Now you can safely forget V1 and switch to the vastly superior V2. As of last week it is now available on -
In Windows 7 and WS08 R2 it is part of the package.
PS2 is part of Windows Management Framework which also includes WinRM and BITS4.
BTW: You need to install PowerShell 2 on server core. Read how in KB 976736.
One of the best reasons for upgrading to R2, is the new account types for managing services. Changing user account passwords being used for running services, scheduled tasks and application pools are often a real pain and consequently, often being skipped. And wouldn’t it be nice if it was handled automatically like a computer account? Well, that is exactly what R2 offers.
Two new types of service accounts are available in Windows Server® 2008 R2 and Windows® 7—the managed service account and the virtual account. The managed service account is designed to provide crucial applications such as SQL Server and IIS with the isolation of their own domain accounts, while eliminating the need for an administrator to manually administer the service principal name (SPN) and credentials for these accounts. Virtual accounts in Windows Server 2008 R2 and Windows 7 are "managed local accounts" that can use a computer's credentials to access network resources.
Read the Service Accounts Step-by-Step Guide for more information.
Ask the Directory Services Team has a good article on troubleshooting DFS links (DFS Referrals and IPv6: Outta site!) as well as a discussion of how not to disable IPv6 (unbinding it from an adapter) and how to do it correctly (KB929852).
In case you really need to disable IPv6, consider using a Group Policy Preference or automate it with PowerShell -
Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters DisabledComponents 0xffffffff -type dword
Useful information.
DHCP gets a lot of new, much-wanted, features in Windows Server 2008 R2. For instance in split scope scenario (80/20), the server with the 20% will run out of addresses. To avoid this, the response can be delayed and thus most leases will come from 80% server. Read more in the team blog.
When you try to create a new Workflow in the Response Group Configuration Tool, you do not see the standard templates (just an empty list)
This is a problem related specifically to Windows Server 2008 and is caused by SPN names not always being registered correctly (In our labs it is maybe 1/3 of the computers experiencing the problem).
First you should check if you’re server names are registered correctly
SetSPN –L <OCSFE host name>
If you don’t see two http/<OCSFE host name> registrations then you should create them as follows
SetSPN –A http/<OCSFE host name> <OCSFE host name>
SetSPN –A http/<OCSFE FQDN> <OCSFE host name>
and then you can use SetSPN –L again to check that the records have been created correctly.
Second you should check that the account you are using is a member of the RTCUniversalServerAdmins (This group works, I haven’t tested if less administrative rights can do the same), if it isn’t then add it and Voila you should
Courtesy to Alex Lewis for providing part of the solution (He also recommends a 3rd step “open the IIS Admin tool. Open up the deploy virtual directory and choose authentication in the middle pane. Choose Advanced Settings from the action pane. From here, check the Enable Kernel Mode Authentication box.” – but this hasn’t been necessary in the places where I have seen the problem.
With Windows Server 2008 SP2 or SP1/RTM with hotfix KB961320 you can make administration of the DSRM password completely automatic. The approach is this: You create an unprivileged account in Active Directory, set the password and using a scheduled task you execute the new sync from domain account xxxx command.
This nice approach is documented in the Directory Services blog. Read the complete story here.
So, can I run Exchange on a virtualization product? Yes, probably, but is it supported? You can read that in Microsoft Support Policies and Recommendations for Exchange Servers in Hardware Virtualization Environments. The support is rather limited or should I say restricted -
In any case, read it for yourself and go back to the MS article whenever your want to read it again, so you pick up the latest changes.
When you install WS08 as a Guest OS then the WS08 media includes the earlier version of Hyper-V Integration Services, so network and other hardware devices will not work. If you launch the Integration Services CD it will tell you to go to Windows Update to upgrade the Integration Components (Catch 22 I guess).
The workaround is to 'Insert Integration Services Setup Disk' start Device Manager (devmgmt.msc) find the failing device, select 'Update Driver Software' and 'Browse my computer for driver software' - the path is then e.g. D:\support\amd64.
Second, I noticed the following limitations in multiprocessor support in Hyper-V (In the Release Notes)
For the guest operating system, install one of the following:
If this is also true for the RTM version (Haven't checked yet) then this product is less useful than expected for 32 bit deployment of WS03 and practically useless for 64 bit deployments of WS03 (Even though Exchange 2007 SP1 supports Windows Server 2008, many companies won't have approval/testing for this product and/or their system management, backup etc. products ready for WS08).
MS has an offer where you can get a 40% discount on two exams. Register here to get the savings code.
Get them from here, the home of Windows Server 2008 learning, switch to the special offers tab, scroll down to Books from Microsoft Press. I cannot construct a direct link, so you have to work your way through yourself.
This is almost too easy. Just create a client - you do not have to specify 32 or 64 bit anywhere. Select a 64-bit installation image and on you go.
Here's a screenshot, the white PowerShell window is from the host, the rest from the virtual server.
Nice!
As said, I was going to figure out why the import failed. I started off looking at the permissions of C:\ProgramData\Microsoft\Windows\Hyper-V. It turns out that a security identifier called Virtual Machines has full control. Naturally, I jumped to my c:\guest\psk10 folder at tried to add the security identifier. But the dialog box cannot find it and as it is not a local group on my server, it must be a new built-in security identifier - one that the brand-new WS08 GUI does not recognize!
Luckily, PowerShell exists, so it is quite easy to get rid of all that GUI translation stuff and get to the real deal -
I bet S-1-5-83-0 is Virtual Machines and a to confirm it, I went searching on MSDN -
So I have to prove my point myself -
> $acl=get-acl C:\Guests\psk10
> $acl.SetSecurityDescriptorSddlForm( ($acl.sddl + "(A;;FA;;;S-1-5-83-0)(A;OICIIO;0x101f01ff;;;S-1-5-83-0)") )
> set-acl C:\Guests\psk10 -AclObject $acl
>
Voila, its there -
Microsoft, get you documentation up-to-date!
After this, I tried the import. Looking in the eventlog, I found "Failed to find virtual machine import files under location 'C:\Guests\psk10\'." I wonder: Have I misunderstood "Import" and is Import simply an operation that adds an existing Hyper-V Virtual Machine? Is there not easy way to migrate Virtual Server guests? Maybe, I have to look at SCVMM.
I tried to find some information about this, but did not succeed. In my search, I found another interesting item - the team blog at http://blogs.technet.com/virtualization/
After downloading the Windows Server 2008 RTM, yesterday, I upgraded my RC1 system to RTM. No problems what so ever - great.
Hardware
My system is a desktop, a Dell Dimension E520 with 4 Gigs or RAM and I am very satisfied with it: It is silent, uses only 130 W when idle and runs 10 Virtual Machines each having 300 GB without problems. If they all apply hotfixes or are running similar IO heavy activity at the same time, you feel the IO bottleneck but besides that, its quite fast.
Installation
Next, I was looking a how to get Hyper-V running, so I could get rid of Virtual Server. Even though I was quite happy with that, you know how it is: You have to try the latest and the greatest. When things starts to run well, it is time to change it...
Well, it turns out that the pre-release of Hyper-V is part of the RTM installation, so I simply added the Hyper-V role to the server and restarted it. After restart it is a matter of finding Administrative Tools and select Hyper-V Manager. You also have to accept a pre-release EULA.
Migration of Virtual Server guests
I started trying to import an existing Virtual Server guest, but got a badly written error message: The operation was passed an invalid parameter. I tried both with and with-out 'Reuse old virtual machine IDs' (whatever that means - haven't found a help topic yet). I also tried to give NETWORK SERVICE modify access to the folder, as I can see the Microsoft Hyper-V Image Management Service uses that account. Did not help either.
Snapshot
Next, I created a new Virtual Machine and liked a lot that I asked me about OS installation in the wizard. I selected a Windows Server 2003 SP2 ISO image and off it went. I started to play with snapshots and took one while the installation had copied 6% of the files. Then I waited until it reached 9% and applied the snapshot - and I was back in time. Very nice.
I also tried the other scenario, where you can create a new snapshot before applying one. Soon, I had a bunch of snapshots and it is very easy to jump back and forth between the versions - but I guess, it is also very easy to get confused and you have to take care if the server is a domain controller or your have some other kind of distributed system.
Mouse Control
A small warning: When you use the new remote control feature - called Virtual Machine Connection - your have to release your mouse using CTRL+SHIFT+LEFT ARROW. Well, I did not succeed in that across Remote Desktop. I had to visit the server (approx 60 cm behind me!) and do it from the console. It is configurable, but CTRL+ALT+SHIFT did not work either. I could only make it work in full screen or if I choose to send "Windows key combinations" to the remote server. For me, this is a bug.
But as I browsed the web trying to find something about the importing problem, I found out that this is actually already documented in the release notes. Quote "The use of Virtual Machine Connection within a Terminal Services session is not supported".
BTW: If you disconnect and re-connect, you can get your mouse activated outside of the Virtual Machine Connection window. If your server is farther away than mine, that may be an option.
Resume after restart of host
Another good thing: With Virtual Server you had to configure an account, to enable a Virtual Machine to start automatically. This is not the case with Hyper-V. Actually, "Automatically start if it was running when the service stopped" is selected by default.
Conclusion so far
Seems ok, but I have to look more closely at the importing problem and the scripting interface.
Quick note - Windows Vista SP1 has RTM'ed according to the Vista blog and Windows Server 2008 also RTM'ed check more about this in the press release.
Update - want to know more about SP1 and the availability then check Paul Thurrot's FAQ
In line with the Windows Server 2008 posters, there is also an Exchange Server 2007 Component Architecture poster available on MS Downloads.
Marketing is a strange beast. Server virtualization in Windows Server 2008 - e.g. the replacement of Virtual Server - will be called Hyper-V. I already hate that name! HyperV perhaps - but why the hyphen??
Anyway, Hyper-V will be a server feature that can be turned on. Microsoft is also planning a Hyper-V Server SKU.
Hyper-V is still expected to be delivered 6 months after Windows Server 2008.
On the management side, it was demoed at the keynote here in Barcelona, a virtual server manager that could manage Virtual Server 2005, Hyper-V *and* WMware server!
