Have you started using Windows Admin Center (WAC) in your environment? If not, I strongly encourage you to try it out. It creates a single HTML 5 web page to control multiple Windows and Windows Server installations. It can make a lot of your maintenance tasks easier, even if you only have a few Windows systems to manage. Eventually, it might replace all those pesky MMCs.
So, I’ve created a simple application to make the process easier. You bring a WAC installation and a good certificate, and I’ll handle the rest.
The tool looks into the local certificate store and presents you with a list. Select one, and if it checks out, it will install it for you:
If it doesn’t like something about the certificate, then one or more of the checks will fail and it will not allow you to use the certificate:
It uses Microsoft’s supported certificate update method in the background, essentially acting as a front-end.
How to Obtain the WAC Certificate Selector
You can find the latest release on its GitHub page. I have only been able to test on a handful of systems, so I’m marking it as a public beta for now. Please exercise caution when running on production systems. Report any problems using the GitHub Issues page.
Deploying Windows Servers can be a pain, even when you’ve got a templating system. How do I know that the template matches my current requirements? What do I know now that I didn’t know when that template was built? How do I easily manage the one-off differences between that template and the needs of this new system?
It’s even worse when you don’t have a template system or have overriding reasons to not to use one. You’re stuck building each new server from scratch, checking those boxes like it’s your first time.
Or, are you?
If you’re looking for a fast way to save or copy the list of selected Windows Server features and roles and apply them to a new system, PowerShell can easily help.
I have updated the scripts from Core Configurator 2.0 so that it can run on the 2012 editions of Windows Server and Hyper-V. The download is available on CodePlex. Details about the release are available on the Altaro blog.
Dell has done something to the installer for the recent version of OpenManage Server Administrator so that it doesn’t work on Server Core, which includes native installations of Hyper-V.
Running “X:\windows\PreReqChecker\RunPreReqChecks.exe /s” errors out with “omchecks has stopped working”
The installer (accessed by running “msiexec /i X:\windows\SystemsManagement\SysMgmt.msi” stops with the error “Failed to load OMIL library”
Install OpenManage Server Administrator 6.5 first (the command on that CD is “msiexec /i X:\SYSMGMT\srvadmin\windows\SystemsManagement”). As soon as that installer finishes, you’ll be able to install 7.1 without error. If you haven’t got the older installation media, you can download it from Dell’s site. If your particular server is too new to have 6.5 available, check the download list for earlier servers, such as the PowerEdge R515.
You do not need to perform any cleanup on 6.5 as 7.1 replaces it very cleanly.
I’ve had some strange and not always reproducible problems installing other Dell update packages, usually drivers, on Server Core and Hyper-V whenever OMSA is not installed or is out-of-date. The one I remember most clearly was related to the Lifecycle Controller.
Windows programming has begun a trend away from using the registry to store application data. There are a lot of reasons for that, most of them are pretty good, and I have no intentions of debating them in this post. There are still plenty of valid reasons you might wish to use the registry. Unfortunately, the .Net Framework’s abstraction of the registry is nowhere near as robust as it is for other system objects, such as files and folders. The area that it’s most critically lacking is that the only thing you can do without an active handle to a registry key is open a handle to a registry key. Most of the time, that’s not a big deal. Any key you can’t open is probably a key you shouldn’t open. Then again, there are those few times that you need to open a key but can’t. This post is intended to show you how to do that in VB.Net. C# users should be able to read along without a lot of difficulty, although you’ll probably want to refer to PInvoke.net or a similar resource for the exact methods of calling the specified Windows API functions from within C#. Read more of this post
I’ll do my best to keep this posting on an even keel and not let it devolve into a rant, but no promises. As I poke around in various technical forums, whether LinkedIn or Spiceworks or TechNet or whatever, a new theme is popping up. People are complaining that they’ve dropped in a shiny new 10G network and just can’t figure out why it’s not any faster than their old 1GB network, or they’re using internal/private networks inside Hyper-V or ESX and they don’t go any faster than a standard copper line. In a couple of cases, I’ve actually taken the effort to try to explain what’s going on, but usually it falls on deaf ears. This post serves as both an explanation and an appeal to the more sensible administrators out there to look at what’s really going on.
Scenario: You connect your Windows or Hyper-V system to a new iSCSI target device that supports multi-path I/O (MPIO) and add a session for each iSCSI NIC in the server. When you get the disk established in Disk Management, it shows up twice. You can bring one online, but any others show “Offline (The disk is offline because it has a redundant path with another device)”.
Have you noticed that “RunAs” doesn’t work for Windows Explorer or Control Panel items? That’s because the shell (the program you use to communicate with the operating system itself) is Windows Explorer. Windows Explorer is (normally) running all the time, and while it’s running, it doesn’t allow you to start other instances in other security contexts (a very long way of saying that “RunAs” doesn’t work for Windows Explorer). Control Panel items don’t work either because they’re not actually programs; they are applets that run within the context of Windows Explorer. So, you can’t connect to a user’s station and use RunAs to, say, change TCP/IP settings.
There is a key limitation to installing WSUS on Server Core: Neither Microsoft SQL Server nor Windows Internal Database will install on Server Core, so you will have to install a SQL instance somewhere else in order to do this. That means that no matter what, you’ll still need a full GUI install of Windows Server somewhere.
The best case I can conceive of in which this is desirable is when you need multiple WSUS servers in the same location for some reason and it’s not a problem to set up a centralized or multiple SQL Server. In our case, we want our remote users laptops to get install approvals from our central server during VPN sessions but to download the actual updates from Microsoft using their own Internet connections. We want our in-house computers to get approvals and updates from the in-house WSUS server. One WSUS installation cannot handle that. Therefore, it made sense for us to add a SQL Server Express instance to the existing WSUS Server and install WSUS separately (because you can’t have two instances of WSUS on the same Windows Server), using Core to minimize resource usage.
Update: SQL Server 2012 is supported on Server Core. The continued relevance of this document is primarily to show you how to install the WSUS component itself. Also, if you look, you can find instructions for installing earlier editions of SQL Server on Server Core, but be advised that these are not supported configurations.