Last updated by at .

  • Microsoft Azure
  • Virtual Machine Manager

Category: Windows Server 2012

SCVMM Bare-Metal Fails

Add drivers to SCVMM Bare-Metal WinPE Image

A long time ago I wrote a blog post on how you can use System Center Virtual Machine Manager Bare-Metal Deployment to deploy new Hyper-V hosts. Normally this works fine but if you have newer hardware, your Windows Server Image does may not include the network adapter drivers. Now this isn’t a huge problem since you can mount and insert the drivers in the VHD or VHDX file for the Windows Server Hyper-V image. But if you forget to update the WinPE file from Virtual Machine Manager your deployment will fails, since the WinPE image has not network drivers included it won’t able to connect to the VMM Library or any other server.

You will end up in the following error and your deployment will timeout on the following screen:

“Synchronizing Time with Server”

SCVMM Bare-Metal Fails

If you check the IP configuration with ipconfig you will see that there are no network adapters available. This means you have to update your SCVMM WinPE image.

First of all you have to copy the SCVMM WinPE image. You can find this wim file on your WDS (Windows Deployment) PXE Server in the following location E:\RemoteInstall\DCMgr\Boot\WIndows\Images (Probably your setup has another drive letter.

WDS SCVMM Boot WIM

I copied this file to the C:\temp folder on my System Center Virtual Machine Manager server. I also copied the extracted drivers to the C:\Drivers folder.

After you have done this, you can use Greg Casanza’s (Microsoft) SCVMM Windows PE driver injection script, which will add the drivers to the WinPE Image (Boot.wim) and will publish this new boot.wim to all your WDS servers. I also rewrote the script I got from using drivers in the VMM Library to use drivers from a folder.

Update SCVMM WinPE

This will add the drivers to the Boot.wim file and publish it to the WDS servers.

Update WDS Server

After this is done the Boot.wim will work with your new drivers.

 

 

 

 

 



Microsoft System Center Logo

Technical Documentation for Getting Started with System Center 2012 R2

Marcel van den Berg just posted a blog post about the availability of the Technical Documentation for Getting Started with System Center 2012 R2 which was just released by Microsoft. The Technical Documentation covers the Support Matrix and Upgrade Sequence for System Center 2012 R2.

System Center 2012 R2 Requirements

You can download the documents on the Microsoft Download website.



Hyper-V Share

Hyper-V is eating VMware’s lunch

During the WPC 2014 Keynote Microsoft COO Kevin Turner showed the following slide and commented it:

Hyper-V is eating VMware’s lunch

 

Hyper-V has now 30,6% market share in x86 Server Virtualization which means Microsoft won 4.6% since the release of Windows Server 2012. VMware is now at 46.4% market share which means they lost 5.1% market share since the release of Windows Server 2012 Hyper-V.

And this because of good reasons, like great features and 4 times lower cost than VMware. So if you are still running VMware you should definitely have a look at Hyper-V now!



Distinguished Judges for the UCS Power Scripting Contest

Cisco UCS PowerShell Scripting Contest

In the Microsoft world PowerShell is the tool to automate everything especially in your datacenter. I already mentioned that Cisco offers some great enhancements for the Microsoft Datacenter stack. If you are using a Cisco UCS solution you can integrate System Center Virtual Machine Manager, Orchestrator and others. But Cisco does also offer a PowerShell module for the UCS called Cisco UCS PowerTool. The UCS PowerTool allows you to automate management and deployment tasks very easily via Windows PowerShell. By the way, one of the coolest features in the Cisco UCS PowerTool is the ConvertTo-UCScmdlet.

Cisco announced the UCS Power Scripting Contest

Everyone is invited to share their scripts and possibly win some prizes by entering the UCS Power Scripting Contest on the Cisco Communities.  The contest will run until May 11th.  A distinguished panel of judges (Jeffery Snover, Rob Willis, Don Jones, Hal Rottenberg and Thomas Maurer) along with other members of the community will select the grand prize winner from a set of five finalists.

Distinguished Judges for the UCS Power Scripting Contest

I am proud to be one of the Distinguished Judges for the UCS Power Scripting Contest and I hope we will see some great solutions. To get more information about the contest check out the Cisco Blog from Bill Shields and the UCS Power Scripting Contest website.



CLIXML Export Import

Save PowerShell Object to file for Remote Troubleshooting

This is not something new to the most of you PowerShell guys out there, but still there are a lot of IT Pros which do not know about this. Sometimes we have to do some remote troubleshooting without having access to the system itself. The thing you can do is to let the customer send you some screenshots but that doesn’t really show everything and maybe you have to contact the customer like 100 times to get the right information. A better solution is to let the customer to run a PowerShell command or script and send you the output. But even a text file or screenshot of the PowerShell output is not the best solution. If you get a lot of text in a TXT file it is hard to sort it and maybe there are some information missing because the txt output does not include all information of the PowerShell object.

I have started to use a simple method to export PowerShell objects to a XML file and import the object on another system. This can be done by the PowerShell cmdlets Export-Clixml and Import-Clixml.

What I do is, I tell the customer to run the following command to generate a XML with the PowerShell objects about his disks for example.

After I got this XML file, I can import it here on my local system and can work with it as I would be in front of the customer system.

CLIXML Export Import

As I said, this is nothing new but this can save you and your customer some time. Of course this works with other objects not just disks ;-) For example you can get Cluster Configurations, Hyper-V Virtual Switch Configurations and much more.

 

 



Windows Azure Pack Architecture

Some days ago I wrote about Windows Azure Pack which basically brings Windows Azure Services to your datacenter on top of Windows Server and System Center. I also showed a little overview how the overall architecture looks like, including the different resource providers such as VM Cloud or SQL Server.

Overall Architecture

Windows Azure Pack Archtiecture Overview

Components

If you a look on the Windows Azure Pack you have 7 different components, which need to be installed.

Service Management APIs

  • Windows Azure Pack Admin API – The Windows Azure Pack Admin API exposes functionality to complete administrative tasks from the management portal for administrators or through the use of Windows PowerShell cmdlets.
  • Windows Azure Pack Tenant API – Windows Azure Pack Tenant API enables users, or tenants, to manage and configure cloud services that are included in the plans that they subscribe to.
  • Windows Azure Pack Tenant Public API – Windows Azure Pack Tenant Public API enables end users to manage and configure cloud services that are included in the plans that they subscribe to. The Tenant Public API is designed to serve all the requirements of end users that subscribe to the various services that a hosting service provider provides.

Authentication sites

  • Admin Authentication Site - This is the authentication site where Administrators authenticate against. By default, Windows Azure Pack uses Windows authentication for the administration portal. You also have the option to use Windows Azure Active Directory Federation Services (AD FS) to authenticate users.
  • Tenant Authentication Site – This is the authentication site where Tenants (Customers) authenticate against. Windows Azure Pack uses an ASP.NET Membership provider to provide authentication for the management portal for tenants.

Service Management portals

  • Management portal for administrators - A portal for administrators to configure and manage resource clouds, user accounts, tenant plans, quotas, and pricing. In this portal, administrators create Web Site clouds, virtual machine private clouds, create plans, and manage user subscriptions.
  • Management portal for tenants - A customizable self-service portal to provision, monitor, and manage services. In this portal, users sign up for services and create services, virtual machines, and databases.

Source: TechNet

In addition to the Windows Azure Pack components you also have the Resource providers such as VM Cloud (IaaS), Websites, SQL and more, which integrate in WAP.

Design

You can install all of the Windows Azure Pack components on different servers and also make them highly available and scalable. First you have to understand that there are multiple types of components, you have the Tenant Portal, Tenant authentication site and the tenant public API which are public and should be accessible for the customers, Tenant API, Admin API, Admin Portal, Admin Authentication site as well as the SQL database behind are so called privileged services which should be protected.

Windows Azure Pack ditributed deployment architecture

 

Microsoft describes several different scenarios which you can mix. The minimal installation shows you two “servers” or tiers, one for the public facing services and one for the privileged services. To make them highly available you would have two servers for each tiers behind a load balancer.

Windows Azure Pack minimal deployment architecture

The make the deployment more scalable you can split up the different components on different tiers.

Windows Azure Pack scaled deployment architecture

Well and Microsoft also offers you an express installation which should only be used for lab or proof of concept installations. This installs all the needed components on to a single server.

Windows Azure Pack Express Deployment

At the end you and the customer have to decide how you deploy your environment based on scale, availability and security. You can get more information about the Windows Azure Pack Architecture on TechNet.



Hyper-V Gernal Access dinied error

Hyper-V over SMB: Set SMB Constrained Delegation via PowerShell

When you are having configured a Hyper-V over SMB configuration, which means the virtual machines are running on Hyper-V host and are stored on a SMB file share, and you try to manage the virtual machine remotely from Hyper-V Manager or Failover Cluster Manager, you will run into access denied errors. The same error can also happen if you try live migrate the virtual machine. This error is caused because you are using the credentials from the machine which Hyper-V or Failover Cluster Manager is running on to access the file share via the Hyper-V host. This “double-hop” scenario is not by default not allowed because of security reasons. You can find more about Kerberos Authentication on TechNet.

To avoid this error you have to configure the SMB Constrained Delegation in Active Directory to allow this scenario for specific “double-hops”. In Windows Server 2012 Microsoft made setting up Kerberos constrained delegation much easier by introducing resource-based Kerberos Constrained Delegation. This it wasn’t that easy to deploy and required some step. In Windows Server 2012 R2 Microsoft introduced new Windows PowerShell cmdlets to configure SMB Constrained Delegation directly from PowerShell. These cmdlets are offered by the Active Directory PowerShell module.

On your management box or where ever you want to configure SMB Constrained Delegation you have to install the Active Directory PowerShell module. (You don’t need the module on the Hyper-V host or SMB file servers)

Now you can use the following cmdlets.

  • Get-SmbDelegation –SmbServer FileServer
  • Enable-SmbDelegation –SmbServer FileServer –SmbClient HyperVHost
  • Disable-SmbDelegation –SmbServer FileServer [–SmbClient HyperVHost] [-Force]

For example if you are running a two node Hyper-V cluster and you use a Scale-Out File Server cluster (SOFS01) as virtual machine storage, the configuration could look like this.

Because these cmdlets only work with the new resource-based delegation, the Active Directory forest must be in “Windows Server 2012” functional level. A functional level of Windows Server 2012 R2 is not required.

And as I mentioned before you can also use System Center Virtual Machine Manager (VMM) to manage your storage, which uses a different approach and does not need the configuration of Kerberos Constrained Delegation.