The Enable-PSRemoting command will not give you any output if it succeeds. You’ll simply be presented with the PowerShell prompt again.
Enable-PSRemoting -force
Running winrm quickconfig is a little different. After it runs its analysis, it tells you what needs to be changed and asks for a yes or no as to whether it can make the necessary changes. Select Y and press Enter. If everything looked good during the analysis, you'll be told that WinRM is already running and is already set up for Remote Management instead of the yes/no question.
winrm quickconfig
Configure Windows Firewall
Working with the Microsoft Defender Firewall on Server Core is pretty simple. You need to find the name of the rule you want to work with first. You can do that with the Get-NetFirewallRule command (see Figure 4-11). Using the Format-table command at the end makes the output more easily readable. Try the command without it — you'll see what I mean!
Get-NetFirewallRule *remote* | Format-table
FIGURE 4-11: Using Get-NetFirewallRule to find rules.
The preceding command looks for any rules that have remote in the name. You can see each rule and whether it's enabled.
Let’s enable the Remote Firewall Management rules. These would allow you to administer this server’s firewall from another system. The rules you’re interested in are RemoteFwAdmin-In-TCP and RemoteFWAdmin-RPCSS-In-TCP.
Here are the commands you'll use to enable these (see Figure 4-12):
Set-NetFirewallRule –Name "RemoteFwAdmin-In-TCP" –Enabled TrueSet-NetFirewallRule –Name "RemoteFwAdmin-RPCSS-In-TCP" –Enabled True
If the commands complete successfully, you’ll get no response. You’ll be returned to the PowerShell prompt. If you run your search again, you’ll see that these rules are now enabled.
FIGURE 4-12: Using PowerShell to set firewall rules and validate that they’re enabled.
Configuring Startup Options with BCDEdit
With Windows Server 2008, Microsoft introduced a utility called BCDEdit, which allows you to manipulate the Windows boot configuration data (BCD) store. The BCD is used to tell the operating system how it should boot; it contains all the boot configuration parameters needed to support that function. This replaced the older bootcfg.exe utility that was used to edit the boot.ini file pre–Windows Vista. You must be a member of the local Administrator's group on a system to use BCDEdit. This is an advanced utility that is useful in troubleshooting issues that are preventing a server from booting properly.
Table 4-2 lists some of the more common options available for BCDEdit.
TABLE 4-2 BCDEdit Common Options
| Option | Description |
|---|---|
/bootdebug
|
Enables or disables boot debugging. |
/dbgsettings
|
Configures the type of debugging connection. |
/debug
|
Enables or disables kernel debugging. |
/delete
|
Deletes boot entries from the datastore — use with caution! |
/deletevalue
|
Deletes or removes a boot entry option — use with caution! |
/displayorder
|
Sets the order used by the boot manager when displaying the multiboot menu. |
/enum
|
Lists all the entries in the boot configuration datastore. |
/export
|
Exports the contents of the BCD; can be used as a backup to restore the BCD. |
/import
|
Imports the contents of an exported file; can be used as a restore option if needed. |
/set
|
Sets a value in a boot option. |
Most often, you'll use bcdedit /set to make changes to your boot configuration datastore. Before you make any changes, you need to know what your BCD looks like currently. You can use the /enum option to do that. In Figure 4-13, you can see the current settings for the Windows Boot Manager and the Windows Boot Loader.
You may notice that the description in the Windows Boot Loader just says Windows Server. Maybe you want it to be more descriptive than that. You can change it with bcdedit /set. You need the ID of the object that you're wanting to work on. In this case, you’re wanting to edit the Windows Boot Loader; the identifier that you can see in Figure 4-13 is {current}. The full command you type will look something like this:
bcdedit /set {current} description "Windows Server 2022 Standard"
