What You Need To Know About Server 2008 Core Edition

Chia sẻ: Huy Hoang | Ngày: | Loại File: PDF | Số trang:8

lượt xem

What You Need To Know About Server 2008 Core Edition

Mô tả tài liệu
  Download Vui lòng tải xuống để xem tài liệu đầy đủ

Back in the days of Windows 3.1, you could choose what Windows components you wanted to install. In fact, I remember doing the math at that time, and the number of possible component combinations was in the hundreds of thousands, if not more. If you didn't want a component, you could tell Windows that you didn't want it, and by George, you wouldn't get it.

Chủ đề:

Nội dung Text: What You Need To Know About Server 2008 Core Edition

  1. Expert Reference Series of White Papers What You Need To Know About Server 2008 Core Edition 1-800-COURSES www.globalknowledge.com
  2. What You Need To Know About Server 2008 Core Edition Glenn Weadock, MCSE, MCT, A+, Global Knowledge Instructor/Developer Introduction Back in the days of Windows 3.1, you could choose what Windows components you wanted to install. In fact, I remember doing the math at that time, and the number of possible component combinations was in the hun- dreds of thousands, if not more. If you didn't want a component, you could tell Windows that you didn't want it, and by George, you wouldn't get it. Since then, however, Windows setup has given customers less and less control over what bits should make it over onto your servers and workstations. The "give 'em everything" approach culminates in Windows Vista, which puts everything on your system including the kitchen sink. With Vista, you turn Windows components on and off rather than install or remove them. (Hence the renaming of the "Add/Remove Programs" wizard to simply "Programs.") While not having to hunt around for a Windows CD or an i386 folder on the network has a certain appeal, there are also undeniable advantages to minimizing the footprint that Windows makes on a system, including the following: • Patching Windows has become a bigger and bigger job in recent years; the larger the feature set, the more numerous the required patches. • The less software you have on a given system, the more likely it is to be reliable, all other things being equal. There are fewer chances for programs and components to interfere with each other. • Finally, the less software you have, the smaller the "attack surface" and therefore the less likely you are to be bothered with viruses and malware. Considering how organizations use servers, it's also clear that a full install is often overkill. For example, partic- ularly in medium to large organizations, a certain number of servers are used for a single purpose: file sharing, print sharing, domain controller, infrastructure services (DHCP, DNS), database services, and so forth. Recognizing the above truths, Microsoft is making Server 2008 available in a special "minimalist" version called Server Core. I was very excited to learn about this, as I have been an advocate for minimalism for many years. As a consultant, I've seen many examples of "less is more" in terms of software setups for both clients and servers. This white paper introduces the Server Core product for those who haven't yet tried it on for size. Copyright ©2007 Global Knowledge Training LLC. All rights reserved. Page 2
  3. What Is Server Core? For this white paper, I installed Server Core for Server 2008 Enterprise Edition, Beta 3 (build 6001), into a fresh Virtual Machine running on Virtual Server 2005 R2, with the Virtual Machine Additions. The host system was Windows Vista Ultimate. Server Core gives you a bare-bones version of Server 2008 Standard, Enterprise, or Web versions, and it's avail- able on both x86 or x64 platforms. Server Core doesn't give you the familiar GUI operating system shell, with Start button, taskbar, and desktop; when you start Server Core, you see a command prompt window on a plain background and that's it. Here are some other things you don't get on a Server Core installation as of the Beta 3: • Internet Explorer (but you can still configure Windows Update with the included SCREGEDIT.WSF script) • Server Manager • Microsoft Management Console (and all its snap-ins) • Dot-Net Framework (parts of it work, but much of it breaks; Microsoft says they're working on producing a subset of the framework for Server Core but it will be released after the release of Server 2008, if ever) • PowerShell (although you can run this remotely to manage Server Core) • DirectX (you don't play games on servers anyway, right?) • Media Player (...or play MP3s and videos?) • Sound card drivers • Modem drivers • Printer drivers (you actually can add these, but you must do so remotely) • Windows Mail (the new version of Outlook Express) Trimming all of these items saves something like 4GB of binaries, according to Microsoft. (My installation required about 5.7GB.) It also is likely to save something approaching 60% of the patch requirements, if we can use Windows 2000 Server as a guide. Below is a partial list of functions that you can perform or that do exist on Server Core: • Product activation (use the phone, a KMS server, or the command "slmgr.vbs -ato") • Change the password (ctrl-alt-del) • Join a domain (using NETDOM) • Rename the computer (again, using NETDOM) • Add a server role (using the OCSETUP tool) • Install Active Directory and promote to a domain controller (using DCPROMO) • Active Directory Lightweight Directory Services (formerly known as ADAM, Active Directory Application Mode) • Configure IP address, add DNS server, etc. (using NETSH) • View event log (run Event Viewer remotely from another system) • View performance counters (run Perfmon remotely from another system) • View Device Manager (remotely, and in read-only mode) • Plug and Play (works silently with included drivers) • Windows Installer Service (you can install MSI files) • Windows File Protection • Active Directory • DHCP Copyright ©2007 Global Knowledge Training LLC. All rights reserved. Page 3
  4. • DNS • File and print sharing • IIS 7 (but no asp.net) • WINS • Clustering • Network Load Balancing • Subsystem for UNIX • Backup • Removable storage • BitLocker • SNMP • Deployment of Server Core using WDS (Windows Deployment Service, the successor to RIS) • Virtualization (promised for later) How Do You Get It? Server Core is an install-time option for Server 2008. The Beta 3 is freely available from Microsoft as of this writing. Microsoft does not support upgrading (downgrading?) to Server Core from the "full" version of Server 2008, nor can you perform an in-place migration from Server Core to the full version. A clean install is your only choice. (However, you should be able to upgrade from one Beta version of Server Core to the next without having to perform a from-scratch reinstall.) The Command Line Figure 1. Lots of commands, most in C:\Windows\System32. Copyright ©2007 Global Knowledge Training LLC. All rights reserved. Page 4
  5. Here's a sampling of the tools available at the command line include the following (most of the EXE's reside in C:\Windows\System32): • BCDEDIT to customize the boot configuration • CACLS to display and modify file ACL's • CMD to spawn a new instance of the command interpreter • DISKPART to manage disk partitions • DRIVERQUERY to see what device drivers are installed • FTYPE to manage file suffix associations that live in HKEY_CLASSES_ROOT • GPRESULT to evaluate applied Group Policy settings • NETSH to configure network settings • SC to display, configure, start, and stop services (for example, SC QUERY shows all services and their state) • SCHTASKS to manage scheduled tasks • START to open a new window to run a particular program • SYSTEMINFO to view a variety of specs for the particular system • REGEDIT to manage the Registry (works as usual, in GUI mode) You'll note that some of the tools, such as REGEDIT, do bring up the graphical version of the utility, even though the Explorer shell is certainly not present. Other examples include Notepad and Task Manager. (Just don't expect to use the help system.) Nearly all of the command line tools provide some documentation when you invoke them with the /? parame- ter. The command line is also available remotely via Terminal Services in its "remote administration" mode. To turn this on, use the included SCREGEDIT.WSF script in the C:\Windows\System32 folder. You are allowed to open multiple instances of the command prompt in Server Core. And, if you do something silly like close the last (or only) command prompt window, you may do what I did and stare foolishly at the empty blue background until you remember that Task Manager works in Server Core, and you can use the New Task button to run an instance of CMD.EXE again. Adding Server Roles There are two main ways to add server roles to Server Core: during install with an "unat- tend" answer file, or after the basic install with the OCSETUP tool. You can use OCSETUP to install DHCP, DNS, file services, DFS, NFS, and Media Server. Figure 2. OCSETUP lets you add server roles. Copyright ©2007 Global Knowledge Training LLC. All rights reserved. Page 5
  6. One "gotcha" is that you have to supply the correct name for each service; for example, DHCP is DHCPServerCore, but DNS is DNS-Server-Core-Role. (You were expecting consistency?) Use the OCLIST command to see the role and optional feature names, as well as their status (installed vs. not). And by the way, the names are case-sensitive. You can uninstall a role with OCSETUP as well; just stop the service (e.g., using NET STOP ) and then use OCSETUP with the /uninstall command line parameter. By the way, you won't use OCSETUP to install Active Directory. You'll fire up old friend Figure 3. OCLIST shows you what's installed and DCPROMO for that job. However, you'll need what's available. to provide DCPROMO with an unattend file, because the GUI support for this tool, which prompts you for guidance on the configura- tion, isn't there. Of course, once a given server role is installed, you need to configure it, which the following section discusses. One tip to keep in mind is that Microsoft has stated that services running in Server Core use the same default settings as services running in the Full version of Server 2008. Managing Server Core Perhaps the best starting point for managing a Server Core system is the new "cli" option for the SCREGED- IT.WSF script. The exact command is: cscript scregedit.wsf /cli This displays a handy list of common administrative functions (for example, set the time zone, configure Windows Update, etc.) and the required syntax. Many administrators will most likely manage their Server Core systems by firing up an MMC console on a "full" server, or a workstation equipped with the Administrative Tools, and Figure 4. The SCREGEDIT script is your Swiss army knife. Copyright ©2007 Global Knowledge Training LLC. All rights reserved. Page 6
  7. simply connect to the Server Core system (usually by right-clicking the topmost node in the console and choosing "Connect To" or some similar command). Using this technique, I tried the Computer Management console, the Event Viewer, and the DNS console, and they all seemed to work fine. Windows Explorer also worked remotely. (Note that to manage Server Core remotely using MMC consoles and snap-ins, you must open the firewall on the Server Core system to permit remote management.) Even though you can use existing MMC consoles remotely, that's not the only way to manage and configure Server Core roles. Command-line tools exist for some services. For example, you may be familiar with the DNSCMD tool for configuring DNS at the command line in a Windows Server 2003 environment. That tool is also present in Server Core and may be used just as you used it in the older Server product. You can also manage Server Core remotely using the Windows Remote Management service (WinRM on the server side, WinRS on the client side) that made its debut with Windows Vista. This requires Windows Vista or Server 2008 on the client side; Windows XP won't work. Also, WinRM management is not interactive, so using Terminal Service Remote Administration mode (Remote Desktop) or even Telnet may be more convenient. Just be aware that activating these may reduce the overall security of the box. For example, to use Remote Desktop, you need to enable the Remote Desktop inbound rule in the firewall. Finally, don't forget about Group Policy. Server Core includes a functioning Group Policy agent capability. I placed my test Server Core system into a special OU, created a Group Policy Object that I linked to that OU, and voila – the settings made it to the Server Core system. If you are planning to test multiple Server Core sys- tems, this may be more convenient than making settings on each system individually using MMC consoles. So, you have various options for managing the software on a Server Core system. From the hardware stand- point, you can manage installation of new devices by manually installing the driver files and instructing Plug and Play to process them by using the PNPUTIL program. Conclusion Server Core is a very attractive option for shops running single-purpose servers. In concept at least, it should be simpler to maintain, more reliable, and more resistant to attack than "full-boat" Server 2008 systems. Everything has a price, of course. If you choose to implement Server Core, you'll have to learn some command- line utilities you may not have used before, and you'll be doing some of your server management remotely by necessity rather than by choice. However, that seems a fair price to pay for the promised benefits. Here's a product that takes us back to the days of Windows 3.1 – but in a good way! Further Information on Server Core Precious little information about Server Core is available at this writing, so most of your knowledge will be gained by playing with the product (it installs and runs fine on Virtual Server 2005 R2), but you can also check out the Microsoft Server Core step-by-step guide at the following URL: http://blogs.technet.com/server_core/archive/2007/05/17/step-by-step-guide-for-server-core.aspx Copyright ©2007 Global Knowledge Training LLC. All rights reserved. Page 7
  8. Learn More Learn more about how you can improve productivity, enhance efficiency, and sharpen your competitive edge. Check out the following Global Knowledge courses: Migrating to Server 2008 Updating Your Active Directory Technology Skills to Windows Server 2008 (Beta 3) Updating Your Application Platform Technology Skills to Windows Server 2008 (Beta 3) Updating Your Network Infrastructure Technology Skills to Windows Server 2008 (Beta 3) For more information or to register, visit www.globalknowledge.com or call 1-800-COURSES to speak with a sales representative. Our courses and enhanced, hands-on labs offer practical skills and tips that you can immediately put to use. Our expert instructors draw upon their experiences to help you understand key concepts and how to apply them to your specific work situation. Choose from our more than 700 courses, delivered through Classrooms, e-Learning, and On-site sessions, to meet your IT and management training needs. About the Author Glenn Weadock is a longtime instructor for Global Knowledge and Co-Course Director with Mark Wilkins of the seminars "Implementing and Maintaining Microsoft Windows Vista," "Migrating to Windows Vista," and "Deploying Group Policy." He also consults through his Colorado-based company Independent Software, Inc. and is the author of 18 computer books. Copyright ©2007 Global Knowledge Training LLC. All rights reserved. Page 8
Đồng bộ tài khoản