Feb 01 2011

10 Ideas for How to Administer Windows Servers

Published by jfrank at 11:26 am under resources

For the impatient: treat it like linux.

  1. Don’t run IIS, run Apache or generically “Don’t run the GUI one, run the daemon one.” Version control your configuration. Version controlling your config in a usable way is way more difficult than it has to be or impossible using point and click tools. You’re running a server, not a candy store. It doesn’t need to look good, it needs to be reproducible. Ask someone who uses IIS to show you the changes that have been made in the last couple weeks, and why each one was made; they can’t. If you version control your config, thats all in your commit history. Love those log files.
  2. Don’t run FTP, run Rsync, and use that to transfer files to and from your server over the internet. But don’t install the windows rsync server because thats not secure. More on point 3.
  3. Install ICW Copssh instead, it is an openssh installation for windows packaged by ITeF!x Consulting. Next you install the rsync package on top and then you can ssh/sftp/scp/rsync to the box in the normal linux fashion complete with public key authentication. Use the same rsync client package that you installed on top of ICW on the other end to connect to your server from another windows box.
  4. Never install server applications that are cross platform (aka not built only for windows) in the default location. Programs that are developed to work on multiple platforms will often miss conventions that apply only to windows paths. Recent default paths for 32 bit programs on newer Windows contain not only spaces, but parenthesis as well a.k.a C:\Program Files (x86)\My Program Blah\blah. Use your own convention, lower case, and keep it simple: D:\apps\mysql5\ for example.
  5. Install the excellent sysinternals suite. Microsoft bought it, but this labor of love by Mark Russinovich was developed long before they got their hands on it. Process explorer in tree view is an excellent alternative to task manager. Junction is a great way to get simlink behavior.
  6. Install notepad++ or use textpad. Notepad ++ is an excellent notepad alternative because it replaces notepad inline so whenever you would have seen notepad, you’ll just get the better one.
  7. Use volume shadow copy to snapshot your data. Its nice. Good job Microsoft.
  8. Put both the ICW and Sysinternals binary directories on your system path. This will give you many useful tools to use on the windows command line. If for example you type ls on accident, you will actually get a file listing back just as you had expected. “tail -f _filename_” will just work. Junctioning (symbolic linking) will be nearby.
  9. Script administrative tasks, and version control your scripts. I don’t have experience with it, but the Windows Power Shell allows you to script many things, and if you’re serious about windows it is the strongest system platform. Good old bat/cmd is also available and still useful for many things.
  10. Last one is a double bonus! Shut down services you aren’t using. The indexing service isn’t helpful if you aren’t searching for example. Run an anti virus, love those Microsoft system updates and lock down a firewall to only the ports you need; 22 for ssh, 80 for a website plus a few others.

One response so far

One Response to “10 Ideas for How to Administer Windows Servers”

  1. Sethon 01 Feb 2011 at 4:05 pm

    Good advice on all counts. I’m particularly fond of dropping FTP support and putting all your applications into a logical structure of your own. It benefits developers and server administrators alike.

    Nice list Joshua.

Trackback URI | Comments RSS

Leave a Reply