Windows Server 2008 Core Admin Commands
Server Core Administration “Bible Commands”
Below is a correlation of commands for administering and configuring Server Core platforms. This has been pieced together over a period of time. Some commands will show real world examples, others are self explanatory. This guide will be an ongoing developing process.
Note:If your not ready for all these server core commands take a look at the product "Portlock SMART Suite for Windows", which provides a GUI for server core platforms and accomplishes many of these tasks.
What you will find (click on learn more below):
• Networking Commands
• Windows Firewall Commands
• Server Role Commands
• Administration Commands
• Windows Update Commands
Networking Commands
Show NICs
netsh interface ipv4 show interfaces
Show NIC Configuration
netsh interface ipv4 show config
Configure Static IP
netsh interface ipv4 set address name=”2” source=static address=xxx.xxx.xxx.xxx mask=xxx.xxx.xxx.xxx gateway xxx.xxx.xxx.xxx
Example: netsh interface ipv4 address name=”local area connection 2” address=192.168.1.231 mask=255.255.255.0 gateway=192.168.1.1
Add Primary DNS
netsh interface ipv4 add dnsserver name=”2” address=xxx.xxx.xxx.xxx index=1
Add Secondary DNS
netsh interface ipv4 add dnsserver name=”2” address=xxx.xxx.xxx.xxx index=2
Rename server
netdom renamecomputer oldname /NewName:newname
Example: netdom renamecomputer %computername% /NewName:server2003
Rename Domain Joined Computer
netdom renamecomputer %computername% /NewName:
Example: netdom renamecomputer %comtpuername% /NewName:HPDL380-
New /userd:test.local\john.doe /F5ght81rP:*
Add to Domain
netdom join servername /domain:domainname /userd:domain\username
/password:*
Example: netdom join dell2950-srv4 /domain:workgroup /userd:local.host\john.doe /F5ght81rP:*
Remove from domain:
netdom remove
Example: netdom remove /host.local
Confirm Domain/Computer name
Set
(Also see): systeminfo
Rename a Domain Member:
netdom renamecomputer %computername% /NewName: /userd: /password:*
Disable Interface
netsh interface set interface “Local Area Connection 2” disabled
Delete DNS entries
netsh interface delete dnsserver name=”2” address=all
Example: netsh interface delete dnsserver name=”dell2950-srv1” address=all
All TCP/IP commands available including the following:
IPConfig
ARP
Ping
PathPing
TraceRT
Route
NSLookup
NetStat
NBTStat
Windows Firewall Commands
Note: Once Windows Server Core has been installed, the firewall settings will be enabled by default
Disable firewall:
netsh firewall set opmode disable
Note: Server Core can be managed by using MMCs from a remote server. However with the firewall being on by default you will have to allow these tools to work remotely.
MMC Snap-in - Event Viewer
Windows Firewall Rule Group - Remote Event Log Management
MMC Snap-in - Services
Windows Firewall Rule Group - Remote Services Management MMC Snap-in - Shared Folders
Windows Firewall Rule Group - File and Printer Sharing
MMC Snap-in - Task Scheduler
Windows Firewall Rule Group - Remote Scheduled Tasks Management
MMC Snap-in - Reliability and Performance
Windows Firewall Rule Group - Performance Logs and Alerts
Windows Firewall Rule Group - File and Printer Sharing
MMC Snap-in - Disk Management
Windows Firewall Rule Group - Remote Volume Management
MMC Snap-in - Windows Firewall with Advanced Security
Windows Firewall Rule Group - Windows Firewall Remote Management
To enable all of these rules follow use this command:
Netsh advfirewall firewall set rule group=“remote administration” new enable=yes
To enable specific commands follow this format:
Netsh advfirewall firewall set rule group=“” new enable=yes
Server Roles
The ocsetup.exe is used to install roles and features. (OC stands for optional components)
Note: This command is case sensitive
The following server roles may be installed with Windows Server 2008 Core:
• Active Directory Domain Services (AD DS) and AD Lightweight Directory Services (AD LDS)
• DNS Server
• Internet Information Services (IIS) (No ASP.NET support)
• DHCP Server
• File Services
• Print Services
• Streaming Media Services
• Hyper V
Discover available server roles:
Oclist
DNS
start /w ocsetup DNS-Server-Core-Role
DHCP
start /w ocsetup DHCPServerCore
File Services (Server service is installed by default) but there are other role features
File Replication Service
start /w ocsetup FRS-Infrastructure
Distributed File System
start /w ocsetup DFSN-Server
Distributed File System Replication
start /w ocsetup DFSR-Infrastructure-ServerEdition
Services for Network File System (NFS)
start /w ocsetup ServerForNFS-Base
start /w ocsetup ClientForNFS-Base
Hyper V
start /w ocsetup Microsoft-Hyper-V
Print Server feature
start /w ocsetup Printing-ServerCore-Role
Line Printer Daemon (LPD) service
start /w ocsetup Printing-LPDPrintService
Note: Adding or removing the Active Directory role with OCSetup.exe is not supported. Always use DCPromo to install or uninstall Active Directory
Active Directory Lightweight Directory Services
start /w ocsetup DirectoryServices-ADAM-ServerCore
Active Directory Domain Services
dcpromo /unattend:
Streaming Media Services
Follow directions found in Article ID 934518
IIS
start /w pkgmgr /iu:IIS-WebServerRole;WAS-WindowsActivationService;WAS-ProcessModel
To uninstall IIS use the following command
start /w pkgmgr /uu:IIS-WebServerRole;WAS-WindowsActivationService;WAS-ProcessModel
Microsoft Failover Clustering
start /w ocsetup FailoverCluster-Core
Network Load Balancing
start /w ocsetup NetworkLoadBalancingHeadlessServer
Subsystem for UNIX-based applications
start /w ocsetup SUACore
Multipath IO
start /w ocsetup MultipathIo
Removable Storage
start /w ocsetup Microsoft-Windows-RemovableStorageManagementCore
Bitlocker Drive Encryption
start /w ocsetup BitLocker
Backup
start /w ocsetup WindowsServerBackup
Simple Network Management Protocol (SNMP)
start /w ocsetup SNMP-SC
Windows Internet Name Service (WINS)
start /w ocsetup WINS-SC
Telnet client
start /w ocsetup TelnetClient
NOTE: If you need to un-install a Role that you installed with ocsetup all you need to do is to use the commands above with /uninstall.
To uninstall a server role:
Start /w ocsetup
Example: start /w ocsetup Microsoft-Hyper-V /uninstall
Admin Configuration
Activate the Server
(Local Method )
C:\widows\system32\cscript slmgr.vbs –ato
(Remote method)
Cscript windows\system32\slmgr.vbsServerName UserName password:-ato
Enable Remote Desktop for Administration
C:\windows\system32\cscript scregedit.wsf /AR 0
Restart server
shutdown /r t 0
shutdown /r
Log off
logoff
Logged on user
whoami
Start Task Manager
taskmgr
Rename Administrator:
wmic UserAccount where Name="Administrator" call Rename Name="new-name"
Add User to a Local Group
net localgroup GroupName /add \
Remove User from a Local Group
net localgroup GroupName /delete \
Update User Passwords:
Net user [/domain] *
Net user administrator *
Toggle Remote Desktop on and off:
Cscript \windows\system32\scregedit.wsf /ar 0
Enable reduced security for RDP connections:
Cscript \windows\system32\scregedit.wsf /cs 0
Rename a Stand-Alone Member:
netdom renamecomputer /NewName:
Configure the Page File:
wmic pagefileset where name=”” set InitialSize=,MaximumSize=
Configure a Proxy Server: (Server Core cannot use a proxy that requires a proxy)
netsh Winhttp set proxy :
List Running Services:
sc query
Start and/or Stop a Service:
sc start
sc stop
Manage Disk Volumes:
Diskpart /?
Example: (format disk)
Diskpart
List disk
Select disk 1
Clean
Create partition primary
Active
Format fs=ntfs
Assign
exit
Defrag a Volume:
defrag /?
Example: defrag –c
(defrags all volumes on computer):
Change Time and Time Zone:
control timedate.cpl
Change the Desktop Resolution: (requires you to log off and back on)
Regedit - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video
\0000\DefaultSettings.XResolution
\0000\DefaultSettings.YResolution
Display the Time in the Command Prompt:
prompt [$t]$s$p$g
Note: to remove time log off and log back in
Enable error reporting
serverWerOptin /detailed
serverWerOptin /summary
Disable Error Reporting
serverWerOptin /disable
Windows Updates
Note: Windows updates config commands should be performed from c:\windows\system32
List of installed patches:
wmic qfe list
Install Updates:
wusa .msu /quiet
Force Update check
Wuauclt /detectnow
List installed updates:
systeminfo
Configure for AutoUpdates:
cscript scregedit.wsf /AU /4
Example: Cscript c:\windows\system32\scregedit.wsf /au 4
Net stop wuauserv
Net start wuauserv
Disable AutoUpdates:
cscript scregedit.wsf /AU /1
View AutoUpdate Setting:
cscript scregedit.wsf /AU /v
Posted by Matt at 10:45 AM
Posts
0 comments:
Post a Comment