Taming Windows Server Core
Today I would like to introduce the reader to Windows Server Core 2008 R2.
As my personal observations show, many administrators are afraid of him. The reason is simple: Windows = GUI is firmly stuck in our heads, but there is no GUI in it. As a result, everyone perceives Server Core as “not such” Windows. He really is not like that, but nothing terrible about him. Moreover, it has its pluses and charms. From the obvious - saving resources. Of the not obvious - the lack of opportunity to poke in all places disciplines and makes you understand what you want to do.
Less demanding of resources makes it possible to more effectively distribute them in server virtualization.
I will explain:
There is, let's say, a server (no matter physical or virtual). On it Windows Server 2008R2, AD (not the main controller), WSUS. In order for it to at least somehow turn over, at least 2GB of memory is needed. Instead, you can make two virtuals with Server Core, on one AD, on the second WSUS. In this case, both of these virtualki will live with a half-memory of memory and feel great. At the same time, we lose only the GUI, which I, for example, do not use almost anyway, at least from the server console.
Now I will tell you where to start and how to do it:
To tell and show the installation process does not see the point. Everything is simple and trite. Nakosyachit just nowhere.
The first successful login shows our view such a joyful picture.
')
First of all, run sconfig.
We configure the network, enter the domain, allow RDP, in general we do everything that is needed.
Separately, I want to note that in the Russian version, the permission of remote control MMC through sconfig does not work. If you try to do this, you will receive a message about the impossibility of reconfiguring the firewall. Cost is simple:
If paranoia does not allow you to open all the ports, then you can fine tune.
Next step: Install PowerShell. The installation of roles and components is done using the DISM command. It also allows you to see the list of available components and roles (DISM / online / Get-Features).
This command will provide us with .NET2, .NET3, PowerShell itself, and control cmdlet sets.
If you wish, you can put a file manager, for example, FAR:
Now we have a platform. All further settings and analytics can already be obtained using MMC snap-ins from your PC or another server.
Further, the actual installation of roles, everything is done to insanity is simple.
First consider the installation of WSUS:
1st: Turn on IIS.
2nd: We put WSUS itself (http://www.microsoft.com/download/en/details.aspx?id=5216). And set up as usual through the wizard. (if you specify an existing SQL server as storage, you should bear in mind that the name of the WSUS database does not ask but uses the name SUSDB, and if there is such a database on this server, then WSUS will simply crash it).
3rd: We install from the same distribution kit on the personal computer control equipment. And in general, everything. WSUS server is ready.
Domain controller:
It's still easier.
The role of DNS and AD can be managed by snap-ins from your working PC in the same way as is usually done from the server console. Here, for example, the server manager started remotely.
That is, the whole process of installing and configuring Server Core is just as easy as setting up a regular server. However, the information on it is much less and in general it is somehow not deservedly deprived of attention.
PS I deliberately avoided licensing issues and the fact that licenses are more expensive than hardware, so please do not kick me for it. There are all sorts of situations, and sometimes the use of Server Core is quite justified.
As my personal observations show, many administrators are afraid of him. The reason is simple: Windows = GUI is firmly stuck in our heads, but there is no GUI in it. As a result, everyone perceives Server Core as “not such” Windows. He really is not like that, but nothing terrible about him. Moreover, it has its pluses and charms. From the obvious - saving resources. Of the not obvious - the lack of opportunity to poke in all places disciplines and makes you understand what you want to do.
Less demanding of resources makes it possible to more effectively distribute them in server virtualization.
I will explain:
There is, let's say, a server (no matter physical or virtual). On it Windows Server 2008R2, AD (not the main controller), WSUS. In order for it to at least somehow turn over, at least 2GB of memory is needed. Instead, you can make two virtuals with Server Core, on one AD, on the second WSUS. In this case, both of these virtualki will live with a half-memory of memory and feel great. At the same time, we lose only the GUI, which I, for example, do not use almost anyway, at least from the server console.
Now I will tell you where to start and how to do it:
To tell and show the installation process does not see the point. Everything is simple and trite. Nakosyachit just nowhere.
The first successful login shows our view such a joyful picture.
')
First of all, run sconfig.
We configure the network, enter the domain, allow RDP, in general we do everything that is needed.
Separately, I want to note that in the Russian version, the permission of remote control MMC through sconfig does not work. If you try to do this, you will receive a message about the impossibility of reconfiguring the firewall. Cost is simple:
netsh advfirewall set domainprofile firewallpolicy allowinbound,allowoutboundIf paranoia does not allow you to open all the ports, then you can fine tune.
Next step: Install PowerShell. The installation of roles and components is done using the DISM command. It also allows you to see the list of available components and roles (DISM / online / Get-Features).
DISM /online /Enable-Feature /FeatureName:NetFx2-ServerCore /FeatureName:NetFx2-ServerCore-WOW64 /FeatureName:NetFx3-ServerCore /FeatureName:NetFx3-ServerCore-WOW64 /FeatureName:MicrosoftWindowsPowerShell /FeatureName:ServerManager-PSH-CmdletsThis command will provide us with .NET2, .NET3, PowerShell itself, and control cmdlet sets.
If you wish, you can put a file manager, for example, FAR:
PS C:\Dist>msiexec /package Far20.x64.msi
PS C:\Dist> cd Env:
PS Env:\> $cur = get-item -Path Path
PS Env:\> $cur.Value+=";C:\Program Files\Far2"
PS Env:\> Set-Item -Path Path -Value $cur.Value
Now we have a platform. All further settings and analytics can already be obtained using MMC snap-ins from your PC or another server.
Further, the actual installation of roles, everything is done to insanity is simple.
First consider the installation of WSUS:
1st: Turn on IIS.
DISM /Online /Enable-Feature /FeatureName:NetFx2-ServerCore /FeatureName:IIS-WebServer /FeatureName:IIS-WebServerRole /FeatureName:IIS-ASPNET /FeatureName:IIS-WindowsAuthentication /FeatureName:IIS-HttpCompressionDynamic /FeatureName:IIS-IIS6ManagementCompatibility /FeatureName:IIS-ISAPIFilter /FeatureName:IIS-ISAPIExtensions /FeatureName:IIS-NetFxExtensibility /FeatureName:IIS-Metabase2nd: We put WSUS itself (http://www.microsoft.com/download/en/details.aspx?id=5216). And set up as usual through the wizard. (if you specify an existing SQL server as storage, you should bear in mind that the name of the WSUS database does not ask but uses the name SUSDB, and if there is such a database on this server, then WSUS will simply crash it).
3rd: We install from the same distribution kit on the personal computer control equipment. And in general, everything. WSUS server is ready.
Domain controller:
It's still easier.
DISM /online /Enable-Feature /FeatureName: DNS-Server-Core-Role - DNS.
dcpromo /replicaornewdomain:replica /replicadomaindnsname:domain.name /safemodeadminpassword:<AD_recovery_password> /autoconfigdns:yes
- AD.The role of DNS and AD can be managed by snap-ins from your working PC in the same way as is usually done from the server console. Here, for example, the server manager started remotely.
That is, the whole process of installing and configuring Server Core is just as easy as setting up a regular server. However, the information on it is much less and in general it is somehow not deservedly deprived of attention.
PS I deliberately avoided licensing issues and the fact that licenses are more expensive than hardware, so please do not kick me for it. There are all sorts of situations, and sometimes the use of Server Core is quite justified.
Source: https://habr.com/ru/post/138786/
All Articles