Msexchangeworld.com



Windows Server core: -Windows Server core is minimal installation option for windows server. It has a small footprint which benefits smaller attack surface. There is no GUI in server core and there are many windows features which is not supported in Server core. Windows Server core is more stable as there are few updates needs to be install and less memory, CPU, disk space required to run server core.Server core doesn’t include below GUI shell packages: -Microsoft-Windows-Server-Shell-PackageMicrosoft-Windows-Server-Gui-Mgmt-PackageMicrosoft-Windows-Server-Gui-RSAT-PackageMicrosoft-Windows-Cortana-PAL-Desktop-PackageHere is list of available roles and features which are available in server core: - of Roles and features which is not included in server core: - core installation: -Installation of Server core is straight forward.Boot using windows server iso file.In Setup wizard select windows server 2019 standard or Datacenter (Without Desktop Experience)Select DriveInstallation process will start, and it will take some time to get windows server ready.After installation you will prompted for Administrator password change. You must provide complex password else it will keep asking you to change administrator password.After completing password change, server installation process completes.Server Core Configuration: -After completing installation, you must configure server for e.g. renaming server, network configuration, domain joining etc.There are many ways of doing it. You can use powershell or sconfig command to configure basic server settings.If you are using sconfig which is easiest way to then you will get 15 options. Be default Windows provides command prompt after installation. You can change it to powershell.To use sconfig just type sconfig in command window.To Change computer name, select option 2. After chaning computer name, you have to reboot server, so settings can take place.To get server domain joined select option1. It will ask for domain name which you want to join on your network and credentials, so you can add computer to AD.To Add local administrator, select option 3.You can select other option based on your requirement. One main setting is network setting. You can select option 8 (network setting) to configure network settings like IP Address, subnet, gateway and DNS servers.Apart from sconfig you can choose powershell to change these settings.Here are few important powershell commands which you can choose.To rename Computer use rename-computerTo Change IP Address, use New-NetIPaddressE.g.New-NetIPaddress -InterfaceIndex 12 -IPAddress 192.168.100.1 -PrefixLength 24 -DefaultGateway 192.168.100.2To Set DNS servers: -Set-DNSClientServerAddress –InterfaceIndex 12 -ServerAddresses 192.0.2.4,192.0.2.5To Check configuration use, Get-NetipinterfaceTo Check if IPV6 is enabled on NIC useGet-NetAdapterBinding -ComponentID ms_tcpip6To Disable IPv6 useDisable-NetAdapterBinding -Name "Adapter Name" -ComponentID ms_tcpip6To re-enable it use Enable-NetAdapterBinding -Name "Adapter Name" -ComponentID ms_tcpip6To Join Domain or specific workgroup: -Powershell: - Use Add-computerNote: - If you are not sure about how to use powershell command then always use get-help command. You can provide -examples switch which as well help you in understanding that how you can use command with correct syntax.To Add domain account on local administrator group you can usenet localgroup administrators /add <DomainName>\<UserName>Server activation: -Again, you can use sconfig or windows inbuild slmgr vbscipt to active your windows.In Sconfig you have to select option 11 and with slmgr use below commandcscript windows\system32\slmgr.vbs <ServerName> <UserName> <password>:-atoManaging Windows Server core: -There are many methods to manage server core. Here is lit of few: -Windows Admin CenterRSAT ToolsWindows PowerShellServer ManagerMMC Snap-InRDPRun Multiple CMD or PowerShell windows: -By default, only one command or PowerShell open in Server core.I found out a way to open multiple CMD or PowerShell windows. I used taskmgr which open task manager and from there I go to file and run new task. In window type PowerShell or cmd which open new window. By doing this you can have multiple windows.To enable your local server to be managed by Server Manager running on a remote server, you must enable smremoting. Run below powershell command to enable it on server core: -Configure-SMRemoting.exe –EnableYou can also use MMC Snap-In to manage server core remotely. MMC Like Computer management allow you to manage server core remotely. For domain joined computer it works fine without doing any extra efforts. But non-domain joined server need some additional steps. You need alternate credential, so you can access server remotely. Use below command to provide alternate credential on remote server and then you can manage server core through MMC.cmdkey /add:<ServerName> /user:<UserName> /pass:<password>If you want to be prompted for a password, omit the /pass option.You also must allow windows firewall to enable remote management on server core, so you can use remote management tool to manage it remotely.To Check status of Windows remote management group run below: -Get-NetFirewallRule -DisplayGroup "Windows Remote management" | ft displaygroup, actionIt will show you if remote management group rule is allowed or not. If not, then run below: -get-netfirewallrule -displaygroup 'Windows Remote management' | enable-netwfirewallruleTo disable it again run belowget-netfirewallrule -displaygroup 'Windows Remote management' | Disable-netwfirewallruleYou can configure firewall rules on per profile basis as well.To Check what rules are associated with profile run below: -Get-NetFirewallProfile -Name Public | Get-NetFirewallRuleTo Disable a firewall profile run below: -get-netfirewallprofile | set-netfirewallprofile -enabled $falseThere are many rule group for different task. You can enable firewall rules for these rule groups.Here are few: -MMC snap-inRule groupEvent ViewerRemote Event Log ManagementServicesRemote Service ManagementShared FoldersFile and Printer SharingTask SchedulerPerformance Logs and Alerts, File and Printer SharingDisk ManagementRemote Volume ManagementWindows Firewall and Advanced SecurityWindows Firewall Remote ManagementYou can also manage server core through remote desktop. To enable remote desktop on Server core rune below: -cscript C:\Windows\System32\Scregedit.wsf /ar 0Hardware installation and Driver installation: -Most of hardware comes with plug and play. Also installing hardware comes with installation instructions from hardware vendors. Here are manual steps for hardware drivers which doesn’t come with plug and play.You must download driver for hardware which you intend to install on server. Copy drivers on server and run below commandPnputil -I -a <driverinf>Here driverinf is file the .inf file for the driverTo check what all drivers installed o server run below: -Sc query type=driverTo disable a device driver run below: -Sc delete <Servicename>Here service name is name of service which you get by running sc query type=driverMaking powershell default option on server core: -By default, when login on server core you get command prompt to work on. But most of time you work with powershell. To make powershell as default you can use modify registry.Here are steps: -$path='HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'Set-ItemProperty -path $path -Name Shell -value 'Powershell.exe -noexit'Configure memory dump on server core: -Here are steps to configure memory dump on server core: -Step 1: Disable the automatic system page file managementThe first step is to manually configure your system failure and recovery options. We must disable automatic managed file option. To do this run follow: -wmic computersystem set AutomaticManagedPagefile=FalseStep 2: Configure the destination path for a memory dumpIt is recommended to have page file on partition where OS is installed. To Put page file on another partition we need to modify registry value. Here are steps to configure registry: -Open the command prompt and type regedit. It will open registry editorLocate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControlClick Edit > New > String ValueName the new value DedicatedDumpFile, and then press ENTERRight-click DedicatedDumpFile, and then click Modify.In Value data type <Drive>:\<Dedicateddumpfile.dmp>, and then click OK. For e.g. E:\dumpfile.dmpClick Edit > New > DWORD Value.Type DumpFileSize, and then press ENTERRight-click DumpFileSize, and then click Modify.In Edit DWORD Value, under Base, click Decimal.In Value data, type the appropriate value, and then click OK. The size of the dump file is in megabytes (MB).Exit the Registry Editor.To view the current destination path for the page file, run the following command:wmic RECOVEROS get DebugFilePathThe default destination for DebugFilePath is %systemroot%\memory.dmp. To change the current destination path, run the following command:wmic RECOVEROS set DebugFilePath = <FilePath>et <FilePath> to the destination path. For example, the following command sets the memory dump destination path to C:\WINDOWS\MEMORY.DMP:wmic RECOVEROS set DebugFilePath = C:\WINDOWS\MEMORY.DMPStep 3: Set the type of memory dumpDetermine the type of memory dump to configure for your server. To view the current memory dump type, run the following command:wmic RECOVEROS get DebugInfoTypeTo change the current memory dump type, run the following command:wmic RECOVEROS set DebugInfoType = <Value><Value> can be 0, 1, 2, or 3, as defined below.0: Disable the removal of a memory dump.1: Full memory dump. Records all the contents of system memory when your computer stops unexpectedly. A full memory dump may contain data from processes that were running when the memory dump was collected.2: Kernel memory dump (default). Records only the kernel memory. This speed up the process of recording information in a log file when your computer stops unexpectedly.3: Small memory dump. Records the smallest set of useful information that may help identify why your computer stopped unexpectedly.7: Automatic memory Dump. This is new to windows 10 and new family of windows server.Step 4: Configure the server to restart automatically after generating a memory dumpBy default, the server automatically restarts after it generates a memory dump. To view the current configuration, run the following command:wmic RECOVEROS get AutoRebootIf the value for AutoReboot is TRUE, the server will restart automatically after generating a memory dump. No configuration is needed and you can proceed to the next step.If the value for AutoReboot is FALSE, the server will not restart automatically. Run the following command to change the value:wmic RECOVEROS set AutoReboot = trueStep 5: Configure the server to overwrite the existing memory dump fileBy default, the server overwrites the existing memory dump file when a new one is created. To determine if existing memory dump files are already configured to be overwritten, run the following command:wmic RECOVEROS get OverwriteExistingDebugFileIf the value is 1, the server will overwrite the existing memory dump file. No configuration is needed, and you can proceed to the next step.If the value is 0, the server won't overwrite the existing memory dump file. Run the following command to change the value: wmic RECOVEROS set OverwriteExistingDebugFile = 1Step 6: Set an administrative alertDetermine whether an administrative alert is appropriate and set SendAdminAlert accordingly. To view the current value for SendAdminAlert, run the following command:wmic RECOVEROS get SendAdminAlertThe possible values for SendAdminAlert are TRUE or FALSE. To modify the existing SendAdminAlert value to true, run the following command:wmic RECOVEROS set SendAdminAlert = trueStep 7: Set the memory dump's page file sizeTo check the current page file settings, run one of the following commands:wmic.exe pagefileorwmic.exe pagefile list /format:listrun the following command to configure the initial and maximum sizes of your page file:For e.g.wmic pagefileset where name="c:\pagefile.sys" set InitialSize=1000,MaximumSize=5000Step 8: Configure the server to generate a manual memory dumpYou can manually generate a memory dump by using a PS/2 keyboard. This feature is disabled by default, and it is not available for Universal Serial Bus (USB) keyboards.To enable manual memory dumps by using a PS/2 keyboard, run the following command:reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters /v CrashOnCtrlScroll /t REG_DWORD /d 1 /fTo determine if the feature has been enabled properly, run the following command:Reg query HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ i8042prt \ Parameters / v CrashOnCtrlScrollYou must restart the server for the changes to take effect. You can restart the server by running the following command:Shutdown / r / t 0You can generate manual memory dumps with a PS/2 keyboard that is connected to your server by holding the RIGHT CTRL key while pressing the SCROLL LOCK key two times. This makes the computer bug check with error code 0xE2.Roles and feature on Server core: -Another most important task on server is to install windows server role and features.Get-windowsfeature, Install-windowsfeature and uninstall-windowsfeature are major command to manage roles and feature on windows server core.Here are few examples of these commands: To get installed roles and feature run below: get-windowsfeatureget-windowsfeature | where-object{$_.installed -eq $true}get-windowsgeature | where installed -EQ $trueget-windowsfeature *framework*To Install .net framework using side by side folderinstall-windowsfeature net-framework-core -source D:\Sources\sxsTo Uninstall .net framework uninstall-windowsfeature net-framework-coreCheck if it is removed.get-windowsfeature *framework*To restart Computer forcefullyrestart-computer -forceTo remove binaries as wellWhen you uninstall windows feature or role, binaries do not remove by default. These unnecessary binaries can take a lot of space. So, if you want to remove these binaries as well then use remove switch as well.uninstall-windowsfeature net-framework-core -removeDownloading from internet: -To download files from internet you can use bits transfer in server core.Here are few examples: -To download a file from internet.start-bitstransfer -source "Download link" -destination C:\To check statusget-bitstransferTo suspend a downloadingsuspend-bitstransferTo resume suspended downloadingresume-bitstransferWorking with Services: -Another important task of windows administrators is managing services. Here are few examples to manage services on server coreHow to list servicesPowerShell Command:Get-service | Format-table -autosizeHow to view a single serviceGet-service | where name -eq BITS |Format-listHow to start a single serviceStart-Service -name BITSHow to stop a serviceStop-Services -name BITSHow view a Service Startup TypeGet-wmiobject win32_service | where Name -eq bitsHow to change the Service Startup TypeSet-Service -name bits -StartupType AutomaticWorking with Disk and Volumes: -To manage disks, we can use get-disk and get-volume commands on server core.To check available disk Get-diskTo check volumeGet-VolumeTo Install New Disk follow these: -Check available DiskGet-DiskTo Initialize a disk get-disk 0 | initialize-diskNote: - Here 0 is disk numberAfter initialization disk will show online.Create partitionget-disk 0 | new-partition -size 5GBIf you want to assign full space on new partition of disk, then useget-disk 0 | new-partition -usemaximumsizeTo Format new Diskget-partition -disknumber 0 -partitionnumber 2 | format-volume-filesystem ntfsTo Assign a drive letterget-partition -disknumber 0 -partitionnumber 2 | set-partition -newdriveletter FPatch Server core: -To View Installed update you can useGet-hotfix orSysteminfo.exe orWmic qfe listPatch Server Core automatically with Windows UpdateVerify the current Windows Update setting:%systemroot%\system32\Cscript scregedit.wsf /AU /vTo enable automatic updates:Net stop wuauserv %systemroot%\system32\Cscript scregedit.wsf /AU 4 Net start wuauservTo disable automatic updates, run:Net stop wuauserv %systemroot%\system32\Cscript scregedit.wsf /AU 1 Net start wuauservTo force Windows Update to immediately detect and install any available updatesWuauclt /detectnowPatch the server manuallyDownload the update and make it available to the Server Core installationWusa <update>.msu /quietWithout Server Restartwusa path /quiet /norestartTo uninstall an update manually, run the following command:Wusa /uninstall <update>.msu /quietTo Uninstall specific KBwusa /uninstall /kb:kb4295699 /norestart /quietYou Can also use sconfig to manage update settings.Option 5 and 6 are there to manage updates on server core in sconfig command.Note: - To download a patch from internet use bits transfer commands.Working with Files: -To get all availale commands for Item and Content which is used to manage files and file contentsget-command *-item*get-command *-Content*To get all items within a directory get-childitemTo Create new Directorynew-item -itemtype directory -name test -path .\To Create new file and putting value in that filenew-item -itemtype file -name hello.txt -value "hello world" -path .\testTo get Content of fileget-content -path .\test\hello.txtTo remove itemremove-item -path .\testTo remove all items within a directoryremove-item -path .\test -recurse ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download