Servers optimize

Four methods of remotely managing Windows Server 2008 Server Core

If you're somewhat new to administering Windows Server 2008, you should know that there are several methods you can employ for remote management. Here is a basic outline of four of them.

This week's post is aimed more towards less-experienced Windows Server administrators. If you are a well-seasoned administrator you will probably be familiar with the items covered in this post, but you might find a useful nugget here and there.

Managing Server Core remotely

Microsoft has built in a number of ways to remotely manage your Windows Server 2008 Core systems. This list is not all-inclusive but it is meant to highlight some of the native features to allow this. Regardless of the method you choose, you will need to have Administrative Rights on the Server Core system to fully manage that server.

The items I will cover in this post include using the Microsoft Management Console Remote plug-ins, Terminal Services, TS RemoteApp, and Windows Remote Shell. I will briefly discuss each of these options in this post. Again, I do not intend this to be all-inclusive and suggest that you check out the links throughout this post for more of a Deep-Dive into each of these methods.

You can also administer a Server Core system remotely using PowerShell, but that is a subject best covered on its own in a future post. I am not including using Server Manager to administer a Server Core system due to the limitations of the items that can actually be managed using this method.

Manage Server Core via the Microsoft Management Console

I like this method for a lot of the tasks I have had to perform managing servers. You can create MMC's for specific tasks such as managing Active Directory, as one example. You can use the predesigned snap-ins, plus you can use the Task Pad feature to expand the usefulness of an MMC. An example of this is that I work with several IBM AS400 systems, and I add links in the Task Pad to call TELNET and pass in the parameter of the server name. There is a lot you can do with this. Just be sure to save your MMC once you have it configured.

If you are running the Windows Firewall on your Server Core you will need to do some configuration on that system to allow MMC Snap-ins to connect. To use all of the remote snap-ins on your Server Core system, run the following:

Netsh advfirewall firewall set rule group="remote administration" new enable=yes

To allow only specific snap-ins, type the following:

Netsh advfirewall firewall set rule group="<RuleGroupName>" new enable=yes

Some snap-ins do not have a Rule Group associated with them but enabling the groups for Event Viewer or Services will usually suffice for them as well.

Configuring a Server Core system that is not a Domain member requires a few additional steps.

For more information on using MMC to configure and manage Server Core check out this link:

http://technet.microsoft.com/en-us/library/dd163507.aspx

Manage Server Core with Terminal Services

One of the command line methods for managing Windows Server 2008 Server Core is via Terminal Services. TS has long been a favorite connection method of mine, though I am sure there are some who do not share my enthusiasm.

To connect to a Server Core system using Terminal Services, you will need to ensure that Remote Desktop for Administration mode is enabled on the Server Core system. To do this, log into your Server Core system and enter the following command:

Cscript c:\windows\system32\scregedit.wsf /ar 0
Once you receive the notification, "Registry has been updated" you can launch the Remote Desktop Connection on another system and, using either the IP Address or Hostname of the Server Core system, connect to it and have all of the command line functionality. When you are ready to disconnect from the Server Core system, be sure to type logoff at the command prompt. It is never good policy to just "X" out of an RDP connection as this will leave a "Ghost" job running. In a later post, I'll address ways of automatically killing these Ghost connections on a Terminal Server.

Manage your Server Core system using TS RemoteApp

With Windows Server 2008, you have the ability to publish an application without users having to connect to the desktop. With Server Core, this is especially true since there is not a traditional desktop anyway.

To enable this on your Server Core system:

  1. Open the MMC on a Windows Server 2008 system that has the Terminal Services role enabled and add the TS RemoteApp snap-in. Then connect to your Server Core system.
  2. Next, from the Results pane, select RemoteApp Programs and locate cmd.exe at \\Servername\c$\windows\system32 (assuming you used the default install location).
  3. From the Allow list, click Remote cmd.exe and then select Create RDP Package.

Now you can use the RDP package to connect to the Server Core system.

For more information on using Terminal Services and TS RemoteApp refer to this link:

http://technet.microsoft.com/en-us/library/dd184089.aspx

Manage Server Core using Windows Remote Shell

To use Windows Remote Shell you must first enable it on your Server Core system. To do this you should:

  1. At the command prompt of your Server Core system enter WinRM quickconfig.
  2. At the command prompt of another system use WinRS.exe to initiate commands remotely on the Server Core system. An example of this to view the Windows directory on the Server Core system would be winrs -r:ServerCoreName dir c:\windows.

Using this same winrs -r:ServerCoreName syntax you can run any command remotely that you could locally on the Server Core system.

For more information on using WinRS check out this link:

http://technet.microsoft.com/en-us/library/dd163506.aspx

Summary:

There are a number of built-in methods that can be used for managing Server Core systems, as well as other Windows Server 2008 servers. Find the one that suits your style the best, or use multiple methods when you find them more appropriate. There are caveats and tweaks that are not listed for each of these items, and I encourage you to check out the links for these methods to give yourself a more clear understanding of them. Also, check out the additional reference links below. Do you have a preferred method?

Links

About

James Wright is a veteran IT professional who has spent the majority of his career as a Systems Administrator. James has also served as a Systems Analyst, Helpdesk Senior Technician and as a Programmer Analyst. This range of experience has allowed hi...

0 comments