Getting Started with Server Core

Published 17 July 07 07:36 AM

Today we're going to get started with Windows Server 2008 Server Core.  First, let's talk about what the Server Core installation is (and what it is not!).  Server Core is a minimal environment to run specific server roles, which reduces the maintenance and management requirements and the attack surface for those roles.  The following roles are supported on Server Core.  At this time, we are still working with the Beta 3 build of Server 2008, so additional roles may be available at Product Launch.

  • AD Domain Services
  • AD Lightweight Directory Services
  • DHCP Server
  • DNS Server
  • File Server
  • Print Server
  • Streaming Media Services

Note: Microsoft recently announced that IIS7 would be available as a Server Core role, however the Beta 3 build does not have IIS support.  The IIS Role on Server Core does not include support for .NET.  There is also no support for GUI management tools.  However, according to Bill Staples' blog, .NET support is still being discussed ...

When you look at what Server Core offers, the roles available are ideal for a branch office deployment scenario where there are limited (or no) IT resources remotely and all management is centralized.  So let's get started with our installation.  For this Server Core install, I am setting up a File & Print Server in a Virtual Environment for my own testing.  I allocated 20GB for the Hard Drive and 256MB of RAM for my VM ... so on with the installation!  The first few screens are fairly standard - choosing the installation language, the regional options (time and currency format) and my keyboard layout.  However, I did run into one minor glitch ...

ThirdScreen

Oops!  Guess I should have read the Windows Server 2008 System Requirements for Beta 3!  After making the appropriate change to the amount of RAM available for the VM, I was able to continue on with the installation ...

Welcome to the Server Core User Interface.  There is no traditional UI, only a command prompt.  All the management and administration is performed locally via the command prompt, or remotely using a Terminal Server connection, the Microsoft Management Console (MMC) or via command-line tools that support remote use.

ServerCore-Desktop01

Today, we're going to get a few basic tasks accomplished:

  1. Change the Administrator password
  2. Set the IP Address of the server
  3. Rename the server
  4. Join the Domain

In other words - getting all the prep work done to make this a File & Print Server.  So the first thing we're going to do is set the password for the Administrator user account.  We can accomplish this by using the Net User Administrator * command.  Using the * character means that the password is not displayed on the screen as shown below:

Changing_Admin_Password 

So now that the password is changed, we need to verify network connectivity for the server.  We are going to set an IPv4 address on this machine.  Since this machine is on our corporate network, we will be using DHCP to get our address, but we're going to go through the process to set up a Static IP as well as configuring this machine as a DHCP client.  But, before we can set any addresses, we need to know which interface we are working with.  To display a list of interfaces, we use the Netsh interface ipv4 show interfaces command:

NetSH_Command

We can see that there are two interfaces, the Local Area Connection and the Loopback interface (remember, this is a Virtual Machine).  Make a note of the number shown in the Idx column of the output for your network adapter.  If your computer has more than one network adapter make a note of the number corresponding to the network adapter for which you wish to set a static IP address.  To set a Static IP address, we use the following command: netsh interface ipv4 set address name="ID" source=static address=StaticIP mask=SubnetMask gateway=DefaultGateway where:

  • ID is the number from step 2 above
  • StaticIP is the static IP address you are setting
  • SubnetMask is the subnet mask for the IP Address
  • DefaultGateway is the default gateway

SetIPAddress01

Notice that we didn't set up any DNS servers for this machine.  To add a DNS Server, we use the following command: netsh interface ipv4 add dnsserver name=interfaceid address=ipofdnsserver index=1.  For each DNS server you set, you need to increment the index number by 1.

But for this server to be functional on our corporate network here, I need to switch back to DHCP.  This is done via the following command: netsh interface ipv4 set address name="ID" source=dhcp

And that's it - I'm back on the corporate network.  I'm almost ready to join this machine to the domain.  Before doing that, I want to make sure that the server has a friendly name.  As you go through the setup, you'll notice that there was no prompt to define the server's name - so what you end up with is an auto-generated name as shown below:

ServerRename

There's no way I'm ever going to remember LH-QU6Z6TS52XSS, so I need to rename the server to CC-LHSCORE-B3.  Using the Netdom command we can change the computer name as shown above.  As with any server name change, the server has to be rebooted for the rename to be completed.  And after the reboot ... a familiar screen:

LogonScreen

Now the CC-LHSCORE-B3 server is ready to join the domain.  Again, we're going to use the Netdom command to join the domain: netdom join ComputerName /domain:DomainName /userd:UserName /passwordd:*.  Before I reboot for the domain join to take effect, I want to make sure that I add my domain user account to the local administrators group.  I can do this with the following command: Net localgroup administrators /add DomainName\UserName.  Now I'm ready to reboot and log in with my domain user account and work on getting the server set up as a File & Print server.  You can use the Ctrl+Alt+Del key combination to bring up the familiar menu which allows you to launch Task Manager as well as restart or lock the machine.  You could also use the shutdown command to restart the machine.

And that brings us to the end of our quick walkthrough on getting a Server Core install up and running and ready for configuration.  In the next Server Core post, we'll cover adding the Print Services role to the server and configuring some printers.  Until next time ...

Additional Resources:

- CC Hameed

by CC Hameed
Filed under: ,

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# kgreene@pathfind.org said on July 17, 2007 9:56 AM:

Surely someone in Redmond will be slapped to their senses soon and realize the need to eliminate that black box cutely referred to as the "command line." If I want a command line, I'll travel back to 1983, thanks.

Don't try to sell me that, because I'm not going to purchase ANYTHING that requires an employee to be able to remember a convoluted syntax:

netsh interface ipv4 add dnsserver name=interfaceid address=ipofdnsserver index=1

Not the way the world works any more guys.

Instead of redesigning my kitchen

http://news.bbc.co.uk/1/hi/technology/6895588.stm

how bout we put some programmers back into the GUI creation business.

# Chris O. said on July 17, 2007 11:44 AM:

kgreene,

This post talks about Server "CORE".

if you need the UI, just install one of the more feature-full Windows Server 2008 version.

It's that simple.

# Ryan said on July 17, 2007 12:50 PM:

KGreene, get a clue. This isn't about making things easier and prettier, it's about limiting attack surfaces and resource requirements. It lets admins run servers that only run specific roles.

# Dan said on July 17, 2007 5:46 PM:

I've been using Windows Server products for years, and this is _not_ the direction I want to go.  Reducing the attack surface is desirable, but not if it requires too much time to implement, or requires a lot of arcane syntax.  I'll do what Chris O. said.

# Tech Guru said on July 17, 2007 10:24 PM:

HOWTO: Windows Server 2008 Beta 3 Server Core

# Steve Schofield said on July 18, 2007 1:04 AM:

I'm excited for Server core for AD, DNS, Virtual Server, Clustering roles.  No more reboots every month for IE, Windows media services.  Deploy and forget!

# kgreene@pathfind.org said on July 18, 2007 1:34 PM:

Reducing the "attack surface" does not require gutting the management interface.

Do not try to sell me a product that will require me to hire people who must relearn DOS command syntax.

World doesn't work that way any more.

Please REDEPLOY the Microsoft Kitchen programmers back to the Windows Server group.

# josebda said on July 26, 2007 10:38 AM:

For details on all roles included in Server Core on the Beta 3 and the June CTP, check http://blogs.technet.com/josebda/archive/2007/07/25/changes-in-windows-server-2008-roles-and-features-from-the-beta-3-to-the-june-ctp.aspx

# Guillermo Taylor @ Microsoft said on July 28, 2007 3:55 AM:

Hola a todos. Decidí finalmente, además por tiempo y para dedicarme a preparar algunos "rituales" en

# The things that are better left unspoken said on August 8, 2007 10:27 AM:

It is possible to obtain Windows Server 2008 through various public channels, even if you're not a devoted

# Ask the Performance Team said on September 11, 2007 6:20 AM:

A few weeks ago we posted our initial walkthrough on Windows Server 2008 Server Core - getting the OS

# Steve Wiseman said on September 11, 2007 7:33 AM:

Look people. If the command line is not the direction you want to go...then don't look over here. Just forget that Server Core even existed. It is an option in windows that I have been waiting to see for years. Why? Not only does it limit the attack surface but it limits the resource footprint. Now I finally have an option to deploy a dedicated box that will do one thing and one thing well. No extra memory needed to run explorer, or 100 other tools I don't need. So go back to your bloated cushy server interface, and leave those of us alone that can handle a command line. It is not hurting you. Microsoft is not going to take away th GUI. So what is the issue?

# bday said on September 12, 2007 9:38 PM:

Server Core is an EXCELLENT direction to move in. Please do not let those in here trashing it lower your spirits.

This is why many Unix/Linux/etc. administrators laugh at most people who consider themselves a Windows "admin". Most of those self proclaimed admins cannot survive without a GUI of some kind because they are no more than a hack with little to no real skill. Thank you Windows team for making server core a reality, many of us appreciate it!

I cannot wait to deploy some DCs in this method, basically making them appliances which cannot be screwed with.

# Ken said on September 13, 2007 4:52 PM:

Sorry, but requiring 512Mb to run a print server is not reducing the footprint to run a single task!

How does not running MMC locally on a machine that clearly has a functional GUI, while allowing remote RPC, reduce the attack surface?

# JamesMc said on October 2, 2007 1:01 PM:

I agree that this is a good direction for MS. We are looking to centralize our server infrastructure where I work. Being able to install a specialized appliance version of Windows Server handling DHCP/DNS/ and print services reduces energy, management, and cost requirements for those all so needy remote offices.

I've been looking at microITX boxes using a 6GB flash drive to run 2008 core. Has anyone tried this?

# designrapture said on October 22, 2007 3:29 AM:

Don't mind people who are negative on the server core issue, they just don't get the point. Meanwhile, I have a question need some answer.

Say if I install a Server Core, move the profiles (C:\Users) to a seperate hard drive on the network, set pagefile to 0, and turn off automatic update, then is it possible to make the entire system (boot) partition read only?

The reason I'm asking is I'm considering some scenarios for low-cost blade servers. Consider a blade with a Core 2 processor, a chipset controller (if Intel could only make a CPU with integrated memory/hd/network control, but that's another discussion another place), maybe 4-8GB memory and a onboard Flash hard drive, this blade would not take more than 3U (maybe even just 2U) tall, and the enclosure could take up to 14-20 blades without heating up too much. Now considering the Flash hard drive, which btw, Sandisk already makes 4GB-16GB ones, a simple switch can physically turn it to read-only mode. According to Tom's Hardware, SSDs have incredible read speed compared to traditional hard drives, but write speed sucks, and will shorten their lifespans. However, if I can make the boot partition read only, and use a server (or blade) as file server for internal updates, I can make up a schedule, manually switch the hard drives back to read-and-write mode, update and afterwards, switch them back to read-only mode. Not only will this be easier for backing up, but will surely reduce attack even more.

Just some thoughts, but would like an answer.

# drew said on November 14, 2007 2:58 AM:

without a command line deploying software to 4000 gets pretty boring and I have no desire to rob my company years of lost productivity ...

sever core gives us the ability to install iis via the command line i would pay thousands just to not wait for that darn add windows components dialogue that takes FOR EVER.  :)

outstanding product move

# AB said on February 12, 2008 4:20 AM:

Hi *,

I am searching for some details about Windows Server 2008 Core.

Is there any numbers - how much system performance was reduced from Server with UI to Core Server without UI. Is there really a benefit for Core Server?

Thanks

AB

# madristaa said on August 6, 2008 2:26 PM:

hi...can any one tell me how thread level parallelism is done in server core?

Leave a Comment

(required) 
(optional)
(required) 

About CC Hameed

I joined Microsoft as a Support Engineer on the Performance team in September 2005. Prior to that I spent a couple of years working the late night shift on our Platforms 24x7 team. Working for Microsoft was always a dream job - so I am living the dream! I was on the Windows Vista Beta team in 2006, which was one of the coolest projects I have ever worked on, until I took on the task of driving the AskPerf Blog. As you can tell by my logo, I am a huge Manchester United fan and I have successfully managed to brainwash my two daughters into sharing my passion for the Red Devils much to the dismay of their mother! I also coach both my daughters' soccer teams. In addition I am an avid MMO gamer, and have an extensive DVD movie collection.
Go

This Blog

Syndication

Disclaimer: All postings are provided "AS IS" with no warranties, and confer no rights. This weblog does not represent the thoughts, intentions, plans or strategies of Microsoft. Because a weblog is intended to provide a semi-permanent point-in-time snapshot, you should not consider out of date posts to reflect current thoughts and opinions.


CTS Platforms Team Blogs
Directory Services
Networking
Setup / Core
Small Business Server
SMS & MOM
Softgrid
SUS / WSUS Support

Useful Microsoft Blogs
Exchange
Internet Explorer Team
IIS
LATAM (Portugese / Spanish)
MSRC (security)
NT Debugging
OEM Team Blog (Vista)
Powershell
Terminal Services
MS HotFix & Hot Issue Blog

Blog Tools


Add to Technorati Favorites
Add to Google
Add to My Yahoo!
Subscribe with Bloglines

Computers Blogs - Blog Top Sites

Page view tracker