Preparing for Deployment of Your Remote Management Solution

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

After you have followed the planning steps in this chapter to identify your organization’s remote management requirements and to design a solution that meets those requirements, you need to test your solution in a lab environment that emulates your production environment as closely as possible. Because out-of-band management and support for remotely administered servers is new to the Windows environment, it is particularly important to test your remotely administered servers and out-of-band configurations. Then develop a list of tasks you need to perform before you can implement your plan. Include tasks for preparing your network, hardware and software configurations, and security.

Network connectivity

Identify the steps you need to take to prepare your network infrastructure to ensure connectivity and stable access. Include tasks to accomplish the following:

  • Configure your network for increased bandwidth, or establish a secondary network for remote management, if necessary.

  • Configure Dial-up Networking settings, if you plan to support dial-up remote management.

  • Configure firewall settings, if you plan to remotely manage across a firewall.

  • Configure IP packet filter settings, if you plan to remotely manage across a router that filters packets.

Server resources

Identify the steps for assessing computer resources and for upgrading them, if necessary, such as:

  • Upgrade server and management computer memory and processor, if necessary, to support remote management tools.

  • Upgrade or purchase new computers that provide enhanced out-of-band support, if necessary.

Security

Identify the steps for ensuring both physical and logical security, for both in-band and out-of-band management, such as:

  • Provide secured access to servers.

  • Provide physical security for out-of-band serial connections.

  • Provide for authentication and encryption protocols.

  • Configure Group Policy settings to mitigate vulnerabilities of less secure authentication protocols.

  • Configure IPSec policies to provide security if you plan to use tools without encryption or dial-up connections through a VPN.

  • Establish a secondary management network or configure secured routers, if necessary.

  • Set up security groups and assign membership for administrators.

  • Set up shared folders as necessary, and assign permissions.

  • Configure Group Policy settings to restrict the types of administrative tasks remote users can perform.

Configure out-of-band settings

Identify the steps for configuring computers for out-of-band management:

  • Enable firmware console redirection.

  • Verify and, if necessary, configure hardware resource settings for serial ports.

  • Configure SPCR table settings.

  • Configure the service processor, if necessary.

  • Select consistent terminal definition settings for firmware, Emergency Management Services, and client terminal software.

For more information about specific settings for Emergency Management Services, see the Server Storage Technologies Collection of the Windows Server 2003 Technical Reference (or see the Storage Technologies Collection on the Web at https://www.microsoft.com/reskit).

Connect out-of-band hardware components

Identify the steps for configuring the out-of-band infrastructure:

  • Set up serial port null modem connections.

  • Connect terminal concentrators, modems, service processors, and intelligent UPSs.

For more information about setting up null modem connections in an Emergency Management Services installation, see the Storage Technologies Collection of the Windows Server 2003 Technical Reference (or see the Storage Technologies Collection on the Web at https://www.microsoft.com/reskit).

Install and enable Emergency Management Services

Identify the steps for installing Windows Server 2003 and enabling Emergency Management Services:

  • Build and test files and directories for unattended network, unattended CD, or RIS installations of Windows Server 2003.

  • Enable Emergency Management Services during or after Windows Server 2003 installation.

For more information about enabling Emergency Management Services, see the Storage Technologies Collection of the Windows Server 2003 Technical Reference (or see the Storage Technologies Collection on the Web at https://www.microsoft.com/reskit).