2014
09.10

Microsoft posted a hotfix for when you get a stop error 0x000000D1 after you install the Hyper-V role on a computer that’s running Windows Server 2012.

Symptoms

After you install the Hyper-V role on a computer that’s running Windows Server 2012, you may receive the following Stop error message:

0x000000D1 (parameter1 , parameter2 , parameter3 , parameter4 )
DRIVER_IRQL_NOT_LESS_OR_EQUAL

Notes

  • The parameters in this error message vary, depending on the configuration of the computer.
  • Not all "0x000000D1" Stop errors are caused by this problem.

Cause

This problem occurs because of incorrect handling of the IP address structure inside the Vmswitch.sys file.

A supported hotfix is available from Microsoft Support.

2014
09.09

The TechEd Europe Session Builder is live and there you can find my session, CD-B329, From Demo to Reality: Best Practices Learned from Deploying Windows Server 2012 R2 Hyper-V.

Sure, the title is a mouthful Smile but here’s the short version of the sales pitch: I want to show you the bits of Hyper-V that are rarely talked about. These are the features that help you get your job done. They’re the ones that make the big headlines possible. They’re the ones that you think “I’d switch from vSphere to Hyper-V if it had X”. They’re the features that you asked for!

image

My session is on Wednesday from 10:15 until 11:30. I cannot wait!

2014
09.09

It’s a slow day, so here’s your updates for today. I think the Azure Automation post should be useful – I’ll sure be ripping it off inspired by it for future demos Smile

Hyper-V

Azure

Licensing

2014
09.09

Read MVP Didier Van Hoye’s take here.

I’ve been thinking for some time (I think VMware even quoted my blog a few years ago) that Microsoft would eventually switch to per-core licensing for Windows Server. I think the emergence of 18-core CPUs makes that inevitable. Right now, if you want 36 cores, you’re probably looking at using 4 x 10-core CPUs, which is 2 Windows Server licenses (each license covers 2 CPUs). Those new CPUs halve Microsoft’s revenue on the upper end of the market.

I would be surprised if, come April, there isn’t an announcement of a change to Windows Server licensing, in conjunction with the GA of Windows Server “2015” (Threshold) in (maybe) May.

The key things here would be:

  • There must be a smooth transition process – when MSFT switched SQL Server to per-core it was quite confusing for resellers and customers. Note that resellers choosing to work with a good distributor helps out quite a bit here, and in turn helps their customers get best value and stay legit!
  • The price for smaller deployments cannot increase. In my opinion, the cost of Windows Server Standard/Datacenter must stay the same on a machine with 2 x 6-core CPUs before and after the release of Threshold. If one dual-CPU (covering 2 6-core CPUs) copy of WS2012 R2 costs $882, then a per-core license should cost $73.50. We can then license that same server with “WS2015” for 12 x 73.50 ($882).

If Microsoft gets it right, then the transition could be smooth. To be honest, I think it might even simplify licensing – the non-techy people who buy licensing struggle with the per-dual CPU model of WS2012 and WS2012 R2.

However, if the ivory tower residents get it wrong (i.e. those same folks think that only Fortune 1000’s and cloud hosters run servers – kids, drugs are baaaad) then we could be looking at a VMware vRAM type of backlash that would do serious damage to the current hot streak that the cloud OS is on.

Technorati Tags: ,
2014
09.08

I’m doing to test work in the lab with Microsoft Azure at the moment, trying to tell which part of Microsoft is telling the truth about certain aspects of pricing. A necessary step in my tests was to upload an administrative certificate. I used MAKECERT to create the cert. The private cert is in Personal on the server that I’m working with. The public cert was on my PC. I opened the Azure portal and attempted to Manage Certificate to upload the .CER file but this failed after about 5 seconds. Recreate the cert, try again, fail again. No joy.

Then after I taught some of my Eastern European colleagues some new ways to swear in English, I had a realization that some dev in Microsoft probably did something dumb.

I bet they expect the private cert to be installed on the machine that you’re uploading the cert from … because we all browse from our servers, right? (WRONG, I hope).

So I exported the PFX to my PC, imported the cert, and attempted the upload again. And it finally worked.

Dumb. I can imagine “private” certs flying all around the network, and admins browsing from servers if this isn’t fixed by Microsoft.

On the bright side, my colleagues now are equipped with the verbiage to accompany flipping off your PC with the double bird.

2014
09.08

It’s been 5 days since my last of these updates – events, meetings and travel take their toll!

Below you will see an announcement on how to deploy DPM in Azure to backup stuff from within Azure VMs (not a host level backup). Please note that this is licensed using on-premises SysCtr SML licenses and cloud management licensing is not the same as on-premises licensing. A SysCtr Datacenter SML covers 8 VMs in the cloud, so you might need lots more SysCtr licensing to manage Azure.

Microsoft has also launched a Migration Accelerator for Azure based on the InMage acquisition. Right now, the preview is limited to the USA. That’s pretty dumb; anyone who knows MSFT virtualization knows that Europe is the place to be.

Oh – the MSFT versus FBI Irish data centre case rumbles on. It’s clear that the motivations of the US government were not speed (the Irish government would have been quick to help) but are more along the lines of “Mine! MINE! MINE!!!! MY PRECIOUSSSSS!”.

Windows Server

SCVMM

Azure

Office 365

Hardware

Legal

2014
09.03

The idiotic US government is continuing in their quest to kill off all US interests in cloud computing, thanks to “justice” Plesk contemplating placing contempt of court charges on Microsoft. Sad thing is, the contempt is justified.

Hyper-V

System Center

Azure

Microsoft

2014
09.01

This is a video that I recorded for my employers, MicroWarehouse, a distributor in Dublin Ireland (nothing to do with a similarly named UK company). In it, I introduce the software-defined storage techs of Windows Server 2012 R2, focusing on Storage Spaces, Scale-Out File Server, Cluster-in-a-Box and Hyper-V on SMB 3.0, all built using hardware by DataOn Storage. There are some sample designs, and some indicative RRP pricing.

Note that this is strictly a high-level video that is intended to introduce concepts.

image

2014
09.01

Frak! It’s September already!?!?!?! Here’s my first update in a since last Wednesday – travel and events took priority.

The big news broke late on Friday and Saturday. The moron judge presiding over the FBI/Microsoft case cancelled the stay on the order to force Microsoft to turn over data from the Dublin data centre to the US feds, thus breaching privacy and violating Irish and European laws. Microsoft is refusing to comply and is appealing to a higher court in the USA.

Hyper-V

Legal

Azure

Windows Intune

PowerShell

Surface

  • What’s the Future for Surface Tablets? IMO, doom. It’s impossible to sell a business machine to business users if you don’t give businesses a way to buy the device and an SLA-enforced mechanism to support it. First of you to say "BYOD" gets a kick in the groin for drinking 2-year old Gartner KoolAid.

Licensing

VMware

Consumer

2014
08.29

I visited my employer’s stands at the Retail Trade Show in Dublin this week. I already knew most of the stuff there, but I got to put my hands on one of the new ultra-low spec Windows 8.1 “Update 1” tablets. ICYMI, the April 2014 Update for Windows 8.1 enables OEMs to sell lower spec machinery.

For example, a Windows install is much smaller. That means you can sell a Windows tablet, and that’s x86 Windows, not Windows RT, with 16 GB of storage.

IMAG0219

And the machine can have just 1 GB RAM.

The machine I played with was a Win’Tab8. I don’t know who the manufacturer was (I think they were French) and I’m not in the office to find out more info. It was an 8” yellow tablet. Thin and light as one would expect. And I believe it was quite cheap (maybe sub €200).

IMAG0220

This tablet did have 16 GB storage, micro-SD expansion, an Intel Atom 4-core CPU, and 1 GB RAM. There was a micro USB port and a dedicated power socket (I like that!). I don’t know what the battery life is like. Just over 4 GB of the storage was free. The RAM was under pressure; while I’m OK with the small amount of storage for a consumption machine (I hope MSFT embraces expansion storage like on Android), I am not sold on tablets with less than 2 GB RAM. The demo machine was not logged in with a Microsoft ID so I couldn’t install something from the Store. But I played around and it seemed to perform pretty well.

Expect to see these kinds of low spec/price Windows tablets in retail stores in the coming months.

Technorati Tags: ,
2014
08.27

I’ve just re-read a post I wrote in 2010 about the future of Steve Ballmer. My two topics of focus were Windows Phone 7 (released that day) and the lack of a Windows tablet at the time.

I thought WinPho would struggle behind iOS and Android, mainly because of apps. I was not wrong. Things have improved, but there’s still issues with app quality and availability.

We now know that Ballmer bought into the Sinofsky plan (sounds like some dodgy French plan to keep out invading forces, and we know how those tend to work out). Windows 8 came, Windows 8.1 came, Windows 8.1 Update 1 came, and still Microsoft struggles in the tablet market. I thought (and I was not along) that, despite everything, Microsoft should get WinPho working on tablet devices. Instead we got the confusing and failed Windows RT, which is now being killed off through a merger with Windows Phone for ARM devices.

Fun times!

Oh yeah, I completely underestimated the impact of smartphones and tablets on the consumer market.

2014
08.27

The rumours on “Threshold” are swirling through the Ethernets. Take nothing seriously until you see it for yourself on your own monitor.

Windows Server

image

System Center Operations Manager

Windows 9

Azure

2014
08.26

As I share from time to time, here is a description of what the test lab I run at work looks like at the moment. It has grown a little bit since the last of these posts.

image

There are 7 physical computers split into two AD domains:

Physical Network

  • There is an ADSL internet connection using a NetGear router.
  • We have a WatchGuard 2 series XTM. This provides me with my primary VPN route into the lab (SSL VPN client) and connects the on-premises lab with Microsoft Azure. I also use the built-in wireless hub to connect to the lab using my laptop while in the office.
  • There are 2 x dumb Netgear 24 port 1 GbE switches.
  • 1 x HP Procurve 10 GbE SFP+ switch that I hate. The only redeeming quality is that it is 10 GbE, allowing the iWARP cards to be plugged in.

Lab.Internal

This environment is pretty static, and enables me to get into the lab, and have enough fabric to rebuild the demo lab from scratch.

  • Lab-DC1: This is an old Sony laptop. I run AD on here for the lab domain. Here you can fund WSUS, and RRAS as one of my emergency backdoors in. This machine has just a 1 GbE network connection.
  • Lab-Storage1: This is a beefy HP DL370 G6 storage box with lots of capacity. I store all of my ISOs and images here. I have enabled Hyper-V and run the management pieces of the Demo.Internal domain on here, including AD and System Center. This machine has 1 GbE networking and 2 x iWARP (10 GbE RDMA) ports, each of which are connected to different virtual switches – I enable vRSS in VMs that run on this host and do SMB Multichannel in the guest OS. I’ve also done the unsupported Shared VHDX hack to enable Shared VHDX on local storage.

image

Demo.Internal

The physical part of this environment is frequently built from scratch, using what is running/hosted in the Lab.Internal domain.

  • Virtual Management Stuff: You can see the range of things running in this domain that are hosted by Lab-Storage1.lab.internal. The most important of these is Demo-DC1, the DC for the demo domain. I run all of my demo System Center VMs as VMs on Lab-Storage1, and I also run demo PCs as VMs.
  • JBOD: I have a DataOn DNS-1640 with 8 x HDDs and there are currently 6 x SSDs in there too. Yes, that is a very weird breakdown for tiering and for column counts.
  • Demo-FS1 & Demo-FS2: These are HP DL360 G7 servers that are connected to the JBOD using 6 Gbps LSI 9207-8e SAS cards (8 = two interfaces/cables, each having 4 “ports” that run at 6 Gbps). These servers are clustered to make the SOFS. From time to time, I enable Hyper-V on them to have a second Hyper-V cluster. The servers have 4 x 1 GbE and 2 x iWARP for SMB 3.0 storage networking.
  • Demo-Host1 and Demo-Host2: Two Dell R420 servers that are my Hyper-V cluster. Each has 4 x 1 GbE and 4 x iWARP :) That gives me lots of flexibility for SMB 3.0 designs. Normally VMs are stored on the SOFS, but you might have noticed that I also have an iSCSI target running as a VM on Lab-Storage1. My network design varies depending on what I’m trying to do.
  • Demo-Host3: This is a HP Elitebook 8740w. This “beast” was my work laptop until it was replaced by a Toshiba i5 KIRAbook – a portable lab is pretty useless for me now so I prefer a light presentation machine that I can VPN from. The mobile workstation is now in the lab where it runs as an additional host on 1 GbE networking. It gives me capacity for Hyper-V Replica, and quickly testing things without touching the Hyper-V cluster.

Azure

With a site-to-site connection into Azure, I have capacity to deploy additional things in the cloud, with integrated management via System Center.

The main changes over the past year have involved the addition of the XTM and Azure. My work has me spending a lot of time learning and teaching about Azure so that side of things will continue. Our DataOn business has been growing so we’ll see how things go there. Of course, I’ll have to stay up to date with the on-premises gear so we’ll see what changes might be driven by “Threshold” come TechEd Europe.

2014
08.26

I know very few businesses deployed Windows 8, but any "upgrade" that requires a wipe & replace is not a service pack. However, that’s what Microsoft now thinks, and that’s had an impact on the Windows 8 support policy. Someone in Redmond needs a quick kick in the nether region, because coffee clearly won’t be strong enough.

And in other news on this slow morning, Steve Ballmer binged on a TV show featuring one of Hollyweird’s plastic surgery victims. Yeah; it’s always a slow period in the build up to big announcements.

2014
08.25

Not much has happened since last Friday morning. VMworld is on this week in San Francisco – maybe it’s no coincidence that there have been earthquakes nearby?

Azure

  • AzureConf, free online Azure conference: On September 25th, 2014, Microsoft will be hosting AzureConf, another free event for the Azure community. This event will feature a keynote presentation by Scott Guthrie, along with numerous sessions executed by Azure community members.

PowerShell

Intune

  • The Windows Intune Team will be performing scheduled maintenance at the end of August: All service functions and operations are expected to perform normally during this maintenance window. Once the upgrade to the Windows Intune service is complete, a number of mandatory agent updates will be pushed out to all PC client machines connected to the service. In most cases, these updates will not require a reboot after being applied.

Office 365

  • Matter Centric Legal Document Management: MSFT has launched a limited pilot program for an industry vertical O365 solution to improve the way law firms and attorneys work together by making it easier to organize files by client and matter, review documents, and find information when needed without ever leaving Microsoft Word or Outlook. < I wonder, if like some other verticals, this only applies to the USA … try set the URL to be non-US.
2014
08.22

Yesterday, I was challenged by the Editorial Director for the Petri IT Knowledgebase, Jeff James, to take up the Ice Bucket Challenge, to raise funds and raise awareness of Motor Neurone Disease (MND), also known as ALS. Today at lunch time, I took up that challenge after donating to the the Irish Motor Neurone Disease Association.

Here is my challenge …

Should I have warned you that the language was not safe for work? Sorry! :D

I now challenge the following people:

  • Dave Northey, of Microsoft Ireland
  • Claire Smyth, Microsoft MVP lead for UK & Ireland
  • Sarah Cooley, the MVP lead PM for the Hyper-V team

Good luck folks!

BTW, that ice (yes, ice was in there) water felt like a kick in the chest, and I couldn’t breath for a few seconds.

Thanks to John for drowning me, and Michael for shooting the video, and the folks from MicroWarehouse for cheering me on!

2014
08.22

Aidan Finn is planning to unveil his plan to rule the world next month at a special press event. Sources familiar with Finn’s plans tell us that the benevolent one is tentatively planning his press event for September 30th to detail upcoming changes to world domination as part of a plan called “Overlord”. This date may change, but the Overlord plan is currently in development and Finn plans to release a preview version of what will likely be named “Oh Sh1t! This is Really Happening” to the world on September 30th or shortly afterwards.

The early preview will give the world a first look at how traffic problems will be solved in Overlord. Missile-equipped drones will patrol motorways and dual carriageways, scanning for drivers who rest their chin on the steering wheel, hog the overtaking lane, or wait until the last moment to change lanes for the M9 on the Kildare M7. Finn is also planning to have drones patrol near schools looking for cars that are stationary for more than 1 second, but it’s not clear if this particular feature will be made available as part of the preview.

While Overlord is likely to be named “Oh Sh1t! This is Really Happening”, it’s unlikely that the ever handsome Finn will name his upcoming plan at his press event. Instead, Finn is said to be planning an overview of key new features of the new regime, with a preview ready for offenders and innocents. Finn is also building a separate combined version of his plan for each continent, and the gentle one may take the time to detail his work during his press event. Either way, Finns plan to rule is nearing completion and the amazing one will be ready to talk more about it next month.

By MVP Marc Van Eijk

An Aidan Finn Clone Army courtesy of @_marcvaneijk

Oh, and the Verge is reporting some stuff about Windows 9.

2014
08.22

Here’s the latest news from the Microsoft wires. More new services have popped up on Azure, mostly for devs, but the SQL AlwaysOn template should be a massive time saver.

Hyper-V

Azure

Security

OS Deployment

Office 365

2014
08.21

If you’ve not been hiding in a cave then you’ve heard of the Ice Bucket Challenge which is being used to raise funds for and awareness of ALS, known here as Motor Neurone Disease. The Editorial Director for the Petri IT Knowledgebase, Jeff James, took the bullet and has passed the challenge on to me.

Jeff, I accept your challenge. I’ll be doing it at work tomorrow at lunch time.

Maybe I’ve pissed you, the reader, off in some way. Maybe you’re one of the many vFanboys that I take fun in ridiculing? Or maybe you work in Microsoft and I’ve annoyed you one-too-many times. If you’d like to see me soaked and freezing my cajones off (it’s quite cold in Ireland lately) then please do me a favour, give generously to the Irish Motor Neurone Disease Association or a local version of that organisation that supports ALS or MND victims & families. Get your revenge, and dig deep!

Oh and be warned … I will be naming 3 people that I’ve already selected :)

2014
08.21

In case you don’t know, Windows Weekly on the TWiT online channel is probably the biggest Windows “podcast” (it’s also a live show) on the net. It is hosted by Leo Laporte with top tech journalists Paul Thurrott and Mary Jo Foley. Last night, they discussed the recent patching issues and Mary Jo brought up my advice to delay deploying updates for 1 month – I normally try to watch live but I listened in the car this morning.

Go to around the 34 minute mark to hear for yourself

Leo didn’t like my advice – Leo also hosts Security Now and hears on a weekly basis about the various ways that computers can be attacked from Steve Gibson. Leo was worried about “zero day” attacks. Paul appeared to have a very pragmatic view on things, wishing that we didn’t have this problem in the first place.

So here’s my views on the discussion. I understand why Leo doesn’t like my recommendation. I don’t like my recommendation to delay release of updates for 1 month. But I’ve been seeing for the last 2 years how bad updates for Windows Server (and thus Windows client) and System Center have been. We’re seeing failures and release withdrawals almost on a quarterly basis. And these aren’t just niche scenarios like a shortcut to a font file in the wrong place on Windows 7 Home Premium. This is widely used designs, basic installs, and so on. To be honest, I see the approval of new updates from Microsoft as a bigger risk than malware at this point; releasing an untested update (if I was still an admin) to 100 VMs and 1000 desktops is sure to get me fired within 3-6 months when the business goes in the dark a couple of times because of bad updates. On the other hand, I’ve never had a malware breakout on a network I owned in my career – I’ve only seen malware get trapped by well-managed AV.

I wish I could recommend approving MSFT updates for near-instant deployment, as Leo has suggested. But I cannot – I’ve heard of and reported on too many failures. And any business that needs to rely on their IT cannot take risks.

Paul has it right; Microsoft management is pushing releases (patches, rollups, full product milestones) faster than they should be – and testing is taking second place. I know that technical people that I have great respect for in Redmond are embarrassed by what is going on. Unfortunately, it’s going to take something really bad for Satya Nadella to undo the damage that is happening under his watch, that I guess is probably his doing.

Leo (not that you’ll ever read this), I completely understand your point of view. I used to be a person who said “get the updates out within a week”. But because of the events of the last 2 years, I respectfully have to disagree with you.

BTW, you can take the approach I recommended using SCCM ADRs and tweak it so you create ADRs to approve “critical” updates more rapidly. That will give you a middle ground for security updates, but the risk is yours to measure and take. This is a management decision!

2014
08.21

You can search it here:

image

EDIT:

Thanks to Kevin Greene for the heads up.

Have you noticed the lack of sessions on things like Hyper-V and Windows Server? Hmm, that can only mean that there’s lots of session titles that cannot be announced yet *cough*

Technorati Tags: ,
2014
08.20

The headline news from yesterday is that Steve Ballmer has resigned his new position from the Microsoft board to focus on “teaching” and his duties as the new owner of the Los Angeles Clippers NBA basketball franchise. He’s still the largest independent owner of MSFT stock.

Microsoft

Virtual Machine Manager

  • VMM 2012 Self-Service users cannot open a console session to a virtual machine: When you try to connect to the console session of a virtual machine (VM) that is running in Windows Server 2012 by using Microsoft System Center 2012 R2 Virtual Machine Manager or Microsoft System Center 2012 Virtual Machine Manager Service Pack 1 (SP1), the connection fails, and you receive the following error message – Virtual Machine Manager lost the connection to the virtual machine for one of the following reasons.

Azure

Office 365

2014
08.20

Speaking at TechEd has been one of my career ambitions for years – it is the pinnacle of speaking in the Microsoft world. I started of presenting at MSFT community events and had no such goal. But eventually I reached the point with my knowledge of Hyper-V that I felt like I could contribute and that I wanted to speak on the bigger stage; certainly presenting one of the sessions at the WS2012 launch in London (1000 attendees in the room) fired me up even more. I submitted sessions to TechEd, but never got anywhere. I gave up on my goal last year.

Then things fell into place at TechEd North America. I wasn’t going to do Speaker Idol. But when I was asked, I had an idea and I said to myself “frak it, do it! It’ll be fun to do”. And I ended up winning a slot in “TechEd” int he USA next year. I also talked to some folks and they gave me some advice about submitting sessions for TEE14. I submitted one session and …

Getting good news is always a nice way to finish the day. Early yesterday evening I received an email informing me that Microsoft had picked their sessions/speakers for TEE14. I followed the link to check the status of my submission and there it said:

Approval Status: Approved

Yes; I did my happy dance :D My guess is that we cannot talk about our sessions yet, but you can safely guess that I’ll be talking about Hyper-V.

Hopefully I’ll see some of you there when I present … at TechEd!

2014
08.19

I know there’s a risk in telling you to delay deploying updates for 1 month. Some think that means switching to manual approval – and that is an oxymoron because manual approval rarely happens. No; I would rather see large enterprises use a model that automatically deploys updates after delaying them for 1 month, just as you can do with System Center 2012 (R2) Configuration Manager (SCCM).

I’m going to refer you to the excellent guides by SCCM MVP, Niall C. Brady. SCCM uses WSUS to download the Windows Catalog. When I configure SCCM I configure WSUS to automatically sync and to automatically supersede updates. That means if Microsoft releases a replacement update, the old version is automatically replaced. That’s important so keep that in mind when reading the rest of the solution.

I will configure automatic deployment rules (ADRs) for each product. The ADR will be set up as follows:

  • Software Available Time: Set this to something like 21 days. That means that SCCM will hold back any applicable update for 3 weeks. That gives Microsoft lots of time to fix an update and the replacement will supersede the dodgy update.
  • Installation Deadline: With this set to 7 days, we have 4 weeks before updates are pushed out … and that assuming that we haven’t applied maintenance windows to any collections (servers, VMs, call centre PCs, etc) that might further delay the deployment.

image

With the above configuration, the dodgy August updates would not have been deployed to PCs or servers on your network. Instead, a tested and fixed update will be released, SCCM will sit on it and automatically approve it at a later date.

BTW, I do a similar thing with Endpoint Protection updates by delaying approval for 4 hours with immediate deployment.

I don’t know of a method for accomplishing this in Windows Intune – I’d like to see it. The same goes for WSUS, but a commenter suggested using cmdlets from this site for WSUS to write a script; I’d rather see a clean solution from Microsoft similar to what we have in ConfigMgr but less granular.

2014
08.19

Does “fail fast” = “fail predictably often”? Automated testing of software for cloud services needs to be investigated and questioned. First we had the clusterfrak August updates for Windows. Then a significant chunk of Azure went offline.

image

Get Adobe Flash player