Logo
programming4us
programming4us
programming4us
programming4us
 Home
programming4us
 XP
programming4us
 Windows Vista
programming4us
 Windows 7
programming4us
 Windows Azure
programming4us
 Windows Server
programming4us
 Windows Phone
 
Windows Server

Managing Windows Server 2012 Systems : Configuring Roles, Role Services, and Features (part 4) - Managing server binaries

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
10/25/2014 8:59:50 PM

Removing server roles and features

You can remove a server role by following these steps:

  1. In Server Manager, select Remove Roles And Features on the Manage menu. This starts the Remove Roles And Features Wizard.

    Note

    If the wizard displays the Before You Begin page, read the introductory text and then tap or click Next. You can avoid seeing the Before You Begin page the next time you start this wizard by selecting the Skip This Page By Default check box before tapping or clicking Next.

  2. On the Server Selection page, you can choose to remove roles and features from running servers or virtual hard disks. Only servers running Windows Server 2012 and that have been added for management are listed. Either select a server from the server pool or select a server from the server pool on which to mount a virtual hard disk (VHD). If you are removing roles and features from a VHD, tap or click Browse and then use the Browse For Virtual Hard Disks dialog box to locate the VHD. When you are ready to continue, tap or click Next.

  3. On the Server Roles page, shown in Figure 4, clear the check box for the role you want to remove. If you try to remove a role that another role or feature depends on, a warning prompt appears stating that you cannot remove the role unless you remove the other role as well. If you tap or click the Remove Features button, Setup removes the dependent roles and features as well. Note that if you want to keep related management tools, you should clear the Remove Management Tools check box prior to tapping or clicking the Remove Features button and then click Continue. Tap or click Next.

    Clear selected roles to remove them.
    Figure 4. Clear selected roles to remove them.

  4. On the Features page, the currently installed features are selected. To remove a feature, clear the related check box. If you try to remove a feature that another feature or role depends on, you’ll see a warning prompt stating that you cannot remove the feature unless you also remove the other feature or role. If you tap or click the Remove Features button, Setup removes the dependent roles and features as well. Note that if you want to keep related management tools, you should clear the Remove Management Tools check box and then click Continue prior to tapping or clicking the Remove Features button. Tap or click Next.

  5. On the Confirmation page, review the components that Setup will remove based on your previous selections. Restarting the destination server might be required to complete the removal of some roles and features. To automatically restart the destination server if required, select the related check box. If you don’t select this check box and a restart is required, you will need to manually restart the server to complete the removal.

  6. Tap or click Remove. The Removal Progress page tracks the progress of the removal. If you close the wizard, tap or click the Notifications icon in Server Manager and then tap or click the link provided to re-open the wizard.

When Setup finishes modifying the server configuration, you’ll see the Removal Progress page. Review the modification details to ensure that all phases of the removal process were completed successfully. As necessary, note any additional actions that might be required to complete the removal, such as restarting the server or performing additional removal tasks. If any portion of the removal failed, review the Server Manager entries for removal problems and take corrective actions as appropriate.

Managing server binaries

Binaries needed to install roles and features are referred to as payloads. With Windows Server 2012, payloads normally are stored in subfolders of the Windows Side-by-Side folder (%SystemDrive%\Windows\WinSXS). However, to enhance security, you can disable roles and features and remove the payload used to install these roles and features. When you remove a payload, servers try to get the required binary files via Windows Update by default. In Group Policy, you can configure an alternative to Windows Update. You do this by specifying an alternative download location.

If you want to remove binaries, you use Windows PowerShell to do this and not Server Manager. The ServerManager module for Windows PowerShell is the command-line counterpart of Server Manager.

INSIDE OUT: Importing the ServerManager module

Generally, when you are logged on to a server running Windows Server 2012, this module is imported into Windows PowerShell by default. If you are working from your management computer running a different operating system, however, you might need to import the module before you can use the ServerManager module’s cmdlets. You import the Server Manager module by entering the following command at the Windows PowerShell prompt:

import-module servermanager

Once the module is imported, you can use it with the currently running instance of Windows PowerShell. If the module is not automatically imported, you will need to import the module again the next time you start Windows PowerShell. Note also that if the module isn’t being imported automatically for you when you start Windows PowerShell, you can add an import statement to your profile and scripts to ensure the ServerManager module is available, as shown in this example:

import-module servermanager

The Get-WindowsFeature cmdlet returns a detailed list of a server’s current state with regard to roles, role services, and features. When you type get-windowsfeature at a PowerShell prompt, you’ll see the state of each role, role service, and feature listed as one of the following:

  • Available Meaning the component is available for installation

  • Installed Meaning the component is already installed

  • Removed Meaning the payload for the component has been removed

As shown in the partial listing that follows, each role, role service, or feature is listed by display name and then by its management naming component:

[ ] Active Directory Certificate Services         AD-Certificate           Removed
    [ ] Certification Authority                   ADCS-Cert-Authority      Removed
    [ ] Certificate Enrollment Policy Web Serv... ADCS-Enroll-Web-Pol      Removed
    [ ] Certificate Enrollment Web Service        ADCS-Enroll-Web-Svc      Removed
    [ ] Certification Authority Web Enrollment    ADCS-Web-Enrollment      Removed
    [ ] Network Device Enrollment Service         ADCS-Device-Enrollment   Removed
    [ ] Online Responder                          ADCS-Online-Cert         Removed
[X] Active Directory Domain Services          AD-Domain-Services           Installed
[ ] Active Directory Federation Services      AD-Federation-Services       Available
  [ ] Federation Service                      ADFS-Federation              Available
  [ ] AD FS 1.1 Web Agents                    ADFS-Web-Agents              Available
    [ ] AD FS 1.1 Claims-aware Agent          ADFS-Claims                  Available
    [ ] AD FS 1.1 Windows Token-based Agent   ADFS-Windows-Token           Available
  [ ] Federation Service Proxy                ADFS-Proxy                   Available
[X] Active Directory Rights Management Se...  ADRMS                        Installed

By using Install-WindowsFeature followed by the management name, you can install a role, role service, or feature and get its binaries if necessary. Use –includeallsubfeature when adding components to add all subordinate components. Use –includemanagementtools when adding components to add the related management tools.

You can uninstall a role, role service, or feature using Uninstall-WindowsFeature. If you specify a top-level role with role service and feature subcomponents, the subcomponents are uninstalled as well.

To uninstall a role, role service, or feature and then remove the related binaries from the Windows Side-By-Side folder, you use the –Remove parameter with Uninstall-WindowsFeature. If you specify a top-level role with role service and feature subcomponents, the binaries for the subcomponents are removed as well.

Use –includemanagementtools when removing components to remove the related management tools.

In the previous example, Active Directory Certificate Services and its subcomponents were removed. Knowing this, you could retrieve the binaries for the role, subordinate role services, and features and then install these components as well as the related management tools by entering the following command:

install-windowsfeature ad-certificate -includeallsubfeature -includemanagementtools

Because adding or removing components requires administrator privileges, you must run this command at an elevated PowerShell prompt.

TROUBLESHOOTING: Performing administrator tasks at a prompt

Whether you are working with the command prompt or the Windows PowerShell prompt, you must open an elevated prompt to perform administration tasks. To open an elevated prompt, press and hold or right-click the shortcut for the prompt on Start, Desktop, or the taskbar and then tap or click Run As Administrator.

If you forget to elevate the prompt and try to perform administration, you typically will see an error stating you don’t have adequate user rights to make changes. Sometimes, however, the error message won’t be as explicit and command execution will simply fail.

By default, when you use Install-WindowsFeature, payloads are restored via Windows Update. You can use the –Source parameter to restore a payload from a Windows Imaging (WIM) mount point. For example, if an image for Windows Server 2012 is available at the network path \\ImageServer32\WinServer12EE, you could specify the source as follows:

install-windowsfeature -name ad-certificate -includeallsubfeature
-source \\imageserver18\winserver12ee

The path you specify is used only if the required binaries are not found in the Windows Side-By-Side folder on the destination server. You also can mount the Windows Server 2012 distribution media and use the Windows\WinSXS folder from the installation image as your source. To do this, follow these steps:

  1. Log on to the server using an account with administrator privileges. Insert the installation disc into the server’s disc drive.

  2. Open an elevated command prompt. Create a folder to mount the Installation image by typing the following command: mkdir c:\mountdir.

  3. Locate the index number of the image you want to use by typing the following command at the elevated prompt: dism /get-wiminfo /wimfile:e:\sources\install.wim, where e: is the drive designator of the server’s disc drive.

  4. Mount the installation image by typing the following command at the elevated prompt: dism /mount-wim /wimfile:e:\sources\install.wim /index:2/mountdir:c:\mountdir /readonly, where e: is the drive designator of the server’s disc drive, 2 is the index of the image to use, and c:\mountdir is the mount directory. Mounting the image might take several minutes.

  5. Open an elevated PowerShell prompt. Use Install-WindowsFeature with the source specified as c:\mountdir\windows\winsxs, as shown in this example:

    install-windowsfeature -name ad-domain-services -includeallsubfeature
    -source c:\mountdir\windows\winsxs

You can use Group Policy to control whether Windows Update is used to restore payloads and to provide alternate source paths for restoring payloads. The policy you want to work with is Specify Settings For Optional Component Installation And Component Repair, which is under Computer Configuration\Administrative Templates\System. This policy also is used for obtaining payloads needed to repair components.

If you enable Specify Settings For Optional Component Installation And Component Repair (as shown in Figure 5), you can do the following:

  • Set at alternate source file path for payloads as a network location. For network shares, type the UNC path to the share, such as \\CorpServer82\WinServer2012\. For mounted Windows images, type the WIM path prefixed with WIM: and including the index of the image to use, such as WIM:\\CorpServer82\WinServer2012\install.wim:4.

  • Restrict downloading payloads from Windows Update. If you enable the policy and use this option, you do not have to specify an alternate path. In this case, payloads cannot be obtained automatically and administrators will need to explicitly specify the alternate source path.

  • Designate Windows Update as the source for repairing components rather than Windows Server Update Services.

TROUBLESHOOTING: Resolving blocked downloads of binaries

Disabling or not configuring Specify Settings For Optional Component Installation And Component Repair doesn’t disable component installation and repair. In fact, if you disable or do not configure this policy, Windows uses the standard approach for installing and repairing components, which is to do so via Windows Update. However, if you enable this policy and then specify to never attempt to download payloads from Windows Update, you prevent computers from using Windows Update and require them to get the payload from a designated alternate source. If you don’t specify an alternate source (or the alternate source is inaccessible), computers are blocked from getting payloads for removed components as well as payloads for components that need to be repaired. To re-enable automatic component installation and repair, you will need to change the policy state to either Not Configured or Disabled and then refresh the policy (or wait for the policy to refresh automatically).

Configuring component installation and repair through Group Policy.
Figure 5. Configuring component installation and repair through Group Policy.
Other -----------------
- Windows Server 2012 : Configuring IPsec (part 7) - Configuring connection security rules - Monitoring IPsec
- Windows Server 2012 : Configuring IPsec (part 6) - Configuring connection security rules - Creating a custom rule, Configuring authenticated bypass
- Windows Server 2012 : Configuring IPsec (part 5) - Configuring connection security rules - Creating an authentication exemption rule, Creating a server-to-server rule, Creating a tunnel rule
- Windows Server 2012 : Configuring IPsec (part 4) - Configuring connection security rules - Types of connection security rules, Creating an isolation rule
- Windows Server 2012 : Configuring IPsec (part 3) - Configuring IPsec settings - Customizing IPsec tunnel authorizations, Configuring IPsec settings using Windows PowerShell
- Windows Server 2012 : Configuring IPsec (part 2) - Configuring IPsec settings - Customizing IPsec defaults
- Windows Server 2012 : Configuring IPsec (part 1) - Understanding connection security
- Microsoft Lync Server 2013 : Director Troubleshooting (part 3) - Synthetic Transactions,Telnet
- Microsoft Lync Server 2013 : Director Troubleshooting (part 2) - DNS Records, Logs
- Microsoft Lync Server 2013 : Director Troubleshooting (part 1) - Redirects, Certificates
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
 
programming4us
 Windows Vista
programming4us
 Windows 7
programming4us
 Windows Azure
programming4us
 Windows Server