How to recover an ip lost on a VM bad deployment with SCVMM

Hi!

Sometimes when I´m doing a deployment of various VM via scripting in my test lab and some thing fail for some reason as my smb file share are out of space or something like this the ip assigned to the machine is blocked… you have not the new virtual machine and you loose one ip from the pool.

The solution to that situation is the following:

First of all execute from PS Get-SCIPAddress

ippools

Second we seek the name of the virtual machine bad deployed and we copy the ip address.

Third we execute the following command with the ip address that we want to liberate $ip = get-scipaddress -IPAddress “100.64.35.122”

Fourth we execute the command $ip | revoke-scipaddress to recover the ip.

Also, is more easy to do from the GUI… then go to Fabric Pane/Logical Networks and there over the Pool where you are deploying vms do right click and push on Inactive Address. Select All and push Release. Easy no? 🙂

ippoolgui

Regards!

Generating a 2008 R2 VM Template with DISM

Hi all!

Here I show how to make a new template for WS 2008 R2 EE with DISM installed in a WS 2012 R2 CU1:

Pre-requisites: WADK 8.1 http://www.microsoft.com/en-us/download/details.aspx?id=39982

Copy wim file from WS 2008 R2 EE image and paste in your local C:\W2008R2_Template

Resuming actions:

  • OS WS 2008 R2 Enterprise
  • Telnet client enabled
  • Spanish regional settings
  • UTC+1 Time Zone
  • All updates added from a repository generated with wsusoffline931 http://download.wsusoffline.net/
  • VHDX with 120GB
  • Boot partition 350MB
  • System Partition 119GB

Hands on:

Open DISM CMD with elevated privileges and execute

Template with Features:
—————————-

dism /Mount-Wim /WimFile:C:\W2008R2_Template\VMTemplate.wim /Index:3 /MountDir:C:\W2008R2_Template\new_vm

dism /image:C:\W2008R2_Template\new_vm /Enable-Feature /FeatureName:TelnetClient

dism /image:C:\W2008R2_Template\new_vm /set-syslocale:es-ES
Dism /image:C:\W2008R2_Template\new_vm /Set-UserLocale:es-ES
Dism /image:C:\W2008R2_Template\new_vm /Set-Inputlocale:040a:0000040a

Dism /image:C:\W2008R2_Template\new_vm /Set-TimeZone:”Romance Standard Time”

Dism /unmount-wim /mountdir:C:\W2008R2_Template\new_vm /commit

Adding updates:
—————–
dism /mount-wim /wimfile:C:\W2008R2_Template\VMTemplate.wim /index:3 /mountdir:C:\W2008R2_Template\new_vm

DISM /image:C:\W2008R2_Template\new_vm /Add-Package /Packagepath:C:\WUpdates2k8R2

Dism /unmount-wim /mountdir:C:\W2008R2_Template\new_vm /commit

Open CMD with elevated privileges and execute:

Creating VHDX:
————

diskpart
create vdisk file=C:\W2008R2_Template\vhdx\VMTemplate.vhdx maximum=122880 type=expandable
select vdisk file=C:\W2008R2_Template\vhdx\VMTemplate.vhdx
Attach vdisk

Create partition primary size=350
Format quick fs=ntfs
Assign letter=M
Active
Create partition primary
Format quick fs=ntfs
Assign letter=V
exit

Open DISM CMD with elevated privileges and execute

—————–

dism /apply-image /imagefile:C:\W2008R2_Template\VMTemplate.wim /index:3 /applydir:V:\

V:\windows\system32\bcdboot V:\windows /s M:

Open CMD with elevated privileges and execute:

Diskpart
Select vdisk file=C:\W2008R2_Template\vhdx\VMTemplate.vhdx
Detach vdisk
exit

How to create a security template for hardening

Hi!

To create and apply a customized security template I did the following:

Use a template based in Security Compliance Manager

http://technet.microsoft.com/en-us/library/cc677002.aspx

Deploy a temporal standalone WS 2012 R2 to do tests

Import the .inf file exported from GPO Backup (folder) option in SCM to a Security Template mmc and then modify all options you want.

Add Security Configuration and Analysis snapin, import your template .inf and then execute the analyze option, remember to use a new database.

http://technet.microsoft.com/en-us/library/bb742512.aspx#EFAA

Save configurations as inf file and it will be your security template for hardening.

Regards

Moving FSMO roles in AD

Hello,

If we want to move the FSMO roles we will do the following steps:

Open a CMD console

First we need to know where are the FSMO roles with netdom query fsmo command

Second we move the roles with the following sintaxis:

Type ntdsutil and then press ENTER

Type roles and then press ENTER

Type connections and then press ENTER

Type connect to server <servername>, where <servername> is the name of the server you want to use and then press ENTER

At the server connections: prompt, type q, and then press ENTER

Type transfer <role>. where <role> is the role you want to transfer.

Transfer rid master

Transfer schema master

Transfer PDC

Transfer infrastructure master

Transfer domain naming master

We come back to c:\windows with quit command

We check where are the FSMO roles with netdom query fsmo

Regards