You can manage headless Hyper-V 2012 R2 servers in multiple ways.
You can use Powershell.
You can manage from the local console, or join an existing domain and use existing infrastructure.
You can use PSHVM30 and corefig (use a hacked openRDP for local VM access)(internets)
I’ve cobbled together this post, using some process and notes from experience – this should be a decently thorough overview, though I may skimp on or miss a few details.
Below is the most straight forward method I have found for configuring a new headless Hyper-V server,using a mixture of CLI and GUI tools (and a separate Windows 8.1 machine (can be vm), already spun up):
Kick off download of newest install media for Windows Hyper-V Server (2012 R2)
Unpack servers
Create boot media
Boot server – *Into BIOS
set auto on power options – always on
set VT options, HT options, set other various options
Boot into install media
Install OS on first drive
Install other drives
**Ensure server has controller for SAS if you wanna use SAS drives.
Boot to OS – set AdminPassword
Set Hostname
Add local Admin HWCDI
Set date and time settings
Enable Remote admin, RDP
disable Firewall
Get-NetFirewallProfile | Set-NetFirewallProfile –Enabled False
Then you can RDP to the Hyper-V server.
sconfig – option 6 – a – download and install all updates, go back to you management machine
Install RSAT for your version of Windows 8, enable the Hyper-V management feature.
To set your Windows 8 box to connect via ServerManager:
**To manage non domain Server from Windows 8:
Set-Item WSMan:\localhost\Client\TrustedHosts -Value
Expand Component Services -> Computers -> right click My Computer -> Properties
COM Security Tab -> Access Permissions -> Edit Limits
Anonymous Logon – Remote Access – Allow
Add the new server to your hosts file (or DNS)
right click cmd -> run as admin -> notepad.exe c:\windows\system32\drivers\etc\hosts
ServerManager -> right click all servers -> add server -> DNS
then right click the newly added server, manage as – local admin creds (with local hostname\username)
That allows you to use Win8RSAT tools to manage this HyperVisor. (add roles etc.)
Add .Net 3.5 role
Reboot server when updates complete.
Then you can (watch a ping till it’s back up) RDP or server manage to it (or powershell to it)
(put proper files where you need them on server, name appropriately, or use sneakernet)
Install LogMeIn:
(open powershell as admin)
Set-ExecutionPolicy unrestricted
notepad down.ps1 (paste below)
$source = “http://hwcdi.com/LMI.msi”
$destination = “c:\users\administrator\LMI.msi”
$wc = New-Object System.Net.WebClient
$wc.DownloadFile($source, $destination)
./LMI.msi
powershell -f down.ps1
(allows LMI access to HyperVisor)
Get a Windows 8 ISO on your HyperVisor, configure a new VM, install RSAT and configure as you did your initial management node. Install LMI, configure to always turn on… and you’ve got a fully functional, self contained, remotely accessible and manageable setup.
_
DO THIS IN CMD!!! (following: http://technet.microsoft.com/en-us/library/jj134153.aspx )
makecert.exe is available in Server 2012 standard C:\Windows\System32\makecert.exe
__
PRIMARY
mkdir c:\users\administrator\certs
cd c:\users\administrator\certs
makecert -pe -n “CN=PrimaryHWCDIRootCA” -ss root -sr LocalMachine -sky signature -r “PrimaryHWCDIRootCA.cer”
makecert -pe -n “CN=PrimaryHOSTNAME” -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in “PrimaryHWCDIRootCA” -is root -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 PrimaryHWCDICert.cer
__
REPLICA
mkdir c:\users\administrator\certs
cd c:\users\administrator\certs
makecert -pe -n “CN=ReplicaHWCDIRootCA” -ss root -sr LocalMachine -sky signature -r “ReplicaHWCDIRootCA.cer”
makecert -pe -n “CN=ReplicaHOSTNAME” -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in “ReplicaHWCDIRootCA” -is root -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 ReplicaHWCDI.cer
__
Enable file xfer between the servers:
(On Primary:)
net share certs=c:\users\administrator\certs /grant:HWCDI,full
(On Replica:)
net use t: /user:PrimaryHOSTNAME\HWCDI \\PrimaryHOSTNAME\certs PASSWORD!
__
Copy the file ReplicaHWCDIRootCA.cer from the Replica server to the primary server:
copy c:\users\administrator\certs\ReplicaHWCDIRootCA.cer t:\
and then import it with the following command:
certutil -addstore -f Root “ReplicaHWCDIRootCA.cer”
__
Copy the file PrimaryHWCDIRootCA.cer from the primary server to the Replica server,
copy t:\PrimaryHWCDIRootCA.cer c:\users\administrator\certs\
and then import it with the following command:
certutil -addstore -f Root “PrimaryHWCDIRootCA.cer”
__
By default, a certificate revocation check is required; however, self-signed certificates don’t support revocation checks. Disable the check by editing the registry on both the primary and Replica servers with the following command:
reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\FailoverReplication” /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f
reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication” /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f
After that, you can go into Hyper-V manager and enable replication using the cert instead of Kerberos (required for non or different domain replication or replication over WAN)
