Admin's Guide To Server Core Commands

Admin's Guide to Server Core Commands

Repost from AdminPrep.com…I will be moving several of the articles over to this blog.

Before all this starts, credit must go where credit is due.  I did not come up with all of the info within this article.  A lot of people have felt my pain and have contributed in their own ways.  One place you should know about is the Official Server Core Blog, as it is where I learned my all time favorite command which embeds the time into the Command Prompt (read on to see that one!).  As I've collected my own list internally and blogged on for about a year now I see a lot of the same commands there.  The Windows Server 2008 Administrator's Companion has a nice chapter on Server Core but by far the best resource are the scripts that accompany the book.  They allow you to very easily configure common settings.  One last area you should look into is of course Guy Teverovsky's Server Core Configurator...if you haven't see it check it out now!

Server Core is a version of Windows Server 2008 that has a minimal Graphical User Interface (GUI).  I say minimal when most say command-line only because there are GUI tools available such as Notepad and Task Manager.  One thing that definitely doesn't run on Server Core is the Explorer process.  If you're unaware of what that process does, just end the explorer.exe process in Task Manager from your client and look what happens...don't freak out, all you need to do is then go back to Task Manager and select File -> New Task (Run...) and then type explorer.exe.

The purpose of this article is not to give you every last detail to Server Core but to provide you with what you need to know it get it up and running in your environment.

Server Core has a limited amount of roles that can be installed on it, which include:

• Active Directory Domain Services (AD DS) and AD Lightweight Directory Services (AD LDS)
• DNS Server
• Internet Information Services (IIS) (No ASP.NET support)
• DHCP Server
• File Services
• Print Services
• Streaming Media Services
• Hyper V

Now that doesn't mean that Server Core can't do other things.  In fact it can, but Microsoft calls those other items Features and not Roles.

• Microsoft Failover Cluster (not available in Standard Edition)
• Network Load Balancing
• Subsystem for UNIX-based applications
• Backup
• Multipath IO
• Removable Storage Management
• Bitlocker Drive Encryption
• Simple Network Management Protocol (SNMP)
• WINS
• Telnet

Later on in the article I will explain how to install these services.  But first its time to go over what I believe to be the most commonly requested commands for administrating a Server Core environment.

Server Core Common Networking and Firewall Commands

Here is the start of you Networking and Firewall related commands for Server Core:

Server Core Common Networking Commands

To configure the IP address we will have to remember (or learn) Netsh.

Configure a Static IP Address on Server Core:
Netsh int ipv4 set address “Local Area Connection” static 10.1.1.10 255.255.255.0 10.1.1.1
Netsh int ipv4 set dnsserver “Local Area Connection” static 10.1.1.5 primary
Netsh int ipv4 set winsserver “Local Area Connection” static 10.1.1.6 primary

Configure a Dynamic (DHCP) IP Address on Server Core:
Netsh int ipv4 set address “Local Area Connection” source=dhcp

Change the name of the network interface on Server Core:
Netsh int set interface name = “Local Area Connection” newname = “Primary Network”

Server Core Common Windows Firewall Commands:

The Windows Firewall is a blessing to some and a curse to others. Either way it is installed by default and you have to understand the commands that are needed to configure the basics and in some cases some advanced commands.

Disable firewall:
netsh firewall set opmode disable

Server Core can be managed by using MMCs from a remote server. However with the firewall being on by default you will have to allow these tools to work remotely.  The first thing to note here is how to translate the MMC Snap-in to Windows Firewall Rule Group.

MMC Snap-in - Event Viewer
Windows Firewall Rule Group - Remote Event Log Management

MMC Snap-in - Services
Windows Firewall Rule Group - Remote Services ManagementMMC Snap-in - Shared Folders
Windows Firewall Rule Group - File and Printer Sharing

MMC Snap-in - Task Scheduler
Windows Firewall Rule Group - Remote Scheduled Tasks Management

MMC Snap-in - Reliability and Performance
Windows Firewall Rule Group - Performance Logs and Alerts
Windows Firewall Rule Group - File and Printer Sharing

MMC Snap-in - Disk Management
Windows Firewall Rule Group - Remote Volume Management

MMC Snap-in - Windows Firewall with Advanced Security
Windows Firewall Rule Group - Windows Firewall Remote Management

To enable all of these rules follow use this command:
Netsh advfirewall firewall set rule group=“remote administration” new enable=yes

To enable specific commands follow this format:
Netsh advfirewall firewall set rule group=“” new enable=yes

Server Core Common Domain Management Commands

Join a domain:
netdom join ComputerName /domain:DomainName /userd:UserName /passwordd:*
Yes, /passwordd:*
needs to have that second d at the end of it.

Remove from domain:
netdom remove

Rename a Domain Member:
netdom renamecomputer %computername% /NewName: /userd: /passwordd:*

Rename Administrator:
wmic UserAccount where Name="Administrator" call Rename Name="new-name"

Add User to a Local Group
net localgroup GroupName /add \

Remove User from a Local Group
net localgroup GroupName /delete \

Confirm Domain and/ New Computer name
Set

Update User Passwords:
Net user [/domain] *

Server Core Common Server Management Commands

Toggle Remote Desktop on and off:
Cscript \windows\system32\scregedit.wsf /ar 0

Enable reduced security for RDP connections:
Cscript \windows\system32\scregedit.wsf /cs 0

Active Server Core:
Local method - Slmgr.vbs –ato
Remote method - Cscript windows\system32\slmgr.vbsServerName UserName password:-ato

Rename a Stand-Alone Member:
netdom renamecomputer /NewName:

List of installed patches:
wmic qfe list

Install Updates:
wusa .msu /quiet

Configure for AutoUpdates:
cscript scregedit.wsf /AU /4

Disable AutoUpdates:
cscript scregedit.wsf /AU /1

View AutoUpdate Setting:
cscript scregedit.wsf /AU /v

Configure the Page File:
wmic pagefileset where name=”” set InitialSize=,MaximumSize=

Configure a Proxy Server: (Server Core cannot use a proxy that requires a proxy)
netsh Winhttp set proxy :

All your favorite TCP/IP commands work including the following:
IPConfig
ARP
Ping
PathPing
TraceRT
Route
NSLookup
NetStat
NBTStat

List Running Services:
sc query

Start and/or Stop a Service:
sc start
sc stop

Task Manager: (Ctrl+Shift+Esc)
taskmgr

Manage Disk Volumes:
Diskpart /?

Defrag a Volume:
defrag /?

Change Time and Time Zone:
control timedate.cpl

Change the Desktop Resolution: (requires you to log off and back on)
Regedit - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video
\0000\DefaultSettings.XResolution
\0000\DefaultSettings.YResolution

Display the Time in the Command Prompt:
prompt [$t]$s$p$g

Log off:
shutdown /l

Restart Now:
shutdown /r /t 0

To get the Roles and Features installed you are going to need to use the ocsetup.exe command.  The OC is short for Optional Components.  The most important thing to remember about this command is that IT IS CASE SENSITIVE!!! As a best practice you should always use the /w switch with ocsetup.exe as this will hold the Command Prompt from being active (when you can type again) until the setup is complete.  Below you will find a list of the commands that are required to install Roles and Features on Server Core.

DNS
start /w ocsetup DNS-Server-Core-Role

DHCP
start /w ocsetup DHCPServerCore

File Services (Server service is installed by default) but there are other role features

File Replication Service
start /w ocsetup FRS-Infrastructure

Distributed File System
start /w ocsetup DFSN-Server

Distributed File System Replication
start /w ocsetup DFSR-Infrastructure-ServerEdition

Services for Network File System (NFS)
start /w ocsetup ServerForNFS-Base
start /w ocsetup ClientForNFS-Base

Hyper V
start /w ocsetup Microsoft-Hyper-V

Print Server feature
start /w ocsetup Printing-ServerCore-Role

Line Printer Daemon (LPD) service
start /w ocsetup Printing-LPDPrintService

Active Directory Lightweight Directory Services
start /w ocsetup DirectoryServices-ADAM-ServerCore

Active Directory Domain Services
dcpromo /unattend:

Streaming Media Services
Follow directions found in Article ID 934518

IIS
start /w pkgmgr /iu:IIS-WebServerRole;WAS-WindowsActivationService;WAS-ProcessModel
To uninstall IIS use the following command
start /w pkgmgr /uu:IIS-WebServerRole;WAS-WindowsActivationService;WAS-ProcessModel

NOTE: If you need to install a Role that you installed with ocsetup all you need to do is to append the commands above with /uninstall.

Now let's take a look at how we install Features on Server Core:

Microsoft Failover Clustering
start /w ocsetup FailoverCluster-Core

Network Load Balancing
start /w ocsetup NetworkLoadBalancingHeadlessServer

Subsystem for UNIX-based applications
start /w ocsetup SUACore

Multipath IO
start /w ocsetup MultipathIo

Removable Storage
start /w ocsetup Microsoft-Windows-RemovableStorageManagementCore

Bitlocker Drive Encryption
start /w ocsetup BitLocker

Backup
start /w ocsetup WindowsServerBackup

Simple Network Management Protocol (SNMP)
start /w ocsetup SNMP-SC

Windows Internet Name Service (WINS)
start /w ocsetup WINS-SC

Telnet client
start /w ocsetup TelnetClient