Server Roles on Windows Server 2008
A server; whether member or domain-based server, can play different roles depending upon the requirement in a corporate environment. Servers can be configured as an Active Directory server, DNS, and DHCP server for administration and securing AD structure, or configure it as a Web server for hosting different sites. Windows server 2008 provides a single console from where we can install, configure, or uninstall various server roles.
Server Manager (installed by default when you install the OS) provides the single point console for configuring server roles and features on the server.
Why use Server Manager?
Server Manager allows an administrator to do the following tasks:
- System administrators can now check what roles and features are already installed on the server and can make changes to it.
- Provides the console to configure the roles and features, stop and start the services and troubleshoot the root cause if any issues arise.
- System admin can now check server status health, check event logging, categorize critical events, and then investigate and troubleshoot the failures.
- Install, configure, and uninstall roles and features either from console or from command line.
We will now look at how we can use Server Manager to configure roles and what tasks can Server Manager do. We will also discuss the various server roles available on Windows server 2008.
#1. Open Start -> Programs -> Administrative Tools -> Server Manager
#2.The left server console Roles section is where we can perform the server role’s task, and on right summary console, we have the option to add and remove roles, and view those roles that are already installed.
#3.Same way we can add features and remove features from Features section on the console and view already installed features.
#4.Click on the Add Roles. This will open the Welcome Add Server Roles Wizard.
Then click on Next.
#5.The next page will provide us the list of Server roles which we can install on the server.
#6.Same way, the Remove Roles wizard is used to uninstall the roles which are already installed.
Now let’s check the various roles that we have on the 2008 server.
#7. Active Directory Certificate Services (AD CS)
This role helps to create and manage public key certificates which then can be used for software, programs, services etc. This certificate service enhances the overall security for today’s IT firms.
AD CS service can be used with these applications:
- Virtual Private Network (VPN)
- Wireless network
- Encrypting File System (EPS)
- Internet mail-based applications
To install AD CS, click on Add Roles and then on Add Roles window, select Active Directory Certificate Server.
As soon as we select AD CS, the wizard will then display various options through sequence of installation dialog pages to install and customize the role. This holds true for other roles installation also.
Note: When we select a Role and if that role has some dependencies, Add roles wizard will automatically pick these dependencies and provide you an option to install those as well.
#8.Active Directory Domain Services
AD DS is the backbone of a domain-based network, where this service stores information about various network resources such as users, systems, network devices etc. This information is then sent back to users and administrators whenever they need it. To implement mailing exchange server and GP, we must have AD DS installed.
#9.Active Directory Federation Services
AD FS allows users to access online web applications securely across various organizations using a single account by using the web single sign on (SSO) process.
#10.Active Directory Lightweight Directory Services
AD LDS keeps information of applications that are not related to the company’s main AD structure. This service works without deploying an AD and runs as service, which is not an OS service.
#11.Active Directory Rights Management Services
AD RMS helps safeguard information from outside authorized use and protect documents and other digital information. A company can create confidential custom read-only templates using this service to protect financial reports, email, confidential data, etc.
The server needs to be part of a domain first in order to install AD RMS service.
AS service provides deployment and managing of custom made business programs by using .NET framework. Customize your applications that use COM+, or MQ service. IIS Web service and distributed COM transactions are using this role.
DHCP provides IP address assignment and lease to various DHCP – enabled clients.
Domain Name System (DNS) is used for naming systems and network services such as TCP/IP networks, internet, and corporate networks. DNS works as a name resolution. When a user enters the DNS name of a computer in an application; DNS resolves the name and provides other information such as its IP address and services, etc.
Fax Server allows the administrator to manage fax-related services, such as sending and receiving faxes over the network. This role creates the Fax Service Manager that manages fax devices, jobs, and reports.
When you choose to install the Fax server role, you need to also install print services role as part of its dependent role.
This role manages all Windows file server functionality such as DFS, NFS, Windows file services, FRS, etc.
#17.Network Policy and Access Services
It provides network connectivity between local and remote systems. The various services it provides are NPS, RRAS, HRA, and HCAP.
This role allows centralized printer management services for print servers and printers.
This role allows a user to access Windows desktop and Windows programs that are installed and configured on Terminal server. The various services it provides are TS licensing, TS Gateway, TS Web Access, and TS session broker.
It enables sharing of information about Web services through intranet, internet and various partners extranet.
#21.Web Server (IIS)
Web Server provides secure and manageable web applications over Internet, intranet, and extranet networks. The services include IIS 7.0, ASP .NET, Web server, and WCF.
#22.Windows Deployment Services
This role helps remotely deploy OS to systems over the network through images and attended and unattended installation scripts.
#23.Windows Server Update Services
It provides management and deployment of Microsoft products, updates, patches, fixes, and service packs to the network’s systems.
WSUS requires Web server IIS to be installed on the server.