ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Managing Hyper-V

    Scheduled Pinned Locked Moved IT Discussion
    328 Posts 24 Posters 88.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DashrenderD
      Dashrender @matteo nunziati
      last edited by

      @matteo-nunziati said in Managing Hyper-V:

      @Dashrender anyway. If you have to pay, a control system con be obtained buying a windows pro licence every time you deploy a newer hyper-v version, then virtualize it in your WS.

      it was windows 8 with hyper-v 2012, then now it is win 10 with hyper-v 2016. what? 300$ every 4 years? feaseable probably...

      unfortunately the hyper-v snap-in in windows mmc.exe is a bit poor on some edges.
      I've deployed 2 hyper-v servers and setup replica on them just with my snap-in. More complex layout probably will lead to a big issue, as the snap-in has really poor management functions. anyway as @Tim_G said somewhere, you can add the free veeam one to get better overview of resource usage.

      not a single pane of glass, but hell LCDs aren't even glass: all plastic 😛

      about domain: never tryed hyper-v 2012 but this is what I've done.

      Has anyone tried this for Win10 and Hyper-V 2016 since HVRemote doesn't support those, and the page says there are no current plans to update it to support it?

      scottalanmillerS matteo nunziatiM 2 Replies Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @matteo nunziati
        last edited by

        @matteo-nunziati said in Managing Hyper-V:

        @scottalanmiller said in Managing Hyper-V:

        @wirestyle22 said in Managing Hyper-V:

        The issue with that is my lack of powershell knowledge

        base knowledge needed to work on Windows. Just how it is.

        what mostly hurts me on PS is that it seems more of a scripting language than a proper shell. you need to store a function even to open a VM console. on kvm you have virt-viewer... simple!

        I wouldn't think of it that way as much as just being cumbersome and inefficient. It's also slow as shit. Although it is much faster on Linux than on Windows. Like so much faster.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @Dashrender
          last edited by

          @Dashrender said in Managing Hyper-V:

          @matteo-nunziati said in Managing Hyper-V:

          @Dashrender anyway. If you have to pay, a control system con be obtained buying a windows pro licence every time you deploy a newer hyper-v version, then virtualize it in your WS.

          it was windows 8 with hyper-v 2012, then now it is win 10 with hyper-v 2016. what? 300$ every 4 years? feaseable probably...

          unfortunately the hyper-v snap-in in windows mmc.exe is a bit poor on some edges.
          I've deployed 2 hyper-v servers and setup replica on them just with my snap-in. More complex layout probably will lead to a big issue, as the snap-in has really poor management functions. anyway as @Tim_G said somewhere, you can add the free veeam one to get better overview of resource usage.

          not a single pane of glass, but hell LCDs aren't even glass: all plastic 😛

          about domain: never tryed hyper-v 2012 but this is what I've done.

          Has anyone tried this for Win10 and Hyper-V 2016 since HVRemote doesn't support those, and the page says there are no current plans to update it to support it?

          Pretty sure that that project died.

          1 Reply Last reply Reply Quote 0
          • matteo nunziatiM
            matteo nunziati @Dashrender
            last edited by

            @Dashrender said in Managing Hyper-V:

            @matteo-nunziati said in Managing Hyper-V:

            @Dashrender anyway. If you have to pay, a control system con be obtained buying a windows pro licence every time you deploy a newer hyper-v version, then virtualize it in your WS.

            it was windows 8 with hyper-v 2012, then now it is win 10 with hyper-v 2016. what? 300$ every 4 years? feaseable probably...

            unfortunately the hyper-v snap-in in windows mmc.exe is a bit poor on some edges.
            I've deployed 2 hyper-v servers and setup replica on them just with my snap-in. More complex layout probably will lead to a big issue, as the snap-in has really poor management functions. anyway as @Tim_G said somewhere, you can add the free veeam one to get better overview of resource usage.

            not a single pane of glass, but hell LCDs aren't even glass: all plastic 😛

            about domain: never tryed hyper-v 2012 but this is what I've done.

            Has anyone tried this for Win10 and Hyper-V 2016 since HVRemote doesn't support those, and the page says there are no current plans to update it to support it?

            NO wait no HVRemote here. and done the shit on win10 for hyper-v 2016.... I've just hyper-v 2016 AND win 10. and we have NO AD AT ALL HERE!

            mmm... let me recheck my motes. maybe an how-to is in the makings 😛

            1 Reply Last reply Reply Quote 0
            • matteo nunziatiM
              matteo nunziati
              last edited by matteo nunziati

              ok company is closing. after dinner will put notes here!

              it is just winrm, trustedhosts and same user/password/workgroup setup. then you can fly!

              DashrenderD scottalanmillerS JaredBuschJ 3 Replies Last reply Reply Quote 1
              • DashrenderD
                Dashrender @matteo nunziati
                last edited by

                @matteo-nunziati said in Managing Hyper-V:

                ok comany is closing. after dinner will put notes here!

                it is just winrm, trusthosts and same user/password/workgroup setup. then you can fly!

                OK - I was just referencing the page you linked to.

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @matteo nunziati
                  last edited by

                  @matteo-nunziati said in Managing Hyper-V:

                  ok comany is closing. after dinner will put notes here!

                  For the weekend?

                  matteo nunziatiM 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller
                    last edited by

                    @romo is getting our headless Hyper-V cluster up in the lab today. Going to be testing stuff on it very soon.

                    DashrenderD 1 Reply Last reply Reply Quote 2
                    • DashrenderD
                      Dashrender @scottalanmiller
                      last edited by

                      @scottalanmiller said in Managing Hyper-V:

                      @romo is getting our headless Hyper-V cluster up in the lab today. Going to be testing stuff on it very soon.

                      No iDRAC or other ?

                      JaredBuschJ 1 Reply Last reply Reply Quote 0
                      • JaredBuschJ
                        JaredBusch @Dashrender
                        last edited by

                        @Dashrender said in Managing Hyper-V:

                        @scottalanmiller said in Managing Hyper-V:

                        @romo is getting our headless Hyper-V cluster up in the lab today. Going to be testing stuff on it very soon.

                        No iDRAC or other ?

                        That is not what headless means.

                        1 Reply Last reply Reply Quote 0
                        • JaredBuschJ
                          JaredBusch @Mike Davis
                          last edited by

                          @Mike-Davis said in Managing Hyper-V:

                          In part of my strategy to prevent CryptoLocker or a bad actor from taking out my backups if a computer/server gets infected, I'm not domain joining my hosts now. I realized that even with a share on the network that used a service account, if a hacker elevates privileges and gets domain admin, they can reset the password on the backup service account and then wipe out my backups. If the backup target is not domain joined, they can't do that. Same idea with the host.

                          I'm curious as to what others are thinking. We love disk to disk backups, but it's really hard to air gap them with out physical interaction.

                          This is just stupid.

                          There is not any type of realistic risk for this kind of scenario that does not involve a ton of prior failures.

                          Within a single organization, there is zero reason to not have the hypervisors domain joined.

                          There will be no possible way to lose anything because there should be no possible way that a privileged account like domain admin can be compromised without ignoring other best practices.

                          Mike DavisM 1 Reply Last reply Reply Quote 1
                          • JaredBuschJ
                            JaredBusch @DustinB3403
                            last edited by JaredBusch

                            @DustinB3403 said in Managing Hyper-V:

                            I'm in the camp of not joining your hypervisors to the domain.

                            If you get locked (because of domain controls) out of your hypervisors then you're SOL, along with the domain functions.

                            This is also just stupid.

                            Being domain joined in no way affects the root account ( or original administrator account on hyper-v ) from working in any way.

                            I just cannot grasp how people keep repeating this kind of garbage.

                            1 Reply Last reply Reply Quote 0
                            • JaredBuschJ
                              JaredBusch @DustinB3403
                              last edited by

                              @DustinB3403 said in Managing Hyper-V:

                              Sounding more and more like hyperv is a disaster without these kinds of tools

                              Only if self inflicted. There is zero wrong with the Hyper-V Manager mmc snap in for normal hyper-v management in a small organization.

                              Yes, 5 nine was nice. But still not hard to manange.

                              1 Reply Last reply Reply Quote 2
                              • JaredBuschJ
                                JaredBusch @BRRABill
                                last edited by

                                @BRRABill said in Managing Hyper-V:

                                @Dashrender said in Managing Hyper-V:

                                @Tim_G said in Managing Hyper-V:

                                I don't understand what the issue is here. Install and configure a Hyper-V Host... then connect to it via Hyper-V Manager, FCM, or PowerShell. None of the Windows GUI tools do anything that you cannot do with PowerShell. In fact it's the other way around. You can do way more to Hyper-V with PowerShell than from any tool. Just learn the commands and move on. They are so easy.

                                That allows you to manage the hypervisor.. what about getting console access to the VMs?

                                Why wouldn't you use RDP there? Or PowerShell?

                                Are you not paying any attention to what you are reading?? Remote access is not console access.

                                BRRABillB 1 Reply Last reply Reply Quote 1
                                • JaredBuschJ
                                  JaredBusch @matteo nunziati
                                  last edited by

                                  @matteo-nunziati said in Managing Hyper-V:

                                  ok comany is closing. after dinner will put notes here!

                                  it is just winrm, trusthosts and same user/password/workgroup setup. then you can fly!

                                  This is the answer for non domain joined systems.

                                  But most people have no need for this in the SMB as a MS AD deployment is almost always already in place.

                                  @Dashrender opened this thread with a poor hypothetical scenario.

                                  It is something that can apply to an ITSP or consultant, but it is completely not something that will apply to the vast majority of deployments.

                                  DashrenderD matteo nunziatiM 2 Replies Last reply Reply Quote 1
                                  • scottalanmillerS
                                    scottalanmiller
                                    last edited by

                                    Although it does apply to us, we are putting Hyper-V in a situation today where there is no AD currently, nor planned. Just by coincidence.

                                    JaredBuschJ 1 Reply Last reply Reply Quote 0
                                    • JaredBuschJ
                                      JaredBusch @scottalanmiller
                                      last edited by

                                      @scottalanmiller said in Managing Hyper-V:

                                      Although it does apply to us, we are putting Hyper-V in a situation today where there is no AD currently, nor planned. Just by coincidence.

                                      It will certainly begin to apply more and more.

                                      This is very true and why the loss of 5Nine as a free tool is so sad.

                                      Do not forget that 5Nine is still available, just no longer free.

                                      1 Reply Last reply Reply Quote 0
                                      • Mike DavisM
                                        Mike Davis @JaredBusch
                                        last edited by

                                        @JaredBusch said in Managing Hyper-V:

                                        @Mike-Davis said in Managing Hyper-V:

                                        In part of my strategy to prevent CryptoLocker or a bad actor from taking out my backups if a computer/server gets infected, I'm not domain joining my hosts now. I realized that even with a share on the network that used a service account, if a hacker elevates privileges and gets domain admin, they can reset the password on the backup service account and then wipe out my backups. If the backup target is not domain joined, they can't do that. Same idea with the host.

                                        I'm curious as to what others are thinking. We love disk to disk backups, but it's really hard to air gap them with out physical interaction.

                                        This is just stupid.

                                        There is not any type of realistic risk for this kind of scenario that does not involve a ton of prior failures.

                                        Within a single organization, there is zero reason to not have the hypervisors domain joined.

                                        There will be no possible way to lose anything because there should be no possible way that a privileged account like domain admin can be compromised without ignoring other best practices.

                                        There are zero day exploits out there. Networks get hacked. I'm trying to limit risk.

                                        JaredBuschJ DashrenderD 2 Replies Last reply Reply Quote 0
                                        • DashrenderD
                                          Dashrender @JaredBusch
                                          last edited by

                                          @JaredBusch said in Managing Hyper-V:

                                          @Dashrender opened this thread with a poor hypothetical scenario.

                                          It is something that can apply to an ITSP or consultant, but it is completely not something that will apply to the vast majority of deployments.

                                          Not hypothetical at all - It's Wired's setup.

                                          In fact, no one ever actually answered my question, Should all Hyper-V hosts be in a single domain to simplify Hyper-V host management?

                                          The only thing that resembles an answer is no - because we don't join the domain at all

                                          JaredBuschJ 2 Replies Last reply Reply Quote 0
                                          • JaredBuschJ
                                            JaredBusch @Mike Davis
                                            last edited by

                                            @Mike-Davis said in Managing Hyper-V:

                                            @JaredBusch said in Managing Hyper-V:

                                            @Mike-Davis said in Managing Hyper-V:

                                            In part of my strategy to prevent CryptoLocker or a bad actor from taking out my backups if a computer/server gets infected, I'm not domain joining my hosts now. I realized that even with a share on the network that used a service account, if a hacker elevates privileges and gets domain admin, they can reset the password on the backup service account and then wipe out my backups. If the backup target is not domain joined, they can't do that. Same idea with the host.

                                            I'm curious as to what others are thinking. We love disk to disk backups, but it's really hard to air gap them with out physical interaction.

                                            This is just stupid.

                                            There is not any type of realistic risk for this kind of scenario that does not involve a ton of prior failures.

                                            Within a single organization, there is zero reason to not have the hypervisors domain joined.

                                            There will be no possible way to lose anything because there should be no possible way that a privileged account like domain admin can be compromised without ignoring other best practices.

                                            There are zero day exploits out there. Networks get hacked. I'm trying to limit risk.

                                            No. You are much mistaken.

                                            In a well designed network a zero day has not access to anything except the user profile. The user has no access to hyper-v management. The user should have to to that from a VM on their workstation.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 6
                                            • 7
                                            • 8
                                            • 9
                                            • 10
                                            • 16
                                            • 17
                                            • 8 / 17
                                            • First post
                                              Last post