Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Managing Windows 2008 Server Core Local Settings

A Server Core installation provides a minimal environment for running specific server roles, which reduces the maintenance and management requirements and the attack surface for those server roles. A server running a Server Core installation supports the following server roles:

Active Directory Domain Services (AD DS)
Active Directory Lightweight Directory Services (AD LDS)
DHCP Server
DNS Server
File Services
Print Services
Streaming Media Services
Internet Information Services (IIS)
Windows Virtualization

In Windows Server 2008, Server Core installation does not include the traditional full graphical user interface (GUI). Therefore, once you have configured the server, you can only manage it locally at a command prompt, or remotely using a Terminal Server connection. A third management option is to manage the server remotely using the Microsoft Management Console (MMC) or command-line tools that support remote use.

A Server Core installation provides these benefits in three ways:

By reducing the software maintenance required (less updates, etc…)
By reducing the management required
By reducing the attack surface

To accomplish this, the Server Core installation option installs only the subset of the binary files that are required by the supported server roles. It takes about 1 GB of disk space and +/- 100 MB memory footprint (varies per server core role).

The following list is a compilation of some of the most useful commands allowing you to either locally or remotely manage a Server Core installation. You can use this as a quick reference guide, but as always, reading the full server help for a full guide.

Please make sure you also read the other articles listed in the “Related Articles” section below, for a more thorough list of Server Core tips and tricks.

To manage a server running a Server Core installation locally at a command prompt

Start a server running a Server Core installation.
Log on using an administrator account.
At the command prompt, use the appropriate command-line tool for the task you want to complete.

To add hardware to Windows Server 2008

If the driver for the hardware is included in Windows Server 2008, Plug and Play will start automatically and install the driver.
At a command prompt, open the folder where the driver files are located, and then run the following command:
```
pnputil -i -a 
```
Where: driverinf is the file name of the .inf file for the driver.
If prompted, restart the computer.

To add a user to the local Administrators group

At a command prompt, type:
```
net localgroup Administrators /add '
```

To remove a user from the local Administrators group

At a command prompt, type:

net localgroup Administrators /delete

To disable a device driver

At a command prompt, type:
```
sc delete 
```
Where: service_name is the name of the service that you obtain by running

To obtain a list of drivers that are installed on the server

At a command prompt, type:
```
sc query type= driver
```
Note: You must include the space after the equal sign for the command to complete successfully.

To manage event logs

To list event logs type:
```
wevtutil el
```
To query events in a specified log type:
```
wevtutil qe /f:text 
```
To export an event log type:
```
wevtutil epl 
```
To clear an event log type:
```
wevtutil cl 
```

To list the running services

At a command prompt, type one of the following:
```
sc query
```
or
```
net start
```

At a command prompt, type one of the following:
```
sc start 
```
or
```
net start 
```

To stop a service

At a command prompt, type one of the following:
```
sc stop 
```
or
```
net stop 
```

To forcibly stop a process

Use the tasklist command to retrieve the process ID (PID).
At a command prompt, type:
```
taskkill /PID 
```

To configure the firewall

Use the netsh advfirewall command. For example, to enable remote management from any MMC snap-in, type the following:
```
netsh advfirewall firewall set rule group="Remote Administration" new enable=yes
```
Note: You can also use the Windows Firewall snap-in from a Windows Vista or Windows Server 2008 computer to remotely manage the firewall on a server running a Server Core installation. To do this, you must first enable remote management of the firewall by running the following command on the computer running a Server Core installation:
```
netsh advfirewall set currentprofile settings remotemanagement enable
```

Configure the paging file

At a command prompt type:
```
wmic pagefileset where name=”” set InitialSize=,MaximumSize=
```
Where:
- path/filename – is the path to and name of the paging file
- initialsize – is the starting size of the paging file in bytes.
- maxsize – is the maximum size of the page file in bytes.

To install an optional feature

At a command prompt, type:
```
start /w ocsetup 
```
Note: Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed. Where featurename is the name of a feature from the following list:
- Failover Clustering: FailoverCluster-Core
- Network Load Balancing: NetworkLoadBalancingHeadlessServer
- Subsystem for UNIX-based applications: SUACore
- Multipath IO: MultipathIo
- Removable Storage: Microsoft-Windows-RemovableStorageManagementCore
- Bitlocker Drive Encryption: BitLocker
Note: To install the remote administration tool for BitLocker, type the following at a command prompt:
```
start /w ocsetup BitLocker-RemoteAdminTool
```
- Backup: WindowsServerBackup
- Simple Network Management Protocol (SNMP): SNMP-SC
- Windows Internet Name Service (WINS): WINS-SC
- Telnet client: TelnetClient
Note: To remove an optional feature, use start /w ocsetup with the appropriate role name and the /uninstall switch.

To reboot the server

You can reboot the server by typing the following at a command prompt:
```
shutdown /r /t 0
```

To change the name of the server

Determine the current name of the server with the hostname or ipconfig /all commands.
At a command prompt, type:
```
netdom renamecomputer  /NewName:
```
Note: You can obtain the name of the server by running the hostname or ipconfig /all commands.
Restart the computer.

To change the name of a domain-joined server

At a command prompt, type:

netdom renamecomputer %computername% /NewName: /userd: /password:*

To set the administrative password

At a command prompt, type the following:
```
net user administrator *
```
When prompted to enter the password, type the new password for the administrator user account and press ENTER.
When prompted, retype the password and press ENTER.

Summary

In Windows Server 2008, Server Core installations are used to offer a slim, well-tuned and secure method of running specific roles. These servers need to be properly configured. This article, and the other articles in this series, will show you how to do that.