Kusi's Knowledge Base¶
Hyper-V VM to Azure¶
Convert VM with Hyper-V Manager¶
Open Hyper-V Manager
Navigate to Actions / Edit Disk...
Convert
VHD
Fixed size
Prepare VM¶
Start the VM and install all Windows Updates and reboot
After reboot start PowerShell:
In Cmd:
netsh.exe winhttp reset proxy
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\TimeZoneInformation -Name RealTimeIsUniversal -Value 1 -Type DWord -Force
Set-Service -Name w32time -StartupType Automatic
powercfg.exe /setactive SCHEME_MIN
powercfg /setacvalueindex SCHEME_CURRENT SUB_VIDEO VIDEOIDLE 0
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment' -Name TEMP -Value "%SystemRoot%\TEMP" -Type ExpandString -Force
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment' -Name TMP -Value "%SystemRoot%\TEMP" -Type ExpandString -Force
Get-Service -Name BFE, Dhcp, Dnscache, IKEEXT, iphlpsvc, nsi, mpssvc, RemoteRegistry | Where-Object StartType -ne Automatic | Set-Service -StartupType Automatic
Get-Service -Name Netlogon, Netman, TermService | Where-Object StartType -ne Manual | Set-Service -StartupType Manual
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' -Name fDenyTSConnections -Value 0 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' -Name fDenyTSConnections -Value 0 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name PortNumber -Value 3389 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name LanAdapter -Value 0 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name UserAuthentication -Value 1 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' -Name KeepAliveEnable -Value 1 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' -Name KeepAliveInterval -Value 1 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name KeepAliveTimeout -Value 1 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' -Name fDisableAutoReconnect -Value 0 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name fInheritReconnectSame -Value 1 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name fReconnectSame -Value 0 -Type DWord -Force
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp' -Name MaxInstanceCount -Value 4294967295 -Type DWord -Force
if ((Get-Item -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp').Property -contains 'SSLCertificateSHA1Hash')
{
Remove-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name SSLCertificateSHA1Hash -Force
}
Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled True
Enable-PSRemoting -Force
Set-NetFirewallRule -Name WINRM-HTTP-In-TCP, WINRM-HTTP-In-TCP-PUBLIC -Enabled True
Set-NetFirewallRule -Group '@FirewallAPI.dll,-28752' -Enabled True
Set-NetFirewallRule -Name FPS-ICMP4-ERQ-In -Enabled True
New-NetFirewallRule -DisplayName AzurePlatform -Direction Inbound -RemoteAddress 168.63.129.16 -Profile Any -Action Allow -EdgeTraversalPolicy Allow
New-NetFirewallRule -DisplayName AzurePlatform -Direction Outbound -RemoteAddress 168.63.129.16 -Profile Any -Action Allow
chkdsk.exe /f
Reboot VM
In Cmd:
bcdedit.exe /set "{bootmgr}" integrityservices enable
bcdedit.exe /set "{default}" device partition=C:
bcdedit.exe /set "{default}" integrityservices enable
bcdedit.exe /set "{default}" recoveryenabled Off
bcdedit.exe /set "{default}" osdevice partition=C:
bcdedit.exe /set "{default}" bootstatuspolicy IgnoreAllFailures
bcdedit.exe /set "{bootmgr}" displaybootmenu yes
bcdedit.exe /set "{bootmgr}" timeout 5
bcdedit.exe /set "{bootmgr}" bootems yes
bcdedit.exe /ems "{current}" ON
bcdedit.exe /emssettings EMSPORT:1 EMSBAUDRATE:115200
In PowerShell:
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -Name CrashDumpEnabled -Type DWord -Force -Value 2
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -Name DumpFile -Type ExpandString -Force -Value "%SystemRoot%\MEMORY.DMP"
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\CrashControl' -Name NMICrashDump -Type DWord -Force -Value 1
$key = 'HKLM:\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps'
if ((Test-Path -Path $key) -eq $false) {(New-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows\Windows Error Reporting' -Name LocalDumps)}
New-ItemProperty -Path $key -Name DumpFolder -Type ExpandString -Force -Value 'C:\CrashDumps'
New-ItemProperty -Path $key -Name CrashCount -Type DWord -Force -Value 10
New-ItemProperty -Path $key -Name DumpType -Type DWord -Force -Value 2
Set-Service -Name WerSvc -StartupType Manual
winmgmt.exe /verifyrepository
Make sure no other applications than TermService are using port 3389
netstat.exe -anob | findstr :3389
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 4056
TCP [::]:3389 [::]:0 LISTENING 4056
UDP 0.0.0.0:3389 *:* 4056
UDP [::]:3389 *:* 4056
tasklist /svc | findstr 4056
svchost.exe 4056 TermService
In CMD:
File / Add or Remove Snap-ins Add Group Policy Object Editor for Local Computer Navigate to Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
Check they're not blocked:
Check the:
that the following groups should be listet:
- Administrators
- (Backup Operators)
- Everyone
- Users
Upload VM Disk¶
The Subscription must have Microsoft.Network and Microsoft.Compute registered under Resource providers
Open in Browser Azure Portal
- Create a Ressource "Storage Account"
Download Link and choose the OS
Install "Microsoft Azure Storage Explorer" and start it.
Select the file, enter a name and change account type to "Standard SSD" and click "Create" to upload the VM. This create a Disk in Azure after upload.
Create VM from a VM Disk¶
Open in Browser Azure Portal
- Navigate to the Disk and Create a Virtual Computer on the Disk
- Select the Subscription, Enter the Name of the VM.
- Snapshot type must be Full
- Change storage type default is Zone-redundant
Optional: Select the virtual machine and enter a DNS name:
First Run in Azure¶
In PowerShell:
Open File Explorer and check the drive letter for the Temporary Storage
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management' -Name PagingFiles -Value '<Drive Letter>:\pagefile.sys' -Type MultiString -Force
Reboot the VM
Check if Temporary Storage now not empty.
Shutdown the VM
In Azure Portal Navigate to the VM Navigate to Oveview and Shutdown the VM Navigate to Auto-shutdown set Enabled to on and define a Time and click on Save.
Create a Snapshot from a VM¶
In Azure:
- Navigate to the Disk and create a Snapshot
- Select the Subscription, Enter the Name of the VM.
- Snapshot type must be Full
- Change storage type default is Zone-redundant
Create a VM from a Snapshot¶
- Navigate to the Snapshot and click on Create Disk
- Select the Subscription, Enter the Name of the Snapshot.
- Choose the Availibity Zone
- Change storage type to Standard SSD
- Naviagte to the Disk and Create VM
- Select the Subscription, Enter the Name of the VM.
- Select th Availabity option, for DEV VMs can you also be choose No infrastructure redundancy requeried.
- Choose the Size for use we use the D4s_v3 with 4 vCPUs and 16GB.
- Choose the License Type as example Windows Server
- If you have already have a license you can select booth checkboxes.
Start/Stop VM¶
Create resource "Start/Stop VMs during off hours - V2"
Edit Logic App
Show Code View
Then "Save" it and wit "Run trigger" it can run it on time.
Enable Logic App
Example Logic App ..._Scheduled_start
{
"definition": {
"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
"actions": {
"Function-Catch": {
"actions": {
"Terminate": {
"inputs": {
"runError": {
"code": "@{outputs['Scheduled']('statusCode')}",
"message": "@{body('Scheduled')}"
},
"runStatus": "Failed"
},
"runAfter": {},
"type": "Terminate"
}
},
"runAfter": {
"Function-Try": [
"Failed",
"Skipped",
"TimedOut"
]
},
"type": "Scope"
},
"Function-Success": {
"actions": {},
"runAfter": {
"Function-Try": [
"Succeeded"
]
},
"type": "Scope"
},
"Function-Try": {
"actions": {
"Scheduled": {
"inputs": {
"body": {
"Action": "start",
"EnableClassic": false,
"RequestScopes": {
"ExcludedVMLists": [],
"VMLists": [
"/subscriptions/[Subscription-ID]/resourceGroups/[Resource group name]/providers/Microsoft.Compute/virtualMachines/[VM Name]"
]
}
},
"function": {
"id": "/subscriptions/[Subscription-ID]/resourceGroups/[Resource group name]/providers/Microsoft.Web/sites/[FunctionName]/functions/Scheduled"
}
},
"runAfter": {},
"type": "Function"
}
},
"runAfter": {},
"type": "Scope"
}
},
"contentVersion": "1.0.0.0",
"parameters": {},
"triggers": {
"Recurrence": {
"evaluatedRecurrence": {
"frequency": "Week",
"interval": 1,
"schedule": {
"hours": [
"8"
],
"minutes": [
0
],
"weekDays": [
"Saturday"
]
},
"timeZone": "W. Europe Standard Time"
},
"recurrence": {
"frequency": "Week",
"interval": 1,
"schedule": {
"hours": [
"8"
],
"minutes": [
0
],
"weekDays": [
"Saturday"
]
},
"timeZone": "W. Europe Standard Time"
},
"type": "Recurrence"
}
}
},
"parameters": {}
}Example Logic App ..._Scheduled_stop
{
"definition": {
"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
"actions": {
"Function-Catch": {
"actions": {
"Terminate": {
"inputs": {
"runError": {
"code": "@{outputs['Scheduled']('statusCode')}",
"message": "@{body('Scheduled')}"
},
"runStatus": "Failed"
},
"runAfter": {},
"type": "Terminate"
}
},
"runAfter": {
"Function-Try": [
"Failed",
"Skipped",
"TimedOut"
]
},
"type": "Scope"
},
"Function-Success": {
"actions": {},
"runAfter": {
"Function-Try": [
"Succeeded"
]
},
"type": "Scope"
},
"Function-Try": {
"actions": {
"Scheduled": {
"inputs": {
"body": {
"Action": "stop",
"EnableClassic": false,
"RequestScopes": {
"ExcludedVMLists": [],
"VMLists": [
"/subscriptions/[Subscription-ID]/resourceGroups/[Resource group name]/providers/Microsoft.Compute/virtualMachines/[VM Name]"
]
}
},
"function": {
"id": "/subscriptions/[Subscription-ID]/resourceGroups/[Resource group name]/providers/Microsoft.Web/sites/[FunctionName]/functions/Scheduled"
}
},
"runAfter": {},
"type": "Function"
}
},
"runAfter": {},
"type": "Scope"
}
},
"contentVersion": "1.0.0.0",
"parameters": {},
"triggers": {
"Recurrence": {
"evaluatedRecurrence": {
"frequency": "Week",
"interval": 1,
"schedule": {
"hours": [
"12"
],
"minutes": [
0
],
"weekDays": [
"Sunday"
]
},
"timeZone": "W. Europe Standard Time"
},
"recurrence": {
"frequency": "Week",
"interval": 1,
"schedule": {
"hours": [
"12"
],
"minutes": [
0
],
"weekDays": [
"Sunday"
]
},
"timeZone": "W. Europe Standard Time"
},
"type": "Recurrence"
}
}
},
"parameters": {}
}