Deploying and Configuring Server Core VMs on Hyper-V (Part 7)

By /

If you would like to read the other parts in this article series please go to

Introduction

Throughout this series I have shown you a number of different techniques that you can use for managing virtual machines running server core operating systems. Although such work was necessary for getting the server core based virtual machine up and running, you probably don’t want to have to open up the Hyper-V console and manually connect to the virtual machine every time that you need to perform a management task.

In the previous article, I showed you how you could enable Remote Desktop within server core so that you can perform administrative tasks remotely. In the real world, using Remote Desktop for administrative purposes is a very viable option. However, I have heard of at least a couple of organizations that prohibit their IT staff from using Remote Desktop due to security concerns. Whether or not these security concerns have any merit I do not know. However, since there are people out there who are not allowed to use Remote Desktop, I wanted to conclude the article series by showing you a couple of other techniques that you can use to manage a virtual machine that is running a server core operating system.

Windows Remote Management Shell

Another option for managing a server core virtual machine is to make use of the Windows Remote Shell. In case you’re not familiar with the Windows Remote Shell, is a protocol that allows you to connect to server core operating systems over port 80.

Before you can use the Remote Management Shell to manage a server core operating system, you must set up a listener on the server core virtual machine. The setup process is extremely easy, but you must log into the server core VM with an administrative account, and you must make sure that the virtual machine has been joined to a domain. After doing so, you can enable the WinRM listener by entering the following command:

WinRM quickconnect

Upon entering this command, you should see a message telling you that a firewall exception must be enabled before a WinRM listener can be created. You can see what this looks like in Figure A.


Figure A: The remote listener won’t work unless firewall exceptions are enabled.

Go ahead and enter Y to create the firewall exception. You should now see a message similar to the one shown in Figure B, telling you that WinRM has been updated for remote management.


Figure B: You should see a message indicating that WinRM has been updated for remote management

You will only have to perform this procedure once per virtual machine. Once a WinRM listener has been enabled, it remains in effect, even if the virtual machine is rebooted.

Connecting to the server core virtual machine is almost as easy as enabling the WinRM listener. If you want to remotely manage a server core virtual machine, log into a computer that is running Windows 7, Windows Server 2008, or Windows Server 2008 R2. Next, open a Command Prompt window and enter the following command:

WinRS –R:<remote server name> cmd.exe

When you enter this command, you would replace <remote server name> with the name of the virtual server that you want to manage. For example, my virtual server is named Core, so I used the command shown in Figure C.


Figure C: You can use the WinRS command to connect to the server core virtual machine.

You will notice that this command ends with CMD.EXE. This tells Windows Remote Shell to connect the Command Prompt Window to the remote server. If you only needed to run a single command on the remote server then you could enter the actual command that you want to run instead of entering CMD.EXE. However, it is almost always easier to use CMD.EXE instead, because doing so allows you to use the Command Prompt window as if you were locally managing the remote machine.

To give you a better idea of what I mean, check out Figure D. In this figure, I entered the command IPCONFIG /ALL Upon doing so, the Command Prompt window returned the computer name and the IP address configuration of the remote server, even though I entered the command into a local Command Prompt window. All subsequent commands are processed by the remote server as well.


Figure D: All subsequent commands are run against the remote server.

In case you are wondering, the Command Prompt window only remains attached to the remote server until you close it. The next time that you open the Command Prompt window, it will direct commands to the local machine unless you once again establish a session with the remote server. Incidentally, if you don’t want to go through the hassle of eastablishing connectivity every time you want to manage a remote server, you could create a desktop icon that is linked to a batch file that runs the WinRS command used to establish a connection to the remote machine.

I’m sure that right now some of you are wondering about the security implications of setting up a WinRM listener on the server core VM. Well, even though the listener does allow remote management through Port 80, all of the usual permission requirements remain in effect. To show you what I mean, I attempted to connect to my server core VM while logged in as a standard user. You can see in Figure E that the connection was denied.


Figure E: The proper permissions are still required for managing the server.

Microsoft Management Console

By far the easiest method for managing a server core VM is to use the same management tools that you use for managing any other Windows Server. To remotely manage a server core VM using the GUI, enter the MMC command at another computer’s Run prompt. This will cause Windows to load an empty management shell. Next, choose the Add / Remove Snap-in command from the console’s File menu. Choose the snap-in that you want to work with and then click the Add button. When you do, you will be asked if you want to manage the local computer or another computer. Choose the Another Computer option, and then specify the name of your server core VM, as shown in Figure F.


Figure F: The Microsoft Management Console can be used to remotely manage server core machines.

Click OK and you can use the snap-in to manage the server core VM. In Figure G for example, I am using the Microsoft Management Console to manage the services on a server core VM.


Figure G: It is possible to remotely manage a server core VM using GUI tools.

In some cases you may run into trouble getting the management console to connect to the server core VM. If this happens then you will most likely have to configure the server core VM’s firewall to allow for remote management. This can be accomplished by using the following command:

Set rule group=”remote administration” new enable=yes

You can see how this command works in Figure H.


Figure H: You may have to modify the server core VM’s firewall to allow for remote management.

Conclusion

As you can see, server core virtual machines work really well in a Hyper-V environment. Although I have tried to cover the basics of creating and deploying server core VMs, there is no way that I can possibly address every conceivable configuration task. If you find yourself needing some additional help with regard to working with server core operating systems that I recommend checking out Microsoft’s Job Aids at this link.

The Job Aids are downloadable (and printable) cheat sheets that provide you with the commands used to perform various management tasks in server core operating systems.

If you would like to read the other parts in this article series please go to

About The Author

Brien Posey is a freelance technology author and speaker with over two decades of IT experience. Prior to going freelance, Brien was a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network engineer for the United States Department of Defense at Fort Knox. In addition, Brien has worked as a network administrator for some of the largest insurance companies in America. To date, Brien has received Microsoft’s MVP award numerous times in categories including Windows Server, IIS, Exchange Server, and File Systems / Storage. You can visit Brien’s Website at: www.brienposey.com.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top