Most of my work on servers is done for small and medium offices, involving a maximum of 50 clients. These networks are usually managed by a domaincontroller with Exchange and a terminal server. Not so long ago this would be installed on 2 different pieces of hardware to keep up performance, but in the current times one box is enough to manage both servers virtually and still be fast enough to give access to the employees. .
There are several hypervisors to make this happen, best know is probably VMWare, which I use on occasion as well. Problem with VMWare however is the high costs for the licenses and loads of options I don’t have a use for in these environments. Microsoft’s Hyper-V is a great option for this, its fast, reliable and cost effective.
Management however can be somewhat of a pain in the ass on occasion. Specially if you dont install Hyper-V on a fully functional Windows Server, but its standalone variant Hyper-V Server (formerly known as Hyper-V Core Server). Although its harder to manage, I highly recommend you use this for its speed and cost (Hyper-V Server 2008 R2 is free). You can download the DVD ISO here.
After you install it, you are left with 2 DOS like boxes on the console, the blue one gives you some options to control basic settings (like network settings, user creation etc) and the other is a Windows command box. There is no way to create, start or manage the Guest Operating Systems here, for that you need a Windows client machine (I recommend Windows 7 over Vista for obvious reasons, there is no way to do this on XP) or another WIndows 2008 Server which kind of defeats the purpose of virtualization. I also dont like to add my Hyper-V Servers to a domain, but that’s more personal taste I guess, but it makes it slightly more difficult in managing the servers. Whatever you choose on this regard however, don’t make the mistake of adding it to a domain that is handled by a virtual domaincontroller, you’re in for a world of hurt that way. I wont go in any further on installing Hyper-V (extremely straight forward) or installing the management software on a client PC (via add-and-remove windows programs) and I assume you are working with Hyper-V Server in a workgroup, not a domain.
Password policy & password expire time
First thing I had problems with is that the user the management software is run under (in my case the user is named “bert”) has to be availible on the Hyper-V machine as well, but the password policy is rather strict on Hyper-V Server. Thus I opted to disable this entirely, mainly because the domaincontroller that handles the domain for my PC has its own password policy and the password also has to be identical on the management PC and Server alike. To disable the password expire time on the Server go into the black command box and enter:
NET accounts /MAXPWAGE:UNLIMITED
To disable the complexity rules for passwords on the Server follow these steps:
- In the CLI enter: secedit /export /cfg X:\config.cfg
- Open this created file with something like notepad (use USB disk or network mapping to copy this file to a client PC).
- Change the option PasswordComplexity from 1 to 0 and save the file.
- Overwrite the file on the server with the one you just edited.
- Enter this command in the CLI: secedit /configure /db C:\Windows\Security\new.sdb /cfg X:\config.cfg /areas SECURITYPOLICY
If everything went well you should see a message “The task completed successfully”. You can now change the password to whatever you like, as long as it is the same on the management machine.
Disable the firewall
don’t use the firewall for the core server, I opt for a hardware firewall every time and dont want the built-in firewall on the Hyper-V Server to be in the way of things. Enter the following in the CLI to disable it:
netsh advfirewall set allprofiles state off
This disables the firewall in all profiles.
Network card teaming
Unfortunately there is no way to setup network card teaming in the Hyper-V Server, unless the network card manufacturer provides this in their driver. Most of the time I use HP hardware for my virtual servers, if you install the server with the HP Smart Start Boot CD, the driver gets installed with the config utility for teaming as well. Just start the utility via the CLI like so:
This gives you the same tool that you can use under “normal” Windows Server installations, set up teaming accordingly.