Let’s say you want a Windows server, but you want the mess of the GUI to be non-existent. You want something similar to how you would interact with Linux: a smaller attack surface utilizing it’s hardware resources for the services instead of GUI navigation and execution.
Windows Server Core Editions are your friend. You can use Server 2008 R2, or the new Server 2012, to have this lightweight server.
I am making a tutorial that involves creating a core server domain controller, starting with Server 2008 R2 and then showing the differences in Server 2012. As a quick sample, we will go through setting up Windows Server 2008 R2 Core to have PowerShell server management immediately available.
First, install the server as you would any normal Windows Server 2008 R2 server. When asked what version of Windows, Standard/Standard Core/Enterprise/Enterprise Core…select the appropriate Core version. The only other visual differences with the server actually come into play the first time you login. The login screen should even look the same.
We are going to use the Deployment Image Servicing and Management (DISM) tool to enable what we need. You should be welcomed with the prompt when you login, which is showing you your current directory location by default.
C:\Users\Administrator> DISM /online /Get-Features
This DISM command shows you what features you have available to enable, similar to how Service Manager shows you features/roles. Keep in mind, DISM is case-sensitive! We need just a few of these to get us started with a PowerShell setup:
# .NET Framework 2.0 is needed for PowerShell 2.0 to work
DISM /online /Enable-Feature:NetFx2-ServerCore
# Now enabling PowerShell!
DISM /online /Enable-Feature:MicrosoftWindowsPowerShell
# Now allowing ServerManager cmdlets to be available
DISM /online /Enable-Feature:ServerManager-PSH-Cmdlets
# Now allowing BestPractices cmdlets to be available
DISM /online /Enable-Feature:BestPractices-PSH-Cmdlets
Awesome stuff. Now we have a different problem, which is that we can’t actually launch powershell unless we place in a direct path or change our current directory to the appropriate buried System32 folder. So, instead, let’s add this to our %PATH% variable. This environmental variable stores a list of default locations to search through when a file/executable is not located in the current directory. By default, PATH only has three directories which include basic command-line tools you may normally use (in and out of PowerShell!).
To add PowerShell to your %PATH% variable for simple execution:
The reason we are defining PATH with both %PATH% and the PowerShell directory is to retain the current directories already in the variable, otherwise we will overwrite it with only our PowerShell directory! After this, you are ready to jump into PowerShell.
Now we should get the PowerShell shell-launch welcome message, now with a PS appended to the beginning of the prompt:
On Windows Server 2012, or on a PowerShell 3.0 install, the copyright year will say 2012. Since PowerShell is enabled and available by default on Server 2012 Core, we don’t need to even add it to the PATH variable. Now that we are here, we need to enable 32-bit support in case this server may be accessed by, or accessing a, 32-bit Windows OS through PowerShell remoting (this is unnecessary in Server 2012, as it is enabled by default):
# Making ServerManager cmdlets available
# Listing all WoW64 (Windows on Windows 64-bit) Features/Roles
# Only enabling WoW minimum requirements to allow 32-bit PowerShell
# In this case, -IncludeAllSubFeature is not needed as it will do so by default
Add-WindowsFeature WoW64-NetFx2-Support -IncludeAllSubFeature
We are all set! If you are doing this in a VM, it would be best to take a snapshot right now. You could always mess around with sconfig if you want, in case you want to install updates or do other common “first setup” tasks:
PS C:\Users\Administrator> sconfig
Either way, take a snapshot when you believe this is a perfect base build. I’m using a copy of Hyper-V on a spare desktop, so snapshots are available to me (like other Virtual solutions such as VMware Workstation, etc.).
Part 2 of this will include setting up a Domain Controller, and using an unattended dcpromo.exe file for a scripted install. Along side the Server 2008 R2 install, we will also go through the new PowerShell cmdlets that are replacing dcpromo.exe in Server 2012. Awesome!