Managing Server Core without Breaking a Sweat!Joachim NässlanderSolution Architect Microsoft Infrastructure and EUCDell Inc.

SESSION CODE: WSV321

The goal of a Server Core installation is

and make it remotely manageable.

75 Minutes of What?How Core was bornWhy Core?Installation scenariosInitial configurationLocal ManagementRemote Management

How Core Was BornCustomer feedbackRemoval of requirementsFour inital roles

Focus areasSide benefits

Why Core?FootprintAttack surfaceManagementPatching

Footprint

”The memory footprint in RAM for Server Core has been reduced to less than 100MB, compared to roughly 130MB for Windows Server 2008 and 244MB for Windows Server 2003, which didn’t have a Server Core install option.” (Ward Ralston, http://www.windowsitpro.com/article/virtualization/why-you-need-windows-server-2008-r2.aspx)

Windows Server 2008 R2 CoreHD ~3.0 GBRAM 512 MB for install(runs on 64!)

Windows Server 2008 R2HD ~7.0 GBRAM 512 MB for install

Footprint – Disk Usage

2008 Standard x64 2008 Standard x64 CORE

2008 Standard x86 2008 Standard x86 CORE

0100020003000400050006000700080009000

8710

2520

5720

1440

Disk space / Mb

Disk space / Mb

Reducing Disk Usagepkgmgr /up:<package to remove>

Remove all packages you won’t needReboot

23 packages can be remove, gain ~200 MB

Patches

”Over time, the number of reboots for patching or security updates is significantly reduced for a Server Core installation of which the benefits are obvious. In some cases, customers can see up to a 60% reduction in patch requirements and the number of reboots on a monthly basis.”(David B Cross, http://blogs.technet.com/b/windowsserver/archive/2010/05/07/server-core-best-practice-for-applications-on-windows-server.aspx)

Patches

0

4

8

12

16

2020 20

13 13

20

8

13

3

# of PatchesApply AllNecessary

Source: Microsoft bulletins / Andrew Mason

Installation

Manual installationAutomated deploymentTemplate

Is it Core?

Separate SKU

0C Datacenter (core installation)27 Server Datacenter without Hyper-V (core installation)0E Server Enterprise (core installation)29 Server Enterprise without Hyper-V (core installation) 2A Microsoft Hyper-V Server0D Server Standard (core installation)28 Server Standard without Hyper-V (core installation)1D Web Server (core installation)

Is It Core?Joachim NässlanderSolution Architect Microsoft Infrastructure & End User ComputingDell Inc.

DEMO

Is it Core?WMI / WMIC / PowerShell

WMI: “Select OperatingSystemSKU from Win32_OperatingSystem”WMIC: ”OS get operatingsystemsku”

14 = E = Enterprise Core

Convert to HEX

Complete table of available SKU’s:http://msdn.microsoft.com/en-us/library/ms724358.aspx

Initial ConfigurationJoachim NässlanderSolution Architect Microsoft Infrastructure & End User ComputingDell Inc.

DEMO

SconfigProsDeveloped by MicrosoftActively maintainedIncluded

ConsNot all roles

Core ConfiguratorProsDeveloped by a teamActively maintainedShotgun interface

ConsMust installNeeds .Net / PowerShell

Download: http://coreconfig.codeplex.com/

Core Configuration Console R2ProsStandard commandsFreeNo installation / features neededEasily extended

ConsNo supportPrivately developedNot all roles supportedNot shotgun

Download: http://ccc.codeplex.com or http://www.nullsession.com

Smart-X Core ConfiguratorProsShotgun interfaceDeveloped by company

ConsNeeds installNot free

Download: http://www.smart-x.com

CMDProsIncludedWell documentedSupport

ConsSteep learning curveIneffective

PowerShell / VBScript / WMIPowerShellVBScriptWMI

Remote supportReusable

PowerShellAdd .Net FrameworkAdd PowerShellConfigure

PowerShellC:\> start /wait ocsetup NetFx2-ServerCore (WoW-64)C:\> start /wait ocsetup MicrosoftWindowsPowerShell (Wow-

64)C:\> powershellPS C:\> import-module ServerManagerPS C:\> set-executionpolicy remotesigned (unrestricted)PS C:\> enable-psremoting

Local Management of RolesSpecific commands for roles

Active DirectoryDSADD, DSGET + more

DNSDNSCMD

Network Configuration / Firewall / DHCPNETSH

Local ManagementJoachim NässlanderSolution Architect Microsoft Infrastructure & End User ComputingDell Inc.

DEMO

Firewall ConfigurationLocally

NETSHRemote

Group PolicyMMC / Server Manager

Remote Management of RolesFirewall configurationServer ManagerRemote Server Administration Tools / MMC

Remote ManagementJoachim NässlanderSolution Architect Microsoft Infrastructure & End User ComputingDell Inc.

DEMO

ConclusionLearning curveSecurityManagement

Related Content

WSV319 | Manage Your Enterprise from a Single Seat: Windows PS Remoting

WSV07-INT | New Remote Management Technologies in Windows Server 2008 R2

WSV18-HOL | Introduction to Windows PowerShell FundamentalsWSV19-HOL | Advanced Windows PowerShell Scripting

TLC-54 | Windows PowerShell and Server Management

Resources

www.microsoft.com/teched

Sessions On-Demand & Community Microsoft Certification & Training Resources

Resources for IT Professionals Resources for Developers

www.microsoft.com/learning

http://microsoft.com/technet http://microsoft.com/msdn

Learning

Complete an evaluation on CommNet and enter to win!

Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st

http://northamerica.msteched.com/registration

You can also register at the

North America 2011 kiosk located at registrationJoin us in Atlanta next year

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to

be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

JUNE 7-10, 2010 | NEW ORLEANS, LA