home




Server 2008 Tips & Tricks, Guides and Implementation

This section provides tips & tricks, guidance and steps involved in setup, configuration and management of Server 2008, Server Core and Hyper-V!

These guides, command lines and instructions are intended to help IT Administrators implement Server 2008, Vista and Server 2008 R2 into their networks.

Is anything missing? Do you have any information to share? What do you think about this section? Please contact Guru Guy and let him know!

Server Core 2008 Tips, Tricks & Commands via command line

Server & Device Management
Networking Setup & Management
Remote Management 
Data Backup & Security


Server & Device Management
  • To set the administrative password:
            Net user administrator *
  • To activate the server
    Note: If activation is successful, no message will return in the command prompt.
            slmgr.vbs -ato
  • To get a detailed listing of  devices and the driver versions, type:
            driverquery /v >systemdevices.txt
  • To discover the available server roles (and currently installed roles):
            oclist
  • Adding a user (local or domain member) to the local Administrators group:
            net localgroup Administrators /add [domain]\[username]
  • Removing a user from the local Administrators group
            Net localgroup Administrators /delete [domain]\[username]
  • To add hardware to a server running a Server Core installation
    • Copy the driver files to a temporary folder on the server running a Server Core installation.
    • Then, run the following command:
      pnputil -i -a %homedrive%\<driver folder>\<driver>.inf
  • Event logs
    • List:
      Wevtutil el
    • Query events in a specified log:
      Wevtutil qe /f:text [log name]
    • Export:
      Wevtutil epl [log name]
    • Clear:
      Wevtutil cl [log name]
  • Running services:
            Sc query
  • Start Services:
            Sc start [service name]
  • Stop Services
            Sc stop [service name]
  • To obtain a list of drivers that are installed:
            sc query type= driver
  • Determining a file’s version:
            wmic datafile where name="d:\\windows\\system32\\ntdll.dll" get version
  • List of installed patches:
            wmic qfe list
  • Installing a patch:
            Wusa.exe <patchname>.msu /quiet
    Note: When installing Windows Installer packages on a server running a Server Core installation, use the /qb option to display the basic user interface.
  • Manually installing a management tool or agent:
            Msiexec.exe /i <msipackage>
  • Uninstall msi applications:
            Wmic product get name /value
            Wmic product where name=”<name>” call uninstall
  • Enable error reporting:
        a. To verify the current setting, type:
             serverWerOptin /query
        b. To automatically send detailed reports, type:
             serverWerOptin /detailed
        c. To automatically send summary reports, type:
             serverWerOptin /summary
        d. To disable error reporting, type:
             serverWerOptin /disable


Networking Setup & Management
  • To set a static IP address
    • First, obtain the network adapter's (to which you are setting the IP address to) IDx number:
      netsh interface ipv4 show interfaces
    • Then, set the IP Address, Subnet & Gateway Information:
      netsh interface ipv4 set address name="<ID>" source=static address=<StaticIP> mask=<SubnetMask> gateway=<DefaultGateway>
    • Finally, provide the DNS information:
      netsh interface ipv4 add dnsserver name="<ID>" address=<DNSIP>index=1
  • To set an IP Address type to DHCP:   
            netsh interface ipv4 set address name="<ID>" source=dhcp
  • To list all the network interfaces:
            Netsh interface ipv4 show interfaces
  • Changing the server name:
    Determine the current server name by typing:
            hostname
         Then type:
         Netdom renamecomputer [currentcomputername] /NewName:[newcomputername]
  • Changing workgroups:
    Wmic computersystem where name=”<computer name>” call  joindomainorworkgroup name=”<new workgroup name>”
  • Determining the computer name, any of the following:
        Set c
        Ipconfig /all
        Systeminfo
        hostname
  • Rename the Server Core computer:
         Domain joined:
                 Netdom renamecomputer %computername% /NewName:new-name /UserD:domain-username /PasswordD:*
  • Joining your server to the domain:
            Netdom join [computername] /domain:[DomainName] /userd:[UserName] /password:*
  • Remove your server from the domain:
            Netdom remove
  • In a domain environment, you can sync the time with the PDC:
            W32tm /config /update /syncfromflags:DOMHIER
    To force sync:
            W32tm /resync /nowait
  • To change the time zone:
            control timedate.cpl
  • To change international settings:
            control intl.cpl


Remote Management of Server Core 2008
  • To manage a Server Core installation by using terminal services, on the Server Core computer type:
            cscript C:\Windows\System32\ Scregedit.wsf /ar 0
    Note: If you are running the Terminal Services client on a previous version of Windows, you must turn off the higher security level that is set by default in Windows Server 2008.
    To do this, after step 1, type the following:
            cscript C:\Windows\System32\Scregedit.wsf /cs 0
  • To run the Server Core command windows (cmd.exe) in a window on your Vista or remote Server computer, do the following:
        a. Start MMC and add the Terminal Services Remote Programs snap-in,           and then connect it to the Server Core server.
        b. In the Action pane of the snap-in, click Add Remote Programs and               then navigate to \\<ServerName>\c$\windows\system32\cmd.exe 
        c. In the Allow list, select Remote cmd.exe, and then select Create RDP           package.
     You can then use the RDP package to connect to the Server Core server and use its command prompt from your own computer!
  • To get a listing of remote devices and driver listing:
    driverquery /v /s SERVERNAME /u Administrator /p password
  • Remotely activate Windows from a Vista/Server computer: 
            cscript windows\system32\slmgr.vbs <ServerName> <UserName>        <password>:-ato
  • For the remote management of Bitlocker:
    On the Server Core computer, type:
            start /w ocsetup BitLocker-RemoteAdminTool
    On the remote computer, install the BitLocker Management tool:
            ServerManagerCmd -install RSAT-BitLocker
  • To enable access to the Server Core Device Manager on a remote computer:
    First enable the “Allow remote access to the PnP interface” policy
    • On a Windows Vista or full Server installation, start the Group Policy Object MMC snap-in
    • Connect to the Server Core installation
    • Navigate to Computer Configuration\Administrative           Templates\Device Installation
    • Enable “Allow remote access to the PnP interface”
    • Restart the Server Core installation
      • For Disk Management access
        Start the Virtual Disk Service (VDS) on the Server Core installation
        net start VDS
        Enable Disk Volume Remote Administration through the firewall:
        Netsh advfirewall firewall set rule group=“Remote Volume Management” new enable=yes
      • IPSec Mgmt
        On the Server Core installation you must first enable remote management of IPSec:
        Cscript \windows\system32\scregedit.wsf /im 1

Just like on a full server installation, the firewall is on by default in a
Server Core installation and most inbound traffic is blocked at the end of setup.
There are then three scenarios for remote management via MMC:
1. Server Roles – when a server role is installed, the appropriate ports are opened to allow the role to function as well as to allow remote management, so no additional configuration is required. Using the Remote Server Administration Tools (RSAT) feature on a full server installation, you can install just the MMC snap-ins for a role and use them to remotely manage the role on Server Core.

2. Domain joined – Once domain joined, the firewall profile is changed to the domain profile which allows remote management. Again, no additional configuration is required.

3. Workgroup server – This is the scenario in which you may need to make firewall configuration changes to allow remote management. If you just want all remote management to work you can use:
          Netsh advfirewall firewall set rule group=“remote administration” new enable=yes
  • You can simply enable the Remote Administration firewall rules to allow any individual MMC to connect (if you haven't opened up all management tools via above command):
    Netsh advfirewall firewall set rule group=“<rule group>” new enable=yes

    Rule Groups:
    MMC Snap-in                             Rule Group
    Event Viewer                              Remote Event Log Management
    Services                                    Remote Service Management
    Shared Folders                           File and Printer Sharing
    Task Scheduler                           Remote Scheduled Tasks Management
    Reliability and Performance          “Performance Logs and Alerts” and
                                                    “File and Printer Sharing”
    Disk Management                       Remote Volume Management
    Windows Firewall with Adv Sec       Windows Firewall Remote Management
  • To enable the Remote Server Administration Tools (RSAT) on the Client Vista SP1 Machine, run an elevated CMD prompt and type:
    • netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
      Netsh firewall add allowedprogram program=%windir%\system32\mmc.exe name=”Microsoft Management Console”
    • On the start menu box type dcomcnfg and hit enter;
    • Expand the tree down through Component Services\Computers\My Computer, select My Computer, right-click, choose properties and select the COM Security tab.
    • Click Edit Limits in the Access Permissions area Select “ANONYMOUS LOGON” from the list of users, and make sure Remote Access/Allow is checked.




Data Backup & Security
  • Configure Windows Server Core Automatic Updates
        a. To verify the current setting, type:
           cscript scregedit.wsf /AU /v
        b. To enable automatic updates, type:
           cscript scregedit.wsf /AU 4
        c. To disable automatic updates, type:
           cscript scregedit.wsf /AU 1
  • To install the Bitlocker feature via command line:
            ServerManagerCmd -install BitLocker -restart
  • To install BitLocker, type the following at a command prompt:
    Note: Before you can encrypt your drive using BitLocker, you need to have two separate volumes.*
            start /w ocsetup BitLocker
  • There is a script included for managing Bitlocker:
            "Cscript \Windows\System32\manage-bde.wsf /?"
  • Windows Server Backup - Save system state data:
            "wbadmin start systemstatebackup -backuptarget d:"

Related Articles:


Like what you've read? Was this of help? Contact Guru Guy to let him have your feedback!

Now why not visit Guru Guy's Vintage Computer Webshop to grab classic Vintage Computer Server Software!
 
  Copyright © Guru Guy 2009. All Rights Reserved. SITEMAP | DISCLAIMER