27 August 2013

SCVMM 2012 SP1 library issues and fixes

System Center Virtual machine Manager 2012 SP1 includes support for Windows Server 2012 and Hyper-
V 3.0  Logically you would think that VMM 2012 is now fully supported and supporting of the Windows Server 2012 technology stack, but you would be wrong.

Error 2905
When adding an additional VMM Library server hosted on Windows Server 2012 you may run  into the following issue:

Error (2905)
The file name, folder name, or volume label syntax \\<ServerName>\CommonLibrary\ApplicationFrameworks\SAV_x64_en-US_4.9.37.2003.cr\SCVMMCRTag.cr is incorrect on the <ServerName> server.
The filename, directory name, or volume label syntax is incorrect (0x8007007B)

The alternate error popup has the following wording.

The file name, folder name, or volume label syntax \\<ServerName>\CommonLibrary\ISOs\en_windows_7_ultimate_x64_dvd_x15-65922.iso is incorrect on the <ServerName> server.
Ensure that the path name does not contain the characters (\ / : * ? " < > | ), and then try the operation again. ID: 2905 Details: The filename, directory name, or volume label syntax is incorrect (0x8007007B)

If you look at the Change Tracking section of the task that terminated with the error you will notice that some of the information is actually being pulled through.

If you look at the actual file structure you would also notice that the default resources are actually successfully created.

It took a while to figure this one out but turns out that the VMM Library must be on NTFS.  If you attempted to use ReFS it will simply not work, you would get the errors above.

Error / Information 10804
When moving your default VMM library to another server you start seeing warning during library refresh tasks.

Information (10804)
Unable to import \\<servername>\VMM-LIB\VHD's\Blank Disk - Large.vhdx because of a syntax error in the file.
The file structure does contain the vhdx files listed in the alert but they are not visible when checking the library.

This error occurs when VHDX files are located in a library share that is hosted on an OS older that Windows Server 2012.  Since the library is populated by resources that the OS indexes it has to be able to interpret the new VHDX format which only came with 2012.

Error - Virtualization platform does not support shared ISO Images
Despite having set up ISO sharing correctly,  this happens when you deploy a new virtual machine. At creation you attempt to add an existing ISO to the hardware configuration and you "Share image file instead of copying it."  Copying the file works fine and does not generate any errors.

The two error messages that can manifest are:

When deploying to a host:

Virtualization platform on host <servername> does not support shared DVD ISO images.

When deploying to a cloud:

The virtual machine workload <VM Name> cannot be deployed to the hardware supporting cloud <Cloud Name>  Contact the cloud administrator and provide Task ID.................

Shared images cannot be attached during deployment.  To use a shared images you need to attach it to the VM after the initial deployment.

23 August 2013

Using WireShark on Windows Server Core or Hyper-V Server - Step-by-Step

Packet capture and analysis in real-time can be invaluable for troubleshooting certain issues.  If however you

are using an operating system flavor without a GUI you might find yourself a little stuck.  The steps below will assist you in setting up your core machine and another with a GUI to enable yo to remotely capture an analyse the data.

Stuff you will need

  • WireShark
  • Nmap
  • 7zip

On your GUI (management) computer you will need to install WireShark.  This can be downloaded and installed form http://www.wireshark.org/download.html

On the source machine you will need to install the WinPcap to allow you to capture the actual traffic.  There is just one small catch.  The version of WinPcap that is included with WireShark cannot be installed silently and a such on a core machine you are stuck.  Because of this I suggest you grab the WinPcap installer from Nmap which can be installed silently.  Download the full package from http://nmap.org/download.html

Use 7zip http://www.7-zip.org/download.html  to open the nmap-x.xx-setup.exe archive and simply copy the WinPacp executable winpcap-nmap-x.xx.exe

Installation steps
I will refer to the Windows core machine as core and the full GUI machine as the Management machine
All of these steps will be performed from the management machine.  All actions that happen on the core machine can be done through a remote PowerShell session.

Steps to be done on the core machine

  • Copy the WinPcap-Nmap.exe to the core machines's c:\install
  • Open PowerShell remote session to Source machine Enter-pssession Coremachine
  • Silently install with winpcap-nmap-4.02.exe /S

Next up you will have to create a firewall exception for this to be reachable from the management machine.
Since the initial connection is made over a named port but the actual capture data is sent using the dynamic range you have to add an all port rule.

  • netsh advfirewall firewall add rule name="Remote WinPcap" dir=in action=allow protocol=TCP localport=any remoteip=  <--- IP of you management machine

To turn this rule on or off use these two commands

  • netsh advfirewall firewall set rule name="Remote WinPcap" new enable=yes
  • netsh advfirewall firewall set rule name="Remote WinPcap" new enable=no

Next up you need ot start the WinPcap process so that we can connect to it and receiver packet data

  • Navigate to C:\Program Files\WinPcap
  • To start to packet capture service use .\rpcapd.exe -p 2002 -n

Steps to be done on the management machine
Install WireShark as per normal and launch the application

  • Select Capture Options
  • Click Manage Interfaces
  • Select Local Interfaces tab and check the Hide box next to all of them
  • Select remote Interfaces tab
  • Click add button
  • For the host specify the hostname or IP Address
  • The port default is 2002 (set with the -p switch earlier)
  • Null authentication as set with the -n switch earlier
  • OK
  • You should now see a number of interfaces added
  • Click Close

On the capture option main window you will see the remote interfaces listed now they are the once showing up as rpcap://hostname:2002/

  • Capture only the interface tied to the IP you want to trace
  • Uncheck Promiscuous mode (help to clean things up)

There will be a buffer size warning but it can be ignored, and hey presto, you are capturing packets from a remote  non GUI machine.  The process from here on in is the same as you would use WireShark with local traffic capture.

Close the door and turn off the lights
Once you have completed all of your packet capture stuff you need to close things up properly again.  This is especially important in this case considering what we have just enabled.

To stop the rpcapd.exe from running you ca use:

  • get-process rpcapd | Stop-Process

To uninstall WinPcap you can use

  • C:\Program Files\WinPcap>uninstall.exe /S

Close of the firewall by turning off the rule

  • netsh advfirewall firewall set rule name="Remote WinPcap" new enable=no

With just a little bit of effort you can remotely capture network packet data.  If done correctly this is a great tool to use for troubleshooting.  I have used this not only on Windows Server Core but also on Hyper-V Server, where you don't even ever have the option of adding a GUI.  As long as you clean up when you are done it does not pose any significant security risks.

If you like this article you may also like this one.

16 August 2013

DHCP - PowerShell basics and netsh equivalency

Windows Server 2012 brings a huge improvement for DHCP.  One of the best things is that all DHCP functionality can now be driven from PowerShell.  Netsh is still supported but has been deprecated.

If you are migrating from Windows Server 2008R2 to Windows Server 2012 you will most probably use a combination of these as you are moving along.

DHCP Export

Export the whole DHCP server's configuration, scopes and leases.

Export-DhcpServer -File c:\DHCP\PS-Full-Export.xml -Leases
Netsh dhcp server v4 export c:\DHCP\NetSH-Full-Export.txt all

Export a single scope

Export-DhcpServer -File c:\DHCP\PS-SingleScope-Export.xml -Leases -ScopeId
Netsh dhcp server v4 export c:\DHCP\NetSH-SingleScope-Export.txt

Export multiple names scopes

Export-DhcpServer -File c:\DHCP\PS-MultipleScopes-Export.xml -Leases -ScopeId,,
Netsh dhcp server v4 export c:\DHCP\NetSH-MultipleScopes-Export.txt,,

DHCP Import
One thing to keep in mind is that if you export a DHCP server or scope with netsh you have to import it with netsh since PowerShell and netsh produce two different file types.  PowerShell also has a mandatory backup before you can import anything new.

To export the whole DHCP server's configuration, scopes and leases.

Import-DhcpServer -File c:\DHCP\PS-Full-Export.xml -BackupPath C:\DHCP\ -Leases
Netsh dhcp server v4 import c:\DHCP\NetSH-Full-Export.txt all

PowerShell DNS cmdlts also allow you to selectively restore just the server config and or the leases.

Import-DhcpServer -File c:\DHCP\PS-Full-Export.xml -BackupPath C:\DHCP\ -ServerConfigOnly
Import-DhcpServer -File c:\DHCP\PS-Full-Export.xml -BackupPath C:\DHCP\ -ScopeId,, -Leases

Setting Options
Options can be set when the scopes are created but to change settings on existing scopes you can use the following:

This sets the lease time

Set-DhcpServerv4OptionValue -ScopeId -OptionId 51 -Value 3600
Netsh dhcp server scope set optionvalue 51 DWORD 3600

You can also used named Option in PowerShell


Set-DhcpServerv4OptionValue -DnsServer -WinsServer -DnsDomain domain.com -Router -Wpad http://proxy.domain.com/wpad.dat

When setting non-named Options you have to specify the value in the correct format. Here is an example of where the option data is in hex.

set-DhcpServerv4OptionValue -ScopeId -OptionId 43 -Value 0x3A,0x02,0x01,0x2D,0xFF

Batching netsh commands with PowerShell
This is useful if you are working with and Windows Server 2008 R2 machine.  One way to import and export or make chnages to a large number of scopes with NetSh is to generate a text file with one line per scope id.  The files typically look like this

A simply way to feed each line into netsh is with the following PowerShell command sequence.

Get-content C:\dhcp\list.txt | foreach-object { Netsh dhcp server v4 export c:\dhcp\$_ $_}

Get-content e:\dhcp\list.txt | foreach-object { Netsh dhcp server \\serverip scope $_  set optionvalue 51 DWORD 3600}

Keeping failover pairs in sync
Once you have Migrated on to Fail-over pairs it is important to remember that leases and reservation are synced automatically but scope changes and options are not.  You can use the following to sync the options and scopes back up.

Invoke-DhcpServerv4FailoverReplication -ComputerName DHCPserverName

Other handy commands
There are now stacks of different ways to get visibility on your DHCP environment.  The eamples below should givea good indication of what is now very easy to do.

To get a nicely formatted list of the scope in the shell use the following

Get-DhcpServerv4Scope | select scopeid, name | Format-Table -AutoSize

You can also filter by the scope, this looks for any scope name that contains the word WiFi

Get-DhcpServerv4Scope | WHERE {$_.name -match "WiFI"} 

To then also get the usage statistics use

Get-DhcpServerv4Scope | WHERE {$_.name -match "Centre"} |Get-DhcpServerv4ScopeStatistics

If you would like to keep the scope name and description matched you can simply run the following:

Get-DhcpServerv4Scope |Set-DhcpServerv4Scope -Description {$_.name}

01 August 2013

Activate Windows in PoweShell

Use this following script to activate your Windows machines through the PowerShell.  PSREMOTE onto the machine and just replace all the XXXXXs with your valid key

$computer = hostname
$service = get-wmiObject -query "select * from SoftwareLicensingService" -computername $computer