Coaching

Remote Management Summary

March 15, 2018

Remote role deployment in Windows Server 2012 allows you to install and manage roles on multiple remote servers. Keep in mind the following about remote role deployment:

  • Server Manager can add roles and features only on remote servers running Windows Server 2012.
  • Server Manager can manage remote servers running Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003.
  • Server Manager can manage up to 100 remote servers.
  • Limiting the amount of event data collected by Server Manager increases server efficiency when managing large numbers of servers.
  • Server Manager can receive only online or offline status from servers running Windows Server 2003.

To deploy roles to remote servers:

  • Use Server Manager to create a server pool of the remote servers to manage.
  • Use Manage As to change credentials when required to access a remote server. The following roles do not support Manage As:
    • Remote Desktop Services (RDS)
    • IP Address Management (IPAM)

      When using these roles, you have to log on with the account that has rights to those servers.

The following table identifies remote role deployment tasks:

Task Description
Add domain servers to the server pool To add domain servers to the server pool, right-click All Servers in Server Manager:

  • Use the Active Directory tab to add servers from the domain to the server pool.
  • Use the DNS tab to add servers by name or by IP address.
  • Use the Import tab to add multiple servers using a text file. List the name or the IP address of each server on a separate line.
Manage non-domain servers To install and manage roles on a workgroup server (a server not in the domain):

  1. Add the workgroup server to the TrustedHosts list using the Set-Item command. For example, to add a server named Kiosk1, enter:

    Set-Item wsman:\localhost\Client\TrustedHosts <KIOSK1> -Concatenate -Force

  2. Configure the workgroup server firewall:
    • If the workgroup server is on the same subnet as the managing server, or if the workgroup server’s network connection is Private, no change is necessary.
    • When the server is on a different subnet and the network connection is not Private, change the inbound firewall rule Windows Remote Management (HTTP-In) to include the name of the managing server.
  3. Enter the credentials for the workgroup server. The options you have are:
    • Use the Local Administrator credentials.
    • Create an account with administrative privilege. When using this option, you must override the UAC by creating a new registry key:

      New-ItemProperty -Name LocalAccountTokenFilterPolicy -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -propertyType DWord -value 1

To install and manage roles on servers in the domain from a workgroup server not in the domain, use this same process. In Step 1, you add the name of the domain servers to the workgroup server.
Deploy a role on a remote server To deploy a role to a remote server:

  • Select the installation type.
  • Select the server to receive the role from the server pool.
Deploy a role to a VHD file To deploy a role to a VHD file:

  • The target VHD file must meet the following requirements:
    • The target VHD file must have Windows Server 2012 installed.
    • The VHD cannot have more than one system volume or partition.
  • The computer or local system account of the server mounting the VHD requires:
    • Read/Write access on the Share where the VHD is located.
    • Full Control access if stored locally.
  • In the Add Roles and Features Wizard, select a virtual hard disk as the destination.
    • Select the server on which to mount the VHD.
    • Enter the path to the VHD file.
  • You can use the PowerShell command: Install-WindowsFeature. For example, to install the DNS role in a file located in file F:\offline on a computer named dc1, use the following command:

    Install-WindowsFeature -Name DNS -VHD F:\offline -ComputerName dc1 -Restart

The Windows Remote Management WINRM command allows a server to accept remote commands from another server in the same domain. To use WINRM:

  • On the managed server use the winrm quickconfig command.
  • On the managing server, you send commands in the following format: winrs -r:remoteserver command. For example, to send the ipconfig command to a remote server named dc1, enter

    winrs -r:dc1 ipconfig

You can use Deployment Image Servicing and Management (dism) commands to:

  • Deploy a role to an offline image
  • Find features in an image
  • Enable features in an image
  • Get the status of a feature
  • Disable features in an image
  • Remove features from an image
  • Restore removed features in an image
  • Unmount an offline image

You can also use answer files with the dism command.

  • Answer files are typically used for an unattended install.
  • To use an answer file, install the Windows Automated Installation Kit (WAIK).
  • To create an answer file, use the Windows SIM utility.
  • Answer files are saved as .xml files.
  • On a running server, run dism and identify the answer file. For example, to use an answer file named myunattend.xml, the dism command is:
    dism /online /Apply-Unattend:C:\answerfiles\myunattend.xml
Coaching
© Data Coincide, LLC 2010-2019