Technical Case Study

Published: April 10, 2008

The Server Core installation option, new in Windows Server 2008, is minimal: It does not include a full graphical user interface (GUI) or various additional functionality that is not required for supported server roles and features. For example, it does not include Windows® Explorer and Windows Internet Explorer®. This minimal nature enables easier installation and configuration management, and it reduces the attack surface of the operating system. An administrator can manage a Server Core installation of Windows Server 2008 locally from the command-line interface, or remotely by using management tools, such as the Microsoft® Management Console (MMC).

The Microsoft enterprise is large, complex, and constantly changing. The primary mission of the Microsoft IT group is to manage a world-class utility that keeps the business productive and to act as the first and best customer of Microsoft. This mission involves testing all enterprise software in the early stages of beta development by deploying it throughout the company in a full production capacity. This testing has the benefit of providing the feedback that only a real-world corporate environment can achieve, in addition to providing urgency for the development of stable, reliable, and capable products. The following data gives an overview of the environment in which this all occurs (numbers are approximate):

• More than 90,000 users
• Approximately 11,000 production and pre-production servers
• More than 400,000 unique computers and networked devices
• More than 400 sites supported worldwide
• Global line-of-business (LOB) applications (for example, Siebel, Clarify, MS Sales, and World-Wide Sales and Marketing Database)
• Global virtual Helpdesk
• More than 7.5 million remote connections per month

This document shares the experiences of Microsoft IT in the deployment of the Server Core installation option of Windows Server 2008 at Microsoft. The information in this document should provide meaningful guidance to IT directors, solution architects, and technical decision makers who want to deploy and manage a Server Core installation in both small and large environments.

This document assumes that readers are familiar with Windows Server technologies, Windows Server deployment and administration, and the Active Directory® directory service.

Benefits

Microsoft IT received the following benefits from deploying a Server Core installation of Windows Server 2008.

Reduced Management and Maintenance

With the Server Core installation option, Microsoft IT administrators can now install a minimal Windows Server 2008 operating system environment. Because fewer features and services are installed on a server running a Server Core installation, there is less to manage. This ability allows for a more robust and dependable server configuration.

Because a Server Core installation does not include a GUI, Microsoft IT administrators must initially configure the system by using the tools in the Windows Automated Installation Kit (AIK), by using unattended installation answer files, or by using command-line tools and scripts.

An administrator can also manage the Server Core installation remotely by using the MMC snap-ins and tools from another computer running Windows Server 2008 by selecting the computer running the Server Core installation as a remote computer.

Servers running a Server Core installation support development of management tools and agents, which can be divided into two categories:

• Remote management tools. These tools do not require any changes, as long as they use one of the protocols supported in Server Core installations to communicate with the remote management workstation, such as remote procedure call (RPC).
• Local management tools and agents. These tools may require changes to work with Server Core installations because they cannot have any shell or user interface dependencies, and they cannot use managed code.

Reduced Attack Surface

A Server Core installation includes only the minimal number of services and features that need to run on the server. This reduces the attack surface that is exposed to security threats and reduces the chance of configuration errors.

Having a reduced number of services also means that the operating system needs a minimum number of software updates to keep the server up to date. Approximately 60 percent of the server updates that were recommended for Windows 2000 Server are for functionality that is not part of a Server Core installation. Microsoft IT can therefore provide for a higher degree of availability and reduce server downtime to remain security compliant.

Streamlined Installation

Because of the reduced installation footprint in a Server Core installation, only the minimum number of files is necessary for the specific server roles.

In addition, the Server Core installation option delivers more control and flexibility by enabling Microsoft IT to deploy servers with only the features needed at each location. With fewer services and features installed and running, the servers are less vulnerable to attack. The streamlined server installation also requires less maintenance.

Maximized Hardware Utilization

Windows Server 2008 includes Hyper-V™ virtualization technology, which will help Microsoft IT reduce the cost of installing multiple operating systems. Hyper-V running on a Server Core installation provides a stable virtualization platform that enables Microsoft IT to host multiple operating systems on a single server.

This server virtualization technology enables Microsoft IT to maximize hardware utilization by providing the following advantages:

• Helps Microsoft IT reduce the total amount of required hardware and reduce server management costs
• Enables Microsoft IT to create a flexible test environment to test various deployment and management scenarios
• Improves server availability by eliminating the need for additional physical computers
• Enables Microsoft IT to increase or reduce server resources in response to changes in demand

Support of IT Management Strategy

A Server Core installation supports Microsoft IT's vision of a standardized environment by improving the total cost of ownership (TCO) in addition to improving the delivery of services to the group's customer base. This reduction in cost is due to a Server Core installation's reduced software update requirement and its ability to provide for easier installation and easier configuration management.

Improved Failover Clustering

Microsoft IT took advantage of the improved failover clustering feature in Windows Server 2008—available in a Server Core installation—to help build redundancy and fault tolerance for services that require it. The improvements to failover clusters (formerly known as server clusters or Microsoft Cluster Server) in Windows Server 2008 simplify cluster creation and management; they make possible the use of clustering to enable greater availability without an arduous amount of additional investment or expertise.

Decision-Making Process

Microsoft IT decided to deploy a Server Core installation when it needed to dedicate a server solely to the roles and features that a Server Core installation supports. For example, Microsoft IT deployed a Server Core installation when it required a dedicated server to provide one or more of the following:

• Active Directory Domain Services (AD DS)
• Active Directory Lightweight Directory Services (AD LDS)
• Dynamic Host Configuration Protocol (DHCP) Server service
• Domain Name System (DNS) Server service
• File services
• Print services
• Windows Media® Services
• Internet Information Services (IIS)
• Hyper-V (Windows Server virtualization)

Some of these scenarios involved moving services that were running on existing computers running Windows Server 2003 onto computers running a Server Core installation of Windows Server 2008. Some of these scenarios required new hardware. Microsoft anticipated this work as part of the Windows Server 2008 deployment schedule.

The administrators who were responsible for one of the roles or services within Microsoft IT decided whether to deploy a Server Core installation of Windows Server 2008 or a full installation of Windows Server 2008. However, they regularly consulted various platform teams within Microsoft IT for advice. Individuals who represented the various teams within Microsoft IT eventually agreed to these decisions.

These teams developed shared goals to make sure that the product was tested correctly prior to release. This effort involved using deployment methods that met the expectations of the Microsoft IT group and the eventual customer. These methods enabled Microsoft IT to gain a wealth of experience prior to moving the rest of the environment to Windows Server 2008 when the time was right.

Deployment

Microsoft IT decided not to perform an in-place upgrade from Windows Server 2003. More specifically, the team required a clean installation for the cases in which it moved a service or role from a computer running Windows Server 2003 to a Server Core installation of Windows Server 2008.

Because Windows Server 2008 was still in the beta phase, Microsoft IT built staged images of the Server Core installation by using the Windows AIK, and then created unattend.xml files that automated most of the installation. Microsoft IT administrators performed some of the installation tasks, including selecting the installation option (Server Core or full) and selecting the target disk partition. After the automated installation finished, the Microsoft IT administrator completed the installation and configured the required services.

The Microsoft IT administrator responsible for the initial configuration of the Server Core installation was also responsible for naming the computer, joining the domain, and conducting the network configuration tasks. After the Microsoft IT administrator completed these tasks, the automated installation process loaded the base platform software, such as the startup configuration information, debug options, OEM hardware support drivers and agents, antivirus software, and management agents.

Remote Management

Windows Server 2008 provides many enhancements that offer improved remote management for the Microsoft IT administrators that manage servers from remote locations. However, because the Server Core installation in the Microsoft IT environment was partially automated, fully provisioning the server still required administrator intervention. In this case, the Microsoft IT administrator had to configure the base image for the Server Core installation so that it was remotely manageable before the server running the Server Core installation was fully functional. This involved the following tasks:

• Configuring Windows Firewall to allow remote management
• Using a remote management tool to manage the computer running the Server Core installation

Configuring the Firewall

By default, Windows Firewall is on after the initial Server Core installation is completed and inbound connections are blocked. This default setting prevents anyone from remotely accessing the computer running the Server Core installation before it is fully configured.

To configure the firewall to allow remote access to the computer running the Server Core installation, the Microsoft IT administrator ran the following command from the command prompt:

Netsh advfirewall firewall set rule group=“remote administration” new enable=yes

Although this command allows full remote access, Microsoft IT administrators configured the firewall to allow only certain MMC snap-ins to remotely manage the computer running the Server Core installation. To allow specific MMC snap-ins to remotely connect to the server running the Server Core installation, the Microsoft IT administrators configured the firewall to allow the related rule group. To use the Windows Firewall MMC snap-in from a computer running Windows Vista® or Windows Server 2008 to remotely manage the firewall on a server running a Server Core installation, the Microsoft IT administrators first enabled remote management of the firewall by running the following command on the computer running a Server Core installation:

netsh advfirewall set currentprofile settings remotemanagement enable

The following table displays the MMC snap-in and the related rule group.

Table 1. MMC Snap-ins for Remote Management

Using a Remote Management Tool

After Microsoft IT administrators configured the firewall on the computer running a Server Core installation to allow remote access, they used the following remote management tools to connect and provision the computer:

• Windows PowerShell™ command-line interface. Although Windows PowerShell depends on the Microsoft .NET Framework and therefore does not run on a Server Core installation, the Microsoft IT administrators can use the Windows PowerShell command-line interface from another Windows-based computer to remotely run Windows Management Instrumentation (WMI) commands against the computer running a Server Core installation. This helps Microsoft IT to automate common management tasks and perform other system administration tasks.
• Windows Remote Management. Windows Remote Management provides an efficient, low-bandwidth method to easily manage servers in remote locations. Windows Remote Management is the Microsoft implementation of the WS-Management protocol, a standard Web-enabled protocol that enables hardware and operating systems to interoperate. Microsoft IT administrators can use Windows Remote Management scripting objects, the Windows Remote Management command-line tool, or the Windows Remote Shell command-line tool to obtain information from remote computers.
• Terminal Services. Microsoft IT administrators can use a Terminal Services Remote Desktop connection from a remote computer to manage and administer the computer running the Server Core installation.
• MMC snap-in. Microsoft IT administrators can use an MMC snap-in to manage a computer running the Server Core installation. By using an MMC snap-in, the administrators can manage the computer in the same way that they would manage any computer running Windows.

Configuration of Roles and Features in a Server Core Installation

After the automated installation process finished, the physical computer running the Server Core installation was assigned to the Microsoft IT administrator who was responsible for the hosted service to provision the specific service.

To configure the computer running the Server Core installation, the Microsoft IT administrator used the following commands to view and install the various roles and features:

• OCList. The OCList command lists the server roles and optional features that are available for use with Ocsetup.exe. It also lists the server roles and optional features that are currently installed.
• OCSetup. The OCSetup command replaces Sysocmgr.exe, which is included in the Windows XP and Windows Server 2003 operating systems. All server roles in the Server Core installation can be installed via OCsetup.exe, with the exception of the Active Directory Domain Controller role, which is installed via dcpromo with an unattend file.

Configuring the Roles

To configure the computer running the Server Core installation to host the specific server role, the Microsoft IT administrator used the following the command and syntax either locally or remotely (where serverrole-name is the name of the role):

start /w ocsetup serverrole-name

The following table displays the command used to start each role.

Table 2. Roles and Commands

Configuring the Features

After the Microsoft IT administrator completed the Server Core installation and configured the server, he or she installed one or more of the optional features:

• Failover clustering
• Network Load Balancing
• Subsystem for UNIX-based applications
• Multipath I/O
• Removable Storage
• Print services
• Windows BitLocker™ Drive Encryption
• Windows Server Backup
• Simple Network Management Protocol (SNMP)
• Windows Internet Name Service (WINS)
• Telnet client

Installing a specific feature required the following syntax (where feature-name is the name of the feature:

start /w ocsetup feature-name

The following table displays the command that the administrator used to install each feature.

Table 3. Features and Commands

Patch Management

Microsoft IT uses Microsoft Systems Management Server (SMS) 2003 and Microsoft System Center Configuration Manager 2007 for assessing, identifying, planning, and deploying updates to the Server Core installation. Microsoft IT also uses SMS and Configuration Manager as enterprise management tools for configuration and change management of Windows operating systems.

SMS and Configuration Manager use the Inventory Tool for Microsoft Updates (ITMU) to determine the update compliance of all managed computers. The ITMU tool provides integration with updates that Windows Update and Microsoft Update offer. As part of the regular maintenance program, SMS and Configuration Manager use scheduled maintenance windows to deploy any required software updates to the computers running the Server Core installation. If the computer running the Server Core installation is not in compliance, the required software updates are automatically installed during the next scheduled maintenance window. Microsoft IT needs this automated process because security is extremely important in the Microsoft IT environment.

For computers running a Server Core installation that are not managed by SMS or Configuration Manager, Microsoft IT manually configures them to use Automatic Updates. In the Microsoft IT environment, the administrator configures Automatic Updates by running commands at the command prompt on the computer running the Server Core installation (as shown in the following table). The administrator can perform this configuration locally or remotely.

Table 4. Commands for Configuring Automatic Updates

Failover Clustering

By using Windows Server 2008, Microsoft IT can more readily support an effective disaster-mitigation strategy that will help improve application availability. Because the cluster failover operation is automated, the availability of business-critical systems no longer depends on human intervention.

Server Virtualization

Hyper-V server virtualization technology is available as a role in a Server Core installation. This role can provide higher uptime, less maintenance, and the ability to host more virtual machines for each virtual server. An organization can attain the higher uptime and lower maintenance levels because of the fewer security updates and software updates that might apply to a Server Core installation. Microsoft IT also takes advantage of the micro-kernelized hypervisor architecture in Hyper-V to tightly control the resources that are available to each virtual machine. For example, virtual machines are isolated in a way that gives them very limited exposure to other virtual machines and greater security from external attacks.

Server virtualization provides increased security for all server platforms. Features that Hyper-V uses to enhance security include the following:

• Enabling virtual machines to take advantage of hardware-level security features, such as Data Execute Prevention (DEP), to help prevent execution of the most prevalent viruses and worms. These features are available in newer server hardware.
• Providing strong role-based security to help prevent exposure of security-enhanced virtual machines through shared servers.
• Integrating network security features that enable automatic network address translation (NAT), firewall, and Network Access Protection (quarantine).
• Reducing the attack surface through a streamlined, lightweight architecture.

All of Microsoft IT's Hyper-V production and pre-production hosts are scheduled to run on a Server Core installation. This is because the more secure and available the virtualization host or parent partition is, the more stable and secure the virtual machines are. Also, because a Server Core installation uses fewer resources than other operating systems, more resources can be allocated to each virtual machine that is running on the host server running the Server Core installation.

Windows Server Backup

Windows Server Backup is a key feature of Windows Server 2008 that provides high availability of services. Windows Server Backup provides a backup and recovery solution for the server on which it is installed. It improves on the backup features included in earlier versions of the Windows operating system.

Key improvements in Windows Server Backup include the following:

• Volume Shadow Copy Service and block-level backup technology help efficiently back up and recover the operating system, files and folders, and volumes.
• After the first full backup is created, Windows Server Backup automatically runs incremental backups, saving only the data that has changed since the last backup occurred. Administrators no longer have to manually schedule full and incremental backups.
• An administrator can restore individual files or entire folders by choosing a backup and then selecting items to restore from that backup. Previously, an administrator had to manually restore from multiple backups if the item was stored on an incremental backup. Now, the administrator can simply choose the backup date for the items that he or she wants to restore.
• Windows Server Backup works with the new Windows Recovery tools to simplify recovery of the operating system. Users can recover to the same server, or, if the hardware fails, they can recover to a new server that has no operating system.
• Users can manually back up volumes directly to DVD. Windows Server Backup also retains support for backing up manually to shared folders and hard disks. Scheduled backups are stored on hard disks.
• Windows Server Backup now includes a wizard to guide the IT staff through the process of creating daily backups. System volumes are automatically included in all scheduled backups.

Because a Server Core installation uses less disk space and uses less overhead than a full installation of Windows Server 2008, the backup process is typically faster for both a full backup and a system state backup. With the smaller footprint in a Server Core installation, the restoration process is also typically faster and allows for higher uptime and overall lower TCO.

Best Practices

Based on the lessons that it learned from the deployment of a Server Core installation of Windows Server 2008, Microsoft IT developed the following best practices:

• Install only the required services on the computer running the Server Core installation. This helps to reduce the attack surface and keeps patching requirements to a minimum.
• Make sure that the deployment plan provides enough time and resources to perform a clean Server Core installation. This is because an administrator cannot upgrade to a Server Core installation or revert to a Server Core installation from a full installation of Windows Server 2008.
• Become familiar with the command-line tools that are used in a Server Core installation before deployment. This will help smooth the transition to the new Server Core installation option of Windows Server 2008.
• Make sure that any existing management tools and third-party applications in the environment work with the Server Core installation. This includes third-party backup programs and antivirus software.

Conclusion

The Server Core installation option of Windows Server 2008 enables Microsoft IT to have more control over its server and network infrastructure. A Server Core installation also helps increase security by providing a reduced attack surface and helps reduce overall costs because of reduced deployment and maintenance requirements.

For More Information

For more information about Microsoft products or services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada information Centre at (800) 563-9048. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information via the World Wide Web, go to:

http://www.microsoft.com

http://www.microsoft.com/technet/itshowcase

© 2008 Microsoft Corporation. All rights reserved.

This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft, Active Directory, BitLocker, Internet Explorer, Windows, Windows Media, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.