SIDs in Windows VMs

Today sysinternals retired the NewSID tool from their suite of utilities. Mark Russinovich (one of the writers of NewSID – the other being Bryce Cogswell) explains in his blog how the decision to retire the utility came about and it’s probably a surprise to many.

It has been a long held belief by man in IT that all Windows Servers and Desktops must have a unique SID. Certainly I recall having SID duplication issues back in the heady days of Windows NT but it’s not something that I have encountered as an issue since. Like many I just assumed that Windows uses SIDs still and so they must be unique still. But, as Mark explains, the way that Windows operating systems use SIDs is not the way that most people think it is and it is ok to have machines with identical SIDs.

From a VM perspective this is good news as it means that cloning VMs just got a tad bit easier. Although deploying a Windows VM from a template will require customisation and the use of sysprep (there is more than just the SID changed by sysprep) the process will probably only get easier. I hope.

Read Mark’s full blog post here.


Windows VM MAC Address Change

Sometimes moving a server into a Virtual Infrastructure is not straightforward. Consider a server that has software on it that is licensed based on a MAC address for instance. MAC addresses start with a vendor ID and the rest of the address is made up with hexadecimal numbers to make each MAC address unique. VMware’s vendor ID is 00:50:56, all VM NICs will have MAC addresses starting with it.

So, suppose you have a piece of software installed on a Windows server that is licensed to a MAC address of 00:0B:CD:6D:17:D9. How do you P2V that server and still have the software work? Continue Reading


Setting up Sysprep for vCenter 2.5

Several of my recent clients (my current one included) have both avoided, failed or just not used Virtual Machine (VM) templates. Depending on who you ask the answer to the question “Why Not?” seems to vary between:

  • “I didn’t know that you could do that”
  • “We couldn’t make it work”
  • “It was too complicated to setup”
  • “We haven’t had the time yet”
  • “All of our new VMs are different”

After some convincing I have persuaded my current client to let me configure sysprep and a couple of templates for them. I’ve done this a few times before but never really documented it. Admitedly a lot of this is already documented in the Basic Admin Guide for vCenter but this post saves downloading a PDF file.

Continue Reading

Remote Shutdown with PowerShell

Here’s the scenario: You’ve just hit shut down in your remote desktop session. You’re logged off Windows Server 2003 and your RDP session is closed. You wait a while and try to login again. Surely the server must have rebooted by now. But try as you might, you cannot get back in. Port 3389 shows as open and the IP is pingable.

So the options are:

1. Dig out iLO credentials (assuming that it is installed / setup) and force a reboot from a remote console.

2. Walk over to the server and force a reboot (the most recent time this has happenned to me, the server was in another building and it was raining heavily).

3. Use conventional Windows management tools to shut the server down remotely.

4. Use PowerShell.

This last option is the one that we’re going to opt for. We’re going to use the Win32_OperatingSystem WMI class to do this. Specifically we’ll be using the Win32Shutdown method.

The method takes a single flag value to determine exactly what should be done.

0 = Log off
4 = Forced log off
1 = Shutdown
5 = Forced shutdown
2 = Reboot
6 = Forced reboot
8 = Power off
12 = Forced power off

The full code for invoking the method is:

(Get-WmiObject -Class Win32_OperatingSystem -ComputerName MyComputer).InvokeMethod("Win32Shutdown",0)

From now on I’ll use aliases. Here are a couple of examples:

Log off the local computer:

(gwmi Win32_OperatingSystem).Win32Shutdown(0)

Restart a remote computer:

(gwmi win32_operatingsystem -ComputerName MyComputer).Win32Shutdown(6)

Restart a remote computer using alternate credentials:

(gwmi win32_operatingsystem -ComputerName MyComputer -cred (get-credential)).Win32Shutdown(6)