Friday, November 6, 2009

Home Server, Part 2 – Installing Hyper-V Server 2008 R2

This post is one of a series where I discuss the steps I went through to stand up a server for my home network 

I’m going to be honest: I’ve a huge fan of VMWare Workstation. I tried Microsoft’s Virtual PC when it first came out but the performance was really lacking. A co-worker convinced me to try VMWare and I’ve been loyal since.

So I bet you’re wondering why the title contains Hyper-V Server and not something like VMWare Server or ESXi. I’ve been intrigued by Hyper-V since Microsoft announced that the Azure Fabric is based on it. This was an opportunity to give it a try, especially with the R2 release.

Hyper-V Server 2008 R2 is a free download from Microsoft. It is installed on the bare iron and provides a hypervisor for running virtualized servers. Pull down the configuration guide also. It’s not for R2 but I found it to be very helpful.

I’m going to tell you now that installing Hyper-V Server 2008 R2 was dead simple. I burned the iso to a DVD, popped it into the drive and bounced the machine. Soon the setup was running. After a couple of restarts I was logged in and greeted with the configuration tool – Server Configuration.

image

Using the information in the configuration guide, I setup the server to be in a Workgroup and enabled all of the remote management options. This is important since you will mainly be managing Hyper-V remotely. Also, enable Remote Desktop (RDP), you’re going to need it.

Hard Drives

When I installed Hyper-V Server 2008 R2, it formatted the partition that I installed it to. It did nothing with the other drives in the machine. I had to use the DISKPART command-line utility to bring the other hard drive online.

Remote Administration

Hyper-V Server 2008 R2 is supposed to be managed remotely. To do that I installed the Hyper-V Manager from the Remote Server Administration Toolkit (RSAT). Unfortunately there are different deployment packages for Vista and Windows 7.

After I installed the toolkit, I had to use the Turn Windows Features On or Off option in the Control Panel to enable the Hyper-V Manager.

image

Things were going really smoothly at this point. By now the hardest thing that I had to do was locate the RSAT deployment package for Windows 7. But what kind of project goes smoothly? Not this one. Keep reading.

The “Fun” Starts

The first VM that I want to create will be hosting Windows Home Server so I fired up the Hyper-V Manager to create the VM. I was greeted with the error message “You do not have the required permission to complete this task.  Contact the administrator of the authorization policy for the computer <computer name>.”  I started doing what all computer professionals do – searching the web.

I came across John Howard’s blog and specifically this post. John is a PM on the Hyper-V team at Microsoft. This post is part 1 in a series that addresses this issue. He’s even created a tool, HVRemote, to simplify the steps.

As I did more reading, it seems that R2 now takes care of a lot of the configuration that John lists in that post. This would be the Configure Remote Management option in the Server Configuration tool (sconfig).  Unfortunately I still couldn’t connect.

I started looking at the HVRemote utility again. There’s a 10-second Guide on the site that addresses a variety of configurations. Mine is the first one: Client and Server both workgroup. Using the Server Configuration tool, I created an account on the Hyper-V server with the same name and password as my account on my laptop. Like magic the permission error disappeared and I was able to connect to the server. 

Ha! Home free!”  I started to build the VHDs for the new VM.

Until I was greeted by another error message: “Cannot connect to the RPC service on computer <computer name>. Make sure your RPC service is running.” 

This had me stumped for a while. I used the Server Configuration utility to install the most recent updates and bounced the server. I was able to connect again – for about 10 minutes. Then the RPC service error popped up again.

I stopped the firewall on my client to see if it was the issue. Nope. Not it. I pinged my laptop from the server and the error went away – for about 10 minutes. That was interesting. I was actually able to do some of the configuration, like creating a Virtual Network and one of the VHDs. All I had to do was periodically ping my laptop from the server.

Obviously this was not an acceptable solution.

While searching I came across this thread in the Technet forums. The poster had solved a problem similar to mine by doing the following:

From a command window on the server, issue the following command:

netsh advfirewall set allprofiles state off

This disables the firewall on the server. While I really don’t want the firewall disabled, I ran the command anyway.

On the client:

  1. run dcomcnfg
  2. Under Component Services, navigate down to My Computer
  3. Bring up the Property Dialog for My Computer and select the COM Security tab
  4. Click the Edit Limits in the Access Permissions section
  5. Enable Remote Access for Anonymous Logon

image

Doing these two steps did seem to correct the RPC problem. I’ve not seen it since. I’ve also gone back and enabled the firewall on the server.

Update – I usually sit on a post for a day and re-read it prior to posting. I came back to the Hyper-V Manager after 24 hours and was meet by the “RPC service” error message. I stopped the firewall on the server and I’m now able to connect to the server as expected. I’m not happy about having to run without a firewall. I’m going to start a thread in the forums to find out the exact firewall configuration.

After getting all of this taken care of, I was able to create the two VHDs that I need for my Windows Home Server VM. That will be the topic for the next post in this series.

Next: Installing Windows Home Server

3 comments:

  1. Hello,
    Do you find firewall configuration?

    ReplyDelete
  2. Great post this fixed my issue with RPC also. Maybe I'll leave the firewall off

    ReplyDelete
  3. I don't know how many people have solved this. but my solution is below:
    p.s. this is copied and pasted from my personal word documentation. as a result the formatting will probably be really bad.


    Hyper-V Manager RPC Connection error

    If you are getting the error “cannot connect to the RPC service on "Computer name" make sure the RPC service is running” you need to make some changes to the fire wall settings.

    This is assuming you followed all the instructions when setting up hyper-v server

    On a windows 7 machine (or windows server 2008 machine) click start -> run
    Or you can hit the windows key + r
    The run dialog box should come up. Type in it mmc and click ok
    You might have to give admin rights to the program
    In the new window click File -> Add/Remove Snap-in
    In the new window scroll down to the bottom of the box on the left
    Select Windows Firewall with advanced security and click add between the two box’s
    Click another computer and enter the ipaddress of the server
    After loading the window should close
    Click Windows Firewall with Advanced Security on “Computer name”
    On the right hand collum/box select Inbound Rules
    At this point there were several options that had to be changed to enable this to work
    The following settings where enabled and set for domain
    File and Printer Sharing (Echo Request – ICMPv4-In)
    File and Printer Sharing (Echo Request – ICMPv6-In)
    File and Printer Sharing (LLMNR-UDP-In)
    File and Printer Sharing (NB-Datagram-In)
    File and Printer Sharing (NB-Name-In)
    File and Printer Sharing (NB-Session-In)
    File and Printer Sharing (SMB-In)
    File and Printer Sharing (Spooler Service – RPC)
    File and Printer Sharing (Spooler Service – RPC – EPMAP)
    To set for the domain right click the option and select properties
    Click on the advanced tab and uncheck the box next to Private and Public
    To enable the rule right click and select Enable Rule

    ReplyDelete