Latest Article – Preserve Hyper-V security from Meltdown and Spectre vulnerabilities

A complementary article to my last blog post here, but this time focusing on how to protect Hyper-V VMs from the Meltdown and Spectre vulnerabilities.

imageThe Spectre and Meltdown vulnerabilities have admins scrambling for safety, and virtualization presents a particular challenge — one that requires host and VM protection in order to maintain Hyper-V security.

These vulnerabilities are inherent to the hardware architecture of processors in modern CPUs, which forces vendors to search for fixes through software patches. Microsoft Hyper-V admins can start the process of applying these patches by using the following steps to protect their VMs.

…. Read the rest of the article at SearchServerVirtualization.com

Advertisements
Posted in Hyper-V, MVP, PowerShell | Tagged , , , , , , , | Leave a comment

Hyper-V and Spectre/Meltdown: Protecting Your Hosts – Do This!

SMThere is a lot of information swirling around out there on what to do with the latest Spectre/Meltdown vulnerabilities. Whereas I can’t tell you how to solve the vulnerabilities for for every Hardware and Operating System combination, I can tell you how to get your Hyper-V environments protected.  You might be interested in every fine detail of what is happening or you may want to just find out how to get protected as quick as possible.  If you are interested in the latter, then this is the blog to start with.    Here are the no nonsense steps that will protect your Hyper-V hosts.  I will be making a second post for the VMs running on these hosts.

Windows 2012 R2 and Windows 2016 Hosts

All Associated Files for Fixing and Testing for Spectre/Meltdown can be found HERE:

reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management” /v FeatureSettingsOverride /t REG_DWORD /d 0 /f

reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management” /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization” /v MinVmVersionForCpuBasedMitigations /t REG_SZ /d “1.0” /f

    • OR through Group Policy Registry Preference if you want to get to a baseline throughout your environment across all your hosts.

 

 

* Other Firmware Modules that I use can be found here:  Removed Due to Issues with first version of release firmware.  I will include more here once the final revisions have been released.

https://1drv.ms/f/s!AkBgjSJPQpxUnLQwzcraOFu8i5CsuA

For links to your HP or Dell hosts updated firmware for the Spectre/Meltdown Vulnerability, you can check the links below

HP: https://h22208.www2.hpe.com/eginfolib/securityalerts/SCAM/Side_Channel_Analysis_Method.html

Dell: http://www.dell.com/support/article/us/en/19/sln308588/microprocessor-side-channel-vulnerabilities-cve-2017-5715-cve-2017-5753-cve-2017-5754-impact-on-dell-emc-products-dell-enterprise-servers-storage-and-networking-?lang=en

 

Testing:

  • Download the Following Test Scripts from HERE and place them on a folder on your Hyper-V host.
    • SpeculationControl.psd1
    • SpeculationControl.psm1
    • SpeculationControl-runme.ps1
  • Open PowerShell and Change your Directory to the location of your scripts i.e. CD \Spectre_Meltdown
  • Run Import-Module .\SpeculationControl.psd1
  • Run Get-SpeculationControlSettings
  • If patched correctly, your results should look like the screenshot below.

PS_Commands_ScreenShot

If it looks like this, with lots of green, you are on the right track.  Check back to see if there are any other additions that come out in the next few days/weeks.

 

Sources for More Information:

https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/CVE-2017-5715-and-hyper-v-vms

Support Guidance:

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

 

 

 

 

Posted in Hyper-V, PowerShell, Vendor, Windows Server 2012 R2, Windows Server 2016 | Tagged , , , , , , , , , , , , , , , | Leave a comment

Computer Account Domain Migration Oddities – No Access to ADMIN$ share

When attempting to run the Security Translation Wizard to ensure resources like Local Profiles, Printers, Mapped Drives, Desktop, etc… are migrated over when users start to logon with their migrated user accounts, I ran into an odd error within ADMT.

Unable to access ADMIN$ share on the machine ‘COMPUTERNAME.DOMAIN.COM’. Make sure the share exists and the account running ADMT is a member of local administrators group on the machine ‘COMPUTERNAME.DOMAIN.COM’. hr=0x80070005. Access is denied.

image

The migration server, with ADMT installed, that was joined to the Target Domain was unable to access some PCs by name using UNC path name i.e. \\ComputerName\admin$, but I  could access this location using IP Address and could resolve the name with NSLookup have it respond to PING by name, and remotely connect by name to a RDP to the remote computer. Another anomaly I noticed was that when I went to Computer Management and try to access this machine remotely, the Local Users and Groups section is inaccessible from this server.

Solution:

Turns out, the reason for this was that the Source computer object was still enabled.  Once I disabled or deleted the Source computer object, I was immediately able to access the ADMIN$ shares and remote computer managment of the migrated PCs.

Posted in Active Directory, ADMT | Tagged , , , , , | Leave a comment

Enable or disable modern authentication in Exchange Online

image[15]

Recently when working with a domain migration I experienced and issue with Outlook autodiscover working incorrectly for accounts that have been migrated to the target domain.  The newly migrated users were keeping their same email addresses and their mailboxes were still hosted on O365 and all the appropriate object identifiers and directory synchronization (different article to follow on how this was done), but Outlook clients were failing authentication since is was trying to use basic authentication.  Using the PowerShell command in the Link below to modify the tenant setting in O365, Outlook 2016 clients work pretty much immediately and Outlook 2013 can work with a registry modification.  (Outlook 2010 and Outlook 2007 can not use Modern Authentication)

Enable or disable modern authentication in Exchange Online

https://support.office.com/en-us/article/Enable-or-disable-modern-authentication-in-Exchange-Online-58018196-f918-49cd-8238-56f57f38d662

Posted in Active Directory, O365 | Tagged | Leave a comment

Faster Active Directory Replication – Decrease Intersite Replication Interval to Seconds

Delving back into all things Active Directory recently with domain migrations and came across this helpful tip of decreasing Intersite replication.  No need to wait these days with the speed of the connections between sites.

Source: PC Tech Go: Faster Active Directory Replication – Decrease Intersite Replication Interval to Seconds

Posted in Hyper-V | Leave a comment

What are the Files and Folders Behind Hyper-V 2016 VMs (Part 1)

The next few blogs posts come from a recent article that I wrote for SearchServerVirtualization.com.  Here are some of the excerpts from that article that focus on the files and folders of Hyper-V in 2016

There are plenty of articles about how to use many of the features of Hyper-V in Windows Server 2016, but this articles will give you a deeper look at what is behind some of these features. What is really going on? How does it all work? Sometimes it is something very simple, other times it is a chain of complex steps that give you a view into some of the brilliance of the developers that make it all work. In this article, we are going to look at the Files and Folders that make up a VM, knowing how to locate them, and what function they perform, which will give you a great start at troubleshooting problems if they arise.

Where do these files live?

For standalone hosts, the default files are found in two different locations.

Configuration files: C:\ProgramData\Microsoft\Windows\Hyper-V

Virtual Hard Disk Files: C:\Users\Public\Documents\Hyper-V\Virtual Hard Disks

For clustered hosts, VM files are located in a different default location. Whereas you can separate VM files into different directories or even volumes, usually these are all stored in the same VM directory with subdirectories under that. In most cases, clusters use a type of shared storage called Cluster Shared Volumes (CSV) volumes where VMs live and all nodes of the cluster have access to. Two common methods of creating this type of storage is to have some sort of SAN storage connected by Fiber, ISCSI, SMB etc… or using Storage Spaces Direct (S2D).

When using CSVs for your shared cluster storage, a mount point off of the C:\ drive is created on each node of the cluster that links to each of the CSV volumes. These will be located at:

C:\ClusterStorage\Volume1

C:\ClusterStorage\Volume2

Virtual Hard Disk folder: VHD, VHDX, AVHD, AVHDX, RTC, and MRT files

clip_image002

  • Virtual hard disk files: These come in to different varieties .VHD or .VHDX. VHD is the older version of Microsoft’s virtual hard disk and has been around since the Virtual Server 2005 days. VHDX files have been around since Windows Server 2012 timeframe and provide better performance and fault tolerance. These are your hard drives of you VMs and contain all of the individual files, Operating system etc… You can also mount these files directly with Disk Management in Windows 7 and above and browse or change the content.
  • Automatic virtual hard disk: .AVHD or .AVHDX are differencing files where all newly written data is stored after a Checkpoint is created either by the administrator or as a result of backup procedure.
  • Resilient Change Tracking: .RCT files are a new addition to Windows Sever 2016 Hyper-V. That allows the tracking of changes between backup operations. Instead of having to backup the entire VHD(X) file or traverse the whole file, the .RCT file tracks changes and directs backup software to only the blocks that have changed. This provides much quicker backups that previous version of Hyper-V and puts the technology on par with VMware’s Change Block Tracking (CBT)
  • Modifiable Region Table: .MRT Like the .RCT file, the .MRT file aids in tracking changes between backup operations, but its function is to provide resiliency in the event of a host crash, BSOD or even a power failure. These make sure data is not missed in the case of something catastrophic happening to one of your hosts during a backup procedure.
Posted in Hyper-V, Windows Server 2016 | Tagged , , , , , | Leave a comment

2015 Microsoft Virtual MVP Conference–Consumer Track

MVP15_MicrosoftMVP_VC_WebBanner_920x400pxThere are even a Consumer Track sessions at the MVP Virtual Conference coming on May 14th and May 15th.  These sessions are just fun and practical given by some of the most influential MVPs in the technical community.  Over 5000 people have already registered for the event with content driven by Microsoft MVPs in three main tracks, IT Pro, Developer, and Consumer.  I have been highlighting some of my favorite sessions all week.  To register for free online conference, just go to this link:  http://mvp.microsoft.com/en-us/virtualconference-sessions.aspx

 

Consumer Track

How to present with your audience’s needs in mind, all within PowerPoint!

Speaker: Chantal Bossé

Moderator: Sandra Johnson

We hear about Death by PowerPoint almost every day. One of the complaints is that the tool is only linear. Well, there is a way to build a flexible or interactive presentation to tailor your message, and meet your audiences’ expectations, all within PowerPoint. In this session, you will learn how to use hyperlinks, custom shows, and triggers to help you build valuable and flexible presentations. A great way to stand out, and stay away from Death by PowerPoint!

These Are a Few of My Favorite Things – The OneNote Edition

Speaker: Kelly Marshall

Moderator: Douglas Spindler

Kelly will share a high level overview of fifteen of her favorite things about the 2013 desktop version of OneNote – including linking, OCR Search, Send to OneNote Tool, Tags, Templates and more. This presentation is a good fit for consumers who are new to OneNote or just getting started and looking to learn more about what tools OneNote can offer them to improve their business productivity.

Delve & the Office Graph – A crash course

Speaker: Paul Olenick

Moderator: Susan Hanley

In this dynamic, demo-rich session Paul Olenick, SharePoint MVP, will provide a crash course on Delve and the Office Graph covering what they are, how they work from a mechanical level, their business impact and pitfalls to be aware of. He will also discuss how to extend the experience to create custom solutions based on the Office Graph. Attendees will leave with a solid understanding of what Delve and the Office Graph are, how they work, how they could fit in their organizations, as well as pitfalls to watch out for. Don’t miss this chance to opportunity to learn everything you need to know about Delve and the Office Graph!

Migrating from an iOS mobile device to a Windows mobile device and how to keep your Outlook data, emails, and contacts intact

Speaker: Jeff Shirley

Moderator: Kelsey Epps

In this session I will show you how to migrate your domain email to hosted Office 365 (no more POP3, and now you get Out of Office replies and OWA!), and then move away from an iOS device (iPhone 4 in my case) which was synced with Outlook 2010. This session steps you through setting up a Windows phone (a Nokia 930 Limited edition that I ordered in from overseas) and connecting it to iTunes for your music. I will then show you the various tricks and tools you need to use to make the migration painless and to keep your existing emails and contacts currently located in Outlook 2010.  Finally it’s an adventure syncing everything up so all your devices are on the same page – the IMAP settings for Office 365 were not as simple as one would expect sometimes, and there are lots of little glitches and requirements related to getting your contacts moved.

I’m an uber chic hipster that runs my business on only Apple products; Why would I want Office365?

Speaker: Kelsey Epps & Kanwal Khipple

Moderator: Sean McNeill

The presentation will be a case study form detailing how Office365, Azure and Office can help the client defeat all their technical issues and run their business with help from Azure and Office365. It will detail the products, how to configure services and install applications on Apple devices.

Pivot Table Data Crunching

Speaker: Bill Jelen

Moderator: Chris Smith & Zack Barresse

Pivot tables are one of the most powerful features in Excel. With a pivot table, you can transform hundreds of thousands of rows of detailed data into a one-page summary report in just six clicks. In this session, you will learn the ins and outs of Excel pivot tables. Take a deep dive into features that let you create a true top 10 report, a year-over-year analysis, a dashboard of multiple pivot tables using slicers. Get an introduction to Power Pivot.

Using Access and SharePoint for Travel Expenses and Pulling up Maps

Speaker: Crystal Long

Moderator: Brent Spaulding & Julian Kirkness

Learn how to build a tool with Access to manage information on the road. Track mileage and meals. Use Bing to map your route and show maps for areas you visit. Calculate distance and get expense reports. Access is for anyone who has data to organize. Office 365 lets you get data when you are at home, in the office, and on the road. No matter where you are, your web database can be there too.

Windows 10:  Productivity Tips

Speaker: Andrei Marukovich

Moderator: Tom Walker

Do you want to be equally productive in your office  using a desktop PC and working with your tablet on a plane? With the enhanced user interface, Continuum feature and Cortana, Windows take makes this goal possible. Join us to learn about Windows enhancements for mobile users, new ways of managing workspace, about Cortana and new features for power users.

Windows 10:  Making School Life easier with Windows 10 & Cortana

Speaker: Mark Schramm

Moderator: Jan Hannemann

This presentation will be about Windows 10 making a student’s life more productive and easier. From Cortana’s help with homework to a student being able to easily organize their “stuff” with the new features of Windows 10 from the Start Menu to the Action Center.

Windows Phone 8.1:  “Hey Cortana” you make my life easier

Speaker: Mark Schramm

Moderator: Jan Hannemann

This presentation will consist of how Windows Phone 8.1 increases my business productivity in my roles as a small business owner, consultant and Microsoft MVP. It will involve how Cortana makes scheduling so much easier and immediate, also how many of the built in features of Windows Phone are used in my day-to-day business life.

Use your Windows Phone to tap into the Contacts, Calendar (and shared Calendars) and OneDrive

Speaker: Julie DeJong

Moderator: David Scammell

This presentation will discuss how to use Windows Phone to tap into all of the functionality of an Outlook.com account. We will focus on using a Windows Phone to tap into the Contacts, Calendar (and shared Calendars) and OneDrive (and shared files on OneDrive). We will include the mechanics of sharing Outlook.com calendars, OneDrive folders and files, and then how to view and work with those shared items on a Windows Phone.

It’s Not A Windows Phone, It’s MY Windows Phone

Speaker: Atley Hunter

Moderator: Sumeeth Evans

You will find out how Windows Phone fits into your life and allows you to do more faster and be as connected as you want to be.

Windows 10: New Features & New Directions

Speaker: Richard Hay

Moderator: Shawn Keene

By using the latest public build of Windows 10 you’ll learn about the major changes to the user interface compared to Windows 8.1 and how the changes bring back a familiar, yet different, interface which we had in Windows 7. You’ll also learn about the cross platform/device capabilities that Windows 10 will enhance for users to include universal apps, gaming, cloud sync for files and settings and touch first Office apps.

Create Custom Icons in PowerPoint

Speaker: Sandra Johnson

Moderator: Chantal Bossé

Icons are the hottest communications design trend since cave drawings. These effective visual clues can play a strong role in helping your audience understand your story and ultimately influence the success of your presentation. Creating icons using PowerPoint’s built-in Merge Shapes tool can help ensure graphic consistency in your presentation, avoid potentially expensive photography costs, and create universal designs that are easy to recognize and have a high image quality.  This session will focus on how to create icons for PowerPoint using native PowerPoint tools.

Ransomware – Key tools for prevention and recovery

Speaker: Susan Bradley

Moderator: Amy Babinchak

Learn how to quickly recover from and prevent the latest threat on the web – ransomware. From CryptoLocker, CryptoWall, it’s estimated that it’s cost it’s victims over $30 million dollars. Learn how to better protect yourself and prevent yourself from becoming its next victim.

Understanding Windows Updating

Speaker: Susan Bradley

Moderator: Amy Babinchak

Every month the largest cloud service in the world updates and services the largest number of systems. Find out how Windows Update works, how to understand its cryptic error messages, how to prevent failures and learn about upcoming changes in Windows 10 and how it handles Windows Updates.

Using Office Mix from Boardroom to Classroom

Speaker: Brian Friedlander

Moderator: Sumeeth Evans

Learn how you take your PowerPoint presentations to the next level with Office Mix- an easy to use free plug-in for PowerPoint 2013. Using Office Mix you will learn how to make your presentations more interactive and is an ideal tool for delivering content over the web. Office Mix is an authoring tool for the flipped classroom and provides new ways for embedding video, simulations, digital ink, and quizzes. Want to know who has accessed and viewed your Office Mix? Not a problem-Office Mix provides you with a complete dashboard with comprehensive analytics. So come learn how you can benefit from using Office Mix in your boardroom or classroom.

Xbox Music, the cloud and your Bieber collection

Speaker: Marques Lyons

Moderator: Sumeeth Evans

This is a session that offers tips, tricks, and insight about the Xbox Music service. Learn how OneDrive and Xbox Music let you take all of your favorite music with you on any Windows device, running Windows 8.1 or later, for free. Plus, get information about Xbox Music Pass (aka expanding your horizons) and ways you can help influence future versions of the service.

Virtual Tour of Microsoft’s Security Response Center

Speaker: Douglas Spindler

Moderator: Susan Bradley

Last November MVPs were invited to tour Microsoft’s Security Response Center, (MSRC). The MSRC works with security researchers, tech and non-tech companies and law enforcement agencies from around the world to investigate security incidents, to advance Microsoft product security and protect the public from Internet crimes. I will take you on a virtual tour of the MSRC and share the vital work that’s being done at the MSRC and tell you about some the crimes the MSRC has investigated. Microsoft and the MSRC are working to create a safer society for us by not only investigating the well-publicized types of cybercrime, identity theft, financial fraud, etc., but the MSRC also works on counterfeiting, human and drug trafficking and technology crimes which harm society and quality of life. See how Microsoft and its partners are fighting on a global scale and you will walk away as I did saying, “Thank you Microsoft!”

Posted in #MVPvCon | Tagged , , | Leave a comment