Windows Server 2012 Remote Server Management
Run graphical remote management tools on a client desktop
May 29, 2013
Windows Server 2012 introduced a staggering number of changes in virtualization features: an updated Hyper-V, desktop virtualization with new Remote Desktop Services, and much more. Apart from features, though, Microsoft made a big shift in the best practice deployment of Server 2012.
Since Windows Server 2008, you could use the Server Core installation option (which I cover in detail in "Windows Server 2012 Installation Options") to install Windows Server without a local graphical interface; however, this was really only for certain infrastructure roles. Server 2012 changes this. Server Core is the default installation option for Server 2012—and is for more than just infrastructure roles.
Server Core is a target for application workloads such as SQL Server in Server 2012. You can add or remove the graphical interface and management infrastructure and tools at any time. The upshot is that in Server 2012, many more servers will be Server Core rather than Server with a GUI (the new name for what was Full Installation). In short, you probably should change the way you manage your Windows environment.
Evolution of Graphical Management
To put it into perspective, I look back at my first job working with computers. I was a VAX/VMS systems administrator, which really meant I changed backup tapes and provided printouts to developers. I managed the servers by sitting in the server room, where a video terminal was connected to each server. Then we added TCP and I would sit at a desk and telnet directly into each server. I managed Windows servers (when we got them) the same way. I had a monitor and keyboard in the server room that I would use to connect to a server via a KVM. And then when RDP and remote administration became a key feature, I worked from my desk and just RDP'd into the server. In all cases, though, I effectively managed one server at a time—and managed it locally.
As the number of server instances explodes, managing one server at a time becomes unrealistic. And with the shift to Server Core, local management with a graphical interface is no longer an option. We must shift how we manage servers.
Remote management (and by that I don't mean RDPing into the server, but rather running management tools on your client desktop that connect to the server) has been a realistic option since Windows Server 2008 R2. I emphasize realistic because it was possible before Server 2008 R2; however, it was cumbersome.
In Server 2008 R2, Server Manager finally allowed you to remotely connect to a server and manage it (providing the server has been enabled for remote management). This means you can install the Windows 7 Remote Server Administration Tools (RSAT) on your Windows 7 desktop, fire up Server Manager, and remotely manage a Server 2008 R2 operating system. However, this provides a connection to just one remote server at a time (Figure 1), which isn't convenient for managing multiple servers. Also, you might need to consider other types of applications that may also require management tools to run locally on the application server and not support Server Core; however, most applications have moved to a remote-management tool model or completely web-based administration.
Figure 1: Using Server Manager to Manage Windows Server 2008 R2 from a Windows 7 Client
Remote management tools are important for another reason. New graphical management tools are very rich, but the reality is you typically wouldn't want them running on your servers because the tools would take up resources that would be better used by the services running on the OSs. It's far better to have that rich graphical interface rendering on your desktop OS and minimal network traffic in the process of fetching information and performing tasks.
Graphical, Multi-Server Management
Server 2012 fully embraces graphical, multi-server management with its completely reenvisioned Server Manager environment. One of the key reasons for Server Manager's complete redesign was to accommodate the simultaneous management of multiple servers. Figure 2 shows Server Manager running on a Windows 8 machine with Windows 8 Remote Server Administration Tools (RSAT) installed. This is how Microsoft wants you to manage Server 2012; and really, this is how you should want to manage Server 2012.
Figure 2: Server Manager Running on Windows 8 and Managing Multiple Windows Servers
Manage multiple servers. If you consider that all your servers are running Server Core, then managing multiple servers with the ease of one should sound pretty good. In Figure 2, the initial dashboard not only shows server health, but Server Manager also automatically detects the roles installed on the servers it's managing and creates separate groups so you can see the health of Microsoft IIS, Hyper-V, and Active Directory (AD). You can even create your own groups of servers; for example, "Test Servers" in my instance. It's possible to click any problem areas (identified with red highlighting in Figure 2) and quickly see details. For example, click the Best Practice Analyzer (BPA) items in red to see what the problems are (yes, BPA is integrated with Server Manager) or which services are experiencing problems. All those services across the various servers can then be restarted with a single click.
There is one difference between Server Manager running on a Windows 8 client and Server Manager running locally on Server 2012 (Figure 3): the inclusion of a Local Server navigation node on Server 2012. Through this Local Server workspace, you can perform initial configurations on items such as server name and IP address (by initial I mean items you configure once on a server after installation and typically never change again). For this reason, items on the Local Server workspace aren't available via Server Manager's remote management functionality because they weren't deemed necessary for ongoing management. I expect that will change in the future. The good news is that remote management is enabled on Server 2012 by default; no manual action is necessary. This doesn't mean you can RDP into the server by default, but you can fire up Server Manager and (providing you have permissions on the server) remotely manage it.
Figure 3: Server Manager Running Locally on Windows Server 2012
You can add servers to Server Manager via the Add Servers action on the Manage menu. While the focus of this article is remote management of Server 2012, you also can manage Server 2008 and Server 2008 R2 with Server Manager. The only requirement is Windows Management Framework (WMF) 3.0 must be installed on the Server 2008 and Server 2008 R2 boxes. You can download Windows Management Framework 3.0 online, but make sure you've installed .NET Framework 4.0 first, or WMF 3.0 won't install correctly.
As you add new servers to Server Manager, it polls them, detects the various infrastructure roles, and surfaces the roles in the appropriate navigation areas of Server Manager. Servers are exposed through the All Servers workspaces. It's also possible to create your own groups of servers, like the "Test Servers" group in Figure 3.
Make information visible. One action you'll likely need to take is right-click the server(s) and select Start Performance Counters (Figure 4), which enables a collection of performance data about the source server. You can access the data remotely through Server Manager to view key performance metrics such as CPU and memory use. You can even set Server Manager to alert you if CPU use goes above a certain level, or the amount of free memory is below a certain level. Be sure to look at other options for remote server actions: full access to Computer Management for the server, RDP, Windows PowerShell, configure NIC Teaming, reboot, and more. These are in addition to the standard tools on the Server Manager Tools menu, which lets you launch familiar tools such as Active Directory Users and Computers, Hyper-V Manager, and so on.
Figure 4: Viewing Performance Data Via Server Manager's Performance Counters Function
A big change to Server Manager in Server 2012 is the capability to remotely add and remove roles and features. To do this, select the Add or Remove Roles and Features action from the Manage menu. If you're performing a role-based or Remote Desktop Services installation, the next choice is the server on which you want to perform the add/remove (Figure 5).
Figure 5: Selecting the Target Server in Server Manager for Add/Remove Operations
(I should note here that RDS has its own scenario-based deployment methodology accessible through Server Manager that enables you to deploy entire RDS environments across hundreds of servers—and based on best practices—from a single wizard with only a few clicks of a mouse.)
There are three things to note about this functionality:
You can select only one server at a time for the add/remove operation. If you want to add or remove roles/features on multiple servers, you must use PowerShell; for example:
Invoke-Command -ScriptBlock {Install-WindowsFeature –Name XPS-Viewer} -ComputerName server1,server2,server3
You cannot add/remove on Server 2008 and Server 2008 R2 boxes. Although it's possible to remotely manage these servers, this functionality doesn't extend to role/feature add/remove because the base OS doesn't support it.
Notice in Figure 5 that not only can you add/remove roles/features to a server, you can also select a virtual hard disk to manage offline—which is a great capability (you also can designate a virtual hard disk to manage offline from PowerShell as part of an automated provisioning process).
Manage roles and features. In addition to showing information (such as performance, events, BPA results, and installed components) from managed services, Server Manager also manages key aspects of the core OS, including certain roles and features. Storage is a great example. Server Manager not only exposes the volumes on a system and lets you configure features such as data deduplication, it also lets you manage storage spaces, iSCSI, NFS, and advanced share configurations. Some roles, such as Remote Desktop Services and IP Address Management, expose their configurations through Server Manager.
A common question regarding Server Manager is "How do you share a Server Manager configuration between users or different computers?" All servers and custom server groups monitored by a Server Manager instance are stored in an XML configuration file. It's therefore possible to move this configuration (which is stored at %appdata%MicrosoftWindowsServerManagerServerList.xml) between users and computers.
This is all great; however, one of the first things I said in this article is Server 2012 installations should use the Server Core mode, which has no graphical interface and no management infrastructure available locally. So how is Server Manager being used? The answer is Server Manager runs on your Windows 8 desktop. Server Manager, along with the rest of the Server 2012 administration tools, is available as part of RSAT, which is available in both 32- and 64-bit versions.
Once the tools are installed on Windows 8, you enable them via the Control Panel Programs and Features applet. Run the Turn Windows features on or off action and enable Server Manager in the RSAT section (Figure 6). From this dialog box, you can enable other role and feature administration tools as well.
Figure 6: Enabling Server Manager on a Windows 8 Installation After Installing Remote Server Administration Tools (RSAT)
I step through this process and present a general overview in the accompanying video.
Once you have Server Manager installed on a Windows 8 desktop, you can realize the nirvana of Server 2012 management and deployment. All Server 2012 deployments run Server Core under the remote management of a Server Manager instance running on Windows 8.
RSAT for Server 2012 is available only on Windows 8. RSAT for Server 2012 doesn't support Windows 7 or even earlier client OSs; this is consistent with previous versions of Windows servers. RSAT for Server 2008 R2 ran on Windows 7 only, RSAT for Server 2008 ran on Windows Vista only, and Administration Tools Pack for Windows Server 2003 R2 ran on Windows XP only. You get the idea.
So what do you do if you don't have Windows 8 in your organization, and even you (as the IT department) can't adopt it? My recommendation is to set up a Server 2012 Remote Desktop Session Host and publish Server Manager. Then, administrators on Windows 7, Windows RT, and non-Microsoft platforms (basically, anything that supports published applications over RDP) can execute the published application, which appears to run locally on the machine because it integrates seamlessly with the desktop. I created a video, "Managing Windows Server 2012 from Windows 7," that covers this procedure.
Ultimate Remote Management with PowerShell
Up to this point, I've discussed the new remote graphical management tooling. In the largest environments, however, where you're talking about true automation, you don't want a graphical interface. You want to use a command-line interface (CLI) and scripts. And for Windows, there really is nothing more powerful than PowerShell, which brings together a CLI and scripting environment. PowerShell is object-centric, allowing objects (rather than basic strings) returned by one command to be passed to another command. This provides for great capabilities with often minimal amounts of code because the original object is maintained.
Every Server 2012 capability is exposed through PowerShell by more than 2,400 cmdlets (the name for native PowerShell commands) just for the base OS; and the reality is that many things (such as Hyper-V network virtualization and advanced Storage Space configurations) can be achieved only through PowerShell and aren't available in the OS graphical management tools. PowerShell integrates with Windows Remote Management to provide remote server management. PowerShell 3.0 (which is part of Server 2012 and installed as part of WMF 3.0 for Server 2008 and Server 2008 R2) also offers a powerful workflow capability that lets you initiate tasks on remote systems without having to stay connected.
Nearly all Microsoft products have PowerShell support, and so do most solutions that integrate with Windows, including those from hardware partners such as Cisco and NetApp. This means it's possible to manage not only Windows with PowerShell, but also a complete IT infrastructure.
An introduction to PowerShell is beyond the scope of this article; however, I want to draw your attention to a few ways to get started quickly:
Use the Windows PowerShell Integrated Scripting Environment (ISE). It features IntelliSense, which helps complete cmdlet names and parameters as you type. ISE also has a command pane that lets you search for commands. The command pane provides a form interface that shows all available parameters and which ones are mandatory, and it creates commands for you.
Active Directory Administrative Center uses PowerShell behind the scenes. The PowerShell Command window displays the commands that accomplish the actions you perform in the graphical interface. This means you could graphically perform a series of actions and then incorporate the PowerShell commands into your scripts.
If you're experimenting, take advantage of the WhatIf parameter. Use a test box to limit damage as you're learning; however, the WhatIf command shows what would happen if the command were executed without making changes.
Remote Management Methodology
The new Server Manager in Server 2012 really helps organizations move to a true remote management methodology, letting you manage multiple machines simultaneously. It still might be a stretch for many IT groups to move away from just RDPing into each server and managing them "locally." However, as more and more servers run Server Core, and once Server Manager's multi-server management benefits become apparent, there'll be a greater shift in management, especially as the 2012 Server Manager also provides for management of Server 2008 and Server 2008 R2. Of course, applications still must run on servers to support remote management, but this is also becoming more common and necessary as vendors add support for Server Core. And don't forget about PowerShell, which really is an administrator's best friend.
About the Author
You May Also Like