Category: Windows Server

Microsoft Ignite Cloud Skills Challenge 2020

Join the Microsoft Ignite Cloud Skills Challenge 2020

You can join the Microsoft Ignite Cloud Skills Challenge 2020 and get a free Microsoft Certification exam voucher! Were you looking to take a Microsoft Certification Exam? All participants of Microsoft Ignite 2020 who complete at least one collection in the Microsoft Ignite Cloud Skills Challenge are eligible for a free certification exam (subject to Terms and Conditions). Microsoft certifications can help you continue skilling up and prove your technical expertise to employers and peers. Check out my blog post on why you should become Microsoft certified.

Choose up to six different challenges to complete on Microsoft Learn. After you’ve completed your first challenge, you’ll earn a free Microsoft Certification exam. For each challenge you complete, you’ll earn five entries into a sweepstakes. One grand prize winner will receive a chance to meet with a Microsoft leader and invite up to four friends.

Join the Microsoft Ignite Cloud Skills Challenge 2020

You can join the Microsoft Ignite Cloud Skills Challenge 2020 by registering for Microsoft Ignite and sinning up for the Cloud Skills Challenge in the Learning Zone. The free certification exam is available for redemption starting October 12, 2020 and is valid until March 31, 2021. If you do not schedule and take your eligible exam within that timeframe, you will not be able to redeem your offer. Details and instructions on how to redeem your free certification exam will be available starting October 12, 2020.

You can take the exam at an authorized Pearson Vue testing center or through a Pearson Vue online proctoring site.

Available Microsoft Certification Exams

Check out the list of Microsoft Exams here:

Azure

Dynamics 365 and Power Platform

Microsoft 365

Conclusion

The Microsoft Ignite Cloud Skills Challenge 2020 is a great chance to learn more and get a free Microsoft Certification. Happy Learning!



Azure Automatic VM Guest OS Patching

How to configure Azure Automatic VM guest OS patching

If you want to keep your Azure virtual machines (VMs) up-to-date, then there is a service called Azure Update Management, which helps you to manage updates on your Azure VM guest operating system. However, this needed some additional planning and configuration. To make patching of your Azure virtual machines (VMs) easier, there is a new option called Automatic VM guest patching, which helps ease update management by safely and automatically patching virtual machines to maintain security compliance.

Automatic VM guest patching is now available in public preview for Windows virtual machines on Azure.

With Azure automatic VM guest patching enabled, the VM is assessed periodically to check for available operating system patches for that Azure VM. Updates classified as ‘Critical’ or ‘Security’ are automatically downloaded and installed on the VM during off-peak hours. This patch orchestration is managed and handled by Azure and patches are applied following availability-first principles.

In a nutshell, Azure automatic VM guest patching has the following capabilities:

  • Patches classified as Critical or Security are automatically downloaded and applied on the VM.
  • Patches are applied during off-peak hours in the VM’s time zone.
  • Patch orchestration is managed by Azure and patches are applied following availability-first principles.
  • Virtual machine health, as determined through platform health signals, is monitored to detect patching failures.
  • Works for all VM sizes.

Patches are installed within 30 days of the monthly Windows Update release, following availability-first orchestration described below. Patches are installed only during off-peak hours for the VM, depending on the time zone of the VM. The VM must be running during the off-peak hours for patches to be automatically installed. If a VM is powered off during a periodic assessment, the VM will be automatically assessed and applicable patches will be installed automatically during the next periodic assessment when the VM is powered on.

You can find more information on Azure automatic VM guest patching on Microsoft Docs.

How to enable Azure Automatic VM guest OS patching

To enable Azure automatic VM guest OS (operating system) patching, we currently have a couple of requirements.

  • Currently, only Windows VMs are supported (Preview). Currently, Windows Server 2012 R2, 2016, 2019 Datacenter SKUs are supported. (and more are added periodically).
  • Only VMs created from certain OS platform images are currently supported in the preview. Which means custom images are currently not supported in the preview.
  • The virtual machine must have the Azure VM Agent installed.
  • The Windows Update service must be running on the virtual machine.
  • The virtual machine must be able to access Windows Update endpoints. If your virtual machine is configured to use Windows Server Update Services (WSUS), the relevant WSUS server endpoints must be accessible.
  • Use Compute API version 2020-06-01 or higher.

These requirements might change in the future during the preview phase (for the current requirements check out Microsoft Docs).

During the preview, this feature requires a one-time opt-in for the feature InGuestAutoPatchVMPreview per subscription. You can run the following Azure PowerShell or Azure CLI command.

Azure PowerShell:

# Register AzProvider
Register-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Check the registration status
Get-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Once the feature is registered for your subscription, complete the opt-in process by changing the Compute resource provider.
Register-AzResourceProvider -ProviderNamespace Microsoft.Compute

Now you can enable automatic VM guest patching for your Azure virtual machines within that subscription. To do that you can currently use the REST API, Azure PowerShell, or the Azure CLI.

With Azure CLI, you can use the az vm get-instance-view .

az vm update --resource-group test-autopatch-rg--name azwinvm01 --set osProfile.windowsConfiguration.enableAutomaticUpdates=true osProfile.windowsConfiguration.patchSettings.patchMode=AutomaticByPlatform

You can see that there are two important parameters for this cmdlet. First the -enableAutoUpdate and secondly the -PatchMode. There are currently three different patch orchestration modes you can configure.

AutomaticByPlatform

  • This mode enables automatic VM guest patching for the Windows virtual machine and subsequent patch installation is orchestrated by Azure.
  • Setting this mode also disables the native Automatic Updates on the Windows virtual machine to avoid duplication.
  • This mode is only supported for VMs that are created using the supported OS platform images above.

AutomaticByOS

  • This mode enables Automatic Updates on the Windows virtual machine, and patches are installed on the VM through Automatic Updates.
  • This mode is set by default if no other patch mode is specified.

Manual

  • This mode disables Automatic Updates on the Windows virtual machine.
  • This mode should be set when using custom patching solutions.

If you need more control, I recommend that you have a look at Azure Update Management, which is already publicly available and also supports Windows and Linux servers running in Azure or on-premises.

To verify whether automatic VM guest patching has completed and the patching extension is installed on the VM, you can review the VM’s instance view.

az vm get-instance-view --resource-group test-autopatch-rg --name azwinvm01

This will show you the following result:

Azure Automatic VM Guest OS Patching Status

Azure Automatic VM Guest OS Patching Status

You can also create the patch assessment on-demand.

Invoke-AzVmPatchAssessment -ResourceGroupName "myResourceGroup" -VMName "myVM"

I hope this provides you with an overview of the new Azure automatic VM guest patching feature. If you want to have some advanced capabilities to manage updates for your Azure VMs and even your servers running on-premises, check out Azure Update Management. This will provide you with some advanced settings and your own maintenance schedules. If you have any questions, feel free to leave a comment.



Learn about Windows Server Hybrid and Azure IaaS VMs

Learn Windows Server Hybrid and Azure IaaS VMs

A couple of weeks back I promoted a post about how you can learn about Windows Server on Azure and a post on ITOpsTalk for New Microsoft Learn Modules for Azure and Windows Server IT Pros. This week I got another message by colleague Orin Thomas (Cloud Advocate and Author of the Windows Server 2019 Book), that a lot more Microsoft Learn modules have been published, covering Windows Server Hybrid and Windows Server on Azure IaaS VMs (Infrastructure-as-a-Service).

Learn about Windows Server Hybrid and Windows Server Azure IaaS VMs 🎓

Here is a full list of Microsoft Learn modules to learn about Windows Server Hybrid and Windows Server Azure IaaS VMs (virtual machines). This includes many of the Azure Hybrid Cloud services you can use together with Azure, like Azure Arc, Azure File Sync, Azure Site Recovery, and many more. These Microsoft Learn modules also cover a lot of the Azure Management services to manage your Windows Server virtual machines running on Azure, like Azure Monitor, Azure Update Management, networking, and much more.

I hope you enjoy the new Microsoft Learn modules for Windows Server Hybrid and Windows Server on Azure IaaS. If you have any questions feel free to leave a comment below. If you are looking forward to take some exams, also check out my Microsoft exam study guides, for example for:

Happy Learning!



Windows Server vNext Preview Build 20201

New Windows Server vNext Preview Build 20201

The Windows Insider and Windows Server team just announced a new Windows Server vNext Long-Term Servicing Channel (LTSC) release that contains both the Desktop Experience and Server Core installation options for Datacenter and Standard editions. The new Windows Server vNext Preview build has build number 20201 and adds a couple of new features and enhancements. Keep in mind this is an early preview version of Windows Server vNext, and there will be more channels until the official release.

If you want to learn more about Long-Term Servicing Channel (LTSC) and the Semi-Annual Channel (SAC), check out my blog: Windows Server – Semi-Annual Channel (SAC) vs. Long-Term Servicing Channel (LTSC) and the official Microsoft documentation for LTSC and SAC.

What is new

To give you an idea about the new features coming, here is a short glimpse of the new features and changes include:

  • CoreNet: Data Path and Transports
  • (Improved) RSC in the vSwitch
  • Direct Server Return (DSR) load balancing support for Containers and Kubernetes
  • Introducing Virtual Machine (Role) Affinity/AntiAffinity rules with Failover Clustering
  • Flexible BitLocker Protector for Failover Clusters
  • New Cluster Validation network tests
    • List Network Metric Order (driver versioning)
    • Validate Cluster Network Configuration (virtual switch configuration)
    • Validate IP Configuration Warning
    • Network Communication Success
    • Switch Embedded Teaming Configurations (symmetry, vNIC, pNIC)
    • Validate Windows Firewall Configuration Success
    • QOS (PFC and ETS) have been configured
  • Server Core Container images are 20 percent smaller
  • What’s new with the SMB protocol
    • SMB now supports AES-256 Encryption
    • Increased performance when using SMB encryption or signing with SMB Direct with RDMA enabled network cards
    • SMB now also can do compression to improve network performance

To learn more about the new features, check out the full announcement blog.

Download Windows Server vNext Preview Build

If you want to try out the new Windows Server vNext Preview Build 20201, you need to register as a Windows Insider. Registered Insiders may navigate directly to the Windows Server Insider Preview download page.  See the Additional Downloads dropdown for Windows Admin Center and other supplemental apps and products. If you have not yet registered as an Insider, see GETTING STARTED WITH SERVER on the Windows Insiders for Business portal.

Feedback is essential for the team to provide feedback for Windows Server, use your registered Windows 10 Insider device, and use the Feedback Hub application. In the app, choose the Windows Server category and then the appropriate subcategory for your feedback. In the title of the Feedback, please indicate the build number.

You can learn more about sharing feedback on Microsoft Docs: Share Feedback on Windows Server via Feedback Hub for specifics. We also encourage you to visit the Windows Server Insiders space on the Microsoft Tech Communities forum to collaborate, share, and learn from experts.

If you are interested in hyper-converged infrastructure solutions, also check out my blog post about the new Azure Stack HCI. If you have any questions, feel free to leave a comment.



Filter for Azure VMs and Azure Arc Machines

Inventory for Azure Arc enabled Servers

Azure Arc for Servers allows you to manage servers running in your on-premises location, at the edge, or in a multi-cloud environment directly from the Azure portal. There are many features available to manage these hybrid Azure Arc enabled servers, like Log Analytics or Azure Arc Machine extensions. However, one of the basic features of Azure Arc enabled Servers, is that you can now get an inventory and overview of all your servers. This allows you to see and manage your Azure Arc enabled servers next to your Azure resources.

Inventory for Azure Arc enabled Servers and Azure VMs

Inventory for Azure Arc enabled Servers and Azure VMs.

You can see that your Azure Arc enabled servers show up as Azure resources. You can use the filter to limit the view to only Azure virtual machines (VMs), and Azure Arc enabled servers.



Hyper-V VM Stop-VM failed to change state

Force Hyper-V Virtual Machine VM to turn off

In this blog post, we are going to have a look at how you can force a Hyper-V virtual machine (VM) to turn off using the HCSDiag tool. A couple of days ago I had an issue where I wasn’t able to shut down and turn off a Hyper-V virtual machine (VM). After I tried to shut down the Hyper-V VM using the Hyper-V Manager the VM was in a locked state and I couldn’t really do anything with it. Of course the first thing I tried using the PowerShell Stop-VM cmdlet with the force parameter to turn off the virtual machine.

Hyper-V VM Stop-VM failed to change state

Hyper-V VM Stop-VM failed to change state

But as you can see I had no success. Luckily I remembered a tool called the Hyper-V Host Compute Service Diagnostics Tool (HCSDiag.exe), which provides me with a couple of advanced options when it comes to Hyper-V virtual machine, container, and Windows Sandbox management.

The Hyper-V Host Compute Service Diagnostics Tool (HCSDiag.exe) is available in Windows 10 and Windows Server 2019 if you have the Hyper-V roles or virtualization features enabled, and can be helpful to troubleshoot Hyper-V containers, virtual machines (VMs), Windows Sandbox, Windows Defender Application Guard, Windows Subsystem for Linux 2 and more.

Hyper-V Get-VM list VMiD

Hyper-V Get-VM list VM ID

HCSDiag allows me to list all the running Hyper-V containers, including virtual machines. With the HCSDiag kill command, I can then force the Hyper-V VM to turn off.

Force Turn Off of Hyper-V virtual machine VM

Force Turn Off of Hyper-V virtual machine VM

I hope this post was helpful if you have a Hyper-V VM which you can’t turn off. If you have any questions, feel free to leave a comment. You can find more information about the HCSDiag tool, how it works with containers and other tools here on my blog.



Add ISO DVD Drive to a Hyper-V VM using PowerShell

Add ISO DVD Drive to a Hyper-V VM using PowerShell

Hyper-V offers the capability to add an ISO image to a virtual CD/DVD drive and you can use Hyper-V Manager to do that, or you can also use PowerShell. Here is how you can add an ISO to a Hyper-V virtual machine (VM) using PowerShell. There are two ways of doing it if you already have a virtual DVD drive attached to the VM or if you need to add a virtual DVD drive.

This works with Hyper-V on Windows Server and on Windows 10.

Attach ISO to an existing DVD Drive on a Hyper-V VM using PowerShell

To attach an ISO file to an existing virtual DVD drive on a Hyper-V virtual machine (VM) using PowerShell, you can use the following command:

Set-VMDvdDrive -VMName Windows10 -Path "C:\Users\thoma\Downloads\ubuntu-18.04.4-live-server-amd64.iso"

Add ISO file and DVD Drive to a Hyper-V VM using PowerShell

If your Hyper-V virtual machine doesn’t have a virtual DVD drive attached to it, you can add a virtual DVD drive including the ISO file with the following PowerShell command:

Add-VMDvdDrive -VMName "Windows10" -Path "C:\Users\thoma\Downloads\ubuntu-18.04.4-live-server-amd64.iso"

If you run this command on a virtual machine, which already has a virtual DVD drive attached, you will simply add a second virtual DVD drive to this machine. You can find more information on the Add-VMDvdDrive cmdlet on Microsoft Docs.

Conclusion

If you want to build some automation around Hyper-V on Windows 10 or on Windows Server, PowerShell is the way to go. If you have any questions feel free to leave a comment.