In my opinion, the Windows Server Core installation option is mature enough such that Windows administrators should standardize all of their servers to run as Core. Why? It makes sense that the fewer operating systems you have present, the better your performance and the smaller your system attack surface.
The bottom line though is that you had better start to enjoy Server Core because as of the 1709 update, Windows Server 2016 (semi-annual update channel) no longer allows you to add the GUI layer to a Server Core installation.
In Windows Server 2019 (in Insider Preview build 17650 as of this writing in late April 2018), we have Server Core and that's it. The long-term servicing branch (LTSB) of Windows Server 2016 still has the Desktop Experience option; I'm not sure what the feature's status is in Windows Server 2019.
In today's lesson I will teach you how to manage your Windows Server 2019 Server Core box with the greatest of ease. Yes, I mean that! Let's begin.
The sconfig utility
Of course, Server Core does not have a Desktop Experience GUI, so you need to navigate using command-line tools. After you log into the server, type sconfig to open the sconfig.cmd configuration utility, shown in the next screenshot.
With sconfig, you use the numbered menu to configure the most important server properties, including:
- Time, time zone, and date
- Domain membership
- IP addressing
- Remote access
While we're at it, we should ensure WinRM-based PowerShell remoting is enabled. Type 15 to exit to a command line, type powershell to start PowerShell, and run the following command:
Enable-PSRemoting -SkipNetworkProfileCheck -Force
Install PowerShell Core
I verified Windows Server 2019 ships with PowerShell 5.1 Desktop edition. Let's make sure we have the latest PowerShell 6 Core build on our new server, shall we?
On your Windows 10 administrative workstation, fire up an administrative PowerShell console and run the following command to ensure we can perform remote management of our Server Core box:
Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value * -Force
Download the latest x64 PowerShell Core release from Microsoft's GitHub releases page. Next, let's define a persistent PowerShell remoting session with the Server Core box (substituting your own server's IPv4 address, naturally) and copy the .msi to the root of its drive C:
$session = New-PSSession -ComputerName 192.168.176.130 -Credential (Get-Credential) Copy-Item PowerShell-6.1.0-preview.1-win-x64.msi C:\ -ToSession $session
To install PowerShell Core, I'm going to cheat by running the following commands directly on the Windows Server 2019 server. Yes, I know you can run cmd.exe and msiexec remotely, but it's a bit of a hassle. My friend and fellow MVP Max Trinidad wrote a blog post using a mapped drive as a workaround.
cmd msiexec /i C:\ PowerShell-6.1.0-preview.1-win-x64.msi exit
Install Windows Admin Center
Given that, I was skeptical of Honolulu—browser-based management of local and remote server and desktop systems. Yawn. My biggest concern was speed—was this tool going to be responsive?
I'm grateful to report that Windows Admin Center is super-fast, flexible, and yes, I am now a fan—big time.
What we'll do now is install Windows Admin Center in Desktop mode on our Windows 10 administrative workstation. Here's the procedure:
Download the software, run the .msi installer, and select a management port. That's it!
Windows Admin Center can manage Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, and Windows 10 hosts from a central web console. On first launch, be sure to accept the self-signed management certificate as shown in the next screenshot.
Logging in takes you to the All Connections list by default. Windows Admin is a modular web application; the default solutions included (as of this writing in late April 2018) are:
- Server Manager (to manage Windows Servers)
- Computer Management (to manage Windows 10 hosts)
- Failover Cluster Manager
- Hyper-Converged Cluster Manager
Click Add, select Add Server Connection, specify the DNS name or IP address of your new Windows Server 2019 host, and click Submit. Here's a composite screenshot that shows the process:
Click Connect to authenticate to the remote server. As you can see in the next screenshot, your options include:
- Your current credentials, with or without Local Administrator Password Solution (LAPS)
- Alternate credentials
Finally, you reach the Server Manager installed solution. Check out the following screenshot and appreciate all the administrative goodness available to you. I'm a particularly strong fan of the integrated PowerShell console and file system browser.
For my part, I don't plan to use the Desktop Experience with Windows Server ever again. For that matter, Features on Demand and PowerShell allow you to remove unneeded Windows Server role and feature bits from the system entirely:
Subscribe to 4sysops newsletter!
Remove-WindowsFeature <feature-name> -Remove
Our goal is to reduce the attack surface of our servers. Also, in keeping with the DevOps mantra of managing our servers as a herd rather than pets, the combination of PowerShell and the Windows Admin Center make for a forward-thinking solution.