Server Management Options - Paiet/Tech-Journal-for-Everything GitHub Wiki

Recap:

Link to show what we have done and what else to study: ** Manage a Server Core Server** https://docs.microsoft.com/en-us/windows-server/administration/server-core/server-core-administer
CMD/ netdom to remane/join to a domain
PowerShell to change IP and other settings such as join a domain with Add-Computer
Sconfig

Chart to show how to manage based on certian scenarios: https://docs.microsoft.com/en-us/windows-server/administration/manage-windows-server

NOTE: To manage remotely via PoweShell you must run: Enable-PSRemoting

Additional tools:

Netsh
MMCs
Remote Desktop Services
Remote Server Administration Tools for Windows 10 (RSAT) download: https://www.microsoft.com/en-us/download/details.aspx?id=45520
Only Professional or Enterprise with Desktop Expierence
RSAT for managing core
Server manager
- Manages on prem systems
- 2008, 2012, and 2012R2 require some set prior:
- .Net Framework versions
- Windows Management Framework versions
- See link below: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831456(v=ws.11)

Configure WinRM WinRM overview https://technet.microsoft.com/en-us/library/dn265971(v=ws.11).aspx WinRM syntax examples https://blogs.technet.microsoft.com/askperf/2010/09/24/an-introduction-to-winrm-basics/ Windows Remote Management is the Microsoft implementation of the WS-Management Protocol. It uses SOAP (Simple Object Access Protocol) over HTTP and HTTPS, and thus is considered a firewall-friendly protocol. It was designed to provide interoperability and consistency for enterprise networks that have a variety of operating systems, to locate and exchange management information.

processes WimRM requests over the network using HTTP & HTTPS
Port HTTP 5985 or HTTPS 5986
We are Accessing WMI Windows Management Instumentation
DCOM- Older, proprietary, not Firewall friendly. RPC.
WinRM was designed to overcome these issues.
WinRM Works by default in a domain enviroment on server 2012 and later
Management Tools use processor resources, offload to client.
WS-Management or WS-Man Listener
Create Firewall exception
We will look at different ways to configure WinRM
Show in Services
Show in Server Manager

** winrm.exe quickconfig**

Open elevated CMD winrm -? Note the extra help displays what it does cls winrm get winrm/config
Note: Error Message same as PSremoting if not configured winrm quickconfig (winrm qc) y y
Note: Listener & firewall info
hostname
Switch to another PC
Launch PowerShell
See Below for WinRS
To list all the WinRM listeners, run this command: Winrm en

winrs -r:SVR02 -ad -u:administrator -p: ipconfig /all

Discuss this technology winrs.exe https://technet.microsoft.com/en-us/library/hh875630(v=ws.11).aspx Can run commands on remote machines winrs -?

** Use group Policy to configure WinRM**

gpedit.msc
Computer\Windows Remote Management and Windows Remote Shell
Configuration\Administrative Templates\Windows Components
You have to add a computer to the trusted hosts list if in a Workgroup or different domain. Get-Item wsman:\localhost\Client\TrustedHosts

'$server = 'core.democo.com'' 'Set-Item wsman:\localhost\Client\TrustedHosts -Value $server'

'winrm set winrm/config/client '@{TrustedHosts="dc01"}''

Enable-PSRemoting

Starts the Windows Remote Management (WinRM) service and sets it for automatic startup
Creates a listener to accept remote requests on any IP address
Enables a firewall exception for WS-Management
Makes some additional under-the-hood changes to support PowerShell remoting sessions and workflows

If you run Enable-PSRemoting, you don't need to run winrm quickconfig

PowerShell Help get-help About_Remote_Troubleshooting

Invoke, one to many Sends queries serially up to 32 computers at a time.

Invoke-Command --name pc1, pc2, pc3 --ScriptBlock {Get-Process} Send one cmdlet Invoke-Command -ComputerName Mydesktop {Get-Service -Name Spooler}

Server Management Options Pt 3

Enter-PSSession, one to one Remoting

New-PSSession -ComputerName (namegoeshere)
Enter-PSSession -ComputerName (namegoeshere)
ipconfig /all
Get-PSSession
Enter-PSSession -id X
Exit-PSSession
Get-PSSession | Disconnect-PSSession

Group Policy: Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Remote Management (WinRM)\WinRM Service

Extra Links

Remote Server Administration Tools (RSAT) https://www.microsoft.com/en-us/download/details.aspx?id=45520 Search RSAT for your OS for tools like Server Manager and MMCs

Server Manager

MMCs

Windows Admin Center https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/understand/windows-admin-center

Configure Windows Firewall

Let's look at the rules configured in the firewall
Start > Administrative Tools Tile
OR
wf.msc
Inbound rules
Windows Remote Management (HTTP-in) check port # & explore

firewall rules https://blogs.technet.microsoft.com/askds/2008/06/05/how-to-enable-remote-administration-of-server-core-via-mmc-using-netsh/

MMC uses DCOM (Distributed Component Object Model) for remote management instead of WinRM. These Firewall rules are not enabled by default:
- COM+ Network Access (DCOM-In)
- Remote Event Log Management (NP-In)
- Remote Event Log Management(RPC)
- Remote Event Log Management (RPC-EPMAP) Set-NetFirewallRule -name compulsenetworkaccess-dcom-in -enabled True Set-NetFirewallRule -name remoteeventlogsvc-in-tcp -enabled True Set-NetFirewallRule -name remoteeventlogsvc-np-in-tcp -enabled True Set-NetFirewallRule -name remoteeventlogsvc-rpcss-tcp -enabled True

get-help *firewall* Get-NetFireWallRule Get-NetFireWallRule | Select-Object -Property name, displayname | where {$_.displayname -like "*Windows Remote Management*"} Enable-NetFirewallRule -Name WINRM-HTTP-In-TCP Enable-NetFirewallRule -Name WINRM-HTTP-In-TCP | Set-NetFirewallRule -Enabled:true

Final thoughts: Backwards compatibility https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831456(v=ws.11)