Dive Deep into Windows Nano Server

Windows Nano Server, previously code named Tuva, is a headless, session-less 64 bit edition of Windows Server 2016 that is included in the Windows 2016 installation image.  Nano Server has no GUI, MSI or 32bit support and is therefore entirely remotely managed using PowerShell remoting, Server Manager or some of the Remote Server Administration Tools.

Currently, Nano Server supports 7 installable packages. Two of these packages are major server roles:  Scale File Server and Hyper-V and the remaining 5 packages are essentially features:  Failover Clustering, Hyper-V guest services, OEM drivers, ReverseForwarders and Defender.  ReverseForwarders provides support for a subset of desktop Win32 binaries to run on Nano Server allowing some additional 3rd party applications to run on Nano Server, provided the applications does not depend upon DLLs that are not present in Nano Server.

Nano Server sports a remarkably small footprint.  An installation of Nano Server with no packages installed consumes just 600MB of storage space and uses 184MB of memory. Compare that to the Window Server 2016 Server Core which consumes 7GB of storage space and 400MB of memory.  Another advantage of this small footprint is a reduction in the number of critical patches that will need to be applied and consequently a reduced number of reboots.

To deploy Nano Server the native NanoServer.wim file must be converted to a Virtual Hard Drive (vhd) file using the Deployment Image Servicing and Management (DISM) command line tool.  Additionally, the available Nano Server packages are added to the vhd file using DISM.   Microsoft has made available a PowerShell script file, New-NanoServerVHD.ps1, that will perform these tasks.  The script can be downloaded at NanoServerVHD.  The script accepts the following input parameters:

ServerISO – (Required) Path to the Windows Server 2016 ISO image.

DestVHD – (Required) Path and name for the new Nano Server vhd.

VHDFormat – (Default: VHD) VHD or VHDX format.

Packages – (Optional) Compute, OEM-Drivers, Storage, FailoverCluster, ReverseForwarders, Guest.

ComputerName – (Required)

AdministratorPassword – (Required)

IPAddress – (Optional) Static IP Address assigned to Nano Server.

RegisteredOwner – (Optional)

RegisteredCorporation – (Optional)

UnattendedContent – (Optional) Allows unattended XML file content to be overridden.

Edition – (Default-CORESYSTEMSERVER_INSTALL) Index name of the edition to install from Nano Server.wim.  Recommend using default.  There are currently two editions of Nano Server inside the NanoServer.wim file:  CORESYSTEMSERVER_INSTALL and CORESYSTEMSERVER_BOOT.

Once the vhd file has been created it can be copied to the desired storage location and added to a new HyperV virtual machine.  Alternatively, if the goal is to deploy Nano Server to a physical server, the vhd file must be attached to an existing Windows operating system using the Computer Management console or DiskUtil.

Once the Nano Server has been deployed and started you’ll notice the lack of local access.   After authenticating to the Nano Server the only available option is Networking.  Selecting this option takes you to the Network Settings screen where you’ll select one of the installed network adapters.  After choosing a network adapter you can view the network adapter properties, including IP Address, MAC Address and DHCP status.   Changing the network adapter properties can only be done remotely so it’s critical that either the IP Address for the Nano Server be properly configured with the New-NanoServervhd script on that the Nano Server be placed in a network containing a DHCP server otherwise it will be difficult, if not impossible, to remotely connect to the Nano Server.

To remotely manage Nano Server you’ll need to perform the following steps:

1. Add the Nano Server, by IPAddress, to the trusted hosts lists of a domain-joined computer.

Set-Item WSMan:\localhost\Client\TrustedHosts -Value [Nano Server IPAddress] -Concatenate

2. Perform an offline domain join on the Nano Server.

a. Connect to the Nano Server in a PowerShell remote session.

Enter-PSSession -ComputerName [Nano Server IPAddress] -Credential Administrator

b. Disable the firewall on the Nano Server.

Get-NetFirewallProfile | Set-NetFirewallProfile –Enabled False

c. Map a drive letter to the system drive of the Nano Server.

Net-Use X: \\[NanoServerIP]\C$

d. Generate an offline domain join blob file by running this command on the local server (not within the remote PowerShell session).

djoin.exe /provision /domain [domainname] /machine [Nano Server] /savefile .\odjblob

e. Copy the djoin blob file to the mapped drive on the Nano Server.

f. Perform the offline domain join on the Nano Server

djoin /requestodj /loadfile C:\odjblob /windowspath C:\Windows /localos

g. Restart Nano Server to complete the domain join process

3. Add the Nano Server to Server Manager and manage by adding the appropriate Remote Server Administration Tools (RSAT) to the local server using the Add Roles and Features Wizard and redirect the console to connect to the Nano Server. Nano Server can also be managed, of course, through PowerShell remote sessions as well as PowerShell CIM sessions and EMS.

For more information on deploying and managing a Nano Server consult the below links:

Leave a Reply