Sunday, April 15, 2007

Quick-and-dirty VMWare Server

For some of my upcoming projects I'll run VMWare Server on a spare Windows XP Pro laptop. Here are some quick-and-dirty notes on my quick-and-dirty setup of VMWare Server.

  • You'll be installing two copies of VMWare Server: One on the server (in my case, that Windows XP Pro laptop) and one on your workstation so you can manage the server.
  • You've got a Windows account on the server that's an administrator.
  • The server and workstation are both on your network. (Make sure the workstation can ping the server and that the server can get to the Internet.)

Get your free serial numbers:
  1. Follow the links at to register for two free serial numbers.
  2. Put the serial numbers in a safe place like a password vault.

Install VMWare Server on the server:
  1. Download the installer from
  2. Put the installer .exe somewhere where both the workstation and the server can get to it.
  3. On the server (not your workstation), run the installer, using one of the free serial numbers.

Allow remote access via VMWare Server Console:
  1. On the server (not your workstation) open the Windows Firewall control panel.
  2. On the Exceptions tab, click Add Program... and add VMWare Server Console.
  3. On the Exceptions tab, click Add Port... and add a port with the name VMWare Server Console, the port number 902 and the port type TCP.

Install VMWare Server on the workstation:
  1. On your workstation (not the server) run the installer using one of the free serial numbers.
  2. Assure that you can run VMWare Server Console on the workstation and connect to the server.

Enable Remote Desktop Connection (RDP) access because there are some things that VMWare Server Console can't do remotely and can only do with you're either running VMWare Server Console on the server without RDP or when you're running VMWare Server Console on the server through an RDP connection with the -console option.
  1. On the server, right-click on My Computer and choose Properties...
  2. On the Remote tab, check the Allow users to connect remotely to this computer option.
  3. Assure that the workstation can connect to the server using RDP.
  4. Create a shortcut on the workstation with the target of
    %windir%\system32\mstsc.exe -v:SERVERNAME -w:1024 -h:768 -console
    substituting the server's name for SERVERNAME. Name the shortcut something like SERVERNAME (console) 1024x768 Remote Desktop Connection

Why is this dirty?
  • For security's sake we really should create a user who's responsible for managing the VMWare server - - say, vm-admin - - that isn't an adminstrator.
  • We're using the default port of 902 for the VMWare Server Console. We really ought to change that to some other port so that attackers can't easily find the port.

No comments: