KB: Attempting to remove VMware vCenter from System Center 2012 Virtual Machine Manager fails with error 0x8007274D

July 16, 2012, 9:50 am

≫ Next: KB: Adding a Citrix XenServer host on System Center 2012 Virtual Machine Manager fails with error 2916 (0x8033810f)

≪ Previous: Downloadable Virtual Machines for System Center 2012 SP1 CTP2 Evaluation Now Available!

Here’s a new Knowledge Base article we published. This one talks about an issue where attempting to remove VMware vCenter from VMM 2012 fails with error 0x8007274D.

=====

Symptoms

When trying to remove the VMware vCenter 4.1 from System Center 2012 Virtual Machine Manager (VMM), the action fails with the error:
VMM cannot complete the VMware operation on the SERVERNAME$ server because of the error: Unable to connect to the remote server
Resolve the issue in VMware and then try the operation again.

ID: 12701
Details: No connection could be made because the target machine actively refused it (0x8007274D)
Also, every few minutes the following error is displayed under the Jobs tab:

Error (12701)
VMM cannot complete the VMware operation on the SERVERNAME$ server because of the error: Unable to connect to the remote server
No connection could be made because the target machine actively refused it (0x8007274D)

Recommended action
Resolve the issue in VMware and then try the operation again.

Cause

System Center 2012 Virtual Machine Manager needs to communicate with the VMware vCenter in order to remove it from the VMM server. In situations when VMM is not able to communicate with the VMware vCenter (i.e. vCenter server was lost or network issues), it is not possible to directly remove the VMware vCenter.

Resolution

One option is re-install VMM with the new database.

The second option requires a few steps. In summary, a new virtual machine needs to be created and then joined to the domain under the same name as the previous vCenter server. VMware vCenter server will need to be also installed on this virtual machine. By doing this, VMM will think that the old vCenter server is back. However, since by default the communication between the VMM and vCenter servers is encrypted, VMM will give an error stating that it cannot communicate with vCenter server because of the invalid certificates. Thus, we will also have to generate a new vCenter certificate on the VMM server. More detailed steps are shown below:

1. Create a new Virtual Machine.

2. Install Windows Server 2008 R2 (or older Windows version supported by VMware vCenter) with the required updates.

3. Join the Virtual Machine to the domain under the same computer name as the original computer with which the contact was lost. For example, if the original vCenter server's computer name was vcenter.contoso.com then the newly created Virtual Machine should be joined to the domain as vcenter.contoso.com.

4. Install VMware vCenter and VMware vSphere client on the newly created VM.

5. On the VMM server, open the Certificates Snap-in (Computer Account) (http://msdn.microsoft.com/en-us/library/ms788967.aspx) and delete the VMware default certificate located under Trusted People/Certificates.

6. Launch the VMM PowerShell on the VMM server, type and run the following command:

$Virtman = Get-virtualizationmanager –computername “VirtMgrServer01.Contoso.com”
$Cert = Get-certificate –computername “VirtMgrServer01.Contoso.com”
Set-VirtualizationManager –VirtualizationManager $VirtMan –Certificate $Cert

Where VirtMgrServer01.Contoso.com is the FQDN of your newly created VMware vCenter server.

7. In the VMM console, right click on the VMware vCenter server and select Refresh. vCenter server should be successfully refreshed.

8. Right click on the VMware vCenter and select Remove. The vCenter should be successfully removed from the VMM server.

More Information

How to: View Certificates with the MMC Snap-in: http://msdn.microsoft.com/en-us/library/ms788967.aspx
How to Replace the Certificate for a VMware VirtualCenter Server: http://technet.microsoft.com/en-us/library/cc974213

=====

For the most current version of this article please see the following:

2730029 - Attempting to remove VMware vCenter from System Center 2012 Virtual Machine Manager fails with error 0x8007274D

J.C. Hornbeck | System Center & Security Knowledge Engineer

Get the latest System Center news on Facebook and Twitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

KB: Adding a Citrix XenServer host on System Center 2012 Virtual Machine Manager fails with error 2916 (0x8033810f)

July 17, 2012, 11:33 am

≫ Next: KB: Installing the System Center 2012 Virtual Machine Manager VMM Management Server fails with IndyPlacementHelper exception error

≪ Previous: KB: Attempting to remove VMware vCenter from System Center 2012 Virtual Machine Manager fails with error 0x8007274D

Here’s a new System Center 2012 Virtual Machine Manager Knowledge Base article we recently published. This one tells you how to fix an issue where adding a Citrix XenServer host on VMM fails with error 2916 (0x8033810f).

=====

SYMPTOMS

Adding a Citrix XenServer host on System Center 2012 Virtual Machine Manager may fail with the following error:

Error (2916)
VMM is unable to complete the request. The connection to the agent <Xen server> was lost.
Unknown error (0x8033810f)
Recommended Action
Ensure that the WS-Management service and the agent are installed and running and that a firewall is not blocking HTTPS traffic.
This problem can also be caused by WMI service crash. Ensure that KB 982293 (http://support.microsoft.com/kb/982293) is installed on the machine if it is running Windows Server 2008 R2.
If the error persists, reboot <Citrix host> and then try the operation again.

CAUSE

This issue occurs if security update MS12-006 (KB2585542) is installed on the VMM Management Server. This security update blocks a WMI call that is used by the Citrix XenServer host.

RESOLUTION

To work around this issue, perform the following steps on the VMM Management Sever:

Set the SendExtraRecord registry value to 2 by performing the steps documented in the following Microsoft knowledge base article: http://support.microsoft.com/kb/264358
(http://support.microsoft.com/kb/264358)
Once the SendExtraRecord registry value is set to 2, add the Citrix XenServer host.

MORE INFORMATION

Managing Citrix XenServer with System Center Virtual Machine Manager (SCVMM) 2012:
http://blogs.citrix.com/2011/06/16/managing-xenserver-with-system-center-virtual-machine-manager-scvmm-2012/

How to add XenServer hosts to VMM: http://technet.microsoft.com/en-us/library/gg610684.aspx

=====

For the most current version of this article please see the following:

KB2728902 - Adding a Citrix XenServer host on System Center 2012 Virtual Machine Manager fails with error 2916 (0x8033810f)

J.C. Hornbeck | System Center & Security Knowledge Engineer

Get the latest System Center news on Facebook and Twitter:

↧

KB: Installing the System Center 2012 Virtual Machine Manager VMM Management Server fails with IndyPlacementHelper exception error

July 18, 2012, 9:20 am

≫ Next: Now available: Infrastructure Planning and Design Guide for System Center 2012 - Virtual Machine Manager

≪ Previous: KB: Adding a Citrix XenServer host on System Center 2012 Virtual Machine Manager fails with error 2916 (0x8033810f)

Here’s a new System Center 2012 Virtual Machine Manager Knowledge Base article we recently published. This one tells you how to fix an issue where installing the VMM 2012 VMM Management Server fails with an IndyPlacementHelper exception error.

=====

SYMPTOMS

Installing the System Center 2012 Virtual Machine Manager VMM Management Server fails with the following error:

The type initializer for 'Microsoft.VirtualManager.Engine.Placement.IndyPlacementHelper' threw an exception.

CAUSE

This can occur due to corrupt installation media.

RESOLUTION

To resolve this issue perform the following steps:
1. Re-download the installation media.
2. If installing from a DVD, re-burn the installation media at a lower speed (4x).
3. Attempt the installation again.

=====

For the most current version of this article please see the following:

KB2690616 - Installing the System Center 2012 Virtual Machine Manager VMM Management Server fails with IndyPlacementHelper exception error

J.C. Hornbeck | System Center & Security Knowledge Engineer

Get the latest System Center news on Facebook and Twitter:

↧

Now available: Infrastructure Planning and Design Guide for System Center 2012 - Virtual Machine Manager

July 24, 2012, 10:20 am

≫ Next: Update Rollup 2 for System Center 2012 is now available for download

≪ Previous: KB: Installing the System Center 2012 Virtual Machine Manager VMM Management Server fails with IndyPlacementHelper exception error

The Infrastructure Planning and Design team is pleased to announce that the System Center 2012 - Virtual Machine Manager guide is now available for download.

Download the guide now: http://go.microsoft.com/fwlink/?LinkId=245473

This guide outlines the elements that are crucial to an optimized design of Virtual Machine Manager. It leads you through a process of identifying the business and technical requirements for managing virtualization, designing integration with Operations Manager if required, and then determining the number, size, and placement of the VMM servers. This guide helps you to confidently plan for the centralized administration of physical and virtual machines.

Infrastructure Planning and Design streamlines the planning process by:

Defining the technical decision flow through the planning process.
Listing the decisions to be made and the commonly available options and considerations.
Relating the decisions and options to the business in terms of cost, complexity, and other characteristics.
Framing decisions in terms of additional questions to the business to ensure a comprehensive alignment with the appropriate business landscape.

Tell your peers about IPD guides! Please forward this mail to anyone who wants to learn more about Infrastructure Planning and Design guides.

Download the guide now: http://go.microsoft.com/fwlink/?LinkId=245473

Join the IPD Beta Program
Subscribe to the IPD beta program and we will notify you when new beta guides become available for your review and feedback. These are open beta downloads. If you are not already a member of the IPD Beta Program and would like to join, follow these steps:

Go here to join the IPD beta program:
https://connect.microsoft.com/InvitationUse.aspx?ProgramID=1587&InvitationID=IPDM-QX6H-7TTV&SiteID=14
If the link does not work for you, copy and paste it into the web browser address bar.
Sign in using a valid Windows Live® ID.
Enter your registration information.
Continue to the IPD program beta page, scroll down to Infrastructure Planning and Design, and click the link to join the IPD beta program.

Stay tuned for other System Center 2012 guides releasing for beta feedback!

Already a member of the IPD beta program? Go here to get the latest IPD beta downloads:https://connect.microsoft.com/content/content.aspx?ContentID=6556&SiteID=14

Related Resources
Check out all the Infrastructure Planning and Design team has to offer! Visit the IPD page on TechNet,http://www.microsoft.com/ipd, for additional information, including our most recent guides.

J.C. Hornbeck | System Center & Security Knowledge Engineer

Get the latest System Center news on Facebook and Twitter:

↧

Update Rollup 2 for System Center 2012 is now available for download

July 24, 2012, 3:38 pm

≫ Next: Cloud and Datacenter Management System Center Update Rollup Improvements

≪ Previous: Now available: Infrastructure Planning and Design Guide for System Center 2012 - Virtual Machine Manager

This rollup includes updates for App Controller, Data Protection Manager (DPM), Operations Manager (OpsMgr), Orchestrator, Service Manager (SCSM) and Virtual Machine Manager (VMM). Download links, installation instructions and the list of issues fixed for each component are documented in the following KB:

KB2706783 - Description of Update Rollup 2 for System Center 2012 (http://support.microsoft.com/kb/2706783)

J.C. Hornbeck | System Center & Security Knowledge Engineer

Get the latest System Center news on Facebook and Twitter:

↧

Cloud and Datacenter Management System Center Update Rollup Improvements

July 25, 2012, 7:33 am

≫ Next: An in-depth look at Virtual Machine Manager Services – Part 1

≪ Previous: Update Rollup 2 for System Center 2012 is now available for download

Greetings,

Hi, Carmen Summers here from the Cloud and Data Center Management System Center team. Yesterday System Center released Update Rollup 2 for System Center 2012 posted on all System Center Blogs. This is the second Update Rollup System Center 2012 has released since General Availability. In the past year System Center has developed a new model for Sustained Engineering that centralized Virtual Machine Manager, App Controller, Orchestrator, Service Manager, Operations Manager, and Data Protection Manager into a single operational model. This new operating model will deliver consistency for release of Update Rollups for Cloud and Data Center Management System Center components.

The words above accurately describe the efficiency we want to achieve, but at the end of the day we are doing this for you, our customers, based upon feedback that we needed to make update delivery for System Center more discoverable, more accessible, and more consistent. Some of the new operational efficiencies that will benefit you, our customers, are:

Quarterly Update Rollup releases
Update Rollups are the primary way CDM System Center will release updates publicly
Each Update Rollup will supersede the last making is easier track if you have everything you need installed
Update delivery on Microsoft Update to enable ease of detection and installation via MU or WSUS (Please note, that this is a work in progress)
A single master KB article that describes all fixes to enable ease of finding all information in a single location

We are always striving to make our operating model more efficient. If you have any suggestions or feedback I would love to hear it.

Carmen Summers
Senior Program Manager | Cloud & Datacenter Management System Center

↧

An in-depth look at Virtual Machine Manager Services – Part 1

July 31, 2012, 9:53 am

≫ Next: KB: System Center 2012 Virtual Machine Manager Error: The selected user is not a member of any user roles that has this object in its scope

≪ Previous: Cloud and Datacenter Management System Center Update Rollup Improvements

Virtual Machine Manager 2008 R2 had support for Virtual Machine templates (VM templates). At their core, VM templates consist of three main artifacts: one or more virtual disks, a hardware profile (define hardware characteristics of the virtual machine) and a guest OS profile (define Windows Operating System specialization values for the virtual machine). VM templates are great for repeatedly and reliably deploying standalone (read: single) virtual machines, but they suffer from at least three notable limitations:

1. Single Machine: VM templates, by definition, define a single virtual machine. While there are certainly use cases for single virtual machine deployments, when we think about typical business service deployment, it is likely that said deployment spans multiple machines. For example, consider a two tier application with a load balanced Web front end and a SQL Server backend. Even a small deployment of a service of this type would consist of three machines: two load balanced web servers and a SQL server.

2. Limited In-Guest Configuration: While the Guest OS Profile component of a VM template allows users to define basic Windows OS specialization options such as the computer name, initial administrator password and domain join characteristics of the virtual machine, they cannot easily be used to define richer in-guest configuration options such as Windows Server Role/Feature install, application installation or post-install configuration scripts.

3. Fire and Forget: When a virtual machine is deployed from a VM template, the deployed instance maintains no relationship back to the template from which it was provisioned. Over time, this means that it is difficult, if not impossible, to determine if a deployed instance is still compliant with (i.e. matches) the initial configuration specified in the template. What’s more, consider the situation where you defined a standard infrastructure server via a VM template, specified 1GB of memory in the template and then deployed 80 virtual machine instances from said template. What if it turned out that 1GB was not sufficient and that each of those machines really needed 2GB of memory? With a VM template, you’re stuck manually modifying each of the deployed instances, assuming you can even figure out which instances were deployed from that template.

In VMM 2012, we set out to solve each of these problems (and more). Our solution is called a Service template. We’re going to make available a series of Blog posts to walk through Service templates and Service instances. In this post, Part 1, we’ll begin by discussing Service templates and the features they enable and end by creating a template to deploy a two server environment consisting of an IIS Server and a SQL Server.

Service Templates

Virtual Machine Manager 2012 includes a new template type – a Service template – and several new profile types (e.g. Application Profile, SQL Server Profile) which together solve each of the VM template limitations described above. Specifically, Service templates enable:

1. Multi-Machine Modeling: While Service templates can be used to model and deploy a single machine, they can also be used to model a deployment which consists of multiple machines. Consider the example discussed above, a two tier application with a load balanced Web front end and a SQL Server backend. Using a Service template (which is created in our new Service Designer UI), you can model your Web front end as a “tier” of the service and your SQL Server as a second “tier” of the service. Each tier has its own definition such as hardware characteristics, Windows OS specialization values and application deployments (more on that later). Here is our typical two tier application seen in the Service Designer:

2. Rich In-Guest Configuration: Service templates enable a rich set of in-guest configuration options such as Windows Server 2008 R2 (or higher) Role/Feature installation, application deployment (including first class support for MS Deploy, Server App-V and SQL Data-tier applications) and arbitrary payload delivery and script execution (e.g. a custom .cmd file which can install a custom MSI file). You can even complete the installation of a prepared instance of SQL server, meaning that when your Service instance virtual machine is done provisioning it’s a fully configured SQL Server!

3. Template References: When a Service instance is deployed from a Service template, the deployed instance maintains a relationship back to the template (and template version) from which it was provisioned. Over time, this means that it is easy to determine if a deployed instance is still compliant with (i.e. matches) the initial configuration specified in the template. What’s more, recall the situation described above where you defined a standard infrastructure server via a VM template, specified 1GB of memory in the template and then deployed 80 virtual machine instances from said template. By leveraging a Service template for this instead of a VM template, you could easily copy the template, make your hardware modifications and then apply the updated template to the 80 running instances and VMM will take care of shutting the machines down, reconfiguring the memory and starting them back up!

Service Authoring – Standard IIS Server

Just as VM templates have building blocks (Hardware profiles, OS profiles, physical artifacts such as VHDs), so too do Service templates. In addition to the standard building blocks, Service templates can leverage application packages, custom resource packages (more on those in a later blog post) and even VM templates as building blocks. For example, let’s say I need to define what a standard IIS server configuration looks like in my environment. What’s more, I want Service authors to be able to leverage this standard configuration so that all deployed Services use a consistent IIS configuration. I’ll start by creating a VM template which defines the standard IIS server in my environment. After launching the Create VM Template Wizard, I provide the following values:

1. Source: I choose a base Windows Server 2008 R2 SP1 sysprepped VHD from my VMM library

2. VM Template Name: Standard IIS Server

3. Hardware: I specify the standard hardware configuration for IIS servers in my environment

4. Operating System: I provide some sensible defaults, domain join information and also configure the Windows Server Roles and Features which define the standard IIS server in my environment:

5. Applications: Because I want this template to be used as a standard building block, I don’t configure any applications (though if I had a standard IIS configuration script which should run, I could add that here).

6. SQL Server: Because this is an IIS server, I’m not going to have SQL configured so I can skip this page.

7. Summary: Go ahead and create the template:

Service Authoring – Standard SQL Server

Just as I did with my Standard IIS server above, I want my Service authors to be able to leverage a standard SQL server template so that all deployed Services use a consistent SQL configuration. Again, I’ll start by creating a VM template which defines the standard SQL server in my environment. After launching the Create VM Template Wizard, I provide the following values:

1. Source: I choose a base Windows Server 2008 R2 SP1 sysprepped VHD which contains a sysprepped instance of SQL server from my VMM library. For more information on preparing a sysprepped instance of SQL, see Qingbo Cai’s excellent blog post.

2. VM Template Name: Standard SQL 2008 R2 Server

3. Hardware: I specify the standard hardware configuration for SQL servers in my environment

4. Operating System: I provide some sensible defaults, domain join information and also configure any Windows Server Roles and Features which define the standard SQL server in my environment:

5. Applications: Because I want this template to be used as a standard building block, I don’t configure any applications (though if I had a standard SQL configuration script which should run, I could add that here).

6. SQL Server: Because this is a SQL server, I’m going to go ahead and configure a SQL deployment for this template. Again, Qingbo’s blog post referenced above has all the details about deploying SQL servers with the new SQL Profile object available in VMM.

7. Summary: Go ahead and create the template.

Of course, we’ve also introduced monitoring and diagram views for our other new VMM features such as private clouds, IP address pools and Storage pools.

Putting it all Together

So now I have a couple of Service template building blocks. I want to provide my developers with a standard Web-SQL development environment, which should consist of a single IIS server and a single SQL server. With that in mind, I’m going to create a new Service template which allows them to deploy such an environment quickly and reliably. I’ll go ahead and choose to create a new Service template from the VMM library section of the Admin Console and I’ll start with a blank template, providing a name and release:

Now that I’m in the Service Designer UI, I see that my existing VM templates are available as building blocks of my Service template. If I needed to create a new type of VM definition for this service, I could simply use the “Add Machine Tier” option in the ribbon to create a new type of VM for use in my Service. Because I have my Web and SQL VM templates available, all I need to do is drag and drop each on to the Designer canvas:

Once that’s done, I can click the save and validate ribbon action and my template is now ready for use. I can delegate access to the template to the appropriate self-service users and they have one click deployment of a Web Server / SQL Server environment available to them!

Wrapping Up

I hope this brief overview gave you not only a great overview of Services but also sparked your imagination as to the myriad options for leveraging Services in your environment. In the next part of this series, we’ll walk through modifying the template to make it more customizable by the end user at deployment time and also add a couple of applications to the deployment.

Stephen Baron | VMM Program Manager

Get the latest System Center news on Facebook and Twitter:

↧

KB: System Center 2012 Virtual Machine Manager Error: The selected user is not a member of any user roles that has this object in its scope

August 6, 2012, 9:07 am

≫ Next: KB: How to troubleshoot the “Needs Attention” and “Not Responding” host status in System Center 2012 Virtual Machine Manager

≪ Previous: An in-depth look at Virtual Machine Manager Services – Part 1

Here’s a new Knowledge Base article we published. This one talks about an issue where attempting to change the ownership of a VM in VMM 2012 to a user who is a member of the Self-Service User role created by the VMM Administrator fails.

=====

Symptoms

When the VMM delegated administrator tries to change the ownership of a VM in System Center 2012 Virtual Machine Manager (VMM) to a user who is a member of the Self-Service User role created by the VMM Administrator, the following error is displayed:

The selected user is not a member of any user roles that has this object in its scope. Please select another user.

This happens even when the VMM delegated administrator has the cloud in its scope to which the VM is assigned and to which the Self-Service User role has access.

Cause

This is by design as the VMM Delegated Administrators cannot view, modify, or remove user roles created by members of the Administrator user role or by other VMM Delegated Administrator user roles. Due to this fact, a Self-Service User role created by the VMM Administrator is not accessible to the VMM Delegated Administrator.

Resolution

To allow a delegated administrator in VMM to change the membership of a self-Service user role, that role must be created by the delegated administrator. Below are two methods of creating a self-service user role that can be managed by a delegated administrator.

Method 1:

1. Login to VMM as a Delegated Administrator.
2. Create a new Self-Service User Role (for example SSU_HelpDesk) and assign a user (for example contoso\Vladimir) as the member of this Self-Service User role.

Now the VMM delegated administrator should be able to change the ownership of the virtual machine to contoso\Vladimir as contoso\Vladimir is a member of the Self-Service User role (SSU_HelpDesk) created by the currently logged in VMM Delegated Administrator (assuming that the virtual machine is in the cloud which both the newly created Self-Service User role and the VMM delegated administrator role have in their scope).

NOTE If you log in as a member of a different VMM Delegated Administrator role and try to change the ownership of the virtual machine to contoso\Vladimir, you will get the error "The selected user is not a member of any user roles that has this object in its scope. Please select another user" since the Self-Service User role SSU_HelpDesk was created by a different VMM Delegated Administrator role.

Method 2:

The second option is to use the VMM PowerShell. In this example we are going to create a new Self-Service User role called 'ContosoSSU' and assign 'DelAdmin' VMM delegated administrator user role as an owner of the ContosoSSU which will enable members of the 'DelAdmin' role to change the ownership of a VM to a user who is a member of the 'ContosoSSU'.

1. Login as a VMM Administrator
2. Launch the VMM PowerShell
3. Type: $UserRole=Get-SCUserRole -name "DelAdmin"
4. Press enter
5. Type: New-SCUserRole -Name "ContosoSSU" -UserRoleProfile "SelfServiceUser" -ParentUserRole $UserRole
6. Press Enter
7. Now the new Self-Service User role "ContosoSSU" is created, and a member of the DelAdmin user group should be able to change ownership of a VM to user who is a member of the "ContosoSSU". Note that both DelAdmin and ContosoSSU need to have the same cloud in their scopes.

=====

For the most current version of this article please see the following:

2736792 - System Center 2012 Virtual Machine Manager Error: The selected user is not a member of any user roles that has this object in its scope

J.C. Hornbeck | System Center & Security Knowledge Engineer

Get the latest System Center news on Facebook and Twitter:

↧

KB: How to troubleshoot the “Needs Attention” and “Not Responding” host status in System Center 2012 Virtual Machine Manager

August 13, 2012, 11:04 am

≫ Next: KB: How to troubleshoot issues when adding a Hyper-V host in System Center 2012 Virtual Machine Manager

≪ Previous: KB: System Center 2012 Virtual Machine Manager Error: The selected user is not a member of any user roles that has this object in its scope

Here’s a new Knowledge Base article we published that talks about how to troubleshoot the “Needs Attention” and “Not Responding” host status in System Center 2012 Virtual Machine Manager. This is one you’ll probably want to add to your Favorites.

=====

Summary

This article discusses how to troubleshoot the “Needs Attention” and “Not Responding” host status in System Center 2012 Virtual Machine Manager. The “Needs Attention” and “Not Responding” host status in the VMM console occurs because the VMM Server is unable to communicate with the host machine or components (WMI, WinRM, etc.) on the host machine that are used to communicate with the VMM Server are not functioning correctly.

Common errors that are logged in the Jobs views in the VMM Console when the host status is “Needs Attention” or “Not Responding:”

Warning (2915)
The Windows Remote Management (WS-Management) service cannot process the request. The object was not found on the server (servername.domain.com).
Unknown error (0x80041002) or Unknown error (0x80338000)

Error (2916)
VMM is unable to complete the request. The connection to the agent servername.domain.com was lost.
Unknown error (0x80338126) or Unknown error (0x80338012)

Warning (12710)
VMM does not have appropriate permissions to access the Windows Remote Management resources on the server (servername.domain.com).
Unknown error (0x80338104)

Warning (13926)
Host cluster servername.domain.com was not fully refreshed because not all of the nodes could be contacted. Highly available storage and virtual network information reported for this cluster might be inaccurate.

Error (20506)
Virtual Machine Manager cannot complete the Windows Remote Management (WinRM) request on the computer servername.domain.com.

Perform the steps documented in the More Information section to identify the cause of the “Needs Attention” or “Not Responding” host status.

More Information

Step 1: Check the Health status of the Host

To check the Health status of a host, perform the following steps:

1. Open the VMM Console.
2. Select the Fabric view, right-click the host that’s experiencing issues and chose properties.
3. Within the host properties, select Status.
4. Select the category that has the Red exclamation to view the error details.

For more information on the host health check feature, please reference the following blog: http://blogs.technet.com/b/scvmm/archive/2011/12/19/host-properties-new-in-vmm-2012-expanded-health-checks.aspx

Step 2: Use the Virtual Machine Manager Configuration Analyzer (VMMCA)

VMMCA is a diagnostic tool you can use to evaluate important configuration settings for computers that are either running VMM server roles or are acting as virtual machine hosts. The VMMCA scans the hardware and software configurations of the computers you specify, evaluates them against a set of predefined rules, and then provides you with error messages and warnings for any configurations that are not optimal.
To download the Virtual Machine Manager Configuration Analyzer, visit the following Microsoft website:
http://www.microsoft.com/en-us/download/details.aspx?id=29309

Step 3: Verify the VMM service account is a member of the local administrators group on the host

• If the VMM service is running under a domain account, verify the domain account is a member of the local administrators group on the host.
• If the VMM is running under the local system account, verify the computer account is a member of the local administrators group on the host.
If the VMM service account is removed from the local administrators group on the host, this issue could be caused by a “Restricted Groups” group policy.
To resolve this issue, perform one of the following steps:

• Add the VMM service account to the Administrators "restricted groups" group policy setting.
• Create a new organizational unit in the domain, move the host computer object to the new OU and then configure the new organizational unit to block policy inheritance.

Step 4: Check for corrupted performance counters

Check the Application event log on the host to see if the following event is logged:

Log Name: Application
Source: Microsoft-Windows-LoadPerf
Event ID: 3012
Description:
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

If the Event ID 3012 is logged on the host machine, perform the steps documented in the following knowledge base article to rebuild the performance counters:

2554336 How to manually rebuild Performance Counters for Windows Server 2008 64bit or Windows Server 2008 R2 systems

Step 5: Check the Svchost.exe process of the Windows Remote Management service

VMM depends on the Windows Remote Management service for host communication. Therefore, the "Not Responding" status is very likely to occur because of an error in the underlying Windows Remote Management communication between the VMM server and the host computer. In this scenario, the host status is "OK" shortly after you restart the host computer. However, the status changes to "Not Responding" after three to four hours, and jobs on the VMM server fail and return an error that resembles the following:

Error (2927)
A Hardware Management error has occurred trying to contact server servername.domain.com.
Unknown error (0x803381a6)

Additionally, if you stop the Windows Remote Management service at a command prompt, this process takes much longer than usual to be completed. Sometimes, it can take up to five minutes to stop.
This problem can occur if the shared Svchost.exe process that hosts the Windows Remote Management service is experiencing issues.
To resolve this problem, configure the Windows Remote Management service to run in a separate Svchost.exe process. To do this, open an elevated command prompt, type the following command and then press ENTER.

sc config winrm type= own

Note Make sure that you type the command exactly as it appears here. Notice the space after the equal sign (=) symbol.
If the command is completed successfully, you should see the following output:
[SC] ChangeServiceConfig SUCCESS

Step 6: Increase the default values for WinRM

On each server, open an elevated command prompt, type the following commands and then press Enter after each command:
winrm set winrm/config @{MaxTimeoutms = "1800000"}
winrm set winrm/config/Service @{MaxConcurrentOperationsPerUser="400"}
net stop winrm
net start winrm
net start scvmmagent

=====

For the most current version of this article please see the following:

2742246 - How to troubleshoot the “Needs Attention” and “Not Responding” host status in System Center 2012 Virtual Machine Manager

J.C. Hornbeck | Knowledge Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity- support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

KB: How to troubleshoot issues when adding a Hyper-V host in System Center 2012 Virtual Machine Manager

August 14, 2012, 10:05 am

≫ Next: KB: Adding a SAN storage provider in System Center 2012 Virtual Machine Manager fails with SMI-S Error 26100

≪ Previous: KB: How to troubleshoot the “Needs Attention” and “Not Responding” host status in System Center 2012 Virtual Machine Manager

Here’s a new Knowledge Base article we published. This one covers how to troubleshoot issues when adding a Hyper-V host in System Center 2012 Virtual Machine Manager.

=====

Summary

This article covers how to troubleshoot issues when adding a Hyper-V host in System Center 2012 Virtual Machine Manager.
Common errors that are logged in the VMM Console when an “Add virtual machine host” job fails:

Error (421)
Agent installation failed on servername.domain.com because of a WS-Management configuration error.

Error (2912)
An internal error has occurred trying to contact an agent on the servername.domain.com server.

Error (2916)
VMM is unable to complete the request. The connection to the agent servername.domain.com was lost.

Error (2927)
A Hardware Management error has occurred trying to contact server servername.domain.com.

Perform the steps documented in the More Information section to identify the cause of the issue.

More Information

Step 1: Review the VMM Agent installation log file

On the Hyper-V host, review the “vmmAgent.msi_date_time.log” file that’s located in the %systemdrive%\ProgramData\VMMLogs directory.

Note: This log file may not exist if the failure occurs early in the installation process.

Step 2: Use the Virtual Machine Manager Configuration Analyzer (VMMCA)

To download the Virtual Machine Manager Configuration Analyzer, visit the following Microsoft website:

http://www.microsoft.com/en-us/download/details.aspx?id=29309

Step 3: Verify the ports used by VMM are not blocked by a firewall

Verify the ports used by VMM to communicate with the Hyper-V host are not blocked by a firewall. By default, VMM uses the following ports to communicate with the Hyper-V host:

TCP port 443
TCP port 5985
TCP port 5986

For more information on the ports used by VMM, please reference the following TechNet article: http://technet.microsoft.com/en-US/library/gg710871.aspx

Step 4: Check for duplicate SPNs

Perform the steps documented in the following article to check for duplicate SPNs:

970923 Unable to add a managed host in SCVMM 2008 and SCVMM 2012, Error 2927 (0x8033809d)

Step 5: Check for corrupted performance counters on the Hyper-V host

Check the Application event log on the host to see if the following event is logged:

If the Event ID 3012 is logged on the host machine, perform the steps documented in the following knowledge base article to rebuild the performance counters:

2554336 How to manually rebuild Performance Counters for Windows Server 2008 64bit or Windows Server 2008 R2 systems

Step 6: Manually install the VMM Agent on the Hyper-V host

If the Add-SCVMHost job continues to fail, manually install the agent on the Hyper-V host by performing the steps documented in the following TechNet article: http://technet.microsoft.com/en-us/library/bb740757.aspx

=====

For the most current version of this article please see the following:

2742275 - How to troubleshoot issues when adding a Hyper-V host in System Center 2012 Virtual Machine Manager

J.C. Hornbeck | Knowledge Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity- support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

KB: Adding a SAN storage provider in System Center 2012 Virtual Machine Manager fails with SMI-S Error 26100

August 21, 2012, 10:40 am

≫ Next: System Center 2012 Self-Study Guide - Unified Installer and Virtual Machine Manager

≪ Previous: KB: How to troubleshoot issues when adding a Hyper-V host in System Center 2012 Virtual Machine Manager

Here’s a new Knowledge Base article we published. This one talks about troubleshooting an issue where adding a SAN storage provider in VMM 2012 fails with SMI-S Error 26100.

=====

Symptoms

When attempting to discover a SAN storage provider in System Center 2012 Virtual Machine Manager (VMM) using the Add Storage Devices Wizard, the action fails with Error 26100:

Unable to contact storage service on %ComputerName;.
Ensure that the storage service is properly installed and running.

Cause

The Microsoft Storage Management Service is not installed properly on the VMM server or is corrupted. The result is that the service is not running and it is not possible to manually start it.

Resolution

To resolve this issue, uninstall the Microsoft Storage Management service on the VMM server and then reinstall it again. To do this, follow the steps below:

1. Close all VMM consoles.

2. On the Virtual Machine Manager server, stop the System Center Virtual Machine Manager service and the System Center Virtual Machine Manager Agent service.

3. Uninstall the Microsoft Storage Management service by running the StorageService.msi from the System Center 2012 Virtual Machine Manager installation media (\amd64\setup\msi\SCXStorage) and choosing the Remove option.

4. Open an elevated command prompt (Run as administrator).

5. In the opened command prompt, change the directory to the VMM installation media. For example: cd D:\amd64\setup\msi\SCXStorage.

6. In the opened command prompt, type and run the following command:

msiexec /i StorageService.msi /L*V c:\temp\install.txt

This will install the Microsoft Storage Management service and put the installation log in the c:\temp folder.

7. On the Virtual Machine Manager server, start the System Center Virtual Machine Manager service and the System Center Virtual Machine Manager Agent service.

8. Verify that the Microsoft Storage Management service is running.

At this point you should be able to discover the supported SAN storage.

More Information

VMM trace shows the following:

WSMAN: URL: [http://SERVERNAME:5985] Verb: [ENUMERATE]; resource[http://schemas.microsoft.com/wbem/wsman/1/wmi/root/microsoft/scx/storage/sm/MSFT_SMStorageDiscovery];
WsmanAPIWrapper.cs,2894,0x00000000,Retrieving underlying WMI error to throw. Got string "<f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150858752" Machine="SERVERNAME"><f:Message><f:ProviderFault provider="WMI Provider" path="%systemroot%\system32\WsmWmiPl.dll"><f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150858752" Machine="SERVERNAME"><f:Message>The WS-Management service cannot process the request. The service cannot find the resource identified by the resource URI and selectors. </f:Message></f:WSManFault></f:ProviderFault></f:Message></f:WSManFault>

=====

For the most current version of this article please see the following:

2744216 - Adding a SAN storage provider in System Center 2012 Virtual Machine Manager fails with SMI-S Error 26100

J.C. Hornbeck | Knowledge Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

↧

System Center 2012 Self-Study Guide - Unified Installer and Virtual Machine Manager

August 28, 2012, 9:08 am

≫ Next: How to create and configure a private cloud in System Center 2012 Virtual Machine Manager

≪ Previous: KB: Adding a SAN storage provider in System Center 2012 Virtual Machine Manager fails with SMI-S Error 26100

Are you looking for a good way to get started learning everything that’s new in VMM 2012? If so then here’s the guide for you:

=====

In this post, I'll cover Unified Installer and Virtual Machine Manager. As usual, I will focus on the self-study material that is freely available from Microsoft so that you and your team can get up to speed on these important technologies. Once again, to help those who might not fully understand the purpose of the two components under consideration in this post, let me start with a brief definition of each:

Unified Installer - "You run the Unified Installer to deploy System Center 2012 components. After you select a System Center 2012 component to install, the Unified Installer prompts you for the prerequisites that the component requires. Then, the Unified Installer installs the component and its prerequisites."

Virtual Machine Manager - "System Center 2012 – Virtual Machine Manager (VMM) is a management solution for the virtualized datacenter, enabling you to configure and manage your virtualization host, networking, and storage resources in order to create and deploy virtual machines and services to private clouds that you have created."

=====

For the complete VMM 2012 self study guide please see the following:

System Center 2012 Self-Study Guide (Part 7 - Unified Installer and Virtual Machine Manager)

J.C. Hornbeck | Knowledge Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity- support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

How to create and configure a private cloud in System Center 2012 Virtual Machine Manager

August 30, 2012, 12:42 pm

≫ Next: Support Tip: Connecting to a VM running on a VMware cluster from VMM 2012 fails with error 20700

≪ Previous: System Center 2012 Self-Study Guide - Unified Installer and Virtual Machine Manager

Hi all, this is Vladimir from the VMM team and today I want to very quickly show how easy it is create and configure a private cloud in System Center 2012 Virtual Machine Manager (VMM 2012) and enable users to access already existing virtual machines.

First of all, you will need to configure your backend infrastructure such as storage, networks, Hyper-V/ESX/Xen hosts, etc. Once all that is done, you are ready to create a private cloud. Here are the general steps:

1. Create a private cloud by clicking on the “Create Cloud” button under the VMs and Service tab.

2. While creating the cloud, assign a host group to the cloud and configure it as appropriate for your environment.

3. Once the cloud is created, assign one or more VMs to the cloud. You can do this by going into the VM’s properties and changing the ‘Cloud’ setting under the general tab as you can see below.

4. Next, create a Self-Service User role by clicking on the ‘Create User Role’ button under the Settings->Security->User Roles. When creating the user role, ensure the following:

a. Ensure that you assign the cloud created in step 1 to this user role’s scope:

b. Under the resources tab, add to the list the VMs that you want this user role to have access to. In the example below, I want the members of this user role to only have access to one VM.

After the Self-Service User role is created, the members of this user role should be able to access the VM through VMM console, VMM Self-Service portal, or AppController.

I hope that reading this post was of use for you. See you soon!

Vladimir Petrosyan | Support Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

↧

Support Tip: Connecting to a VM running on a VMware cluster from VMM 2012 fails with error 20700

September 4, 2012, 9:35 am

≫ Next: System Center 2012 Service Pack 1 Beta Now Available for Download

≪ Previous: How to create and configure a private cloud in System Center 2012 Virtual Machine Manager

Hi folks, this is Vladimir from the VMM team and today I want to discuss an issue with System Center 2012 Virtual Machine Manager (VMM 2012) and VMware vCenter 4.1 that I saw few weeks ago. The summary of the issue is this: A VMM 2012 Self-Service user receives the following error when trying to connect via console to a VM running on a VMware cluster of two ESX 4.1 hosts either from the VMM Self-Service Portal, the VMM console, or System Center 2012 AppController:

VMConsoleParamsFetchFailure (20700)
Could not retrieve console parameters for virtual machine %VMName;.
Ensure that the virtual machine exists and that the host %VMHostName; can be contacted, and then try the operation again.

The VMM 2012 Administrator is able to connect via the console to the same VM without any issues. My initial thought was that this is related to the permissions issue somewhere between VMM and vCenter, and my guess ended up being correct. A VMM trace showed the following:

GetVmConsoleParameters.cs,126,0x00000000,Trying to get run as account with username SCVMM.vm-41 and associated with vm 247ac427-fa90-4522-9a28-77903973aea7

ClientConnection.cs,267,0x00000000,Exception during context of an indigo call; carmine error code returned 20700
ClientConnection.cs,267,0x00000000,Microsoft.VirtualManager.Utils.CarmineException: Could not retrieve console parameters for virtual machine <VM_NAME>.

    at Microsoft.VirtualManager.Engine.VmOperations.VMConsoleOperations.GetConsoleParameters(Guid vmObjectId; ConnectionProperties connProperties)
at Microsoft.VirtualManager.Engine.Remoting.ClientConnection.GetVMConsoleParameters(Guid vmObjectId)
    at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance; Object[] inputs; Object[]& outputs)
    at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
    at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
    at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(MessageRpc& rpc)
    at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
*** Carmine error was: VMConsoleParamsFetchFailure (20700)

I have two environments. One where the issue is occurring and one where the Self-Service users are able to connect via console to VMs, so I started comparing them.

After some troubleshooting I was able to understand what is causing this. In short, when we add vCenter to VMM 2012, we have to use an account that is a local administrator on the Windows server where vCenter server is running. That account needs to be a vCenter Administrator as well. The reason why we experienced error 20700 is because VMM 2012 was not able to create and configure the required users, user roles, and permission on the vCenter server. The account used to add vCenter to VMM2012 possibly did not have all the rights that VMM needs. When the account has enough permissions, this is what VMM 2012 does on vCenter to enable VMM Self-Service users to connect via the console to VMs on the ESX hosts:

1. VMM creates a run-as account (SCVMM.vm-xx) that it uses to enable Self-Service users to connect to vCenter. It also specifies for which VMs this run-as account should be used.

2. Then on the Windows machine where vCenter server is running, VMM creates a local user account with the same name as the run-as account created above.

3. In vCenter, VMM creates two user roles (SCVMMSelfServiceUser and SCVMMConsoleUser), gives those user roles Console Interaction permission, adds local account SCVMM.vm-xx to the SCVMMConsoleUser role and then assigns SCVMM.vm-xx permission to the VM to which the VMM Self-Service user has access to.

NOTE Most of these users, user roles, and permissions are created/configured when the VMM Self-Service user tries to connect to a VM via console from the Self-Service Portal, VMM console, or System Center 2012 AppController.

In my case, we resolved this issue by removing vCenter server from VMM and then adding it back using a domain account that was a local Administrator on Windows machine where vCenter running and also a vCenter Administrator. In theory, you can use a local account too, but for some reason using the local account in one of the environments caused this issue. The steps to add a vCenter server to VMM are described here: http://technet.microsoft.com/en-us/library/gg610681

I hope you found this post interesting and helpful. See you soon!

Vladimir Petrosyan | Support Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity- support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

System Center 2012 Service Pack 1 Beta Now Available for Download

September 11, 2012, 9:20 am

≫ Next: Free tool to convert VMware-based virtual machines and disks to Hyper-V based virtual machines and disks

≪ Previous: Support Tip: Connecting to a VM running on a VMware cluster from VMM 2012 fails with error 20700

The Beta of System Center 2012 Service Pack 1 (“SP1”) enables System Center customers to jointly evaluate System Center 2012 with Windows Server 2012 and Windows 8. The Beta is for evaluation purposes only and not to be used in production as described in the EULAs associated with the product. No license keys are required to do this evaluation. The Beta includes updates and enhancements to the following System Center 2012 components:

Virtual Machine Manager
- Improved Support for Network Virtualization
- Extend the VMM console with Add-ins
- Support for Windows Standards-Based Storage Management Service, thin provisioning of logical units and discovery of SAS storage
- Ability to convert VHD to VHDX, use VHDX as base Operating System image
Configuration Manager
- Deployment and management of Windows 8 and Windows Server 2012
- Distribution point for Windows Azure to help reduce infrastructure costs
- Automation of administrative tasks through PowerShell support
- Management of Mac OS X clients and Linux and UNIX servers
- Real-time administrative actions for Endpoint Protection related tasks
Data Protection Manager
- Improved backup performance of Hyper-V over CSV 2.0
- Protection for Hyper-V over remote SMB share
- Protection for Windows Server 2012 de-duplicated volumes
- Uninterrupted protection for VM live migration
App Controller
- Service Provider Foundation API to create and operate Virtual Machines
- Support for Azure VM; migrate VHDs from VMM to Windows Azure, manage from on-premise System Center
Operations Manager
- Support for IIS 8
- Monitoring of WCF, MVC and .NET NT services
- Azure SDK support
Orchestrator
- Support for Integration Packs, including 3rd party
- Manage VMM self-service User Roles
- Manage multiple VMM ‘stamps’ (scale units), aggregate results from multiple stamps
- Integration with App Controller to consume Hosted clouds
Service Manager
- Apply price sheets to VMM clouds
- Create chargeback reports
- Pivot by cost center, VMM clouds, Pricesheets
Server App-V
- Support for applications that create scheduled tasks during packaging
- Create virtual application packages from applications installed remotely on native server

For all the details and a download link please see the following: http://www.microsoft.com/en-us/download/details.aspx?id=34607

J.C. Hornbeck | Knowledge Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity- support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

Free tool to convert VMware-based virtual machines and disks to Hyper-V based virtual machines and disks

September 18, 2012, 11:14 am

≫ Next: Step by step: From bare metal to the private cloud with Microsoft System Center 2012

≪ Previous: System Center 2012 Service Pack 1 Beta Now Available for Download

The Microsoft Virtual Machine Converter (MVMC) Solution Accelerator is a Microsoft-supported, stand-alone solution for the IT pro or solution provider who wants to convert VMware-based virtual machines and disks to Hyper-V®-based virtual machines and disks.

MVMC provides the following features:

Converts and deploys virtual machines from VMware hosts to Hyper-V hosts including Hyper-V on Windows Server® 2012. As part of the machine conversion MVMC converts the virtual disks attached to the source virtual machine. It also migrates configuration such as memory, virtual processor and so on from the source virtual machine to the converted virtual machine deployed on Hyper-V. It adds virtual network interface cards (NICs) to the converted virtual machine on Hyper-V.
Converts VMware virtual disks to Hyper-V based virtual hard disks (VHDs).
Supports conversion of virtual machines from VMware vSphere 4.1 and 5.0 hosts to Hyper-V.
- Note MVMC also supports conversion of virtual machines from VMware vSphere 4.0 if the host is managed by vCenter 4.1 or vCenter 5.0. You have to connect to vCenter 4.1 or 5.0 through MVMC to convert virtual machines on vSphere 4.0.
Offers fully scriptable command-line interfaces for performing virtual machine and disk conversions that integrates well with data center automation workflows and Windows PowerShell scripts.
Has a wizard-driven GUI, making it simple to perform virtual machine conversion.
Uninstalls VMware tools prior to conversion to provide a clean way to migrate VMware-based virtual machines to Hyper-V.
Supports Windows Server guest operating system conversion, including Windows Server 2008 R2, Windows Server 2008 and Windows Server 2003 SP2.
Enables conversion of Windows® client versions including Windows 7.
Installs integration services on the converted virtual machine if the guest operating system is Windows Server 2003 SP2.

For all the details and a download link please see the following:

http://www.microsoft.com/en-us/download/details.aspx?id=34591

J.C. Hornbeck | Knowledge Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

↧

Step by step: From bare metal to the private cloud with Microsoft System Center 2012

September 19, 2012, 10:22 am

≫ Next: Get inside the hood and learn details of Hyper-V over SMB support in VMM 2012

≪ Previous: Free tool to convert VMware-based virtual machines and disks to Hyper-V based virtual machines and disks

This is something we mentioned a few months ago but it’s such a great series I wanted to mention it again in case some of you missed it.

Microsoft’s own Travis Wright spent quite a bit of time with customers over the last 6-12 months helping them plan out and deploy their first private clouds managed by System Center 2012, and to help people get started faster he went to the Enterprise Engineering Center (EEC) on the Redmond campus, arranged for some really nice hardware and set up a System Center managed private cloud from bare metal all the way up. All along the way he recorded everything he did. In his 8 part webcast series below he shows you some of the best practices and process for getting started with your System Center 2012 managed private cloud. He deploys a Hyper-V host cluster, Virtual Machine Manager, Operations Manager, Service Manager, Orchestrator and the Cloud Service Process Management Pack, and integrate them all together in a high performance and high availability configuration.

If this is something you have planned, or maybe you’re just dreaming of how powerful and easy your life would be in a System Center 2012 environment, this is one series you won’t want to miss.

_____________

Bare Metal to Private Cloud (Part 1 of 8): Beginning with the End in Mind

http://go.microsoft.com/?linkid=9809577 or http://bit.ly/JTGtJK

Abstract: In this session, we take a look at the end state of managing a private cloud with Microsoft System Center, including the Cloud Services management pack. The sessions that follow this session describe how to go from bare metal to a private cloud managed by System Center.
_____________

Bare Metal to Private Cloud (Part 2 of 8): Hardware and Prerequisite Software Platform

http://go.microsoft.com/?linkid=9809578 or http://bit.ly/KJc41E

Abstract: In this session, we take a look at the hardware used for these sessions as examples of the kind of hardware that you can use to run a private cloud. We’ll also discuss how to install and configure the prerequisite software, such as the Windows Server operating system, SQL Server data management software, and Active Directory Domain Services.
_____________

Bare Metal to Private Cloud (Part 3 of 8): Clustering Hyper-V and Installing a Highly Available Virtual Machine Manager Cluster

http://go.microsoft.com/?linkid=9809579 or http://bit.ly/KvgVAM

Abstract: In this session, we take a look at how to create a Hyper-V host cluster and install a highly available cluster by using Virtual Machine Manager, a component of Microsoft System Center 2012.

_____________

Bare Metal to Private Cloud (Part 4 of 8): Configuring System Center 2012 - Virtual Machine Manager

http://go.microsoft.com/?linkid=9809580 or http://bit.ly/KlsCYU

Abstract: In this session, we talk about how to configure Virtual Machine Manager, a component of Microsoft System Center 2012. We explore how to deploy agents, create a host group, create a cloud, and create virtual networks.

_____________

Bare Metal to Private Cloud (Part 5 of 8): Installing and Configuring System Center 2012 - Operations Manager

http://go.microsoft.com/?linkid=9809581 or http://bit.ly/J2WDgE

Abstract: In this session, we show how to install a highly available Microsoft System Center 2012 - Operations Manager and deploy agents to manage the private cloud.

_____________

Bare Metal to Private Cloud (Part 6 of 8): Installing and Configuring System Center 2012 - Service Manager

http://go.microsoft.com/?linkid=9809582 or http://bit.ly/Ms8GtP

Abstract: In this session, we show how to install a highly available Microsoft System Center 2012 Service Manager, including the configuration management database (CMDB), data warehouse, reporting, self-service portal, and service catalog.

_____________

Bare Metal to Private Cloud (Part 7 of 8): Installing and Configuring System Center 2012 - Orchestrator

http://go.microsoft.com/?linkid=9809583 or http://bit.ly/JXQgPA

Abstract: In this session, we show how to install a highly available Microsoft System Center 2012 - Orchestrator and installing the System Center and other integration packs for automated administration of the private cloud.

_____________

Bare Metal to Private Cloud (Part 8 of 8): Integrating System Center 2012

http://go.microsoft.com/?linkid=9809584 or http://bit.ly/JcGHxd

Abstract: In this session, we configure the many integration points between the Microsoft System Center components and also between System Center and Active Directory Domain Services.

_____________

J.C. Hornbeck | Knowledge Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

The Forefront Server Protection blog: http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity- support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

↧

Get inside the hood and learn details of Hyper-V over SMB support in VMM 2012

September 27, 2012, 8:36 am

≫ Next: Information on support by Virtual Machine Manager for Windows Server 2012

≪ Previous: Step by step: From bare metal to the private cloud with Microsoft System Center 2012

In Windows Server 2012, Hyper-V added the capability to store virtual machine (VM) resources on network shares hosted on NAS devices as an alternative to SAN remote storage. The Hyper-V storage stack in Windows Server 2012 now supports increased resiliency for network disconnects for these VM resources by using the “resilient handles” feature in the SMB protocol. This basically means that now virtual machine resources such as VM configuration file, ISO files, VHD files and VHD snapshot files can be stored on any remote SMB file share that supports the SMB 2.2+ protocol.

The Hyper-V over SMB feature in System Center 2012 Virtual Machine Manager (VMM) builds on this feature by increasing management support and adding full support for NAS storage management. User can now do the entire lifecycle of a network share from creation, modifying permissions, to deletion through VMM. These network shares could either reside on a Windows Server 2012 (now SMB 3.0) file server or on NAS devices that implements the SMB 2.2 or higher protocol. Currently VMM support NAS devices (NetApp or/and EMC) supporting SMI-S compliant storage provider.

Basics

Following are the steps to manage SMB shares in VMM:

1. Add Storage device: The first step is to add the storage device or the Windows file server into VMM’s management. This can be done using the Fabric workspace à Storage\Provider node à Right click and select the “Add Storage device” option. Select “Native Windows WMI” for Windows file server or “SMI-S CIMXML” for SMI-S NAS compliant storage provider. Use the RunAs account that has administrator access on the file server. VMM will use this specified RunAs account to execute additional future file share administrative operations like create shares, modify permissions on the shares and delete shares. As part of this operation, VMM will discover all the currently present shares on the storage device and add them to VMM’s management. Any shares added later on the storage device (out of band from VMM) will also be periodically discovered and added to VMM management. The Add-SCStorageProvider cmdlet can also be used to add the storage device from PowerShell command line.

2. Create the share: You can optionally create file shares directly on this provider using the Fabric workspace à Storage\Provider node à Select the provider from the right view or data grid à Select the ribbon action to Create File Share. If the user specifies a local path that is not present on the file server, VMM will automatically add the path for you. The New-SCStorageFileShare cmdlet can also be used to create the share from PowerShell command line.

3. Register the share to a host or cluster: Once a share is added or discovered, you need to register it with any hosts or clusters where you want to create the VMs that can utilize the file server remote storage. This is done using the Fabric workspace à Select the host or cluster à Right click “Properties” à “Storage” page (for host) & “File Share Storage” page (for clusters) à Select “Add File Share” option. As part of this operation VMM will modify the share with the necessary permissions for the Hyper-V host to access the storage. Additional details on these permissions are given in the section titled “When should I manually modify the permissions on the share?”. The Register-SCStorageFileShare cmdlet can also be used to register the share from PowerShell command line.

4. Create the VM instance with VM resources on the SMB share: Once the share is registered with the host or cluster, you can now place virtual machine VHDs and/or VM resources on this share. During the new virtual machine creation wizard, you can select a SMB share in the “Configure Settings” page:

a. You can select to put all the virtual machine files on a SMB share. This can be done by selecting the “Virtual machine location” as the registered SMB share.

b. You can also optionally select to put only individual VHD files on a SMB share. This can be done by selecting the “Transfer the virtual hard disk by using the network” and then selecting the source as on of the library share and destination path as the registered SMB share.

c. You can also select to use an existing VHD from an SMB share. This can be done by selecting the “Use the virtual hard disk that exists at the destination” option and then select the destination path as the path to the VHD on the registered SMB share.

5. Unregistering the share from the host or cluster: Before removing the host or cluster, it is recommend to unregister the share from the host or cluster. This would cleanup all the unnecessary permissions, to the Hyper-V host, on the share. This can be done using the Fabric workspace à Select the host or cluster à Right click “Properties” à “Storage” page à Select “Remove File Share” option. The Unregister-SCStorageFileShare cmdlet can also be used to unregister a share from PowerShell command line. Based on optional user input –LeavePermissionsOnShare, one can select to not modify the permissions on the share. This option is only available when using PowerShell command line. The default for this option is $false i.e. to always remove the permissions from the share.

6. Remove the share: You can also remove the share completely from the file server using VMM. This can be done using Fabric workspace à Storage/Provider node à Select the provider from the right data grid à Select the share à Select the ribbon action “Remove”. Please note that this would permanently remove the share from the file system. This will not delete the files on the share. The Remove-SCStorageFileShare cmdlet can be used to remove the share from PowerShell command line.

For additional details on these steps, please visit the TechNet Library and look for Hyper-V over SMB support.

FAQ

When should I manually modify the permissions on the share?

VMM updates all the required permissions on the share for you. You don’t need to manually modify any permissions to allow Hyper-V access to the file share.

Figure 1: File server administration

VMM adds the following RunAs accounts to the share permissions:

a) The Hyper-V host administrator account. This is the management domain account used while adding the host or the cluster.

b) The machine account of the host. In cluster case, the VMM server will add the machine accounts of all the nodes of a cluster. When new nodes are added to the cluster, VMM will automatically update permission on all the shares registered to the cluster as part of the periodic refreshing of the cluster.

For Windows server SMB file shares, VMM will add the following permissions for all the above accounts:

a)  Share permissions: AccessRights.Full

b)  NTFS permissions: FileSystemRights.Modify | FileSystemRights.ChangePermissions | FileSystemRights.DeleteSubdirectoriesAndFiles

For SMI-S NAS compliant storage providers, VMM will add the following permissions for the above accounts:

a)      CIM_AssociatedPrivilege of 5 (Read), 6 (Write) and Change Permissions (14).

The only case where you ever want to modify permissions for a share, is the case of unmanaged share. An unmanaged share in VMM,

is one that is not associated with a provider or a file server. Such shares can also be managed by VMM, but with limited capability of

only being able to create VMs on these shares, but no share ACL management.

Credential Delegation: Why doesn’t VMM need constrained delegation for Hyper-V SMB storage?

Figure 2: Credential Delegation

On the first call to the SMB share, Hyper-V impersonates the user (in this case CONTOSO\AdminH) that has initiated the VHD mount operation. This is done to validate whether the calling user has appropriate permissions to the VHD file on the SMB share. If this call succeeds then in the following calls, Hyper-V will use the machine account credentials of the Hyper-V host (in this case CONTOSO\HyperVHost$).

When the VMM server/client or any other management client attempts to manage Hyper-V VMs on an SMB share remotely, an identity level token is handed to Hyper-V (first hop) by default which will result in a failure to authenticate to the SMB share (second-hop) after impersonation (as described above). This authentication failure is due to the fact that an identity level token cannot be used on any machine other than the one it was created on. To avoid this issue, either constrained delegation must be setup between the Hyper-V server and the SMB share server allowing the identity token on the Hyper-V server to be accepted by AD for authenticating to the SMB share server or VMM must pass a full interactive token to Hyper-V for the operation (provided by CredSSP).

The first option of using constrained delegation not only requires higher level of authority on the domain but also needs updating, as fabric (Hyper-V hosts/clusters) changes over time. The second alternative to achieve credential delegation, is to use CredSSP. Hyper-V remote APIs (WinRM) allows using CredSSP authentication for delegation of the callers’ credentials. VMM uses CredSSP and enables CredSSP on the host agent WinRM calls.

To enable CredSSP, VMM automatically does the following for you:

1. VMM Server Setup: VMM server setup configure the machine’s group policy settings to allow WinRM to use the CredSSP authentication provider.

o Enable WinRM client GPO: Computer Configuration\Administrative template\Windows Components\Windows Remote Management (WinRM)\WinRM Client

[Allow CredSSP authentication] = true

Command Line: winrm set winrm/config/client/auth '@{CredSSP="true"}'

o Enable credential delegation GPO: Computer Configuration\Administrative Templates\System\Credentials Delegation

[AllowFreshCredentials ] = "WSMAN/*"

2. Host agent Setup:

o Enable WinRM service GPO: Computer Configuration\Administrative template\Windows Components\Windows Remote Management (WinRM)\WinRM Service.

[Allow CredSSP authentication] = true

Command Line: winrm set winrm/config/service/auth '@{CredSSP="true"}'

3. VMM’s WinRM communication channel: WinRM only allows delegation of “Fresh credentials”. This requires the VMM server to explicitly pass valid credentials when creating a WinRM session. (Note that we cannot use VMM service account since WinRM does not support using “Default credentials”). We use the RunAs account assigned while adding the host or cluster for this purpose. All the following WinRM calls to the host will use this RunAs account to manage the host. Hence it’s essential to add the host and/or cluster with a RunAs account instead of just providing direct credentials (i.e. username and password), allowing VMM to use these saved credentials for delegation.

I hope that you will found this post helpful. Please feel free to submit feedback at the bottom of this post and/or ask questions on the VMM forums. Also, make sure to visit the VMM 2012 TechNet Library!

Thanks,

Radhika Gupta | Developer | MSFT

Get the latest System Center news on Facebook and Twitter:

↧

Information on support by Virtual Machine Manager for Windows Server 2012

October 1, 2012, 9:11 am

≫ Next: MMS 2013 Dates Announced!

≪ Previous: Get inside the hood and learn details of Hyper-V over SMB support in VMM 2012

We've had a couple of questions around support by Virtual Machine Manager for Windows Server 2012 so I wanted to post a quick update to let you all know where to find the information you’re looking for.

For full information on what's supported for each release, check these links:

VMM 2008 R2: http://technet.microsoft.com/en-us/library/cc764213.aspx

System Center 2012: http://technet.microsoft.com/en-us/library/gg610592.aspx

System Center 2012 SP1: http://technet.microsoft.com/en-us/library/jj628205.aspx

If you're reading this post more than a month after the publish date, it's best to look at those pages for the latest information.

Tip: Want to know when a TechNet page was last updated? Look for the Updated: [Date] text underneath the header on each page. You can also see what versions the page applies in the same spot.

Here's a quick table to look at; the short answer is that if you want to use Windows Server 2012 as a host or deploy a VM using our templates, you'll want to use System Center 2012 Service Pack 1 (SP1).

Version	Supports Windows Server 2012 as a Hyper-V host?	Supports deploying Windows Server 2012 VMs?
VMM 2008 R2	No	No
System Center 2012	No	No
System Center 2012 SP1	Yes	Yes

In general, if you want to know whether a particular version of VMM supports deploying a specific OS as a guest VM, check the Hyper-V support information for that version. For example, System Center 2012 supports Windows Server 2008 R2 Hyper-V, so the list of guest operating systems that VMM supports matches what Hyper-V for 2008 R2 supports.

J.C. Hornbeck | Knowledge Engineer | Management and Security Division

Get the latest System Center news on Facebook and Twitter:

↧

MMS 2013 Dates Announced!

October 8, 2012, 6:56 pm

≫ Next: Now Available - System Center Virtual Machine Manager – Service Pack 1 Beta

≪ Previous: Information on support by Virtual Machine Manager for Windows Server 2012

We're happy to announce that MMS will return to Las Vegas, NV, April 8-12, 2013!
In order to be one of the first to know about the opening of MMS 2013 registration, send mail to mmsnotfy@microsoft.com to subscribe to MMS News & Updates.

http://www.mms-2012.com/headlines/details/34ddda43-7b11-e211-84a1-001ec953730b