Category Archives: Microsoft

Hyper-V update list

Are you running Hyper-V in your environment? You might want to check out this list of updates, which not only contains download links but also mentions why the update might be needed. So if you have any specific problems (or want to avoid them) be sure to check it out!

It’s over at social.technet.microsoft.com.

Also available through RSS: http://social.technet.microsoft.com/wiki/contents/articles/hyper-v-update-list-for-windows-server-2008-r2/rss.aspx

Lots of stuff happening!

At the moment there are lots of stuff happening, both in our industry and at home.

This week I’ve started programming PowerShell seriously, trying to convert an “advanced” script to PowerShell since it’s supposed to be fewer lines of code. I bet it is, once you get past the initial irritation… Like why can’t I set the error message that validateset throws? Would’ve been nice.

If you’re a programmer you might wanna check out the developer resources for Mango over at Channel 9: http://channel9.msdn.com/posts/Mango-Jump-Start-01-Building-Windows-Phone-Apps-with-Visual-Studio-2010

Speaking of Channel 9 you could also take a look at the behind-the-scenes to see what’s going on over there: http://news.cnet.com/8301-10805_3-20103036-75/behind-the-scenes-at-microsofts-channel-9/

Apart from that I’m just as curious as everyone else about Microsofts new initiative with Hyper-V in Windows 8, which most likely will take the market away from Parallells and VmWare workstation. And hopefully kill that thing called XP-mode which is totally hopeless. Read more over at Building 8: http://blogs.msdn.com/b/b8/archive/2011/09/07/bringing-hyper-v-to-windows-8.aspx

At home we’ve bought a new apartment and selling the old one. You know the drill: Take 50% of the furniture away, clean. Take pictures. Wait, wait some more and so on. So that’s where my heads been at lately. I’ll be back with a vengeance.

Enable TPM in task sequence with SCCM and CCTK

During work me and a colleague have tested some utilities for handling hardware settings on both servers and clients. One of the more useful utilites we found was CCTK, Client Configuration ToolKit. This utility lets you change settings in BIOS, both during OSD and otherwise. The main usage we found for it was to enable and activate the TPM-chip on Dell client computers.

So how is it done?

You’ll need to download CCTK from Dells site.

And then run the script in the CCTK-folder to include it in your WinPE image. There’s one script for WinPE 2.1 and one for 3.0. This is due to the fact that the hardware driver needs to be local, it can’t be run from UNC.

Once it’s included you can run CCTK from command line in your task sequence.

The commands available can be found here or you can enable CMD-support in your WinPE and run it manually. It’ll then query BIOS for available switches and you can try it out before putting it in a task sequence.

Our TS looks like this:







All those reboots are because the computer needs to power cycle to both turn on and activate TPM. Once that’s done we apply our OS as usual and finish off with running the bdehdcfg.exe-utility which creates the necessary disk layout for Bitlocker and then we run the standard SCCM task “Enable Bitlocker”. If you don’t apply patches or anything else that’ll make the computer reboot you’ll need to have a “Restart Computer”-action after the disk has been configured.

Manage Out with Direct Access on UAG

Having implemented Direct Access with UAG (Microsoft Unified Access Gateway) at a customer location there were some questions when we were done. Their helpdesk is using SCCM (System Center Configuration Manager) and the remote management tools included, how would they go about managing the clients? Would that work even if the user wasn’t logged in? Well, after some research we found out that they could actually manage the client if someone was logged in. If nobody was, no remote management would occur.

The reason? Well, traffic initiated from the inside of the network have to go through the management tunnel if nobody is logged in. For that to happen the servers or workstations that wish to communicate have to be included in the management group. If you’re going to use a management server or workstation for your work it’ll have to be IPv6 capable too because DA / UAG won’t translate IPv4 to IPv6 for traffic initiated from the inside.

UAG configuration:

The UAG needs to include ALL the computers you want to use for remote management of DA clients where nobody is logged on. Ie using the management tunnel. As soon as a user logs on communication can occur on the user tunnel.

Client configuration:

If you’re using mobile connections you’ll need to make sure that they will register their address in DNS. If you don’t do this your clients won’t register, and you won’t be able to find them from your internal network.

(click for Lightbox)

Clients needs to have their firewall configuration updated with rules that allow the traffic you need, for example RDP. Please note that the profile you must use for this is the PUBLIC profile since that’s the one applied when the DA client is connected from the internet. You must also allow “edge traversal” for these rules to work over all tunnels.

(click for Lightbox)

More resources for manage out with Direct Access:
http://blogs.technet.com/b/edgeaccessblog/archive/2010/04/06/powerful-but-not-so-obvious-benefits-of-directaccess-manage-out-capabilities.aspx
http://blogs.technet.com/b/edgeaccessblog/archive/2009/11/17/deep-dive-into-uag-directaccess-manage-out-basics.aspx
http://technet.microsoft.com/en-us/library/ee809065.aspx

NIC Teaming in Server Core or Hyper-V Server

Update
Teaming with Intel ProsetCL
Teaming with Broadcom BACScli

If you’re running Server Core or Hyper-V Server 2008 R2 you’ve probably come across the problem of teaming nics. No matter which hardware vendor you choose, they all have they’re special way of doing things. Helping an old colleague out the other day it made me realize that it’s not as straightforward as it is in the full version, so I’ve tried it out with both Intel and Broadcom nics. Which you of course know covers the servers from both HP and Dell (where I work, shameless plug).

Installing the Broadcom software to support network teaming in Server Core / Hyper-V Server

Before you start you must install the prereq’s for the drivers, that comes down to .Net 2.0, .Net 2.0 WOW64 and SNMP.
The easiest way is to use OcSetup to install them:

Start /w ocsetup NetFx2-ServerCore
Start /w ocsetup NetFx2-ServerCore-WOW64
Start /w ocsetup SNMP-SC

The “/w” will let you wait during installation so you know when it’s finished, please note that roles/features are case sensitive for ocsetup so type it as it looks…

When that’s done you’ll need to download the 14.1.x-version of the BACS from Dell’s site and extract them to somewhere on your drive, default is c:broadcom. Navigate to the c:broadcomdriver_management_apps_installer and run setup.exe.

The wizard kicks in and when you’re done you can team your nics (and change other things too) through the c:/program files/broadcom/bacs.exe utility.

Installing the Intel software to support network teaming in Server Core / Hyper-V Server

Turns out that Intel has their own great post on the subject of command line installations which you can find at http://www.intel.com/support/network/sb/cs-016040.htm.

A short rundown otherwise is that you’ll need the setup.exe program for your nic, then you have multiple choices on how to install them. The base driver can be installed through the included pnputil.exe for Server Core or you could use the Intel setup.exe instead.

This is from Intel’s site and shows you what switches does what:

Setup.exe support the following command line parameters:

Parameter Definition
ANS Advanced Network Services
“0”, do not install ANS. If ANS is already installed, it will be uninstalled.

“1”, install ANS (default).

NOTE: If the ANS parameter is set to ANS=1, both Intel PROSet and ANS will be installed.

DMIX PROSet for Windows Device Manager
“0”, do not install Intel PROSet feature. If the Intel PROSet feature is already installed, it will be uninstalled.

“1”, install Intel PROSet feature (default).

NOTE: If DMIX=0, ANS will not be installed. If DMIX=0 and Intel PROSet and ANS are already installed, Intel PROSet and ANS will be uninstalled.

SNMP Intel SNMP Agent
“0”, do not install SNMP. If SNMP is already installed, it will be uninstalled.

“1”, install SNMP (default).

NOTE: Although the default value for the SNMP parameter is 1 (install), the SNMP agent will only be installed if:
The Intel SNMP Agent is already installed. In this case, the SNMP agent will be updated.
The Windows SNMP service is installed. In this case, the SNMP window will pop up and you may cancel the installation if you do not want it installed.

BD Base Driver and IOATDMA Driver
“0”, do not install the base driver.

“1”, install the base driver (default).

LOG [log file name]
LOG allows you to enter a file name for the installer log file. The default name is C:UmbInst.log.

-a Extract the components required for installing the base driver and I/OAT driver to C:Program FilesIntelDrivers. The directory where these files will be extracted to can be modified unless silent mode (/qn) is specified. If this parameter is specified, the installer will exit after the base driver and I/OAT driver are extracted. Any other parameters will be ignored.
-f Force a downgrade of the components being installed. NOTE: If the installed version is newer than the current version, this parameter needs to be set.

How to install the base driver on Windows Server 2008 and Windows Server 2003:

:Setup DMIX=0 ANS=0 SNMP=0

How to install the base driver on Windows Server 2008 and Windows Server 2003 using the LOG option:

:Setup LOG=C:installBD.log DMIX=0 ANS=0 SNMP=0

How to install Intel PROSet and ANS silently on Windows Server 2008 and Windows Server 2003 (32-bit version):

:Setup DMIX=1 ANS=1 /qn

How to install Intel PROSet without ANS silently on Windows Server 2008 and Windows Server 2003 x64 Edition:

:Setup DMIX=1 ANS=0 /qn

How to install components but deselect ANS for Windows Server 2008 and Windows Server 2003:

:Setup DMIX=1 ANS=0 /qn /liew C:install.log

The /liew log option provides a log file for the DMIX installation.

To install teaming and VLAN support on a system that has adapter base drivers and Intel PROSet for Windows Device Manager installed, type the command line :Setup ANS=1.

System Center Virtual Machine Manager + TFS for automatic testing

Spent the last two days setting up a solution at a customer together with Mattias Olausson from Callista. Our customer wants automatic testing of the nightly builds of their software, a task managed manually until now.

The setup consists of two servers, one running TFS (Team Foundation Server) and another one running System Center Virtual Machine Manager 2008 R2. Besides this we have a Hyper-V host for running the workloads. In SCVMM we’ve created four templates for the client operating systems that the tests should be run on, Windows 7 x86/x64 and Windows XP x86/x64. On these virtual machines we’ve installed all the necessary agents needed by TFS, converted them to templates in SCVMM and added sysprep.inf / unattend.xml to each template to enable a zero touch installation of each operating system.

In TFS Lab Manager you then create a testing project with a virtual infrastructure connected to it, and you select the templates you wish to run. TFS will then deploy the VM’s and run the tests you’ve configured. A report from the test will be written to your selected output directory and the VM’s will be destroyed.

If you’re interested in setting it up, the TFS team have a really good series of articles explaining everything in detail: http://blogs.msdn.com/b/lab_management/archive/2010/03/29/setting-up-various-topologies-to-test-with-visual-studio-team-lab.aspx

There’s also a basic concept overview at http://blogs.msdn.com/b/lab_management/archive/2009/05/18/vsts-2010-lab-management-basic-concepts.aspx

As far as SCVMM and Hyper-V goes you’ll find the basic configuration steps over at http://blogs.technet.com/b/scvmm/archive/2009/01/05/scvmm-2008-installation-step-by-step.aspx

And once you’ve got that up and running, you can run all your tests in the middle of the night and be a lot more productive during the days (sounded like straight from marketing, didn’t it…)!

Hyper-V – Resources and reading

Microsoft has released a new Best Practices Analyzer (BPA) for Hyper-V which will help you either plan your setup or check your existing configuration and wether it’s supported. You can find it over at Microsoft download center.

Here are some other interesting reading on the Hyper-V topic also:

Setting up XenDesktop on Hyper-V without PXE
http://community.citrix.com/display/ocb/2010/04/13/Three+Steps+to+a+PXE-Free+XenDesktop+on+Hyper-V

Inventory VM’s on Hyper-V
Ben Armstrong, Virtual PC Guy
http://blogs.msdn.com/virtual_pc_guy/archive/2010/04/14/scripts-to-inventory-virtual-machines-hyper-v.aspx

Hyper-V failover clustering options
http://weblog.bassq.nl/index.php/hyper-v-failover-clustering-options/

NetApp best practices guide on file system alignment
http://blogs.netapp.com/virtualization/2010/04/updated-netapp-best-practices-guide-on-file-system-alignment-for-virtual-environments.html

Disaster recovery for Hyper-V snapshots
http://www.sigmasquared.co.za/2010/04/disaster-recovery-for-hyper-v-snapshots/

Some useful Hyper-V posts
http://www.aidanfinn.com/?p=10525