WS2008 ServerCore Quick Config – Part2

Part 2 Command Line Syntax – Updated 29 April 2008

Useful command line syntax to manage Server Core

General Setup and Configuration :

Set the Administrator password (by default there is now password set on this account):
C:> net user administrator * “this will prompt you to enter a new password”

Set a static IP Address:
C:> netsh int ip set address “Local Area Connection” static 1 “this will set the IP address of with a default GW of”
C:> netsh int ip set dns “Local Area Connection” static
“this will set the IP address of the DNS server”

Activate the server with Microsoft:
C:> slmgr.vbs –ato “this script will activate the server with Microsoft”

Rename the server:
C:> hostname “first determine the current name of the server with the hostname command”
C:> netdom renamecomputer longhorn /newname: sealion
“this will rename the server from longhorn to sealion”

Join a Domain:
C:> netdom join sealion/domain:corpdom /userd:billg /password:*
“this will join the server named sealion to the corpdom domain”

Add a domain user account to the local administrators group:
C:> net localgroup administrators /add corpdomstevej
“this will add the domain user account stevej to the local administrators group”

Shutdown, restart and logoff the server:
C:> shutdown /r /t 5 “this will restart the server in 5 seconds”
C:> shutdown /s /t 5 “this will shutdown the server in 5 seconds”
C:> logoff “this will logoff the current user”

Firewall configuration:
, these examples should be used with care especially in DMZ areas or network segments that have a higher risk to attacks. Only open ports that are required.

Allow the server to be pinged:
C:> netsh firewall set icmpsetting 8 ENABLE
“the 8 means allow inbound echo request & enable means allow through firewall”

Allow remote admin for administration from a remote workstation/server:
C:> netsh firewall set service remoteadmin ENABLE
“remote admin will allow ports 135 & 445”
C:> netsh firewall set portopening TCP 3389 RemoteDesktop
“this will open port 3389 for RDP remote desktop”

Show the firewall state and configuration:
C:> netsh firewall show state “displays the current state of the firewall”
C:> netsh firewall show config “displays the current configuration of the firewall”

Managing Server Core from a Remote machine :
Not all tasks can be performed at the command prompt, however you can use the built in scripts to:
1. Enable Automatic Updates
2. Enable RDP access
3. Enable terminal server clients prior to current versions
4. Configure DNS SRV record weight & priority
5. Manage IPSec monitor remotely
The scripts are located in Windowssystem32 folder and the main command script you will use is SCREGEDIT.WSF

Windows Update – current state and enable :
C:> cscript scregedit.wsf /AU /v “display current state of automatic updates”
C:> cscript scregedit.wsf /AU 4 “enables automatic updates”

Allow RDP Connections :
C:> cscript scregedit.wsf /AR /v “display current state rdp connections”
C:> cscript scregedit.wsf /AR 0 “enable rdp connections”
C:> cscript scregedit.wsf /AR 1 “disable rdp connections”

Windows Remote Shell:
Windows Remote Shell was first available with WS2003R2 and allows remote administration via command line, it’s perfect for Server Core. WRS is a client server model based on configuring WinRM on the server side and then running the WinRS.exe from the client side.
NOTE: WRS is not an interactive shell, you could use something like Sysinternals PSEXEC for that.
Configure WinRM on Server Core :
C:> winrm quickconfig “this setting enables windows remote shell connections”

The above command actually does a little more than just enabling remote shell connections, it carries out the following:

  • Starts the WinRM service and sets the service start-up type to auto-start.
  • Creates a listener for the ports that send and receive WS-Management protocol messages using either HTTP or HTTPS.
  • Defines Windows Fiewall exceptions for the WinRM service and opens the ports for HTTP and HTTPS.

·         Warning, the above should be used with care especially in DMZ areas or network segments that have a higher risk to attacks. It is recommended that you DO NOT enable WinRM in a DMZ or other high risk area of the network.
WinRM Configuration settings:
C:> winrm enumerate winrm/config/listener
“this command provides the listener configuration”

Using Windows Remote Shell from the client side :
C:> winrs -r:sealion cscript windowssystem32scregedit.wsf /AU 4
“this command enables automatic updates on a server core server named sealion”

WinRS.exe is installed by default on Windows Vista and Windows Server 2008.

General Administration :

Add user to local computer:
C:> net user linus /add * “add a new user named linus and prompt for a password ”

Add user to a local group:
C:> net localgroup administrators /add linus “add user linus to the local administrators group ”

Create a new group to the local computer:
C:> net localgroup rnd /add “add a new local group named rnd ”

List running services:
C:> net start “displays the running services”
C:> sc query “displays the running services in verbosely”

Stop and start a service:
C:> net stop w32time “stops the windows time service”
C:> net start w32time “starts the windows time service”

Tasklist and Taskkill commands:
C:> tasklist “displays a list of running processes”
C:> taskkill /PID 168
“will kill a process that is running under a PID of 1668 – note /F will forcibly kill the process”

Task Manager:
C:> taskmanager “starts the taskmanager GUI”

Event logs:
C:> wevtutil el “enum logs – lists the log names”
C:> wevtutil qe application /c:3 /rd:true /f:text
“displays the 3 most recent events from the application log in text format – qe =query events application=application log /c:3= count, sets the maximum number of events to read /rd:true=the direction of the event log, true will list the latest events /f:text=format of the output is text, you can also use xml”

Openfiles command:
C:> openfiles “displays a list of open files on the server”

Diskpart utility:
Warning: Use this utility with care!!
C:> diskpart “starts the diskpart utility to perform disk partitioning and more”

Change Time and Date:
C:> control timedate.cpl “starts the time and date GUI”

Systeminfo display the system information:
C:> systeminfo “displays system information”

Server Roles :

OC to display and configure server roles:
C:> oclist “displays the available server roles and what is currently installed”

To install DNS:
C:> start /w ocsetup DNS-Server-Core-Role
“will install the DNS onto this server core server”

To install DHCP:
C:> start /w ocsetup DHCPServerCore
“will install the DHCP onto this server core server”

To un-install DNS:
C:> start /w ocsetup DNS-Server-Core-Role /uninstall
“will un-install the DNS onto this server core server”

To un-install DHCP:
C:> start /w ocsetup DHCPServerCore /uninstall
“will un-install the DNS onto this server core server”

NOTE: The same syntax can be used to install or uninstall other components listed from the oclist tree, e.g. WINS, printing Bitlocker and so forth.

Active Directory :

Installing Active Directory Services Role:
AD Services requires running DCPROMO in un-attend mode with an answer file, for example the following command will promote the server to a DC based on the information in the answer file:
C:> Dcpromo /unattend:c:utilsunattend.txt

The Answer file contains the following commands:
;NewDomainDNSName = test.local
RebootOnSuccess = NoAndNoPromptEither
SafeModeAdminPassword = [email protected]

Comments are closed.