Part 2 – Install SQL

Install the SQL Server.

In this part we will install the SQL Server. Nothing special, it’s just a normal SQL 2012 installation.

Not sure if it’s still needed, but I install the .Net 3.5 Feature and I add a Firewall rule to allow incoming SQL traffic on port 1433 using these Powershell lines.

Next I start the SQL installation and choose SQL Server Feature Installation.P2_001

In the Feature Selection window, I select the Database Engine Services and the Management Tools – Complete.P2_002

In the Server Configuration window, I configure the service accounts we created in part 1.P2_003

I keep the default collation.P2_004

In the Database Engine Configuration, I specify the Domain Administrator as SQL Server Administrator.P2_005

I just continue the installation with all the deafults and wait for it to finish.

Coming up next: Install Virtual Machine Manager.

Part 1 – Install DC

Install the Domain Controller.

In this first part we start with installing the Domain Controller. Ill could have showed you all the GUI pictures, but I am sure you all know this already. After all those years the GUI starts to get boring, so let’s do this using some Powershell commands.

The script below will add the Active Directory Domain Services role and promotes the server to Domain Controller. You can either run the script as a ps1 file in an administrative Powershell window or paste it in an administrative Powershell ISE window and run it, just as I did.

After the script finishes, the server will be rebooted and the server will be a Domain Controller.P1_001

After creating a new Domain, I always create the same OU structure with some service accounts which I need later on. Just to keep it tidy.

We also need a special Container for Virtual Machine Manager to store the Distributed Key Management information in Active Directory (info). I name this Container DKMVMM and place it in the root of the domain (but you can place it anywhere). Also the Service Account for VMM needs to have full rights on this Container so that VMM can write information in it.

The picture below shows the objects we will create.P1_002

Again, clicking trough the Active Directory Users and Computers got boring ;-) . So here’s the Powershell script that will create the OU structure, Service Accounts, DKMVMM Container and set its security rights.

This is the end of part 1.

Coming up next next: Install the SQL Server.

Private Cloud Lab Intro

I like to test and build things and on the other hand I like to document it. So I came up with the idea to build a Private Cloud Lab and document it here. Sure, you can find al kind of different tutorials on the internet, but I try to keep it as simple as possible.

So, this will be my attempt to provide you with an easy to follow do it yourself: “Building a Private Cloud Lab” tutorial.

We will start with the basics and we will add more components as the lab environment evolves. To begin building this lab we will start with four servers:

  • Domain Controller:  DEV-DC-01
  • SQL Server:                   DEV-SQL-01
  • VMM Server:               DEV-VMM-01
  • Hyper-V Server:         DEV-HPV-02

Coming up next: Part 1 Configure the Domain Controller.

Create DHCP Scope

I am migrating from none Windows to Windows 2012R2 DHCP, so I needed to install and configure more than 10 DHCP servers.
Each of the DHCP servers would contain several scopes with custom options for ip phones and thin clients. Rather than
clicking trough the GUI every time, I create this script.

When you run this script, it installs the DHCP feature, authorize the DHCP server in AD, sets conflict detection to 2,
creates predefined options 242 and 161 and it creates five scopes.

You only need to active the scopes.


Wol Packet

To save energy costs at home, I have configured all my computers with Wakeup On Lan. With the use of an app on my mobile phone I can turn them on only when I need them.

Now I needed to start my Windows server once a week at a specific time. I checked the BIOS settings of my server.  Unfortunately there were only two automatic turn on options: Every Day and Every Workday.

I am in the possession of another Windows server on the internet, which is always on. So I could use that server to schedule a script to run once a week.

So I decided to create a Powershell script that creates the magic packet and sends it to my home server.


Detect Windows Feature

I have got the request to figure out on which servers the Desktop Experience Feature is installed. Our environment contains only Windows 2008R2 and Windows 2012R2 servers.

Checking all servers one by one is a hell of a job, so I decided to create this script. The scripts uses Powershell Remote to connect to the target servers, so this needs to be enabled on all target servers.

The target servers are defined in the Servers.txt file. Then the script executes the invoke-command to see if the feature is installed. If the feature is installed, the server will be added to the FeatureInstalled.txt otherwise the
server will be added to the FeatureNOTInstalled.txt file.



Migrate differencing disk

A friend of my was running his Hyper-V 2012R2 environment with differencing disks. Not so good for performance, so he asked if he could migrate them to normal disks.

Luckily I had played a bit with differencing disks in my lab environment to see how it works. So I could use this lab to test the migration path.

This is the parent disk which I used for all lab machines.



As you can see, the LB-DC01 is using this disk as it’s parent disk.


The LB-DC01 has a checkpoint. All checkpoints needs to be removed first.


When the checkpoint had been removed, its merged into it’s original disk. Notice the increased disk size.


Just to be sure, I export the machine to a save place as a backup.


When the export operation has finished, it created a complete copy of the vm, including a copy of the parent disk.


Now it’s time to merge the disk. At this point the vm needs to be turned off. Edit the disk and select the Merge option.


In the Configure Disk window, select To a new virtual hard disk and choose the appropriate hard disk type.


After the operations has finished, the new disk has been created.


The last step is to configure the vm and point the hard drive to the newly created vhdx file.


After starting the vm, everything works fine!

Local User Password Changer

Normally when I need to change the local administrator password of many servers, I would create a script which would do that for me.

Today I had the idea, why not create a simple app for this. So I created the Local User Password Changer app.

Local User Password Changer

How does it work:

The domain name is optional. If you don’t use it, it would use the same domain as the computer from where you run the app. Then you can type in some servers or load a list of servers from a text file. The default user is the administrator, but you can change it in any user you like. Type in the new password and hit the Change button. The Log output shows if the change was successful or it shows an error together  with an detailed error message.

Under the hood it is using the Powershell ADSI adapter. More info can be found here. Because I am targeting local accounts (none AD), I am using the WinNT instead of LDAP, example:                                          [adsi](“WinNT://COMPUTER/administrator, user”)


The user running this application needs to be member of the local administrators of the target machines (or member of the Domain Admins group)

Tested against:

Windows 7, 2008R2, 2012 and 2012R2


64bit Version




RDS User Session Control

Recently I have upgraded our Terminal Services environment to Remote Desktop Services 2012R2.

On a regular base I received requests from the Helpdesk to logoff RDS users or provide them with a session id and a server name for shadowing users. After doing so for some time, I decided to create this tool for the Helpdesk, so that they could retrieve this information by themselves. It also provides them with the option to logoff or shadow users.

RDS User Session Control

How it works:

The RDS User Session Control is a portable executable application accompanied with a settings.ini file. The settings.ini file only contains the fqdn of the Connection Broker. Which can be changed to reflect your Connection Broker server. Every time you start the RDS User Session Control application, it searches for the settings.ini file in the same directory as the RDS User Session Control executable. When it’s not found, you get an error message. Then you can search for a user by entering part of the login name or using a wildcard. If it finds any users, you can select a user and perform the action to either logoff or shadow the user.



To retrieve the user sessions from the Connection Broker, it uses the Get-RDUserSession cmdlet from the RemoteDesktop Powershell module. It order to let Helpdesk group to use this cmdlet and make a connection to the Connection Broker, I had to add the Helpdesk group to the local administrators group of the connection broker. I couldn’t find a better way. This could be an security issue for your organization. If you know a better solution, please let me know. In order to let the Helpdesk people to make use of the shadow option, you need to grand them that right on the RDS host servers. In order to do that, you need to run this command on every host server:


wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName=”RDP-Tcp”) CALL AddAccount “DOMAIN\HelpdeskGroup”,2



The RemoteDesktop module is only available for Windows 8 and 2012 or higher. Our Helpdesk group is using Windows 7, so I had to publish this application as a RemoteApp on our RDS environment. This works perfectly fine.



64bit Version

LinkedIn Auto Publish Powered By :