VMM | Electric Monk

Tag Archive for VMM

Using WSUS with Microsoft Virtual Machine Manager 2012

February 1, 2014 IT No comments

What is WSUS?

The Windows Server Update Service (WSUS) enables information technology administrators to deploy the latest Microsoft product updates. By using WSUS, administrators can fully manage the distribution of updates that are released through Microsoft Update to computers in their network. This blog shows an overview of this server role and more information about how to deploy and maintain WSUS via Microsoft Virtual Machine Manager 2012. The WSUS server provides the features that administrators need to manage and distribute updates through a management console. In addition, a WSUS server can be the update source for other WSUS servers within the organization. The WSUS server that acts as an update source is called an upstream server. In a WSUS implementation, at least one WSUS server in the network must connect to Microsoft Update to get available update information. The administrator can determine, based on network security and configuration, how many other servers connect directly to Microsoft Update

Installing WSUS

You can choose to install WSUS on a Remote Server
You can choose to install WSUS on a VMM Server which is what we are going to do

Installation Considerations:

During the installation process, WSUS will install the following by default:

.NET API and Windows PowerShell cmdlets
Windows Internal Database (WID), which is used by WSUS unless you configure WSUS to connect to another DB Instance on a separate server to the VMM Server
Services used by WSUS, which are:
- Update Service
- Reporting Web Service
- Client Web Service
- Simple Web Authentication Web Service
- Server Synchronization Service
- DSS Authentication Web Service

By default, the WSUS server uses port 8530 for HTTP protocol and port 8531 for HTTPS protocol to obtain updates from Microsoft. If there is a corporate firewall between your network and the Internet, you will have to open these ports on the server that communicates directly to Microsoft Update. If you are planning to use custom ports for this communication, you open those ports instead

Pre Requisites

The database server cannot be configured as a domain controller.
The WSUS server cannot run Remote Desktop Services.
The database server must be in the same Active Directory domain as the WSUS server, or it must have a trust relationship with the Active Directory domain of the WSUS server.
The WSUS server and the database server must be in the same time zone or be synchronized to the same Coordinated Universal Time (Greenwich Mean Time) source
Check server hardware requirements to enable WSUS role are bound to hardware requirements.
Check if you install roles or software updates that require you to restart the server when installation is complete, restart the server before you enable the WSUS server role.
Microsoft .NET Framework 3.5/4.0 must be installed on the server where the WSUS server role will be installed. Can be selected when you go through adding roles
The NT Authority\Network Service account must have Full Control permissions for the following folders so that the WSUS Administration snap-in displays correctly: This path may not exist until you have installed the IIS role
%windir%\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files

%windir%\Temp

Assign the Local System account to the WSUS Administrators Group

Installation

Open Server Manager and click Add Roles

Select Role based or feature-based installation

Select your destination server

Put in tick in Windows Server Update Services. It will automatically tick IIS as well

Accept the default feature install

Make sure you also tick .NET Framework 3.5 Features

Click Next on Web Server Role (IIS)

On Select Role Services you will need the following
Performance > Dynamic Content Compression
Security > Windows Authentication
Application Development > All ASP’s selected
Management Tools > IIS6 Management Compatibility

Click Next on the Windows Server Update Services Page

Untick WID Database and tick WSUS Services and Database
I chose Database as I have set up an instance on a separate Windows Server 2012 SQL Server and I am interested in testing the connectivity!

You will need to create a folder for the WSUS Downloads then enter the path
In my case I just chose c:\WSUS

Put in your SQL Database Server name and Instance.
In my case this is dacvsql002\WSUS

Click Check Connection. Hopefully it should say Successfully connected to server

Check the final summary and put a tick in Restart Destination Server

Click Install and wait for it to finish and you should see the below screen

Note it says Further Configuration is required
Click on Launch Post Installation Tasks and you will likely get an error message as per below

The Log file says

In order to resolve this, you need to open PowerShell as an Administrator and change to the directory where WSUSUtil is typically located in c:\Program Files\Update Services\Tools and run the following command

Once complete you should see the below screen

I then rebooted at this point and in this time, I logged into my SQL Server to check the Database had been created under my instance dacvsql002\WSUS

When the server is back up, click the Windows Key and Q and click on Windows Update Services
You can now configure WSUS by using the WSUS Configuration Wizard or you can cancel this and open the WSUS Console and configure the Options

I cancelled and went through the options as per below
Click Options

Update Source and Proxy Server

Products

Classifications

Update Files

Update Languages

Synchronisation Schedule

Update Rules

Advanced

Computers

Server Cleanup Wizard

Reporting Rollup

Email Notification

Microsoft Update Improvement Program

Personalization

And finally you have the option here to run through the configuration wizard which you have seen in an earlier screenprint

Now we need to add the Windows Server Update Server to VMM
In the VMM Console, open the fabric workspace
Click Add Resources > Update Server

Add Windows Server Update Services (WSUS) Server
Enter in the relevant details as per below
It will let you know if you can’t use a User Account
Click Add when complete

A job window will then pop up showing you what’s going on

To verify that the WSUS Server was added to VMM successfully go to the Fabric Workspace > Expand Servers > Click Update Server.
The Results pane should show the WSUS Server

In the library workspace, on the library pane, expand Update Catalog and Baselines and then click Update Catalog. The results pane displays all the available updates

After you add the Update Server to VMM, you can configure a proxy server for synchronisation and change the update categories, products and supported languages that WSUS synchronises by updating the properties of the update server in VMM.
Open the Fabric Workspace > Expand Servers > Click Update Server
Right click on the Update Server in the results pane and select Properties

Next you will see the Proxy Server

Next you will see the Update Classification

Products

Languages

To manually synchronise updates in VMM, in the Fabric workspace, on the Fabric pane, expand servers and then click Update Server. You can then Synchronise. See highlighted screenprint below

Microsoft TechNet Site for more information

http://technet.microsoft.com/en-gb/library/gg675084.aspx

Testing an install of Microsoft Virtual Machine Manager 2012 SP1 on Windows 2012

June 1, 2013 Windows Server 2012 No comments

What is Microsoft Virtual Machine Manager? Virtual Machine Manager (VMM) is a management solution for the virtualized datacenter, enabling you to configure and manage your virtualization host, networking, and storage resources in order to create and deploy virtual machines and services to private clouds that you have created A deployment of VMM consists of the following: Pre-Requisites Your servers may slightly differ as to how many roles you put on one server but you will generally need the following. I am going to presume you have a Domain Controller and a Hyper V Server.

1 x Windows 2008 or Windows 2012 Domain Controller
1 x Windows 2012 Server running Microsoft Virtual Machine Manager
1 x Windows 2012 Server running Microsoft SQL Server 2008 or 2012
1 x Windows 2012 Server running Hyper V 2012 Server for testing VMM. Note: You will need to add hypervisor.cpuid.v0 = “FALSE” and mce.enable = “TRUE” and vhv.enable = “True” to the .vmx file if this server is a VM running on VMware
For System Center 2012 – Virtual Machine Manager: Windows Automated Installation Kit (AIK) for Windows 7
For VMM in System Center 2012 SP1: Windows Assessment and Deployment Kit (ADK) for Windows 8. SCVMM Management Server only requires the Deployment Tools and Windows PE components.
For System Center 2012 – Virtual Machine Manager: At least Microsoft .NET Framework 3.5 Service Pack 1 (SP1)
For VMM in System Center 2012 SP1: Microsoft .NET Framework 4, or Microsoft .NET Framework 4.
The computer on which you install the VMM management server must be a member of an Active Directory domain.
The name of the computer on which you install the VMM management server cannot exceed 15 characters.
The SCVMM machine name can’t include –SCVMM- for example My-SCVMM-Server but can be called SCVMM.
If using Dynamic memory the start-up RAM must be at least 2048 MB. This demo uses 4096 MB of RAM.
It is also recommended that the SQL Command Line Tools and Native Client Tools are also installed on the SCVMM server. See links at the end of this article. We have used the SQL 2012 versions here.
Membership in the local Administrators group, or equivalent, on the computer that you are configuring is the minimum required to complete this procedure.

Extra Notes on SQL Server In System Center 2012 Service Pack 1 (SP1) you can take advantage of the AlwaysOn feature in Microsoft SQL Server 2012 to ensure high availability of the VMM database. To configure SQL Server with the AlwaysOn feature, complete both procedures below. For more information about the AlwaysOn feature, and AlwaysOn availability groups see the followings:

Before you begin the installation of the VMM management server, ensure that you have a computer with a supported version of Microsoft SQL Server installed and running. Unlike VMM 2008 R2, System Center 2012 – Virtual Machine Manager will not automatically install an Express edition of SQL Server Instructions

Firstly make sure you have Windows Server 2012 installed on your VMM Server
Click Manage > Install Roles and Features on your VMM Server

Select Installation type as Role based or Feature based installation

Select Destination Server

Go to Roles and select Web Server (IIS)

Click Add Features > Next

Select Features

Read the Information

Add Windows Authentication

Check Install Information and tick Restart if required

Click Install

Next Install Windows Assessment and Deployment Kit which you should have downloaded and copied to your VMM Server ready to install
Note this seems to take long to install!
The Windows ADK is a collection of tools that you can use to customise, assess and deploy Windows Operating Systems to new computers, is a pre-requisite for VMM 2012 SP1 and is used for bare metal deployment of Hyper-V Servers
Specify Location

Join the Customer Improvement Program

Accept the License Agreement

Select the Features to Install. You generally need Deployment Tools and Windows Pre-Installation Environment (Windows PE)

Click Install

On the SCVMM server – install the SQL 2012 Native Client with SQL 2012 Command Line Utilities to follow
SQL Native Client contains runtime support for applications using native code APIs (ODBC, OLE DB and ADO) to connect to Microsoft SQL Server 2005, 2008, 2008 R2 and 2012. SQL Native Client is used to enhance applications that need to take advantage of new SQL Server 2012 features

Accept the License Agreement

Choose your Features in the Feature Selection Box

Install

Next Install SQL 2012 Command Line Utilities
The SQLCMD utility allows users to connect to, send Transact SQL batches from and output row set information from SQL Server 2008, 2008 R2 and 2012. It is used to enhance applications that need to take advantage of new SQL Server 2012 features

Accept License Agreement

Click Install

Next go to your SQL Server 2012 Server
Attach the SQL ISO
Run the Installer > New SQL Server stand-alone installation

Setup Support Rules will run > Click Next

Choose Specify the free edition

Accept the License Terms

Select Next to Install Product Updates if connected to the internet

You will see the status of the updating

Check Setup Support Rules

Choose SQL Server Feature Installation

Select All on the Feature Installation and choose where you want to install the Shared Feature Directories

Check Installation Rules

Just keep the Default Instance for now – MSSQLSERVER

Check Disk Space Requirements

Check SQL Server Service Accounts and add your own as required

Check Collation

Database Engine Configuration > Choose Mixed Mode and add the Domain Admin

Choose Data Directories

Check Analysis Services Settings

Reporting Services Configuration > Choose Install Only

Distributed Replay Controller > Just add the current user

Distributed Replay Client

Check Error Reporting

Installation Configuration Rules check

Ready to Install

Click Install

Don’t forget to go into SQL Server Configuration Manager > SQL Server Network Configuration > Protocols for MSSQLSERVER and enable Named Pipes and TCP/IP

Restart SQL Services once this is done and it should look like the below

I also found I had to add my Domain Admin account to the Local Administrators group on the SCVMM and SQL Server or I got a message saying “Setup cannot connect to the specified SQL Server Instance. Ensure the server name is correct etc”
I also found that I add to adjust the hosts file in c:\Windows\System32\Drivers\etc on both the SCVMM Server and SQL Server and add in a mapping for the SQL Server
Now you are ready to install Microsoft VMM
Launch the Installer
Click Install

Choose Features
Select VMM Server, VMM Administrator Console

Put in Product Registration Information > Name, Organisation and Product Key if you have one. If not it will enter Evaluation Mode

Accept the License Agreement

Choose an option for the Customer Service Program

Turn on Microsoft Update

Select Installation Location

Pre-Requisite Checking will then run. You can see I need to put more memory in my VM

Put in your Database configuration. In my case I am using a separate SQL 2012 Server called DACVSQL002
Change the Database Name if you want to and the port is usually 1433
If you find you experience connection errors, then you will need to adjust firewall ports

Put in Service Account Information
Ignore Distributed Key Management for now
DKM is used to store VMM encryption keys in Active Directory Domain Services. By default, using the Windows Data Protection API (DPAPI) VMM encrypts some data in the VMM Database (for example the Run As account credentials and passwords) and this data is tied in to the VMM server and the service account used by VMM. However with DKM, different machines can securely access the shared data. Once a HA VMM Node fails over to another node, it will start accessing the VMM database and use the encryption keys conveniently stored under a container in AD to decrypt the data in the VMM database

Check Port Configuration Information

Specify a Share for the Virtual Machine Manager Library

Check the Installation Summary

Install

Once finished it should look like the following

If there is a problem with setup completing successfully, consult the log files in the %SYSTEMDRIVE%\ProgramData\VMMLogs folder. ProgramData is a hidden folder.
Connect to VMM Console