Windows Server Administration Tools

https://learn.microsoft.com/en-us/training/modules/describe-windows-server-administration-tools/

Managing Windows Server infrastructure requires expertise in critical administration tools. These range from Windows Admin Center, a browser-based interface, to PowerShell, a powerful scripting framework. In this chapter, we'll delve into essential tools for configuration, monitoring, and automation, offering a clear overview of their capabilities and uses.

• Windows Admin Center

• Server Manager

• Remote Server Administration Tools

• PowerShell

Windows Admin Center

Windows Admin Center is a centralized management tool for Windows Server environments, offering a user-friendly interface for system administration tasks. It provides a dashboard for managing servers, virtual machines, and services, along with features like remote desktop access, event log monitoring, and PowerShell scripting. It simplifies server management tasks and enhances efficiency for administrators.

Installing Windows Admin Center

1. Windows Admin Center is free to use, and its .msi file can be downloaded from Microsoft's website.

1. When the Windows Admin Center dialog appears, accept the terms and click "Next."

1. Maintain the default settings for the next four option boxes and click "Next."

2. In the "Configure Gateway Endpoint" panel, a port for the site has been chosen by default. The two other options are also selected by default. Click "Install".

Note - After downloading and installing Windows Admin Center, we must enable TCP port 6516 on the local firewall.

1. Click "Finish" to complete the installation. It also mentions selecting the "Windows Admin Center Client Certificate" when opening Windows Admin Center. I also clicked on "Open Windows Admin Center".

Because Windows Admin Center is a web-based tool that uses HTTPS, it requires a X.509 certificate to provide SSL encryption. This is why the installation wizard gives us the option to either use a self-signed certificate or provide our own SSL certificate.

Exploring Windows Admin Center

1. Windows Admin Center opens by itself, or type https://localhost:6516 into your browser. Select the "Windows Admin Center Client Certificate" and click "OK".

1. Currently, Windows Admin Center is only connected to the PC on which it was configured.

1. Click on the Windows 10 PC, let's explore the various options available.

Through this web console, we can view and manage the configurations and settings of our PC.

Benefits of Windows Admin Center

Windows Admin Center comprises two primary components:

Gateway: It oversees servers via PowerShell remoting and Windows Management Instrumentation (WMI) using Windows Remote Management (WINRM).

Web server: It processes HTTPS requests and delivers the user interface to the web browser on the management station. This component functions as a compact web server tailored for this specific role, rather than a complete installation of Internet Information Services (IIS).

The following table describes the benefits of Windows Admin Center:

Benefit	Description
Easy to install and use	You can download and install it on Windows 10 or Windows Server through a single Windows Installer (MSI) and access it from a supported web browser.
Compliments existing solutions	It does not replace but compliments existing solutions such as Remote Server Administration Tools, System Center, and Azure Monitor.
Manage from the internet	It can be securely published to the public internet so you can connect to and manage servers from anywhere.
Enhanced security	Role-based access control lets you fine-tune which administrators have access to which management features. Gateway authentication provides support for local groups, Active Directory groups, and Microsoft Entra groups.
Azure integration	You can easily get to the proper tool within Windows Admin Center, then launch it to the Azure portal for full management of Azure services.
Extensibility	A Software Development Kit (SDK) will allow Microsoft and other partners to develop new tools and solutions for more products.
No external dependencies	Windows Admin Center doesn't require internet access or Microsoft Azure. There is no requirement for IIS or SQL server and there are no agents to deploy. The only dependency is to the requirement of Windows Management Framework 5.1 on managed servers.

Server Manager

Server Manager is a management console in Windows Server that helps IT professionals provision and manage both local and remote servers without requiring physical access to each server. It allows for tasks like starting or stopping services, configuring network settings, managing users and groups, and troubleshooting configuration issues.

Server Manager initially opens to a dashboard which provides quick access to:

1. Configuring the local server.

2. Adding roles and features.

3. Adding other servers to manage.

4. Creating a server group.

5. Connecting this server to cloud services.

Server Manager has a section for properties of the local server. From the Local Server node, you can perform different types of initial configuration that are similar to those you can configure with the Sconfig tool, including:

1. Computer name and domain membership

2. Windows Firewall settings

3. Remote Desktop

4. Network settings

5. Windows Update settings

6. Time zone

7. Windows activation

This section also provides basic information about the hardware, such as:

• Operating system version

• Processor information

• Amount of memory

• Total disk space

Remote Server Administration Tools

RSAT, which stands for Remote Server Administration Tools, is a set of tools provided by Microsoft that allows IT administrators to remotely manage roles and functions in Windows Server from a Windows client machine. Administrators can perform administrative tasks on remote servers without needing to physically access them. This helps streamline server management processes and enables administrators to efficiently monitor and administer multiple servers from a centralized location.

Enabling RSAT

1. Open the Settings on the client computer. Select Apps & Features and Click on Optional Features

1. Select Add a feature.

1. Searching for RSAT will reveal a variety of RSAT-related optional features that can be installed as per your requirements.

Tool	Description
Active Directory Certificate Services Tools	Includes Certification Authority, Certificate Templates, Enterprise PKI, and Online Responder Management snap-ins.
Active Directory Domain Services Tools and Active Directory Lightweight Directory Services Tools	Includes Active Directory Administrative Center, Active Directory Domains and Trusts, Active Directory Sites and Services, Active Directory Users and Computers, ADSI Edit, Active Directory module for Windows PowerShell, and tools such as DCPromo.exe, LDP.exe, NetDom.exe, NTDSUtil.exe, RepAdmin.exe, DCDiag.exe, DSACLs.exe, DSAdd.exe, DSDBUtil.exe, DSMgmt.exe, DSMod.exe, DSMove.exe, DSQuery.exe, DSRm.exe, GPFixup.exe, KSetup.exe, KtPass.exe, NlTest.exe, NSLookup.exe, and W32tm.exe.
BitLocker Drive Encryption Administration Utilities	Includes Manage-bde, Windows PowerShell cmdlets for BitLocker, and BitLocker Recovery Password Viewer for Active Directory.
DHCP Server Tools	Includes the DHCP Management Console, the DHCP Server cmdlet module for Windows PowerShell, and the Netsh command-line tool
DNS Server Tools	Includes the DNS Manager snap-in, the DNS module for Windows PowerShell, and the Ddnscmd.exe command-line tool.
Failover Clustering Tools	Includes Failover Cluster Manager, Failover Clusters (Windows PowerShell cmdlets), MSClus, Cluster.exe, Cluster-Aware Updating management console, and Cluster-Aware Updating cmdlets for Windows PowerShell.
File Services Tools	Includes the following: Share and Storage Management Tools, Distributed File System Tools, File Server Resource Manager Tools, Services for NFS Administration Tools, iSCSI management cmdlets for Windows PowerShell
Group Policy Management Tools	Includes Group Policy Management Console, Group Policy Management Editor, and Group Policy Starter GPO Editor.
IP Address Management (IPAM) Tools	Includes tools for managing remote IPAM server.
Network Controller Management Tools	Includes PowerShell tools for managing Network Controller on Windows Server.
Network Load Balancing Tools	Includes the Network Load Balancing Manager, Network Load Balancing Windows PowerShell cmdlets, and the NLB.exe and WLBS.exe command-line tools.
Remote Access Management Tools	Includes graphical and PowerShell tools for managing the Remote Access role.
Remote Desktop Services Tools	Includes snap-ins for Remote Desktop Licensing Manager, Remote Desktop Licensing Diagnostics, and Remote Desktop Gateway Manager.
Server Manager	Includes the Server Manager console.
Shielded VM Tools	Includes Provisioning Data File Wizard and Template Disk Wizard.
Storage Migration Service Management Tools	Provides management tools for storage migration tasks.
Storage Replica Module for Windows PowerShell	Includes the PowerShell module enabling you to remotely manage the Storage Replica feature.
System Insights Module for Windows PowerShell	Provides System Insights PowerShell module.
Volume Activation Tools	Manages volume activation through the vmw.exe file.
Windows Server Update Services Tools	Includes the Windows Server Update Services snap-in, WSUS.msc, and PowerShell cmdlets