星期一, 4月 01, 2013

Hyper-V Server 2012 安裝

自從前陣子卯起來玩 ESXi之後,很長一段時間沒有碰 Hyper-V ,最近有台PC掛點換了主機板送回來後就先拿來當測試機。不測則已,測了之後才發現 axxr 的 UEFI 主機板居然沒有 Boot Manager的選項,不能模擬成BIOS的開機方式;造成 ESXi 和 XenServer 都裝好後無法開機的冏境。

想了想就拿來裝Hyper-V Server 2012,測一下Hyper-V 3.0吧!

原本照著 以免費版Hyper-V Server 2012建立虛擬化環境 做,後用Windows 8 裝了遠端伺服器管理工具 仍然無法控制,試了很多次才成功。
在Server上已經下指令:
netsh advfirewall set all profiles settings remotemanagement enable
netsh advfirewall firewall set rule group="遠端服務管理" new enable=yes
netsh advfirewall firewall set rule group="遠端桌面" new enable=yes
cscript %windir%\system32\scregedit.wsf /AR 0
cscript %windir%\system32\scregedit.wsf /CS 0
winrm quickconfig –q
英文版是
netsh advfirewall set all profiles settings remotemanagement enable
netsh advfirewall firewall set rule group="Remote Administration" new enable=Yes
netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes
cscript %windir%\system32\scregedit.wsf /AR 0
cscript %windir%\system32\scregedit.wsf /CS 0
winrm quickconfig –q
為何還是不行呢?又 找到 Manage Hyper-V Server 2012 Remotely 和 Remotely Manage Hyper-V Server 2012 Core,原來是Windows 8也要做相對的權限設定,要再下 cmdkey /add:<ServerName> /user:<UserName> /pass:<password> 等等,實在太麻煩了。

要簡化權限設定得用 Hyper-V Remote Management Configuration Utility (hvremote.wsf),怎麼設定要看底下這張表:
ConfigurationWherePurposeCommands
Client and Server both workgroupServerCreate a local account (eg "john")Use net user /? or Computer Management 
ServerGrant the user accesscscript hvremote.wsf /add:accountname          ***
ClientAllow Anonymous Logon remote DCOM accesscscript hvremote.wsf /anondcom:grant
ClientLogon with matching local account.Ctrl+Alt+Del :)
ClientIf passwords do not matchcmdkey /add:servername /user:servername\account /pass
Both  Verify configuration for errorscscript hvremote.wsf /show /target:othercomputername
-------------------------
Client workgroup, Server domainServerGrant domain account accesscscript hvremote.wsf /add:domain\account           ***
ClientAllow Anonymous Logon remote DCOM accesscscript hvremote.wsf /anondcom:grant
ClientSet credentials for domain accountcmdkey /add:servername /user:domain\account /pass
Both  Verify configuration for errorscscript hvremote.wsf /show /target:othercomputername
-------------------------
Client domain, Server workgroupServerCreate a local account (eg "john")Use net user /? or Computer Management 
ServerGrant the user accesscscript hvremote.wsf /add:accountname           ***
ClientAllow Anonymous Logon remote DCOM accesscscript hvremote.wsf /anondcom:grant
ClientSet credentials for local accountUse cmdkey /add:servername /user:servername\accountname /pass
Both  Verify configuration for errorscscript hvremote.wsf /show /target:othercomputername
-------------------------
Client and Server both domainServerGrant the non-admin user accesscscript hvremote.wsf /add:domain\account           *** 
Both  Verify configuration for errorscscript hvremote.wsf /show /target:othercomputername

其中有個弔詭的地方,就是兩台(Client與Server)的網路設定,在用 cscript hvremote.wsf /show /target:othercomputername 看的時候會警告的話,得加到 %windir%\system32\drivers\etc\hosts 這個檔,再重新加入到伺服器管理員,這時候才能遠端管理。

接下來,就可以快樂的玩Hyper-V 3.0了!

沒有留言: