Posted Saturday, 26 April 2008 by Michael Khanin
On all Windows 2008 Editions, the firewall is on by default. This true in a Server Core as well. Many IT Pro loves a new Windows 2008 Server Core Edition, but friendly speaking manage it from a command line for many Administrators is not so easy. Yes, We can manage Windows 2008 Core remotely, but we need to configure Firewall on the Core box. There are then three scenarios for remote management via MMC:
|
|
Posted Friday, 25 April 2008 by Michael Khanin
By running Oclist on Windows 2008 Server Core we can get full information what Installed and what Not installed on server.
The full list is very long and not comfortable for reading. If you don’t want to include all of the many “Not Installed” options in the output of Oclist, run:
Oclist | find “ Installed”
|
|
Posted Friday, 25 April 2008 by Michael Khanin
One of the first software that I install on any OS under VMWARE is VMware Tools. The most important benefit is the VMware enhanced video and mouse drivers. On VMware ESX, VMWare tools must be installed to get the NIC working. The Installation process of VMware Tools on Windows 2008 Server Core edition is a bit tricky. As far as you remember, Server Core it is a command line only version of Windows Server 2008. VMWareTools is a GUI installation so this is not an option for Server Core. Today we have few workarounds :) ...
|
|
Posted Sunday, 20 April 2008 by Michael Khanin
The default management for Windows Server 2008 Core is the command line. Yes, the main powerful of Windows Server Core becomes available when using such an approach, but sometimes it's not so user friendly. This is why I've been asking so many times if exist anything more graphic :). Yes, one of the first recommendations to work and manage Windows 2008 Server Core is to use MMC from a remote machine, but MMC cannot do everything. Of course to allow work with remote tools this tool should be allowed passage through the firewall packages Server Core. In addition, this is for many more difficult than editing the registry. :) Therefore, I would like to have a simple graphical tool for configuring local system. The task of developing such an interface is complicated by that the Server Core has a limited set of graphics API, this is a reason why so beautiful MMC doesn't work on it.
So, if Microsoft has not established such utilities anybody else did this. Look at the utility CoreConfigurator developed by Guy Teverovsky, MVP from Israel.
This is what it can:
- Product Activation Product Activation
- Configuration of display resolution Configuration of display resolution
- Clock and time zone configuration Clock and time zone configuration
- Remote Desktop configuration Remote Desktop configuration
- Management of local user accounts (creation, deletion, group membership, passwords) Management of local user accounts (creation, deletion, group membership, passwords)
- Firewall configuration Firewall configuration
- WinRM configuration WinRM configuration
- IP configuration IP configuration
- Computer name and domain/workgroup membership Computer name and domain / workgroup membership
- Installation of Server Core features/roles Installation of Server Core features / roles
|
|
Posted Sunday, 20 April 2008 by Michael Khanin
I've just come back from Seattle where I have been on Global MVP Summit 2008.
Microsoft spoke about new technologies, about new products, about plans and visions.
I have been on many sessions, and I'd like to say what I see as of the highest importance.
If you are Network or Systems Administrator and dealing with Windows environment, you SHOULD start to learn and using PowerShell (if you already not doing so :)). An absolutely every new program / system from Microsoft supports PowerShell, I remember just one exception, Windows 2008 Core. We cannot install and use PowerShell on Windows 2008 Core box, but we can manage and control Windows 2008 Core by using PowerShell on other Windows 2008, Vista or even Windows XP machines.
I'll try to speak more about PowerShell and I'll show how PowerShell can serve us in our daily stuff. If you want to do any script and consider about doing it in PowerShell, VB or simple Batch file, I suggest to do it in PowerShell. I'll try to assist you as much as I could.
|
|
Posted Thursday, 17 April 2008 by Michael Khanin
At this time I have been in Seattle, on the MVP Summit 2008. Soon I’m going back to home. I had a lot of good sessions about Windows 2008, Exchanges, SharePoint, PowerShell and much more. The detailed report about new Microsoft staff I will write a bit later. It's not going to be a report with big details, a lot of information on this Summit is under NDA, but I'll try to publish as much as I can. So, keep checking for a new posts ;)
|
|
Posted Wednesday, 09 April 2008 by Michael Khanin
Time to time I get the need to have some temp files of varying sizes. In Linux environment it's not a problem to do. And, in Windows environment it's not a problem anymore :).
I've used a "dd for windows". "dd for windows" could be downloded from official web site. I've created a very simple script, mkef.bat. Here is a syntax for using mkef.bat:
mkef.bat <filename> <size>
And now the content of mkef.bat:
@echo off
if {%1}=={} @Echo Please use the following syntax: mkef.bat filename size &goto :EOF
if {%2}=={} @Echo Please use the following syntax: mkef.bat filename size &goto :EOF
dd if=/dev/zero of=%1 bs=1024 count=%2
|
|
Posted Monday, 07 April 2008 by Michael Khanin
Build 5511 from April 4, will most likely be the last beta build of SP3.This build has already been distributed to internal testers. If everything goes as expected by the end of next week, Microsoft will bring the RTM final build of SP3 for Microsoft Windows XP.
|
|
Posted Friday, 04 April 2008 by Michael Khanin
If you have a server, with Windows 2003, one day you can find your server disconnected from network :).
It's exactly what I get. Simple reboot and server lost network connectivity.
Event log full with system errors like:
Event iD: 12291, SAM failed to start the TCP/IP or SPX/IPX listening thread
Event iD: 4292, The IPSec driver has entered Block mode. IPSec will
discard all inbound and outbound TCP/IP network traffic that is not permitted
by boot-time IPSec Policy exemptions. User Action: To restore full unsecured
TCP/IP connectivity, disable the IPSec services, and then restart the
computer. For detailed troubleshooting information, review the events in the
Security event log.
Event iD: 7023, The IPSEC Services service terminated with the following
error: The endpoint mapper database entry could not be created.
When you check MS Knowledgbase for those errors you will find the following articles, the very popular are those:
http://support.microsoft.com/kb/930220
http://support.microsoft.com/kb/912023
http://support.microsoft.com/default.aspx?scid=kb;en-us;870910
BTW, apparently it's not caused by SP1. So, if you implemented all WORKAROUNDs mentioned in those articles, and server still disconnected from the network, try VERY simple solution :), changed RPC to start with localsystem instead of network service. Of course, remember to reboot your server :).
|
|
Posted Wednesday, 02 April 2008 by Michael Khanin
|
|
Posted Friday, 28 March 2008 by Michael Khanin
|
EPIC TECHNOLOGY DAY
|
|
Tuesday, April 8th, 2008 | Victoria Inn, Winnipeg
|
|
|
Times...............
|
Registration opens at 7:30 AM
Keynote Breakfast at 8:00 AM, with Chet Jacobs of HP
Vendor Showcase opens at 9:00 AM
Keynote Lunch at 12:00 PM, with Ross Chevalier of Novell
Regular Sessions run 9:00 AM to 4:00 PM
|
Don't forget to visit See Your Game
for a free swing analysis, just in time for golf season!
|
|
Place................
|
Please note our new venue:
Victoria Inn, 1808 Wellington Avenue
Winnipeg, MB (free parking available!)
|
|
Cost..................
|
No charge!
|
|
|
These topics and more will be covered!
Check out the current schedule for more information!
|
|
|
Redefining the ROI for the PC Environment
Hewlett-Packard
|
|
Endpoint Protection: Protect Against Data Loss and Unknown Security Threats
Symantec
|
|
How Costs Reduction and Green Strategies Conflict
Hewlett-Packard
|
|
Archiving, Compliance and Electronic Discovery Discussion
CommVault
|
|
BlackBerry is more than Email
Research In Motion
|
|
Under the Radar: Can Web Services Really Escape Network Operations and Security Staff and Their Policies Progress Software
|
|
|
To register, visit our website at www.epic.ca
under Upcoming Events!
|
|
Click here for the current schedule!
|
|
|
Posted Thursday, 27 March 2008 by Michael Khanin
Windows Server Core Characteristics:
- Minimal server installation for running specific server roles
- Reduces servicing, management and hardware requirements and attack surface
- No Windows/Internet Explorer
- No .NET Framework
- No Powershell
- No features or whatever depending on the features listed above this one like for example notifications and balloons
- Disk space required for a normal server: approx (min.) 7-8 GB
- Disk space required for a server core server: approx (min.) 2-3 GB
- Supported server roles (OCLIST.EXE): IIS (without ASP.NET), Print Server, Hyper-V, ADDS, ADLDS, DHCP Server, DNS, File Server (incl. NTFRS, DFS-R and DFS)
REMARK: available roles may depend on Server Edition (standard, enterprise, datacenter, web)
- Supported server features (OCLIST.EXE): Bitlocker, Clustering, NLB, Subsystem for UNIX apps, Windows Server Backup, Multipath IO, Removable Storage Management, SNMP, WINS
Install and Upgrade:
- Not possible to upgrade from whatever windows version to server core
- Manual install and after the server still needs to be configured (initial configuration tasks)
- Unattended install using a UNATTEND.XML file where it is possible to configure the "initial configuration tasks" and other settings (e.g. enabling TS, configuring screen resolution, enabling and configuring WinRM/WinRS) during unattended install.
- UNATTEND.XML file can be created with the "Windows System Image Manager"
- Boot using WinPE and execute SETUP /unattend:<path>\unattend.xml
OR
- Place UNATTEND.XML in a default location (e.g. floppy)
- Can be managed through
- Locally and remotely via the Command Prompt (tools and scripts)
- Remotely via Terminal Server --> admin mode must be enabled first!
- Remotely via Windows Remote Shell --> remote management must be enabled first!
- Remotely via MMC --> watch out for the firewall on the server which is enabled by default!
|
|
Posted Thursday, 27 March 2008 by Michael Khanin
Install this update to enable remote management of a Windows Server 2008 computer running the Hyper-V RC0 role.
Update for Windows Vista (KB949758)
Install this update to enable remote management of a Windows Server 2008 computer running the Hyper-V RC0 role
Update for Windows Vista x64 Edition (KB949758)
|
|
Posted Thursday, 27 March 2008 by Michael Khanin
Microsoft Remote Server Administration Tools (RSAT) enables IT administrators to remotely manage roles and features in Windows Server 2008 from a computer running Windows Vista SP1.
Microsoft Remote Server Administration Tools for Windows Vista for x64-based Systems
Microsoft Remote Server Administration Tools (RSAT) enables IT administrators to remotely manage roles and features in Windows Server 2008 from a computer running Windows Vista SP1.
Microsoft Remote Server Administration Tools for Windows Vista
|
|
|
