Installing and configuring Nano Server

What is Nano Server?

Nano Server is a new installation option for Windows Server 2016 that is similar to Windows Server in Server Core mode. However, although it has a significantly smaller hardware footprint, it has no local sign-in capability and supports only 64-bit apps, tools, and agents. Setup is significantly faster, and after installation, the operating system requires far fewer updates.

  Note: Nano Server is not available for selection through the Windows Server 2016 setup wizard. Instead, you must create a virtual hard

drive by using Windows PowerShell. You can then use this virtual hard drive on a virtual machine to support a virtualized Nano Server in Hyper-V, or you can configure your server computer to start from a .vhd file for a physical Nano Server deployment option.


Use scenarios
Nano Server is ideal for use in the following scenarios:
   Hyper-V host for virtual machines, either in clusters or not (compute host) USE
   As a storage host for a scale-out file server, either in clusters or not
   As a DNS server
   As a web server running Microsoft Internet Information Services (IIS)
   As a host for applications that are developed by using cloud application patterns and run in a
container or virtual machine guest operating system .ONLY
Server roles available in Nano Server

The following table shows the server roles and features that you can either install when you deploy Nano
Server or subsequently install by using Windows PowerShell on a previously deployed Nano Server.


Role or feature Option to install

Hyper-V role -Compute

Failover clustering -Clustering  


Drivers for a variety of network adapters and -OEMDrivers
storage controllers (this is the same set of
drivers included in a Server Core installation of
Windows Server 2016)

File Server role and other storage components -Storage

Windows Defender Antimalware, including a -Defender
default signature file

DNS Server role -Packages Microsoft-NanoServer-DNS-Package

Desired State Configuration  Packages Microsoft-NanoServer-DSC-Package

IIS -Packages Microsoft-NanoServer-IIS-Package

Host support for Windows Containers -Containers

System Center Virtual Machine Manager agent
-Packages Microsoft-Windows-Server-SCVMM-
Package
-Packages Microsoft-Windows-Server-SCVMM-

Compute-Package

Network Performance Diagnostics Service -Packages Microsoft-NanoServer-NPDS-
(NPDS) Package

Data Center Bridging -Packages Microsoft-NanoServer-DCB-Package

Boot and run from a RAM disk -Packages Microsoft-NanoServer-Guest-
Package

Deploy on a virtual machine -Packages Microsoft-NanoServer-Host-Package



Role or feature Option to install


Secure Startup -Packages Microsoft-NanoServer-
SecureStartup-Package
Shielded Virtual Machine -Packages Microsoft-NanoServer-ShieldedVM-
Package


While many roles are supported by Nano Server, several important roles and features are not supported, including AD DS, AD CS, and DHCP.

features and improvements introduced in Windows Server 2016

features and feature improvements were introduced in Windows Server 2016:

   Nano Server. Nano Server is a new installation option for Windows Server 2016. With no graphical or

command prompt interface, it has a significantly lower hardware requirement than Server Core. NanoUSE

Server is the ideal platform for Hyper-V, Hyper-V cluster, and scale-out file servers and cloud service .ONLY

apps.

   Windows Server containers and Hyper-V containers. Containers enable you to isolate your apps from

the operating system environment. This improves security and reliability. Windows containers are

isolated from one another but run on the host operating system. Hyper-V containers are further

isolated, because they run within a virtual machine.

   Docker. Docker is a technology for managing containers. Although Docker is usually associated with

Linux, Windows Server 2016 provides support for Docker for managing Windows containers andHyper-V containers.

   Rolling upgrades for Hyper-V and storage clusters. These upgrades enable you to add Windows

Server 2016 nodes to an existing Windows Server 2012 R2 failover cluster. The cluster continues to

operate at a Windows Server 2012 R2 functional level until all the nodes are upgraded.

   The ability to hot add and hot remove virtual memory and network adapters from virtual machines. In

Hyper-V in Windows Server 2016, you can now add or remove virtual memory and network adapters

while the virtual machines are running.

   Nested virtualization. In Hyper-V in Windows Server 2016, you can enable nested virtualization,

enabling you to run Hyper-V virtual machines within a virtual machine.

   Shielded virtual machines. Shielding your virtual machines enables you to help protect the data on

them from unauthorized access.

USE

   PowerShell Direct. This feature enables you to run Windows PowerShell commands against a guest

operating system in a virtual machine without handling security policies, host network settings, or

firewall settings.

   Windows Defender. Windows Defender is provided to help protect your server against malware.

Although the Windows Defender interface is not installed by default, the antimalware patterns are automatically kept up-to-date.

 Storage Spaces Direct. This feature enables you to build highly available storage with directly attached disks on each node in a cluster. The Server Message Block 3 (SMB3) protocol provides resiliency.

 Storage Replica. This feature enables you to synchronously or asynchronously replicate volumes at the block level.

 Microsoft Passport. This service replaces passwords with two-factor authentication that consists of an enrolled device and a Windows Hello (biometric) or PIN. This helps provide a more secure and convenient sign-in experience.

 Remote Desktop Services. You can now use an Azure SQL database to create a high availability environment for Remote Desktop Connection Broker.

 Active Directory Domain Services (AD DS). AD DS improvements include support for privileged access management (PAM), support for Azure AD Join, along with support for Microsoft Passport.

Note: Windows Server 2016 includes many other improvements to existing features. For a

full list of all the changes in Windows Server 2016, refer to: “What's New in Windows Server 2016

Technical Preview 5” at: http://aka.ms/S4u2tt

Nano Server

Nano Server

The requirements for Nano Server depend on the features and roles installed. Nano Server runs from a VHD, either from within Hyper-V, or you can boot directly from the VHD at startup. The smallest Nano Server VHD will be approximately 440 MB, before installing features such as IIS or commonly used drivers. A VHD with IIS and commonly used drivers will be just over 500 MB.

Other hardware requirements

In addition to the previously referenced requirements, there are a variety of other hardware requirements

to keep in mind, depending on your specific organizational needs and installation scenarios:

   Greater disk space is required for network installations or for computers with more than 16 GB of RAM.

   Storage and network adapters must be PCI Express compliant.

   A Trusted Platform Module (TPM) 2.0 chip is required for certain features such as BitLocker Drive Encryption.

Overview of installation options

When you install Windows Server 2016, you can USE

select one of three installation options:

   Windows Server 2016 (Desktop Experience).

This is a full server installation and includes a

complete graphical management interface.

This installation option supports all Windows .ONLY

Server roles.

   Windows Server 2016. This is the equivalent of

Server Core in earlier versions of Windows

Server and provides for a command-line

management interface. This installation option

has a reduced hardware footprint but does

not support all Windows Server roles.

   Nano Server. This is a new installation option for which Windows Server 2012 and earlier versions  

   Hyper-V role

have no equivalent. Nano Server is administered remotely and optimized for hosting in private clouds and datacenters, and for running applications that are developed by using cloud application patterns.

Nano Server cannot be directly installed from the installation media during setup. Nano Server is installed as a VHD or as a Windows Imaging (WIM) file that is built using Windows PowerShell cmdlets. The VHD file can be booted from within Hyper-V or booted directly from a physical machine. The WIM file can be applied after booting into the Windows Preinstallation Environment (WinPE).

When creating the VHD for a Nano Server, you can select either the Standard or Datacenter edition of Nano Server and select various Packages that are used to add server roles and features to a VHD image. Some of these roles and features include:

 Failover Clustering USE

 IIS

 File Server role

 DNS Server role

   Host support for Windows Containers  

Note: Installing Server Core and Nano Server is covered in detail in the next lesson.

prompted to install the appropriate administrative tools. The best practice is to manage servers remotely by using the Remote Server Administration Tools (RSAT) available for Windows

Managing servers remotely MCT

Performing the interactive management of

USE

Windows Server is not the best practice. With

Server Core and, to a greater extent, Nano Server,

your local management options are very limited.

After you have configured the network and

firewall settings of Server Core or Nano Server, you

must perform other management tasks remotely.

.ONLY

When you install a role or feature, you will be

10. RSAT includes the full set of administrative tools, including Server Manager, the Active Directory Administrative Center, and management consoles. You can later choose to disable the tools by using Turn Windows features on or off in Control Panel.

  Note: For a full list of all the tools included in RSAT for Windows 10, refer to: “Remote Server Administration Tolls (RSAT) for Windows Client and Windows Server (dsform2wiki)” at: http://aka.ms/hz53ry

To download Remote Server Administration Tools, see http://aka.ms/wzpq0j

Server Manager

Server Manager is part of the Windows Server 2016 Desktop Experience, or you can run it from a Windows 10 workstation when installed as part of RSAT. Server Manager is the primary GUI tool to manage computers running Windows Server 2016. The Server Manager console can manage both local and remote servers. You can also manage servers as groups, allowing you to perform the same administrative tasks quickly across multiple servers. You can also use Server Manager to run the Best Practices Analyzer to determine if the roles are functioning properly on the servers in your network.

Windows PowerShell remoting and PowerShell Direct

You can use Windows PowerShell to run Windows PowerShell commands or scripts against correctly configured remote servers if the script is hosted on the local server. With Windows PowerShell remoting, where necessary, you can also load Windows PowerShell modules locally, such as those part of Server Manager, and run the cmdlets available in that module against appropriately configured remote servers. In Windows Server 2016, you also have the option of using PowerShell Direct to run PowerShell scripts or cmdlets on virtual machines from a Hyper-V host.

  Note: More information about PowerShell Direct is provided in Module 5, “Installing and configuring Hyper-V and virtual machines.”

Remote Shell

Windows Remote Shell (WinRS) is a command-line tool that allows you to execute remote commands on a target server that supports Windows Remote Management (WinRM). WinRM is a collection of standards-based technologies that enables administrators to manage server hardware when signed in directly or over the network. Server Manager and Windows PowerShell remoting also rely on WinRM in Windows Server 2016.

 

Remote desktop

You can connect to a remote server computer that is running the Server Core installation or the full

installation by using Remote Desktop. On Server Core, you must enable Remote Desktop by using USE

Sconfig.cmd. You cannot use Remote Desktop to remotely manage Nano Server.

Group Policy

You can use Group Policy to manage Server Core and full installations of Windows Server 2016, just like

you can manage any other computer running Windows. However, you cannot use Group Policy to

manage Nano Server. Later topics in this module discuss options for using Windows PowerShell for .ONLY

applying Group Policy settings to Nano Server installations.

Firewall settings

Microsoft Management Console (MMC) and some other tools used for remote server management rely on the Distributed Component Object Model (DCOM) . Even Server Manager, when managing servers running Windows Server 2008 without the Windows Management Framework updates installed, depends on DCOM. DCOM, unlike WinRM, requires Windows Firewall on the computer running the remote management tools to be configured to allow exceptions to multiple rules. These exceptions include:

COM+ Network Access (DCOM-In)

Remote Event Log Management (NP-In)

Remote Event Log Management (RPC)

Remote Event Log Management (RPC-EPMAP)

  Additional Reading: For more information about configuring firewall settings to support remote management, refer to the procedure: “To configure MMC or other tool remote management over DCOM” in the topic “Configure Remote Management in Server Manager” at: http://aka.ms/eyxjjf

Using Windows PowerShell 5.0 to manage servers

Windows PowerShell 5.0 is a scripting language and command-line interface that is designed to assist you in performing day-to-day administrative tasks. Windows PowerShell cmdlets execute at a Windows PowerShell command prompt or combine into Windows PowerShell scripts. With the introduction of Nano Server, a headless server environment, it is necessary to use Windows PowerShell to manage servers remotely. A headless server has no graphical user interface and there is no capability for local sign-in.

Importing modules

Some Windows PowerShell cmdlets are not available in the default Windows PowerShell library. When you enable some Windows features or want to administer particular environments, you must obtain additional Windows PowerShell functions. These additional functions are packaged in modules. For example, to manage Nano Server, Windows Server containers, and Azure AD with Windows PowerShell, you must import the required modules.

STUDENT USE PROHIBITED

Note: Windows PowerShell DSC is covered in detail in Module 12, “Managing, monitoring, and maintaining virtual machine installations.”

Windows PowerShell DSC is a set of Windows PowerShell extensions, cmdlets, and resources that support configuring and managing remote computers in a scalable and standardized manner by pushing or pulling declarative configurations.

Windows PowerShell Desired State Configuration (DSC)

You can then run the same cmdlets that you normally run in the same way as with any other remote Windows PowerShell situation.

Enter-PSSession -VMName VMName

To use PowerShell Direct, from your host, run the following Windows PowerShell cmdlet:

Lesson 1 Introducing Windows Server 2016

Lesson 1

Introducing Windows Server 2016

Knowing the capabilities of the Windows Server 2016 operating system enables you to use it effectively and take full advantage of what it can offer your organization. Some of the many improvements to Windows Server 2016 include increased scalability and performance; improved virtualization; improved management tools; and additional deployment options, including Nano Server. This lesson explores these new features and capabilities in Windows Server 2016, in particular those in the computer and storage space, along with the various installation options available.

Lesson Objectives

After completing this lesson, you will be able to:

                                    Select a suitable Windows Server 2016 edition.

                                    Describe the hardware requirements for Windows Server 2016.

                                    Describe installation options for Windows Server 2016.

                                    Describe the tools available for remoting managing Windows Server 2016.

                                    Explain how to use Windows PowerShell 5.0 to manage servers.

                                    Describe the new and improved features of Windows Server 2016.

Selecting a suitable Windows Server 2016 edition

You can choose one of several editions of Windows Server 2016. These editions allow organizations to select a version of Windows Server 2016 that best meets their needs, rather than pay for features they do not require. When deploying a server for a specific role, system administrators can save substantially by selecting the appropriate edition. The following table describes the Windows Server 2016 editions.

Edition                                      Description

Windows Server 2016           Windows Server 2016 Essentials edition is designed for small businesses.

Essentials edition                  It corresponds to Windows Small Business Server from earlier versions of Windows Server. This edition allows up to 25 users and 50 devices. It supports two processor cores and up to 64 gigabytes (GB) of random access memory (RAM). It does not support many of the features of Windows Server 2016, including virtualization.

Windows Server 2016           Windows Server 2016 Standard edition is designed for physical server

Standard edition                     environments with little or no virtualization. It provides many of the roles and features available for the Windows Server 2016 operating system. This edition supports up to 64 sockets and up to 4 terabytes (TB) of RAM. It includes licenses for up to two virtual machines and supports Nano Server installation.

Hardware requirements

The hardware requirements needed to support Windows Server 2016 depend on the services that the server is hosting, the load on the server, and how responsive you want the server to be. The services and features of each role put a unique load on network, disk I/O, processor, and memory resources

The following table shows the absolute minimum required for a Server Core installation on a physical
machine.
Component	Requirement
Processor	64-bit
architecture
Processor speed	1.4 gigahertz (GHz)
RAM	512 MB
Hard drive space	32 GB

				MCT
Edition		Description
		Note: You can run two virtual machines on one physical host, using
		one standard license, as long as the physical host is only used for hosting
		and managing the virtual machines. If the physical host is used to run	USE
		other services, such as DNS, you can only run one virtual machine. For
		more information about Windows licensing, speak with a Microsoft
		licensing specialist.
Windows Server 2016		Windows Server 2016 Datacenter edition is designed for highly	ONLY
Datacenter edition		virtualized infrastructures, including private cloud and hybrid cloud
		environments. It provides all of the roles and features available for the
		Windows Server 2016 operating system. This edition supports up to 64
		sockets, up to 640 processor cores, and up to 4 TB of RAM. It includes
		unlimited Windows Server–based virtual machine licenses for virtual
		machines that run on the same hardware. It also includes new features
		such as Storage Spaces Direct and Storage Replica, along with new
		Shielded Virtual Machines and features for software—defined datacenter
		scenarios.	.
Microsoft Hyper-V Server		Acts as a stand-alone virtualization server for virtual machines, including
2016		all the new features around virtualization in Windows Server 2016. The
		host operating system has no licensing cost, but virtual machines must be
		licensed separately. This edition supports up to 64 sockets and up to 4 TB
		of RAM. It supports domain joining. It does not support Windows
		Server 2016 roles other than limited file service features. This edition has
		no GUI but does have a UI that displays a menu of configuration tasks.
Windows Storage		Acts as an entry-level unified storage appliance. This edition allows 50
Server 2016 Workgroup		users, one processor core, and 32 GB of RAM. It supports domain joining.
edition
Windows Storage		Supports up to 64 sockets but is licensed on a two-socket, incrementing	STUDENT
Server 2016 Standard		basis. This edition supports up to 4 TB of RAM. It includes two virtual
edition		machine licenses. It supports domain joining. It supports some roles,	USE
		including Domain Name System (DNS) and Dynamic Host Configuration
		Protocol (DHCP) server roles, but does not support others, including
		Active Directory Domain Services (AD DS), Active Directory Certificate
		Services (AD CS), or Active Directory Federation  Services (AD FS).