Configure Microsoft Hyper-V Server

Configure Microsoft Hyper-V Server

The previous blog post and everyone said that Hyper-V Server TP4 is not with the GUI interface hypervisor, that is, we say the bare metal installation, similar to VMware's ESXi and Citrix XenServer, need to use Hyper-V, SCVMM or Hyper-V PowerShell configuration and management, this blog post is mainly for the back of the real management of Microsoft Hypervisio to do the groundwork, to explain some of the management before you need to know the simple configuration. If a friend is unfamiliar with the installation of Microsoft Hypervisio or is unclear, you can refer to the previous blog:

http://wuyvzhang.blog.51cto.com/9992636/1718385

First, the basic configuration:

After the installation of Microsoft Hyper-V Server TP4 is complete, a basic Configuration interface pops up:

650) this.width=650; "height=" 377 "title=" clip_image002 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image002 " Src= "http://s3.51cto.com/wyfs02/M02/76/F2/wKiom1ZfllaAy1G_AACgR5PiSI4163.jpg" border= "0"/>

If you accidentally close the configuration screen, enter sconfig at the black command prompt to open it:

650) this.width=650; "height=" title= "clip_image004" style= "Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image004 " Src= "http://s3.51cto.com/wyfs02/M00/76/F2/wKiom1Zfllig2RqbAACWbA6NXSg831.jpg" border= "0"/>

If even the CMD is accidentally turned off, you can press Ctrl+alt+delete key combination, select "Start Explorer", "File", new "Run New task"-"CMD" and then start Sconfig:

650) this.width=650; "height=" 484 "title=" clip_image006 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image006 " Src= "http://s3.51cto.com/wyfs02/M00/76/F2/wKiom1Zfllzype-DAADwE4ziziU588.jpg" border= "0"/>

Sconfig is a simple configuration that can be used to join a workgroup or domain, computer name, network, allow remote administration, and so on for this server. The Hyper-V server can also be shut down or restarted via Sconfig. However, you must be a member of the Administrators group to use Sconfig. Traditional cmd can also be manipulated using the command line, but it's a bit more complicated.

1. Modify the computer name

Enter in the Sconfig.cmd area: 2 Then hit enter, enter the new computer name, select Restart:

650) this.width=650; "height=" 478 "title=" clip_image008 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image008 " Src= "http://s3.51cto.com/wyfs02/M01/76/F2/wKiom1Zfll-BMlDuAAEkKMwCflc055.jpg" border= "0"/>

After you restart the computer, you can see that the computer name has changed to: HV-03

650) this.width=650; "height=" 484 "title=" clip_image010 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image010 " Src= "http://s3.51cto.com/wyfs02/M02/76/F2/wKiom1ZflmGC_5tGAADvGbdCrms976.jpg" border= "0"/>

2. Configure the Hyper-V Server network:

Following the prompts, type: "8" under the Sconfig interface, then select the network adapter index number to enter, and the network properties of the network adapter will be listed:

650) this.width=650; "height=" 484 "title=" clip_image012 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image012 " Src= "http://s3.51cto.com/wyfs02/M01/76/F2/wKiom1ZflmSCYlpZAADdlEPpHK8037.jpg" border= "0"/>

Depending on the sconfig, enter the appropriate configuration as follows:

To modify an IP address:

650) this.width=650; "height=" "title=" clip_image014 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image014 " Src= "http://s3.51cto.com/wyfs02/M01/76/F1/wKioL1Zfls3xSBNVAAB95DnuaNo216.jpg" border= "0"/>

Configure DNS:

650) this.width=650; "height=" 197 "title=" clip_image016 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image016 " Src= "http://s3.51cto.com/wyfs02/M02/76/F1/wKioL1Zfls_THptoAABa1TrGLkA025.jpg" border= "0"/>

The final configuration is as follows:

650) this.width=650; "height=" 207 "title=" clip_image018 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image018 " Src= "http://s3.51cto.com/wyfs02/M00/76/F2/wKiom1Zflmiyl6SlAABufGEAMQA699.jpg" border= "0"/>

3. Join HV-03 to Domain:

According to the command prompt input: "1", enter after the system will give the prompt to join the domain input d/join the workgroup input W, because we are here to join the domain so enter "D", enter the domain name and have the right to join the domain user name and password. Because we have changed the computer name before, select "No" here:

650) this.width=650; "height=" 484 "title=" clip_image020 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image020 " Src= "http://s3.51cto.com/wyfs02/M01/76/F2/wKiom1ZflmuwJ43NAAEOsQlaL80361.jpg" border= "0"/>

Login using domain account after reboot:

650) this.width=650; "height=" 265 "title=" clip_image022 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image022 " Src= "http://s3.51cto.com/wyfs02/M00/76/F1/wKioL1ZfltWQ6LlbAABbfu-Qv34451.jpg" border= "0"/>

After landing, you can see that you have successfully joined the DAO domain:

650) this.width=650; "height=" 366 "title=" clip_image024 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image024 " Src= "http://s3.51cto.com/wyfs02/M02/76/F1/wKioL1ZfltfR-k-YAADZF7joz50528.jpg" border= "0"/>

II. Hyper-V Security

1. Firewall rules for Hyper-V

When the HYEPR-V server installation is complete, the appropriate inbound and outbound rules are automatically opened in the firewall to manage and maintain the Hyper-V server and the hosted virtual machine

Click Server Manager, click Tools, select Open Windows Firewall with Advanced Security to view the open inbound and outbound rules.

Outbound Rules

Hyper-V WMI (tcp-out)	Hyper-V Allow outbound rules for remote WMI traffic
Hyper-V Management client-WMI (tcp-out)	The Hyper-V management client allows outbound rules for remote WMI traffic

650) this.width=650; "height=" 174 "title=" clip_image025 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image025 " Src= "http://s3.51cto.com/wyfs02/M00/76/F2/wKiom1ZflnCAvvsIAACTBwUYtW8592.jpg" border= "0"/>

Inbound Rules

Hyper-V WMI (async-in)	Hyper-V allows inbound rules for asynchronous WMI traffic
Hyper-V WMI (dcom-in)	Hyper-V allows the inbound rule "TCP135" for WMI management through DCOM
Hyper-V WMI (tcp-in)	Hyper-V allows large inbound rules for remote WMI
Hyper-V (mig-tcp-in)	Hyper-V allows the scheduled failover of virtual machines to the inbound rule "" TCP6600] "
Hyper-V (remote_desktop_tcp_in)	Hyper-V allows inbound rules for remote connections to virtual machines "TCP2179"
Hyper-V (RPC)	Hyper-V allows for remote management of inbound rules via RPC/TCP
Hyper-V (rpc-epmap)	RPCSS Service allows RPC/TCP traffic to Hyper-V for inbound rules
Hyper-V Replica HTTP listener (TCP man Inbound)	Hyper-V Replica listeners accept HTTP connections for replication inbound rule "TCP"
Hyper-V Replica HTTPS listener (TCP Man station)	Hyper-V Replica listener accepts an HTTPS connection for replication inbound rule "TCP"
Hyper-V Management client-WMI (async-in)	The Hyper-V management client allows the inbound rule "TCP" of asynchronous WMI traffic
Hyper-V Management client-WMI (dcom-in)	The Hyper-V management client allows the inbound rule "TCP135" for WMI management through DCOM
Hyper-V Management client-WMI (tcp-in)	The Hyper-V Management client allows inbound rules for remote WMI traffic "TCP"

650) this.width=650; "height=" 278 "title=" clip_image026 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image026 " Src= "http://s3.51cto.com/wyfs02/M00/76/F1/wKioL1ZfltnCPQS5AADf5moLeSE800.jpg" border= "0"/>

2. Hyper-V Administrators

Microsoft introduced the new group, "Hyper-V Administrators", starting with Windows Server 2012 and implemented it as a local security group. Allow users to be added to this group instead of the local Administrators group, providing them with access to Hyper-V. Members of Hyper-V Administrators have complete unrestricted access to all features of Hyper-V. This group can reduce the number of users belonging to the local Administrators group, while providing users with access to Hyper-V.

Open "Run", type "lusrmgr.msc" to open Local Users and groups, click Group

650) this.width=650; "height=" 346 "title=" clip_image027 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image027 " Src= "http://s3.51cto.com/wyfs02/M02/76/F2/wKiom1ZflnLSU4N5AADpdT1BJ78049.jpg" border= "0"/>

Right-click the "Hyper-V Administrators" group, select Properties, add local user "Sam", account "Sam" is not a member of local Administrators group

650) this.width=650; "height=" 409 "title=" clip_image028 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image028 " Src= "http://s3.51cto.com/wyfs02/M01/76/F2/wKiom1ZflnTAndj4AACo9jyLv0U403.jpg" border= "0"/>

650) this.width=650; "height=" 424 "title=" clip_image029 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image029 " Src= "http://s3.51cto.com/wyfs02/M01/76/F1/wKioL1Zflt2T8MTbAACkgknvP_Q649.jpg" border= "0"/>

Use another local account "Tom" but not a member of the Hyper-V Administrators group, verify that you have permission to manage Hyper-V, click and open Hyper-V Manager and prompt "No permissions required to complete this task"

650) this.width=650; "height=" title= "clip_image030" style= "Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image030 " Src= "http://s3.51cto.com/wyfs02/M00/76/F2/wKiom1ZflnbBZdRzAACYXfL7iKw018.jpg" border= "0"/>

Use to join the Hyper-V Administrators group local account "Sam" login to verify that you have administrative rights

650) this.width=650; "height=" 484 "title=" clip_image031 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image031 " Src= "http://s3.51cto.com/wyfs02/M02/76/F1/wKioL1Zflt-iz7QJAADff4bAwIE077.jpg" border= "0"/>

OK, here we go today!

This article is from the "Wu Yuzhang Microsoft blog" blog, make sure to keep this source http://wuyvzhang.blog.51cto.com/9992636/1719082

Configure Microsoft Hyper-V Server