Scotty McLeod recently gave a presentation to the Windows Server UK User Group on Windows Server 2008 Server Core. I mentioned Server Core in a previous post but here’s some more on the subject, based on Scotty’s presentation (it’s also worth checking out Micheal Pietroforte’s post on Server Core essentials).
- Contrary to popular belief, Server Core still has a GUI. There is no Start Menu, no Explorer, no Internet Explorer (it is entirely command-line driven), but the logon screen is graphical and some GUI applications can be used (the latest beta includes an old version of
notepad.exethat has very few dependencies and
rundll.execan be used to launch some GUI hooks). It is rumoured that, because some of the product teams didn’t follow Microsoft’s own application development rules, it’s too difficult to remove the GUI from Windows without breaking it completely.
- At present, the Server Core image is about 600MB in size – small enough to facilitate some interesting potential deployment scenarios – and, because of its small size, Server Core installs quickly.
- The number of supported roles for Server Core is growing quickly – that could be seen as a potential weakness but even so, the basic principle of providing a reduced attack service for common server scenarios still holds true. Interestingly, one of the roles (and potentially the most problematic of them all) is as an (IIS) web server – only for ISAPI/ASP applications (i.e. no .NET Framework – yet) but rumour has it that Apache will also run on Server Core and a cut-down IIS allows the installation of PHP for a Windows alternative to a LAMP web server (this lends itself to an unfortunate acronym though – WIMP – Windows, IIS, MySQL, PHP).
- Because there is no .NET Framework for Server Core at this time, there is no ability to run PowerShell scripts.
- After installation, Server Core has a blank administrator password. This must be changed at logon but can be changed to another blank password; however keeping it blank will prevent remote access to the server.
- Core server has huge potential, but still seems to be a little disjointed on the administration front (ironic, given what a huge improvement has been made in the full installation through the introduction of the Server Manager tool) – it seems that the recommended approach is to use a full Windows Server 2008 server as a management server for the various Core Server installations around the enterprise.