Tag: PowerShell Direct

Run Windows Admin Center on Windows Server Core

Run Windows Admin Center on Windows Server Core

Windows Admin Center is a locally deployed, browser-based app for managing servers, clusters, hyper-converged infrastructure, and Windows 10 PCs. If you ever asked yourself if Windows Admin Center (WAC) runs on Windows Server Core, the answer is yes. Run and install Windows Admin Center on Windows Server Core, simply copy the MSI installer to the Windows Server, or download it directly. If you are running Windows Server in a Hyper-V virtual machine, PowerShell Direct and be very handy to copy files using the VMBus from the Hyper-V host to the virtual machine.

Copy Windows Admin Center MSI to Windows Server Core VM PowerShell Direct

Copy Windows Admin Center MSI to Windows Server Core VM PowerShell Direct

Download Windows Admin Center (WAC) from here. You can simply use the following commands on your Hyper-V host to copy a file using PowerShell Direct.

$cred = Get-Credential
$s = New-PSSession -VMName WindowsServerInsider -Credential $cred
Copy-Item -Path .\WindowsAdminCenterPreview1908.msi -ToSession $s -Destination "C:\Users\Administrator"

Now you can run the MSI installer for Windows Admin Center. There is also an unattended option for WAC on Windows Server Core. You can find more about installing WAC here.

Install Windows Admin Center on Windows Server Core

Install Windows Admin Center on Windows Server Core

After the installation has finished you can now remotely access the Windows Admin Center web portal form your workstation. However, if you install the new Microsoft Edge Insider Preview, which runs on Windows Server Core as well. You can access the console form your local machine. Don’t do that in production, but it is great if you are running demos or you need to troubleshoot the installation.

Install Microsoft Edge on Windows Server Core

Install Microsoft Edge on Windows Server Core

You can download the Microsoft Edge Insider from here. Thanks to Jeff Woolsey for the tip.

If you want to know more about Windows Admin Center check out my blog post and the Microsoft Docs. If you have any questions, please let me know in the comments. By the way, also make sure that you check out the Windows Admin Center Hybrid features, which allows you to easily connect Azure services.



Hyper-V Enhanced Session Mode

10 hidden Hyper-V features you should know about!

Microsoft added some amazing new features and improvements to Hyper-V over the past few years. A lot of them you can use in Windows Server 2016 Hyper-V today, but there are also a lot of features hidden in the user interface, and they are also included in Windows 10 Pro or Enterprise. I think this list should you a good idea about some of them.

Nested Virtualization

Hyper-V Nested Virtualization

Hyper-V Nested Virtualization allows you to run Hyper-V in a Hyper-V Virtual Machine. This is great for testing, demo and training scenarios and it works on Windows Server 2016 and Windows 10 Pro and Enterprise. Microsoft Azure will also offer some new Virtual Machine which will provide the Nested Virtualization feature in the Azure public cloud. Nested Virtualization is not just great if you want to run virtual machines inside a virtual machine, it is also great (and I think this will be the most significant use case in the future) you can also run Hyper-V Container inside a Hyper-V or Azure Virtual Machine. Hyper-V Containers are a feature that will bring the isolation of a Virtual Machine to a fast, light, and small footprint container. To enable Nested Virtualization, you have the following requirements:

  • At least 4 GB RAM available for the virtualized Hyper-V host.
  • To run at least Windows Server 2016 or Windows 10 build 10565 (and higher) on both the physical Hyper-V host and the virtualized host. Running the same build in both the physical and virtualized environments generally improves performance.
  • A processor with Intel VT-x (nested virtualization is available only for Intel processors at this time).
  • Other Hypervisors will not work

Configure the Virtual Machine for Nested Virtualization, follow the following steps:

  • disable Dynamic Memory on Virtual Machine
  • enable Virtualization Extensions on the vCPU
  • enable MAC Address Spoofing
  • set Memory of the Virtual Machine to a minimum of 4GB RAM

To enable the Virtualization Extensions on the vCPU you can run the following PowerShell command

Set-VMProcessor -VMName "VMName" -ExposeVirtualizationExtensions $true

PowerShell Direct

PowerShell Direct Enter-PSSession

Hyper-V PowerShell Direct is also one of the great new features in Windows 10 and Windows Server 2016 Hyper-V. PowerShell Direct allows you to connect to a Virtual Machine using PowerShell without connecting over the network. Instead of the network, PowerShell Direct uses the Hyper-V VMBus to connect from the Hyper-V host to the virtual machine. This is handy if you are doing some automation or you don’t have network access to the virtual machine. In terms of security, you will still need to provide credentials to access the virtual machine.

To use PowerShell Direct, you have the following requirements:

  • The virtual machine must be running locally on the Hyper-V host and must be started.
  • You must be logged into the host computer as a Hyper-V administrator.
  • You must supply valid user credentials for the virtual machine.
  • The host operating system must run Windows 10, Windows Server 2016, or a higher version.
  • The virtual machine must run Windows 10, Windows Server 2016, or a higher version.

To use PowerShell Direct, you can use the Enter-PSSession or Invoke-Command cmdlets with the -VMName, -VMId or VM parameter.

Enter-PSSession -VMName "VM01" -Credential (Get-Credential)

Hyper-V Virtual Switch using NAT

Hyper-V Virtual Switch NAT Configuration

If you are running Hyper-V on your workstation or laptop, you know that networking could have been a problem. With the Hyper-V Virtual Switch using NAT, you can now create an internal network for your virtual machines and still allow them to for example have internet access, like you would run your virtual machines behind a router. To use this feature, you have the following requirements:

  • Windows 10 and Windows Server 2016 build 14295 or later
  • Enabled Hyper-V role

To enable the NAT Switch, you can first create an internal switch using PowerShell, then the IP Address on the Virtual NIC on the Management OS and then set the NAT configuration:

New-VMSwitch –SwitchName “NATSwitch” –SwitchType Internal
 
New-NetIPAddress –IPAddress 172.21.21.1 -PrefixLength 24 -InterfaceAlias "vEthernet (NATSwitch)"
 
New-NetIPAddress –IPAddress 172.21.21.1 -PrefixLength 24 -InterfaceAlias "vEthernet (NATSwitch)"

To create NAT forwarding rules you can, for example, use the following command:

Add-NetNatStaticMapping -NatName “VMSwitchNat” -Protocol TCP -ExternalIPAddress 0.0.0.0 -InternalIPAddress 172.21.21.2 -InternalPort 80 -ExternalPort 80

Virtual Battery for Virtual Machines

Hyper-V VM battery

With the Windows 10 Insider Build XXXX and later with the release of the Windows 10 Fall Creators Update, Microsoft enabled a Virtual Battery feature for Hyper-V Virtual Machines. This will allow Hyper-V VMs to see the battery status of the host. This is great when you are running Hyper-V on a notebook or if you have a battery on your server

Hyper-V VMConnect – Enhanced Session Mode

Hyper-V Enhanced Session Mode

Interacting with Virtual Machines can be difficult and time consuming using the default VM console since you can not copy paste or connect devices. VMConnect lets you use a computer’s local resources in a virtual machine, like a removable USB flash drive or a printer and in addition to this, Enhanced session mode also lets you resize the VMConnect window and use copy paste. This makes it almost as if you would use the Remote Desktop Client to connect to the Virtual Machine, without a network connection, instead you will make use of the VMBus.

The Enhanced Session Mode feature was introduced with Windows Server 2012 R2 and Windows 8.1. Enhanced session mode provides your Virtual Machine Connection with RDP (Remote Desktop Protocol) capabilities over the Hyper-V VMBus, including the following:

  • Display Configuration
  • Audio redirection
  • Printer redirection
  • Full clipboard support (improved over limited prior-generation clipboard support)
  • Smart Card support
  • USB Device redirection
  • Drive redirection
  • Redirection for supported Plug and Play devices

Requirements for the Enhanced Session Mode are:

  • The Hyper-V host must have Enhanced session mode policy, and Enhanced session mode settings turned on
  • The computer on which you use VMConnect must run Windows 10, Windows 8.1, Windows Server 2016, or Windows Server 2012 R2 or higher
  • The virtual machine must have Remote Desktop Services enabled, and run Windows 8.1 (or higher) and Windows Server 2012 R2 (or higher) as the guest operating system.

You can use it, by pressing the enhanced session button (if you have all the requirements) on the Windows 10 Client this is enabled by default on the “host”. On Windows Server, you have to enable it first in the Hyper-V Manager under Hyper-V Settings

Hyper-V Manager Zoom Level

Hyper-V VMConnect Zoom Level

In the Windows 10 Creators Update, Microsoft introduced a new feature to the VMConnect Console. This feature allows you to control the zoom level of the Virtual Machine console, and this is especially handy if you have a high DPI screen.

Virtual TPM Chip

Hyper-V Virtual TPM

If you are running Windows 10 or Windows Server 2016 or higher, you can make use of a feature called Shielded Virtual Machines. This allows you to protect your virtual machines from being accessed from the outside. With this feature, Microsoft added different levels of security enhancements. One of them is the possibility to add a Virtual TPM chip to the virtual machine. With that enabled, you can use BitLocker or another encryption technology to encrypt your virtual machine disks from inside the VM.

Enable Hyper-V vTPM PowerShell

You can enable the Virtual TPM chip using the Hyper-V Manager or PowerShell. The virtual machine needs to be shut down.

Enable-VMTPM -VMName W10-01

If you need full protection, have a look at Shielded Virtual Machines with the Host Guardian Service (HGS).

VM Resource Metering

Hyper-V VM Resource Metering

With Windows Server 2012 Hyper-V Microsoft introduced a new feature in Hyper-V called VM Resource Metering which allows you to measure the usage of a virtual machine. This will enable you to track CPU, Memory, Disk, and network usage. This is a great feature, especially if you need to do chargeback or maybe even for troubleshooting.

You can enable VM Resource Metering using PowerShell

Enable-VMResourceMetering -VMName WS2016DX

To measure the virtual machine, you can use the following command

Measure-VM -VMName WS2016DX

Export and Share Hyper-V Virtual Machines

Export and Share Hyper-V Virtual Machine

Another feature a lot of people do not know about is that you can export Hyper-V Virtual Machines to copy them to another computer or server. The great thing about this, this can even be done while the virtual machine is running and you can also export the state of the virtual machine with it. You can use the UI to do this, or you just run PowerShell using the Export-VM cmdlet.

Export-VM -Name TomsVM -Path D:\

In the Windows 10 Fall Creators Update, Microsoft also added a button to share the Virtual Machine. This does not only export the virtual machine, but it also creates a compressed VM Export File (.vmcz).

Hyper-V Containers

Hyper-V Windows Containers

In Windows 10 and Windows Server 2016 you can run Windows Containers using Docker. While on Windows Server you can choose between running a Windows Container or a Hyper-V Container, you will always run a Hyper-V Container on Windows 10. While Hyper-V Containers and Windows Containers are fully compatible with each other, that means you can start a Windows Container in a Hyper-V Container runtime and the other way around; the Hyper-V Container gives you an extra layer of isolation between your containers and your operating system. This makes running containers not just much more secure but since the Windows 10 Fall Creators Update and Windows Server RS3 (Redstone 3), it will also allow you to run Linux Containers on a Windows Container Host, which will make Windows the best platform to run Windows Containers and Linux Containers side by side.

I hope this short list was helpful and showed you some features you didn’t know were there in Hyper-V. Some of these features are still in preview and are might not available in production versions of Hyper-V. Leave your favorite secret Hyper-V features in the comments!



PowerShell Direct Invoke-Command

How to Remote Manage your Nano Server using PowerShell

In a blog post some days ago I wrote how you can create your Nano Server Image and boot it inside a Virtual Machine. If you are familiar with Nano Server you know that Nano Server is a headless server so you can’t really login to this server. The only thing you can login is to the Nano Server Recovery Console. In the Nano Server Recovery console you can only view some information about the server such as Name or IP Address, restart the server and reset the network configuration. You don’t get any access to a shell or file system.

Nano Server Recovery Console

If you want to manage your Nano Server right now you can use the old MMC tools for Remote Management or PowerShell. PowerShell will be the key here to do simple management tasks. For this you can use PowerShell Remoting or if you run your Nano Server in a Virtual Machine you can also use PowerShell Direct.

For PowerShell Remoting you first have to configure your source system, if you haven’t already done this. (Some parts are maybe not needed if your local machine is in the same Active Directory Domain as your Nano Server).

you may need to start the WinRM service on your desktop to enable remote connections. From the PS console type the following command:

# Start the WinRM Service
 
net start WinRM

From the PS console, type the following, substituting servername or IP with the appropriate value (using your machine-name is the easiest to use, but if your device is not uniquely named on your network, try the IP address):

Set-Item WSMan:\localhost\Client\TrustedHosts -Value "servername or IP"

If you want to connect multiple devices, you can use comma and quotation marks to separate each devices.

Set-Item WSMan:\localhost\Client\TrustedHosts -Value "servername or IP, servername or IP"

You can also set it to allow it to connect to every server using the following command:

Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*"

Now you can start a session with your Nano Server. From you administrator PS console, type:

Enter-PSSession -ComputerName "servername or IP" -Credential servername\Administrator

As mentioned before, if you have installed your Nano Server in a Virtual Machine running on a Hyper-V host you can use PowerShell Direct to directly connect from your local Hyper-V host to your Nano Server VM.

Enter-PSSession -VMName "VMName" -Credential servername\Administrator


PowerShell Direct Enter-PSSession

Hyper-V PowerShell Direct

One of the new features of Hyper-V in Windows Server 2016 and Windows 10 is called PowerShell Direct. PowerShell Direct lets you remotely connect to a Virtual Machine running on a Hyper-V host, without any network connection inside the Virtual Machine. PowerShell Direct uses the Hyper-V VMBus to connect inside the Virtual Machine. This feature is convenient if you need it for automation and configuration for Virtual Machines or if you for example messed up network configuration inside the virtual machine and you don’t have console access.

Right now, there are two ways to use PowerShell Direct:

  • Create and exit a PowerShell Direct session using PSSession cmdlets
  • Run script or command with the Invoke-Command cmdlet
  • Use the PowerShell Direct session to copy files using the copy-item cmdlet

Requirements:

  • The virtual machine must be running locally on the Hyper-V host and must be started.
  • You must be logged into the host computer as a Hyper-V administrator.
  • You must supply valid user credentials for the virtual machine.
  • The host operating system must run Windows 10, Windows Server 2016, or a higher version.
  • The virtual machine must run Windows 10, Windows Server 2016, or a higher version.

PowerShell Direct examples

You can open a new interactive PowerShell Direct Session:

PowerShell Direct Enter-PSSession

Enter-PSSession -VMName "VM01" -Credential (Get-Credential)

PowerShell Direct Invoke-Command

You can use Invoke-Command to send script blocks to your Hyper-V Virtual Machines.

Invoke-Command -VMName "VM01" -Credential (Get-Credential) -ScriptBlock { Get-Process }

You can also create a PowerShell Direct session and use the Copy-Item -ToSession cmdlet to copy files to or from the VM.

$s = New-PSSession -VMName "VM01" -Credential (Get-Credential)
Copy-Item C:\Files C:\Targetfiles -ToSession $s

Remember it, this is not the same as PowerShell Remoting, even if it uses the same cmdlets. With that, not everything is working using PowerShell Direct, for some scenarios, PowerShell Remoting works differently. If you want to do this with Linux virtual machines, there is a tool called hvc.exe, which allows you to do the same.

If you want to know more about PowerShell Direct, check out the Microsoft Docs pages.