Three things to consider when switching the GUI in Windows Server
Windows Server 2012 and Windows Server 2012 R2 allow to switch the Graphical User Interface (GUI) on and off. It’s easy, and already the topic of a previous blogpost.
Note:
The ability to switch GUIs in Windows Server has been removed in Windows Server 2016.
I’ve already showed you how to actually switch between these three GUI modes (with a choice between dism.exe and PowerShell), but what I haven’t pointed out yet, is the things you need to consider when you actually switch between GUI modes:
1. Only update in your desired GUI mode
One of the benefits of running a Server Core installation is a smaller attack surface, compared to a Full installation. The attack surface in a Full installation results in a higher amount of vulnerabilities and a higher frequency of updates for the Operating System.
Another benefit of Server Core is a smaller disk footprint, compared to a Full installation. This benefit becomes partly undone when we start installing updates for a Full installation, that we no longer need when we run the server as a Server Core installation most of the time. To this date, there is no way or tool to determine which updates are no longer needed or to actually uninstall these in a simple way.
2. Take notice of the support matrix of your agents and add-ons
Even the server running your easiest of tasks needs to adhere to your information security strategy. This results in the installation of many agents and add-ons. Backup, anti-malware and UPS all need their respective software. When your environment also features System Center, you will need software like the Server App-V agent and the System Center Configuration Manager agent.
Even though the Server Core team communicated a whole lot within Microsoft, it’s not plausible to assume every product team took notice of the ability for administrators to switch between GUIs. So, the problems with Microsoft software may already be big, but the bigger question is which software producers have also got the message? Did your anti-malware supplier get it?
Two ways to make sure you’ll be in the clear while switching GUIs, are:
- Consult the support matrix from the suppliers of your agents and add-ons
- Test your configuration
The best choice, however, remains to install agents and add-ons (remotely) with the Server installation in the desired GUI.
3. Take notice of the support matrix of your server applications
The SQL Server team has actively communicated SQL Server 2012 and up supports installation on Server Core. They are one of the product teams outside the Windows Server group to get onboard with Server Core. Other Microsoft Server products, like Exchange Server and Skype for Business Server have not communicated plans in that direction.
Even though the Server Core team communicated a whole lot within Microsoft, not every product displays a warning at installation, warning you not to switch the GUI after installing the product. Many non-Microsoft products also might not contain the warning, at least in the early period after their releases.