MDT

Training–Geek Week in Sweden

The Deployment Bunny - Wed, 03/26/2014 - 11:04

For a couple of years, Johan Arwidmark and I have been delivering a very special kind of training that we call Geek Week. But, we have NEVER done it in Sweden where we actually lived. So, finally after many requests we are running the Geek Week in Sweden. During one entire week we will go trough the entire System Center Suite from a Windows Client  perspective and that means, ConfigMgr, SCVMM, OpsMgr, Windows Server 2012 R2, Windows 8.1, MDT, WDS, Orchestrator and then some. It is a very special week. So, lets switch into “Swedisch”….

/mike


Categories: MDT

Event – TechX Azure–(Sweden)

The Deployment Bunny - Wed, 03/26/2014 - 03:36

Theese are my sessions at TechX Azure in Sweden. The full Agenda is here http://azure.techx.se/?page_id=867 and here is how you sign up for it http://azure.techx.se/?page_id=871

 

Building Hybrid Solutions – The reasons why you should

Hybrid cloud could be something you have longed for without knowing it. So, what does define the needs?  What will it give you? Why should you always build it? This session will cover the benefits and the basic design needed to make this work. You will learn in what scenarios this is a great solution and in what scenarios this is just an “ok” solution.

Speaker(S) : Mikael Nystrom and Markus Lassfolk

Level: 200

Download Windows Azure Pack and run your own Azure Solution

Azure is great, but what if you would like to have your own Azure, is that possible, YES!, it is, Windows Azure Pack is available for download and using WAP means that you can expose your internal infrastructure exactly as Azure works. In this session you will learn what is needed to make this work and the pitfalls that is to fall into. Note that this session is highly technical and consists mostly of demos.

Speaker(S) : Mikael Nystrom and Markus Lassfolk

Level: 300

Running a full implementation of Remote Desktop Services in Azure – How to?

Remote Desktop Services is in many situations a great solution, but is it possible to run that workload in Azure? Even if it is possible, how to deal with roaming profiles, synchronize data with your on premise datacenter, or should you? At first it seems like an easy setup, but after a while the questions starts coming. In this session you will learn how to set this up, to configure and what design considerations you must take to make it work the way you expect.

Speaker(S) : Mikael Nystrom and Markus Lassfolk

Level: 300

Using Azure as part of a Datacenter Disaster Recovery Scenario

Azure has a new services that has the ability to orchestrate a datacenter failover in the case of a disaster. This service will connect to multiple datacenter and if needed makes sure that all servers are started in the correct order. It uses the Hyper-V Replica feature and System Center Virtual Machine Manager 2012 R2 on the local sites and azure will be the head master and manage the recovery if needed, during this session you will learn how to configure it and how this service could be a real life saver.

Speaker : Mikael Nystrom

Level: 300


Categories: MDT

Hyper-V Networking–Router Guard

Virtual PC Guy's WebLog - Tue, 03/25/2014 - 15:40

Router guard is another advanced networking feature that was added in Windows Server 2012:

When you enable Router Guard Hyper-V switch will discard the following packets:

  • ICMPv4 Type 5 (Redirect message)
  • ICMPv4 Type 9 (Router Advertisement)
  • ICMPv6 Type 134 (Router Advertisement)
  • ICMPv6 Type 137 (Redirect message)

Much like DHCP guard – the two most common questions I get about router guard are:

  1. Why would I want to enable this option?

    Imagine you have a virtual machine that is configured for routing services and is connected to multiple virtual networks.  You want to make sure that routing services are only provided on one specific virtual network.  In this case you would enable the router guard on any networks where you did not want the virtual machine to act as a router.

  2. Why isn’t this option enabled by default everywhere?

    Router guard does have a, relatively minimal, impact on performance.  Given that most virtual machines are not running routing services it is not enabled by default, as it is not needed.

You can configure this setting through the UI or with PowerShell.  To configure it with PowerShell you should use the RouterGuard parameter on the Set-VMNetworkAdapter cmdlet:

Cheers,
Ben

Categories: MDT

PowerShell is King – Simple resource Metering using PowerShell

The Deployment Bunny - Tue, 03/25/2014 - 11:21

This morning the Big Boss sent an email “There is something wrong, it’s slow, fix it.”

Yes, Sir, no problem Sir, absolutely Sir (you get the picture). Anyway, I know we could have problems, since we are moving around all VM’s to change basically everything from design to hardware, so I needed a fast way to find out on what server, what VM and why. The first thing that comes to mind is the most valuable thing you have in a virtualized platform and that is IOPS, so for a few servers that could be having issues I run this:

 

$ServerNames = "HOST01","HOST02","HOST03","HOST04"

foreach ($ServerName in $ServerNames)

{

Get-VM -ComputerName $ServerName -Verbose| Enable-VMResourceMetering -Verbose

Get-VM -ComputerName $ServerName | Measure-VM | select VMname,AggregatedAverageNormalizedIOPS,AggregatedAverageLatency,AggregatedDiskDataRead,AggregatedDiskDataWritten | ConvertTo-Html > "$ServerName.html" -Verbose

}

/mike


Categories: MDT

Hyper-V Networking–DHCP Guard

Virtual PC Guy's WebLog - Mon, 03/24/2014 - 14:02

If you start digging into the advanced settings section of a virtual network adapter – there is a lot of interesting stuff to look at.  Today I’m going to talk about the DHCP guard setting:

This setting stops the virtual machine from making DHCP offers over this network interface.  To be clear – this does not affect the ability to receive a DHCP offer (i.e. if you need to use DHCP to acquire an IP address that will work) it only blocks the ability for the virtual machine to act as a DHCP server.

Two questions that I often get about this feature are:

  1. Why would I want to enable this option?

    Imagine you have a DHCP server virtual machine that is connected to multiple virtual networks.  You want to make sure that DHCP offers are only provided on one specific virtual network.  In this case you would enable the DHCP guard on any networks where you did not want the virtual machine to act as a DHCP server.
  2. Why isn’t this option enabled by default everywhere?

    DHCP guard does have a, relatively minimal, impact on performance.  Given that most virtual machines are not running DHCP servers it is not enabled by default, as it is not needed.

You can configure this setting through the UI or with PowerShell.  To configure it with PowerShell you should use the DHCPGuard parameter on the Set-VMNetworkAdapter cmdlet:

Cheers,
Ben

Categories: MDT

ConfigMgr 2012 R2 and Windows Azure Cloud Distribution Point

Coretech Blog » Kent Agerlund - Fri, 03/21/2014 - 12:30
  In order to use a Windows Azure distribution point, you need a few things like a Windows Azure account, Access to internal DNS, a couple of certifcates and 45 minutes. The Azure distribution point can act as a fallback distribution point for your Windows clients and do support most content type. To calculate the […]
Categories: MDT

My Daily Hyper-V Status Email–Part 5 of 5

Virtual PC Guy's WebLog - Fri, 03/21/2014 - 12:07

After displaying event logs, virtual machine health and storage health – the last thing that is included in my daily status email is usage data.

For this I take advantage of the built in metrics functionality that is part of Hyper-V.

Looking at this report – I realize I should probably filter our replicated virtual machines (those are all the entries with zero data).  I guess I will have to fix that at some point in the future.  Regardless – here is the code that I use today:

# VM Metrics $message = $message + "<style>TH{background-color:blue}TR{background-color:$($tableColor)}</style>" $message = $message + "<B>Virtual Machine Utilization Report</B> <br> <br> "   $message = $message + "CPU utilization data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={$_.AvgCPU};Label="Average CPU Utilization (MHz)"} ` | ConvertTo-HTML -Fragment) ` +" <br>" $message = $message + "Memory utilization data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={$_.AvgRAM};Label="Average Memory (MB)"}, ` @{Expression={$_.MinRAM};Label="Minimum Memory (MB)"}, ` @{Expression={$_.MaxRAM};Label="Maximum Memory (MB)"} ` | ConvertTo-HTML -Fragment) ` +" <br>" $message = $message + "Network utilization data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={"{0:N2}" -f (($_.NetworkMeteredTrafficReport | where-object {($_.Direction -eq "Inbound")}` | measure-object TotalTraffic -sum).sum / 1024)};Label="Inbound Network Traffic (GB)"}, ` @{Expression={"{0:N2}" -f (($_.NetworkMeteredTrafficReport | where-object {($_.Direction -eq "Outbound")} ` | measure-object TotalTraffic -sum).sum / 1024)};Label="Outbound Network Traffic (GB)"} ` | ConvertTo-HTML -Fragment) ` +" <br>" $message = $message + "Disk utilization data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={"{0:N2}" -f ($_.TotalDisk / 1024)};Label="Disk Space Used (GB)"} ` | ConvertTo-HTML -Fragment) ` +" <br>" $message = $message + "Metering Duration data: <br>" + ($metricsData | ` select-object @{Expression={$_.VMName};Label="Virtual Machine"}, ` @{Expression={$_.MeteringDuration};Label="Metering data duration"} ` | ConvertTo-HTML -Fragment) ` +" <br>"   # Reset metrics get-vm | Reset-VMResourceMetering get-vm | Enable-VMResourceMetering

Notes about this code:

  • $metricsData contains the output of “get-vm | measure-vm” (this is mentioned in my first post in this series).  The reason why I do this is because measure-vm is a heavy command (it uses a chunk of CPU and disk) so I only want to run it once.
  • Once again - I use raw HTML to set the color of the table headers. 
  • Again - I run the output of these commands through Select-Object with the use of the “Expression” option to set column labels appropriately.
  • Again - I use ConvertTo-HTML –Fragment to get a nice HTML table outputted.
  • At the end of this code I reset the counters, and enable metering on all virtual machines.  I do this so that if I add any new virtual machines, they get picked up automatically.

Cheers,
Ben

Categories: MDT

My Daily Hyper-V Status Email–Part 4 of 5

Virtual PC Guy's WebLog - Thu, 03/20/2014 - 12:48

Now that I have talked about displaying event log information and virtual machine health information; the next part of my status email is storage health information.

In my experience – the most common failure for my servers is a failed hard disk.  Now, as I have multiple levels of redundancy configured in my storage configuration, it is not always obvious that a disk has failed.  Luckily, it is very easy to get this information with PowerShell.

In fact, this is one of the primary reasons why I like using storage spaces.  The great integration with PowerShell.  Here is the code that I use to generate this table:

# Storage Health $message = $message + "<style>TH{background-color:DarkGreen}TR{background-color:$($errorColor)}</style>" $message = $message + "<B>Storage Health</B> <br> <br>" $message = $message + "Physical Disk Health: <br>" + ((Get-PhysicalDisk | ` Select-Object @{Expression={$_.FriendlyName};Label="Physical Disk Name"}, ` @{Expression={$_.DeviceID};Label="Device ID"}, ` @{Expression={$_.OperationalStatus};Label="Operational Status"}, ` @{Expression={$_.HealthStatus};Label="Health Status"}, ` @{Expression={"{0:N2}" -f ($_.Size / 1073741824)};Label="Size (GB)"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>OK</td><td>Healthy</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>" $message = $message + "Storage Pool Health: <br>" + ((Get-StoragePool | ` where-object {($_.FriendlyName -ne "Primordial")} | ` Select-Object @{Expression={$_.FriendlyName};Label="Storage Pool Name"}, ` @{Expression={$_.OperationalStatus};Label="Operational Status"}, ` @{Expression={$_.HealthStatus};Label="Health Status"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>OK</td><td>Healthy</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>" $message = $message + "Virtual Disk Health: <br>" + ((Get-VirtualDisk | ` Select-Object @{Expression={$_.FriendlyName};Label="Virtual Disk Name"}, ` @{Expression={$_.OperationalStatus};Label="Operational Status"}, ` @{Expression={$_.HealthStatus};Label="Health Status"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>OK</td><td>Healthy</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>"

Notes about this code:

  • I am using “Get-PhysicalDisk”, “Get-StoragePool” and “Get-VirtualDisk” to gather the raw data.
  • Once again - I use raw HTML to set the color of the table headers. 
  • Again - I run the output of these commands through Select-Object with the use of the “Expression” option to set column labels appropriately.
  • Again - I use ConvertTo-HTML –Fragment to get a nice HTML table outputted.
  • Again – I implement color coding for individual entries in the table.  I set each table cell to be “red” by default.  I then do some string parsing to see if the health is good – and switch the background color if I get a positive result.

Cheers,
Ben

Categories: MDT

My Daily Hyper-V Status Email–Part 3 of 5

Virtual PC Guy's WebLog - Wed, 03/19/2014 - 16:01

Continuing on with my daily status email series; after displaying event log information, my email displays a high level summary of the virtual machine health:

These tables are generated with the following code:

# VM Health $message = $message + "<style>TH{background-color:Indigo}TR{background-color:$($errorColor)}</style>" $message = $message + "<B>Virtual Machine Health</B> <br> <br>" $message = $message + "Virtual Machine Health: <br>" + ((Get-VM | ` Select-Object @{Expression={$_.Name};Label="Name"}, ` @{Expression={$_.State};Label="State"}, ` @{Expression={$_.Status};Label="Operational Status"}, ` @{Expression={$_.UpTime};Label="Up Time"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>Operating normally</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($warningColor)`"><td>")}else{$_}} ` | %{if($_.Contains("<td>Running</td><td>Operating normally</td>")){$_.Replace("<tr style=`"background-color:$($warningColor)`"><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>" # VM Replication Health $message = $message + "<style>TH{background-color:Indigo}TR{background-color:$($errorColor)}</style>" $message = $message + "<B>Virtual Machine Replication Health</B> <br> <br>" $message = $message + "Virtual Machine Replication Health: <br>" + ((Get-VM | ` Select-Object @{Expression={$_.Name};Label="Name"}, ` @{Expression={$_.ReplicationState};Label="State"}, ` @{Expression={$_.ReplicationHealth};Label="Health"}, ` @{Expression={$_.ReplicationMode};Label="Mode"} ` | ConvertTo-HTML -Fragment) ` | %{if($_.Contains("<td>Replicating</td><td>Normal</td>")){$_.Replace("<tr><td>", "<tr style=`"background-color:$($tableColor)`"><td>")}else{$_}}) ` + " <br>"

Both of these tables are generated by taking the output of “Get-VM” and displaying different information.

Notes about this code:

  • Once again - I use raw HTML to set the color of the table headers. 
  • Again - I run the output of these commands through Select-Object with the use of the “Expression” option to set column labels appropriately.
  • Again - I use ConvertTo-HTML –Fragment to get a nice HTML table outputted.
  • This time I do something different to get color coding for individual entries in the table.  I actually set each table cell to be “red��� by default.  I then do some string parsing to see if the health is good – and switch the background color if I get a positive result.  The reason why I use this approach is that the list of “known good states” is much smaller than the list of “known bad states”.

Cheers,
Ben

Categories: MDT

My Daily Hyper-V Status Email–Part 2 of 5

Virtual PC Guy's WebLog - Tue, 03/18/2014 - 12:12

Yesterday, I introduced my daily status email.  Today I am going to talk about the first chunk of information that is included in this email: event logs.

The primary goal of my status email is to let me know if anything has gone wrong.  By looking at any errors or warnings in the System and Hyper-V event logs; I can get a pretty good feel for the state of my servers.  Here is a quick screenshot from a recent status email:

This display was generated with this code:

# EventLog $message = $message + "<style>TH{background-color:$($errorColor)}TR{background-color:$($tableColor)}</style>" $message = $message + "<B>Parent EventLog</B> <br> <br>" $message = $message + "Errors: <br>" + ((Get-EventLog system -after (get-date).AddHours(-24) -entryType Error) | ` Select-Object @{Expression={$_.InstanceID};Label="ID"}, ` @{Expression={$_.Source};Label="Source"}, ` @{Expression={$_.Message};Label="Message"} ` | ConvertTo-HTML -Fragment) ` + " <br>"   $message = $message + "<style>TH{background-color:$($warningColor)}TR{background-color:$($tableColor)}</style>" $message = $message + "Warnings: <br>" + ((Get-EventLog system -after (get-date).AddHours(-24) -entryType Warning) | ` Select-Object @{Expression={$_.InstanceID};Label="ID"}, ` @{Expression={$_.Source};Label="Source"}, ` @{Expression={$_.Message};Label="Message"} ` | ConvertTo-HTML -Fragment) ` + " <br>"   # Hyper-V EventLog $message = $message + "<style>TH{background-color:$($errorColor)}TR{background-color:$($tableColor)}</style>" $message = $message + "<B>Hyper-V EventLog</B> <br> <br>" $message = $message + "Errors: <br>" + ((Get-WinEvent -FilterHashTable @{LogName ="Microsoft-Windows-Hyper-V*"; StartTime = (Get-Date).AddDays(-1); Level = 2}) | ` Select-Object @{Expression={$_.InstanceID};Label="ID"}, ` @{Expression={$_.Source};Label="Source"}, ` @{Expression={$_.Message};Label="Message"} ` | ConvertTo-HTML -Fragment) ` + " <br>"   $message = $message + "<style>TH{background-color:$($warningColor)}TR{background-color:$($tableColor)}</style>" $message = $message + "Warnings: <br>" + ((Get-WinEvent -FilterHashTable @{LogName ="Microsoft-Windows-Hyper-V*"; StartTime = (Get-Date).AddDays(-1); Level = 3}) | ` Select-Object @{Expression={$_.InstanceID};Label="ID"}, ` @{Expression={$_.Source};Label="Source"}, ` @{Expression={$_.Message};Label="Message"} ` | ConvertTo-HTML -Fragment) ` + " <br>"

Deep inside this code are two basic cmdlets.  Get-EventLog is used for getting entries from the System event log:

Get-EventLog system -after (get-date).AddHours(-24) -entryType Error

While Get-WinEvent is used for getting entries from the Hyper-V event logs:

Get-WinEvent -FilterHashTable @{LogName ="Microsoft-Windows-Hyper-V*"; StartTime = (Get-Date).AddDays(-1); Level = 2}

The rest of the code around these cmdlets performs the following operations:

  • I use raw HTML to set the color of the table headers.  Errors are put in tables with a red header, warnings get a yellow header.
  • I run the output of these commands through Select-Object with the use of the “Expression” option to set column labels appropriately.
  • Finally, I use ConvertTo-HTML –Fragment to get a nice HTML table outputted.

Tomorrow I will move on to showing how I generate information about the virtual machine state and replication health.

Cheers,
Ben

Categories: MDT

My Daily Hyper-V Status Email–Part 1 of 5

Virtual PC Guy's WebLog - Mon, 03/17/2014 - 12:17

I have spent a fair amount of time creating a reliable and resilient Hyper-V deployment in my house.  For the most part this system runs smoothly, however, the resiliency of the design leads to an interesting problem.

My Hyper-V servers are housed in a small closet off the side of my garage.  And if something goes wrong (hard disk failure, system failure, etc…) everything keeps on running happily.  And that is the problem, it should not run happily, it should tell me that something is wrong.  If something is wrong I needed to know straight away – so I can replace broken parts, etc… before a bigger problem develops.

To address this issue– I have created a PowerShell script that runs on each server and sends me a daily status email.

I have been refining this status email script over the last year or so – and am very happy with the results.  Some of the goals I had with this script were:

  • Should work with my ISPs SMTP server (so it works even if my internal infrastructure is in a bad state)
  • Should tell me everything I need to know about my servers
  • Should allow me to tell the status at a glance

At this point in time, I get a daily status email with all the information I need, handily color coded so I can see quickly if everything is good or not:

This week I am going to step through all the parts of this script (it is quite a large script!) and explain what they do, and why they are there.

Today I am going to cover some of the “trimming” that is necessary to make this script work.  Below is a code snippet which represents to top and bottom sections of my script – with all the data logic pulled out of the middle.

# Variables $filedate = get-date $computer = gc env:computername $metricsData = get-vm | measure-vm $tableColor = "WhiteSmoke" $errorColor = "Red" $warningColor = "Yellow" $FromEmail = "email@email.org" $ToEmail = "email@email.org"   # Establish Connection to SMTP server $smtpServer = "smtp.yourserver.com" $smtpCreds = new-object Net.NetworkCredential("yourUserName", "yourPassword") $smtp = new-object Net.Mail.SmtpClient($smtpServer) $smtp.UseDefaultCredentials = $false $smtp.Credentials = $smtpCreds   # HTML Style Definition $message = "<!DOCTYPE html PUBLIC`"-//W3C//DTD XHTML 1.0 Strict//EN`" `"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd`">" $message = "<html xmlns=`"http://www.w3.org/1999/xhtml`"><body>" $message = "<style>" $message = $message + "TABLE{border-width:2px;border-style: solid;border-color: #C0C0C0 ;border-collapse: collapse;width: 100%}" $message = $message + "TH{border-width: 2px;padding: 0px;border-style: solid;border-color: #C0C0C0 ;text-align: left}" $message = $message + "TD{border-width: 2px;padding: 0px;border-style: solid;border-color: #C0C0C0 ;text-align: left}" $message = $message + "TD{border-width: 2px;padding: 0px;border-style: solid;border-color: #C0C0C0 ;text-align: left}" $message = $message + "H1{font-family:Calibri;}" $message = $message + "H2{font-family:Calibri;}" $message = $message + "Body{font-family:Calibri;}" $message = $message + "</style>"   # Title $message = $message + "<h2>Data for Hyper-V Server '$($computer)' : $($filedate)</h2>"   # # A whole bunch of code goes here... #   $message = $message + "</body></html>"   $email = new-object Net.Mail.MailMessage $email.Subject = "Hyper-V Server Report: $($filedate)" $email.From = new-object Net.Mail.MailAddress($FromEmail) $email.IsBodyHtml = $true $email.Body = $message $email.To.Add($ToEmail)   # Send Email $smtp.Send($email)

This is basically the code that is necessary to send an email using PowerShell.  Note, there are simpler ways to send an email using PowerShell – but I am doing it with the Net.Mail.SmtpClient and Net.Mail.MailMessage objects for two reasons:

  1. My ISP (like many ISPs) requires that I authenticate to their SMTP server in order to send email.  This script supports SMTP authentication.
  2. I really wanted a color coded email – so that problems would be bright red and grab my attention.  To do this properly means that I need to be able to generate a HTML based email, not just a plain text one.

The rough summary of the code above is:

  1. All the necessary variables are established (note – I have removed my email addresses, usernames and passwords – so you will need to swap in appropriate values here).
  2. A connection to the SMTP server is created
  3. A HTML header is created for the email
  4. There is a whole bunch of code removed (that I will be covering over the course of this week)
  5. The email message is constructed, using the HTML message string as the body
  6. Finally, the email is sent using the SMTP server

Over this week I will be covering the sections of this script that:

  1. Gather key event log information
  2. Gather VM and VM Replication health information
  3. Gather Storage health information
  4. Gather utilization data about the virtual machines

The final result – for those who are too impatient to wait out the week – is the script that I have attached to the end of this blog post.  I have this script setup to run once a day using a scheduled task.

Cheers,
Ben

Categories: MDT

Protected Networks in Windows Server 2012 R2

Virtual PC Guy's WebLog - Tue, 03/11/2014 - 20:11

One of the new features in Hyper-V in Windows Server 2012 R2 is the concept of a protected network:

In Windows Server 2012 R2 any network adapter that is added to a virtual machine is automatically configured as a protected network adapter.  This means nothing if you are not using Hyper-V clustering, but if you are using Hyper-V clustering it has an important effect.

Basically, we will monitor this network connection for any link failures. 

If we detect that the virtual switch that is used for this virtual network adapter no longer has a functioning network connection – we will move the virtual machine to another node in the cluster.  Before we do this though, we check to make sure that the destination computer does have a functioning network connection on the corresponding virtual switch (this is important to avoid mass virtual machine migrations in the event of a switch failure).

If you are using network teaming in the host environment, you are unlikely to suffer complete link failure – but this functionality gives you an extra level of protection for network connectivity.

Cheers,
Ben

Categories: MDT

Event – CloudOS Roadshow in Stockholm and Gothenburg on March 18,19 -2014

The Deployment Bunny - Wed, 03/05/2014 - 02:05

Time to gather again for a full day of Windows Server 2012 R2

The Agenda is not 100% ready, but so far I know we will do the following:

- Deep Dive in Storage Spaces

- Deep Dive in Converged Networks

- Deep Dive in Hyper-V Replica and recover

Sign up for CloudOS Roadshow in Stockholm
Sign up for CloudOS Roadshow in Gothenburg


Categories: MDT

Installing ConfigMgr R2 2012 client for Mac OSx

Coretech Blog » Kent Agerlund - Sat, 03/01/2014 - 12:10
Earlier this week Microsoft released a new ConfigMgr R2 2012 Mac OSx client. Althoug it has been possible to enroll Mac OSx 10.9 clients without this new client, I still recommend a client upgrade. How to install the new client Download the new installer from: ConfigMgr 2012 R2 Mac Client Run the ConfigmgrMacClient.msi on a […]
Categories: MDT

KB2871690, Hyper-V, Server 2012, and Gen2 VMs

cluberti.com - Mon, 02/17/2014 - 23:32

If you’re finding this post, it’s possible (or maybe even likely) that you’ve tried to install KB2871690 onto a Generation 2 Windows Server 2012 virtual machine on a Hyper-V host, and the installation failed. For those of you that haven’t run into this issue yet, you will if you attempt to install this particular update on a Windows Server 2012 (or Windows 8.0) Gen2 VM. It’s very frustrating to have a few hundred VMs patch, reboot, and fail to install a particular update and restart again… and then have the update offered again, and go through the cycle yet again because the admin installing updates was unaware this update wasn’t going to work, the update wasn’t pulled from WSUS or SCCM, etc. It happens.

Why is it failing you ask? Well, in reading the security advisory for this particular update, it appears that the revocation list (which isn’t public) was for nine particular non-Microsoft, aka 3rd party, UEFI modules that were previously signed. Since the UEFI modules used in booting a Windows Server 2012 VM in a Hyper-V Gen2 VM are all Microsoft, they’re not on the list of revoked modules, and thus the install fails (there’s nothing to revoke, so there’s nothing to install). It’d be awesome if the people who wrote the hotfix package put some logic into it so it wasn’t offered on Hyper-V VMs, but apparently they did not. C’est la vie.

So, now we know why it fails to install… now what? What can be done to avoid the failure in the first place? Well, that depends on how you deploy your OS, your patches, or create your images. In my world, images are built via MDT, and deployed and patched via a mixture of SCCM (production) and WSUS (lab) servers. In MDT, I added the update package to the Packages node in the folder for Windows 2012 and Windows 8, so that any new images built have the update pre-staged during deployment – this image is hardware-neutral, and is used in both virtual and physical environments, so I want the update in the image going forward. In SCCM and WSUS, I’ve already got groups that map to Server 2012 VMs on physical hosts, and another that exist as Hyper-V VMs, so I’ve disapproved this update for those VM server groups so it won’t be offered going forward to any existing 2012 Hyper-V VMs.

So, in a nutshell, that’s what I’m doing right now to avoid the issue. Your mileage may vary, of course, but the above would be what I would tell you to do if you asked me my opinion!

Categories: MDT

Updated Hypervisor Top Level Functional Specification

Virtual PC Guy's WebLog - Mon, 02/17/2014 - 13:55

We have recently published a new version of the Hypervisor Top Level Functional Specification for Windows Server 2012 R2 / Windows 8.1.  You can grab a copy here:

http://download.microsoft.com/download/A/B/4/AB43A34E-BDD0-4FA6-BDEF-79EEF16E880B/Hypervisor Top Level Functional Specification v4.0.docx

Now, when you first open this document and start looking through it – you are probably going to think to yourself “Good grief! This is much too detailed for me!”.  And yes, it is a very technical document.  It is essentially a guide to how to build your own virtualization solution on our hypervisor.  That said, a couple of times a year I direct people to read this document so they can get answers to questions such as:

  • Can I discover the hypervisor version from inside the virtual machine?
  • How are virtual processors actually scheduled by the hypervisor?
  • How does the hypervisor handle machine check events?

There is a lot of good information in there – so I would recommend taking the time to read it through.

Cheers,
Ben

Categories: MDT

Get AIX Maintenance level

NINet.org - Mon, 02/17/2014 - 05:15
I had some software installs fail due to the maintenance level. So a quick script to check the ML of the machines.
Categories: MDT

Using Compare-VM on Compare-VM

Virtual PC Guy's WebLog - Thu, 02/13/2014 - 12:49

I have been spending a lot of time this week looking at all the functionality that is available in the Compare-VM PowerShell cmdlet in Hyper-V.  The core concept of Compare-VM is that it returns a “virtual machine compatibility report” that lets you know about any problems that exist with the virtual machine.

Once you have the virtual machine compatibility report, you can fix the problems and then pass the report to the cmdlet that you actually wanted to use.

However, what if you are not sure that you have really fixed the problems with the virtual machine compatibility report?  Simple – you can just pass the compatibility report back into Compare-VM.

This will recheck the virtual machine and let you know if there are any problems remaining.  You can keep on doing this until you get a compatibility report with no incompatibilities.  This is very handy if you are just messing around at the PowerShell prompt and want to double check yourself.

Cheers,
Ben

Categories: MDT

Using PowerShell to Live Migrate to a Computer with a Different Virtual Switch

Virtual PC Guy's WebLog - Wed, 02/12/2014 - 11:11

So far this week I have shown you how to register and how to import virtual machines with configuration problems using PowerShell.  However, the question I most often hear is this one: how do I use PowerShell to live migrate a virtual machine to another computer – where the virtual switch names do not match?

Once again – the answer is: “Use Compare-VM”

Here you can see that I try and use Move-VM to live migrate a virtual machine, and I get an error because the virtual switch names do not match.  And just like in the other cases, I call Compare-VM and give it the same parameters as when I tried to use Move-VM.

After doing this I just need to fix the incompatibilities and pass the results into Move-VM.

Cheers,
Ben

Categories: MDT

Enable RDP, firewall exceptions, and NLA settings via PowerShell and WMI (aka “the right way”)

cluberti.com - Wed, 02/12/2014 - 03:09

I’ve come across quite a few folks over the years that enable RDP by setting the registry values to do so manually, and enabling firewall rules the same way (or disabling the firewall service itself, which is not supported by Microsoft, so don’t). While neither of these things are “the right way” to do it (I found this out from dealing with Microsoft support on this, and apparently doing it manually via the registry can cause issues), the right way isn’t really called out as such very well that I can find either.

I’ve created a very simple PowerShell script (I put it in my MDT and SCCM task sequences when deploying machines as one of the first things done after the OS is deployed) that enables RDP for the Administrators group, opens the right port on the firewall, and can also be used to set it to NLA only if $NLAEnable = 1. Credit where credit is due, the script below was based on a script that does this same thing here. Thanks Robin!

This is “the right way” to do it, or so I’ve been told by Microsoft. To be fair, it’s much cleaner than what I see folks doing, so here it is:

$RDPEnable = 1 $RDPFirewallOpen = 1 $NLAEnable = 0 # Enable Remote Desktop Connections $RDP = Get-WmiObject -Class Win32_TerminalServiceSetting -Namespace root\CIMV2\TerminalServices -Authentication PacketPrivacy $Result = $RDP.SetAllowTSConnections($RDPEnable,$RDPFirewallOpen) if ($Result.ReturnValue -eq 0) { Write-Host "Remote Connection settings changed sucessfully" -ForegroundColor Cyan } else { Write-Host ("Failed to change Remote Connections setting(s), return code "+$Result.ReturnValue) -ForegroundColor Red exit } # Set Network Level Authentication level $NLA = Get-WmiObject -Class Win32_TSGeneralSetting -Namespace root\CIMV2\TerminalServices -Authentication PacketPrivacy $NLA.SetUserAuthenticationRequired($NLAEnable) | Out-Null $NLA = Get-WmiObject -Class Win32_TSGeneralSetting -Namespace root\CIMV2\TerminalServices -Authentication PacketPrivacy if ($NLA.UserAuthenticationRequired -eq $NLAEnable) { Write-Host "NLA setting changed sucessfully" -ForegroundColor Cyan } else { Write-Host "Failed to change NLA setting" -ForegroundColor Red exit }

Note that these WMI calls are documented on MSDN:

http://msdn.microsoft.com/en-us/library/aa383644(v=vs.85).aspx

http://msdn.microsoft.com/en-us/library/aa383441(v=vs.85).aspx

Categories: MDT

Pages