Marc Kean

September 26, 2012

Windows Server 2012 Hyper-V server command line configuration

Filed under: Computers and Internet,Uncategorized — marckean @ 3:37 pm

Build a Hyper-V Server 2012 or Windows Server 2012 with Hyper-V from the command line including Server Core network configuration, whether it be PowerShell or Command Prompt. Please note, this roughly covers configurations for both a single server with a single NIC, and a server to be used in a failover cluster using several NICs including iSCSI. These are not an exact order of steps to follow, but more so my notes that I use when building a server which I follow roughly. So a fairly good technical knowledge is needed to follow and understand this. I have included a large diagram on this page which should help you understand the new Hyper-V virtual extensible switch. Even if you don’t intend to run virtual machines on top of Hyper-V, you would still need the Hyper-V role to be installed to give you a whole new range of cool virtual network options that you never got before. Most of the PowerShell network cmdlets below require the Hyper-V role to be installed, as not only Hyper-V provides a virtual machine solution, but also a really good virtual network solution as well.

  • In front of the server

To start with, there are several steps that need to be done from the console in front of the server. To open this blue box on Server Core, run sconfig from the command prompt.

  • Remote Management needs to be configured.
  1. Select option 4

  2. Select all options, 1 and 3.

  • Enable Remote Desktop

To allowing for older clients, run the following command:

cscript C:\Windows\System32\Scregedit.wsf /ar 0

  • Install the Hyper-V role

This is only if needed. Run the following cmdlet.

Add-WindowsFeature Hyper-V -Restart

  • NIC Teaming

To setup NIC Teaming on the server:

  1. Run the following command from PowerShell to see a list of all network adapters

    Get-NetAdapter

  2. Run the following command to setup a new NIC Team:

    New-NetLbfoTeam –Name Team1 –TeamMembers NIC1,NIC2

  3. Configures the NIC Teaming mode

    Set-NetLbfoTeam -Name Team1 –TeamingMode SwitchIndependent

    The setting SwitchIndependent Specifies that a network switch configuration is not needed for the NIC team. Because the network switch is not configured to know about the NIC teaming, the team members can be connected to different switches.

  • Create a Hyper-V Extensible switch

Hyper-V switches have a one-to-one relationship with a physical NIC, whether it be a teamed NIC or an individual NIC.

New-VMSwitch -Name VMNET -NetAdapterName 1G -AllowManagementOS $False -MinimumBandwidthMode Weight


Hyper-V extensible switch, converged networks

  • Virtual NICs

Create host level virtual NICs for each desired VLAN. This is more so for the purpose of a Windows failover cluster where many host networks are required. These vNICs will hang off the vSwitch you created in the previous step. Please note, as the vSwitch will be tied to a physical NIC and in turn connected to a physical port on a switch, this switch would need to be trunked with the relevant VLANs required. Each vNIC can have only one VLAN ID associated with it.

  1. Create the vNIC and assign it to the VMNET vSwitch:

    Add-VMNetworkAdapter -ManagementOS -Name "Management" -SwitchName "VMNET"

  2. Assign a VLAN ID to the vNIC:

    Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "Management" -Access -VlanId 10

  3. Assign the MinimumBandwidthWeight. This guaranties a bandwidth that is available on the virtual network adapter in relation to the other adapters. The weight value for all NICs must add up to 100, as this is a percentage.

    Set-VMNetworkAdapter -ManagementOS -Name "Management" -MinimumBandwidthWeight 30

  • Configure VLAN IDs

Configure VLAN ID directly on the physical network connection if required.

  1. Run the following command from PowerShell to see a list of all network adapters:

    Get-NetAdapter

  2. Run the following command to configure the VLAN ID:

    Set-NetAdapter –Name "Ethernet 1" -VlanID 10

  • IP Addresses

Configure IP Address for the server

  1. Select Option 8

  • Windows Firewall

Disable Windows Firewall. From the command prompt or by using PowerShell, run the following command:

  1. From the command line

    netsh advfirewall set allprofiles state off

  2. Using Powershell

    Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False

  • Hostname

Give the server a name:

  1. Select option 2

    Then reboot

  • Remote Server configuration

The rest of the configuration can be done from another computer remotely via a remote desktop connection.

  • Windows Time and Date
  1. From the command prompt, run the following commands:

    sc config w32time start= auto

    net start w32time

  2. Open the Date and Time GUI by running the following command:

    Control timedate.cpl

  • DNS suffix
  1. Run the following PowerShell command to set the correct Domain and SearchList REG_SZ entries.

    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" Domain -Value dc.local –Force
    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" SearchList -Value dc.local –Force

  • DNS Registration

If you don’t want DNS registration of an IP address to occur, then when setting the primary or secondary DNS address, add Register=None to the end.

  1. Run the following to see a list of network interfaces:

    netsh interface ipv4 show interfaces

  2. Configure the Primary DNS address while disabling DNS registration

    netsh interface ipv4 add dnsserver "Local Area Connection" address=<IP address of the primary DNS server> index=1 Register=None 

  3. Configure the Secondary DNS address while disabling DNS registration

    netsh interface ipv4 add dnsserver "Local Area Connection" address=<IP address of the secondary DNS server> index=2 Register=None

  • Disable IPv6

This is for all servers that don’t require IPv6. More info here.

  1. Run the following PowerShell command to disable IPv6:

    New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters -Name DisabledComponents -PropertyType DWord -Value 0xffffffff

  • Disable NetBIOS over TCP/IP
  1. Run the following command to get a list of interfaces on the machine

    wmic nicconfig get caption,index,TcpipNetbiosOptions

  2. Take note of the index number for the adapter that you want to disable NetBIOS over TCP/IP. Then run the following.

    wmic nicconfig where index=1 call SetTcpipNetbios 2

    SetTcpopNetbios options:

    0 – Use NetBIOS setting from the DHCP server
    1 – Enable NetBIOS over TCP/IP
    2 – Disable NetBIOS over TCP/IP

  • SMB2 share connections

When connecting to SMB2 based shares, you might receive an error "An unexpected network error occurred" Run the following PowerShell cmdlet to allow the server to connect to SMB2 based shares.

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 –Force

http://support.microsoft.com/kb/2686098

  • File and Print Sharing

File and Printer Sharing should be disabled for NICs relating to iSCSI

Use a utility called NVSPbind to clean up protocols on an adaptor, disable File and Print sharing. Also to change the binding order of network adaptors:


ms_netbios (NetBIOS Interface)
ms_netbios (NetBIOS Interface)
ms_server (File and Printer Sharing for Microsoft Networks)
ms_server (File and Printer Sharing for Microsoft Networks)
ms_pacer (QoS Packet Scheduler)
ms_msclient (Client for Microsoft Networks)
ms_msclient (Client for Microsoft Networks)
ms_lltdio (Link-Layer Topology Discovery Mapper I/O Driver)
ms_rspndr (Link-Layer Topology Discovery Responder)
ms_tcpip6 (Internet Protocol Version 6 (TCP/IPv6))
ms_netbt (WINS Client(TCP/IP) Protocol)
ms_netbt (WINS Client(TCP/IP) Protocol)
ms_smb (Microsoft NetbiosSmb)
ms_smb (Microsoft NetbiosSmb)
ms_tcpip (Internet Protocol Version 4 (TCP/IPv4))

  1. Download NVSPbind from http://archive.msdn.microsoft.com/nvspbind/ Copy to the local machine, then from the command prompt, run nvspbind with no switches. This will list all your adaptors and the protocols enabled or disabled.

    For example, to disable a protocol on an adaptor, use the switch /d to disable binding of specified protocol from specified nic(s). If we were to disable File and Printer Sharing for Microsoft Networks for adaptor {913D8F46-BFC7-4359-A024-90485C276984}, then we would type in:

    nvspbind –d {913D8F46-BFC7-4359-A024-90485C276984} ms_server

  2. To see the current order of adaptors, type in:

    nvspbind /o ms_tcpip

    To change the order of an adaptor, to move an adaptor right to the top, type in:

    nvspbind /++ "Local Area Connection" ms_tcpip

  • Windows Updates

Download and install Windows Updates

  1. Select Option 6

  • Additional Drives

Connect remotely to the server using a computer management console, then configure any additional drives

The HP Array Configuration Utility can be setup on the server by running C:\Program Files (x86)\Compaq\Cpqacuxe\Bin\setup.exe from the command line. Select Remote mode.

Then remotely, the HP ACU can be accessed by navigating to https://<ServerName>:2381/ACU-XE/ACU.htm

  • Virtual memory/paging file

Configuring the Paging File on Windows Server Core or Hyper-V Server 2012 R2 can be difficult, as this needs to be done via the command prompt.

  1. To check the current paging file configuration, check the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management or run the following:

    wmic pagefile list /format:list

  2. Turn off automatic paging files

    wmic computersystem where name="%computername%" set AutomaticManagedPagefile=False

  3. Create a new paging file on a separate drive

    wmic.exe pagefileset create name="S:\pagefile.sys"

  4. Manually configure the new paging file

    wmic.exe pagefileset where name="S:\\pagefile.sys" set InitialSize=64509,MaximumSize=65000

  5. Delete the default C:\ drive paging file

    wmic.exe pagefileset where name="C:\\pagefile.sys" delete

  • Configuration for Remote Machine connection

Configuration steps from the management machine, so that you can connect successfully to the non-GUI server.

  1. If the server is not a member of the domain, add server credentials to the remote machine, so that remote connections will be seamless by not asking for credentials
    1. Run the following command:

      cmdkey /add:<ServerName> /user: <ServerName>\<UserName> /pass:<password>

  2. On the remote computer, add the Hyper-V server as a trusted host with the following Windows PowerShell cmdlet:

    Set-Item WSMan:\localhost\Client\TrustedHosts -Value <RemoteServerName> -Concatenate

  3. Edit DCOM security on the remote machine to allow for Remote Access
    1. Click Start > Run > open DCOMCNFG
    2. Browse through to: "Component Services > Computers > My Computer"
    3. Open Properties for My Computer and select the COM Security tab
    4. In Access Permissions area click the Edit Limits button
    5. Select the Anonymous Logon group and make sure the Remote Access is set to Allowed

30 Comments »

  1. great manual man!
    I’m currently rebuilding our 2008r2 cluster to 2012 and your post helped me very much.
    Thx for sharing.

    Grtz from Holland ;-)

    Comment by Rogier — September 28, 2012 @ 11:10 pm | Reply

  2. Thanks very much for sharing. I’m currently installing the Server 2012 Hyper-V on a test machine that your writing helps me a lot.

    Comment by Felix — December 6, 2012 @ 3:13 pm | Reply

  3. [...] Hyper-V PS cmdlets essential samples [...]

    Pingback by Hyper-V 2012 Installation, Management Details « Baysoft's Blog — January 3, 2013 @ 11:34 pm | Reply

  4. This is by far the best write up I have found on how to make the GUI-less 2012 work. Still complicated and time consuming but very nice. If you want to go back to GUI then try vtutilities from VT technologies $119 US and worth it at 3 times the price. Also I have written a blog outlining like you how to make the most of Core Server 2012. Stephanco.blogspot.com, I tell you how to to get a GUI start menu of sorts and other sweet work arounds to make you more productive faster using core server 2012.

    Comment by James Stephan — January 10, 2013 @ 9:54 am | Reply

  5. Great mannual . I have configured Hyper-V 2012 on a laptop and deployed WIndows 2012 to set up VDI .

    Comment by Ayaz Buriro — February 28, 2013 @ 10:53 pm | Reply

  6. Many thanks from Russia!!!
    Was a big problem with remote control by mmc – DCOM options helped!

    Comment by Konstantin — March 9, 2013 @ 1:49 am | Reply

  7. Great information. Lucky me I ran across your site by
    accident (stumbleupon). I’ve bookmarked it for later!

    Comment by Steve Pizzuti — May 10, 2013 @ 8:06 pm | Reply

  8. Hello would you mind letting me know which web host you’re working with? I’ve loaded your blog in 3 different internet browsers and I must say this blog loads a lot faster then most.

    Can you suggest a good web hosting provider at a honest price?
    Thanks, I appreciate it!

    Comment by Forge Of Empires Cheats — May 12, 2013 @ 9:27 am | Reply

  9. Excellent way of describing, and fastidious post to obtain information concerning my presentation focus,
    which i am going to deliver in school.

    Comment by separation agreement template — May 23, 2013 @ 12:39 am | Reply

  10. Wow. I spent a lot of money and energy to figure out what your graphic very clearly illustrates. Thanks!!

    Comment by Matt Durell — June 14, 2013 @ 12:51 pm | Reply

  11. Wonderful article! We will be linking to this great article on our website.
    Keep up the great writing.

    Comment by hard knight — July 2, 2013 @ 2:06 am | Reply

  12. Hi,

    What is the opposite to your disable IPV6 command please? I need to re-enable.

    Thank you

    Comment by Dan — December 3, 2013 @ 9:59 am | Reply

    • This should reverse the registry change to effectively re-enable IPv6

      Remove-ItemProperty -path HKLM:\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters -Name DisabledComponents

      Comment by Marc Kean — December 3, 2013 @ 10:10 am | Reply

      • Perfect, thank you for immediate response. After making that change, I can no longer edit network settings via sconfig.cmd
        I ran this on two servers, one came back online with this error (now fixed) the other did not come back online. Well, it is running as the VMs are up, but cannot connect via RDC to the host or by management tools. Any ideas?

        Thanks again.

        Comment by Dan — December 3, 2013 @ 10:16 am

      • I remember I had the same problem at one stage with exactly that losing access to configure networking from sconfig, but was a long time ago. I had to re-configure the network from the command line to get me back up and running again. I can’t remember exactly the steps, but was basically a case of removing the virtual networks altogether using PowerShell and trying to remove the local adapter network settings completely then starting from scratch – see if this article helps http://www.petri.co.il/configure_tcp_ip_from_cmd.htm

        Comment by Marc Kean — December 3, 2013 @ 10:23 am

  13. I can now use sconfig after re-enabling IPv6 using your command, its just that the second sever I ran it on cant even be pinged anymore haha. Im working remotely, so I guess theres not much I can do now.

    Thanks for the help.

    Comment by Dan — December 3, 2013 @ 10:27 am | Reply

    • Do you have iLo or DRAC? Save me on numerous occasions. Don’t leave home without it :)

      Comment by Marc Kean — December 3, 2013 @ 10:30 am | Reply

      • There werent enough network points when installed, new switch is on the way :(

        Comment by Dan — December 3, 2013 @ 10:31 am

      • I’ve been there before – sucks when that happens.

        Comment by Marc Kean — December 3, 2013 @ 10:34 am

  14. Atleast the VM is running, so users can access AD/Files. Cheers for the convo :)

    Comment by Dan — December 3, 2013 @ 10:38 am | Reply

  15. HyperV with VLANID does not work!

    Hello, Mark,

    I created a nic teaming with 3 network cards and a virtual switch.

    My need is to create the following scenario:

    – Nic Teaming with 3 network cards
      – VEthernet (Live migratory-on) – 1 VLANID
      – VEthernet (ClusterHB) – VLANID 2
      – VEthernet (Management \ Backup) – VLANID3

    I have two switches cascaded in (LinkAgredation / Trun-k).

    My server is connected as follows: NIC1: SW1, NIC2: SW2, CIN3: SW1

    I asked for support networks configure the switch ports which I will use for my NICs in Trunk.

    Here we go:

    – I created the Nic Teaming in Independent mode – HyperV-Port
      – Created vEthernet (Live migratory-on) – 1 VLANID
      – Created vEthernet (ClusterHB) – VLANID 2
      – Created vEthernet (Management \ Backup) – VLANID3

    My main network I’m connected is in VLANID 3 (172.16.16.50) and try to ping the vEthernet (Managment \ B-ackup) – VLANID3 that has the IP: 172.16.16.60 does not work.

    I removed the NIC Teaming and put the IP: 172.16.16.60 on each (NIC1, NIC2, CIN3) to verify if there was any problem in the SW configuration, but the ping worked normally.

    The problem only occurs after creating the nic teaming.

    PS1: I put the IP: 172.16.16.60 directly in the Nic Teaming driver, I type changes Nic Teaming for static and not funciounou too.

    PS2: I created a second nic teaming, as your blog and assigns putting VLANID3 and neither worked an IP.

    What am I doing wrong?

    Thank you….HyperV with VLANID does not work!

    Hello, Mark,

    I created a nic teaming with 3 network cards and a virtual switch.

    My need is to create the following scenario:

    – Nic Teaming with 3 network cards
      – VEthernet (Live migratory-on) – 1 VLANID
      – VEthernet (ClusterHB) – VLANID 2
      – VEthernet (Management \ Backup) – VLANID3

    I have two switches cascaded in (LinkAgredation / Trun-k).

    My server is connected as follows: NIC1: SW1, NIC2: SW2, CIN3: SW1

    I asked for support networks configure the switch ports which I will use for my NICs in Trunk.

    Here we go:

    – I created the Nic Teaming in Independent mode – HyperV-Port
      – Created vEthernet (Live migratory-on) – 1 VLANID
      – Created vEthernet (ClusterHB) – VLANID 2
      – Created vEthernet (Management \ Backup) – VLANID3

    My main network I’m connected is in VLANID 3 (172.16.16.50) and try to ping the vEthernet (Managment \ B-ackup) – VLANID3 that has the IP: 172.16.16.60 does not work.

    I removed the NIC Teaming and put the IP: 172.16.16.60 on each (NIC1, NIC2, CIN3) to verify if there was any problem in the SW configuration, but the ping worked normally.

    The problem only occurs after creating the nic teaming.

    PS1: I put the IP: 172.16.16.60 directly in the Nic Teaming driver, I type changes Nic Teaming for static and not funciounou too.

    PS2: I created a second nic teaming, as your blog and assigns putting VLANID3 and neither worked an IP.

    What am I doing wrong?

    Thank you

    Comment by Sandro Alves — January 5, 2014 @ 4:07 pm | Reply

  16. Spot on with this write-up, I absolutely feel this web site needs much more attention.
    I’ll probably be back again to read through more,
    thanks for the information!

    Comment by użyteczna treść — March 12, 2014 @ 2:12 pm | Reply

  17. You’re truly a just right webmaster. The web site loading pace is incredible. It sort of feels that you’re doing any distinctive trick. Also, The contents are masterwork. you have done a excellent process on this matter!

    Comment by linux virtual private server — May 8, 2014 @ 5:59 pm | Reply

  18. Amazing blog! Do you have any helpful hints for aspiring
    writers? I’m hoping to start my own site soon but I’m
    a little lost on everything. Would you suggest starting with a free platform like WordPress or go for a paid option? There are so many choices out
    there that I’m completely overwhelmed .. Any recommendations?
    Kudos!

    Comment by remove w32tm.exe — June 18, 2014 @ 5:21 am | Reply

  19. hello there and thank you for your information – I’ve certainly picked up anything new
    from right here. I did however expertise several technical issues using this website, since I experienced to reload the
    site lots of times previous to I could get it to load properly.
    I had been wondering if your web hosting is OK? Not that I’m
    complaining, but slow loading instances times will sometimes
    affect your placement in google and could damage your high quality score if advertising and
    marketing with Adwords. Well I am adding this RSS to my email and
    can look out for a lot more of your respective intriguing content.
    Ensure that you update this again soon.

    Comment by ui0detect exe microsoft — June 24, 2014 @ 6:16 am | Reply

  20. I do consider all of the concepts you’ve presented
    on your post. They are really convincing and can certainly work.
    Nonetheless, the posts are very brief for novices. May just you please prolong
    them a little from next time? Thank you for the post.

    Comment by cleanmgr.exe server 2008 — June 24, 2014 @ 6:17 am | Reply

  21. Appreciation to my father who told me about this website, this website is genuinely
    awesome.

    Comment by Wusa.Exe — July 4, 2014 @ 3:53 pm | Reply

  22. Great blog here! Also your site loads up fast! What host
    are you using? Can I get your affiliate link to your host?

    I wish my website loaded up as quickly as yours lol

    Comment by register msvcr70.dll windows 7 — July 7, 2014 @ 9:32 am | Reply

  23. I’m very happy to find this site. I wanted to thank you for your time for this particularly wonderful read!!
    I definitely really liked every part of it
    and i also have you bookmarked to look at new things in your blog.

    Comment by aeinv.Dll — July 18, 2014 @ 9:47 am | Reply

  24. magnificent issues altogether, you simply gained a new reader.
    What may you suggest in regards to your post
    that you made some days in the past? Any sure?

    Comment by que es pepflashplayer.dll — July 24, 2014 @ 4:00 pm | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 64 other followers

%d bloggers like this: