Category Archives: Windows 2012

Free PowerShell Desired State Configuration (DSC) training on February 25th and 26th

Microsoft Virtual Academy (MVA) is hosting 2 PowerShell Desired State Configuration (DSC) training classes on February 25th and February 26th:

  1. Getting Started with PowerShell Desired State Configuration (DSC)
  2. Advanced PowerShell Desired State Configuration (DSC) and Custom Resources

The links above provide include a course outline and a link to register for the Jump Start. And even if you can’t join live, the recordings will always be made available at a later time so you can watch whenever it suits you better.

PowerShell DSC is becoming increasingly important and I personally also still need to learn more about it and look forward to it.

I hope it’s useful to you as well.


Tags: , , , , , , , , , , , , ,

Microsoft – Passed the free exam 74-409 Server Virtualization with Windows Server Hyper-V and System Center

As I mentioned earlier, Microsoft is offering free exam vouchers for the new exam “74-409 Server Virtualization with Windows Server Hyper-V and System Center”. For more information, take a look here.

I took the exam today and passed after having studied very hard for over a week (including pulling an all nighter today). I’m happy to have my first certification for the year 2014 already though 🙂

In my opinion the exam contained too many repeating (easy) questions on specific subjects, but there were also some very difficult questions about really specific situations. I personally would’ve preferred more “medium difficulty” questions.

All in all I learned a lot from preparing for the exam and I’m very happy with all the new things Microsoft has added to their new products.

If you are looking to take the exam as well, take a look at my previous post that contains the resources I used for preparation.

Good luck and enjoy. I’ll be going for some well earned sleep now 🙂


Tags: , , , , , , , , ,

Microsoft – Free exam 74-409 Server Virtualization with Windows Server Hyper-V and System Center

Microsoft is offering free exam vouchers for the new exam “74-409 Server Virtualization with Windows Server Hyper-V and System Center” to attendees of the Jump Start. The amount of free exams is limited, so be sure to register for the “Server Virtualization w/ Windows Server Hyper-V & System Center Jump Start” as soon as possible.

Also for those interested in free VMware Certified Associate (VCA) exams, time is running out. For more info, take a look at my previous post.


Tags: , , , , , , , , , , , , , , , , , , ,

Microsoft – Troubleshooting Key Management Service (KMS) activation

Today I helped a colleague troubleshoot a couple of systems were unable to activate using Key Management Service (KMS). Basically for this situation it boiled down to this:

Determine for the KMS service

  1. Which server is hosting the KMS service.If an SRV record has been added for KMS DNS auto discovery, run from CMD: nslookup -type=srv _vlmcs._tcp
  2. If the server hosting the KMS is functioning correctly:
  • Check if the server is up and running.
  • Check if the “Software Protection” service (sppsvc) is running.
  • Verify if the KMS service is listening on port 1688: telnet localhost 1688
  • Verify the KMS status. Run from CMD: slmgr.vbs /dli
  • Verify if a KMS key is installed and activated.
  • Verify if the minimum threshold for activation is being met.
  • Verify if other clients are able to activate using KMS. Even though the output of “slmgr.vbs /dli” gives you an indication, you can use the “Volume Activation Management Tool” (VAMT) for more insight and functionality.
  • Verify that a VLK key is being used.

For clients that are not able to activate

  • Verify if the correct KMS server can be resolved correctly:
    nslookup -type=srv _vlmcs._tcp
  • Verify if the KMS can be contacted:
    telnet <KMS FQDN or IP> 1688

    •  If this is not the case, perform a traceroute to determine potential causes. Reasons could include:
      • No default gateway configured on the client to reach the KMS.
      • No route configured on the client to reach the KMS.
      • Firewall on the client is blocking the traffic.
      • Firewall on the server is blocking the traffic.
      • If it is a VM, the virtual network might be misconfigured.
      • Routing on the network is not correct.
      • Firewall on the network is blocking traffic.
  • Clear any previous (mis)configuration: slmgr.vbs /ckms
  • Attempt activation: slmgr.vbs /ckms

NOTE: If you have lots of systems where you need to clear configuration and then attempt activation, you can also perform slmgr.vbs on remote computers using:
slmgr.vbs TargetComputerName [username] [password] /parameter [options]

Additional information

If you haven’t been able to resolve the issue, you might want to take a look here:


Tags: , , , , , , , , , , , , , , , , , , ,

TechNet subscriptions will be retired, last week to get or renew a subscription.

As you might have already read by now in my previous post, TechNet subscriptions are going to disappear. For more info take a look at this blog post and the Subscriptions retirement FAQ.

This is just a reminder that you have until August 31 to buy a last year of technet.

You might also want to backup existing keys and files:

Leave a comment

Posted by on August 25, 2013 in Network, Windows 2012


Tags: , , , , ,

Home LAB Setup guide – 07 Make your lab available over the internet

In the first part of this LAB setup guide, I described the hardware selection process.
In the second part, I described the hypervisor selection and installation.
In the third part, I described VM guest considerations and preparations.
In the fourth part, I described Configuring Server 2012 VM as DC with DNS and DHCP using PowerShell
In the fifth part, I described easily creating (many) proper AD users with PowerShell
In the sixth part, I described creating a local PowerShell v3 Help Repository with PowerShell

In this post I will describe how you can make your lab available over the internet.

When you’ve created your home LAB, you want to be able to use it anywhere. Depending on your situation, one of these options probably best meets your needs.

Examples include the use of:

  1. Remote desktop connection to your server
    + Easy to configure (enable on server and configure NAT forwarding if appropriate)
    – On many enterprise or public networks TCP3389 is blocked by the firewall.
    – Connects only to specific server. Even though you access the rest of the network from there.
  2. VPN connection to your network
    • Using your hardware router
      + Connection to network, not just a server.
      – No dependency on Windows Server
    • Using Windows Server 2008 / 2012
      + SSTP VPN (TCP443), is generally not blocked on enterprise/public networks.
      + Connection to network, not just a server.
      – Dependency on Windows server.
      – Requires more configuration.
      – The root CA certificate for the certification authority (CA) that issued the server authentication certificate needs to be into the store Local Computer\Trusted Root Certification Authorities. For a self-signed certificate, this means that you need to have local admin permissions to add it.Note: DirectAccess is a great feature, but it requires the client to be a member of the domain. And in my case this would limit where I can connect from, therefore I don’t plan to use it. For other situations it might be a better solution though.
  3. Using 3rd party tools like logmein, teamviewer or VNC
    + Connects only to specific computer.

Since I want to be able to connect from within enterprise environments as well, I chose to use SSTP VPN in Windows Server 2012. The basic steps you have to perform, include:

  1. On the server, you have to install and configure the VPN service.
  2. On the server or your own PKI, you would want create and install a machine certificate. You can create a Certificate Signing Request and request a 3rd party public certificate. Alternatively you can create a certificate using your own Certificate Authority, or you could create a self-signed certificate, For creating the self-signed certificate you can use the great PluralSight SelCert tool.
  3. On the client, you have to make sure the created certificate will be trusted. This means you have to add the certificate to local system\trusted root certificate authority if you’re using a self-signed certificate, which requires local administrator permissions on the client.
  4. On the client, you have to set-up the VPN connection to the server. Preferably you want to connect by DNS name. For your home lab you can also utilize dynamic DNS services like by example or alternative solutions.

For some more information, you can also take a look at this:


Tags: , , , , , , , , , , , , , , , , , , ,

PowerShell – Cleaning folders containing temporary files

At the companies I’ve worked for , disk space on the system disk ran out on a regular basis for some systems and caused a lot of monitor calls. These kind of boring repetitive tasks are always the ones you want to automate.

So when I came across the great blog post “Weekend Scripter: Use PowerShell to Clean Out Temp Folders” on the “Hey, Scripting Guy! Blog”, I wanted to post it on my own blog as well. The blog post also describes the process of creating the script very well, which is very convenient for those who are relatively new to PowerShell to scripting and want to learn how to do it better.

If you want to take it even a step further, you could automate it even more. By example by automatically running the clean script when an event is generated that the disk is running out of space. You can configure this using by example:

Or you could use PowerShell remoting to do it on many systems at the same time. This could come in handy by example when after WSUS patching the content in “C:\Windows\SoftwareDistribution\Download” is not deleted automatically.


Tags: , , , , , , , , , , , , ,

%d bloggers like this: