet Spotlight video on server core: http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=492 SDK: http://msdn2.microsoft.com/en-us/library/ms723891.aspx

Resources(non-Microsoft)

Windows Server Team UK: http://winserverteam.org.uk/ My blog: http://www.markwilson.co.uk/blog/

A few commands to get started with server core: http://www.markwilson.co.uk/blog/2007/08/a-few-commands-to-get-started-with-windows-server-core.htm Customising server core: http://www.markwilson.co.uk/blog/2008/03/customising-windows-server-2008-server-core.htm

Another blog with lots of server core information:Sander Berkouwer: http://blogs.dirteam.com/blogs/sanderberkouwer/

Tools:CoreConfigurator: http://blogs.microsoft.co.il/blogs/guyt/archive/2008/03/22/windows-server-core-coreconfigurator-to-the-rescue.aspxGNU Wget (compiled for Windows): http://users.ugent.be/~bpuype/wget/

This slidedeck:http://cid-1453622c71a8a08e.skydrive.live.com/browse.aspx/Public

To find out more about Fujitsu and Microsoft’s industrialisation initiative – Accelerated Microsoft – visit http://uk.fujitsu.com/microsoft/

CThis work is licensed under a Creative Commons Licence.

For further details, please visit http://creativecommons.org/licenses/by-nc/2.0/uk/

cbn

© 2008, Mark Wilson.Some rights reserved.