Windows Server 2003's built-in feature set allows it to be easily managed remotely. This capability eases administration time, expenses, and energy by allowing administrators to manage systems from remote locations rather than having to be physically at the system. Many tools are available to remotely manage a system. They include, but aren't limited to, the following:
Administrative ToolsMany of the administrative tools that are familiar from previous versions of Windows are present in Windows Server 2003. Keeping much of the toolset the same reduces the learning curve associated with learning new utilities. Windows Server 2003 also includes some new administrative tools and some familiar tools that were provided in earlier Support Tools and Resource Kit versions all built into the operating system. These tools, which help with system management, include the following:
Note Visual Basic script tools can now be digitally signed to foster safer administration and management. Organizations that want to enhance security by preventing just any VB script from being run on a system can digitally sign the script. When a script is executed, a policy can be set to validate that the script has been signed by the organization and is valid for use. Remote Desktop for AdministrationRemote Desktop for Administration, formerly known as Terminal Services Remote Administration mode, allows administrators to log on to a Windows Server 2003 system remotely as if they were logging on locally. This facilitates the remote administration of the entire server and reduces the amount of local administration required. An administrator logging in to a server through Remote Administration mode can view a graphical interface just as she would if she were logging in at the local server. Therefore, administrators can use all the available tools and access all aspects of the server from a Terminal Services client session. Note The Remote Desktop snap-in can be used to connect to multiple Terminal Services servers or computers with the Remote Desktop for Administration enabled. Remote Desktop for Administration is disabled by default, but it can be enabled by doing the following:
Using the Remote Control Add-on for Active Directory Users and ComputersA significant add-on to Windows 2003 for network administrators is the Remote Control Add-on for Active Directory Users and Computers. This tool provides an administrator with the ability to right-click on a computer account in the Active Directory MMC and choose to remotely administer the system. The tool effectively launches a Terminal Services/Remote Desktop connection to the system. The Remote Control Add-on for Active Directory Users and Computers is freely downloadable to all network administrators that have legal licenses to Windows 2003. The add-on is available at http://www.microsoft.com/windowsserver2003/downloads/featurepacks/default.mspx. Using Telnet for Remote Access ManagementAnother remote access management mechanism is Telnet. Telnet is a gateway type of service through which an administrator or client can connect and log on to a server running the Telnet Server service. Although this is a viable service for administering the system, other remote management mechanisms such as Remote Desktop for Administration allow for greater flexibility and control. Caution Telnet sends usernames and passwords across the network in plain text. WinRM for Remote ManagementWindows Remote Management (WinRM) is new to Windows 2003 R2. It is the Microsoft implementation of WS-Management. WS-Management is a protocol that allows for hardware and software from diverse vendors to communicate. What differentiates WinRM from previous implementations is that it is SOAP-based and doesn't use DCOM for remote connections. This makes this implementation of the WS-Management protocol very firewall friendly and scalable in a mixed operating system environment. Data is stored in an extensible XML format, not in objects, so it can be accessed by many common system and network management platforms. It can also be accessed by the new WinRM API, WMI scripting, or through a COM application. WinRM is available via the command line as well as through the Winrm.cmd tool. This can be integrated to batch files or integrated into Visual Basic scripts and applications through Winrm.vbs. More information on the command-line tool and its syntax can be found at the dedicated WinRM web page on Microsoft TechNet. Note WinRM requires Windows Server 2003 R2 and is not installed by default. You may explicitly add this feature through the Add/Remove Windows Components tool in the Control Panel. |