Archive for the ‘Hyper-V’ Category

Virtual Machine Management Service failure

I recently came across a Hyper-V host which after a power outage and a dirty shut  down, due the absence of a UPS, could not connect to the Virtual Machine Management Service.  When opening the Hyper-v console the VMs were not listed, and selecting “Connect to Server” resulted in the following error message; “An error occurred while attempting to connect to server ‘ServerName’.  Check that the Virtual Machine Service is running and that you are authorized to connect to the server.”

image

The Hyper-V services displayed running in the Services management console, and permissions had not changed, however when checking for dependencies for the Hyper-V Virtual Management Service it show no dependencies.  Comparing this to another Hyper-V host reveals the service depends on the Remote Procedure Call (RPC) and Windows Management Instrumentation service. Both of these were running as well.

When services and system information is not present in various consoles, and the WMI service is running, it can often be a result of missing or corrupt WMI files.  You can confirm this by running msinfo32.exe (System Information).  If so, you will receive a message “Can’t collect Information.  Cannot access the Windows Management Instrumentation software.  Windows Management files may be moved or missing.”

image

If this is the case there is an easy fix:

  • Always have a full backup of your system before making any changes!
  • Note:  Microsoft recommends troubleshooting, and restoring the WMI files rather than deleting them as I describe here.  Deleting the files can affect 3rd party software which may require reinstalling.  For more information see the links at the end of this article.  In this case the WMI checks showed no inconsistencies and a reset failed, so rebuilding was the best option.
  • Stop the Windows Management Instrumentation service, which will warn you that it will also stop the Hyper-V Virtual Machine Management and other services, verifying the link between the two.
  • Rename the WMI information file folder to something such as .old  C:\Windows\System32\wbem\Repository.old
  • image
  • Restart the host.   Upon reboot it will recreate the Repository folder and its contents.  You may find the first logon hangs for a few minutes and also it may be slow for a while as it rebuilds the files.
  • image
Additional information regarding troubleshooting WMI:

http://blogs.technet.com/b/askperf/archive/2009/04/13/wmi-rebuilding-the-wmi-repository.aspx

http://technet.microsoft.com/en-us/library/ff404265.aspx

Introduction to Microsoft Virtualization – Halifax event

For those following my blog in Atlantic Canada, you may be interested in an upcoming local event:

An Introduction to Microsoft Virtualization and the Private Cloud with System Center 2012 and Hyper-V

Event Details

Spend an evening with Mitch Garvis, Virtual Technology Evangelist with Microsoft Canada, getting to know the Microsoft server virtualization story.  Learn not only about Hyper-V, but also the management and Private Cloud scenarios that System Center 2012 SP1 brings to the table,  Learn how to build your cloud, and also how Microsoft sets itself apart from (and ahead of) the competition in the Virtualization world!

This informal event will consist almost entirely of discussions and demos, with only a smattering of PowerPoint and fluff.  The demos will be entirely unscripted, so you will get to ask what you want to see… and Mitch will do it!

The event is to be held Tuesday, June 11, 2013 from 5:30 PM to 9:00 PM, at the Nova Scotia Community College Institute of IT Campus, 5685 Leeds St., Halifax, NS

To register:  http://www.eventbrite.com/event/6998359281

Convert SBS 2003 to a virtual server

I recently needed to virtualize an SBS 2003, that is to say convert it from a physical machine to a virtual machine on a Hyper-V host.  I have done SBS conversions to VMware hosts in the past with with little or no problem, but converting to Hyper-V, my preference , was a little more involved.  I first Googled the task and found many suggestions which based on the various articles and instinct, using Microsoft’s disk2vhd was the simplest solution.  I was wrong.  The first run on a test machine using a single disk worked well but did require several ‘tweaks’, and then when I added the data drives, which may have been unrelated, I ran into many problems, especially when I tried installing the Integration Services components.  Though disk2vhd has worked well for me with other operating systems in the past, for some reason the HAL in this case caused problems.

I am not suggesting the following is the best method, or even a good method, but perhaps it will be of some help to those attempting the same task.   I have posted the steps that worked flawlessly for me on a test server, trail run, and final move.  All of the following was done remotely.

Note: The process will require re-activation of the SBS license.  If SBS is an OEM version; it is a licensing violation to install on different hardware or virtualize, the activation will probably fail, and if it does Microsoft will not assist.

  • If working remotely you will need to maintain access at least to the Hyper-V host throughout entire process.  You can use RDP, VPN, LogMeIn, or any of a dozen other alternatives, but make sure it is in place and working, your existing RWW is about to stop functioning until complete.
  • Clean up the initial machine:  Remove the second/WAN NIC if present (not the LAN NIC) and run the CEICW (Configure e-mail and Internet Connection Wizard). Note that making network changes remotely can be risky, you can loose access.
  • Run the SBS 2003 Best Practices Analyzer and resolve any problems. 
  • Presumably you do not want e-mail delivered to the server, or remote users accessing the server,  during the move, so log onto the router and disable port forwarding on the necessary SBS ports 25, 443, 444, 1723 and 4125, for now.
  • Download and run the free VMware converter tool.   When running the tool make sure you right click on the program icon and choose “run as administrator”, if not you will receive an error; “A general system error occurred: Crypto Exception: error:02001005:system library:fopen:Input/ output error:unable to load C:\ProgramData\VMware\VMware vCenter Converter Standalone\ssl\rui.crt”. 

image

  • Clicking Next will deploy the conversion agent

image 

  • In the “Destination System” window choose destination type as “VMware Workstation or other VMware virtual machine” and “VMware Server 2.x”.  The destination file location path must be to a network share, even if on the local machine.  I also found if running VMware Converter on the Hyper-V server, due to limited name resolution services running and not being a domain member, using the IP in conjunction with the user name worked best, such as 192.168.123.123\UserName, even if it is the local machine.  This was a simple workaround for the common credential error received by many; “The operation could not be completed for username due to incorrect user credentials”

image

  • Review the specifications for the resulting VM as to how much RAM is to be assigned (SBS 2003 is limited to 4GB), number of processors, and if you want to change/increase disk sizes.

image

image

  • In my experience the tool took less than 3 hours to convert about 100GB of files on 2 drives using a 10/100 mbps network, a relatively small site.
  • Next download and run the Starwind’s free V2V conversion tool . This will allow you to convert the vdmk file, or files, created by the VMware converter to vhd files which will be compatible with Hyper-V.  If you have more than one vdmk, you will need to convert one at a time. You only need the vdmk’s, the other config file/s created by the VMware converter are not necessary.

image 

  • When running the tool, point to the vdmk file and choose to convert to “MS Virtual PC” format.  You can also choose whether the resulting vhd (Hyper-V disk) is to be a “pre-allocated” or “growable” image.  These are Starwind’s terms for a “fixed size” or “dynamically expanding” disk.  The former, “fixed” is recommended on domain controllers, but not a requirement on recent Hyper-V servers.

image

  • I found the V2V conversion took about 60-70% as long as the previous P2V step. Once completed if you need the drive space you can delete the .vdmk and other files created by the VMware Converter tool.
  • Using the Hyper-V management console you can now create a new VM using the wizard.  When doing so  presumably you want the maximum RAM, so set to 4000 MB, leave the network adapter as “not connected”, under “Connect Virtual Hard Disk” choose “Use an existing virtual hard disk” and select your system disk (disk containing the C: partition) created by the P2V/V2V steps above, under “Installation Options” select “Install an operating system later”, and click finish.
  • Next, open the settings console for the newly created VM.  It will have added a network adapter, remove it and add a legacy network adapter but again if the existing SBS is still powered up on the same network segment choose “not connected”, if you have multiple physical or virtual processors (cores) adjust the number of processors, if you have multiple disks add the others, and review the remaining settings.

image

  • You are ready to start up the new VM.  Boot the Virtual SBS and log in.  Ignore any offers to discover and add new hardware.  You will be a notice you have 3 days to activate.  I recommend waiting until complete before doing so.  As mentioned do not install any hardware, but you may be prompted at different stages to reboot which you should do.  Note that you will have no mouse for this or the next 4 steps.
  • Manually configure the server’s NIC with the LAN IP, Gateway, and DNS pointing to its LAN NIC IP.  You can keep the same IP as the previous server if using the steps I have outlined.
  • Run the “Change Server IP Wizard” located under Server Management / Internet and E-mail, and keep the same IP as you just set.  The wizard will likely tell you it failed and you should run again due to inaccessibility to the LAN.  You can ignore.
  • Run the CEICW (Configure E-mail and Internet Connection Wizard) angin located under Server Management / Internet and E-mail, and make no changes, just accept the existing configurations.
  • Install the Hyper-V Integration Services by clicking “Insert Integration services Start Up Disk” under “Action” on the menu bar.  Allow this to complete and reboot as requested.  This can take a little while to run sometimes.
  • After reboot you may want to do some tweaking such as changing display size settings. 
  • You may also receive a message after rebooting; “At least one service or driver failed during system startup”.  Though this could be anyone of a dozen services, reviewing the event logs may show a parallel port service error.  To resolve this, on the VM from a command line run;  sc config parport start= disabled
  •   If not automatically removed, uninstall the VMware vCenter Converter Standalone Agent, using add/remove programs in the contol panel.
  • Flush the DNS, NetBIOS, and arp cache to be safe using  “ipconfig  /flushdns”, “nbtstat  –R”, and “arp  –d  * “
  • At this point you should be able to shut down the old server.  You may want to verify WakeOnLan is enabled and record the MAC address if you think you might have to remotely restart.  If so, you can download Solarwind’s Wake-On-LAN tool.
  • You can now enable the Virtual NIC on the SBS by choosing the physical NIC (Virtual Switch) to which you want to associate the Virtual NIC, in the settings configuration of the VM.
  • Perform any internal testing such as access to other LAN resources, Internet access, printer availability, services by clients are working such as redirected My Documents, and anything else with which you might be concerned.
  • Assuming all is well you can now forward the ports on the router to the new Virtual SBS to allow incoming e-mail and remote access by users.
  • Test e-mail reception, and finally activate the server through windows Activation process.

Canadians – Win a Trip for Two to Mexico!

Microsoft Canada has created a great opportunity for free on-line training in Microsoft Private Cloud services, while at the same time entering your name for a chance to win a trip for two to Mexico.  Free evaluation software is available for System Centre 2012, Windows Server 2008 R2 SP1, and Windows Server 2012 RC, as well as 6 free Virtual Academy courses, and 14 guided labs to introduce you to the Microsoft Private Cloud.

Keep in mind contest regulations state; “Sweepstakes is open to individual legal residents of Canada “ so your odds of winning are far greater than with global sweepstakes.

Learn About The Microsoft Private Cloud to Win a Trip for Two to Mexico!

Mexico2Microsoft has released new and exciting products that will change the way IT Pros utilize Virtualization and Microsoft Private Cloud solutions.   Two products which are a part of these great changes are the newly released System Center 2012 and the soon to be released Windows Server 2012.  Both of these solutions were designed to make virtualization and extending to the private cloud simpler and much more efficient.

With these new changes to Infrastructure and the IT world, it’s a great time to learn about these new solutions and keep yourself and your organization ahead of the curve in terms of where technology is headed.  In fact, Microsoft has even added an incentive to learn about their Private Cloud solutions through the Skyrocket Sweepstakes!

Entering is easy!  All you have to do is register, and then download a free TechNet evaluation like Windows Server 2012 RC or System Center 2012 to get started.  Every applicable evaluation you download gives you an entry into the sweepstakes! And the best part is the more evaluations you download, the better your chances.  And what’s the prize you may ask? Oh, just a 7 day, 8 night trip for two to Cozumel, Mexico!

The contest ends September 6th so don’t wait!  Register now!

Configuring Hyper-V Core

There are already dozens of articles relating to configuring Microsoft’s Hyper-V Server 2008 R2 (the free core version), however a colleague’s intimidation of command line server management inspired me to post my notes to ease his mind and perhaps those of a few readers as well.  Yes, it is a command line only version of server 2008 R2, with only a 15 line/option GUI to assist with the most basic configurations……..

image

Yet, after some minor configuration and enabling some basic services, you can manage the server in a very similar way you would manage others servers with; Hyper-V Manager, administrative tools, remote access, a file explorer, and even a web browser.

It is worth noting that there are definite advantages to using this version of Hyper-V.  It is free, it supports more than 32GB of RAM (server 2008 R2 standard does not, you need Enterprise or Datacenter editions), smaller footprint, and a somewhat limited attack surface.

Notes:

  • I am assuming Hyper-V core is successfully installed and you are at the point of configuring, if not the following links may help you get to this point Test Hyper-V compatibility, Step-by-Step Guide to Getting Started with Hyper-V
  • The assumption in this configuration is the Domain Controller and DNS server will be a virtual machine on the Hyper-V host. As a result it is recommended the Hyper-V host is not joined to the domain as no domain logon server will be available until after the guest VM has been started.
  • “Management PC” refers to the PC, or server, from which you wish to manage the Hyper-V host
  • All command line entries below, on both server and management PC, must be done from an elevated command prompt. On the server the default is elevated, which is confirmed by the “Administrator” on command window title bar

Server Configurations (Hyper-V host):

Run native Hyper-V GUI configuration tool:

  • The configuration tool (as in image above, should automatically start at logon but if not, from a command line, enter sconfig
  • Item #1: Leave as a workgroup
  • Item #2: Enter the computer name
  • Item #8: Configure the network: Use a static IP.  I recommend at least primary server be an internal DNS server, secondary an ISP. (Keep in mind on a domain joined server/PC you should not combine internal and public DNS servers, but this is not domain joined).  Best practices suggests 2 NIC’s should be enabled, one for management and the other for use by VM’s, though this is not necessary.
  • Item #9: Set date and time
  • Item #5: Set Windows update settings auto or manual.
  • Item #6: Download and install all updates, reboot as necessary
  • Item #3: Add any local admin accounts. I recommend adding new account with a name matching the login account of the remote management PC.  The names must match for some services to work.
  • Item #4: Configure remote management by enabling sub-options 1 to 3
  • Item #7: Enable remote desktop access (note this is still command line only)
  • Item #15 Exit to a command line

DNS:

As stated the Hyper-V machine is not a member of the domain, therefore it is recommended the following additions be made to assist with name resolution

Use the Hosts file to allow the Hyper-V host to resolve the name of the management PC.  From an elevated command prompt , open the Hosts file using Notepad by entering: notepad c:\Windows\System32\drivers\etc\hosts .  Add a record in the Hosts file for your management PC/s using

IP <tab> Pc’s DNS name <tab> # a note (optional) <enter>
eg: 192.168.123.123     PCname.MyDomain.local    # management PC

(Note: it is very important hit return, after every entry including the last line, and then save. For more information about Hosts and Lmhosts files, and their syntax see: https://blog.lan-tech.ca/2012/04/26/hosts-and-lmhosts-files/

Add the domain suffix to the domain search list within the registry to further assist with DNS name resolution.  Start the registry editor using regedit and locate the following registry key:

     HKLM\System\CurrentControlSet\Services\TCPIP\Parameters\SearchList

Then add your domain suffix such as mydomain.local (separate multiple suffixes, if needed, with commas)

Permissions:

To configure additional permissions on the Hyper-V host download Hvremote.wsf from:   http://archive.msdn.microsoft.com/HVRemote  to a USB drive or CD.  Then from a command line copy HVremote to local directory such as Temp folder.  DOS commands are as follows (assume HVremote is on a USB drive labeled D:

cd\
md Temp
copy D:\FolderName\hvremote.wsf  C:\Temp\hvremote.wsf

Run the following commands from the directory where hvremote is located to grant Hyper-V administrators the necessary permissions to do so.  This asdds the admin to the “Distributed COM User’s group”. Again from an elevated command prompt, run the following command using the user you created under Item #3 above in the initial configuration GUI.

     Cscript hvremote.wsf /add:user

If this is the first time hvremote has been used to add a user a reboot may be required

Firewall:

The necessary firewall exceptions should have been enabled by Item #’s 3 & 7 above.  You may also want to be able to ping (IPv4) the server for testing. To do so from a command line enter:

netsh firewall set icmpsetting 8

Or use the new command for “Windows Firewall with advanced Security”

     netsh advfirewall firewall add rule name=”ICMP Allow incoming V4 echo request” protocol=icmpv4:8,any dir=in action=allow

(Note: if cutting and pasting the above command, you will have to substitute the quotation marks using your keyboard.  This site’s/font’s quotation marks are not standard ascii characters)

For additional firewall information relating to pings see:  http://dpotter.net/technical/2010/02/enable-ping-on-windows-server-2008-2/


Management PC Configurations:

DNS:

If the PC is a member of a domain, you can add a Host (A) record to the DNS management console for the Hyper-V host, or you can make an entry in the management PC’s Hosts file similar to the instructions for the server. This will ‘point’ this to the server such as:

IP <tab> Server’s DNS name <tab> # a note (optional) <enter>
eg: 192.168.123.123     HVServerName.MyDomain.local     # Hyper-V host

Permissions:

As on the Hyper-V host, download HVremote from http://archive.msdn.microsoft.com/HVRemote  or copy from your USB Key to a local directory as below:

     cd\
md Temp
copy D:\FolderName\hvremote.wsf C:\Temp\hvremote.wsf

Using an elevated command prompt run the following commands from the directory where HVremote is located.  Where the Hyper-v host is not part of the domain you must enable anonymous DCOM access using:

     Cscript hvremote.wsf /mode:client /anondcom:grant

This one command must be run from an non-elevated command line:

Cmdkey /add:ServerComputerName /user:ServerComputerName\UserName /pass:UserPassword

Firewall:

There are 4 Hyper-V Management Client firewall exceptions that need to be enabled.  Running the following command, from an elevated command prompt, will do so:

     Cscript hvremote.wsf /mode:client /FirewallHyperVClient:Enable

You also need allow rules for MMC exceptions (management consoles) which can be applied with:

    Cscript hvremote.wsf /mode:client /mmc:enable

If you have other 3rd party firewall software installed, you need to manually configure it with the same exceptions.

If you wish to use the Disk Management component of the Computer Management MMC for the remote host, you need to enable the inbound “Remote Volume Management – Virtual Disk Service Loader (RPC)” exception with:

     netsh advfirewall firewall set rule name=”Remote Volume Management – Virtual Disk Service Loader (RPC)” new enable=yes

You also have to set the “Virtual Disk service” on the Hyper-V server to Automatic and start it.

sc config vds start= auto
sc start vds
    (not needed if rebooting – will automatically start)

Reboot:

To apply all changes a reboot of the PC is recommended.

Testing connectivity:

When complete test and review the output using the commands below.  For details and troubleshooting download the documentation for HVRemote from:  http://archive.msdn.microsoft.com/HVRemote

From the server:

     Cscript hvremote /mode:server /show /target:clientcomputername

From the client PC:

Cscript hvremote /mode:client /show /target:ServerComputerName


Remote Management Tools:

RSAT tools:

Download and install RSAT (Remote Server Administration Tools) on the management PC making sure you have the RSAT version compatible with that PC’s operating system. The link for Win7 SP1 is below.  With these tools you can now connect the Hyper-V host and manage it from a PC using  all those familiar tools like Computer Management, Disk Management, Windows Firewall with Advanced security, Task Sheduler, etc., and of course the most important; Hyper-V manager which will allow you to create and manage your VM’s the same as you would if you had the full GUI version of Server 2008 R2 as a host.

http://www.microsoft.com/download/en/details.aspx?id=7887

Remote Console (RDP):

You can access the Hyper-V console (still command line only) using a standard RDP connection. You can also install “Portable Apps” which you can then run from an RDP session.  See further down in this list of Remote management tools.

     Mstsc -v:<Hyper-V host name>

Portable Apps:

You can run standard “portable apps” on the console, or during a remote desktop session such as:

Windows Explorer Equivalent A43:

http://www.alterion.us/a43/index.html

Firefox Web Browser (for security reason web browsing from the host is not recommended):

http://portableapps.com/apps/internet/firefox_portable

Others:

http://www.portablefreeware.com/all.php

Powershell:

To remotely run PowerShell you will need Powershell 2. which is available from Windows updates. To install and enable please see the following article http://geekswithblogs.net/twickers/archive/2009/11/04/136013.aspx  With it from the Host console, or remotely, you can manage many services using scripts/cmdlets from:

http://pshyperv.codeplex.com/

Others:

http://www.portablefreeware.com/all.php

PSExec:

PSExec is a tool developed by Sysinternals, now Microsoft that allows you to run DOS commands on remote machines:

http://technet.microsoft.com/en-us/sysinternals/bb897553

Hyper-V Monitor Gadget:

A great desktop gadget for monitoring the status of your Hyper-V servers, status and perfomance, as well as the ability to start and stop.  Requires permissions and services as outlined earlier.

http://hypervmonitor.codeplex.com/


Additional Resources:

Configure Hyper-V Remote Management in seconds

http://blogs.technet.com/b/jhoward/archive/2008/11/14/configure-hyper-v-remote-management-in-seconds.aspx

Full HVRemote documentation and download:

http://archive.msdn.microsoft.com/HVRemote/Release/ProjectReleases.aspx?ReleaseId=3084

Install and Configure Hyper-V Tools for Remote Administration

http://technet.microsoft.com/en-us/library/cc794756(WS.10).aspx

How to use the “netsh advfirewall firewall” context

http://support.microsoft.com/kb/947709

How to Enable Remote Administration of Server Core via MMC using NETSH

http://blogs.technet.com/b/askds/archive/2008/06/05/how-to-enable-remote-administration-of-server-core-via-mmc-using-netsh.aspx

Windows 8, Hyper-V, and SLAT

Windows 8 desktop O/S will include Hyper-V support, however there seems to be some confusion about hardware requirements.

Hyper-V server has always required:

“Processor : x64 compatible processor with Intel VT or AMD-V technology enabled.
Hardware Data Execution Prevention (DEP), specifically Intel XD bit (execute disable bit) or AMD NX bit (no execute bit), must be available and enabled.”  (from
http://www.microsoft.com/download/en/details.aspx?id=3512)

This hasn’t changed with the Hyper-v server version of Windows 8, but the desktop version of Hyper-V will require the processor also be SLAT compatible.  So, how do I know if my system will support Hyper-V?  Microsoft has a simple little command line tool called CoreInfo that will check for all requirements.   http://technet.microsoft.com/en-us/sysinternals/cc835722

Simply open a command window with elevated privileges and run  coreinfo –v  to display the supported virtualization features.  An asterisk indicates supported and a dash means unsupported.

image

Intel64 Family  –  indicates 64 bit support
Hypervisor is present  –  shows if the Hypervisor role is currently enabled
Supports Intel hardware-assisted virtualization  – verifies Virtualization support
Supports Intel extended page tables (SLAT)  –  confirms SLAT compatibility

Another little utility worth mentioning is Securable by GRC.com   This has been a standard for testing for Hyper-V compatibility, but so far does not include tests for SLAT support.  It does however have a specific DEP check. http://www.grc.com/securable.htm

image

I should also point out, if you plan to enable Remote FX support on a Hyper-V server (a server O/S), whether Server 2008 R2 or Windows Server 8, you will need a SLAT compatible processor.

Am I logged onto a virtual or physical machine ?

I was asked; “When logging onto a remote machine, how do I know if it is a physical or virtual, server or PC” ?  Since the experience is “virtually” the same, it is not readily apparent.  There are a few ways to verify but in my opinion the simplest is to run systeminfo from a command line.  Within the output, next to “System Manufacturer” and “System Model:” it will show:

  • On a VM running on Hyper-V => “Microsoft Corporation” and “Virtual Machine”
  • On a VM running on VMware Server => “VMware, Inc.” and “VMware Virtual Platform”
  • On a physical machine => “System Manufacturer” or the actual manufacturer, and the motherboard model number such as D945GNT (Intel)

To parse the results of systeminfo and only return the information to determine if virtual or not, run:

systeminfo |find “System Model”

image

Tag Cloud