MDT

Experimenting with WIMBoot using MDT 2013

With the release of the Windows 8.1 Update, there is a new mechanism available for running Windows called Windows Image Boot, or WIMBoot for short.  For details about what this is and how it works, see the Springboard blog.

Although MDT 2013 doesn’t include any specific support for WIMBoot (maybe something that could be considered for a future release), there’s nothing preventing anyone from following the instructions available in the ADK to create a task sequence that does it.  So I decided to try it.  Let’s walk through the process at a high level.

Step #1:  Create an image with Windows 8.1 Update

Because WIMBoot is a new feature with the Windows 8.1 Update, it makes sense that you first need to have a Windows 8.1 image that contains the Windows 8.1 Update.  The easiest way to do this is to download a pre-patched ISO from the Volume License Service Center on April 14th, but you can also inject the Windows 8.1 Update fixes into an existing Windows image.

Step #2: Get MDT 2013 to create a Windows PE 5.1 boot image

In order to deploy WIMBoot, you need to use a version of Windows PE that supports it.  That would be Windows PE 5.1.  But that’s not a version that you just download and use.  Instead, it’s a version that you (or ideally MDT) need to create.  The first step in that is to update the ADK to the latest version.  Download the new ADKSETUP.EXE and run it to install all the patches. 

After you’ve done that, the process for creating a Windows PE 5.1 image involves injecting the Windows 8.1 Update into Windows PE.  That’s not something MDT knows anything about, but since MDT includes the ability to run a script during the boot image generation process, it can be “taught.”  That means dropping in an updated UpdateExit.vbs script that injects the six Windows 8.1 Update fixes to the boot image.  And of course it needs to have those updates available to it, so you need to download those from the Download Center and place them where the script can find them.

After that’s done, update the deployment share, completely regenerating the boot image.  This will take quite a while, as the Windows PE generation process itself isn’t very fast to start with, but when you add in the patch installation process the time will easily double.  Maybe you want to try this in a lab :-)

Step #3: Teach MDT how to deploy using WIMBoot

The steps necessary to apply a WIM using WIMBoot are not surprisingly different than what MDT typically does, so the existing LTIApply.wsf script won’t do it.  So we need a new script.  Fortunately, because we can focus exclusively on this one scenario, the scripting needed to this, which follows the ADK steps documented at http://technet.microsoft.com/en-us/library/dn605112.aspx, isn’t too hard.  To add more flexibility and to solve some challenges, I added a few features:

  • The script will dynamically determine the size of the “Images” volume needed to hold the WIM file, then shrink the OS partition by that size.  That way, you don’t need to modify the “Format and Partition Disk” step to specify an explicit size, which is nearly impossible to do anyway because you want a fixed-size partition after the OS partition, where the OS partition says “100% of the remaining free space”, an impossible combination in the UI.
  • The script will export an existing WIM to make it ready for WIMBoot.  This export process, done using DISM.EXE /Export-Image /WIMBoot, ends up adding a lot of time to the deployment process though, because it ends up decompressing and recompressing the contents of the WIM in the process of exporting it.  As an alternative, you can do this once ahead of time (manually) and tell the script that you’ve done this.
  • If for some reason you want to explicitly specify the size of the images partition, you can through a command line parameter.
  • Ideally the machine would be set up properly so that the system recovery options (Reset My PC/Refresh My PC) work.  To do this, you need a Windows RE boot image that has been updated with the Windows 8.1 Update fixes, using the same basic steps documented at http://technet.microsoft.com/en-us/library/dn613859.aspx.  That part must be done manually, but the script will look for the WinRE.wim file in the same folder as the OS WIM and copy it to the same “Images” volume and register it as a recovery image.

The next piece is a task sequence.  Since WIMBoot is really only useful for bare metal deployments, I took the standard client task sequence template and chopped it down to the bare minimum needed to perform a bare metal WIMBoot deployment, while still supporting things like driver injection, app installation, Windows Update installation, etc.  The original “Install Operating System” is left in but disabled, since that’s the step that provides a simple way to associate an OS with the task sequence.  Instead of running this step, a new step was added to run “LTIApplyWIMBoot.wsf”, the new script discussed above.  The net result is something that looks like this:

Step #4:  Deploy

Find a machine that meets the requirements and you’re ready to do a bare metal deployment:

  • 16GB or 32GB SSD or eMMC solid-state storage.
  • UEFI 2.3.1 system (Windows 8 logo-certified).

Ideally these would be machines that come already configured for WIMBoot (since you know it meets the requirements and has been tested by the OEM to ensure good performance).  But if you just want to test it out, you can try it on Windows Server 2012 R2 Hyper-V or Windows 8.1 Hyper-V, since both support “type 2” virtual machines that use UEFI. 

What do you have to do?

Just complete the previous four steps.  OK, but those steps leave out the details, so let’s use a checklist instead.

  1. Create a Windows 8.1 Update operating system image by injecting the Windows 8.1 Updates into an existing Windows 8.1 image, or download a new Windows 8.1 Update ISO already containing the updates from VLSC (available on April 14th).  Import the operating system into your MDT deployment share.
  2. Download the updated ADKSETUP.EXE for the ADK for Windows 8.1 and use it to install the updated ADK components released with Windows 8.1 Update.
  3. Download the Windows 8.1 Update prerequisite (a servicing stack update) for both x86 and x64 from http://support.microsoft.com/kb/2919442, and place them into the “C:\Program Files\Microsoft Deployment Toolkit\Samples” folder.  (Note that both x86 and x64 versions are needed because they will be used to update x86 and x64 boot images.)
  4. Download the individual x86 and x64 Windows 8.1 Updates from the download center and place them into the “C:\Program Files\Microsoft Deployment Toolkit\Samples” folder.  (Note that both x86 and x64 versions are needed because they will be used to update x86 and x64 boot images.)  With the downloads from step #3 and these, you should have a total of 12 different MSU files in the folder.
  5. Place the updated “UpdateExit.vbs” file in the attached zip file into the same “C:\Program Files\Microsoft Deployment Toolkit\Samples” folder, replacing the version that is already there.  (If you’ve made any other changes to this, you’ll need to merge your changes into the attached version.)  This script will be called during the deployment share update process to inject the Windows 8.1 Update into the boot images, which is what is needed to make Windows PE 5.1 boot images.
  6. Update your deployment share by right-clicking on it and choosing the “Update deployment share” option.  Make sure you check the “Completely regenerate the boot images” option, as this is needed the first time to get Windows PE updated.
  7. Check the results of the “update” process to make sure all the MSU files were injected successfully by making sure all the steps have good return codes.  Here’s an example:

    About to run: DISM.EXE /Image:"C:\Users\mniehaus\AppData\Local\Temp\MDTUpdate.11324\Mount" /Add-Package /PackagePath:"C:\Program Files\Microsoft Deployment Toolkit\Samples\Windows8.1-KB2919442-x86.msu"
    Return code from command = 0
    About to run: DISM.EXE /Image:"C:\Users\mniehaus\AppData\Local\Temp\MDTUpdate.11324\Mount" /Add-Package /PackagePath:"C:\Program Files\Microsoft Deployment Toolkit\Samples\Windows8.1-KB2919355-x86.msu"
    Return code from command = 0
    About to run: DISM.EXE /Image:"C:\Users\mniehaus\AppData\Local\Temp\MDTUpdate.11324\Mount" /Add-Package /PackagePath:"C:\Program Files\Microsoft Deployment Toolkit\Samples\Windows8.1-KB2932046-x86.msu"
    Return code from command = 0
    About to run: DISM.EXE /Image:"C:\Users\mniehaus\AppData\Local\Temp\MDTUpdate.11324\Mount" /Add-Package /PackagePath:"C:\Program Files\Microsoft Deployment Toolkit\Samples\Windows8.1-KB2937592-x86.msu"
    Return code from command = 0
    About to run: DISM.EXE /Image:"C:\Users\mniehaus\AppData\Local\Temp\MDTUpdate.11324\Mount" /Add-Package /PackagePath:"C:\Program Files\Microsoft Deployment Toolkit\Samples\Windows8.1-KB2938439-x86.msu"
    Return code from command = 0
    About to run: DISM.EXE /Image:"C:\Users\mniehaus\AppData\Local\Temp\MDTUpdate.11324\Mount" /Add-Package /PackagePath:"C:\Program Files\Microsoft Deployment Toolkit\Samples\Windows8.1-KB2934018-x86.msu"
    Return code from command = 0
    About to run: DISM.EXE /Image:"C:\Users\mniehaus\AppData\Local\Temp\MDTUpdate.11324\Mount" /Cleanup-Image /StartComponentCleanup /ResetBase
    Return code from command = 0

  8. Place the new “WIMBoot.xml” task sequence template from the attached zip file into the “C:\Program Files\Microsoft Deployment Toolkit\Templates” folder.
  9. Place the new “LTIApplyWIMBoot.wsf” script into the deployment share’s “Scripts” folder.
  10. Create a new task sequence, selecting the “WIMBoot Task Sequence” template and the operating system image that you imported.
  11. Perform a bare metal deployment using the updated boot images (update WDS if using PXE, generate new boot CDs, etc.), selecting your new task sequence.

In this scenario, you’ll notice during the task sequence execution that the operating image is exported to make it ready for WIMBoot.  This export process takes a long time, because it changes the compression method used for the WIM.  It's the easiest option since it requires no additional steps on your part, but it’s not the quickest.  If you want to make the process faster, you can follow these steps:

  1. Export the existing WIM image using this DISM command:
    DISM.EXE /Export-Image /WIMBoot /SourceImageFile:<original WIM> /SourceIndex:1 /DestinationImageFile:<new WIM to create>
  2. Import the new WIM into your deployment share.
  3. Update your existing WIMBoot task sequence to use the new image.
  4. Modify the task sequence step “Apply WIM Boot Image“ to add a “/Optimized:TRUE” switch to the LTIApplyWIMBoot step to indicate that no export is required.

Note that this WIM image can still be used for non-WIMBoot deployments – it’s ready for WIMBoot, but not optimized for WIMBoot.  If you want to take it a step further, you can optimize that exported image (following the above three steps first) using these steps:

  1. Mount the WIMBoot-ready image using DISM:
    DISM.EXE /Mount-Image /ImageFile:<WIM file> /Index:1 /MountDir:C:\Mount
  2. Optimize the image for WIMBoot using DISM:
    DISM.EXE /Image:C:\Mount /Optimize-Image /WIMBoot
  3. Commit the changes to the WIM file:
    DISM.EXE /Unmount-Image /MountDir:C:\Mount /Commit
  4. Import the modified image into your deployment share.
  5. Update your existing WIMBoot task sequence to use the new image.
  6. Modify the task sequence step “Apply WIM Boot Image“ to add a “/Optimized:TRUE” switch to the LTIApplyWIMBoot step to indicate that no export is required.

And one more thing:  You need to perform some additional steps if you want Windows RE to work for recovering a WIMBoot system.  This is needed to ensure the refresh/reset my PC options work from PC Settings, that the machine can self-repair if something happens during the boot process, that BitLocker recovery can work properly, etc.  So it’s highly recommend that you do this.  To do this, follow these steps:

  1. Mount your Windows image using DISM:
    DISM.EXE /Mount-Image /ImageFile:<WIM file> /Index:1 /MountDir:C:\Mount
  2. Move the WinRE.WIM out of the image (since recovery can’t boot a WIM within a WIM):
    move C:\mount\Windows\Windows\System32\Recovery\winre.wim C:\winre.wim
  3. Commit the changes to the WIM file:
    DISM.EXE /Unmount-Image /MountDir:C:\Mount /Commit
  4. Mount the WinRE.WIM file:
    DISM.EXE /Mount-Image /ImageFile:C:\winre.wim /Index:1 /MountDir:C:\Mount
  5. Inject the downloaded Windows 8.1 updates into the WIM image:
    DISM.EXE /Image:C:\Mount /Add-Package /PackagePath:Windows8.1-KB2919442-x86.msu
    DISM.EXE /Image:C:\Mount /Add-Package /PackagePath:Windows8.1-KB2919355-x86.msu
    DISM.EXE /Image:C:\Mount /Add-Package /PackagePath:Windows8.1-KB2932046-x86.msu
    DISM.EXE /Image:C:\Mount /Add-Package /PackagePath:Windows8.1-KB2937592-x86.msu
    DISM.EXE /Image:C:\Mount /Add-Package /PackagePath:Windows8.1-KB2934018-x86.msu
  6. Cleanup the image as described in the ADK documentation:
    DISM.EXE /Image:C:\Mount /Cleanup-Image /StartComponentCleanup /ResetBase
  7. Commit the changes to the WIM file:
    DISM.EXE /Unmount-Image /MountDir:C:\Mount /Commit
  8. Export the contents of the WIM into a new WIM to reduce the size of the image:
    DISM.EXE /Export-Image /SourceImageFile:C:\winre.wim /SourceIndex:1 /DestinationImageFile:C:\winre-new.wim
  9. Copy the resulting file into the same folder as the operating system WIM on the deployment share, e.g. “C:\DeploymentShare\Operating Systems\WIMBoot”.  Make sure the file is named “winre.wim” so that the LTIApplyWIMBoot.wsf script can find it; the script will take care of the remaining steps.

And that’s all there is to it. 

Well, almost.  I need to point out a few more things:

  • I am providing these scripts and the task sequence template as-is.  It’s not supported by Microsoft, so don’t call support about it.  Feel free to e-mail me at mniehaus@microsoft.com, but I can’t guarantee a quick response – might take weeks or months before I get to the e-mail :-)
  • When you use a non-WIMBoot image (one not exported using the steps above), the recompression process that happens when the image is exported causes the new image to be larger than the original one.  The LTIApplyWIMBoot script attempts to guess at how big, assuming it will be about one-third bigger, but that might not be accurate.  If you run into issues where the OS image and winre.wim won’t fit, you can either go through the export steps above (so no guessing needs to be done), or you can explicitly specify how big you want to make the images partition by adding an “ImagesSize” switch to the LTIApplyWIMBoot command line.  See the script comments for more information.
  • If you choose to optimize the operating system image using the steps above, you might also want to export the image into a new WIM file to make it as small as possible.  It won’t be a huge difference, but on a 16GB system, every little bit helps.
  • Remember, WIMBoot is intended for new hardware that has smaller (16GB or 32GB) SSD or eMMC disks, and requires Windows 8 certified UEFI systems.  I would only recommend using it on systems that originally shipped from the manufacturer configured for WIMBoot.  For example, let’s say you purchased a new 16GB tablet that was configured with WIMBoot and the Windows 8.1 “core” SKU, and you wanted to deploy Windows 8.1 Enterprise to it.  You could use the provided task sequence to completely wipe the device (no data migration) and reload it.
  • If you want to try this in a VM, feel free – but remember it needs to be a UEFI virtual machine (e.g. Hyper-V on Windows 8.1 or Windows Server 2012 R2).  But this isn’t intended for virtual machines, VDI, or other scenarios.
  • If you’ve set everything up correctly, you should be able to see in the Disk Management tool that the C: drive is using WIMBoot.  And more importantly, the refresh and reset recovery options should work.  Try them out at least once to make sure.
  • I included steps in the task sequence template to restore user state (useful for a “replace” scenario), to inject drivers, to inject updates, and to install apps.  But there is nothing to capture state.  That’s because this is a bare metal-only scenario.
  • Make sure you have a lot of free disk space, as the Windows PE generation process will likely require at least 3GB of available space to inject the Windows 8.1 Update files (before the cleanup process shrinks it back down again).
  • You won’t see any progress reported while the updates are being injected into Windows PE, as the UpdateExit.vbs script doesn’t have the ability to provide any real-time status information back to Workbench.  Just be patient – you can see via Task Manager that the DISM commands are still running.

Please try this out when you have some spare time, and post some comments indicating if it worked or not.  Most of the validation of the steps in this blog was done in hotel rooms, airports, and airplanes…

Categories: MDT

Dealing with Jailbroken/Roted devices in ConfigMgr 2012 R2 & Intune

Coretech Blog » Kent Agerlund - Thu, 04/10/2014 - 04:18
As you enroll a mobile device into Intune/ConfigMgr 2012 R2, inventory data will automatically be uploaded to the ConfigMgr database. One of the data being collected is the Jailbroken/rooted condition. In the below example the device is being detected as a jailbroken device. One of the many benefits of using Intune as the MDM solution […]
Categories: MDT

Event – CA Accelerate IT PRO Camp, Stockholm 10,22,23 of April 2014 – Windows Client deployment and then some…

The Deployment Bunny - Mon, 04/07/2014 - 16:31

(in Swedish)

LabCenter kommer tillsammans med Microsoft att genomföra en dags workshops kring Windows 8 och Windows 8.1 klienten med fokus på administration och utrullning I föreatags miljöer. Cirka halva dagaen är förläsningar och demonstrationer och den andra halvan är hands-on. av dom 3 event vi kör så är 2 fullbokade, men det finns ett tillfälle med cirka 10 platser kavr och det är där du kommer in!

Agenda
Vi visar hur du kan gå från en tidigare version av Windows och Office till en mer modern miljö och kunna dra nytta av de senaste teknologierna kring säkerhet och mobilitet.

Under dagen går vi igenom grunderna i Windows 8/8.1 och Office 365 klientutrullning genom interaktiva presentationer, demos och hands-on laborationer.

  • Introduction to Windows 8.1, Office 365 ProPlus and Office 2013
  • Image Creation, Lite Touch/Zero-Touch Deployment
  • Strategies & Office 2013 Deployment
  • Windows to Go Creation and Deployment
  • Windows 8/8.1 Security
  • Application Delivery with App-V
  • User Personalization with UE-V

Datum att välja på:
Stockholm 10 april 2014 – Fullt!
Stockholm 22 april 2014

Stockholm 23 april 2014 – Fullt!
Plats: LabCenter, Oxtorgsgränd 2, 111 57 Stockholm
Längd: 1 dag (09.00-16.30)
Instruktör: Mikael Nyström
Workshopen är kostnadsfri.

Läsa mer och anmälan – http://www.labcenter.se/sales/CA_Accelerate_IT_PRO_Camp


Categories: MDT

Reduce DNS Client Cache in Windows Server 2012 R2

The Deployment Bunny - Sun, 04/06/2014 - 12:48

A very good friend (and Geek) wrote a post about modifying the cache when using RDP Gateway. A very common issue we have is when we deploy, configure and re-construct the infrastructure is that the gateway is keeping the cache a bit to long.

Get the solution from Markus Lassfolk

/mike


Categories: MDT

TechX–Azure In Sweden next week!–Don’t MISS it!

The Deployment Bunny - Sun, 04/06/2014 - 12:43

(In Swedish)

Nästa vecka är det TechX Azure (http://azure.techx.se/?page_id=867) och då kör jag och Markus Lassfolk hela 6 sessioner, vilket gör att vi kommer att vara där hela dagen och köra!, så vill man så kan man vara I Vision hela dagen och njuta av en tillställning med oss. Vi kommer att bjuda på allt som har med IaaS att göra, Hybrid kopplingar, System Center, Azure AD och mycket mer än så. Här har du agendan:

om du inte har anmält dej så kan det finnas platser kavr (inte säker, men jag tror det) http://azure.techx.se/?page_id=867

/mike


Categories: MDT

Understanding the Windows ADK for Windows 8.1 Update and MDT 2013

Microsoft Deployment Toolkit Team Blog - Thu, 04/03/2014 - 19:30

Author: Aaron Czechowski, Senior Program Manager

This post applies to customers using the Microsoft Deployment Toolkit (MDT) 2013.

A revision to the Windows Assessment and Deployment Kit (ADK) for Windows 8.1 Update is now available. See this post for more information. If you are also using Configuration Manager see this post. (You’ll find it looks very similar to this post, but there are some differences.)

We recommend that all customers of MDT 2013 upgrade to the latest ADK, but this upgrade is not required. You can continue to use an existing version of the Windows 8.1 ADK or the Windows 8.1 Update revision to service and deploy all Windows 8.1 (including Windows 8.1 Update), Windows 8, and Windows 7 images. If you do upgrade, you don’t have to uninstall the previous version first; running the ADK setup will update the existing components of the ADK installation.

After upgrading the ADK to the latest version, here are a few general items of note for MDT:

  • There are some bug fixes to the User State Migration Tool (USMT) in this revision, so if you use USMT be sure to update the deployment share to refresh the USMT content.
  • You do not need to update the deployment share to update boot images. Windows PE 5.0 can be used to deploy Windows 8.1 Update images.
  • We recommend using the latest full installation source (also known as “slipstreamed” or “refresh” media) for Windows 8.1 Update from the Volume Licensing Service Center (VLSC) as the starting point for your OS deployments. This media should be available on or about 14 April 2014.
  • A Windows 8.1 Update OS image (refresh media or offline serviced) can be applied with the deployment tools natively present in Windows PE 5.0.
  • MDT does not support the new WimBoot functionality at this time. We are investigating adding support for WimBoot to a future release.
Windows PE 5.1

The Windows ADK for Windows 8.1 Update still includes Windows PE 5.0 (including the Windows PE 5.0 optional components and language packs), the same as the previous versions of the Windows ADK for Windows 8.1. The Windows PE documentation references Windows PE 5.1 for supporting WimBoot deployments. (Remember, MDT does not yet support WimBoot.) Windows PE version 5.1 is not needed for MDT and can actually be problematic if you try to use it. Windows PE 5.0 can continue to be used to deploy Windows 8.1 Update. There is a documented process to upgrade Windows PE to version 5.1, but this should be considered incompatible with MDT at this time. Keep reading if you want more details about this, otherwise skip to the next section.

Why can’t MDT use Windows PE 5.1? The process to create Windows PE 5.1 requires injecting the Windows 8.1 Update package into the Windows PE image, and if it also includes optional components or language packs these must be done in a specific order. The process then requires using the DISM /Cleanup-Image option with the /ResetBase parameter to cleanup and optimize the image before unmounting the image and committing the changes. MDT doesn’t currently support this sort of process during boot image servicing. Optimizations aside, even though MDT allows for updates to be injected to Windows PE, the order of operation when applying updates is not guaranteed.

Windows 8.1 Update Servicing

As stated above, we recommend using the latest Windows 8.1 Update full media. If you need to service an existing Windows 8.1 image here are some tips:

  • Windows 8.1 Update (KB2919355) requires a servicing stack update (KB2919442) to be installed as a prerequisite. This prerequisite update was released in March.
  • Do not add KB2919355 to the Packages node of a deployment share. MDT’s servicing functionality uses commands in Unattend.xml, which cannot guarantee the order in which updates are applied to an image.
  • These updates can be manually applied to an image using DISM /Add-Package commands, ensuring the correct order is followed.
  • If applying the updates online, for example during a standard client task sequence, they can be created in the deployment share as Applications. This then allows them to be added to the task sequence as explicit steps for proper ordering.
  • Be sure to fully test the outcome of these actions before deploying your serviced image to clients.
  • Did I mention that we recommend using the Windows 8.1 Update refresh media?
Language Packs

If your images and deployments include language packs, be sure to consider the following:

  • As is always the case, per existing documentation, always install language packs before installing updates.
  • Review the Windows 8.1 Update documentation for language packs to learn about additional details regarding any additional processing that must occur when applying language packs.

We’ve been working closely with Windows engineering on streamlining this process as much as possible. I’m always interested in your feedback, or feel free to post your questions below, especially if there are MDT deployment scenarios not covered here.

-- Aaron Czechowski, Sr. Program Manager

 This posting is provided "AS IS" with no warranties and confers no rights.

Categories: MDT

Another Windows 8.1 Update tip

With the Windows 8.1 Update’s release to MSDN yesterday, people are discovering the various improvements in the new release.  Here’s one that I noticed in PC Settings:

See the new “Manage known connections” link?  Click it and now you can remove existing wireless connections (as long as they weren’t pushed out via Group Policy):

Simple enough.

Categories: MDT

Remove WIFI network back in Windows 8.1 Update 1

Coretech Blog » Kent Agerlund - Thu, 04/03/2014 - 05:34
We had in Windows 7, it was removed in Windows 8.1 – and now it’s back, the ability to “forget” known WIFI networks.  Open your Settings Click Change PC Settings from the list of Settings Select Network From the list of know networks, select the Network and click Forget
Categories: MDT

PowerShell is King–Measure disk performance for IOPS and Transfer rate

The Deployment Bunny - Wed, 04/02/2014 - 11:08
The need

Since I build datacenters I need to verify performance and you can do that using SQLIO. But there is a lot of parameters, a lot of typing and to make testing a bit more consistent I was reading Jose Barreto’s blog http://blogs.technet.com/b/josebda/archive/2013/03/28/sqlio-powershell-and-storage-performance-measuring-iops-throughput-and-latency-for-both-local-disks-and-smb-file-shares.aspx and that gave me inspiration to create a PowerShell script that is a bit more complete and here you can see the result of it. We use this to measure performance on local disks, SMB storage, Storage Spaces, SAN storage, iSCSI storage, basically everything, now it is easy to “spot” the issue, since we have seen the numbers so many times.

Output sample in table format.

Output in Grid view.

The Download

You can download the script from here: http://1drv.ms/1pQNr4i

To use it you need to have SQLIO from Microsoft and you need to store the SQLIO.exe file in the same folder as the script, this way it is easy to move around the test tool as a kit, since SQLIO does not really needs to be installed, the download is an MSI file, so you need to install it once or extract it

You can download SQLIO from here: http://www.microsoft.com/en-us/download/details.aspx?id=20163

The script it is rather easy, it is basically a wrapper for SQLIO.exe but it gives you an output as a table or in a grid. There is two options to measure workload, you either measure IOPS or Transfer rate.

The howto

.\Measure-DiskPerformance.ps1 -TestFileName test.dat –TestFileSizeInGB 1 -TestFilepath C:\VMs -TestMode Get-LargeIO -FastMode True -RemoveTestFile True -OutputFormat Out-GridView

Explanation:

-TestFileName test.dat

The name of the file, it will create the file using FSUTIL, but it checks if it exists and if it does it stops, you can override that with the –RemoveTestFile True

–TestFileSizeInGB 1

Size of the file, it has fixed values, use the TAB key to flip through them

-TestFilepath C:\VMs

The folder, can also be an UNC path, it will create the folder so it does not need to exist.

-TestMode Get-LargeIO

There is too test modes Get-LargeIO or Get-SmallIO, you use Get-LargeIO to measure the transfer rate and you use Get-SmallIO to measure IOPS

-FastMode True

Fastmode true runs each test for just 10 seconds, it gives you a hint, if you don’t set it or set it to false it will run for 60 sec (it will take a break for 10 sec between each run)

-RemoveTestFile True

Removes the test file if it exists

-OutputFormat Out-GridView

Choose between Out-Gridview or Format-Table

/mike


Categories: MDT

Nice to Know–MVP for one more year!

The Deployment Bunny - Tue, 04/01/2014 - 15:31

Friends, I’m happy to inform you that I have been awarded the Microsoft MVP title.

/mike


Categories: MDT

The SUITE spot of imaging

Steve Rachui's Manageability blog - Sat, 03/29/2014 - 14:42
There are many ways to deliver images to systems. Some groups still choose to allow technicians to manually build each machine. Most leverage some type of automation such as using the ADK tools directly or leveraging something like Ghost or MDT. If the...(read more)
Categories: MDT

Training–Geek Week in Sweden

The Deployment Bunny - Wed, 03/26/2014 - 11:04

For a couple of years, Johan Arwidmark and I have been delivering a very special kind of training that we call Geek Week. But, we have NEVER done it in Sweden where we actually lived. So, finally after many requests we are running the Geek Week in Sweden. During one entire week we will go trough the entire System Center Suite from a Windows Client  perspective and that means, ConfigMgr, SCVMM, OpsMgr, Windows Server 2012 R2, Windows 8.1, MDT, WDS, Orchestrator and then some. It is a very special week. So, lets switch into “Swedisch”….

/mike


Categories: MDT

Event – TechX Azure–(Sweden)

The Deployment Bunny - Wed, 03/26/2014 - 03:36

Theese are my sessions at TechX Azure in Sweden. The full Agenda is here http://azure.techx.se/?page_id=867 and here is how you sign up for it http://azure.techx.se/?page_id=871

 

Building Hybrid Solutions – The reasons why you should

Hybrid cloud could be something you have longed for without knowing it. So, what does define the needs?  What will it give you? Why should you always build it? This session will cover the benefits and the basic design needed to make this work. You will learn in what scenarios this is a great solution and in what scenarios this is just an “ok” solution.

Speaker(S) : Mikael Nystrom and Markus Lassfolk

Level: 200

Download Windows Azure Pack and run your own Azure Solution

Azure is great, but what if you would like to have your own Azure, is that possible, YES!, it is, Windows Azure Pack is available for download and using WAP means that you can expose your internal infrastructure exactly as Azure works. In this session you will learn what is needed to make this work and the pitfalls that is to fall into. Note that this session is highly technical and consists mostly of demos.

Speaker(S) : Mikael Nystrom and Markus Lassfolk

Level: 300

Running a full implementation of Remote Desktop Services in Azure – How to?

Remote Desktop Services is in many situations a great solution, but is it possible to run that workload in Azure? Even if it is possible, how to deal with roaming profiles, synchronize data with your on premise datacenter, or should you? At first it seems like an easy setup, but after a while the questions starts coming. In this session you will learn how to set this up, to configure and what design considerations you must take to make it work the way you expect.

Speaker(S) : Mikael Nystrom and Markus Lassfolk

Level: 300

Using Azure as part of a Datacenter Disaster Recovery Scenario

Azure has a new services that has the ability to orchestrate a datacenter failover in the case of a disaster. This service will connect to multiple datacenter and if needed makes sure that all servers are started in the correct order. It uses the Hyper-V Replica feature and System Center Virtual Machine Manager 2012 R2 on the local sites and azure will be the head master and manage the recovery if needed, during this session you will learn how to configure it and how this service could be a real life saver.

Speaker : Mikael Nystrom

Level: 300


Categories: MDT

Hyper-V Networking–Router Guard

Virtual PC Guy's WebLog - Tue, 03/25/2014 - 15:40

Router guard is another advanced networking feature that was added in Windows Server 2012:

When you enable Router Guard Hyper-V switch will discard the following packets:

  • ICMPv4 Type 5 (Redirect message)
  • ICMPv4 Type 9 (Router Advertisement)
  • ICMPv6 Type 134 (Router Advertisement)
  • ICMPv6 Type 137 (Redirect message)

Much like DHCP guard – the two most common questions I get about router guard are:

  1. Why would I want to enable this option?

    Imagine you have a virtual machine that is configured for routing services and is connected to multiple virtual networks.  You want to make sure that routing services are only provided on one specific virtual network.  In this case you would enable the router guard on any networks where you did not want the virtual machine to act as a router.

  2. Why isn’t this option enabled by default everywhere?

    Router guard does have a, relatively minimal, impact on performance.  Given that most virtual machines are not running routing services it is not enabled by default, as it is not needed.

You can configure this setting through the UI or with PowerShell.  To configure it with PowerShell you should use the RouterGuard parameter on the Set-VMNetworkAdapter cmdlet:

Cheers,
Ben

Categories: MDT

PowerShell is King – Simple resource Metering using PowerShell

The Deployment Bunny - Tue, 03/25/2014 - 11:21

This morning the Big Boss sent an email “There is something wrong, it’s slow, fix it.”

Yes, Sir, no problem Sir, absolutely Sir (you get the picture). Anyway, I know we could have problems, since we are moving around all VM’s to change basically everything from design to hardware, so I needed a fast way to find out on what server, what VM and why. The first thing that comes to mind is the most valuable thing you have in a virtualized platform and that is IOPS, so for a few servers that could be having issues I run this:

 

$ServerNames = "HOST01","HOST02","HOST03","HOST04"

foreach ($ServerName in $ServerNames)

{

Get-VM -ComputerName $ServerName -Verbose| Enable-VMResourceMetering -Verbose

Get-VM -ComputerName $ServerName | Measure-VM | select VMname,AggregatedAverageNormalizedIOPS,AggregatedAverageLatency,AggregatedDiskDataRead,AggregatedDiskDataWritten | ConvertTo-Html > "$ServerName.html" -Verbose

}

/mike


Categories: MDT

Hyper-V Networking–DHCP Guard

Virtual PC Guy's WebLog - Mon, 03/24/2014 - 14:02

If you start digging into the advanced settings section of a virtual network adapter – there is a lot of interesting stuff to look at.  Today I’m going to talk about the DHCP guard setting:

This setting stops the virtual machine from making DHCP offers over this network interface.  To be clear – this does not affect the ability to receive a DHCP offer (i.e. if you need to use DHCP to acquire an IP address that will work) it only blocks the ability for the virtual machine to act as a DHCP server.

Two questions that I often get about this feature are:

  1. Why would I want to enable this option?

    Imagine you have a DHCP server virtual machine that is connected to multiple virtual networks.  You want to make sure that DHCP offers are only provided on one specific virtual network.  In this case you would enable the DHCP guard on any networks where you did not want the virtual machine to act as a DHCP server.
  2. Why isn’t this option enabled by default everywhere?

    DHCP guard does have a, relatively minimal, impact on performance.  Given that most virtual machines are not running DHCP servers it is not enabled by default, as it is not needed.

You can configure this setting through the UI or with PowerShell.  To configure it with PowerShell you should use the DHCPGuard parameter on the Set-VMNetworkAdapter cmdlet:

Cheers,
Ben

Categories: MDT

ConfigMgr 2012 R2 and Windows Azure Cloud Distribution Point

Coretech Blog » Kent Agerlund - Fri, 03/21/2014 - 12:30
  In order to use a Windows Azure distribution point, you need a few things like a Windows Azure account, Access to internal DNS, a couple of certifcates and 45 minutes. The Azure distribution point can act as a fallback distribution point for your Windows clients and do support most content type. To calculate the […]
Categories: MDT

My Daily Hyper-V Status Email–Part 5 of 5

Virtual PC Guy's WebLog - Fri, 03/21/2014 - 12:07

After displaying event logs, virtual machine health and storage health – the last thing that is included in my daily status email is usage data.

For this I take advantage of the built in metrics functionality that is part of Hyper-V.

Looking at this report – I realize I should probably filter our replicated virtual machines (those are all the entries with zero data).  I guess I will have to fix that at some point in the future.  Regardless – here is the code that I use today:

# VM Metrics $message = $message + "<style>TH{background-color:blue}TR{background-color:$($tableColor)}</style>" $message = $message + "<B>Virtual Machine Utilization Report</B> <br> <br> "   $message = $message + "CPU utilization data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={$_.AvgCPU};Label="Average CPU Utilization (MHz)"} ` | ConvertTo-HTML -Fragment) ` +" <br>" $message = $message + "Memory utilization data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={$_.AvgRAM};Label="Average Memory (MB)"}, ` @{Expression={$_.MinRAM};Label="Minimum Memory (MB)"}, ` @{Expression={$_.MaxRAM};Label="Maximum Memory (MB)"} ` | ConvertTo-HTML -Fragment) ` +" <br>" $message = $message + "Network utilization data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={"{0:N2}" -f (($_.NetworkMeteredTrafficReport | where-object {($_.Direction -eq "Inbound")}` | measure-object TotalTraffic -sum).sum / 1024)};Label="Inbound Network Traffic (GB)"}, ` @{Expression={"{0:N2}" -f (($_.NetworkMeteredTrafficReport | where-object {($_.Direction -eq "Outbound")} ` | measure-object TotalTraffic -sum).sum / 1024)};Label="Outbound Network Traffic (GB)"} ` | ConvertTo-HTML -Fragment) ` +" <br>" $message = $message + "Disk utilization data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={"{0:N2}" -f ($_.TotalDisk / 1024)};Label="Disk Space Used (GB)"} ` | ConvertTo-HTML -Fragment) ` +" <br>" $message = $message + "Metering Duration data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={$_.MeteringDuration};Label="Metering data duration"} ` | ConvertTo-HTML -Fragment) ` +" <br>"   # Reset metrics get-vm | Reset-VMResourceMetering get-vm | Enable-VMResourceMetering

Notes about this code:

  • $metricsData contains the output of “get-vm | measure-vm” (this is mentioned in my first post in this series).  The reason why I do this is because measure-vm is a heavy command (it uses a chunk of CPU and disk) so I only want to run it once.
  • Once again - I use raw HTML to set the color of the table headers. 
  • Again - I run the output of these commands through Select-Object with the use of the “Expression” option to set column labels appropriately.
  • Again - I use ConvertTo-HTML –Fragment to get a nice HTML table outputted.
  • At the end of this code I reset the counters, and enable metering on all virtual machines.  I do this so that if I add any new virtual machines, they get picked up automatically.

Cheers,
Ben

Categories: MDT

My Daily Hyper-V Status Email–Part 4 of 5

Virtual PC Guy's WebLog - Thu, 03/20/2014 - 12:48

Now that I have talked about displaying event log information and virtual machine health information; the next part of my status email is storage health information.

In my experience – the most common failure for my servers is a failed hard disk.  Now, as I have multiple levels of redundancy configured in my storage configuration, it is not always obvious that a disk has failed.  Luckily, it is very easy to get this information with PowerShell.

In fact, this is one of the primary reasons why I like using storage spaces.  The great integration with PowerShell.  Here is the code that I use to generate this table:

# Storage Health $message = $message + "<style>TH{background-color:DarkGreen}TR{background-color:$($errorColor)}</style>" $message = $message + "<B>Storage Health</B> <br> <br>" $message = $message + "Physical Disk Health: <br>" + ((Get-PhysicalDisk | ` Select-Object @{Expression={$_.FriendlyName};Label="Physical Disk Name"}, ` @{Expression={$_.DeviceID};Label="Device ID"}, ` @{Expression={$_.OperationalStatus};Label="Operational Status"}, ` @{Expression={$_.HealthStatus};Label="Health Status"}, ` @{Expression={"{0:N2}" -f ($_.Size / 1073741824)};Label="Size (GB)"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>OK</td><td>Healthy</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>" $message = $message + "Storage Pool Health: <br>" + ((Get-StoragePool | ` where-object {($_.FriendlyName -ne "Primordial")} | ` Select-Object @{Expression={$_.FriendlyName};Label="Storage Pool Name"}, ` @{Expression={$_.OperationalStatus};Label="Operational Status"}, ` @{Expression={$_.HealthStatus};Label="Health Status"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>OK</td><td>Healthy</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>" $message = $message + "Virtual Disk Health: <br>" + ((Get-VirtualDisk | ` Select-Object @{Expression={$_.FriendlyName};Label="Virtual Disk Name"}, ` @{Expression={$_.OperationalStatus};Label="Operational Status"}, ` @{Expression={$_.HealthStatus};Label="Health Status"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>OK</td><td>Healthy</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>"

Notes about this code:

  • I am using “Get-PhysicalDisk”, “Get-StoragePool” and “Get-VirtualDisk” to gather the raw data.
  • Once again - I use raw HTML to set the color of the table headers. 
  • Again - I run the output of these commands through Select-Object with the use of the “Expression” option to set column labels appropriately.
  • Again - I use ConvertTo-HTML –Fragment to get a nice HTML table outputted.
  • Again – I implement color coding for individual entries in the table.  I set each table cell to be “red” by default.  I then do some string parsing to see if the health is good – and switch the background color if I get a positive result.

Cheers,
Ben

Categories: MDT

My Daily Hyper-V Status Email–Part 3 of 5

Virtual PC Guy's WebLog - Wed, 03/19/2014 - 16:01

Continuing on with my daily status email series; after displaying event log information, my email displays a high level summary of the virtual machine health:

These tables are generated with the following code:

# VM Health $message = $message + "<style>TH{background-color:Indigo}TR{background-color:$($errorColor)}</style>" $message = $message + "<B>Virtual Machine Health</B> <br> <br>" $message = $message + "Virtual Machine Health: <br>" + ((Get-VM | ` Select-Object @{Expression={$_.Name};Label="Name"}, ` @{Expression={$_.State};Label="State"}, ` @{Expression={$_.Status};Label="Operational Status"}, ` @{Expression={$_.UpTime};Label="Up Time"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>Operating normally</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($warningColor)`"><td>")}else{$_}} ` | %{if($_.Contains("<td>Running</td><td>Operating normally</td>")){$_.Replace("<tr style=`"background-color:$($warningColor)`"><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>" # VM Replication Health $message = $message + "<style>TH{background-color:Indigo}TR{background-color:$($errorColor)}</style>" $message = $message + "<B>Virtual Machine Replication Health</B> <br> <br>" $message = $message + "Virtual Machine Replication Health: <br>" + ((Get-VM | ` Select-Object @{Expression={$_.Name};Label="Name"}, ` @{Expression={$_.ReplicationState};Label="State"}, ` @{Expression={$_.ReplicationHealth};Label="Health"}, ` @{Expression={$_.ReplicationMode};Label="Mode"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>Replicating</td><td>Normal</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>"

Both of these tables are generated by taking the output of “Get-VM” and displaying different information.

Notes about this code:

  • Once again - I use raw HTML to set the color of the table headers. 
  • Again - I run the output of these commands through Select-Object with the use of the “Expression” option to set column labels appropriately.
  • Again - I use ConvertTo-HTML –Fragment to get a nice HTML table outputted.
  • This time I do something different to get color coding for individual entries in the table.  I actually set each table cell to be “red��� by default.  I then do some string parsing to see if the health is good – and switch the background color if I get a positive result.  The reason why I use this approach is that the list of “known good states” is much smaller than the list of “known bad states”.

Cheers,
Ben

Categories: MDT

Pages