View
212
Download
0
Embed Size (px)
Citation preview
Welcome! Community Launch 2008
Mark WilsonInfrastructure Architect/Technology lead for Windows Server 2008 and Hyper-V, Fujitsu [email protected]://www.markwilson.co.uk/blog/
{ }
A community for everyone who is interested in Microsoft's Windows Server technologies - especially Windows Server 2008Formed in 2007 – just getting startedHave run a few events – more to comeFind out more (join us!) at http://winserverteam.org.uk/
Windows Server 2008: Server Core
What? Why? How?
Agenda
What is server core? And why do we need it?How does it work (architecture)How is it managed?
LocallyRemotely
Questions? (and hopefully some answers!)
Demo environment
UK090922LTFujitsu-Siemens S7210Intel Core 2 Duo T7500 (2.2GHz)4GB RAM
(joined to my organisation’s Active Directory)
Full installation (x64)UK090922VM31 vCPU1GB RAM
Standalone (not domain-joined)
Server core installation (x64)
What is server core?and why do we need it?
Windows Server is frequently deployed to support a single role or a fixed workload
Still need to install (and manage) a full installation
Server Core is a new installation option:Minimal installation option for WS08
Benefits:Servers optimized by role are easier to manage and maintainIncreased reliability and securityLess installed and less running
Roles and featuresRoles:
Role Web Standard Enterprise Datacenter
AD DS
AD LDS
DHCP Server
DNS Server
File Services
Hyper-V
Print Services
Web Services (IIS)Features:
Backup; BitLocker; Failover Clustering; UNIX Subsystem; Multipath IO; QoS; Removable Storage Management; SNMP; Telnet Client; WINS
Not available Partial support Full support
Architecture
Server CoreSecurity; TCP/IP; File systems; RPC and other core sub-
systems
ServerGUI; .NET
Framework; Shell; Internet Explorer; MMC;
Media; etc.
Server Core Roles (and Features)
Server Roles (and Features)
AD DS
AD LDS
DHCP DNS FileHype
r-V
Print IIS
NPAS TS WDS
etc.
Server core architectureServer Core Roles (and Features)
AD DS
AD LDS
DHCP DNS FileHype
r-V
Print IIS
Server Core
Hardware
Hardware Support Components
Resolved Category Dependencies
Thin Management Tools (Local and Remote)
Core Subsystems
Infrastructure Features
Disk, network
card, etc.
HAL, kernel, VGA, logon,
etc.
Command shell, domain join, event log, performance
counter, WS-Management, WMI,
licensing, WFP, HTTP support, IPSec, etc.
Security (logon scenarios),
networking (TCP/IP), file systems,
WinLogon, RPC, necessary
dependencies
Configure IP address, join a
domain, create users,
etc.
Server Core
Getting started
Demonstration
How is it managed?
Locally:CLI with a few GUI tools that are tied into core features.
Remotely:Remote desktop protocol (RDP)Publish Server Core command shell via Terminal Services RemoteAppWS-Management (WinRS and WinRM)MMC snap-insPowerShellThird-party applications (management agents, anti-virus, etc.)
Automatic updates
Server core does include the automatic updates clientNo notification functionalityManage patch deployment via WSUS (or another method)Same patches as for a full Windows Server 2008 installation – just less of them to apply!
Server Core
Local management
Demonstration
Getting startedChange the machine name (before joining a domain):netdom renamecomputer %computername% /newname:newcomputername Change the computer name (after joining a domain):netdom.exe renamecomputer %computername% /NewName:newcomputername /userd:domainname\username /passwordd:*Set the IP address for the primary NIC:netsh interface ipv4 set address "Local Area Connection" static ipaddress subnetmask gatewayipaddress Set the DNS server addresses:netsh interface ipv4 add dns "Local Area Connection" ipaddress [index=indexnumber] Join a domain:netdom join %computername% /domain:domainname /userd:domainname\username /passwordd:* Restart the server:shutdown -r –t 0Add a domain user to a local group:net localgroup groupname /add domainname\username
More basic commandsEnable remote desktop (from a Windows Vista or Server 2008 client):cscript %windir%\system32\SCRegEdit.wsf /ar 0 Enable remote desktop (from a Windows XP or Server 2003 client):cscript %windir%\system32\SCRegEdit.wsf /cs 0 Disable the firewall (not recommended):netsh firewall set opmode disable Allow Remote Desktop connections through the firewall:netsh advfirewall firewall set rule group="Remote Desktop" new enable=yesView the current Automatic Updates settings:scregedit.wsf /AU /v
The following values correspond to the response generated by the scregedit.wsf script.
1 = Automatic Updates Disabled4 = Automatic Updates Enabled
Enable Automatic Updates:scregedit.wsf /AU 4Disable Automatic Updates:scregedit.wsf /AU 1Activate Windows:cscript %windir%\system32\slmgr.vbs -ato
TweakingSet the screen resolution:
Run regedit.exe and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{BBF118A6-4C44-4FE4-A8A3-965A9A577F98}0000 (or whichever GUID key has a subkey named VolatileSettings with a value of 0000), then change DefaultSettings.XResolution and DefaultSettings.YResolution to the desired values (in decimal format).
Change the drive letter allocation for an existing disk (e.g. the CD-ROM drive):diskpartselect volume volumenumberassign letter=driveletter Format additional disks:diskpartselect disk disknumberselect partition partitionnumberformat fs=ntfs label=volumelable quietLabel a disk (e.g. the system disk):label driveletter: volumelable
Server Core
Remote management with WS-Management, MMC and Windows PowerShell
Demonstration
Is server core anapplication platform?
Microsoft do not see server core as an application platform:
“Server core is not an application platform [but it] does support development of management tools, utilities and agents”
[Andrew Mason, Microsoft]
But think about it from a customer perspective:
Smaller attack surfaceLess patching
You can run applications on server core:Cannot have shell or GUI dependenciesCannot use managed code
Server Core
Installing third party applications {optional}
Demonstration
The future?
MinWin:A minimalistic variation of the Windows kernel, being developed for use in Windows 7 (codenamed MinWin)Publicly demonstrated by Eric Traut (Microsoft Distinguished Engineer) - http://www.youtube.com/watch?v=NNsS_0wSfoUSounds similar to server core but:
Server core constrains OS by server roles:Unneeded components removedDependencies still exist in code (must be present to compile)
MinWin consolidates dependencies into the kernel. Code compiles even without any extraneous components resulting in a stripped-down self-contained OS kernel image
.NET Framework subset, PowerShell support, limited ASP.NET support, Windows Communications FrameworkSome extra roles
Server core takeaways
Server core is a minimal installation option for Windows Server 2008
More secure and less to patch
Local management is possible, especially with third party tools such as GNU Wget and CoreConfiguratorRemote management is the preferred approach:
RDP, TS RemoteApp, MMC, WS-Management, Windows PowerShell
Microsoft don’t see server core as an application platform – but why not?
Resources (Microsoft)Ask the Core Team: http://blogs.technet.com/askcore/Server Core blog: http://blogs.technet.com/server_core/ Windows Server 2008 Technical Library: http://technet2.microsoft.com/windowsserver2008/en/library/bab0f1a1-54aa-4cef-9164-139e8bcc44751033.mspx?mfr=true
A-Z Command Line reference: http://technet2.microsoft.com/windowsserver2008/en/library/f7cedeb1-4996-4d29-8fcb-b44d9de7cd581033.mspx?mfr=true (not all of these are available in server core)Server Core installation option – step-by-step guide: http://technet2.microsoft.com/windowsserver2008/en/library/47a23a74-e13c-46de-8d30-ad0afb1eaffc1033.mspx?mfr=true
Andrew Mason’s TechNet Spotlight video on server core: http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=492 SDK: http://msdn2.microsoft.com/en-us/library/ms723891.aspx
Resources(non-Microsoft)
Windows Server Team UK: http://winserverteam.org.uk/ My blog: http://www.markwilson.co.uk/blog/
A few commands to get started with server core: http://www.markwilson.co.uk/blog/2007/08/a-few-commands-to-get-started-with-windows-server-core.htm Customising server core: http://www.markwilson.co.uk/blog/2008/03/customising-windows-server-2008-server-core.htm
Another blog with lots of server core information:Sander Berkouwer: http://blogs.dirteam.com/blogs/sanderberkouwer/
Tools:CoreConfigurator: http://blogs.microsoft.co.il/blogs/guyt/archive/2008/03/22/windows-server-core-coreconfigurator-to-the-rescue.aspxGNU Wget (compiled for Windows): http://users.ugent.be/~bpuype/wget/
This slidedeck:http://cid-1453622c71a8a08e.skydrive.live.com/browse.aspx/Public
To find out more about Fujitsu and Microsoft’s industrialisation initiative – Accelerated Microsoft – visit http://uk.fujitsu.com/microsoft/
CThis work is licensed under a Creative Commons Licence.
For further details, please visit http://creativecommons.org/licenses/by-nc/2.0/uk/
cbn
© 2008, Mark Wilson.Some rights reserved.