Nested Hyper V in VmWare

To run Hyper-V in VMWare you need to edit the .vmx file and append the following to allow a hyper visor to be virtualised.

hypervisor.cpuid.v0 = “FALSE”

mce.enable = “TRUE”

vhu.enable = “TRUE

Hyper V Replicas (non Clustered)


A Hyper V Replica provides a form of high availability which is useful in inter-site failover situations. Failover clusters generally operate in a single site - however if that site is compromised by a natural disaster or a major incident, then the service would fail.

 

With a replica, the VM can be trickled to another site, and in the event that failover is required the service can keep running with a recent copy of the source VM.

 

  1. Go to the settings of the Hyper V host that will hold the replica > Go to Replication Configuration
    1. Click Enable this computer as a replication server
    2. In a production environment, certificates should be used to configure the transfer of the vhd/x file over SSL. A suitable certificate needs to be issued from the company CA and imported into the personal store of both the Primary and the replica server. Also this method allows the replication to another domain even if it's untrusted.
    3. Configure the Authorization and storage section. Allow replication from specified servers and also the location the VHDX file will be stored on the replica machine.
    4. Repeat this on the primary machine
  2. Go to the Firewall and enable "Hyper-V Replica HTTP Listener (TCP-In)" or the HTTPS Version depending on method. This needs to be configured the same on both the primary and the replica server to allow failback.
  3. On the primary server, right click on the VM and click "Enable Replica". Follow the wizard.
  4. Remember that the VMs are likely to be on different subnets, so this needs to be configured in the TCP/IP settings of the VM (not the HV Host) so that when the VM fails over its IP address changes accordingly.

 

This feature can be configured in a daisy chain so that if the replica fails, another replica of that can then take over in a 3 site scenario (or more).

Invoke-GPUpdate

Single remote machine gpupdate:

 

Invoke-GPUpdate -Computer Computername -Force

 

 A whole OU

 

Invoke-GPUpdate -Filter * -Searchbase "CN=Computers,DC=TeamRou,DC=Local"

 

All Computers

 

Get-ADComputer -Filter * | ForEach {Invoke-GPUpdate -Computer $_.name}

 

All Vista OS

Get-ADComputer -Filter 'OperatingSystem -like "*Vista*"' | ForEach {Invoke-GPUpdate
-Computer $_.name -RandomDelayInMinutes 0}

All Computers with Finance in the description

Get-ADComputer -Filter 'Description -like "*finance*"' | ForEach {Invoke-GPUpdate
-Computer $_.name -RandomDelayInMinutes 0}

 

 

For a FULL list of attributes for users and computers:

 

Get-ADComputer ComputerName -Properties *
Get-ADUser UserName -Properties *

Installing Domain Controllers via PowerShell

The installation of a Domain Controller is now a two step process.

 

  1. Install the AD DS Binaries
  2. Promote the Domain Controller and add to or create a Forest/Domain

 

Installing via powershell:

 

Install-WindowsFeature -Name AD-Domain-Services –IncludeManagementTools
Install-ADDSDomainController -InstallDns -Credential (Get-Credential icuazuretest\Administrator) -DomainName "icuazuretest.local"

 

Or for a core install, drop the -Includmanagement tools

Install-WindowsFeature -Name AD-Domain-Services
Install-ADDSDomainController -InstallDns -Credential (Get-Credential icuazuretest\Administrator) -DomainName "icuazuretest.local"

 

For a list of commands: 

Get-command -module ActiveDirectory

 

Test vs Install

 

Before running the command to promote a Domain Controller the process can be tested (and should be tested before actually promoting)

 

Outcome

Command

First DC in Forest

Test-ADDSForestInstallation -DomainName corp.contoso.com -CreateDNSDelegation
-DomainMode Win2008 -ForestMode Win2008R2 -DatabasePath "D:\NTDS" -SysvolPath
"D:\SYSVOL" -LogPath "E:\Logs"

 

Install-ADDSForest -DomainName corp.contoso.com -CreateDNSDelegation -DomainMode Win2008
-ForestMode Win2008R2 -DatabasePath "D:\NTDS" -SysvolPath "D:\SYSVOL" -LogPath "E:\Logs"

Adding a DC to existing domain

Test-ADDSDomainControllerInstallation -InstallDns -Credential (Get-Credential CORP\
Administrator) -DomainName "corp.contoso.com"

 

Install-ADDSDomainController -InstallDns -Credential (Get-Credential CORP\Administrator)
-DomainName "corp.contoso.com"

New domain , existing forest

Test-ADDSDomainInstallation -Credential (Get-Credential CORP\EnterpriseAdmin1)
-NewDomainName child -ParentDomainName corp.contoso.com -InstallDNS -CreateDNSDelegation
-DomainMode Win2003 -ReplicationSourceDC DC1.corp.contoso.com -SiteName Houston
-DatabasePath "D:\NTDS" -SYSVOLPath "D:\SYSVOL" -LogPath "E:\Logs" -NoRebootOnCompletion

 

Install-ADDSDomain -Credential (Get-Credential CORP\EnterpriseAdmin1) -NewDomainName
child -ParentDomainName corp.contoso.com -InstallDNS -CreateDNSDelegation -DomainMode
Win2003 -ReplicationSourceDC DC1.corp.contoso.com -SiteName Houston -DatabasePath
"D:\NTDS" -SYSVOLPath "D:\SYSVOL" -LogPath "E:\Logs" -NoRebootOnCompletion

Adding a RODC Account

 

This is used to pre-stage the RODC account in Active Directory.

TEST-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 -DomainName
corp.contoso.com -SiteName NorthAmerica -DelegatedAdministratorAccountName corp.contoso.
com\User1

 

Add-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 -DomainName
corp.contoso.com -SiteName NorthAmerica -DelegatedAdministratorAccountName corp.contoso.
com\User1

Un-install a Domain Controller 

 

Use the Test-ADDSDomainControllerUninstallation and Uninstall-ADDSDomainController cmdlets to uninstall a domain controller. Unlike the previous cmdlets, these cmdlets can be used without any parameters. If you do so, you will be prompted to supply a local Administrator password.

 

Set Bandwidth Weight of a Hyper-V Virtual Machine.

To set the bandwidth weight via poweshell use:

 

Get-VMNetworkAdapter -VMName Srv1,Srv2,Srv3 | Set-VMNetworkAdapter
-MinimumBandwidthWeight 1

 

Bandwidth management is not available as an option on legacy network adapters. Bandwidth management is available only on standard network adapters in Hyper-V