Building A Hyper-V Lab
Building A Hyper-V Lab
Building A Hyper-V Lab
Introduction
This guide give step-by-step instructions to create a Hyper-V Virtual Lab with its own unique network that is isolated from the production network the physical machine is connected to. This guide is also a good tutorial for Microsoft Hyper-V including creating virtual machines and virtual networks. These concepts are relatively straight-forward in Hyper-V, but the actual act of creating a Hyper-V Virtual Lab provides real world experience working with Hyper-V. This lab assumes you have a server with a default installation for Windows Server 2012. This Hyper-V Virtual Lab can be used a baseline for testing many small business scenarios, learning new technology, or simply demonstrating solutions to clients or co-workers. Its possible to add application servers to test out collaboration software such as Microsoft SharePoint, Messaging software like Exchange, etc. Another great use of this Hyper-V Virtual Lab is testing client deployment scenarios. For example, you could test new group policy configurations for a Windows 8 client update.
1. 2. 3. 4. 5. 6.
Start Server Manager by clicking on the Server Manager icon in the task bar. In the Server Manger, click Manage in the top bar and select Add Roles and Features. In the wizard, select Role based or feature based installation on the second page. On the Select Destination Server page, make sure the current server is selected. Select the Hyper-V role and accept its companion features. Finish the wizard.
Now we have Hyper-V role installed and the server needs to reboot.
2.
Create a new Private Network: Its important to name your Hyper-V virtual network something meaningful so its easy to identify it in various configurations. I recommend being very descriptive by including the term private and identify the IP address range this network is using.
3. Rename the new LAN adapter on the host machine to something meaningful so that its easy to distinguish in later steps. 1. Start->Right Click Network->Properties 2. Click Change Adapter Settings 3. Right Click new adapter and select rename and name it the same name as the adapter we created.
3.3 Create Hyper-V RRAS Server Install Base Windows Server 2008 R2
In this step its time to install the base Windows Server 2012 configuration. 1. Start the virtual machine created above.
2. Run through the default Full Installation 3. Choose custom installation and select the new disk we created above.
6. In Server Manager, Click Tools > Routing and Remote Access. This will bring RRAS console 7. Select the server W2k12-ROUTER (local). Notice that Server has red down arrow which means that RRAS is not enabled and configured. 8. Right click on W2k12-ROUTER (Local) and select Configure and Enable Routing and Remote Access to launch the Routing and Remote Access Server Setup Wizard. Click on Next to start the wizard. 9. Select Network address translation (NAT) and click Next. The Windows Server 2012 Routing and Remote Access Server Network address translation (NAT) feature allows the clients on our internal private to share the same internet connection. 10. Select Use this public interface to connect to the Internet: and then choose the External(WAN) from the Network Interfaces list. Click Next. 11. Select Enable basic name and address services and click Next. This option causes Routing and Remote Access to assign addresses automatically and forward name resolution requests to a DNS server on the Internet. 12. Select Next to accept the Address Assignment Range and Finish to actually configure the Routing and Remote Access Server. Were now finished creating the Routing and Remote Access Server to provide NAT access to our internal clients within our Hyper-V Virtual lab. Since this VM only runs NAT services, its most efficient to edit the VM to only allocate 1GB of RAM and 2 processors to this service.
Now its time to create the first server in our Hyper-V Virtual Lab, which will be our Windows Server 2012 domain controller.
4.3 Build Hyper-V Domain Controller Install Base Windows Server 2008 R2
In this step its time to install the base Windows Server 2008 R2 configuration. 1. Start the virtual machine created above. 2. Run through the default Full Installation 3. Choose custom installation and select the new disk we created above.
6. 7. 8. 9. 10. 11.
Select the Internet Protocol Version 4 (TPC/IPv4) item (dont uncheck it) and click properties. Click Use the following IP address: Click on the IP Address: field and enter 192.168.100.10. Hit Tab and windows will fill in the subnet mask of 255.255.255.0. Set the Default gateway to 192.168.100.1 Set the Preferred DNS Server to 192.168.100.10. This server will be the DNS for our Hyper-V Virtual Lab, so the DNS should point to itself.
Note that this server still wont have network access until weve added and configured the DNS Server role below.
4.6 Hyper-V Domain Controller Add Active Directory Domain Services Role
Now that we have the basic server setup, its time to add the DC and DNS roles so that this server can be the hub of our Hyper-V Virtual Lab environment. 1. Start->Administrative Tools -> Server Manager to launch the Windows Server 2012 Server Manager utility. 2. Click on Roles under Server Manager (VMLABDC). 3. Click Add roles to launch the Add Roles Wizard. This step provides some standard warnings to make sure that this system is secure. Youve already set a strong password when installing the OS, we configured the static IP above, and well run Windows Update once we have network connectivity. 4. Click Next. 5. Check the Active Directory Domain Services box. This will bring up a warning saying that the .Net Framework 3.5.1 Features need to be installed. 6. Select Add Required Features 7. Select Next > to start configuring Active Directory Domain Services. Windows Server 2012 Add Roles Wizard will display an overview of adding the domain services. 8. Select Next > to advance past this step. 9. Select Install to begin the Active Directory Domain Services installation. The wizard will then display a progress bar as it installs both the Domain Services and the .NET Framework 3.5.1 features. 10. Select Close to clear the Installation Results screen.
11. Select Go to Active Directory Domain Services from the Server Manager Active Directory Domain Services pane. 12. Select Run the Active Directory Domain Services Installation Wizard (dc promo.exe). This will launch the DCPROMO wizard that will allow this server to operate as a domain controller. 13. This will launch the Active Directory Domain Services Installation Wizard that will make this server a domain controller. Dont check Use advanced mode installation. 14. Click Next and the wizard will display an Operating System Compatibility warning. 15. Click Next to advance to the Deployment Configuration step. 16. Select Create a new domain in a new forest and Next. We will create a new forest specifically for our lab environment. 17. Enter VMLAB.Local and select Next. VMLAB.Local is the name of our Hyper-V Test lab domain. Microsoft recommends using local as the top level domain, however, if youre using Macintoshes to connect to the test network, then its best to use a different top level domain (like lan) so that Mac clients dont require additional configuration. 18. Select Windows Server 2012 for the Forest functional level. This means this test lab can only contain domain controllers that are Windows Server 2012, but since we want to test the features new to 2012, this makes sense. If your test lab will include other versions of Windows Server, then pick the appropriate level. 19. Click Next. To add a DNS server. Its recommended that the first domain controller include a DNS Server service, so we want to install that with this server. 20. The Active Directory Domain Services Installation Wizard will now display an error stating: A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS server. If you are integrating with an existing DNS infrastructure, you should manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from outside the domain VMLAB.local. Otherwise, no action is required. Our Hyper-V Virtual Lab uses its own address space and then uses the RRAS NAT to connect to the internet, we dont need to worry about this error and can continue. Choose Yes to continue. 21. Choose Next to accept the default locations for the active directory database, log files, and SYSVOL. For our lab, well accept the defaults. For a production domain controller, you would want to create a separate volume that would contain these directories. 22. Enter a strong password for the Directory Services Restore Mode Administrator account. This account is different than the the Administrator account and is used when when the domain controller is started in Directory Services Restore Mode. After entering the password twice, click Next. 23. Click Next to continue the Active Directory Domain Services Installation Wizard past the summary screen. 24. The wizard will now display a status screen as it configures all of the services of the services associated with the Active Directory Domain Services Installation.
25. Click Finish to close out this wizard. 26. Select Restart Now to reboot the server. When the server VM restarts it will have network connectivity to the internet via the VMNAT VM that is running RRAS. You can now run Windows Update if you would like.
field. The Alternate WINS server IP address field would be left blank. The DHCP server will then supply this IP address to clients it assigns IP address to. 7. The next step is to Add or Edit DHCP Scopes. A DHCP scope is a pool of IP addresses, such as 192.168.100.100 to 192.168.100.250, that the DHCP server can lease to clients. This range must be continuous. Click Add.. to add the DHCP scope for this Hyper-V Lab networking environment. 8. Enter the following into the Add Scope dialog: 1. Scope Name: VMLAB Private Network 2. Starting IP address: 192.168.100.100 3. Ending IP address: 192.168.100.250 4. Subnet type: Wired (lease duration will be 8 days) this is the default. 5. Activate this scope: checked this is the default. 6. Subnet mask: 255.255.255.0 this is the default. 7. Default gateway (optional): 192.168.100.1 These options tell the DHCP server to assign addresses in this range. Addresses below 100 are excluded so we can use these for static IP addresses or other uses (possibly wireless IP addresses). Click OK to continue. 9. Verify the summary looks correct and click Next > to advance to the next step. 10. Click Next > to accept the default settings for DHCPv6 Stateless Mode. Were not configuring this lab environment for IPv6 clients, so the default works here. 11. Click Next > to accept the default IPv6 DNS Server Settings. 12. The next step is to Authorize the DHCP Server. Active Directory Domain Services (AD DS) maintains a list of authorized DHCP servers to service clients. Specifically authorizing the server prevents rogue servers from being introduced into the environment. The default setting Use current credentials is correct since were logged in as an Administrator. Click Next > to advance to the Confirmation step. 13. Click Install to Confirm the Installation Selections for the DHCP Server Role. 14. The DCHP Server role has now been added to this this Windows Server 2012 domain controller server in our Hyper-V lab environment. Click Close. 15. Restart the server.
2. Scroll down and click Scan This Role in the Best Practices Analyzer section. Windows Server 2008 R2 will take some time scanning the role and display the results. 3. The results above show one error and a number of warnings. Double click on the error. This error states that this domain controller isnt configured to have an authoritative time source. A time source is critical for a domain environment to insure accurate database synchronization. Our lab environment only has a single domain controller, so this isnt critical, however, lets set one up so it will work properly if we do. 4. This Domain Controller will be the authoritative time source for its domain, so it needs to be configured to get its time from an external reliable source. In addition, the virtual machine needs to be configured to not synchronize its time with the physical host. Well configure this server to use the pool of NTP servers maintained by ntp.org. This pool balances the load across many authoritative time sources and will use servers physically close to this server. 5. Open a command prompt by using Start -> Accessories -> Command Prompt. 6. Type (or cut and paste) the following (all on one line):
w32tm /config /syncfromflags:manual /manualpeerlist:0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org
7. Rerun the Active Directory Domain Services Best Practices Analyzer and this error will no longer be there. The remaining warnings indicate that this domain should have multiple domain controllers, hasnt been backed up recently, and is running as a virtual machine. All of these are OK for our Hyper-V Virtual Lab environment. 8. Now we should disable time synchronization for this VM. On the Host machine run the Hyper-V Manager (Start -> Administrative Tools -> Hyper-V Manager). 9. Right Click on the VMLABDC virtual machine in the Virtual Machines list and select Settings. 10. Select Integration Services under the Management section, and unselect the Time synchronization option and then select OK.
4. 5. 6. 7. 8. 9.
Click Start -> Right Click Network -> Properties to open the Network and Sharing Center. Click Internal(LAN) in the Active networks section. Click Properties. Select Internet Protocol Version 4 (TCP/IPv4) (dont uncheck it) and click Properties. Enter 127.0.0.1 in the Alternate DNS server field. Click OK to save the entry.