Académique Documents
Professionnel Documents
Culture Documents
Abstract Using Server Manager to manage your Windows Server 2008 servers.
Table of Contents
Table of Contents ................................................................................................................................................................. 2 Introduction ........................................................................................................................................................................... 3 Server Configuration........................................................................................................................................................... 7 Roles and Features.......................................................................................................................................................... 8 The Rest of Server Manager ....................................................................................................................................... 49 Summary ............................................................................................................................................................................... 60
2 website@highwaycsl.com
Introduction
Windows Server 2008 brings about many changes for administrators to get used to. One of these is Server Manager. Server Manager is exactly what it says on the tin: it allows administrators to configure, monitor and manage their server. Were going to look at two aspects of Server Manger. The most important aspect is that of Roles and Features. This allows us to add or remove functionality on our Windows 2008 servers. Ill describe how we can manage Roles and Feature using the MMC console and by using the command line utility SERVERMANAGERCME.EXE. Well then wrap up the document by briefly looking at the tools that are integrated into Server Manger. One of the first things you notice when you first install Windows Server 2008 is that it is locked down. In fact, it doesnt do very much because it has almost no functionality. You configure your password, login and if youre like me youve skipped past all those annoying windows that automatically open to get in under the covers to see how this thing ticks. I wanted to add those components that Im used to playing with in work and in labs. Thats when I originally noticed that things were different very different. Change isnt necessarily a bad thing. Once you start trying things out you soon understand what is going on and why Microsoft has designed it the way they have. A brief recap on what Microsoft has been doing in previous versions of Windows Server will give us a clue of what is happening. Firstly, Microsoft has been trying to develop a single tool approach to managing our servers. Theyve tried to get us to see servers as having specific functions that would be installed in a modular manner. We were given tools to do this but other than knowing about them for MCP exams we had little use for them. It was just quicker for us to get into Control Panel and install what we wanted plus we had 100% control over the process. The other thing that Microsoft has recently being aiming towards was the locked down initial installation that we had to add functionality to as and when we required it. Windows Server 2003 edged slowly towards this. Windows Server 2008 has firmly achieved this. So our new server is sitting there and it doesnt do very much. Weve closed all those pesky windows that automatically opened when we logged in. Weve gone into Control Panel to try change things and noticed that well we dont know how to do it. Well, one of those pesky windows that did open automatically was Server Manager, a new tool that Microsoft has added to allow us to add/remove functionality to our server, monitor its performance, health and status and to manage it and other servers. So if you were patient, go back to the Server Manager window. And if you are like me, well need to launch it again. So, enough talk! Lets get a look at Server Manager. Like I said, it does open automatically when you log in. This functionality is controlled by the registry value DoNotOpenServerManagerAtLogon in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Server Manager. Value = 0 Value = 1 The window will open automatically. This is the default setting. The window will not open automatically.
3 website@highwaycsl.com
Im thinking that people who are constantly logging into servers will want to take note of that setting and probably want to apply it to every server they manage. Having Server Manager always open automatically could get a little annoying even if it is a legitimately important tool. Weve got a few ways to manually launch Server Manager. Firstly, it is pinned to the Start Menu so it is always easy to find.
4 website@highwaycsl.com
Thirdly, go into Programs and Features in Control Panel where you can click on Turn Windows features on or off to launch Server Manager.
5 website@highwaycsl.com
Using one of those methods you should have been able to get Server Manager to open.
Command line junkies should not fret at all this talk of GUIs and windows. Microsoft has hooked you up. One of their big plans has been to make every thing you can do in the GUI possible from Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 6 website@highwaycsl.com
command line. This is important for scripted customizations which are common using off the shelf server cloning solutions. Youll also find you can do some of these setup tasks faster using command line options. Well see this as we progress through the document. We can do everything from command line that we can do with the Server Manager GUI using the SERVERMANAGERCMD.EXE command. Well be looking at the syntax of that command as we go through the functionality of Server Manager.
Server Configuration
Under Server Summary we can see that we have some general configurations that we can manage. We have the following under Computer Information Item Computer Name Workgroup/Domain membership Local Area Connection Remote Desktop Where? Change System Properties Change System Properties View Network Connections Configure Remote Desktop
If youve done a manual installation then you are likely to use these settings to customise your server: Rename the server; Add it to a domain of your choosing; Configure the IP settings and Enable Remote Desktop for administrators so that you can remotely manage your server.
We can use the settings under Security Information to manage the security configuration of the server: Item Windows Firewall Windows Updates Last Checked for Updates Last Installed Updates IE Enhanced Security Configuration Where? Go to Windows Firewall Configure Updates Configure Updates Configure Updates Configure IE ESC
After youve configured the naming, membership and IP settings for the server you will likely configure the security settings, e.g. allow remote access to local services, configure automatic updates and configure Internet Explorer. In addition, you may also run the Security Configuration Wizard to apply your security hardening policies on the server. It is possible that you will need to run each of these security configuration tools on each server in a small network. But any network with a well designed and implemented Active Directory should configure these settings automatically using Group Policy once the server is a member of a domain and located in the correct organisational unit. Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 7 website@highwaycsl.com
Looking at that list youre probably thinking Hey! Thats not all that different to what I used to see in Control Panel. I thought you said Windows 2008 was stripped down when its initially installed. OK. Lets have a look at features. Features are much more granular components of the operating system. Rather than changing the major function of a server, they add smaller amounts of functionality that can assist a role. Microsoft has described them as providing auxiliary or providing functions to servers. The complete listing of features is below: Role .NET Framework 3.0 Features Description Version 3.0 of the API framework used by developers. 8 website@highwaycsl.com
BitLocker Drive Encryption BITS Server Extensions Connection Manager Administration Kit Desktop Experience Failover Clustering Group Policy Management Internet Printing Client Internet Storage Name Server LPR Port Monitor Message Queuing Multipath I/O Network Load Balancing Peer Name Resolution Protocol Quality Windows Audio Video Experience Remote Assistance Remote Differential Compression Remote Server Administration Tools Removable Storage Manager RPC over HTTP Proxy Simple TCP/IP Services SMTP Server SNMP Services Storage Manager for SANS
Adds the ability to secure drives and their contents by encrypting them. Optimise available bandwidth during bulk transfer of data to client computers. Create profiles to automate the creation of connections for VPNs or ISPs on client computers. Adds some functionality from Windows Vista such as photo management, themes and Media Player. Provide active/passive clustering of applications. The GPMC is used to manage group policy. Allows clients to print using printers on the network or internet using the Internet Printing Protocol. Provides a discovery service for available storage that is hosted by iSCSI devices. Line print Remote Port Monitor allows the server to use printers on servers that use Line Printer Daemon, e.g. UNIX. A service used by applications to messages or jobs to a collection of application servers. MPIO allows support of redundant data paths between the server and storage devices. Allows servers to share client loads for applications and to converge if one server fails. Allows applications to register names on the computer so that they can be contacted by other computers. Provides audio and video streaming for IP home networks. Allows a remote user to provide interactive assistance to a local user. A protocol that optimises data transfer by only transferring the differences between two objects. Administration tools for managing server roles and features. Manage and catalog media and storage/backup devices. Allows RPC to be encapsulated in HTTP from a client computer and relays the RPC connection to an application server. Provides some backwards compatibility services such as Quote of the Day. Simple Mail Transfer Protocol is a mail transfer service. Simple Network Management Protocol is used for many server monitoring applications. Create and manage volumes on Fibre Channel and iSCSI SANs that support Virtual Disk Service. 9 website@highwaycsl.com
Subsystem for UNIX-Based Applications Telnet Client Telnet Server TFTP Client Windows Internal Database Windows PowerShell Windows Process Activation Service Windows Recovery Disc Windows Server Backup Features Windows System Resource Manager WINS Server Wireless LAN Service
Be sure to check with your vendor before installing or using this. Compile and run UNIX-based applications. Connect to remote computers via Telnet. Allow remote computers to connect to this server via Telnet. Connect to a remote Trivial File Transfer Protocol server. A relational database that is used by other Windows roles and features. The new Windows scripting engine. Manages application pools and worker processes in IIS7. Allows you to host non-HTTP sites. Provides system recovery in the event of a failure. Backup/recover your server, applications and data. Manage how CPU and memory resources are allocated to processes. Provide NetBIOS name resolution services using Windows Internet Naming Service. Manages Wi-Fi connections and profiles to connect the server to a wireless network.
As you can see, you may wish to add certain roles to a server and then add some features to add additional functionality without changing the actual purpose of the server. This is possible by adding some of these features.
10 website@highwaycsl.com
Under the summary we can see that we have 0 of the 17 available roles installed. I want to install a web server that will have IIS7 and .NET 3.0 functionality. I know from the above listing that this includes 2 roles. To start installing them Ill click on <Add Roles>.
11 website@highwaycsl.com
We get the little splash screen that gives us some warnings about configuring passwords, network settings and applying security updates. Pay attention to this. Some of the roles you will install will require a static IP address, e.g. DNS, DHCP, etc. You can choose not to see this screen again by ticking the Skip this page by default tick box. Click on <Next> to continue.
We are now presented with a full listing of the available roles. Tick those ones that you wish to select. The first one I selected was Web Server (IIS).
Now we get to see some of the clever engineering that Microsoft has done. Server Manager knows that if I install the Web Server role then I will require some additional features. Without these features I cannot have a functioning web server. This is possible because Microsoft has modelled all the features and roles and how they are related.
12 website@highwaycsl.com
Clicking on <Cancel> will cancel my selection of the Web Server role. Ive clicked on <Add Required Features> to confirm that I want these additional features. The wizard can now go ahead with the selection of the Web Server role.
The role is now selected. I now proceed with selecting my next role, Application Server.
Role and feature modelling kicks in once again. The displayed features are displayed and I confirm my approval by clicking on <Add Required Features>.
13 website@highwaycsl.com
Both of my required roles are now selected. Clicking on <Next> will continue the wizard.
14 website@highwaycsl.com
The Role Service screen allows us to install the sub components of a role. We can add additional services to add functionality to this role. This is the default screen for Application Server. Ive decided that I need to add Web Server (IIS) Support
Im now warned that my new selection of a role service requires additional role services, including those in other roles, to be installed. Only by clicking on <Add Required Role Services can this new role selection be allowed.
15 website@highwaycsl.com
Notice how my new role service selection is selected? Also note that an additional role service was selected to be installed because of this selection and the previous approval. This is role and feature modelling in action. Basically, it allows us to perform a minimal installation and lets Windows decide for us what components need to be installed. We just have to start with our high level requirements.
16 website@highwaycsl.com
Im now finished selecting role services for the Application Server role and now move onto the Web Server role.
17 website@highwaycsl.com
As we can see, theres a whole lot more involved in web servers! Im actually going to stick with the default selections. Whats there meets my requirements and I can see that Ive got ASP.NET functionality installed and enabled.
Clicking on <Next> brings me to this summary screen. You should double check everything and then select <Install> to continue with the installation. You can backtrack through the wizard to alter your selections by clicking on <Previous>. And you can cancel the installation of your roles by clicking on <Cancel>.
I clicked on <Next> and the installation started. Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 18 website@highwaycsl.com
As we can see, I was a naughty boy and didnt have my Automatic Updates configured. That gave me a warning but my selected roles were successfully installed. Note that now that I have installed additional functionality to the server I should most definitely make sure that the server has all security updates installed. New functionality on the server means that the attack surface has been increased with un-patched components. These components may have published vulnerabilities that require additional patching. Only by forcing an update will you be sure that your newly modified server is secure.
19 website@highwaycsl.com
I closed the wizard and then Im brought back to Server Manager. We can see that we now have 2 of 27 roles installed. And we also see that 3 of 36 features are installed. We now have a functioning web server with .NET 3.0 functionality with a minimal attack surface to meet my technical and business requirements.
20 website@highwaycsl.com
----- Roles ----[ ] Active Directory Certificate Services [AD-Certificate] [ ] Certification Authority [ADCS-Cert-Authority] [ ] Certification Authority Web Enrollment [ADCS-Web-Enrollment] [ ] Online Responder [ADCS-Online-Cert] [ ] Network Device Enrollment Service [ADCS-Device-Enrollment] [ ] Active Directory Domain Services [ ] Active Directory Domain Controller [ADDS-Domain-Controller] [ ] Identity Management for UNIX [ADDS-Identity-Mgmt] [ ] Server for Network Information Services [ADDS-NIS] [ ] Password Synchronization [ADDS-Password-Sync] [ ] Administration Tools [ADDS-IDMU-Tools] [ ] Active Directory Federation Services [ ] Federation Service [ADFS-Federation] [ ] Federation Service Proxy [ADFS-Proxy] [ ] AD FS Web Agents [ADFS-Web-Agents] [ ] Claims-aware Agent [ADFS-Claims] [ ] Windows Token-based Agent [ADFS-Windows-Token] [ ] Active Directory Lightweight Directory Services [ADLDS] [ ] Active Directory Rights Management Services [ ] Active Directory Rights Management Server [ ] Identity Federation Support [ ] Application Server [Application-Server] [ ] Application Server Foundation [AS-AppServer-Foundation] [ ] Web Server (IIS) Support [AS-Web-Support] [ ] COM+ Network Access [AS-Ent-Services] [ ] TCP Port Sharing [AS-TCP-Port-Sharing] [ ] Windows Process Activation Service Support [AS-WAS-Support] [ ] HTTP Activation [AS-HTTP-Activation] [ ] Message Queuing Activation [AS-MSMQ-Activation] [ ] TCP Activation [AS-TCP-Activation] [ ] Named Pipes Activation [AS-Named-Pipes] [ ] Distributed Transactions [AS-Dist-Transaction] [ ] Incoming Remote Transactions [AS-Incoming-Trans] [ ] Outgoing Remote Transactions [AS-Outgoing-Trans] [ ] WS-Atomic Transactions [AS-WS-Atomic] [ ] DHCP Server [DHCP] [ ] DNS Server [DNS] [ ] Fax Server [Fax] [ ] File Services [ ] File Server [FS-FileServer] [ ] Distributed File System [FS-DFS] [ ] DFS Namespaces [FS-DFS-Namespace] [ ] DFS Replication [FS-DFS-Replication] [ ] File Server Resource Manager [FS-Resource-Manager] [ ] Services for Network File System [FS-NFS-Services] [ ] Windows Search Service [FS-Search-Service] [ ] Windows Server 2003 File Services [FS-Win2003-Services] [ ] File Replication Service [FS-Replication] [ ] Indexing Service [FS-Indexing-Service] [ ] Network Policy and Access Services [NPAS] Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 21 website@highwaycsl.com
[ ] Network Policy Server [NPAS-Policy-Server] [ ] Routing and Remote Access Services [NPAS-RRAS-Services] [ ] Remote Access Service [NPAS-RRAS] [ ] Routing [NPAS-Routing] [ ] Health Registration Authority [NPAS-Health] [ ] Host Credential Authorization Protocol [NPAS-Host-Cred] [ ] Print Services [Print-Services] [ ] Print Server [Print-Server] [ ] LPD Service [Print-LPD-Service] [ ] Internet Printing [Print-Internet] [ ] Terminal Services [Terminal-Services] [ ] Terminal Server [TS-Terminal-Server] [ ] TS Licensing [TS-Licensing] [ ] TS Session Broker [TS-Session-Broker] [ ] TS Gateway [TS-Gateway] [ ] TS Web Access [TS-Web-Access] [ ] UDDI Services [ ] UDDI Services Database [ ] UDDI Services Web Application [ ] Web Server (IIS) [Web-Server] [ ] Web Server [Web-WebServer] [ ] Common HTTP Features [Web-Common-Http] [ ] Static Content [Web-Static-Content] [ ] Default Document [Web-Default-Doc] [ ] Directory Browsing [Web-Dir-Browsing] [ ] HTTP Errors [Web-Http-Errors] [ ] HTTP Redirection [Web-Http-Redirect] [ ] Application Development [Web-App-Dev] [ ] ASP.NET [Web-Asp-Net] [ ] .NET Extensibility [Web-Net-Ext] [ ] ASP [Web-ASP] [ ] CGI [Web-CGI] [ ] ISAPI Extensions [Web-ISAPI-Ext] [ ] ISAPI Filters [Web-ISAPI-Filter] [ ] Server Side Includes [Web-Includes] [ ] Health and Diagnostics [Web-Health] [ ] HTTP Logging [Web-Http-Logging] [ ] Logging Tools [Web-Log-Libraries] [ ] Request Monitor [Web-Request-Monitor] [ ] Tracing [Web-Http-Tracing] [ ] Custom Logging [Web-Custom-Logging] [ ] ODBC Logging [Web-ODBC-Logging] [ ] Security [Web-Security] [ ] Basic Authentication [Web-Basic-Auth] [ ] Windows Authentication [Web-Windows-Auth] [ ] Digest Authentication [Web-Digest-Auth] [ ] Client Certificate Mapping Authentication [Web-Client-Auth] [ ] IIS Client Certificate Mapping Authentication [Web-Cert-Auth] [ ] URL Authorization [Web-Url-Auth] [ ] Request Filtering [Web-Filtering] [ ] IP and Domain Restrictions [Web-IP-Security] [ ] Performance [Web-Performance] Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 22 website@highwaycsl.com
[ ] Static Content Compression [Web-Stat-Compression] [ ] Dynamic Content Compression [Web-Dyn-Compression] [ ] Management Tools [Web-Mgmt-Tools] [ ] IIS Management Console [Web-Mgmt-Console] [ ] IIS Management Scripts and Tools [Web-Scripting-Tools] [ ] Management Service [Web-Mgmt-Service] [ ] IIS 6 Management Compatibility [Web-Mgmt-Compat] [ ] IIS 6 Metabase Compatibility [Web-Metabase] [ ] IIS 6 WMI Compatibility [Web-WMI] [ ] IIS 6 Scripting Tools [Web-Lgcy-Scripting] [ ] IIS 6 Management Console [Web-Lgcy-Mgmt-Console] [ ] FTP Publishing Service [Web-Ftp-Publishing] [ ] FTP Server [Web-Ftp-Server] [ ] FTP Management Console [Web-Ftp-Mgmt-Console] [ ] Windows Deployment Services [WDS] [ ] Deployment Server [WDS-Deployment] [ ] Transport Server [WDS-Transport] [ ] Windows SharePoint Services [Windows-SharePoint] ----- Features ----[ ] .NET Framework 3.0 Features [NET-Framework] [ ] .NET Framework 3.0 [NET-Framework-Core] [ ] XPS Viewer [NET-XPS-Viewer] [ ] WCF Activation [NET-Win-CFAC] [ ] HTTP Activation [NET-HTTP-Activation] [ ] Non-HTTP Activation [NET-Non-HTTP-Activ] [ ] BitLocker Drive Encryption [BitLocker] [ ] BITS Server Extensions [BITS] [ ] Connection Manager Administration Kit [CMAK] [ ] Desktop Experience [Desktop-Experience] [ ] Failover Clustering [Failover-Clustering] [ ] Group Policy Management [GPMC] [ ] Internet Printing Client [Internet-Print-Client] [ ] Internet Storage Name Server [ISNS] [ ] LPR Port Monitor [LPR-Port-Monitor] [ ] Message Queuing [MSMQ] [ ] Message Queuing Services [MSMQ-Services] [ ] Message Queuing Server [MSMQ-Server] [ ] Directory Service Integration [MSMQ-Directory] [ ] Message Queuing Triggers [MSMQ-Triggers] [ ] HTTP Support [MSMQ-HTTP-Support] [ ] Multicasting Support [MSMQ-Multicasting] [ ] Routing Service [MSMQ-Routing] [ ] Windows 2000 Client Support [MSMQ-Win2000] [ ] Message Queuing DCOM Proxy [MSMQ-DCOM] [ ] Multipath I/O [Multipath-IO] [ ] Network Load Balancing [NLB] [ ] Peer Name Resolution Protocol [PNRP] [ ] Quality Windows Audio Video Experience [qWave] [ ] Remote Assistance [Remote-Assistance] [ ] Remote Differential Compression [RDC] Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 23 website@highwaycsl.com
[ ] Remote Server Administration Tools [RSAT] [ ] Role Administration Tools [RSAT-Role-Tools] [ ] Active Directory Certificate Services Tools [RSAT-ADCS] [ ] Certification Authority Tools [RSAT-ADCS-Mgmt] [ ] Online Responder Tools [RSAT-Online-Responder] [ ] Active Directory Domain Services Tools [RSAT-ADDS] [ ] Active Directory Domain Controller Tools [RSAT-ADDC] [ ] Server for NIS Tools [RSAT-SNIS] [ ] Active Directory Lightweight Directory Services Tools [RSAT-ADLDS] [ ] Active Directory Rights Management Services Tools [RSAT-RMS] [ ] DHCP Server Tools [RSAT-DHCP] [ ] DNS Server Tools [RSAT-DNS-Server] [ ] Fax Server Tools [RSAT-Fax] [ ] File Services Tools [RSAT-File-Services] [ ] Distributed File System Tools [RSAT-DFS-Mgmt-Con] [ ] File Server Resource Manager Tools [RSAT-FSRM-Mgmt] [ ] Services for Network File System Tools [RSAT-NFS-Admin] [ ] Network Policy and Access Services Tools [RSAT-NPAS] [ ] Routing and Remote Access Services Tools [RSAT-RAS] [ ] Health Registration Authority Tools [RSAT-HRA] [ ] Print Services Tools [RSAT-Print-Services] [ ] Terminal Services Tools [RSAT-TS] [ ] Terminal Server Tools [RSAT-TS-RemoteApp] [ ] TS Gateway Tools [RSAT-TS-Gateway] [ ] TS Licensing Tools [RSAT-TS-Licensing] [ ] UDDI Services Tools [RSAT-UDDI] [ ] Web Server (IIS) Tools [RSAT-Web-Server] [ ] Windows Deployment Services Tools [RSAT-WDS] [ ] Feature Administration Tools [RSAT-Feature-Tools] [ ] BitLocker Drive Encryption Tools [RSAT-BitLocker] [ ] BITS Server Extensions Tools [RSAT-Bits-Server] [ ] Failover Clustering Tools [RSAT-Clustering] [ ] Network Load Balancing Tools [RSAT-NLB] [ ] SMTP Server Tools [RSAT-SMTP] [ ] WINS Server Tools [RSAT-WINS] [ ] Removable Storage Manager [Removable-Storage] [ ] RPC over HTTP Proxy [RPC-over-HTTP-Proxy] [ ] Simple TCP/IP Services [Simple-TCPIP] [ ] SMTP Server [SMTP-Server] [ ] SNMP Services [SNMP-Services] [ ] SNMP Service [SNMP-Service] [ ] SNMP WMI Provider [SNMP-WMI-Provider] [ ] Storage Manager for SANs [Storage-Mgr-SANS] [ ] Subsystem for UNIX-based Applications [Subsystem-UNIX-Apps] [ ] Telnet Client [Telnet-Client] [ ] Telnet Server [Telnet-Server] [ ] TFTP Client [TFTP-Client] [ ] Windows Internal Database [Windows-Internal-DB] [ ] Windows PowerShell [PowerShell] [ ] Windows Process Activation Service [WAS] [ ] Process Model [WAS-Process-Model] [ ] .NET Environment [WAS-NET-Environment] Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 24 website@highwaycsl.com
[ ] Configuration APIs [WAS-Config-APIs] [ ] Windows Recovery Disc [Recovery-Disc] [ ] Windows Server Backup Features [Backup-Features] [ ] Windows Server Backup [Backup] [ ] Command-line Tools [Backup-Tools] [ ] Windows System Resource Manager [WSRM] [ ] WINS Server [WINS-Server] [ ] Wireless LAN Service [Wireless-Networking] C:\Users\Administrator> Im just going to go on a quick tangent here. A lot of administrators have a requirement to document their server configurations to satisfy the needs of things like industrial regulations, security officers or internal auditors or maybe just for best practice documentation. There are a lot of tools out there that can do this, many of which will put a reasonable dent into your annual budget. So we always like to look for economical alternates. Looking at the results we just got from our Server Manager query, weve just listed the components of the operating system that have been installed. You can go ahead and document them by piping the results into a text file: C:\Users\Administrator>ServerManagerCMD query > C:\Config.txt Or maybe you could run a scheduled task and store these results on a file share? C:\Users\Administrator>ServerManagerCMD query > \\ITFileServer\Configs\%computername%.txt Using this you can quickly dump the configurations of all of your Windows 2008 servers into a single documentation store that can be quickly referenced. Now we will return to our regularly scheduled programming. In the above results we can see that nothing is ticked. This confirms that no roles or features have been installed on this server. I now want to install the Web Server and Application server roles on this server. Well use the SERVERMANAGERCMD command again but this time with the INSTALL parameter. I know that I want to install the Web Server (IIS) and the Application Server roles. The SERVERMANAGERCMD command will not accept roles with spaces in their names. By checking the results of the query command we can see the codes accepted by SERVERMANAGERCMD, e.g. Web-Server and Application-Server. And remember that I added an additional role service under the Application Server role? It was Web Server (IIS) Support. Looking at the query results I can see its code it AS-Web-Support. Im going to add that as well to directly replicate what I did using the MMC. C:\Users\Administrator>ServerManagerCMD -install Application-Server AS-Web-Support Web-Server .. Start Installation... [Installation] Succeeded: [Application Server] Windows Process Activation Service Support. [Installation] Succeeded: [Web Server (IIS)] Management Tools. [Installation] Succeeded: [.NET Framework 3.0 Features] WCF Activation. [Installation] Succeeded: [Web Server (IIS)] Web Server. Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 25 website@highwaycsl.com
[Installation] Succeeded: [Web Server (IIS)] Application Development. [Installation] Succeeded: [Web Server (IIS)] Security. [Installation] Succeeded: [Web Server (IIS)] Performance. [Installation] Succeeded: [Web Server (IIS)] Common HTTP Features. [Installation] Succeeded: [Web Server (IIS)] Health and Diagnostics. [Installation] Succeeded: [Windows Process Activation Service] Configuration API s. [Installation] Succeeded: [.NET Framework 3.0 Features] .NET Framework 3.0. [Installation] Succeeded: [Windows Process Activation Service] .NET Environment. [Installation] Succeeded: [Windows Process Activation Service] Process Model. [Installation] Succeeded: [Web Server (IIS)] IIS Management Scripts and Tools. [Installation] Succeeded: [Web Server (IIS)] IIS Management Console. [Installation] Succeeded: [Web Server (IIS)] Static Content Compression. [Installation] Succeeded: [Web Server (IIS)] Digest Authentication. [Installation] Succeeded: [Web Server (IIS)] Dynamic Content Compression. [Installation] Succeeded: [Web Server (IIS)] Default Document. [Installation] Succeeded: [Web Server (IIS)] Static Content. [Installation] Succeeded: [Web Server (IIS)] Directory Browsing. [Installation] Succeeded: [Web Server (IIS)] HTTP Redirection. [Installation] Succeeded: [Web Server (IIS)] HTTP Errors. [Installation] Succeeded: [Web Server (IIS)] Windows Authentication. [Installation] Succeeded: [Web Server (IIS)] Basic Authentication. [Installation] Succeeded: [Web Server (IIS)] Client Certificate Mapping Authentication. [Installation] Succeeded: [Web Server (IIS)] ISAPI Extensions. [Installation] Succeeded: [Web Server (IIS)] Tracing. [Installation] Succeeded: [Web Server (IIS)] HTTP Logging. [Installation] Succeeded: [Web Server (IIS)] ISAPI Filters. [Installation] Succeeded: [Web Server (IIS)] Request Monitor. [Installation] Succeeded: [Web Server (IIS)] Logging Tools. [Installation] Succeeded: [Web Server (IIS)] IP and Domain Restrictions. [Installation] Succeeded: [Web Server (IIS)] URL Authorization. [Installation] Succeeded: [Web Server (IIS)] Request Filtering. [Installation] Succeeded: [Web Server (IIS)] IIS Client Certificate Mapping Authentication. [Installation] Succeeded: [Web Server (IIS)] Management Service. [Installation] Succeeded: [Web Server (IIS)] .NET Extensibility. [Installation] Succeeded: [.NET Framework 3.0 Features] HTTP Activation. [Installation] Succeeded: [Web Server (IIS)] ASP.NET. [Installation] Succeeded: [Application Server] Application Server Foundation. [Installation] Succeeded: [Application Server] HTTP Activation. [Installation] Succeeded: [Application Server] Web Server (IIS) Support. <100/100> Success: Installation succeeded. C:\Users\Administrator> Running a query now should show us that Ive successfully installed a server that is identical to the one I set up using the Server Manager MMC, except I did it using 1 command. We can see that the modelling process automatically selected the required components based on the roles and role services that I listed to be installed.
26 website@highwaycsl.com
C:\Users\Administrator>servermanagercmd -query ...................... ----- Roles ----[ ] Active Directory Certificate Services [AD-Certificate] [ ] Certification Authority [ADCS-Cert-Authority] [ ] Certification Authority Web Enrollment [ADCS-Web-Enrollment] [ ] Online Responder [ADCS-Online-Cert] [ ] Network Device Enrollment Service [ADCS-Device-Enrollment] [ ] Active Directory Domain Services [ ] Active Directory Domain Controller [ADDS-Domain-Controller] [ ] Identity Management for UNIX [ADDS-Identity-Mgmt] [ ] Server for Network Information Services [ADDS-NIS] [ ] Password Synchronization [ADDS-Password-Sync] [ ] Administration Tools [ADDS-IDMU-Tools] [ ] Active Directory Federation Services [ ] Federation Service [ADFS-Federation] [ ] Federation Service Proxy [ADFS-Proxy] [ ] AD FS Web Agents [ADFS-Web-Agents] [ ] Claims-aware Agent [ADFS-Claims] [ ] Windows Token-based Agent [ADFS-Windows-Token] [ ] Active Directory Lightweight Directory Services [ADLDS] [ ] Active Directory Rights Management Services [ ] Active Directory Rights Management Server [ ] Identity Federation Support [X] Application Server [Application-Server] [X] Application Server Foundation [AS-AppServer-Foundation] [X] Web Server (IIS) Support [AS-Web-Support] [ ] COM+ Network Access [AS-Ent-Services] [ ] TCP Port Sharing [AS-TCP-Port-Sharing] [X] Windows Process Activation Service Support [AS-WAS-Support] [X] HTTP Activation [AS-HTTP-Activation] [ ] Message Queuing Activation [AS-MSMQ-Activation] [ ] TCP Activation [AS-TCP-Activation] [ ] Named Pipes Activation [AS-Named-Pipes] [ ] Distributed Transactions [AS-Dist-Transaction] [ ] Incoming Remote Transactions [AS-Incoming-Trans] [ ] Outgoing Remote Transactions [AS-Outgoing-Trans] [ ] WS-Atomic Transactions [AS-WS-Atomic] [ ] DHCP Server [DHCP] [ ] DNS Server [DNS] [ ] Fax Server [Fax] [ ] File Services [ ] File Server [FS-FileServer] [ ] Distributed File System [FS-DFS] [ ] DFS Namespaces [FS-DFS-Namespace] [ ] DFS Replication [FS-DFS-Replication] [ ] File Server Resource Manager [FS-Resource-Manager] [ ] Services for Network File System [FS-NFS-Services] [ ] Windows Search Service [FS-Search-Service] [ ] Windows Server 2003 File Services [FS-Win2003-Services] Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 27 website@highwaycsl.com
[ ] File Replication Service [FS-Replication] [ ] Indexing Service [FS-Indexing-Service] [ ] Network Policy and Access Services [NPAS] [ ] Network Policy Server [NPAS-Policy-Server] [ ] Routing and Remote Access Services [NPAS-RRAS-Services] [ ] Remote Access Service [NPAS-RRAS] [ ] Routing [NPAS-Routing] [ ] Health Registration Authority [NPAS-Health] [ ] Host Credential Authorization Protocol [NPAS-Host-Cred] [ ] Print Services [Print-Services] [ ] Print Server [Print-Server] [ ] LPD Service [Print-LPD-Service] [ ] Internet Printing [Print-Internet] [ ] Terminal Services [Terminal-Services] [ ] Terminal Server [TS-Terminal-Server] [ ] TS Licensing [TS-Licensing] [ ] TS Session Broker [TS-Session-Broker] [ ] TS Gateway [TS-Gateway] [ ] TS Web Access [TS-Web-Access] [ ] UDDI Services [ ] UDDI Services Database [ ] UDDI Services Web Application [X] Web Server (IIS) [Web-Server] [X] Web Server [Web-WebServer] [X] Common HTTP Features [Web-Common-Http] [X] Static Content [Web-Static-Content] [X] Default Document [Web-Default-Doc] [X] Directory Browsing [Web-Dir-Browsing] [X] HTTP Errors [Web-Http-Errors] [X] HTTP Redirection [Web-Http-Redirect] [X] Application Development [Web-App-Dev] [X] ASP.NET [Web-Asp-Net] [X] .NET Extensibility [Web-Net-Ext] [ ] ASP [Web-ASP] [ ] CGI [Web-CGI] [X] ISAPI Extensions [Web-ISAPI-Ext] [X] ISAPI Filters [Web-ISAPI-Filter] [ ] Server Side Includes [Web-Includes] [X] Health and Diagnostics [Web-Health] [X] HTTP Logging [Web-Http-Logging] [X] Logging Tools [Web-Log-Libraries] [X] Request Monitor [Web-Request-Monitor] [X] Tracing [Web-Http-Tracing] [ ] Custom Logging [Web-Custom-Logging] [ ] ODBC Logging [Web-ODBC-Logging] [X] Security [Web-Security] [X] Basic Authentication [Web-Basic-Auth] [X] Windows Authentication [Web-Windows-Auth] [X] Digest Authentication [Web-Digest-Auth] [X] Client Certificate Mapping Authentication [Web-Client-Auth] [X] IIS Client Certificate Mapping Authentication [Web-Cert-Auth] [X] URL Authorization [Web-Url-Auth] Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 28 website@highwaycsl.com
[X] Request Filtering [Web-Filtering] [X] IP and Domain Restrictions [Web-IP-Security] [X] Performance [Web-Performance] [X] Static Content Compression [Web-Stat-Compression] [X] Dynamic Content Compression [Web-Dyn-Compression] [X] Management Tools [Web-Mgmt-Tools] [X] IIS Management Console [Web-Mgmt-Console] [X] IIS Management Scripts and Tools [Web-Scripting-Tools] [X] Management Service [Web-Mgmt-Service] [ ] IIS 6 Management Compatibility [Web-Mgmt-Compat] [ ] IIS 6 Metabase Compatibility [Web-Metabase] [ ] IIS 6 WMI Compatibility [Web-WMI] [ ] IIS 6 Scripting Tools [Web-Lgcy-Scripting] [ ] IIS 6 Management Console [Web-Lgcy-Mgmt-Console] [ ] FTP Publishing Service [Web-Ftp-Publishing] [ ] FTP Server [Web-Ftp-Server] [ ] FTP Management Console [Web-Ftp-Mgmt-Console] [ ] Windows Deployment Services [WDS] [ ] Deployment Server [WDS-Deployment] [ ] Transport Server [WDS-Transport] [ ] Windows SharePoint Services [Windows-SharePoint] ----- Features ----[X] .NET Framework 3.0 Features [NET-Framework] [X] .NET Framework 3.0 [NET-Framework-Core] [ ] XPS Viewer [NET-XPS-Viewer] [X] WCF Activation [NET-Win-CFAC] [X] HTTP Activation [NET-HTTP-Activation] [ ] Non-HTTP Activation [NET-Non-HTTP-Activ] [ ] BitLocker Drive Encryption [BitLocker] [ ] BITS Server Extensions [BITS] [ ] Connection Manager Administration Kit [CMAK] [ ] Desktop Experience [Desktop-Experience] [ ] Failover Clustering [Failover-Clustering] [ ] Group Policy Management [GPMC] [ ] Internet Printing Client [Internet-Print-Client] [ ] Internet Storage Name Server [ISNS] [ ] LPR Port Monitor [LPR-Port-Monitor] [ ] Message Queuing [MSMQ] [ ] Message Queuing Services [MSMQ-Services] [ ] Message Queuing Server [MSMQ-Server] [ ] Directory Service Integration [MSMQ-Directory] [ ] Message Queuing Triggers [MSMQ-Triggers] [ ] HTTP Support [MSMQ-HTTP-Support] [ ] Multicasting Support [MSMQ-Multicasting] [ ] Routing Service [MSMQ-Routing] [ ] Windows 2000 Client Support [MSMQ-Win2000] [ ] Message Queuing DCOM Proxy [MSMQ-DCOM] [ ] Multipath I/O [Multipath-IO] [ ] Network Load Balancing [NLB] [ ] Peer Name Resolution Protocol [PNRP] Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 29 website@highwaycsl.com
[ ] Quality Windows Audio Video Experience [qWave] [ ] Remote Assistance [Remote-Assistance] [ ] Remote Differential Compression [RDC] [X] Remote Server Administration Tools [RSAT] [X] Role Administration Tools [RSAT-Role-Tools] [ ] Active Directory Certificate Services Tools [RSAT-ADCS] [ ] Certification Authority Tools [RSAT-ADCS-Mgmt] [ ] Online Responder Tools [RSAT-Online-Responder] [ ] Active Directory Domain Services Tools [RSAT-ADDS] [ ] Active Directory Domain Controller Tools [RSAT-ADDC] [ ] Server for NIS Tools [RSAT-SNIS] [ ] Active Directory Lightweight Directory Services Tools [RSAT-ADLDS] [ ] Active Directory Rights Management Services Tools [RSAT-RMS] [ ] DHCP Server Tools [RSAT-DHCP] [ ] DNS Server Tools [RSAT-DNS-Server] [ ] Fax Server Tools [RSAT-Fax] [ ] File Services Tools [RSAT-File-Services] [ ] Distributed File System Tools [RSAT-DFS-Mgmt-Con] [ ] File Server Resource Manager Tools [RSAT-FSRM-Mgmt] [ ] Services for Network File System Tools [RSAT-NFS-Admin] [ ] Network Policy and Access Services Tools [RSAT-NPAS] [ ] Routing and Remote Access Services Tools [RSAT-RAS] [ ] Health Registration Authority Tools [RSAT-HRA] [ ] Print Services Tools [RSAT-Print-Services] [ ] Terminal Services Tools [RSAT-TS] [ ] Terminal Server Tools [RSAT-TS-RemoteApp] [ ] TS Gateway Tools [RSAT-TS-Gateway] [ ] TS Licensing Tools [RSAT-TS-Licensing] [ ] UDDI Services Tools [RSAT-UDDI] [X] Web Server (IIS) Tools [RSAT-Web-Server] [ ] Windows Deployment Services Tools [RSAT-WDS] [ ] Feature Administration Tools [RSAT-Feature-Tools] [ ] BitLocker Drive Encryption Tools [RSAT-BitLocker] [ ] BITS Server Extensions Tools [RSAT-Bits-Server] [ ] Failover Clustering Tools [RSAT-Clustering] [ ] Network Load Balancing Tools [RSAT-NLB] [ ] SMTP Server Tools [RSAT-SMTP] [ ] WINS Server Tools [RSAT-WINS] [ ] Removable Storage Manager [Removable-Storage] [ ] RPC over HTTP Proxy [RPC-over-HTTP-Proxy] [ ] Simple TCP/IP Services [Simple-TCPIP] [ ] SMTP Server [SMTP-Server] [ ] SNMP Services [SNMP-Services] [ ] SNMP Service [SNMP-Service] [ ] SNMP WMI Provider [SNMP-WMI-Provider] [ ] Storage Manager for SANs [Storage-Mgr-SANS] [ ] Subsystem for UNIX-based Applications [Subsystem-UNIX-Apps] [ ] Telnet Client [Telnet-Client] [ ] Telnet Server [Telnet-Server] [ ] TFTP Client [TFTP-Client] [ ] Windows Internal Database [Windows-Internal-DB] [ ] Windows PowerShell [PowerShell] Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 30 website@highwaycsl.com
[X] Windows Process Activation Service [WAS] [X] Process Model [WAS-Process-Model] [X] .NET Environment [WAS-NET-Environment] [X] Configuration APIs [WAS-Config-APIs] [ ] Windows Recovery Disc [Recovery-Disc] [ ] Windows Server Backup Features [Backup-Features] [ ] Windows Server Backup [Backup] [ ] Command-line Tools [Backup-Tools] [ ] Windows System Resource Manager [WSRM] [ ] WINS Server [WINS-Server] [ ] Wireless LAN Service [Wireless-Networking] C:\Users\Administrator>
31 website@highwaycsl.com
All of the available features on the server are listed. Select the feature you wan to install. In this case Ive ticked Network Load Balancing.
We get a summary of our selection before we go any further. Click on <Install> to start the installation or <Cancel> to terminate the process.
32 website@highwaycsl.com
The installation starts. Note that this may actually take a while.
The installation completes after a few moments. You can see that Windows is still reminding me to activate my automatic updates and gives me a warning because of it.
33 website@highwaycsl.com
Back in the MMC, the status of the server is updated to reflect the new feature, Network Load Balancing.
34 website@highwaycsl.com
How quick and easy was that? Network Load Balancing is now installed and ready to be configured. Please tell me that you arent tempted to try this command line approach now! By now you should see how you could write a simple script containing the commands to install of your required role and feature installations. This could be saved and reused whenever you want to build a server of a specific type. You could then deploy a single simple image to your new hardware and then run the required role/feature installation script as required to complete the installation before you perform the server specific customisations, e.g. adding content.
We can see under Roles Summary that each of my installed roles is reporting a problem. Im going to drill down to the cause by clicking on <Go to Roles>.
35 website@highwaycsl.com
In Roles I can scroll down and see that both the Application Server and the Web Server are each reporting services as not running. This is causing each of the roles to fail. I now click on <Application Server> to see what is happening.
36 website@highwaycsl.com
I can see the cause of my problem under System Services. The World Wide Web Publishing Service has a status of stopped. This has caused both the Application Server and the Web Server roles to fail. The solution is pretty easy in this example. I select the failed service and click on <Start> on the right-hand side of the console.
The service starts up successfully. Im hoping that this has cleared up my problems so I navigate back to the top of Server Manager.
37 website@highwaycsl.com
I can clearly see under Roles Summary that both of my roles are now running normally. This is probably a good time to have a look at how we can diagnose problems with out roles. As youve just seen, we can navigate into each role in Server Manager. You should click on one of you installed roles now. Ive navigated into Application Server.
38 website@highwaycsl.com
We can see there is an Events section under Summary. This presents each of the events that have occurred on the server in relation to the selected role. This is extremely convenient when investigating role specific issues and saves you having to search through the endless listing of events that can exist within Event Viewer.
39 website@highwaycsl.com
You can double-click on an event entry to get more specific detail related to the event you are investigating. Great! So now we can investigate issues and resolve problems using Server Manager. Is there anything more? Well as it just so happens When a role is installed on a server there is also an MMC snap in added to the system to manage it. Normally weve always gone into Administrative Tools to find it. Microsoft really wants us to see Server Manager as just that the primary tool for managing a server. If you want to manage a role then you should be able to access the MMC snap-in from Server Manager. And thats what Server Manager allows us to do. Navigate to a role on your server in Server Manager and expand the node. Ive selected Web Server (IIS).
Inside the role, Ive now got access to the related MMC snap-in and I can use this from within Server Manager to manage my IIS7 installation. This means that Server Manager truly is a centralised administrative tool for all roles installed on the server.
command line. I think you may find yourself drifting towards the command line option for future administration tasks related to server manager roles and features after reading this. Lets get Server Manager up and running again. We can see that Network Load Balancing is still listed as a feature that is installed.
41 website@highwaycsl.com
All of the features are listed. Those that are installed have a tick beside them and those that are not installed are greyed out. Deselect the feature you want to uninstall; in this case Network Load Balancing and then click on <Remove>.
42 website@highwaycsl.com
We get a summary of the actions to be completed. Click on <Remove> when you are ready to uninstall the displayed features or click on <Cancel> to terminate the process.
43 website@highwaycsl.com
The process may take a few moments so you may want to take one of those coffee breaks that we progress bar engineers are used to.
44 website@highwaycsl.com
The removal process is completed and we can click on <Close> to return to the Server Manager MMC.
We can now see the feature is removed. Thats how we remove a feature. The process of removing a role is exactly the same. Instead of Remove Features you select Remove Roles. Its a process that Microsoft has made very easy for us. Theyve allowed us to concentrate on what we want to install or remove instead of worrying about how to do it.
Start Removal... [Removal] Succeeded: [Network Load Balancing]. Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 45 website@highwaycsl.com
<100/100>
Success: Removal succeeded. Some features or roles may require a restart at the end of the uninstall to complete the process. You can automate this by adding the RESTART parameter at the end of the command. ServerManagerCmd.exe -remove Print-LPD-Service restart Removing the LPD printing service does require a reboot and you are warned about this if you run a remove command. Adding the RESTART parameter causes the server to reboot automatically, something you will find quite handy if you deploy your uninstall command remotely or run it by using a scheduled task.
This parses my XML file to check the syntax and simulates the installation without modifying my server. It then lists the actions that will be performed. I can actually go ahead and run my command once Ive got my syntax cleaned up and Im happy with the actions: C:\Users\Administrator>ServerManagerCmd.exe -inputPath C:\Media\WebServer.XML ..
Start Installation... [Installation] Succeeded: [Application Server] Windows Process Activation Servic e Support. [Installation] Succeeded: [Web Server (IIS)] Management Tools. [Installation] Succeeded: [.NET Framework 3.0 Features] WCF Activation. [Installation] Succeeded: [Web Server (IIS)] Web Server. [Installation] Succeeded: [Web Server (IIS)] Health and Diagnostics. [Installation] Succeeded: [Web Server (IIS)] Performance. [Installation] Succeeded: [Web Server (IIS)] Application Development. [Installation] Succeeded: [Web Server (IIS)] Security. [Installation] Succeeded: [Web Server (IIS)] Common HTTP Features. [Installation] Succeeded: [Windows Process Activation Service] Configuration API s. [Installation] Succeeded: [Windows Process Activation Service] Process Model. [Installation] Succeeded: [Windows Process Activation Service] .NET Environment.
[Installation] Succeeded: [Network Load Balancing]. [Installation] Succeeded: [.NET Framework 3.0 Features] .NET Framework 3.0. [Installation] Succeeded: [Web Server (IIS)] IIS Management Scripts and Tools. [Installation] Succeeded: [Web Server (IIS)] IIS Management Console. [Installation] Succeeded: [Web Server (IIS)] ISAPI Extensions. Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 47 website@highwaycsl.com
[Installation] Succeeded: [Web Server (IIS)] HTTP Logging. [Installation] Succeeded: [Web Server (IIS)] HTTP Redirection. [Installation] Succeeded: [Web Server (IIS)] Static Content. [Installation] Succeeded: [Web Server (IIS)] Client Certificate Mapping Authenti cation. [Installation] Succeeded: [Web Server (IIS)] Default Document. [Installation] Succeeded: [Web Server (IIS)] HTTP Errors. [Installation] Succeeded: [Web Server (IIS)] Directory Browsing. [Installation] Succeeded: [Web Server (IIS)] ISAPI Filters. [Installation] Succeeded: [Web Server (IIS)] IIS Client Certificate Mapping Auth entication. [Installation] Succeeded: [Web Server (IIS)] Digest Authentication. [Installation] Succeeded: [Web Server (IIS)] Request Filtering. [Installation] Succeeded: [Web Server (IIS)] URL Authorization. [Installation] Succeeded: [Web Server (IIS)] Windows Authentication. [Installation] Succeeded: [Web Server (IIS)] Request Monitor. [Installation] Succeeded: [Web Server (IIS)] Logging Tools. [Installation] Succeeded: [Web Server (IIS)] Basic Authentication. [Installation] Succeeded: [Web Server (IIS)] Tracing. [Installation] Succeeded: [Web Server (IIS)] IP and Domain Restrictions. [Installation] Succeeded: [Web Server (IIS)] Static Content Compression. [Installation] Succeeded: [Web Server (IIS)] Dynamic Content Compression. [Installation] Succeeded: [Web Server (IIS)] Management Service. [Installation] Succeeded: [Web Server (IIS)] .NET Extensibility. [Installation] Succeeded: [.NET Framework 3.0 Features] HTTP Activation. [Installation] Succeeded: [Web Server (IIS)] ASP.NET. Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 48 website@highwaycsl.com
[Installation] Succeeded: [Application Server] Application Server Foundation. [Installation] Succeeded: [Application Server] HTTP Activation. [Installation] Succeeded: [Application Server] Web Server (IIS) Support. <100/100>
Success: Installation succeeded. In just one command, I have installed all the components required for my standard web server build. You have got to love that! So thats roles and features in Windows 2008. My advice to you is to try this out with some test machines. Compare the process using the MMC and the command line. And keep in mind the process of using an answer file for when you read about unattended installation of Windows Server 2008. Were going to leave this subject now and move on to the rest of Server Manager and have a quick look around.
Diagnostics
Weve already seen how we can diagnose and repair role specific failures in Server Manager. But sometimes problems are more complex than that and youll find that you need to do see the bigger picture. We can use the tools that are linked in Server Manager under Diagnostics to help us identify the cause of those problems. The first tool we see in Diagnostics is an old friend: Event Viewer. Event Viewer has had a bit of work done on it.
49 website@highwaycsl.com
The root view gives us a very helpful summary of the different types of events that are available in Event Viewer. How often have you gone into Event Viewer and found that you had to search through thousands of entries to find Critical or Warning level events. Youve probably gone and filtered the view but a large log can take some time to process. Windows 2008 Event viewer makes this easy for us. Just expand the Event Type under Summary of Administrative Events and youll get a listing of your desired level of events. Another task that youve probably done repeatedly is to filter the view based on certain criteria such as all events of source HttpEvent and event type of either Failure or Warning. Isnt it pretty annoying that every time you revisit Event viewer that you have to filter for this query again? Windows 2008 Event Viewer comes to the rescue with Custom Views. You can define and save your query using a Custom View. Not only that, but you can export the view and import it onto another computer! The file format is XML so you can quickly copy and modify the file to create a collection of Custom Views that you can import onto all of your servers as you deploy them. Windows Logs gives us access to our now familiar set of logs including System, Security and Application. Two new entries are to be found in there by default. The first is Setup. This log will collect events related to the installation and removal of Roles and Features on your server. This will be useful to identify when, who and how your server configuration was modified. Thats something that will be useful to enforce compliance and change control. The most interesting addition to Event Viewer is Forwarded Events. Almost every week I am either asked or see someone on a forum asking for a solution for basic monitoring of small server networks that wont cost an annual budget. Forwarded Events allows a single server to gather log entries from other computers using subscriptions. These events are then collected onto your server and presented to you in Forwarded Events. Note that this service requires that both the Windows Remote Management and the Windows Event Collector services are running. Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 50 website@highwaycsl.com
The Applications and Services Logs allows different applications to log their own specific details into their own dedicated logs that an administrator can access via a single interface. The logs are broken down into categories to make them easy to navigate. Of relevance to this document, you can find a log for Server Manger in \Diagnostics\Event Viewer\Applications and Services Logs\Microsoft\Windows\Server Manager. In here you can find log entries for every task youve run using SERVERMANAGERCMD.EXE. Subscriptions is where you define on how to collect log entries from target computers to a source computer. Youve got a number of options in here including selection targets, defining a query for events to collect and what credentials to use to make the connection to the remote computers.
Reliability and Performance allows and administrator to monitor how a server is behaving. Instead of querying log data, the administrator can get access to more tangible statistics such as resource utilisation and server failure in this collection of tools. Under Monitoring Tools we have Performance Monitor and Reliability Monitor. Performance Monitor should be familiar to Windows administrators. It allows you to monitor current performance metrics and to load a pre-existing data collector set to view historic data. Reliability monitor is a new tool for analysing how change relates to failures in server reliability via a time chart and collected events. Its not uncommon for failures to be directly related to configuration changes. This tool is Microsofts attempt to help us correlate these events. Data Collector Sets allows us to collect data from the server that is not normally collected in Event Viewer, i.e. performance and configuration information. Its broken into two sets: System which is Windows 2008 Server Manger Copyright Aidan Finn 2008 http://joeelway.spaces.live.com/ 51 website@highwaycsl.com
the hard coded set of sets and User Defined which allows an administrator to define a query and schedule to gather data. You can run these sets to gather data. The resulting data can be either loaded in Performance Monitor to create a historic chart or in Reports so you can have a text summary of the Data Collector Set execution.
Device Manager allows administrators of a server to install or remove devices and to manage their drivers.
52 website@highwaycsl.com
Configuration
The Configuration section of Server Manager allows administrators to manage the configuration of servers that is unrelated to Roles and Features, i.e. those components that are common to all Windows 2008 servers. Task Scheduler does exactly what it says on the tin. You can use it to schedule an operation that you want to occur once in the future or on a recurring basis. Youll notice that Microsoft has included a set of tasks by default, including one to defrag your hard disks every week.
53 website@highwaycsl.com
Windows Firewall with Advanced Security is where you can configure the Windows Firewall. Notice that its on by default and its pretty water tight!
54 website@highwaycsl.com
You can use the Services MMC to manage the services that are running on the server, including changing their running status, their start-up type and the credentials they use to execute on the server.
55 website@highwaycsl.com
You will WMI Control to manage the WMI configuration of the server that you are working on, including backup up/restoring the configuration, assigning permissions and changing the default scripting namespace.
56 website@highwaycsl.com
Local Users and Groups should be familiar to anyone who has worked with Microsoft operating systems since Windows 2000. It is where you will manage local users and local groups on standalone and member servers.
Storage
We now wrap up our document on Server Manager by looking quickly at the Storage Section. There are two aspects to this: Windows Server Backup and Disk Management.
57 website@highwaycsl.com
Windows Server Backup allows an administrator to back up their server without the need for third party applications. Youre going to need to install the Windows Server Backup feature in order to be able to use Windows Server Backup.
58 website@highwaycsl.com
Windows Server Backup is useful for smaller organisations with smaller budgets, those with standalone servers or for administrators with an isolated test lab. Backing up our servers is one of the most important things that we server administrators do and Windows Server Backup provides us with a reliable tool for doing this, albeit not one that will be ideal for those who require cross platform support, advanced storage or centralised management.
59 website@highwaycsl.com
Administrators can use Disk Management to provision disks and volumes on the server. One of the nice little improvements is the summary that tells us vital disk configuration information such as which volumes are the system, boot, page file and crash dump partitions.
Summary
So thats Server Manager. I think that its quite an impressive upgrade over Computer Management and that Microsoft has given us a tool that probably does accomplish much of the lofty goal to create a single point for managing a server. Add in SERVERMANAGERCMD.EXE and administrators have a rapid, scriptable and easily repeatable way to manage the Role and Feature configurations of their servers. If you are a server administrator then this is likely going to be the tool you use the most in your day to day operations. If so, set up a test lab and try out some of the scenarios described in this document. Then expand on your experiments by adding in the features that you are likely to encounter in your job. Try to use SERVERMANAGERCMD.EXE and the answer file feature and youll be pleasantly surprised how we command prompt fearing types will actually want to learn a bit more of the dark side!
60 website@highwaycsl.com