What Is a Windows Server Core Installation?
The best way of learning about the Windows server core installation option is to simply install it and log on. Here’s what you see when you first log on to a Windows server core server.
That’s it? Where’s the task bar and Start menu? There is no task bar or Start menu. How do you start Windows Explorer then? You can’t-the tool is not available in a Windows server core installation. Where’s the Initial Configuration Tasks screen? It’s not there. How can I open Server Manager to add roles and features? Sorry, Server Manager is unavailable on a Windows server core installation. Well, what can I do with this thing then? Am I stuck with only a command prompt to work with?
You can do a lot with a Windows server core installation, as we’ll see in a moment. And no, you’re not just stuck with a command prompt. But if you were, would it be bad? Ever hear a Unix admin complain about “being stuck” with having to use the command line to administer a server? Isn’t command-line administration of servers a good thing because it means you can automate complex management tasks using batch files and scripts and there is no graphical UI taking resources away from server tasks?
And that’s one of the things that a Windows server core installation is all about-scripted administration of Windows servers in enterprise (and especially datacenter) environments. But why remove the desktop and all the GUI management tools? Doesn’t that cripple the server? Not at all-in fact, just the opposite!
Understanding Windows Server Core
Windows server core is a “minimal” installation option for Windows Server 2008. What this means is that when you choose this option during setup (or when using unattended setup), Windows Server 2008 installs a minimum set of components on your machine that will allow you to run certain (but not all) server roles. In other words, selecting the Windows server core installation option installs only a subset of the binaries that are installed when you choose the full installation option for Windows Server 2008.
Here are some of the Windows Server 2008 components that are not installed when you specify the Windows server core installation option during setup:
-
No desktop shell (which means no glass, wallpaper, or screen savers either)
-
No Windows Explorer or My Computer (we already said no desktop shell, right?)
-
No .NET Framework or CLR (which means no support for managed code, which also means no PowerShell support)
-
No MMC console or snap-ins (so no Administrative tools on the Start menu-whoops! I forgot, no Start menu!)
-
No Control Panel applets (with a few small exceptions)
-
No Internet Explorer or Windows Mail or WordPad or Paint or Search window (no Windows Explorer!) or GUI Help and Support or even a Run box.
Wow, that sounds like a lot of stuff that’s missing in a Windows server core installation of Windows Server 2008! Actually though, it’s not-compare the preceding list to the following list of components that are available on a Windows server core server.
First, you’ve still got the kernel. You always need the kernel.
Then you’ve got hardware support components such as the Hardware Abstraction Layer (HAL) and device drivers. But it’s only a limited set of device drivers that supports disks, network cards, basic video support, and some other stuff. A lot of in-box drivers have been removed from the Windows server core installation option, however-though there is a way to install out-of-box drivers if you need to, as we’ll see later in this chapter.
Next, you’ve still got all the core subsystems that are needed by Windows Server 2008 in order to function. That means you’ve got the security subsystem and Winlogon, the networking subsystem, the file system, RPC and DCOM, SNMP support, and so on. Without these subsystems, your server simply wouldn’t be able to do anything at all, so they’re a necessity for a Windows server core installation.
Then you’ve got various components you need to configure different aspects of your server. For example, you have components that let you create user accounts and change passwords, enable DHCP or assign a static IP address, rename your server or join a domain, configure Windows Firewall, enable Automatic Updates, choose a keyboard layout, set the time and date, enable Remote Desktop, and so on. Many of these configuration tasks can be performed using various command-line tools included in a Windows server core installation (more about tools in a moment), but a few of them use scripts or expose minimal UI.
There are some additional infrastructure components present as well on a Windows server core installation. For instance, you still have the event logs plus a command-line tool for viewing, configuring, and forwarding them using Windows eventing. You’ve got performance counters and a command-line tool for collecting performance information about your server. You have the Licensing service, so you can activate and use your server as a fully licensed machine. You’ve got IPSec support, so your server can securely communicate on the network. You’ve got NAP client support, so your server can participate in a NAP deployment. And you’ve got support for Group Policy of course.
Then there are various tools and infrastructure items to enable you to manage your Windows server core server. As we saw in our screen shot earlier, you’ve got the command prompt cmd.exe, so you can log on locally to your server and run various commands from a command-prompt window. In fact, as we saw, a command-prompt window is already open for you when you first log on to a Windows server core server. What happens, though, if you accidentally close this window? Fortunately, a Windows server core installation still includes Task Manager, so if you close your command window you can start another by doing the following:
-
Press CTRL+SHIFT+ESC, to open Task Manager.
-
On the Applications tab, click New Task.
-
Type cmd and click OK.
In addition to the command prompt, of course, there are dozens (probably over a hundred, and more when different roles and features are installed) of different command-line tools available on Windows Server 2008 for both full and server core installation options. What I’m talking about is Arp, Assoc, At, Attrib, BCDEdit Cacls, Certutil, Chdir, chkdsk, Cls, Copy, CScript, Defrag, Dir, and so on. A lot of the commands listed in the “Windows Command-Line Reference A–Z,” found on Microsoft TechNet, are available on a Windows server core server- not all, mind you, but a lot of them.
You can also enable Remote Desktop on a Windows server core installation, and this lets you connect to it from another machine using Remote Desktop Connection (RDC) and start a Terminal Services session running on it. Once you’ve established your session, you can use the command prompt to run various commands on your server, and you can even use the new Remote Programs feature of RDC 6.0 to run a remote command prompt on a Windows server core server from an administrative workstation running Windows Vista. (We’ll learn more about that soon.)
There’s also a WMI infrastructure on your Windows server core server that includes many of the usual WMI providers. This means you can manage your Windows server core server either by running WMI scripts on the local machine from the command prompt or by scheduling their operation using schtasks.exe. (There’s no Task Schedule UI available, however.) Or you can manage your server remotely by running remote WMI scripts against it from another machine. And having WMI on a Windows server core server means that remote UI tools such as MMC snap-ins running on other systems (typically, either a full installation of Windows Server 2008 or an administrator workstation running Windows Vista with Remote Server Administration Tools installed) can connect to and remotely administer your Windows server core server. Plus there’s also a WS-Management infrastructure on a Windows server core installation. WS-Management is a new remote-management infrastructure included in Windows Vista and Windows Server 2008, and involves Windows Remote Management (WinRM) on the machine being managed and the Windows Remote Shell (WinRM) for remote command execution from the machine doing the managing. We’ll talk about remote management of Windows server core servers later in this chapter.
Then there are various server roles and optional features you can install on a Windows server core server so that the machine can actually do something useful on your network, like be a DHCP server or a domain controller or print server. We’ll look later at exactly which roles and features are available for installing on a Windows server core server and which roles/features you can’t install.
Then there are a few necessary GUI tools that actually are present on a Windows server core server. For example, we already saw that the command prompt (cmd.exe) is available, and so is Task Manager. Another useful tool on a Windows server core server is Regedit.exe, which can be launched either from the command line or from Task Manager. Then there’s Notepad.
Notepad?
Yes, Notepad. The reason for including Notepad on a Windows server core installation option of Windows Server 2008 is simple: Microsoft listens to its customers. I’m not kidding! (Plus I’m serious about Microsoft listening to customers.) During the early stages of developing and testing Windows Server 2008, one of the most common requests from participants in the Microsoft Technology Adoption Program (TAP) for Windows Server 2008 was this: We need a tool on Windows server core servers that we can use to view logs, edit scripts, and perform other essential administrative tasks. Give us Notepad! We want Notepad!
Who ever expected that the lowly and oft-maligned Notepad would be so important to administrators who work in enterprise environments?
Anyway, before we move on and talk a bit about the rationale behind why Microsoft decided to offer the Windows server core installation option in Windows Server 2008, let’s hear from one of our experts about how the Windows server core product team managed to make this thing work. After all, Windows components have a lot of dependencies with one another and especially with the desktop shell and Internet Explorer, so it will be interesting to hear how they took so many components out of this installation option for the product without causing it to break. Plus we’ll also learn a bit about how we can try to get applications that we need to have running on a Windows server core server running properly. And finally, we’ll learn something about getting Notepad to run properly on a Windows server core server:
 |
The primary goal of the Windows server core installation option is to minimize the disk and servicing footprint. Thus, a number of Windows components-such as Media Player and Internet Explorer-are not installed as part of a Windows server core installation. This means that because of their dependencies on parts of Internet Explorer, the common dialog boxes are not functional in a Windows server core installation. Thus, the file open and save dialog boxes in Notepad, for example, will not work.
A Windows server core installation leverages the application compatibility shim infrastructure in Windows to develop a clever solution to this problem. A shim is a thin layer of code that sits between an application and a Windows API. The shimming infrastructure redirects the API call made by the application to the shim code, which can then make some changes to the parameters, call the original API, or do something else entirely.
A Windows server core installation installs two shims. The first one is called RegEditImportExportLoadHive and is a specialized shim that allows RegEdit to import and export registry files. The second shim is called NoExplorerForGetFileName. It’s a general shim for file open and save dialog boxes and is currently used by Notepad. This second shim changes some parameters to the API call that displays the file open or save dialog so that the old-style dialog box from pre-Windows 95 is displayed, instead of the new Explorer-style dialog box.
The shimming engine allows the end user to apply existing shims to other applications. The tool used to do this is the Application Compatibility Toolkit. Copy the sysmain.sdb database located at %SYSTEMROOT%\AppPatch (or %SYSTEMROOT%\AppPatch\ AppPatch64 on x64 machines) on the Windows server core machine to a Windows Server 2008 machine. Use the Application Compatibility Toolkit to edit the database. Copy the new database back to the Windows server core machine, and install it using sdbinst.exe, located at %SYSTEMROOT%\System32.
–Rahul Prasad
Software Development Engineer, Windows Core Operating System Division
|
The Rationale for Windows Server Core
The need for something like the Windows server core installation option of Windows Server 2008 is pretty obvious. Windows Server today is frequently deployed to support a single role in an enterprise or to handle a fixed workload. For example, organizations often deploy the DHCP Server role on a dedicated Windows Server 2003 machine to provide dynamic addressing support for client computers on their network. Now think about that for a moment- you’ve just installed Windows Server 2003 with all its various services and components on a solid piece of hardware, just to use the machine as a DHCP server and nothing more. Or maybe as a file server as part of a DFS file system infrastructure you’re setting up for users. Or as a print server to manage a number of printers on your network. The point is, you’ve got Windows Server 2003 with all its features doing only one thing. Why do you need all those extra binaries on your machine then? And think about when you need to patch your system- you’ve got to apply all new software updates to the machine, even though the functionality that many of those updates fix will never actually be used on that particular system. Why should you have to patch IIS on your server if the server is not going to be used for hosting Web sites? And might not having IIS binaries on your server make it more vulnerable even though the IIS component is not actually being used on it or is even installed? The more stuff you’ve got on a box, the more difficult it is to secure (or to be sure that it’s secure) and the more complex it is to maintain.
Enter the Windows server core installation option of Windows Server 2008. Now, instead of installing all of Windows Server 2008 on your box while using only a portion of it, you can install a minimal subset of Windows Server 2008 binaries and you need to maintain only those particular binaries. The value proposition for enterprises of the Windows server core installation option is plain to see:
-
Fewer binaries mean a reduced attack surface and, hence, a greater degree of protection for your network.
-
Less functionality and a role-based paradigm also mean fewer services running on your machine and, therefore, again less attack surface.
-
Fewer binaries also mean a reduced servicing surface, which means fewer patches, making your server easier to service and orienting your patch management cycle according to roles instead of boxes. Estimates indicate that using the Windows server core installation option can reduce the number of patches you need to apply to your server by as much as 50 percent compared with full installations of Windows Server 2008.
-
Fewer roles and features also mean easier management of your servers and enable different members of your IT staff to specialize better according to the server roles they need to support.
-
Finally, fewer binaries also mean less disk space needed for the core operating system components, which is a plus for datacenter environments in particular.
The Windows server core installation option of Windows Server 2008 is all of these and more, and it’s included in the Standard, Enterprise, and Datacenter editions of Windows Server 2008. Windows server core is not a separate product or SKU-it’s an installation option you can select during manual or unattended install. And it’s available on both the x86 and x64 platforms of Windows Server 2008. (It’s not available on IA64 and on the Web edition SKU of Windows Server 2008.) The bottom line? The Windows server core installation option of Windows Server 2008 is more secure and more reliable, and it requires less management overhead than using a full installation of Windows Server 2008 for an equivalent purpose in your enterprise.
A Windows server core server provides you with minimal server operating system functionality and a low attack surface for targeted roles. To give you a better idea of the functionality that is (and isn’t) available in the Windows server core installation option, Table 6-1 shows included and excluded roles and Table 6-2 shows included and excluded optional features.
| Roles available | Roles unavailable |
| Active Directory | Active Directory Certificate Services |
| Active Directory LDS | Active Directory Federation Services |
| DHCP Server | Active Directory RMS |
| DNS Server | Application Server |
| File Services (includes DFSR and NFS) | Fax Server |
| Print Services | Network Policy and Access Services |
| Streaming Media Services | Terminal Services |
| Windows Server Virtualization | UDDI Services |
| Web Server (IIS) | |
| Windows Deployment Services | |
| Windows SharePoint Services |
Open table as spreadsheet | Features available | Features unavailable |
|---|---|
| BitLocker Drive Encryption | .NET Framework 3.0 |
| Failover Clustering | BITS Server Extensions |
| Multipath I/O | Connection Manager Administration Kit |
| Removable Storage Management | Desktop Experience |
| SNMP Services | Internet Printing Client |
| Subsystem for UNIX-based Applications | Internet Storage Naming Server |
| Telnet Client | LPR Port Monitor |
| Windows Server Backup | Message Queuing |
| WINS Server | Network Load Balancing |
| Peer Name Resolution Protocol | |
| Remote Assistance | |
| Remote Server Administration Tools | |
| RPC over HTTP Proxy | |
| Simple TCP/IP Services | |
| SMTP Server | |
| Storage Manager for SANs | |
| Telnet Server | |
| TFTP Client | |
| Windows Internal Database | |
| Windows Process Activation Service | |
| Windows System Resource Manager (WSRM) | |
| Wireless Networking |
EAN: 2147483647
Pages: 138