Browsed by
Tag: Windows Server

Creating a Sysprepped Windows Server 2012 image

Creating a Sysprepped Windows Server 2012 image

One of the advantages to running Windows Server 2012 is the highly improved Hyper-V engine. In my time working on deployment scenarios I have found that creating a reliable baseline VM is critical to my success in getting farms deployed quickly and easily. To this end I have found that getting a new VM server with the OS installed to the correct level with patches, the SharePoint prerequisites, and all of the customizations that I like to have on a server already installed and ready to go in minutes is pretty important.

This is where Sysprep comes the picture. We have been using Sysprep to prepare images since Windows XP as it allows us to generalize the critical system GUIDs and when the image is launched post-Sysprepping it will create new GUIDs and allow you to re-register the system. While this has always been a recommended practice for deploying the same VM over and over, it has not been a required function until Windows Server 2012.

There are some drawbacks to generalizing a system that you are trying to deploy. For example, once a server has been registered in a SharePoint farm that server cannot be expected to interoperate properly once generalized. Translation: you can’t join a SharePoint server to a farm, then do a generalized Sysprep, and expect the new server to be a member of the farm. It is going to have an understandable identity crisis.

For this reason, you will want to do your generalized Sysprep after installing SharePoint & it’s patches, but BEFORE doing your PSCONFIG. This will allow you to redeploy the image, set the computer name, a domain and then run PSCONFIG to join the server to the farm. On average this process will take about 15 or so minutes.

Here is how you actually will perform a generalized Sysprep:

1.) Get your image where you are happy with it

Patch your OS. Install the softwares that you want to be able to have already ready to go. I recommend checking out some of my other posts for helpful PowerShell scripts that you will want to run to help you with some of the base OS configurations that you will find useful. “Setup your development machine right” & “Track what you are doing in PowerShell” are two good examples of this.

2.) Take a snapshot of your VM

This will allow you to return to the operational state you are currently in when you finish Sysprepping the image.

3.) From command line run: “c:\windows\system32\sysprep\sysprep.exe”

clip_image001

4.) Choose the option to “Generalize the system”

This is going to remove the GUIDs from the registry and allow you to create new ones upon boot. This will also remove the license key information and require that you re-register with Microsoft when you use the image. This will allow sharing of an image with others without the fear of the licensing police coming after you.

5.) Choose the option to shut down the machine when complete

6.) Click Ok

7.) Once the VM is shutdown make a copy of the VM

It is a good idea to store this in a location that you going to remember what the VM is. It is also a good idea to rename the VM folder & files so that you know that this is a generic image. You will want to give the files a new name each time you redeploy them.

8.) Revert to your pre-Sysprepped snapshot

As previously stated, this will return you to where you were before you started this exercise with an image ready to deploy on.

I hope that this is as useful for you as it has been for me.

How to: Activate Desktop Experience in Windows Server 2012

How to: Activate Desktop Experience in Windows Server 2012

I ran into an issue where I needed to active that Desktop Experience in on Windows Server 2012 and found that it was not in the same place that I was expecting it to be from previous versions. Figured that this might help some people.

Desktop Experience is required to be running if you are going to utilize OneNote, which when working in a demo server environment can be very useful. There are some DLLs that are not accessible unless you are running the Desktop Experience that are critical to applications like Snagit & Camtasia.

Wizard Driven:

To active the Desktop Experience go Server Manager | Local Server | Manage | Add Roles & Features

1

Once in the wizard under Features drill into the User Interfaces and Infrastructure and select Desktop Experience. This will active the Ink and Handwriting Services & Media Foundation features as well.

2

After installation the server requires a reboot to complete and will make the features active for accessing.

PowerShell:

From a PowerShell prompt running as Administrator use the following command:

3

During execution you will see the following:

4

Once complete you will be notified that you need to reboot the server:

5

Enjoy!

 notepad active Desktop Experince script

How to disable Shutdown Event Tracker in Windows Server 2008 R2

How to disable Shutdown Event Tracker in Windows Server 2008 R2

Scenario: You have people in your office, you are in the middle of work in 2 different Dev VMs plus Visual Studio on your host or you are working on several servers plus your local Dev VM while writing admin scripts (making this viable for Admin and Dev types alike).  Time for a reboot of your Dev VM so you click on reboot and flip back to your other work and figure you will check back in 10 minutes once it has had time to reboot.  An hour goes by and you are finally rearing to go on the Dev VM so you flip back to it only to find this screen:

Shutdown1

Anyone else want to throw a virtual rock at the virtual screen at that point?

I am in the middle of building out 5 new VMs for my lab and always find having to enter a reason for rebooting to be painful, so I FINALLY decided to do something about it. 

There are a number of articles out there on how to do this, but many of them are out of date.  I tried every one of them and this was the one that I found that works every time:

How to enable and disable Shutdown Event Tracker

  1. Open gpedit.msc

  2. Go to Computer Configuration | Administrative Templates | System

  3. Set “Display Shutdown Event Tracker” to Disabled

shutdown2

A reboot is not required for this to take effect.  You set a Group Policy if you are in a domain or multi-machine situation, but for standalone systems, this works just fine.

CAVEAT: I highly recommend this only be used in development/test VMs.  This makes it so there is no safety net if someone accidentally clicks restart or shutdown instead of logoff. 

I am big on giving credit to those who I find information from, but in this case there were so many different options that I lost track of who I got this lead from, so thank you to the unnamed tipster for this lead.

How to: Fix the "Unable to access SharePoint sites from the localhost" problem

How to: Fix the "Unable to access SharePoint sites from the localhost" problem

Ever try to access a page on your SharePoint site from your web front end only to get prompted for a login that never lets you through?

The issue happens when dealing with sites that Integrated Authentication and have names that are mapped to the loopback address.  Translation:  if you are using Windows with Claims or Classic Mode web applications  and you are trying to connect from the server, this is you.

The LoopbackCheck security feature is enabled by default on Windows Server since 2003 SP1 and since most SharePoint Farms are going to have an FQDN AAM or two, this is going to be something that many admins are going to run into.

There are two options, and as in most scenarios one is easy and the other is the right way.

Option 1. – create a Multi-String Value that has all of your AAMs for the server and restart the IISADMIN service.

Option 2. – disable the LoopbackCheck on the server

The Microsoft recommended option is #1 (I happen to agree), however you have to do this on every server (however if you have access to create and modify GPOs, this should be something that you can just have centrally managed for all SharePoint WFEs) and you need to have the list of all of your AAMs handy with which to do it.  Not a ton of work, so bite the bullet and update the registry entry.

Serious caveat:  Option 2 is great if you are working on a developer vm or something to play with for a short burst, but if you are going to put something in production, please protect yourself and allow Microsoft to do the same.  This is one of those security scenarios where they are putting a validation check in place to protect you from malicious attacks.

For the more detailed steps on making the changes visit the KB article and get it from the horse’s mouth.

Random Server hang issues result in a required hard reset

Random Server hang issues result in a required hard reset

Symptom:

Windows 2008 R2 64bit systems hang at random and require a hard reboot of the system to recover. You can remote to the system via KVM (RDP is not accessible) and even do a CTRL+ALT+DEL, but after the lock screen goes away and tries to give you a login screen… YOU GET NOTHING. Only silence…

Root Cause:

We ended up with a three headed root cause on this set of issues.

1.) Our blades had a bad BIOS version that caused the system to get into an inconsistent state and required a power cycle to get them clear.

2.) The hardware vendor had Data Execution Protection (DEP) turned on at the hardware layer by default.

3.) By default Microsoft has its own version of DEP turned on for all services unless you add in exceptions.

How did we diagnose this beast? Many team members (Dan, Don, Christian, Jim, and Cornè) all weighed in and found part of this along with support from our hardware vendor and Microsoft.

The issues plagued us for several weeks because it was not a predictable failure and there was NOTHING in the logs to correlate the issues together other than a single model of blade server.

Call with Microsoft and the hardware vendor suggested that the Microsoft DEP might be part of the issue as well. Luckily our support level was good enough to get both vendors on the same line and have them work together. Support calls like this are not cheap if you don’t have the agreements in place already.

Resolution

1.) Flash the BIOS with an updated and vendor verified version.
2.) Turning off of the hardware DEP
3.) Setting the Windows DEP to on “for essential Windows programs and services only”

Since making these changes we have not seen reoccurrence of the random system hang issues. I will update this post if things change… but so far, so good!