Although local administration is the most secure way to manage the computers in a networked environment, cost, staffing, and system availability requirements typically preclude this approach in medium to large organizations. Remote management can solve many of these problems by increasing productivity, decreasing time to resolution, decreasing staffing requirements, and allowing more flexibility in server placement. Remote management can also resolve physical accessibility issues for servers that are remotely located or rack mounted — whether they are headless or use keyboard-video-mouse (KVM) switches.
Windows Server 2003 provides a variety of tools and technologies to help you remotely administer the servers in your network. Conventional tools help you perform common tasks on computers that are functioning and available over the network. These tools are sometimes referred to as in-band tools because they function through the standard network connection. Other tools allow you to connect to a computer that is not responding to the standard network connection for some reason, such as when a Stop error occurs or the network adapter fails. These tools are sometimes referred to as out-of-band tools because they use a connection that does not depend on network drivers.
Emergency Management Services is a new feature in Windows Server 2003 that supports out-of-band connections. Emergency Management Services is included with Microsoft Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition; and Windows Server 2003, Web Edition.
Before you begin managing servers remotely using in-band or out-of-band tools, you need to develop a remote management plan. A remote management plan ensures that you choose the appropriate remote management tools and management configurations for your organization and that you address all the impacts they might have on your infrastructure.
To develop your plan, you first need to know the server configuration in your organization: where the servers are located and what roles they perform. You also need to know the availability requirements for the servers you plan to manage remotely and who the administrators are.
Follow the planning process presented here to develop a plan for remotely managing the servers in your environment. This planning process addresses tools for Windows Server 2003 remote installation, in-band management tasks — such as configuring, monitoring, and troubleshooting — and out-of-band management tasks — such as restarting the computer and viewing Stop error messages. It does not address workstation management or software distribution tools for applications and updates.
To produce an effective remote management plan, you need to determine which servers to manage and when to manage them remotely or locally, the tools to use, the required supporting hardware components and configurations, network and security considerations and remediation, and whether and how to deploy Windows Server 2003 remotely. These factors are included in the process presented here. Figure 5.1 illustrates the steps in the remote management planning process.
Figure 5.1: Planning Remote Management
Conventional remote management involves establishing an in-band connection to a server to manage it across the network. As a class, in-band management tools are robust, versatile, and secure. Whenever a server is functioning and available across the network, in-band management tools are the tools of choice. In the past, this type of management was the only type of remote management available for servers running Windows operating systems.
By using Windows Server 2003, you can also manage servers by using out-of-band connections that make it possible to perform management tasks when the server is not responding to the standard network connection. When you lose the capability to manage the server with the in-band connection — such as when the firmware is initializing, a Stop error occurs, or the server stops responding — you need to use an out-of-band connection to manage it remotely.
A primary purpose of the out-of-band connection is to provide a means for you to return the server to a functioning state so that you can continue to manage it with your conventional in-band tools. Out-of-band management also makes it possible for you to configure servers for headless operation, which means the local keyboard and monitor are optional. When combined with appropriate out-of-band hardware components, Windows Server 2003-based servers need to be managed locally only for hardware installation or replacement.
| Note |
For a document to assist you in setting up headless servers, see "Headless Server Quick Start" (SDCEMS_1.doc) on the Microsoft Windows Server 2003 Deployment Kit companion CD (or see "Headless Server Quick Start" on the Web at http://www.microsoft.com/reskit). |
Conventional remote management tools, such as Telnet, use in-band connections for communicating with the managed server. In-band connections rely on operating system network drivers for establishing connections between computers, so a server must be initialized and operational to be managed with these tools.
The most common in-band connection hardware device is a network adapter, such as an Ethernet adapter, analog modem, or Integrated Services Digital Network (ISDN) modem. The most typical method of in-band remote management is connecting through the network directly to the server, but you can also use Windows Server 2003 remote access and virtual private network (VPN) connections to manage servers through an in-band connection.
Typical tasks performed by using in-band management tools include routine configuration, monitoring, troubleshooting, and maintenance.
When a server is not in a functional state and cannot be accessed by using the standard network connection, you need to use an out-of-band connection to manage it remotely. Out-of-band connections do not rely on operating system network drivers for establishing connections between computers. The following are typical situations when you might need to manage a computer by using an out-of-band connection:
The server is powered down.
The BIOS is conducting the POST.
A Stop error occurs.
The server is too low on resources to respond adequately.
The network adapter malfunctions or fails.
The Windows loader or Recovery Console is running.
The server is not fully initialized.
Common out-of-band connection hardware devices include serial ports, analog modems, and ISDN modems. In addition, out-of-band hardware components known as service processors can in some cases provide out-of-band connections over the network. A service processor is a microprocessor that functions independently of the CPU(s) in a computer and provides additional server management functionality for any operating state, whether or not the operating system is functioning.
Emergency Management Services, as well as features built into some hardware components and firmware, support out-of-band connections. Hardware components that support out-of-band connections include service processors, terminal concentrators, intelligent uninterruptible power supplies (UPSs), and intelligent power switches. A terminal concentrator is a hardware device that allows you to monitor multiple servers simultaneously by connecting to their out-of-band serial ports through a single network connection. An intelligent UPS or intelligent power switch is one that provides some remote functionality, such as powering up or down or resetting a computer. These components are described in detail in "Choosing Software and Hardware Tools" later in this chapter.
Console redirection is a key out-of-band feature that sends keyboard input and character-based output destined for the local display device to the out-of-band port so that you can view the information on a remote computer. Console redirection does not preclude locally attached monitors and keyboards: a computer with console redirection can still process input from a local keyboard and display output to a local monitor.
Emergency Management Services, service processors, and some system firmware provide console redirection. The extensible firmware interface (EFI) on Itanium-based computers typically provides console redirection. The BIOS on x86-based computers might or might not provide console redirection; contact your computer manufacturer to find out.
The specific component that controls console redirection changes as the operating state changes. For example, a service processor or firmware provides console redirection during power up and during the Power On Self Test (POST), and Emergency Management Services provides console redirection as soon as the Windows loader (Ntldr) starts. You can transfer control of console redirection to another component, such as a service processor, by entering specific escape sequences from the management computer.
Additional components that support out-of-band connections are described later in this chapter.
Emergency Management Services is a new feature in Windows Server 2003 that provides out-of-band connections through a serial port or, in the case of some service processors, an alternate network connection. With Emergency Management Services, you can perform administrative tasks remotely using an out-of-band connection. When you combine Emergency Management Services with the appropriate out-of-band hardware, you can perform all administrative tasks remotely, except for installing or replacing hardware.
Emergency Management Services features are fully or partially available when the Windows Server 2003 operating system is loading, is running, or is in distress — such as when it is slow or not responding or when a Stop error occurs.
The three Emergency Management Services features that support out-of-band management are console redirection, Special Administration Console (SAC), and ! Special Administration Console (!SAC). The Windows Server 2003 loader or kernel must be at least partially functioning for these features to be available.
Emergency Management Services can redirect keyboard input and character-based output when any of the following Windows Server 2003 components are running:
The operating system loader on x86-based multiple-boot computers
Recovery Console
The Windows Server 2003 kernel
The command prompt (cmd.exe)
Text-mode Setup, during Windows Server 2003 installation
Remote Installation Services (RIS) Setup
For more information about how Emergency Management Services console redirection works with these components and when it is not available, see the Server Management Guide of the Windows Server 2003 Resource Kit (or see the Server Management Guide on the Web at http://www.microsoft.com/reskit).
Special Administration Console (SAC) is the primary Emergency Management Services command-line environment. It provides a variety of commands for monitoring server status and troubleshooting problems during emergencies. SAC is available whenever the Windows Server 2003 kernel is running in normal mode, safe mode, and during the graphical user interface (GUI)-mode phase of Setup.
| Caution |
Using SAC during an operating system upgrade or installation might cause the upgrade or installation to fail or become unstable. |
Using SAC, you can establish multiple user sessions, called channels, and switch between them. Although SAC is separate from the Windows Server 2003 command prompt (cmd.exe), you can establish a command prompt channel from SAC and then switch between SAC and the command prompt channels by using SAC commands or escape sequences. During the GUI-mode phase of Setup, you can also establish a channel for viewing setup logs so that you can troubleshoot unresponsive or failed operating system installations. You can access only one channel at a time, which means that multiuser access to SAC is not available. To create a SAC channel, you must use a local Administrator account; therefore, all the commands that you run in a channel run as local administrator.
For more information about SAC capabilities and how to use them, see the Server Management Guide of the Windows Server 2003 Resource Kit (or see the Server Management Guide on the Web at http://www.microsoft.com/reskit). For more information about SAC commands, see "Special Administration Console (SAC) and SAC commands" in Help and Support Center for Windows Server 2003.
! Special Administration Console (! SAC) is a scaled-down version of SAC that is designed to recover an unresponsive system — for example, due to a Stop error. You cannot directly invoke !SAC; it becomes available automatically when a server experiences a system failure or fault. ! SAC is a last-resort tool that lets you view Stop messages, obtain computer identification information, and restart the server.
Headless servers are computers that can operate without a keyboard, mouse, and local monitor. If the system firmware supports it, the video adapter and keyboard controller are also optional. Emergency Management Services, in combination with the appropriate hardware and system firmware console redirection, makes it possible for you to configure servers running Windows Server 2003 for headless operation. Redirecting firmware allows the system to pass the POST without a video adapter. When a server runs Emergency Management Services, you can manage it with both in-band and out-of-band tools, making locally attached input and output devices unnecessary.
Using headless servers does not preclude having locally attached input devices. Depending on your hardware configuration, you might be able to attach and remove local devices, such as Universal Serial Bus (USB) keyboards and mouse devices, as needed.
Computer manufactures offer preconfigured headless systems that have no keyboard controller, video adapter, and mouse. For more information about purchasing a headless computer or configuring your existing computers for headless operation, contact your computer manufacturer.