Windows Server Core is a good alternative to the Full Server GUI installation for many reasons.  The main reason is that it can greatly reduce the surface area for attacks. It can also reduce the overall Operating Systems footprint.  These are great advantages of running Server Core installations, however it will require a bit more work to get things setup.

You can use most of the modern Windows GUI interfaces to remotely manage your Server Core installations using tools such as Server Manager and IIS Manager.  For the purposes of this walkthrough we will be focusing on managing IIS8 remotely using IIS Manager (Client side) and the IIS Web Management Service (server side). 

The following is a list of steps we will take to configure Server Core for IIS8 remote management.

  • Install Windows 2012 Server Core
  • Install the Web Server Role (IIS8)
  • Install the Web Management Service
  • Enable  Remote Management (Web Management)
  • Restart the Web Management Service
  • Create  a Windows Firewall rule to allow traffic to Web Management Service
  • Connect to IIS8 on Server Core using IIS Manager

Install Windows 2012 Server Core

Install and configure Windows 2012 Server Core.  Server Core is the default installation option for Windows Server 2012.  There is a lot of good information out there regarding installing and configuring Windows Server Core 2012.  One good source is Microsoft’s TechNet.  Here’s a good TechNet article on the subject: http://technet.microsoft.com/en-us/library/hh831620.aspx 

Windows 2012 Server Core

Install the Web Server Role (IIS8)

Once the OS is installed and configured, we will install the Web Server Role using Windows PowerShell. We can use the Install-WindowsFeature cmdllet to accomplish this.

Windows PowerShell

Install-WindowsFeature Web-Server

Install the Web Management Service

We will also install the Web Management Service using Windows PowerShell. 

We can use the Install-WindowsFeature cmdllet to install the service.

Web Management Service

Install-WindowsFeature Web-Mgmt-Service

Enable Remote Management (Web Management)

You can use the Set-ItemProperty cmdlet in Windows PowerShell to set registry values. 

This is how we will enable Remote Web Management.

Remote Web Management

Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1

Restart the Web Management Service

If the Web Management Service is already started it will need to be stopped and restarted to pick up the new settings.

Web Management Service

You can use the following Net commands to stop and restart the service.

Net Stop WMSVC

Net Start WMSVC

Create a Windows Firewall rule to allow traffic to Web Management Service

Windows Firewall Rule

We will use Netsh to create a firewall rule to allow traffic to the Web Management Service (WMSVC).  By default the service listens on TCP port 8172, but we will just allow traffic to any port WMSVC listens on.

netsh advfirewall firewall add rule name=”Allow Web Management” dir=in action=allow service=”WMSVC”

If you are in a workgroup you may need to enable the Netbios ports as well.  This is the case if you plan to connect to the server via hostname rather than the IP address.

netsh advfirewall firewall add rule name”Allow NETBIOS IN TCP” dir=in action=allow protocol=TCP localport=135-139

netsh advfirewall firewall add rule name”Allow NETBIOS IN UDP”  dir=in action=allow protocol=UDP localport=135-139

Connect to IIS8 on Server Core using IIS Manager

Now that IIS has been installed and the Web Management Service has been installed and configured you can connect to IIS from remote Windows Server 2012 IIS8 Manager.

In IIS Manager on click the connections icon and select “Connect to Server”.

IIS Manager Connect to Server

Specify a server name or IP address to connect to the server running IIS on Server Core

Specify Server Connection Details

Enter the credentials for the administrative user.  This is ‘administrator’ by default.

Administrative Credentials

Give the new connection a name.

Specify Connection Name

Now in IIS Manager you will see the new connection, in addition to the local IIS instance.  You may use this new connection to administer IIS8 on 2012 Server Core.

IIS8 on 2012 Server Core

Feel free to leave comments and questions below. For information on how SherWeb provides managed hosting services like the one above on Windows cloud, dedicated and hybrid configurations, give us a call at 1-855-780-0955, or email us at Sales@sherweb.com

Written by Jamie Furr Employee @ SherWeb