- Install Ansible on Windows - Thu, Jul 20 2023
- Use Azure Bastion as a jump host for RDP and SSH - Tue, Apr 18 2023
- Azure Virtual Desktop: Getting started - Fri, Apr 14 2023
In my opinion, the Windows Server Core installation option is mature enough such that Windows administrators should standardize all of their servers to run as Core. Why? It makes sense that the fewer operating systems you have present, the better your performance and the smaller your system attack surface.
The bottom line though is that you had better start to enjoy Server Core because as of the 1709 update, Windows Server 2016 (semi-annual update channel) no longer allows you to add the GUI layer to a Server Core installation.
In Windows Server 2019 (in Insider Preview build 17650 as of this writing in late April 2018), we have Server Core and that's it. The long-term servicing branch (LTSB) of Windows Server 2016 still has the Desktop Experience option; I'm not sure what the feature's status is in Windows Server 2019.
In today's lesson I will teach you how to manage your Windows Server 2019 Server Core box with the greatest of ease. Yes, I mean that! Let's begin.
The sconfig utility
Of course, Server Core does not have a Desktop Experience GUI, so you need to navigate using command-line tools. After you log into the server, type sconfig to open the sconfig.cmd configuration utility, shown in the next screenshot.
With sconfig, you use the numbered menu to configure the most important server properties, including:
- Hostname
- Time, time zone, and date
- Domain membership
- IP addressing
- Remote access
While we're at it, we should ensure WinRM-based PowerShell remoting is enabled. Type 15 to exit to a command line, type powershell to start PowerShell, and run the following command:
Enable-PSRemoting -SkipNetworkProfileCheck -Force
Install PowerShell Core
I verified Windows Server 2019 ships with PowerShell 5.1 Desktop edition. Let's make sure we have the latest PowerShell 6 Core build on our new server, shall we?
On your Windows 10 administrative workstation, fire up an administrative PowerShell console and run the following command to ensure we can perform remote management of our Server Core box:
Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value * -Force
Download the latest x64 PowerShell Core release from Microsoft's GitHub releases page. Next, let's define a persistent PowerShell remoting session with the Server Core box (substituting your own server's IPv4 address, naturally) and copy the .msi to the root of its drive C:
$session = New-PSSession -ComputerName 192.168.176.130 -Credential (Get-Credential) Copy-Item PowerShell-6.1.0-preview.1-win-x64.msi C:\ -ToSession $session
To install PowerShell Core, I'm going to cheat by running the following commands directly on the Windows Server 2019 server. Yes, I know you can run cmd.exe and msiexec remotely, but it's a bit of a hassle. My friend and fellow MVP Max Trinidad wrote a blog post using a mapped drive as a workaround.
cmd msiexec /i C:\ PowerShell-6.1.0-preview.1-win-x64.msi exit
Install Windows Admin Center
Windows Admin Center, formerly called Project Honolulu, has been a long time coming in Windows Server. I never liked Server Manager, and the Server Management Tools in Azure were woefully misguided.
Given that, I was skeptical of Honolulu—browser-based management of local and remote server and desktop systems. Yawn. My biggest concern was speed—was this tool going to be responsive?
I'm grateful to report that Windows Admin Center is super-fast, flexible, and yes, I am now a fan—big time.
What we'll do now is install Windows Admin Center in Desktop mode on our Windows 10 administrative workstation. Here's the procedure:
Download the software, run the .msi installer, and select a management port. That's it!
Windows Admin Center can manage Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, and Windows 10 hosts from a central web console. On first launch, be sure to accept the self-signed management certificate as shown in the next screenshot.
Logging in takes you to the All Connections list by default. Windows Admin is a modular web application; the default solutions included (as of this writing in late April 2018) are:
- Server Manager (to manage Windows Servers)
- Computer Management (to manage Windows 10 hosts)
- Failover Cluster Manager
- Hyper-Converged Cluster Manager
Click Add, select Add Server Connection, specify the DNS name or IP address of your new Windows Server 2019 host, and click Submit. Here's a composite screenshot that shows the process:
Click Connect to authenticate to the remote server. As you can see in the next screenshot, your options include:
- Your current credentials, with or without Local Administrator Password Solution (LAPS)
- Alternate credentials
Finally, you reach the Server Manager installed solution. Check out the following screenshot and appreciate all the administrative goodness available to you. I'm a particularly strong fan of the integrated PowerShell console and file system browser.
Wrap-up
For my part, I don't plan to use the Desktop Experience with Windows Server ever again. For that matter, Features on Demand and PowerShell allow you to remove unneeded Windows Server role and feature bits from the system entirely:
Subscribe to 4sysops newsletter!
Remove-WindowsFeature <feature-name> -Remove
Our goal is to reduce the attack surface of our servers. Also, in keeping with the DevOps mantra of managing our servers as a herd rather than pets, the combination of PowerShell and the Windows Admin Center make for a forward-thinking solution.
Hi Timothy,
Thank you for the view of the future.
On the one hand, the GUI is going away. On the other hand, your presentation proves that it is not.
I am reminded of a post I saw not so long ago in regards to Azure that went something like this: “Aside from the conference going public, the GUI sells the product.”
Don’t get me wrong, I am all about PowerShell to optimize/automate common administrative operations. From a DevOps/CI perspective, deploying datacenter assets via code is the right thing to do. The reality is that not everyone has those skills. Many of the folks that do have those Visual Studio chops do not have an infrastructure operations sort of perspective.
Time will tell how long we get to keep clicking. I bet its a while still. Then again, if you don’t want to learn PowerShell, get used to saying “would you like fries with that?”
Thanks again!
The GUI isn’t going away because you still can manage Windows Server 2019 with GUIs. Microsoft just believes that the GUIs shouldn’t be installed on the server because it is a desktop thing. Most admins manage servers from their desktops and you can either to this with PowerShell, a Microsoft GUI or a third-party application.
This article perpetuates the narrative of the anti-windows interface. In other words, Windows OS without Windows GUI. What basically sold the world on the OS in the first place. Power Shell is truly powerful and DevOps has proven it’s place in the landscape. I applaud it’s presence.
But, this narrative doesn’t sell in many spaces. The small law office or health clinic, running one or two servers. Couple this with the constant mixed and contradictory messages organizations sell us. At a recent Palo Alto Fuel conference, the main speaker panned CLI as yesterday’s mindset. Apps and GUI are the future. I smile as who is right? Apps, GUI, or CLI (Power Shell) ?
I am far more skeptical of these predictions and would caution my peers against drinking that kool-aid so hungrily. Microsoft: Instead of coercion, why not offer multiple paths and allow people the choice? I shouldn’t have to choose, which is why I predict Microsoft’s continued threat is not Linux, but it’s bad decisions on how meeting the demands of it’s customers.
Not having the Desktop Experience will not drive people to upgrade to 2019… It’ll keep people where they are. Was nothing learned from XP and Windows 7?
Jonathan, I totally agree. Customers should have the choice whether to work with a GUI on the server or not. For most small and mid-sized businesses Windows Server 2019 is not an option. Many small organizations don’t even have admins who manage the computers. Often, the most tech-savy employee has this job.
This is the reason why Microsoft became big in the first place and wiped out companies such as DEC (Jeffrey Snover’s former employer). Microsoft’s GUIs for the the first time allowed small businesses to work with computers without requiring an engineer. Is the secretary now supposed to learn PowerShell? Or do these small organizations have to hire expensive service providers? I suppose Microsoft hopes that those organizations will now move to the cloud. More likely is that will just stay with old Windows versions as long as possible.
Considering that by the far the most people work for small and mid-sized organizations, this move certainly is a strategic mistake. If Apple ever decides to offer low-cost Macs (like they probably will do with the next iPhone), Windows is in serious trouble.
Apple is focusing on high margin items. They are cutting the “low-cost Mac” market loose.
Yeah seems so. The new MacBook Air is quite expensive. Good for Microsoft. Aside from Microsoft only Google appears to be interested in the low-end PC market. So far Redmond is not really in trouble because Google’s software is almost as unreliable as Microsoft’s. And Google’s obsession with web technology was the best that could happen to Microsoft. Let’s see what will happen now as Google has begun pushing the planets most dominant OS (Android) to the desktop.
Any tips on how to run Windows Admin Center from a standard user account? I try running it as Administrator, using my domain admin account, and Chrome crashes straight away. If I login using my domain admin account, I can run Windows Admin Center without a problem?
Use a Microsoft Browser and bet it works. Chrome is not the best answer all the time. I am an Office365, Azure hybrid windows environment and only user Edge and IE for all my windows administration. No issues here.
The issues of administering Core versions (since 2008) locally have not been resolved.
Still no answers to my queries on microsoft forum about command-line equivalent Control Panel settings and System Properties such as automatic installation of hardware drivers and system protection/pagefile/crash dumps etc.
Do you know of a good print(able) source of administering Core without having to resort to remote connections?
The Core is a big issue for IT guys in all kinds of companies and Core is half-baked product. We are running in heterogenous environment with Linux FWs/Routers with strict rules and there are many issues with remote administration using Server Manager, Admin Center or anything else which is by default forbidden because of strict security rules. RDP and local administration is allowed as well tested and protected by firewalls and PKI policy and that is why Core makes a lot of issues to admins as there are not resolved many thing by Powershell for many issues possible just by local administration (memory dumps, drive issues, security issues with CAPI COM, certificates etc.) or the PS wrappers are not well implemented around DCOM stuff and direct call though UI is much safer and much better tested than PS. And we don’t want to move to cloud, it makes no sense for us, as it is too expensive, we want to define our policy, do it by ourselves, we are responsible not any hosting company as Microsoft. And they treat their clients like hostages – you will move to cloud or we will make your life harder. That is why we started discussions about migration to Linux a year ago. Migration of all our servers (it’s about 300 Windows servers with many databases, IISs, Biztalks etc.) and we have started already and management approved this long-term project to get away from Microsoft. In Linux world there is stability, no changes pushing clients to do something they do not want to do. In Linux world you just start xwins if you want and you can use it. In Microsoft world using UI is a BIG issue, they must make a special OS version and they make a lot of troubles to clients if they want to use something they used for decades and Linux guys can just smile and use it if they want or not in just one command not to reinstall whole operating system. So this is the answer to move away from them and not to trust them anymore because what Microsoft is doing is a craziness (Microsoft engineers should give it up and go to Linux Kernel devs to learn how to make a really good OS where UI is not any issue at all that people have to write such articles which version of OS they should install – really crazy).
What you say crazy john. Every company has to evolve and Linux is a dead OS with little use outside of ot core followers but one think MS has learnt from it is this simple truth some things can be core and others have a GUI, Linux has a GUI in webmin and I know a lot of so called Linux evangelist whom use the webmin GUI so MS created Window Admin Centre to sit on server core no different than Linux server suing a GUI like webmin
Linux has Bash or whatever variation each company choose to use depending on their Linux version they’ve created. Linux has to many cookies, too many jars, to many hands in the jars. Linux is fools gold so clinging on to the dead OS is folly IMO. MS are smart what they’ve done is conquered the Linux OS by embracing it core fabric and then leveraging it own services to make it their own e.g. PowerShell Core for Linux, Windows Subsystem for Linux, Hyper-V Linux Shielded VMs, MSSQL for Linux, Bash on Windows 10, etc
So I have a windows 10 OS and installed WSL and download ubuntu and use BASH or PowerShell so Putty is now dead, so ask yourself why do I need to use a specific Linux OSs e.g. Mint, CentOS, etc when I can run a Linux VM (ubuntu) in Hyper-V on windows 10 or a dedicated Hyper-V Server build and admin it all from windows with core Linux commands curtesy of ubuntu whom worked with MS to make this happen. ohhhh and not forgetting your beloved Docker whom worked closely with MS to integrate Docker into windows be it server or desktop, so tell me once again why I need to use Linux when everything it has to offer MS rules over.
Case Studies: Hyper-V server 2019 core install with Hyper-V enabled, now I installed windows Server 2019 as a VM and enabled the server role of containers, now I create a Hyper-V container running Nano server with IIS for my webserver and I create another container running MSSQL and another for active directory, you get the picture.
As this is a VM I can create checkpoints and backups with ease and makes changes without fear of losing data as it checked pointed and backed up using MS Backup so an SMB 3.0 NAS. There is no reason for me to ever touch a Linux OS however I’ve installed ubuntu as a container and LAMP even though I can use WAMP, and I installed webmin and WordPress even though I can use WordPress on windows, just to see the linux diffence and theres none.
Conclusion there is nothing to convince me to use Linux for anything however that’s my choice use what you like and be happy with it, I choose MS as they offer me to use my own hardware, Hybrid or full cloud all protected behind Host Guardian Services but I’ll save that MS only full system core security for another time.
Peace and enjoy whatever OS you use
P.S. now it time to install exchange server to compliment my outlook.com just for the hell of it.
I noticed a problem with one of your commands.
You wrote: msiexec /i C:\ PowerShell-6.1.0-preview.1-win-x64.msi
It should be: msiexec /i C:\PowerShell-6.1.0-preview.1-win-x64.msi
There shouldn't be a space after C:\ That prevents this from working properly.
Really hope Windows Server 2019 core can help address powershell core issue quick.
Cheers