Connecting to Hyper-V 2012 Servers from Windows 10

In the past I’ve used John Howard‘s hvremote script to diagnose and fix these problems, but since I got Windows 10, I have been unable to connect to my Windows Server 2012 Hyper-V host.

This fix is both simple and non-obvious, so this guy rocks:

https://community.spiceworks.com/how_to/122307-fix-error-managing-hyper-v-server-2012-r2-from-windows-10

In case his article disappears, the one step is that you type this into a command prompt on the Hyper-V Host:

MOFCOMP %SYSTEMROOT%\System32\WindowsVirtualization.V2.mof

That’s it for a Hyper-V host which is Domain Joined to the same domain as you and your computer. If host and client are in different domains or one or both are not domain joined, you also nee to use hvremote, and follow the instructions.

Posted in Systems | Leave a comment

Azure VM Agent breaks your server

If you new up a VM in Azure, the integration components and VM Agent  are already installed, and they work fine. If, however, you prepare a machine in Hyper-V and upload the VHD, you need to install the Integration Components for Windows 2012 or R2 (if your Guest is an earlier version of Windows, such as 2008 R2) . You may also want to add the VM agent to get the BGInfo and some other bits that normally come as standard on a “Made in Azure” VM.

The installer they point you to is:

WindowsAzureVmAgent.2.3.1198.670.rd_art_stable.140328-0941.fre.msi

Sadly, it has a problem. After you install it, many Roles and Features simply can’t be installed or uninstalled. In fact, attempts to install e.g. IIS result in a cycle of 3 or 4 failures and reboots. The box feels properly broken.

The fix is this registry file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{9148c98f-152c-44d3-a496-26350c475d74}\ChannelReferences]
"Count"=dword:00000004

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{9148c98f-152c-44d3-a496-26350c475d74}\ChannelReferences]
@="Microsoft-WindowsAzure-Diagnostics/GuestAgent"
"Id"=dword:00000010
"Flags"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{9148c98f-152c-44d3-a496-26350c475d74}\ChannelReferences\1]
@="Microsoft-WindowsAzure-Diagnostics/Runtime"
"Id"=dword:00000011
"Flags"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{9148c98f-152c-44d3-a496-26350c475d74}\ChannelReferences\2]
@="Microsoft-WindowsAzure-Diagnostics/Heartbeat"
"Id"=dword:00000012
"Flags"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{9148c98f-152c-44d3-a496-26350c475d74}\ChannelReferences\3]
@="Microsoft-WindowsAzure-Diagnostics/Bootstrapper"
"Id"=dword:00000013
"Flags"=dword:00000000

Its a similar problem to this: http://answers.microsoft.com/en-us/windows/forum/windows_other-windows_update/sp2-stalled-at-reverting-changes/416d843c-21c3-4477-a5e9-62e998526359

Posted in Uncategorized | Leave a comment

New Laptop: Windows 8 Hyper-V Platform breaks OEM Pre-activation

I have been looking forward to getting a new laptop for some time. I dithered over whether to get a Microsoft Surface, but decided that ACS Solutions is basically a development shop, and I need more power. The surface RT is OK for a bit of Office, except it’s useless until we have Outlook 2013 RT. I hear it’s coming in 8.1, so I may still get one, especially since the recent price drop.

The Surface Pro is super-expensive, has taken ages to make it to the UK and is only just adequate for running Visual Studio, and will really struggle if it has to run SQL Server, Progress OpenEdge (euch!), IIS 7.5, etc. And the battery life is not quite there yet. I suspect a Surface Pro 2 with Haswell and at least 256GB SSD and 8GB RAM would sway me.

That said, I bought an intriguing machine: a 12” ultrabook, with carbon fibre shell, 256GB SSD, 3rd-gen Core-i7 (Ultra low power – so only dual core), 8 GB RAM, Full HD 400 nit touchscreen display (Corning Gorilla Glass), that converts to a (clunky) tablet: the Dell XPS 12. So far I love it. The backlit keyboard is nice to use, although I still can’t touch type. The lack of ports can be compensated for: I carry a USB3 to Gigabit Ethernet dongle, a USB to Serial dongle and a Mini-DisplayPort to DP/HDMI/DVI-D. They’re flogging them off in spades in the Dell Outlet at around half the retail price, so I paid under £600+VAT, which I think is OK. The Haswell-powered version has already been announced, hence I suspect they’re shifting the old stock. I get 4-5 hours battery life, which is OK, and unlike the Surface where everything is glued together, they’re replaceable, so it’s all good.

Anyway, the technical point is this, Windows 8 finds it’s product key in the BIOS. A tool like Read & Write – see http://rweverything.phpnet.us/ – can dig out the MSDM record from the BIOS. This is what mine looked like:

Signature “MSDM”
Length 0x00000055 (85)
Revision 0x03 (3)
Checksum 0x4B (75)
OEM ID “DELL ”
OEM Table ID “CL09 ”
OEM Revision 0x00000001 (1)
Creator ID “ASL ”
Creator Revision 0x00040000 (262144)
Version 0x00000001 (1)
Reserved 0x00000000 (0)
Data Type 0x00000001 (1)
Data Reserved 0x00000000 (0)
Data Length 0x0000001D (29)
Data XXXXX-XXXXX-XXXXX-XXXXX-XXXXX

…where the X’s are Dell’s OEM Pre-Activation volume licence key.

The software detects the MSDM record, and also information about the machine that qualifies for that key, so you can’t just copy it. I think some of that is in the DSDT (Differentiated System Description Table) record, but I’m not sure.

Anyway, it all went wrong when I installed the Hyper-V role from “Turn Windows Features on or off”

Windows Features Dialog

This installs the Hyper-V server bits, but that means that even the “Host” OS (i.e. Windows 8) is actually a guest of the Hypervisor. And that means it has a different hardware footprint. And that means Windows 8 no longer likes the activation, and won’t re-activate, because it thinks the hardware have been tampered with:

Event Viewer, Application Event Log, Security-SPP, Warnings:

Some data has been reset. 0x00000000 [1].
Some data has been reset. 0x00000000 [2].
The system has been tampered. 0xC004D317
Installation of the Proof of Purchase from the ACPI table failed. Error code: 0xC004F025

Predictably, turning the “Hyper-V Platform” off re-enables the automatic activation.

As ACS Solutions is a fully paid up Microsoft Solution Provider, we have access to a reasonable number of in-house licences of Windows 8 Enterprise which don’t rely on OEM Pre Activated product keys in the BIOS. Unfortunately, the built-in upgrade feature doesn’t like our product key, so for now I won’t be using Hyper-V on this machine, but if this was a hoofing great desktop I’d bought from Dell (or any other manufacturer for that matter) with OEM PreActivation, I’d be seriously narked about this.

Posted in Uncategorized | Leave a comment

KB2817468 causes Outlook 2013 to crash when viewing Domain Secured emails (TLS Mutual Auth – “Green tick”)

We use Domain-Secured Emails to clients companies – a.k.a Mutual Auth TLS. It gives you a green tick mark next to the email in Outlook in list view:

image

And in the email itself:

image

Which, when clicked, shows you this:

image

However, when KB2817468 is installed, Outlook 2013 (x86 on Windows 8 x64, at least) crashes when you try to view one of these emails, whether in preview mode or in a separate window.

The crash looks like this in the Event Viewer in the Application Event Log:

Faulting application name: OUTLOOK.EXE, version: 15.0.4517.1003, time stamp: 0x51a75237
Faulting module name: OUTLOOK.EXE, version: 15.0.4517.1003, time stamp: 0x51a75237
Exception code: 0xc0000005
Fault offset: 0x00000000003bd396
Faulting process ID: 0x14b4
Faulting application start time: 0x01ce7f1c384e7dd5
Faulting application path: C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
Faulting module path: C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
Report ID: 7ac2edf4-eb0f-11e2-bec4-80ee7316dfe5
Faulting package full name:
Faulting package-relative application ID:

followed by a dump from Windows Error Reporting:

Fault bucket 117878238, type 4
Event Name: APPCRASH
Response: Not available
Cab Id: 0

Problem signature:
P1: OUTLOOK.EXE
P2: 15.0.4517.1003
P3: 51a75237
P4: OUTLOOK.EXE
P5: 15.0.4517.1003
P6: 51a75237
P7: c0000005
P8: 00000000003bd396
P9:
P10:

So, the solution is to remove KB2817468 and wait for Microsoft to fix it. Good luck with that.

Note that in the Uninstall list in control panel may show three or four instances of this KB – I removed them all.

Posted in Systems | Tagged | Leave a comment

SQL Server – How big are my tables?

Code Snippet
create table #t
(
    name sysname primary key clustered,
    rows bigint,
    reserved sysname,
    data sysname,
    index_size sysname,
    unused sysname
);

exec sp_MSforeachtable 'insert into #t exec sp_spaceused ''?''';

select
    name,
    rows,
    convert( bigint, replace( reserved, ' kb', '' ) ) / 1024 as [reserved MB],
    convert( bigint, replace( data, ' kb', '' ) ) / 1024 as [data MB],
    convert( bigint, replace( index_size, ' kb', '' ) ) / 1024 as [index MB],
    convert( bigint, replace( unused, ' kb', '' ) ) / 1024 as [unused MB]
from
    #t
order by
    3 desc;

drop table #t;

Posted in SQL Server | Tagged | Leave a comment

which

unix has a which command to tell you the path of the executable file which is first found on the path and which will get executed when you type the command without an explicit path.

The simplest use can be aped really easily in the Windows command interpreter. Just create a batch file called which.cmd and bung it on the path, e.g. in C:\Windows (well, %SystemRoot% for purists):

@echo off
for %%i in (%1) do echo %%~$path:i

So now, from a command prompt, you can find which (if any) of those pesky command-line tools is going to run:

C:\>which xsd.exe
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.0A\bin\NETFX 4.0 Tools\xsd.exe

C:\>

Yay!

Posted in Uncategorized | Leave a comment

Windows 2003 is old hat

In Windows 2008+, setting a different SSL certificates for each IP:Port binding is point and click, so for an exchange server where the internal and external names (and therefore required certificates) differ:

image

It is easy to select the correct certificate for each binding:

image

[Note that if you want to use the same IP:Port for multiple SSL sites by using host headers, you can in Windows 2008+, but it’s back to the command line.]

In Windows 2003, it’s a bit fiddlier:

C:\Scripts>httpcfg query ssl
    IP                      : 192.168.100.10:443
    Hash                    : c1f2b0f6fbd1c115f79535ea6c503b14dbd64416
    Guid                    : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    CertStoreName           : MY
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        :
    SslCtlStoreName         :
    Flags                   : 0
——————————————————————————
    IP                      : 192.168.100.34:443
    Hash                    : c1f2b0f6fbd1c115f79535ea6c503b14dbd64416
    Guid                    : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    CertStoreName           : MY
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        :
    SslCtlStoreName         :
    Flags                   : 0
——————————————————————————

This shows the same certificate bound to two different IP addresses. You need to delete one before you can add it again, otherwise you’ll get the following fail message:

HttpSetServiceConfiguration completed with 183.

Here we go:

C:\Scripts>httpcfg delete ssl -i 192.168.100.10:443
HttpDeleteServiceConfiguration completed with 0.

Now we can put it back with the correct certificate, but first you need the Thumbprint. You can get this by looking at the certificate in the filesystem by clicking on the .cer file or in the Certificates MMC console

image

or from Powershell for Exchange on an Exchange Server 2007+ server:

[PS] C:\Documents and Settings\Administrator>Get-ExchangeCertificate

Thumbprint                                Services   Subject
———-                                ——–   ——-
3972B12B864B4DF7C627609A184DF1B3884E09BA  IP…      CN=dc1
E837A8E0148D778744B06F2CC4B6157D37C19B8E  IP..S      CN=dc1.acs-solutions.local
C1F2B0F6FBD1C115F79535EA6C503B14DBD64416  …WS      CN=*.acs-solutions.co.uk, OU=Domain Control Validated – RapidSSL(R), OU=
648AB8210EDC23793E0ECE63731E6AB86C207603  …..      CN=ACSRootCA, DC=acs-solutions, DC=local

So, now we have the Thumbprint, configure the Certificate of choice onto the IP Address:Port:

C:\Scripts>httpcfg set ssl -i 192.168.100.10:443 –h 3972B12B864B4DF7C627609A184DF1B3884E09BA -g “{4dc3e181-e14b-4a21-b02259fc669b0914}” -c MY
HttpSetServiceConfiguration completed with 0.

And finally check the result:

C:\Scripts>httpcfg query ssl
    IP                      : 192.168.100.10:443
    Hash                    : 3972b12b864b4df7c627609a184df1b3884e 9ba
    Guid                    : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    CertStoreName           : MY
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        : (null)
    SslCtlStoreName         : (null)
    Flags                   : 0
——————————————————————————
    IP                      : 192.168.100.34:443
    Hash                    : c1f2b0f6fbd1c115f79535ea6c503b14dbd64416
    Guid                    : {4dc3e181-e14b-4a21-b022-59fc669b0914}
    CertStoreName           : MY
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        :
    SslCtlStoreName         :
    Flags                   : 0
——————————————————————————

Hope that helps.

Posted in Uncategorized | Leave a comment