How to recover an ip lost on a VM bad deployment with SCVMM


Sometimes when I´m doing a deployment of various VM via scripting in my test lab and some thing fail for some reason as my smb file share are out of space or something like this the ip assigned to the machine is blocked… you have not the new virtual machine and you loose one ip from the pool.

The solution to that situation is the following:

First of all execute from PS Get-SCIPAddress


Second we seek the name of the virtual machine bad deployed and we copy the ip address.

Third we execute the following command with the ip address that we want to liberate $ip = get-scipaddress -IPAddress “”

Fourth we execute the command $ip | revoke-scipaddress to recover the ip.

Also, is more easy to do from the GUI… then go to Fabric Pane/Logical Networks and there over the Pool where you are deploying vms do right click and push on Inactive Address. Select All and push Release. Easy no? 🙂



Generating a 2008 R2 VM Template with DISM

Hi all!

Here I show how to make a new template for WS 2008 R2 EE with DISM installed in a WS 2012 R2 CU1:

Pre-requisites: WADK 8.1

Copy wim file from WS 2008 R2 EE image and paste in your local C:\W2008R2_Template

Resuming actions:

  • OS WS 2008 R2 Enterprise
  • Telnet client enabled
  • Spanish regional settings
  • UTC+1 Time Zone
  • All updates added from a repository generated with wsusoffline931
  • VHDX with 120GB
  • Boot partition 350MB
  • System Partition 119GB

Hands on:

Open DISM CMD with elevated privileges and execute

Template with Features:

dism /Mount-Wim /WimFile:C:\W2008R2_Template\VMTemplate.wim /Index:3 /MountDir:C:\W2008R2_Template\new_vm

dism /image:C:\W2008R2_Template\new_vm /Enable-Feature /FeatureName:TelnetClient

dism /image:C:\W2008R2_Template\new_vm /set-syslocale:es-ES
Dism /image:C:\W2008R2_Template\new_vm /Set-UserLocale:es-ES
Dism /image:C:\W2008R2_Template\new_vm /Set-Inputlocale:040a:0000040a

Dism /image:C:\W2008R2_Template\new_vm /Set-TimeZone:”Romance Standard Time”

Dism /unmount-wim /mountdir:C:\W2008R2_Template\new_vm /commit

Adding updates:
dism /mount-wim /wimfile:C:\W2008R2_Template\VMTemplate.wim /index:3 /mountdir:C:\W2008R2_Template\new_vm

DISM /image:C:\W2008R2_Template\new_vm /Add-Package /Packagepath:C:\WUpdates2k8R2

Dism /unmount-wim /mountdir:C:\W2008R2_Template\new_vm /commit

Open CMD with elevated privileges and execute:

Creating VHDX:

create vdisk file=C:\W2008R2_Template\vhdx\VMTemplate.vhdx maximum=122880 type=expandable
select vdisk file=C:\W2008R2_Template\vhdx\VMTemplate.vhdx
Attach vdisk

Create partition primary size=350
Format quick fs=ntfs
Assign letter=M
Create partition primary
Format quick fs=ntfs
Assign letter=V

Open DISM CMD with elevated privileges and execute


dism /apply-image /imagefile:C:\W2008R2_Template\VMTemplate.wim /index:3 /applydir:V:\

V:\windows\system32\bcdboot V:\windows /s M:

Open CMD with elevated privileges and execute:

Select vdisk file=C:\W2008R2_Template\vhdx\VMTemplate.vhdx
Detach vdisk

How to create a security template for hardening


To create and apply a customized security template I did the following:

Use a template based in Security Compliance Manager

Deploy a temporal standalone WS 2012 R2 to do tests

Import the .inf file exported from GPO Backup (folder) option in SCM to a Security Template mmc and then modify all options you want.

Add Security Configuration and Analysis snapin, import your template .inf and then execute the analyze option, remember to use a new database.

Save configurations as inf file and it will be your security template for hardening.


Moving FSMO roles in AD


If we want to move the FSMO roles we will do the following steps:

Open a CMD console

First we need to know where are the FSMO roles with netdom query fsmo command

Second we move the roles with the following sintaxis:

Type ntdsutil and then press ENTER

Type roles and then press ENTER

Type connections and then press ENTER

Type connect to server <servername>, where <servername> is the name of the server you want to use and then press ENTER

At the server connections: prompt, type q, and then press ENTER

Type transfer <role>. where <role> is the role you want to transfer.

Transfer rid master

Transfer schema master

Transfer PDC

Transfer infrastructure master

Transfer domain naming master

We come back to c:\windows with quit command

We check where are the FSMO roles with netdom query fsmo