Ajweh's Blog

A technical perspective, from the heart of Jordan!

Browsing Posts published by Alaa Ajweh

On another issue, here is what happened, I got Live Migration up and running 9 months ago on a two monster 24-CPU Servers, a couple of days ago I received a call from that same client saying that they have added another 2 monster nodes to the cluster so it’s now a 4-Node Cluster.

Everything was cool except for the new added nodes do not accept any Live Migrated VMs from the old ones and vice versa, so Node 1 and 2 are (kind of) working alone and Node 3 and 4 are doing the same.

Everything was healthy! the only event being logged in Event Viewer was completely useless (you gotta appreciate my honesty):

Event ID: 21502
Source: Hyper-V High Availability
’Virtual Machine %1’ Live Migration did not succeed at the source

OR

Event ID: 21502
Source: Hyper-V High Availability
’Virtual Machine %1’ Live Migration did not succeed at the destination

well, either way that wasn’t helpful, but it gives you a hint where to start looking, the source VM or the destination

EventLiveMigration

This is what appears in the Fail-Over Clustering Console

Failed1

So what could possibly be wrong? Well, it turned out to be a silly issue that had to do with the Virtual Network Adapter name being not IDENTICAL due to a typo (a dash in the name was forgotten!), check this post for a few things to keep in mind when creating a Live Migration cluster.

When Hyper-V attempted to migrate to the nodes I created (Node 1 and Node 2) from the newly added nodes (Node 1 and Node 2), it couldn’t find the same network card to match its configuration (which is something it validates before migrating).

HyperVNetwork

after sorting this out, the issue was resolved

HyperVMigrating

I hope this helps! Smile

  • Share/Bookmark

So you wanna make em highly available? well, you gotta be careful! Microsoft Fail-Over Clustering (Formerly Microsoft Clustering Services – MSCS) has been greatly optimized for Hyper-V, with the introduction of Cluster Shared Volumes (CSV) you can really see the beauty of a highly available virtual server environment.

In this post I will be generally talking about Live Migration and a few things to keep them in your mind, then show you a problem that a client has faced because of a tiny mistake.

There are many reasons why you would want your virtual environment highly available, primarily to meet SLA agreement, and most definitely prevent down time. The sensitive nature of Fail-Over clusters make them one of the few things that you REALLY should plan out carefully.

1. Check your hardware against the Windows Server Catalog and make sure you only get Certified hardware: www.windowsservercatalog.com
Certified = Passed a lot of tests.. trust me, A LOT.

2. IDENTICAL HARDWARE + IDENTICAL SOFTWARE yes, I know how annoying it is to read capitalized text, but I think I grabbed your attention, by identical I mean same model and same guts, even the specific details (i.e. memory bus speed, CPU clock speed, NIC model and capabilities) I’m not exaggerating! this is how it should be.

As for the software, same OS Edition (you know this by far right?), same Service Pack level, same set of updates, same Server Features or Roles; but does it work without this kind of convergence between the servers? YES IT DOES, should I do it? NO YOU SHOULD’NT.

Check this sample issue, how could a single typo in naming your network cards raise migration problems

3. Validate your cluster configuration When you install the Fail-Over Clustering feature, this is the greatest thing MS has added to its HA Clustering, if it passes validation, you’re more likely to have a super healthy cluster (sort of).

4. Read This 

This shouldn’t be your ultimate planning guide, but the above points are to keep in your mind, the whole time.

  • Share/Bookmark

Hello again! I’ve got some new stuff in here, a screencast to install VMM 2012 RC, I don’t believe anything will change in the final product (in terms of installation). Make sure you follow Microsoft Official guide on TechNet Library for the real thing, this is for testing.

So, here you go! oh btw you can have it as an MP4 (perfect for Mobile phones) if you’d like to watch it on the go, and of course a full page on its own.

Download As MP4 | Have a Full Page

 

  • Share/Bookmark

As we discussed – in Part 1: Installing Management Server and Database – the Data Warehouse Server cannot reside on the same server as the Management Server. The installation process is fairly simple (but lengthy, I snoozed at the end of it). you need to get SQL up and running, then have the server installed.

Installing SQL Server 2008 R2 SP1

You can follow the same steps as in installing the Management Server except for the Database in the feature selection you need to add Reporting Services and Analysis Service (don’t forget the Full Text Search)

once you have them ready proceed with the server installation

Installing the Data Warehouse Server

Have you Windows Server 2008 R2 SP1 installed (yes SP1 with SCSM 2012), install the following prerequisites on the server:

          1. .Net Framework 3.5 SP1 (from the Server Features)

          2. PowerShell 2.0 (already installed)

Put in the installation media and choose the option to install the Data Warehouse Server

SCSM_SetupWeb

Enter your name, organization and accept EULA, leave the prerequisites checker for a while

DataWare_Pre

Now for the Dataware House Databases configuration page, the famous SQL collation warning will be displayed, then you can configure each database individually by clicking on its name

DataWare_DB

Now you can configure the Data Mart databases (DMs), these are the accessible layer of the warehouse we’re setting up

DataWare_DM

The Management Group Name for the Dataware House server is different from the one for the Management Server, again, it should be unique in the organization and among any Management Group that has ever crossed your life (yes, unique among Operations Manager too)

as for the Group Admins, same as I stated in the Management Server setup, create one, add the current use to it, make the group a local server admin, then proceed.

DataWare_MgmtGroup

Configure the SSRS server to be used for the Data Warehouse reports (side: don’t you think if the product team should’ve used an FQDN? what’s up with the drop down menu? not so flexible)

DataWare_SSRS

Now type in the Service Account to be used who is also a local Administrator on the Data Warehouse Server, in this case, using the Local System account isn’t appropriate at it, because the service here needs to access our Management Server.

DataWare_SvcAcnt

Same thing for the Reporting account, to be used to read some data from the warehouse, except it doesn’t really need to be an Local Admin and it doesn’t need to be granted the Run As a Service right.

DataWare_RepSvc

Type the name for the OLAP Database, and press next

DataWare_OLAP

I’m really really sleepy by now.. that’s a lot of Wizard Pages!! I’ll snooze n get back to ya..

Zzz

Okay, lets get back to the wizard, we need to enter the credentials for the Analysis Services account, again it’s a Service Account (make it local admin),

notice that the Product Team decided not to provide any kind of description here…

DataWare_Analysis

Now the setup will ask you about CEIP, Updates, and Settings Review, and actually BEGIN installing

DataWare_Installing

Thank you for staying with this up until this moment, if you can read this line this means you’re still awake.

  • Share/Bookmark

Once we got the Service Manager Management Server up and running (as described here: http://ajweh.com/blog/?p=107) , we can now begin the installation of the Self Service Portal. This one comes in two flavors, a Web Content Server (installer requires an IIS Web Server) or as a SharePoint Web Part!

In our scenario we’re going to install it on the Management Server which is running Windows Server 2008 R2 SP1, here is what you need:

  • Install IIS Web Server, leave all the defaults as is, add:

          ASP.NET, Basic Authentication, Windows Authentication, IIS 6 Metabase Compatibility,

          IIS 6 WMI Compatibility

  • .NET Framework 4 (install it AFTER you install IIS so it registers it self)

 

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe –i

run this command if you got IIS installed before .NET Framework 4

Now fire up the installer and select the SSP Option

SCSM_SetupWeb

in the Portal Parts page choose the Web Content Server

SSP_PortalParts

Type your name, organization, accept EULA and proceed with setup, let the prerequisites checker finish:

SSP_SystemCheck

as for the SSL Encryption you either create a self-signed SSL certificate to be used by the website, import your own certificate OR DISABLE ENCRYPTION.

IIS_Certificates

then

IIS_CreateSelfSigned

To disable Encryption remove the Enable Encryption checkbox, then type a different port, other than 443, something above 2048, then hit Back and Next on the wizard… Don’t ask, it works :-/

SSP_NoEncryption

Select the database to connect to; again, you will receive a warning for the default collation if you used it

SSP_SelectDB

Choose the SSP Service account (domain account for added security, local system if you’re just testing)

SSP_ServiceAccount

Setup will then ask you if you wanna join the CEIP, Enable Updates, Review your settings, and that’s it. Smile

SSP_Success

  • Share/Bookmark

Alright folks, the Service Manager has just been released! its time to give it a shot and see what the ins and outs of the products.

I’ve summarized the installation steps for you so you can use this guide to start right away with your lab (this isn’t intended for production environments, more thorough planning should take place). I suggest that you take a quick look at the release notes for SCSM 2012 here

As for the installation, remember the good old days when you had to patch Server 2008 to get the latest System Center (R2, R3 stuff), but Server 2008 R2 worked out of the box just fine because it’s a lovely modern OS? well, hate to break the news for ya, but those days are gone; you better get your Server 2008 R2 SP1 Server running and START PATCHING! (actually 2 Servers) here is what you need:

          1. Go get Hotfix 2600907 for Server 2008 R2 here (needs a restart)

          2. Get the Authorization Manager hotfix here (included in Server 2008 R2 SP1)

          3. Get the Microsoft Analysis Management Objects (X64) which is required by the

             management console so it can work with SQL Server Analysis Services (SSAS) 

           4. Install Microsoft Report Viewer Redistributable Security Update KB971119 (no links?

               yes! its in the Prerequisites folder of the SCSM Media, horray!)

          5. Get .NET Framework 4 (for the Self Service Portal if you need it)          

Deployment Topologies

There are three (3) possible deployment topologies for the Service Manager 2012, the Single Computer Topology, the 2-Computer Topology, and 4-Computer Topology. Mmmm no, actually there are only two, yes you heard me, only TWO installation topologies. why do I say that? Well, because the Single Computer topology says that you need to get Hyper-V so you have one server on the physical host and another that you will virtualize.. Whaaaat? that’s a two computer topology! except that the Data Warehouse Server will reside on the other! wait, I didn’t tell you about the Data Warehouse Server and Data Management Server? Read on buddy, I’ll make it very very simple.

Service Manager is composed of two things (and their databases so that’s 4), the first thing is the Data Management Server and the other is the Data Warehouse Server, now these guys don’t really get a long, so you have to separate them, there is no way they can be on the same server (see, that’s why I told you to start patching two servers).

Now these guys have their databases, you can think of them as their wives, there is the Data Management Database and the Data Warehouse Database. it’s really flexible where you place the databases, whether the same server or a different one. Sooo the Single Computer Topology says that you install the (Management Server, Management Server Database, and Data Warehouse Server Database) on one computer and then install the Data Warehouse Server on the second, but why is that? I got no freakin idea (performance you say?), why would you separate the Data Warehouse Server from his wife the Data Warehouse Server Database? that is cruel. So place each two together and Boooom! this is the 2-Computer Topology! but what if you place each Server and Database on a different computer? YEP! it’s the 4-Computer Topology!

Simple. I’m doing the 2-Computer Topology.

Server 1 – Management Server and its Database

We need first to get the prerequisites ready, some of them are on the media, others are on the web. Install Server 2008 R2, join it to the domain, do the essential magical stuff (rename, network, update, remote desktop) and then:

 

 

Installing: SQL Server

  • Get SQL 2008 SP1 or SP2, SQL 2008 R2 or R2 SP1 (I got the latest, to be covered).
  • Make sure you have Full-Text Search (FTS) marked
  • Follow best practices for Service Accounts of your own (use domain accounts for extra security, I’m going to use local system or network system since I’m only testing).
  • For the SQL Server collation, make sure you use a Case-Insensitive (CI) Database
  • If you chose to use the default collation, you won’t be able to support multiple languages and Service Manager installation will display a warning (fine by me!)
  • Proceed with installation (oh, don’t use an Instance name with $ in it, Service Manager wont install :-/ so leave it default)

Alright, fire up your SQL Installation, and the select those roles:

SQL
I love the management tools.. always have, always will. (not required though).

See how I got FTS? you do too, click next till you get

SQL_Instance_Edited
default is cool. now next till you get to the collation

SQL_Coll

see? this means no other languages, and you get a warning by Service Manager, chose whatever collation you want but make sure its CI (Case Insensitive), AND the collation you chose should be the same for the warehouse database, they cant be different.

Installing: Service Manager

Once you got the SQL Server 2008 R2 SP1 installed, its time to start with the Service Manager 2012 Beta setup.

Type in your name, organization, accept EULA bla bla, until you get the Prerequisites Checker (which actually takes about 30 seconds to complete.. too long)

SCSM_Prereqs

As you click next, you will see the database and its options (instance, file location..etc) and here is the warning as I promised
SCSM_DBWarning

Type in the Management Group Name, and pay attention to what I have to say now, if you have Operations Manager in your environment and this name should UNIQUE and DIFFERENT FROM THE OPERATIONS MANAGER MANAGEMENT GROUP NAME.

SCSM_MGMTGroup

As for the Management Group Administrators, I suggest you create a Security Global group and use it here, also you should create an Admin User account and place it in this group and in the local administrators group of the server. (beware of SQL database security issues, add it there if you face any)

The Service Account and Workflow Account should ordinary Domain Users accounts

SCSM_ServiceAccount

Workflow Account:

SCSM_WorkflowAccount

aaaaand you’re done!

SCSM_Installing

 

Go to Server 2: Installing the Data Warehouse Server and its Database. (Direct http://ajweh.com/blog/?p=113)

Go to Self Service Portal Installation tutorial (Direct http://ajweh.com/blog/?p=109)

  • Share/Bookmark

Ok that’s it, I’ve had enough of IIS 7.5 (don’t be happy, IIS 7 too) and WebDAV already, this is the 100th time I see the problem and I still have no idea what causes it.

If you have installed SCCM before, you’d know what I’m talking about. WebDAV is now a part of the IIS 7.5 Role Services so you don’t have to download or install it separately like IIS 7 in Server 2008.

A prerequisite for installing SCCM is having WebDAV installed and configured as follows:

  • A Rule that allows all users read access to all content

and a couple of settings tweaking:

  • Allow Anonymous Property Queries should be set to True
  • Allow Custom Properties should be False
  • Allow Property Queries with Infinite Depth should be set to True
  • Allow Hidden Files to be Listed should be set to True

How IIS 7/7.5 Configuration Works

Now, with IIS 7/7.5 things have tremendously changed, IIS Server and Website Configurations are not written in a metabase like the IIS 6.0 Metabase, but rather written to XML Configuration files can be found in C:\Windows\System32\InetSrv\Config

You will see a bunch of XML files like the “Administration.xml” where global security settings and administrative delegation are defined here, “ApplicationHost.xml” where global application configuration settings can be found. if you dig a little deeper into the Schema subfolder you will find the IIS, ASP.NET, and of course the WebDAV Schema (WebDAV_Schema.xml) where the configuration settings you define in the IIS Management Console will be replicated to those XML files.

In the IIS Management console, Some settings are Server Wide (inherited to every single website) while others are Per Website/module/application pool..etc. for example check this out "<sectionSchema name="system.webServer/webdav/globalSettings">” <—this fellow here is a header for elements and attributes that affect global server WebDAV settings.

Why has this been done? so you can scale out your IIS deployment to hundreds of servers in a couple of clicks. so you can share the Configuration Store (where all the XML files are) and make lots and lots of IIS servers connect to it to retrieve their unified settings. So what if you need to change something? you guessed it, it can be done once! and all servers will reflect those changes.

This is cool…when it works.

Problem Details

The problem occurs when you change some settings from the IIS Management Console but for some mysterious reason, they changes are not reflected to the Schema Configuration file! causing inconsistency between the settings you see and the settings that are actually applied. as you can see below my WebDAV settings in the Management Console and the Schema file:

IIS_WebDAV
WebDAV Settings in the IIS Management Console

and this is how they appear in the WebDAV_Schema.xml file
WebDAV_Schema
WebDAV Settings in the WebDAV_Schema.xml file

the screen shots above belong to the same server (not photoshoped) and the inconsistency is pretty clear.

SCCM Problem

Before we solve the IIS inconsistency lets examine what the above does to SCCM; your configuration will go through the Prerequisites Checker and SCCM installation will be smooth, However, when you open the System Status in SCCM’s Management Console, you will see Errors reported by the SMS_MP_Control_Manager. Every time it retries to install the components, you will see the same error:

The WebDAV server extension is either not installed or not configured properly.
Solution: Make sure WebDAV is installed and enabled. Make sure there is an authoring rule that allow “All users” read access to “All content”. Make sure the WebDAV settings “Allow anonymous property queries” and “Allow property queries with infinite depth” are set to “true” and “Allow Custom Properties” is set to false.

Examining the MPSetup.log which is the Log File for the Management Point located in: “C:\Program Files (x86)\Microsoft Configuration Manager\Logs” <—The path may differ depending on your installation settings (you know better right?) will also throw the same error above.

Solution

You need to configure the WebDAV_Schema.xml file to reflect the settings required by SCCM, a small obstacle you may face is the owner ship of the file, if you simply open up the file in notepad and save it, you will receive an Access Denied error because you have no write permissions on the file, even if you try to add yourself you wont be able to, because TrustedInstaller is the owner of that file.

SecurityProperties_WEBDAV_SCHEMA

so you need first to Take Ownership of you the file, give yourself Write access then save it as an alternate name (because the containing folder doesn’t give you access as well). you then rename the old file (i.e. WebDAV_Schema.xml.old) and make your modified one with the same name as follows:

<attribute name=”allowAnonymousPropfind” type=”bool” defaultValue=”true” />
<attribute name=”allowInfinitePropfindDepth” type=”bool” defaultValue=”true” />
<attribute name=”allowCustomProperties” type=”bool” defaultValue=”false” />

Give the IIS and the SMS_SITE_COMPONENT_MANAGER services a restart and your server will be just fine, you can double check the MPSetup.log and reset the error count for the SMS_MP_Control_Manager from the System Status (or else you need to wait a bit long for it to give you the green check).

Side Problem: SMS Hierarchy Manager and Active Directory

The file security above reminded me of another problem thrown by the SMS Hierarchy Manager telling you that its unable to update its objects in the “System Management” container in Active Directory.

“Systems Management Server cannot update the already existing object "SMS-Site-[SiteCode]" in Active Directory….”

This problem occurs from the moment you create the “System Management” container using ADSIEDIT and give the SCCM Server full access to it.

What ADSI Edit does, is give the server access to “This Object Only” which means that the full access has only been given to the container itself, not the objects in it. to solve the issue, go back to the container’s Advanced Security Settings and set the “Apply To” option to “This Object and All Descendent Objects”:

System_Management_Container_Security

let me know if you have any thoughts! see ya.

  • Share/Bookmark

I can’t believe I missed the launch date! I was so eager to be one of the very first to blog about it, but I was in Dubai for the last week to attend Microsoft’s very own Tech-Ed 2011 Middle East (which was awesome by the way!)

So, March 10th was the date Microsoft released it’s Desktop Optimization Pack 2011 (MDOP 2011) and many fellow MVPs blogged about MED-V 2.0 and App-V Sequencer 4.6 SP1. I really suggest you check them out as they have a lot of great technical details.

MVP Blogs:

 

you can check them out on Application Virtualization TechCenter, direct link: http://technet.microsoft.com/en-us/appvirtualization/default.aspx

See ya!

  • Share/Bookmark

MED-V 2.0 at a glance

A lot of changes have been introduced with MED-V 2.0, when you start working with MED-V 2.0 you’d feel that the whole product has been refined, starting from a powershell-based GUI, the look and feel, the architecture, to the functionality that’s been added, and much more.

For those of you that are not familiar with MED-V, it’s the Enterprise-Class product to overcome application compatibility issues with Windows 7. Don’t get me wrong here, it doesn’t fix applications, but it gives you a green light to go on with your Windows 7 upgrade without worrying about applications that don’t work with it which might hold your upgrade.

MED-V Deploys a Windows XP virtual image called a “workspace” to Windows 7 client operating systems and publishes the incompatible applications from that XP workspace into your Windows 7 Start Menu, it also provides full integration with the host’s network printers, file system, and so ever. The integration is completely seamless to the user; they wouldn’t know where the application is coming from until they start it up and see the Windows XP theme on its window. In addition to the application compatibility assistance MED-V provides, it also uses URL Redirection to redirect certain addresses from IE 8 on Windows 7 to IE 6 in the workspace, hence overcoming IE website compatibility issues.

Moreover, MED-V adds a lot of features compared to MED-V 1; that includes support for Configuration Manager 2007 natively, specifically allowing for SCCM to support running in MED-V workspaces configured for NAT networking.

The way MED-V 2 works is fairly simple, you first need to create a VHD for Windows XP, remember this VHD should not be created using Hyper-V or Virtual Server 2005, it should be created using Windows Virtual PC. Next you use one of the MED-V components called the “Workspace Packager” which prepares your VHD to become a MED-V “workspace” once that workspace is ready, you can use Configuration Manager 2007 to deploy that workspace to client computers.

Client computers on the other hand have a MED-V Host Agent running that understands the configuration data included in the workspace, for example what applications should be pulled out of XP to Windows 7? What Internet Explorer URLs that should be opened using IE 6 from the Workspace? Also, guests have their own MED-V Guest Agent that helps MED-V manage the workspace, this agent is automatically installed when you prepare the workspace.

Getting Ready for MED-V 2

So again, MED-V 2 needs Windows Virtual PC to be installed on your client computers, it’s recommended to turn on Hardware-Assisted Virtualization if supported, it is not required anymore as Microsoft has released a patch for Windows Virtual PC to let go of this requirement. Patching Windows Virtual PC should be planned as a part of rolling out MED-V 2; we’ll talk about that in the Deployment section. Check out KB977206 to obtain the patch.

In addition to preparing Windows Virtual PC, I suggest you plan for your MED-V 2 before you actually start the packaging and deployment processes, things you should keep in your mind:

Do I need Shared Workspaces?

MED-V 2 creates a differencing VHD from that Base VHD you deploy, users on a single computer can share one workspace or each user can have their own Workspace, thus creating a differencing disk for each one.

How am I going to manage the workspace?

The Workspace is eventually an OS running in your environment; you should consider having a Configuration Manager or a similar management tool agent installed on it, and/or App-V Client if you have it1.

Do I need URL Redirection?

If you have legacy web applications that run only over IE 6, what are the URLs? Also you should consider limiting the IE6 experience that users have which is done automatically by MED-V.

What are the applications I need to install in the workspace?

We’re talking about Legacy apps here; make sure you test them thoroughly within the workspace before you deploy it.

How are you going to roll out the workspaces?

Using ESDs like Configuration Manager is great, but you need to make sure your network bandwidth can handle it, you should limit the number of applications in the workspace so the VHD doesn’t grow big, compression is good, but still roll it out in a slow steady form.

In addition to the points above, go through the wizard a couple of times and ensure you check your best fit options, for example the level of user interaction with the workspace when it’s being prepared.

Deploying MED-V Workspaces

Alright, MED-V 2.0 doesn’t use dedicated management and deployment servers, so you don’t have to deal with yet another server infrastructure in your environment just to handle application compatibility. You use your existing electronic software distribution (ESD) system to deploy and manage MED-V workspaces. This lets you scale your MED-V deployments to the same extent as your current management system provides. If you don’t use an ESD system, you can always use Group Policy Software Installation (http://support.microsoft.com/kb/816102) to deploy MED-V. But that’s a subject for a different blog post. For the remainder of this post, I’ll discuss one way you might deploy MED-V workspaces with System Center Configuration Manager.

Okay, you have plenty of options to deploy the MED-V setup files, Windows Virtual PC, and the actual workspace to your client computers, each method has its own pros and cons, with SCCM you can:

  • Use a Package with multiple Programs
  • Use a Task Sequence
  • Use a batch file

Now, I’m going to explain all three methods but before we actually get to the deployment recipes, let’s have a small recap of what components you need to deploy and what files does the MED-V Packager give you.

Installation Files to be deployed

Depending on your environment the number of files could vary, for instance, if you have Windows Virtual PC already enabled as a part of your standard image, you won’t need to deploy it, so let’s assume you have a clean environment with nothing but Windows 7 deployed, you need the following:

Windows Virtual PC: KB958559

Non-HAV clients patch: KB977206 (already in Windows 7 SP1)

MED-V Client: MED-V_HostAgent_setup.exeSetup.exe: the workspace itself

That’s about it, if you’re deploying Windows 7 you should consider a task sequencer to get them installed, remember Windows Virtual PC requires the clients to reboot, but that’s ok Task Sequencers in Configuration Manager run perfectly fine after a reboot.

MED-V Installation

Method 1: Using a Package and multiple Programs

The good thing about this method is that each component is installed individually, with its own advertisement, that gives you great flexibility and makes it easy for you to troubleshoot each component; the bad thing about it, well, it’s long!

Let’s examine the files produced by the MED-V Packager:

a .REG Configuration File

a Workspace VHD (compress that, it can save up to 50% of space)

a .EXE Workspace Package Installer

a .MSI File

a PowerShell Script (should you need to repeat your steps!)

that being said, here’s the plan, we’re going to create an SCCM Package that contains the installation source files, then we’ll create a program for each file we need, so let’s begin!

Step 1: Create a new Package

I prefer you create a new folder under Software Distribution, and then create a new Package, the package location should be the path to your custom made folder with all the executable files we need, it doesn’t have to be a UNC since SCCM will copy the contents to an accessible Distribution Point.

clip_image002[4]

Step 2: Create a Program for WPC

clip_image004[4]

As you can see above, the command “Windows6.1-KB958559-X64.msu /quiet” note the (X64) at the end of file name? you guessed it, if you have Windows 7 is 32-bit then you should get the x86 bits, the /quiet switch will take care of the WPC installation quietly, you can specify /noreboot switch if you wish not to reboot your client machine, moreover, you really need to make sure SCCM Deploys WPC whether or not the user is logged on in the next page, here is what you should do in the environment page:

clip_image006[4]

You can do this for every Program we’re going to deploy.

Step 3: Create a Program for the WPC Patch

clip_image008[4]

We’re going to use the same command to get it installed, and again using the /noreboot switch will disable rebooting the client.

Step 4: Create a Program for the MED-V Host Agent

Alright, the command here is similar to what we used above but this time the parameters differ a little bit, “ MED-V_HostAgent_setup.exe /qn IGNOREPREREQUISITES=1” will cause the host agent installation to ignore any prerequisites, for example not having WPC installed.

clip_image010[4]

Step 5: Create a Program for the Workspace

As you can see below the command “setup.exe /qn OVERWRITEVHD=1” will make SCCM install the Workspace even if there any previous Workspaces present at the client.

clip_image012[4]

Step 6: Create an Advertisement for each Program

Now that the Package and all of its Programs have been created, you should create an advertisement for each program, I know, it’s a lengthy process, but with multiple advertisements you can control the deployment level at each client and track every single component being deployed through reporting and Advertisement Status.

Here’s how the advertisement should look like

clip_image014[4]

Now, in the Schedule page, you either run it “As Soon As Possible” causing the clients to pull it right next to its upcoming policy refresh cycle, or schedule to run during off-business hours.clip_image016[4]

Method 2: Using a Task Sequence

Deploying the components in a Task Sequence allows for fine-grained control, and it also allows you to use one advertisement to send Windows Virtual PC components to clients of differing bitness. Here’s one example of an SCCM Task Sequence to deploy MED-V. Note that it’s okay to install the non-HAV patch to systems that are HAV capable. If a system is capable of HAV and HAV is properly configured, Windows Virtual PC will use HAV features even though the non-HAV patch is installed. Deploying the non-HAV patch universally will allow administrators to ensure that Windows Virtual PC will function properly on all systems. Again, the non-HAV patch is not needed on systems that are running Windows 7 Service Pack 1.

clip_image018[4]

The query at the top of the branch to select x64 systems is from WMI Namespace root/cimv2 and the WQL is “select * from Win32_Computer_System where SystemType = “x64-based PC”

For X86, the WQL is “select * from Win32_Computer_System where SystemType = “x86-based PC”

Method 3: Using a batch file

Here is a sample batch file that installs the MED-V components in reverse order with prerequisite checks turned off. Turning the prerequisite checks off lets you deploy the components with one reboot:

#REM Batch Starts

#REM Installing Host Agent components

start /WAIT MED-V_HostAgent_Setup.exe /qn IGNORE_PREREQUISITES=1

#REM Installing Workspace

start /WAIT .\setup.exe /qn OVERWRITEVHD=1

#REM Installing Windows Virtual PC

start /WAIT Windows6.1-KB958559-x64.msu /norestart /quiet

#REM Installing the non-HAV Patch

start /WAIT Windows6.1-KB977206-x64.msu /norestart /quiet

#REM Optional: Restart the computer after 5 minutes.

Shutdown.exe -c “Please save your work, Windows will restart in 5 minutes” -r -t 300

#REM Batch File Ends


If your Workspace has a Configuration Manager installed, you must reset the client to generate new GUIDs.

  • Share/Bookmark

Microsoft App-V lets you transform your applications into dynamic packages that follow the user wherever they are and stream them on-demand whenever the user needs them.

On one hand, it is great to have the application run in its own Virtual Bubble, with its own Registry, File System, and Virtual Services but on the other hand, many applications have dependencies, that includes middleware like .Net Framework or Java Virtual Machine, which raises a pretty good question: Why would I want to virtualize my applications, if I still have to deploy their dependencies?

That’s a good question; you could deploy middleware with your standardized OS Images, but still that doesn’t answer the question, what if a new version of your application gets released that depends on a new version of that middleware? Now what?

As you see it’s a bit a tricky to deal with those dependencies, and that’s why Dynamic Suite Composition helps you create dependencies between applications which I’m going to detail later on.

Components of App-V

The main four components of App-V are: the App-V Management Server, App-V Streaming  Server, App-V Client, and App-V Sequencer.

·         The App-V Management Server is the component where you import your virtual applications, define access rules, get usage reports, and even stream applications to clients.

·         The App-V Streaming Server has a name that says it all, it only streams applications to clients, a component that can be placed in branch sites.

·         The App-V Client is a client side component that reads configuration data from the server and acts accordingly (where is the virtual application? What is the path to the package, where should I place shortcuts? …etc.) And eventually requests updates (if any) and runs that application from the App-V Server.

Now, the last component is the star of our show, the App-V Sequencer, to be quite honest, there is no “art” configuring any of the App-V components, it is all in the sequencer! What it does? It’s the one that transforms your applications into Virtual Applications using a process called “Sequencing”. It is the first thing you do in your application transformation process, the only reason I put it last is so I can have all the space I want to talk about it.

The New Sequencer

Recently, Microsoft has released the SP1 for App-V Sequencer 4.6, a lot of great changes has been introduced with a serious focus on your sequencing experience.

Back in the days before SP1, sequencing an application was sometimes unpredictable, meaning that you sequence an application, it runs fine on the sequencer but still you have a chance of failure on the client, and that’s why the diagnostics subsystem has been introduced, so you can catch problems at the sequencer before even testing or deploying the virtual application to clients.

With App-V 4.6 SP1 Microsoft integrated Sequencer Diagnostics, which lets you know exactly how the application is behaving and where is the data being stored. For example, you could install an application and configure the sequencer to monitor the installation path, only to find out that the application stores some of its critical components outside that path like AppData, which isn’t monitored, causing the application to fail on the client.

Another great feature of App-V 4.6 SP1 is Package Accelerators, if you’re familiar with the App-V Sequencer, you know you had to look for Sequencing Recipes online to make sure you do it right. What Package Accelerators do is automate the sequencing process, so they do most of the tricky work for you.

In addition to Diagnostics and Package Accelerators, App-V 4.6 SP1 has made it easier to create dependencies between applications.  As we said before applications run in their own virtual bubble isolating applications from each other and the underlying operating system, in App-V if we want virtual bubbles to interact, we have the option of controlling the process and allowing the interaction, using an App-V feature called Dynamic Suite Composition (DSC). In this post I’m going to show you how to create a relationship between .NET Framework 4 and an Expression Studio 4 that needs .NET Framework 4 to function properly, we’ll accomplish this using DSC.

The Sequencing Process

In my example I’ll be sequencing Expression Studio Ultimate 4 which relies on .NET Framework 4, in order for me to get any of the Expression components to run, I need .NET Framework to be present on the machine.

So what I’m going to do is virtualize .NET Framework 4 as a middleware then virtualize Expression, and finally create a dependency between the two, this is how it will be done:

1.       Virtualize .NET Framework 4

2.       Save the virtualized .NET Framework 4 to a file server

3.       Revert the Sequencer VM to its clean state

4.       Get the virtualized .NET framework 4 from the file server

5.       Expand the package to the local system

6.       Create a new package for Expression Studio

7.       Save the virtualized Expression Studio to a file server

8.       Use the Dynamic Suite Composition to create a dependency between the two

Sequencing .NET Framework

Get the offline installer for .NET Framework and make sure you take a snapshot for your sequencing VM, also disable Windows Search, Windows Update, and Windows Defender services so the process goes smoothly.

Now fire up the App-V Sequencer 4.6 SP1 as an Administrator, failing to do so may result in installation failure, then select a new package from the “Packaging Method”, once you select it choose that you want to virtualize a Middleware from the “Package Type” as you see below:

clip_image002[8]
Figure 1.0: Type of Application

Follow the wizard to complete the process then do Step 2 and Step 3 from above.

Sequencing Expression Studio Ultimate

As mentioned earlier, revert back the VM to its clean state, and get the sequenced .NET Framework 4 from your file server.

The next step would be Expanding the package as you can see in figure 2.0, it’s the process of “Devirtualizing” your package, what it does is similar to installing the package to the local system, we need this step so when sequence Expression Studio we don’t face an error stating that .NET Framework 4 isn’t present.

clip_image004[8]
Figure 2.0: Expanding a Package

When you select to expand a package you will be prompted to specify the SPRJ file location, then the process will go on, before SP1 you had to install all the prerequisites for an application in order for you to get it sequenced properly, the Package Expansion saves this work.

At this point your sequencing machine is ready to create a new “Standard Package”, in our case it’s going to be Expression Studio 4.

Sequencing Expression Studio 4 and Create the DSC dependencies

From the App-V Sequencer main menu choose to create a new package, specify the location for the .exe installer and complete the wizard.

Once you’re done, save your Expression Studio’s virtual package to your file server and create the dependencies using the Dynamic Suite Composition tool or manually using the OSD files.

If you’re going to use the tool, import both packages and choose Expression as your Primary package, then highlight .NET Framework’s 4 and add it as a mandatory dependency by clicking the Add button.

Conclusion

App-V Sequencer 4.6 SP1 adds so much flexibility and automation to the sequencing process, with the new features you will be able to easily create new packages, know exactly how applications behave, and automate the whole process with accelerators that most of them will be from trusted sources that have tested them over and over again. This predictability and ease of use will save countless hours from your time.

 

 

 

  • Share/Bookmark
6 visitors online now
3 guests, 3 bots, 0 members
Max visitors today: 13 at 06:15 am UTC
This month: 17 at 04-16-2014 06:27 am UTC
This year: 54 at 02-02-2014 06:46 pm UTC
All time: 66 at 05-05-2013 10:10 am UTC