Making HVConfig work on a normal Server Core installation

Microsoft's Hyper-V Server 2008 product comes with a wizard, that allows easy configuration of the Server Core-based subsystem.

This tool can be used on normal Server Core installations of Windows Server 2008 too. This blogpost describes what files to copy from a US English Hyper-V Server 2008 installation, where to place them and how to install this wizard to autorun. All in five easy steps! Cool

Tip!
When you're using a different language change the En-Us bit for the files accordingly:

Language String

US English en-US

Spanish es-ES

German de-DE

French fr-FR

Italian it-IT

Japanese ja-JP

Korean ko-KR

Portugese (Brazil) pt-BR

Russian ru-RU

Simplified Chinese zh-CN

Chinese (Hong Kong) zh-TW

Chinese (Taiwan) zh-TW

Step 1

You will need to following files from a Hyper-V Server 2008 installation:

C:\Windows\System32\hvconfig.cmd
C:\Windows\System32\en-US\hvconfig.vbs
C:\Windows\System32\en-US\WUA_SearchDownloadInstall.vbs

These files are also attached to this blogpost. Check the end of this post for a download link.

Step 2

Copy the files to their respective location on your Server Core installation.
Review the instruction here to get files onto your Server Core box.

Step 3

Open the Registry Editor, by running regedit.exe and browse to the following location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Create a new String value (REG_SZ) named HVConfig. Right click it and select Modify Data from the context menu. Type C:\Windows\system32\hvconfig.cmd as the data and press the OK button to save.

Close the Registry Editor.

Step 4

Log off by typing logoff on the command prompt. Log on using an account with administrative privileges.

Step 5 (Optional)

Optionally change the contents of hvconfig.vbs to display another header.
Since we're no longer running the script on Hyper-V Server it would be appropriate to change the top banner.

Type the following command:

Notepad.exe C:\Windows\system32\en-US\hvconfig.vbs

Now change the L_Msg005_Text constant to something appropriate.

Tip!
You can also change the color of the screen by changing the second line in HVConfig.cmd. Default color is 17 (White on Blue), but I prefer 47. (White on Red)

Concluding

CoreConfigurator and CoreConfig are great tools, but HVConfig can be used just the same...

Posted: Friday, October 03, 2008 4:13 PM by Sander Berkouwer | 0 Comments

Filed under: System Administration, Microsoft Windows Server 2008, Server Core

Deploying Hyper-V Server 2008 using WDS

Hyper-V Server 2008 is Microsoft's free server hardware virtualization product. You can deploy this Microsoft product like a Windows product with your favorite deployment suite.

When you use Windows Deployment Services (WDS) or Microsoft Deployment Toolkit (MDT)to deploy Microsoft's Hyper-V Server 2008 however, you are prompted to provide a product key.

Don't be alarmed. You don't need a different license to deploy Hyper-V Server 2008 this way, but you will need a valid product key to install the product without being prompted during light touch/zero touch deployments.

This product key can be found on the DVD in the SOURCES folder. The file is called pid.txt
On the English Hyper-V Server 2008 DVD this file contains the following product key:

Q8R8C-T2W6H-7MGPB-4CQ9R-KR36H

Note:
This product key will only work with Hyper-V Server 2008 media. It is not possible to install a Full installation or Server Core installation of Windows Server 2008 with this product key.

Tipjar: Reinder was the first to mention this little tidbit.

Posted: Friday, October 03, 2008 2:45 PM by Sander Berkouwer | 0 Comments

Filed under: System Administration, Virtualization

How to install Microsoft Hyper-V Server 2008

Microsoft released a new server hardware virtualization product yesterday: Microsoft Hyper-V Server 2008. I've already discussed this product in full detail a while ago, so today I'll show you how to install this free and optimized Hyper-V product in five easy steps:

Step 1

Choose a good box to use. The processor should be a recent x86-64 one, like an AMD64 Athlon64, an AMD64 Opteron, or an Intel Core Duo processor. The motherboard and BIOS should be equipped with Hardware-assisted Virtualization and Hardware-enforced DEP.

Consult with your hardware vendor for suitable boxes before purchasing a suitable box.

Tip!
If you have a box you think is suitable download and run SecurAble, a tool by Gibson Research Corporation. It will not only show whether your hardware meets the requirements, but also whether Hardware Assisted Virtualization and Hardware-enforced DEP are enabled in BIOS.

Step 2

Download the ISO file containing Microsoft Hyper-V Server here.
It's available in English, German, Japanese, French, Spanish, Chinese Hong-Kong, Chinese Simplified, Korean, Portuguese (Brazil), Chinese Traditional, Italian and Russian.

Burn the 929 MB Weighing ISO file to a DVD or look here for instructions on creating a bootable USB disk or using your TCP-IP network instead.

Step 3

Boot your Hyper-V capable server from the installation media.
Wait until Windows is finished is loading files.

Select your language.

Select your regional and keyboard settings. When done press Next.

Press Install Now.

Read through the End User License Agreement (EULA) and select the I accept the license terms option before pressing Next.

Select the Custom (advanced) option for installation (Upgrade is unavailable)

Partition the disk(s) the way you want to and press Next to commence installation.

Wait for the Installation wizard to copy files, expand files, install features and install updates. Your server will restart before finishing installation and will restart again.

Step 4

Logon to the freshly created Hyper-V server installation by pressing the Other User button and specifying Administrator as the username and a blank password. Type a new password afterwards and confirm it.

Step 5

After logon the Hyper-V Configuration Tool (hvconfig.cmd) automatically launches. Use it to:

Change workgroup settings or domain membership settings *
Change the computer name *
Change network settings
Add local Administrator accounts
Change Windows Update settings
Download and install Windows updates.
Change Remote Desktop settings
Change Regional and Language settings (through inet.cpl)
Change Date and Time settings (through timedate.cpl)
Log off, restart and shutdown the box
Exit to the command prompt

* Changing these settings requires a restart

Concluding

Setting up Microsoft Hyper-V Server is a piece of cake and can be achieved in 13 minutes.

If Joep Piscaer can do it, I don't think Eric Horschman would find it too difficult, dry or crunchy...

Working with disks

Converting

Windows Server offers two types of disks: Basic disks and Dynamic disks. By default Windows Server 2008 installs on a basic disk.

Basic disks follow the PC BIOS rules, containing up to four partitions. Each of them can be a primary partition and at most one can be an extended one. All these partitions are described by 16-byte entries that constitute the Partition Table which is (normally) located in the Master Boot Record. Dynamic disks, introduced in Windows 2000, can hold any number of simple volumes, spanned volumes, mirrored volumes, striped volumes, and RAID-5 volumes.

With dynamic disks, you can have more volumes and perform disk and volume management without having to restart the operating system, but you will no longer be able to boot Operating Systems that don't support dynamic disks, like Windows 9x and Windows NT4.

Converting your first disk to dynamic can be done using the following commands:

diskpart.exe
DISKPART> select disk 0
DISKPART> convert dynamic
DISKPART> exit

Using the list disk command inside the diskpart.exe context shows you the disks in your Server Core box. This enables you to select the right disk to convert.

You can also convert an empty dynamic disk (a dynamic disk without any volumes on it) back to a basic disk. Use convert basic instead of convert dynamic inside the diskpart.exe context to achieve this.

Working with volumes,partitions

Creating

On a basic disk you can create partitions. On dynamic disks you can create volumes.

Tip!
after selecting a disk (select disk) in the diskpart.exe context and using the disk detail command, you can view details on the disk and the partitions/volumes on it.

Partitions

You can create two types of partitions: primary partitions and extended partitions. Inside extended partitions you can create logical partitions. The command to do this in is diskpart.exe again. The commands to create these partitions inside the diskpart.exe context are:

create partition primary
create partition extended
create partition logical

You can provide optional size= and offset= parameters to prevent the commands from slurping up every available unused byte on the disk. The values of these parameters are interpreted in MegaBytes (MBs).

Example:

diskpart.exe
DISKPART> select disk 0
DISKPART> create partition primary size=1539
DISKPART> exit

This command will create a primary partition in unused space on a basic disk, 1539 MB in size (displaying as 3,00 GB)

Volumes

You can create three types of volumes on dynamic disks: Simple volumes, striped volumes and RAID5 volumes. Simple volumes resemble primary partitions: they reside on one disk. Striped volumes offer RAID0 functionality and use space on 2 dynamic disks. RAID5 disks can use space on a minimum of three dynamic disks, offering fault tolerance.

The commands to create these volumess inside the diskpart.exe context are:

create volume simple
create volume stripe
create volume raid

For the create volume stripe and create volume raid commands you need to use the disk= parameter to provide the IDs of the disks to use, separated by commas.

You can provide optional size= parameter to prevent the commands from slurping up every available unused space on the disk. The values of these parameters are interpreted in MegaBytes (MBs).

Example:

diskpart.exe
DISKPART> create volume raid size=20483 disk=1,2,3
DISKPART> exit

This command will create a RAID5 volume in unused space on a dynamic disks with IDs 1, 2, and 3, 1539 MB in size (displaying as 3,00 GB)

Shrinking

On both basic and dynamic disks you can shrink partitions/volumes inside the diskpart.exe context. This allows you to use free space inside a partition or volume and make it into unused space on a disk, so you can create new volumes/partitions.

While this command sounds exciting, a couple of requirements exist:

The volume/partition must be formatted using NTFS
The command does not work on RAID5 volumes

You can use this command in three ways: You can use it without any parameters, with the desired= parameter and with both the desired= and minimum= parameters.

When used without parameters the selected volume/partition will be shrunk with the maximum amount, eating away all free space in the partition/volume. This is potentially dangerous to your system when done on the partition/volume Windows is installed.
When used with the desired= parameter the volume/partition is shrunk by the amount of MegaBytes (MBs) you specify. You will receive an error when the amount of free space is not available in the volume/partition
When used with both the desired= and minimum= parameters you can specify a maximum and minimum amount of MegaBytes (MBs) to shrink the volume/partition. The volume/partition will at least be shrunk with the amount of MegaBytes(MBs) supplied with minimum= and as much as possible of the amount you specified with the desired= parameter.

Example:

diskpart.exe
DISKPART> select disk 0
DISKPART> select volume 1
DISKPART> shrink desired=1500
DISKPART> exit

This command will shrink the first volume on the first disk with 1500 MBs.

Extending

Besides shrinking a volume/partition, extending it is also an option. On basic disks you can extend a partition with unused space on the same disk. When using multiple dynamic disks you can optionally use space on a different disk. If the partition was previously formatted with the NTFS file system, the file system is automatically extended to fill the larger partition. No data loss occurs.

You can provide an optional size= parameter to prevent the commands from slurping up all available unused space on the disk. The values of this parameter is interpreted in MegaBytes (MBs). When extending a volume on a dynamic disk with unused space on a different dynamic disk, you can use the size= parameter to specify the disk with unused space.

Example:

diskpart.exe
DISKPART> select disk 0
DISKPART> select volume 1
DISKPART> extend size=1500 disk=2
DISKPART> exit

This command will extend the first volume on the first disk with 1500 MBs using unused space from disk 2.

Deleting

Of course deleting a volume or partition is also possible. If you want to you can delete the volumes and partitions on your basic or dynamic disks with ease in the comfort of the diskpart.exe context. All you need to do is select it and type delete. followed by the type. (partition or volume)

Example:

diskpart.exe
DISKPART> select disk 0
DISKPART> select volume 1
DISKPART> delete volume
DISKPART> exit

This command will delete the second volume on the first (dynamic) disk.

Working with drives

Formatting and assigning a drive letter

Disks, partitions and volumes are not very useful without a file system. While partitions and volumes can be placed on disks, file systems can be placed on volumes and partitions. Inside the context of diskpart.exe you can also place filesystems on volumes and partitions. You can specify the following parameters:

Parameter	Values	Description
fs=	ntfs, fat or fat32	Specifies the file system to use when formatting the volume or partition
label=" "	Any	Specifies a label
quick		Specifies whether to perform a quick format
compress		Specifies whether to enable compression. (Can only be used when using NTFS file system)

After formatting a partition or volume you can assign a drive letter using the assign command in the diskpart.exe context.

Example:

diskpart.exe
DISKPART> select disk 0
DISKPART> select volume 2
DISKPART> format fs=ntfs label="Compressed Data" compress
DSKPART> assign letter=e
DISKPART> exit

This command will format the second volume on the first (dynamic) disk with the NTFS filesystem and enable compression. The specified label is Compressed Data. The disk will be accessible as E:\.

Reformatting existing drives

Format.exe is another command that can be used to format existing volumes and partitions. It offers some more features than the format command in the diskpart.exe context. Using format.exe you can specify the allocation unit size to use on FAT, FAT32, or NTFS volumes (/a), the number of tracks on the disk (/t) and the number of sectors per track (/n). Optionally you can dismount the volume before it is formatted: Any open handles to the volume will no longer be valid.

Checking

To check the file system and file system metadata of a drive for logical and physical errors you can use the chkdsk.exe and chkntfs.exe utility.

Chkdsk.exe

When you're an administrator (or equivalent) on the Server Core installation you can use chkdsk.exe to analyze and optionally fix problems on your disks. These problems can be bad sectors, bad clusters, corrupt index entries and cycles within the folder structure.

Example:

chkdsk.exe D: /f

This example command will check the disk in drive D and fix errors. Your Server Core box may need to be restarted before analysis and fixing will commence.

Chkntfs.exe

When you're an administrator (or equivalent) on the box you can also use the chkntfs.exe utility to display the file system type, the status of the file system dirty bit, and whether or not chkdsk.exe is manually scheduled to run against the volume at boot time.

Example:

chkntfs.exe /D

This example command will disable the previous chkdsk.exe command, that was scheduled to run at the next reboot. (and any other scheduled chkdsk.exe commands)

Defragmenting

Defragmentation is actually pretty simple once you know where to find defrag.exe, which is the tool that locates and consolidates fragmented files on local volumes. It is located in the Windows\System32 folder on your System drive. Since this folder by default is part of the %PATH% variable you can simply execute it from any location by typing defrag.exe.

Example:

defrag.exe -c

This example command will defragment all volumes on the Server Core box.

Concluding

You need disks to store data. Disks can contain volumes or partitions, depending on their type (basic or dynamic). Volumes and partitions can be formatted to create drives. You can read and write data from within Server Core on drives only.

Working with disks, partitions, volumes and drives isn't very hard when you know the commands. Use a ? or help switch or command in case you need help with these.

The Windows you know

Eric Horschman concludes Server Core is for experts only, since it lacks the Graphical User Interface and therefor is not "the Windows you know".

Graphical User Interface

Readers of this blog know Server Core has some Graphical User Interface to do familiar tasks, so the argument isn't a 100% argument. In the video the timezone and language settings weren't set or changed. These settings actually offer graphical elements.

Scripting

Furthermore Microsoft has introduced scripting questions in almost every exam it issued since the NT4 era. Since it's a bad idea to let non-Microsoft certified admins touch your Windows servers, you'll probably won't let non-Microsoft certified admins virtualize these server, now would you? These admins have at least a basic understanding of scripting in Windows. Most of the command line tools used to configure Server Core are commands introduced ages ago. Experienced Microsoft admins script a lot and are familiar with the netdom.exe, shutdown.exe and netsh.exe commands. They also know you can rename a computer and join it to a domain with only one reboot. (instead of two)

All-roundness

It's hard to find or make all-round admins. Admins tend to focus on one platform and try to excel on it, to make it worth their while. All-round admins with knowledge, experience and certification in Microsoft, Novell, Red Hat and VMWare products are hard to find or make. Virtualizing Windows Servers on VMWare products requires more knowledge of products, that most of the time look and feel nothing like Microsoft products. (especially under the hood)

Wizard

Of course VMWare has done a good job making ESXi 3.5 a product that is configurable using an easy wizard. You have to give them credit for making deployment as easy as that.

Microsoft doesn't have a nice wizard for Server Core, but is introducing one in Hyper-V Server, which is just around the corner. Guy Teverovski's CoreConfigurator is a good help too, although it has its rough edges and is officially unavailable due to Guy's former employer. (available unofficially here)

The problem with wizards however is how to change settings that aren't covered by the wizard? (partition sizes for example)

Easier and faster to deploy ESXi

The video shows ESXi goes from bare-metal to fully installed in one-third the time, half the mouse clicks, hundreds fewer keystrokes and just one reboot compared to Hyper-V's seven reboots. These seven reboots are:

Installation (2 reboots)
Change Hostname
Join Active Directory domain
Install Hyper-V RTM package
Install Hyper-V role (2 reboots)

Comparing a full-blown Operating System and an optimized Hypervisor seems this easy, but it's comparing apples and oranges. Comparing ESXi and Hyper-V Server (as suggested in the comments on the VMWare blog) will remain comparing apples and oranges.

VMWare ESXi

VMWare's ESXi 3.5 is a stand-alone hypervisor, optimized to virtualize high available workloads and work together with VMWare's Virtual Infrastructure.

Server Core

A Server Core installation of Microsoft Windows Server 2008 with Hyper-V enabled roughly offers the same functionality, but also offers the benefits of a full Operating System. Drivers are mostly the same for Server Core installations and Full installations of Windows Server 2008, making Hyper-V run on far more hardware configurations. Other features offered are drive encryption (Bitlocker), SNMP, multiple remote management methods and integrated backup using shadow copies.

Hyper-V Server

Microsoft Hyper-V Server is an optimized version of a Server Core installation of Microsoft Windows Server 2008 Standard Edition. It offers the same benefits as a Server Core installation, but lacks high availability and is limited to 4 processor sockets, 32GB of RAM and 196 virtual machines.

Note:
Some features VMWare's products offer (notably Live Migration and Memory Overcommit) aren't available in Microsoft products yet.

In a table it looks like this:

Product	Foot print	Full OS installed	High Availability	Easy to deploy	Free
VMWare ESXi 3.5	32 MB	No	Yes	Yes	Yes
Windows Server 2008 Server Core with Hyper-V Role enabled	2 GB	Yes	Yes	No	No
Hyper-V Server	1 GB	Yes	No	Yes	Yes

It looks like Microsoft will have two offerings to appeal to VMWare's ESXi audience. For people looking to deploy virtualization in a cost-effective and wizard driven way without fancy virtualization features, there's Hyper-V Server. For business interested in high available, but safe virtualization there's Server Core installations of Windows Server 2008.

Concluding

Letting a Windows Server 2008 Server Core installation compete with a VMWare ESXi installation... The two products are very different and comparing them merely displays a thorough misunderstanding of this fact.

Microsoft seems to be looking closely at every move by VMWare, and making up for misconceptions made in the past. Diversification of Hyper-V enabled products seems inevitable, targeted at possible VMWare ESXi audiences.

On a personal note

It's actually faster and easier to deploy Hyper-V than Eric wants you to believe: Using version 1.1 of the Windows Automated Installation Kit (WAIK) together with slipstreaming the Hyper-V updates and using one reboot to change the computername and join domain can elimate 3 of the 7 reboots and at least 15 minutes of time.

Hyper-V can be installed by default using a custom unattend.xml, eliminating the two restart to install the Hyper-V role and the time it takes to install the role. The role would be installed by default. John Howard explains this in great detail in these two blogposts:

Hyper-V can already be updated by default, eliminating the need to download the Windows Update and restart.

Note:
These changes have already been applied in the Hyper-V server media, which makes it more hypervisor-optimized, compared to a Server Core installation of Windows Server 2008 RTM.

Your opinion matters!

What's your opinion? Should I even comment on this kind of VMWare propaganda? Do you feel like Eric Horschman did a good job, being a Marketing Director? Do you feel I'm wrong in my nuances? Am I helping setting the record straight or do you feel I'm only a FUD-slinging Microsoft addict? Am I too late to the party? Do you think I'm obsessing on the technical details too much? Do you want to see a download link to my custom hypervisor-optimized Windows Server 2008 media? Do you want to see more posts like these? Leave a comment!

Concluding

This is the kind of stuff I used to read from Microsoft Press books, when I studied to become a Microsoft Certified Systems Engineer. Now you can read this stuff online for free!

A must-read for novice Active Directory admins, a useful companion for referring/checking?

About Mark Wilson

Mark Wilson is currently employed as a Senior Customer Solution Architect for a leading IT services company. He has 14 years’ experience of IT infrastructure projects within the United Kingdom, continental Europe and Australia. Mark is the author of the markwilson.it blog, which comments on Mark’s technology experiences (as featured in The Independent newspaper). His opinion has been quoted in the IT trade publications IT Week and Computer Weekly and he has also contributed articles that have been published in Computer Weekly and on Microsoft UK’s Industry Insiders ‘blog.

About the MCS Talks

The MCS Talks Infrastructure Architecture TechNet Webcasts share real world experience of designing and architecting core Microsoft technologies in an enterprise environment. A number of different MCS consultants will give you a high level discussion of the different architectural and design options available and provide you with a good idea of how to approach the deployment of the technology being discussed.
Check out the webcasts on the MCS Talks blog.

Posted: Thursday, September 25, 2008 9:22 PM by Sander Berkouwer | 1 Comments

Filed under: Active Directory, System Administration, Best Practices

About Microsoft Hyper-V Server 2008

Microsoft announced the much anticipated Hyper-V Server Stock Keeping Unit (SKU) last week and they intend to launch the product in the coming thirty days.

This Microsoft virtualization product is targeted at customers who want to benefit from Hyper-V, but want to keep their server environment a strict Windows Server 2003, Windows 2000 Server or SuSe Linux environment. Why Hyper-V is specifically targeted at this specific situation is also clear. When you're already deploying Windows Server 2008 in your environment, why not install a fully fledged Windows Server 2008 Parent Partition? The license is already there.

Free

Hyper-V Server is free of charge and can be downloaded from the Microsoft Downloads website within the next 30 days. Microsoft decided to drop the former $28 price tag.

Hyper-V server is not open source or free software. It's downloadable at no cost.
Microsoft is dedicated to providing an open and interoperable platform strategy as an alternative to VMWare's closed strategy. I guess making Hyper-V open source is a bridge too far...

Server Core

Since the hypervisor in Hyper-V utilizes a Parent Partition to communicate with the hardware through the VMBus Microsoft bundles the hypervisor part of Hyper-V with a special Server Core installation of Windows Server 2008 x64 Standard Edition. The part that makes this version of Server Core so special is Microsoft removed all Server Role and a lot of Feature installation components, except the Hyper-V role, which is installed by default.

Tip!
If you want to remove excess bagage from your Server Core installation as well, Andrew Mason explained removing Server Core Server roles and features here.

Available Server Features are Bitlocker Drive Encryption (BDE) and Windows Backup.

One huge difference between a Server Core installation of Windows Server 2008 and Hyper-V Server struck me after I first witnessed the product: After you log on to a Hyper-V Server, you're presented with a command prompt window, with a nice menu, showing initial configuration options:

Change Workgroup / Domain membership
Change the Computer name
Change Network settings
Add a local administrator
Change Windows Update Settings
Download and install updates
Change remote setttings
Log off / restart / shutdown the server
Exit to command line

You can see the menu in action here.

As you can see activating your Windows installation is one of the big options that is missing from this list when you compare it to the Initial Configuration Tasks wizard in a Full installation of Windows Server 2008... Microsoft removed Windows Activation from Hyper-V Server, which eliminates much of the hassle people reportedly have had with slmgr.vbs.

Setting up your Parent Partition was never this easy!

Standard Edition

Microsoft Hyper-V Server 2008 can largely be compared to an x64 Server Core installation of Windows Server 2008. It follows its system hardware constraints:

Support for up to 4 processor sockets.
Support for up to 32GB of RAM (31GB max available to Virtual Machines)

There are two main differences with Windows Server 2008 Standard Edition though, both in the field of Windows licensing:

Hyper-V Server 2008 does not include a license for installation of a Child Partition.
A Windows Server 2008 Standard Edition with Hyper-V license includes a license for installation of a Parent Partition and installation of one Child Partition.
Hyper-V Server 2008 allows up to 128 Child Partitions.
There is no limit on the maximum number of Child Partitions in a Standard Edition of Windows Server 2008 with Hyper-V.

Management

Using the 2008 version of Microsoft's Virtual Machine Manager product from the System Center range of products you can manage Hyper-V servers, no matter whether they are Full Installations of Windows Server 2008, Server Core installations of Windows Server 2008 or Hyper-V server installations. Using the Hyper-V Management Tools from a Windows Vista with Service Pack 1 or Windows Server 2008-based host is possible too in all three Hyper-V products.

Concluding

Hyper-V Server is an easy Hyper-V platform for situations where you don't need to utilize more than four processors, 32MB Ram, have no High Availability (HA) needs, are not planning more than 128 virtual guests, have licenses in place to virtualize your current Windows servers (no OEM licenses) and/or don't have the budget to purchase a Windows Server 2008 license. Typical scenario would be a Windows Server 2003 SP2 -only back-end environment.

Can someone please make the special Hyper-V menu available in normal Server Core installations of Windows Server 2008 as well? Thanks!

Componentization

According to many Windows needs to become more componentized to avoid a collapse under it's own weight. The logical answer is to divide Windows into components that you can install / uninstall and combine. The only way to do this is using a strict architecture.

Microsoft follows two paths when it comes to componentization. It's removing features from Windows and moving them into the cloud to become Windows Live Services. On the other hand it's also dividing Windows architecturally. Kernel Mode vs. User Mode is one of the first steps in this process. State vs. Code separation seems to be the next step for Microsoft.

Server Core is Microsoft's first attempt to componentize Windows Server. The choice was made to make it an Enterprise Infrastructure focused version, but the experience Microsoft has developing, managing, distributing, marketing and supporting this version will prove to be immensely important for future versions, including but not limited to MinWin.

Virtualization

State vs. Code separation is one of the pillars for Application Virtualization (App-V) and other pieces of Microsoft's Virtualization strategy. This strategy consists of four different technologies and includes Terminal Services, Application Virtualization (App-V), Server Hardware Virtualization (Hyper-V), Windows Vista Enterprise Centralized Desktops (VECD) and the Microsoft Desktop Optimization Pack (MDOP) that in a future version will include the recently acquired technologies from Kidaro. (Med-V)

Server Core already plays a significant role in virtualization, when it comes to Hyper-V. Microsoft already recommends using a Server Core installation of Windows Server 2008 to act as your Hyper-V Parent Partition. Your Parent Partition would require less patches, less reboots, less bandwidth and is less vulnerable to malicious software. I bet Server Core will also play an important role in the soon to be released Hyper-V Server SKU.

Security

Experiences from Server Core enable Microsoft to make the Windows Operating System inherently safer. While Server Core does without Explorer, Internet Explorer, the Event Viewer and many other Graphical User Interface (GUI) components, it's still able to update using Windows Update. You're still able to manage it in secure ways remotely and you can use Group Policy settings within your securely managed Active Directory environment, including auditing.

A Server Core installation of Windows Server 2008 is not only a really manageable Windows installation, but also a secure Windows installation by default. It's attack surface is significantly reduced compared to a Full installation of Windows Server 2008. It is a perfect example of the "Deploy secure, keep secure" thought that is the basis of Trustworthy Computing.

Reliability

Removing rogue interdepencies between different architectural layers of Windows, applications and users and replacing them with standard buses can serve as a reliability and stability measure.

Windows Vista and Windows Server 2008 were the first versions of Windows without Kernel Mode video drivers. In previous versions a Windows hang could easily be invoked by a rogue video driver. In Windows Vista this risk has been drastically reduced.

Concluding

Do not underestimate the importance of Server Core.

The challenge

In an environment with a lot of applications running from the network, the customer was looking for a centralized Start Menu, where individual people could be given access to these applications based on Active Directory group membership.

The implementation

I installed a new Windows Server 2003 server with Service Pack 2. I installed it with a 20GB C:\ drive and made the rest of the RAID container a D:\ drive. I made it a member of the Active Directory domain. I installed the i386 Access-based Enumeration package and created shares called Shared and Apps for two folders with the same name on the data volume of the server. I created a subfolder called StartMenu in the Shared share and enabled Access-based Enumeration on both folders.

I made an inventory of all the applications in use on the network and gathered installation and licensing instructions per application. I then went forward with installing all applications in the Apps share and placing shortcuts to these programs in the StartMenu folder on the Shared share. I also copied the Start Menu items I found useful from the default Start Menu to this folder. (Accessories, etc)

After installing each application and making a shortcut for it I made three Global Security groups in Active Directory:

Data group ServerName Apps Application Name CH
Membership of this group provides Modify NTFS rights to the folder where an application is stored.

Data group ServerName Apps Application Name RX
Membership of this group provides Read and Execute NTFS rights to the folder where an application is stored.

Application group Application Name
Membership of this group provides access to the shortcut to an application from the shared Start Menu.

I then changed the Security on the subfolder on the Apps share to exclude anything but the default Administrators, OWNER and CREATOR rights and add both data groups with their appropriate rights. I also touched the Security on the subfolder in the StartMenu folder in the Shared share to exclude anyone but the default Administrators, OWNER and CREATOR rights and added the Application group with Read and Execute rights. Depending on the application I then added the Application Group as a member of one of the data groups.

The last step is to configure a policy for an Organizational Unit with useraccounts you want to enjoy the centralized Start Menu. The policy settings I applied were:

Remove common program groups from Start Menu
Located in the User Configuration\Administrative Templates\Start Menu & Taskbar portion of a default Group Policy Object, this policy setting disables the usage of the shortcuts in the Start Menu located in C:\Documents and Settings\All Users.
Start Menu
Located in the User Configuration\Windows\Settings\Folder Redirection portion of a default Group Policy Object, this policy settings when double clicked allows to redirect the Start Menu for useraccounts in any of the three ways:
- Basic - Redirect everyone's folder to the same location
- Advanced - Specify locations for various user groups
- Not configured

I enabled the first Group Policy setting and configured the second setting to do a basic redirection to redirect to the following location: \\ServerName\Shared\StartMenu.

Alternatives

As an alternative to the centralized Start Menu implementation above you may opt to:

use a login script in which you create shortcuts
Administrators would have no overview of shortcuts and their validity and it's hard to troubleshoot without scripting knowledge.
use a login script or Group Policy Preferences to copy shortcuts
By placing the shortcuts on a central location (for instance the NETLOGON folder) you can copy them using a login script or Group Policy Preferences. When users find the location of these shortcut however they can access them and find out properties on the applications.
Make shortcuts hidden when they don't apply
You can place all shortcuts for all applications in your image or in a redirected folder and use a login script to hide shortcuts. This approach uses the principle of the Start Menu not displaying hidden shortcuts. I classify this approach as security by obscurity, because when you right-click on the Start Menu button you can still use the explorer to browse through the items. Depending on your Folder Options you can see hidden items. It's a cosmetic solution only.
Redirect Start Menus per Organizational Unit (OU)
In some environments departments and their respective Organizational Unit (OU) can be used to redirect the Start Menu per department. From my experience however a 100% one-on-one relationship never exists. Some people belong to multiple departments, sometimes people need to access applications used primarily in other departments, people move between departments, but still need their applications, etc.

Concluding

When your challenge is to implement a centralized Start Menu solution take a good look at the following technologies:

Windows Server 2003
Active Directory
Access-based Enumeration
Folder redirection

They can be combined in a very useful way!

Licensing flexibility

Quoting from the release:

Beginning Sept. 1, 2008, customers will be able to move any of 41 Microsoft server applications between servers within a server farm as often as necessary without paying additional licensing fees, and they can take advantage of expanded specialized technical support.

This new licensing flexibility allows both licenses and software to move more freely across servers in a server farm. According to the TechNet Virtualization Blog however it only applies to up to two data centers each physically located in a time zone that is within four hours, or within European Union (EU) and/or European Free Trade Association (EFTA), don't apply to OEM licenses and don't apply to Windows licenses.

The Microsoft products enjoying these new licensing rules are:

Microsoft Connected Services Framework Server 3.0
Connected Services Framework SBE Server Billing 3.0
Connected Services Framework SBE Server Order Handling 3.0
Microsoft Customer Care Framework 2008
Microsoft Duet for Microsoft Office and SAP
Microsoft Dynamics CRM 4.0 Enterprise Server
Microsoft Dynamics CRM 4.0 Professional Server
Microsoft Exchange Server 2007 Enterprise Edition
Exchange Server 2007 Standard Edition
Microsoft Forefront Client Security (Management Console)
Forefront Client Security with SQL Server 2005 Technology (Management Console)
Forefront Server Security Management Console
Microsoft Identity Lifecycle Manager 2007
Microsoft Office Communications Server 2007 Enterprise Edition
Office Communications Server 2007 Standard Edition
Microsoft Office Forms Server 2007
Office Forms Server 2007 for Internet sites
Microsoft Office Groove Server 2007
Microsoft Office PerformancePoint Server 2007
Microsoft Office Project Portfolio Server
Microsoft Office Project Server 2007
Microsoft Office SharePoint Server 2007
Office SharePoint Server 2007 for Internet sites
Microsoft Search Server 2008
SQL Server 2008 Enterprise (Server/CAL)
Microsoft System Center Configuration Manager 2007
System Center Configuration Manager 2007 with SQL Server 2005 Technology
Microsoft System Center Data Protection Manager 2007
Microsoft System Center Essentials 2007
System Center Essentials 2007 with SQL Server 2005 Technology
Microsoft System Center Mobile Device Manager 2008
System Center Mobile Device Manager 2008 with SQL Server 2005 Technology
Microsoft System Center Operations Manager 2007
System Center Operations Manager 2007 with SQL Server 2005 Technology
Microsoft System Center Virtual Machine Manager 2007
Microsoft Visual Studio Team System 2008 Team Foundation Server with SQL Server 2005 Technology
Visual Studio Team System 2008 Test Load Agent

Extended support policies

Another big change is extended support for Microsoft products running on non-Microsoft Hardware virtualization products. According to an update to what seems to be the most quoted Microsoft Knowledgebase article on virtualization blogs, no longer a Premier-level is required to lift the requirement to reproduce any specific problems on physical hardware: A Server Virtualization Validation Program (SVVP) passed hardware virtualization solution on "Designed for" and "Certified for" hardware will suffice. Vendors like Citrix, Novell, Sun, Virtual Iron get mentioned on the webpage of the program, but Cisco and VMWare also seem to be on board.

The following Microsoft product enjoy the new extended support policies:

Microsoft Application Virtualization (App-V) version 4.5 (and later versions)
Microsoft BizTalk Server 2006 R2 (and later versions)
Microsoft Commerce Server 2007 Service Pack 2 (and later versions)
Microsoft Dynamics AX 2009 (both server and client) (and later versions)
Microsoft Dynamics CRM 4.0 (and later versions)
Microsoft Dynamics NAV 2009 (and later versions)
Microsoft Exchange Server 2007 Service Pack 1 (and later versions)
Microsoft Forefront Client Security
Microsoft Intelligent Application Gateway (IAG) 2007 Service Pack 2 (and later versions)
Microsoft Forefront Security for Exchange (FSE) *
Microsoft Forefront Security for SharePoint (FSP) *
Microsoft Host Integration Server 2006 (and later versions)
Microsoft Internet Security and Acceleration (ISA) Server
Microsoft Office Groove Server 2007 Service Pack 1 (and later versions)
Microsoft Office PerformancePoint Server 2007 Service Pack 2 (and later versions)
Microsoft Office Project Server 2007 Service Pack 1 (and later versions)
Microsoft Office SharePoint Server 2007 Service Pack 1 (and later versions)
Windows SharePoint Services 3.0 Service Pack 1 (and later versions)
Microsoft Operations Manager 2005 Service Pack 1 (agents only) **
Microsoft Search Server 2008 (and later versions)
Microsoft SQL Server 2008 (and later versions) ***
Microsoft System Center Configuration Manager 2007 Service Pack 1 (both server and agents) (and later versions)
Microsoft Systems Center Data Protection Manager 2007 ****
Microsoft System Center Essentials 2007 Service Pack 1 (and later versions)
Microsoft System Center Operations Manager 2007 (both server and agents) (and later versions)
Microsoft System Center Virtual Machine Manager 2008 (both server and agents) (and later versions)
Microsoft Systems Management Server 2003 Service Pack 2 (agents only)
Microsoft Visual Studio Team System 2008 (and later versions)
Microsoft Windows HPC Server 2008 (and later versions)
Windows Server 2003 Web Edition with Service Pack 2
Microsoft Windows Server Update Services 3.1 (and later versions)
Windows Web Server 2008

* intended for availability in the third quarter of 2008
** More information here
*** except as documented in the "SQL Server 2008 Books Online" publication
**** only for agent-side backup.

Readiness events

Microsoft will host a load of worldwide events in the coming months under the "Get Virtual Now" moniker. On the Get Virtual Now website you can register to get started on Microsoft Hyper-V, Microsoft System Center Virtual Machine Manager 2008, Microsoft Application Virtualization (App-V) 4.5 and the implications these disruptive technologies have on security, management, flexibility and cost-effectiveness.

The series of more than 100 events started on August 3 in South Africa during Tech∙Ed South Africa in Durban. (Africa's Zulu Kingdom's bewitching seaside playground) The series continues September 8 with a U.S. kickoff event and is slated to cover more than 50 countries. The U.S. "Get Virtual Now" event will feature Microsoft executives Bob Muglia, senior vice president of the Server and Tools Business; Kevin Turner, chief operating officer; and Bob Kelly, corporate vice president of infrastructure server marketing within the Server and Tools Business.

Coming soon to a venue near you!

Concluding

Microsoft seems to finally have the tools to successfully virtualize our workloads.
I still have a couple of questions regarding Microsoft's virtualization strategy, but I guess I'll just ask these later...

Language	String
US English	en-US
Spanish	es-ES
German	de-DE
French	fr-FR
Italian	it-IT
Japanese	ja-JP
Korean	ko-KR
Portugese (Brazil)	pt-BR
Russian	ru-RU
Simplified Chinese	zh-CN
Chinese (Hong Kong)	zh-TW
Chinese (Taiwan)	zh-TW

News

Recent Posts

Related

Affiliates

Tags

Navigation

Aggregation

Top posts in the past

Archives

Step 1

Step 2

Step 3

Step 4

Step 5 (Optional)

Concluding

Step 1

Step 2

Step 3

Step 4

Step 5

Concluding

Related posts

Further reading

Working with disks

Converting

Working with volumes,partitions

Creating

Partitions

Volumes

Shrinking

Extending

Deleting

Working with drives

Formatting and assigning a drive letter

Reformatting existing drives

Checking

Chkdsk.exe

Chkntfs.exe

Defragmenting

Concluding

Further reading

The Windows you know

Graphical User Interface

Scripting

All-roundness

Wizard

Easier and faster to deploy ESXi

VMWare ESXi

Server Core

Hyper-V Server

Concluding

On a personal note

Your opinion matters!

Related posts

Further reading

Concluding

About Mark Wilson

About the MCS Talks

Free

Server Core

Standard Edition

Management

Concluding

Related Posts

Further reading

Server Core and MinWin

Componentization

Virtualization

Security

Reliability

Concluding

Related posts

Further reading

The challenge

The implementation

Alternatives

Concluding

Further reading

Licensing flexibility

Extended support policies