2014
12.18

Windows Server Hyper-V has had an … interesting … history when it comes to backup. It has been a take-it-personally mission of the Hyper-V team to stop backup being an issue for Hyper-V customers. Backup of CSV in Windows Server 2008 R2 was not fun. Things got better in WS2012, and again in Windows Server 2012 R2. And we might finally be getting there with the next release of Windows Server.

An important change to Hyper-V backup is to enable partners to keep up with the pace of change of Windows Server – we’ve seen some backup vendors take years to catch up with a new version, and this prevents mutual customers from keeping their hosts in step with Microsoft.

In order for a backup product to do incremental backups, it needs to do block based change tracking. Each vendor has to create one of these filter drivers that sits in the storage stack. This stuff is hard to do right, and it can cause stability and performance issues if not done correctly. And it also slows down the development/re-test/re-certify of BackupProduct2016 to keep up with the release of Windows Server 2016.

Some bad change tracking implementations, that you may know of, lived in memory as bitmaps. If the host had an un-planned outage then the next backup had to be a full backup. Or maybe if the VM live migrated to another host, that VM would have to do a full backup because the change tracking was no longer in the memory of the host.

Resilient Change Tracking is built-in backup change tracking of changed blocks within virtual hard disks. It is used for incremental backup, and it is the underlying engine for differential export. The change tracking bitmap lives in memory and on-disk. The on-disk bitmap is not as granular because it is the fallback from the much more detailed in-memory bitmap.

The goal now is that backup vendors should stop writing their own filter driver to implement change tracking. If they use the built-in resilient change tracking then they can focus more time on feature development testing/certification, and keep up with Microsoft’s frequent releases of Windows Server. And hopefully, Microsoft’s change tracking will undergo suitable levels of testing that will give all customers a universally stable and well-performing subsystem.

Hyper-V PM Taylor Brown talks about Change Tracking in his session at TechEd Europe 2014.

2014
12.17

Those of you who have run more than one generation of Hyper-V will understand the pain of updating integration components in a VM’s guest OS. If you run Windows (this is not applicable to Linux because the process is different) the you need to run the latest ICs in a guest OS for that VM to have:

  • The latest virtualization features
  • Stability
  • Performance

We typically have seen new versions of the ICs in three occasions:

  • A hotfix or Windows Update
  • A service pack – no longer relevant but an update rollup might bring new ICs
  • A new version of Hyper-V

The process was that VMGuest.ISO was updated on the host, and we would mount that ISO from the VM to install the latest integration components. This assumed that:

· We had admin rights to the guest OS – not applicable usually in a cloud

  • Network access
  • Time
  • Patience

We had workarounds such as using PowerShell or System Center, but again, this assumed we had rights to the guest OS or network access.

Microsoft was keen to solve this issue … and they went to a method that I think many of us will approve of: updates to the Windows integration components for Hyper-V will be delivered by Windows Update (and hence WSUS). This has started with delivery to any of the following guest OSs running on the Tech Preview of vNext:

  • Windows Server 2012
  • Windows Server 2008 R2
  • Windows 8
  • Windows 7

Microsoft uses KVP (enabled by default) to determine that the VM is running on vNext.

This new process will give cloud admins control over the IC release (via WSUS) and will automate the delivery of the ICs to all guests that run Windows Update, ensuring that clients are up to date and can avail of the best that Hyper-V can offer. No more McGuyvering required.

2014
12.17

Things have settled down a little after last week’s surprise Azure announcements.

Hyper-V

Azure

Office 365

Microsoft Partners

Licensing

  • Price increases in 2015!! SPLA/hosting licensing costs are going up. Hosters will have no choice but to pass that on to their customers.

Miscellaneous

2014
12.16

This feature is tied into Cluster Rolling Upgrade. When we are doing a rolling upgrade of a cluster (from WS2012 R2 to vNext), we will temporarily have a mixture of WS2012 R2 hosts and Windows Server vNext hosts. This is referred to as mixed mode.

To avoid issues, the cluster will either:

  • Run only features of the down-level hosts
  • Run features only on down-level hosts

For example, on a storage cluster (SOFS) running disk deduplication (for VDI personal VMs), the cluster will only run deduplication optimization jobs on the down-level hosts because vNext optimization will make changes that are not backwards compatible.

This mixed mode is TEMPORARY – it should not be run for months or years!!!!

EDIT: Today (17/Dec/2014) I learned that Microsoft will have a support limited of 4 weeks for running a cluster in mixed mode. They want you to finish the migration ASAP, but 4 weeks will be the support limit. There is not hard coded limit, but now you know what they’ll support.

EDIT: I also learned on 17/Dec/2014 that Microsoft will not put a limit on how long v5.0 VMs (VMs with WS2012 R2 host compatibility – more on this later) can run on a higher level cluster.

The goal is that you upgrade each node in the cluster as quickly as possible. You might pause half way through to observe the stability of your hosts (drivers, firmware and external storage/networking hardware). If you’re happy you continue the upgrade. If not, you can rebuild the upgraded hosts to WS2012 R2 and live migrated your VMs back.

Note: VMs will be manually upgraded to vNext and this is why you can live migrate VMs between WS2012 R2 and vNext hosts within the cluster without any issues.

When you have finished the upgrade you will complete the project by raising the cluster functional level. This opens up the cluster’s vNext features and then you should manually upgrade the VMs to v6.0 (vNext).

2014
12.15

A big pain point with Microsoft’s increased cadence of releases of Windows Server is that upgrading a cluster has been a royal pain in the arse.

Previous to the release of WS2012 R2, there was only one process: build a new cluster (either by buying new hardware or draining a host from the old cluster) and do an out-of-band migration of VMs from the old cluster to the new one. WS2012 R2 decreased the pain slightly by allowing Cross-Version Live Migration – but we let Microsoft know that this wasn’t enough.

Windows Server vNext will allow you to perform a cluster rolling upgrade without creating a new cluster. You will be able to do this from WS2012 R2 to vNext (note I did not say WS2012 or W2008 R2 or W2008).

The process is that you will rebuild each node in the cluster, one at a time with Windows Server vNext. You will, for a short time only, have hosts running WS2012 R2 Hyper-V and vNext Hyper-V in the cluster at the same time. This is called Mixed Mode, and VMs can live migrate between the nodes. Eventually you will complete the project by raising the cluster functional level after all hosts in the cluster are on vNext.

image

The flow chart of the process is shown here:

image

This feature will be a major time and money saver, and will allow Hyper-V customers to keep up with the fast release of new versions of Windows Server Hyper-V.

2014
12.12

Imagine a multi-site or stretch cluster that spans sites A and B. Hosts are running in Site A and Site B and are nodes in that cluster. A critical function of a cluster is to calculate quorum in the event of a site outage or a link failure – one site must have more than half of the available votes to have quorum and continue operating as a cluster (and failover the VMs from the other site).

The recommended solution for this in the past was to create a file share witness … operating in a third site. So first you needed a third site. That’s not going to be cheap! And then you needed, ideally, a file server cluster running in that third site to ensure that the file share witness was highly available.

image

Windows Server vNext offers a new advanced quorum option of using a Cloud Witness. This is where we use Azure as a witness. Folks – this is going to be one seriously affordable option!

You create a blob storage account in Azure. This will store just an incremental sequence number; it’s just a vote so the cluster will remain operational if Azure has issues. This will cost just a few cents per month to operate.

You then configure the cluster with the storage account name and storage account key for secure access. The cluster will then use Azure as a witness. This is a lot easier and cheaper than configuring a file share witness on a cluster in a third site.

2014
12.12

It’s December, the month when Microsoft employees normally head away for a long vacation and nothing much happens. Or so we thought. Azure went wild last night, releasing loads of new features either into preview or GA. Oh yeah, loads of December updates from Microsoft have problems.

Windows Client

System Center Virtual Machine Manager

Azure

Miscellaneous

2014
12.12

If you follow Microsoft then you are used to December being a dead month. So I checked my Twitter feed last night and was stunned by some big Azure announcements.

The most important of the announcements to me was the change that is being made to Azure Site Recovery (ASR), AKA DR in the cloud. Previous to last night, you need to run SCVMM on premises to replicate Hyper-V to Azure. This baffled me:

  • You had to install the protection agent on each host/cluster node anyway
  • SMBs, the companies that are most likely to use ASR, cannot afford System Center
  • There is a low adoption rate of SCVMM with System Center/Hyper-V customers

The feedback on this was given – and Microsoft made a change. Last night they announced the general availability of Disaster Recovery (DR) to Azure for Branch offices and SMB feature in our Azure Site Recovery (ASR) service … AKA ASR without SCVMM. This will allow you to replicate Hyper-V VMs into Azure without using System Center on premises.

The hosts must be running WS2012 R2 Hyper-V. Replication is done using Hyper-V Replica. You get centralized replication monitoring and orchestration as a part of the service. And you get the one-click test, planned and unplanned failover types.

THIS IS FRAKKING GREAT NEWS!

Why am I so excited? The original releases of ASR were targeted at customers with System Center licensing. Those are mid-large customers and are likely the ones that already have DR sites. Adoption rates were going to be low. The customer base that needs ASR are the SMBs that run Hyper-V hosts on-premises. That is a huge breadth market. Microsoft partners can enable those customers via Azure in Open licensing – buy some credits ($100 value each), try out ASR with no long term CAPEX or contractual commitments, and see what it can do for your business. And then give your insurance company a call to see what having a remote DR site will do for the company’s insurance premium.

2014
12.12

Microsoft has changed – and I’m not just talking about the obvious stuff that’s in the headlines. Two years ago I saw a pre-beta product and gave feedback to the PMs that this product needed serious changes. I was ignored (FYI, I was not alone in my opinions and in giving this feedback). 18 months ago, I saw a beta release and I gave the same feedback to PMs. I was ignored. 12 months ago the product was released. I blogged about the issues, was quoted by some big tech press names, and suddenly I was Mr. Popular with the PMs and marketing folks. I gave my feedback and I was ignored. 6 months ago the product went through some big changes, but the issue was still there. I commented on it, and once again the marketing folks and PMs were all over me. I gave my feedback … and I was ignored.

But …

A few months ago I found out that someone listened. Enough people like me spoke up. And maybe my market predictions had come true – not that anyone would ever admit that! The product was going to change. And guess what – that change did arrive.

Thank you to the team involved.

The Microsoft that I’ve been working with has changed a lot in the last 24 months. The secrecy of the Sinofsky era is over. Stuff that me and other MVPs have fed back to product groups is being listened to – I wish I could share those stories!!! I’m certainly not saying we design anything. And I’m not saying that everything we feedback is done. But I do see a correlation between feedback and product changes.

If you have feedback then give it to Microsoft. Please don’t make the mistake of telling some local rep – they probably will forget it straight away. Your feedback need to go to the product groups. Microsoft announces forums for feedback every once in a while – I blogged about one yesterday. Take advantage of those. MVPs like myself and Didier Van Hoye actively request feedback before we go to the MVP Summit in Redmond to meet those PMs – take advantage of that too. I might be a jerk in dealing with some comments on this site, but I note the constructive ones and take those ideas to Microsoft.

Microsoft has changed a lot. It was extremely noticeable when we MVPs were last there. It’s a fantastic change – it was by far the most engaging experience I’ve had in Redmond. They really want our feedback to avoid the issues that we saw in the past. So take advantage of this and get the product that you want.

2014
12.11

As I have done with Windows Server 2012 and Windows Server 2012 R2, I am going to do my best to list out and document (level 100 to begin with) the features of Windows Server vNext Hyper-V.

There will be two levels of “documentation”:

  • The glossary: Where I list out each feature, summarize it, and link to more detailed descriptions.
  • Feature specific posts: Where I will talk a bit more about the feature in question.

The glossary will grow over time and I will add links as feature specific posts are published. I have a bunch of those feature specific posts scheduled daily from today into 2015 covering content on Hyper-V and related technologies in Windows Server.

Note that I am aggregating publicly discussed/document information from TechNet, Microsoft blog posts, TechEd Europe 2014, and interviews by Microsoft staff. There is no content beyond that scope.

2014
12.11

Microsoft is changing the format of virtual machine configuration files by going back to the drawing board. There are two files in question:

  • .VMCX which is the virtual machine configuration file.
  • .VMRS which is for runtime state data

Both files are binary files; yes Microsoft is moving away from XML. And editing these files directly is strictly not supported – it never has been! You should use the admin tools, PowerShell, and WMI to edit a VM configuration.

There are two benefits to switching to binary files:

  • Performance: Reading from and writing to the files will become more efficient
  • Stability: There is a lower risk of corruption due to storage failure

This resiliency is being enabled by resilient logging of changes _ a change is written to the log, the log is replayed to the configuration file, and they clear away the log. And believe it or not, Microsoft has seen some customers where the XML format has caused performance bottlenecks!

2014
12.11

Microsoft is giving you the chance to provide feedback and vote on existing ideas for Azure Online Backup and System Center Data Protection Manager. This is a great idea. Personally speaking, it’s validating a number of things that I have fed back to Microsoft already, and a number of things that customers have fed back to me.

I’ve been working with Azure IaaS since January of this year. Before that, Azure was meaningless to me; it was a direct sell by Microsoft to developers – yes, even with IaaS there. But then I found out that Azure was coming to Open licensing so partners could resell it, and I started learning. And we at MicroWarehouse started to promote Azure to our customers (the Microsoft partners that resell licensing and implement solutions for their customers) and that’s when I started to get a better feel for what worked in the real world.

Azure Online Backup was the thing that grabbed people’s attention. Who can argue with €0.15/GB/month? That’s less than half of the cheapest discount rate that we found for online backup that is typically sold in Ireland by resellers. However, there were issues.

The biggest one is that there is no centralized portal. Partners use this to manage backups and get reports. That all has to be done on-premises with Azure Online Backup and that increases the cost of operations significantly.

The other hot issue for me is the lack of a backup mechanism for VMs running in Azure. The only offered solution is to install an agent in the guest OS and then we’re back to the bad old days of backup. VM backup should be “select a VM and backup magically happens”, grabbing the files and state that make up the VM. We don’t have that in any way in Azure.

So that’s why I went onto the site to provide feedback and to vote this morning. You should do the same if you have any interest in Azure. Here’s the top vote getters as they are right now:

image

2014
12.10

I’ve included a few videos that Carsten Rachfahl recorded at the MVP Summit in Redmond last November.

Hyper-V

Windows Server

System Center

Azure

Office 365

Intune

  • Microsoft Intune App Wrapping Tool for iOS: The tool is a Mac OS command line application that creates a ‘wrapper’ around an app. Once an app is processed, you can then change the apps functionality using an Intune mobile application management policy that you configure.
2014
12.09

I do not give a flying fiddlers about some wizard Accenture is selling to deploy System Center. Moving on to relevant things …

Hyper-V

System Center

Azure

Intune

Licensing

Miscellaneous

2014
12.05

It’s December, and not much happens then in the world of Microsoft. However, we do have GA of Azure RemoteApp (RDS in the cloud) on the 11th!

Windows Server

Windows Client

Azure

Intune

2014
12.04

My quest to be able to present wirelessly via Windows 8.1 Miracast from a tablet continued. When at the MVP Summit in early November I ordered a Microsoft Wireless Display Adapter from the Microsoft Store (the brick and mortar store in Bellevue had none).

A few weeks ago I tried the device with a large Sony display TV that we have in the boardroom at work. The dongle is powered via USB – the intention is that you plug this into any available USB port in the TV. The dongle connects to the TV via HDMI. That’s easy to connect up and it only takes the device a few seconds to power up. It prompted me to connect my device.

So I tried my Toshiba KIRAbook. And then I tried my Lenovo Yoga. Both have compatible processors. And neither could connect. I had two symptoms:

  • The Microsoft Wireless Display Adapter did not appear in the device search results
  • If I could see the device to connect to it, I was not prompted with a PIN to confirm the connection and it would time out.

I thought I had a dud device – and me being back in Ireland would make a return impossible. I knew it wasn’t a regional issue because I know of a company in Ireland using one and MVP Didier Van Hoye confirmed that his one is working.

So I gave up … sort of. Today I had time (finally) to test it out again. This time I connected the USB port to a phone power adapter and plugged it straight into an electrical outlet. The HDMI port went into a TV. And then I tested with:

  • Toshiba Encore 8” Windows 8.1 tablet
  • Toahiba KIRAbook

And the connection worked. Right now, Family Guy (Netflix USA) is streaming video and audio to the TV from the KIRAbook.

So the problem is (I believe) that not all TVs output enough power via their USB port to adequately meet the needs of the dongle. The solution is to power the dongle directly from an electrical socket.

2014
12.03

It’s been a slow period but there’s some interesting stuff in Azure networking and websites.

Hyper-V

Windows Server

Azure

Office 365

Miscellaneous

2014
11.27

Altaro has published a free e-book called Licensing Microsoft Server in a Virtual Environment. I know this is a hot topic because it’s one of this site’s top search results every month. The ebook, written by Eric Siron, covers:

  • The concept of Microsoft licensing in a virtual environment
  • Windows Server, Hyper-V Server 2012 & 2012 R2 licensing
  • Difference between keys & licenses
  • Understand license transfers, stacking & implications for a cluster
  • Mapped example diagrams of common virtual licensing environment

Altaro is also running a webinar on this topic on Decentber 4th, featuring fellow Hyper-V MVP Thomas Maurer and Andrew Syrewicze. This webinar will run for 45 minutes with live Q&A, starting at 10am EST or 3pm GMT.

2014
11.24

Do you have a new laptop that refuses to boot from USB? You’re failing to get Windows to install from a removable device? Don’t have an RJ45 port to do PXE installs?

If so, I think I have a hack for you. This is what I used for my Toshiba KIRAbook when wiping Windows 10 Techniacl Preview to reinstall Windows 8.1 – it took a lot of Googling and experimentation to get the thing to boot from USB. My fix is not perfect because you sacrifice Secure Boot, but it works. And no, this page from Microsoft, which is copied endlessly on the Internet, is Bull$h1t.

The cause of the issue is UEFI, the successor to BIOS. You are going to have to configure 3 things:

1) Disable Secure Boot

Reboot your laptop into the UEFI setup (probably one of the function keys – this page is pretty good).

2) Enable CSM Boot/Disable UEFI Boot

In my Toshiba KIRAbook, I found this under Advance > System Configuration. The setting name changes depending on if it is enabled or not.

Note that this setting might be greyed out if you haven’t disabled Secure Boot yet.

3) Prepare a Boot Stick

I used a free tool called Rufus to prepare a USB stick from the Windows 8.1 with Update ISO file.

You can now install Windows on your laptop. You’ve lost Secure Boot and UEFI Boot (Windows 8.1 will not start when they are enabled), but you are able to install Windows. I’ll update this post if anyone comes up with something better.

Note: I hate this bolloxology. This stuff should be much easier.

2014
11.24

It’s been a slow few news days in the Microsoft world. Stuff I’m not linking to: the infinitely linked webcasts on mobility management and the Reign malware infecting computers in Ireland, Russia, and Saudi Arabia.

Windows Server

Windows Client

Azure

Office 365

Miscellaneous

2014
11.20

There are a lot of upset people because of (1) the Azure outage and (2) how Microsoft communicated during the outage. We had a couple of affected customers. The only advice I can give to Microsoft is:

  1. Don’t deploy your updates to everything at the same time.
  2. Now you know how customers feel when bad updates are issued. Bring back complete testing.
  3. Communicate clearly during an issue – that includes sending emails to affected customers. You’ve got monitoring systems & automation – use them. Heck, you even blogged about how (Azure) Automation could be used by customers to trigger actions.

Hyper-V

Azure

Miscellaneous

2014
11.19

Microsoft released November 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 yesterday. This rollup includes lots of fixes, including improved performance of a SOFS cluster during parallelized restores. As usual, I recommend waiting 4 weeks to let others be Microsoft’s testing canaries.

Correction: There are no known problems with the above update.

However, an update rollup released at the same time for Windows Server 2012 DOES in fact have a problem. Microsoft Hyper-V PM, Taylor Brown, tweeted that applying KB2996928 fixes the issue.

2014
11.19

Pay attention to the security update for Windows that was released out of band last night. It’s an important one that prevents people from crafting custom Kerberos tickets.

Hyper-V

Windows Server

Azure

Security

Office 365

2014
11.17

I’ve had a crazy few weeks with TechEd Europe 2014, followed by the MVP Summit, followed by a week of events and catchup at work. Today, I’ve finally gotten to go through my news feeds. There is a LOT of Azure stuff from TEE14.

Hyper-V

Windows Server

System Center

Windows Client

  • Windows 10 – Making Deployment Easier: Using an in-place upgrade instead of the traditional wipe-and-load approach that organizations have historically used to deploy new Windows versions. This upgrade process is designed to preserve the apps, data, and configuration from the existing Windows installation, taking care to put things back the way they need to be after Windows 10 has been installed on the system. And support for traditional deployment tools.
  • Windows 10 – Manageability Choices: Ensuring that Windows works better when using Active Directory and Azure Active Directory together. When connecting the two, users can automatically be signed-in to cloud-based services like Office 365, Microsoft Intune, and the Windows Store, even when logging in to their machine using Active Directory accounts. For users, this will mean no longer needing to remember additional user IDs or passwords.

Azure

clip_image001

ASR SAN replication topology

Office 365

Intune

Operational Insights

Licensing

2014
11.14

My sixth  TechEd Europe 2014 demo was a fun one: Extended Port ACLs, which is the ability to apply network security rules in the virtual switch port, which cannot be overruled by the guest OS admin.

There is a demo VM that is running IIS with a default site. The Windows Firewall is turned off in the guest OS. The script will:

  1. Clean up the demo lab
  2. Open a window with a continuous ping to the VM, showing the open network status
  3. Starts IE and browses to the VM’s site
  4. Kills IE and applies an extended port ACL to block everything.
  5. IE is re-opened (with flushed cache) and fails to load the site. Ping packets are dropping in the continuous ping.
  6. Kills IE and creates another extended port ACL to allow inbound TCP 80
  7. Reopens IE to show the site is accessible. Meanwhile, pings continue to fail.

There’s plenty of process management, and controlling IE in this script.

cls
#Clean up the demo to start up with
Get-VMNetworkAdapterExtendedAcl -VMName PortACLs | Remove-VMNetworkAdapterExtendedAcl

$DemoVM = "PortACLS"

Write-Host "Extended Port ACLs Demo"

#Clear IE Cache
RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 8

#Ping the VM
Start-Process Ping -ArgumentList "-t","PortACLS"

#Start IE
$ie = new-object -comobject InternetExplorer.Application
$ie.visible = $true
$ie.top = 200; $ie.width = 900; $ie.height = 600 ; $ie.Left = 100
$ie.navigate("http://portacls.demo.internal")

#Block all traffic script block
Read-Host "Block all traffic to the VM"
#Kill IE
Get-Process -Name IEXPLORE | Stop-Process
RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 8
Write-Host "nAdd-VMNetworkAdapterExtendedAcl –VMName PortACLs –Action “Deny” –Direction “Inbound” –Weight 1"
Sleep 3
Write-Host "
nAll inbound traffic to the virtual machine is blocked" -foregroundcolor red -backgroundcolor yellow
Add-VMNetworkAdapterExtendedAcl –VMName PortACLs –Action “Deny” –Direction “Inbound” –Weight 1
#Start IE to show the site is offline
$ie = new-object -comobject InternetExplorer.Application
$ie.visible = $true
$ie.top = 200; $ie.width = 900; $ie.height = 600 ; $ie.Left = 100
$ie.navigate("http://portacls.demo.internal")

#Put in web traffic exception script block
Read-Host "nnnAllow HTTP traffic to the VM"
#Kill IE
Get-Process -Name IEXPLORE | Stop-Process
RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 8
Write-Host "Add-VMNetworkAdapterExtendedAcl –VMName PortACLs –Action
“Allow” –Direction “Inbound” –LocalPort 80 –Protocol “TCP” –Weight 10"
Sleep 3
Write-Host "
nAll inbound traffic to the virtual machine is blocked EXCEPT for HTTP" -foregroundcolor red -backgroundcolor yellow
Add-VMNetworkAdapterExtendedAcl –VMName PortACLs –Action “Allow” –Direction “Inbound” –LocalPort 80 –Protocol “TCP” –Weight 10
#Start IE to show that the website is now back online, despite all other traffic being blocked
$ie = new-object -comobject InternetExplorer.Application
$ie.visible = $true
$ie.top = 200; $ie.width = 900; $ie.height = 600 ; $ie.Left = 100
$ie.navigate("http://portacls.demo.internal")

Read-Host "nn`nEnd the demo"

#Clean up after the demo
Get-Process -Name Ping | Stop-Process
Get-Process -Name IEXPLORE | Stop-Process
Get-VMNetworkAdapterExtendedAcl -VMName PortACLs | Remove-VMNetworkAdapterExtendedAcl

Get Adobe Flash player