It turns out that there actually is a way to manage Longhorn Core with PowerShell.
While I was preparing for my Longhorn Airlift session I kept thinking of the Microsoft’s decision to not allow PowerShell on Longhorn Core, and whether there could be any workaround to that. And it turned out that a workaround exists and is actually pretty straight-forward.
The answer is… using PowerShell remotely! While this answer is not applicable for managing operating system stuff (processes, services, registry, files and so on) AD cmdlets work just fine when installed to any computer in the network – not necessarily a DC.
By default they would pick some DC in the network and run against it with your current credentials, or you can use
Connect-QADService to specify a specific DC and/or credentials. And in either case they work just fine even if your DCs are in the “headless” mode.
So to maximize your security in the Longhorn world:
1. Use Server Core installation option.
2. Use PowerShell to manage your AD.