Nested Hyper V in VmWare

To run Hyper-V in VMWare you need to edit the .vmx file and append the following to allow a hyper visor to be virtualised.

hypervisor.cpuid.v0 = “FALSE”

mce.enable = “TRUE”

vhu.enable = “TRUE

Hyper V Replicas (non Clustered)

A Hyper V Replica provides a form of high availability which is useful in inter-site failover situations. Failover clusters generally operate in a single site - however if that site is compromised by a natural disaster or a major incident, then the service would fail.


With a replica, the VM can be trickled to another site, and in the event that failover is required the service can keep running with a recent copy of the source VM.


  1. Go to the settings of the Hyper V host that will hold the replica > Go to Replication Configuration
    1. Click Enable this computer as a replication server
    2. In a production environment, certificates should be used to configure the transfer of the vhd/x file over SSL. A suitable certificate needs to be issued from the company CA and imported into the personal store of both the Primary and the replica server. Also this method allows the replication to another domain even if it's untrusted.
    3. Configure the Authorization and storage section. Allow replication from specified servers and also the location the VHDX file will be stored on the replica machine.
    4. Repeat this on the primary machine
  2. Go to the Firewall and enable "Hyper-V Replica HTTP Listener (TCP-In)" or the HTTPS Version depending on method. This needs to be configured the same on both the primary and the replica server to allow failback.
  3. On the primary server, right click on the VM and click "Enable Replica". Follow the wizard.
  4. Remember that the VMs are likely to be on different subnets, so this needs to be configured in the TCP/IP settings of the VM (not the HV Host) so that when the VM fails over its IP address changes accordingly.


This feature can be configured in a daisy chain so that if the replica fails, another replica of that can then take over in a 3 site scenario (or more).


Single remote machine gpupdate:


Invoke-GPUpdate -Computer Computername -Force


 A whole OU


Invoke-GPUpdate -Filter * -Searchbase "CN=Computers,DC=TeamRou,DC=Local"


All Computers


Get-ADComputer -Filter * | ForEach {Invoke-GPUpdate -Computer $}


All Vista OS

Get-ADComputer -Filter 'OperatingSystem -like "*Vista*"' | ForEach {Invoke-GPUpdate
-Computer $ -RandomDelayInMinutes 0}

All Computers with Finance in the description

Get-ADComputer -Filter 'Description -like "*finance*"' | ForEach {Invoke-GPUpdate
-Computer $ -RandomDelayInMinutes 0}



For a FULL list of attributes for users and computers:


Get-ADComputer ComputerName -Properties *
Get-ADUser UserName -Properties *

Installing Domain Controllers via PowerShell

The installation of a Domain Controller is now a two step process.


  1. Install the AD DS Binaries
  2. Promote the Domain Controller and add to or create a Forest/Domain


Installing via powershell:


Install-WindowsFeature -Name AD-Domain-Services –IncludeManagementTools
Install-ADDSDomainController -InstallDns -Credential (Get-Credential icuazuretest\Administrator) -DomainName "icuazuretest.local"


Or for a core install, drop the -Includmanagement tools

Install-WindowsFeature -Name AD-Domain-Services
Install-ADDSDomainController -InstallDns -Credential (Get-Credential icuazuretest\Administrator) -DomainName "icuazuretest.local"


For a list of commands: 

Get-command -module ActiveDirectory


Test vs Install


Before running the command to promote a Domain Controller the process can be tested (and should be tested before actually promoting)




First DC in Forest

Test-ADDSForestInstallation -DomainName -CreateDNSDelegation
-DomainMode Win2008 -ForestMode Win2008R2 -DatabasePath "D:\NTDS" -SysvolPath
"D:\SYSVOL" -LogPath "E:\Logs"


Install-ADDSForest -DomainName -CreateDNSDelegation -DomainMode Win2008
-ForestMode Win2008R2 -DatabasePath "D:\NTDS" -SysvolPath "D:\SYSVOL" -LogPath "E:\Logs"

Adding a DC to existing domain

Test-ADDSDomainControllerInstallation -InstallDns -Credential (Get-Credential CORP\
Administrator) -DomainName ""


Install-ADDSDomainController -InstallDns -Credential (Get-Credential CORP\Administrator)
-DomainName ""

New domain , existing forest

Test-ADDSDomainInstallation -Credential (Get-Credential CORP\EnterpriseAdmin1)
-NewDomainName child -ParentDomainName -InstallDNS -CreateDNSDelegation
-DomainMode Win2003 -ReplicationSourceDC -SiteName Houston
-DatabasePath "D:\NTDS" -SYSVOLPath "D:\SYSVOL" -LogPath "E:\Logs" -NoRebootOnCompletion


Install-ADDSDomain -Credential (Get-Credential CORP\EnterpriseAdmin1) -NewDomainName
child -ParentDomainName -InstallDNS -CreateDNSDelegation -DomainMode
Win2003 -ReplicationSourceDC -SiteName Houston -DatabasePath
"D:\NTDS" -SYSVOLPath "D:\SYSVOL" -LogPath "E:\Logs" -NoRebootOnCompletion

Adding a RODC Account


This is used to pre-stage the RODC account in Active Directory.

TEST-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 -DomainName -SiteName NorthAmerica -DelegatedAdministratorAccountName corp.contoso.


Add-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 -DomainName -SiteName NorthAmerica -DelegatedAdministratorAccountName corp.contoso.

Un-install a Domain Controller 


Use the Test-ADDSDomainControllerUninstallation and Uninstall-ADDSDomainController cmdlets to uninstall a domain controller. Unlike the previous cmdlets, these cmdlets can be used without any parameters. If you do so, you will be prompted to supply a local Administrator password.


Set Bandwidth Weight of a Hyper-V Virtual Machine.

To set the bandwidth weight via poweshell use:


Get-VMNetworkAdapter -VMName Srv1,Srv2,Srv3 | Set-VMNetworkAdapter
-MinimumBandwidthWeight 1


Bandwidth management is not available as an option on legacy network adapters. Bandwidth management is available only on standard network adapters in Hyper-V