Vol. 17, #32 - August 6, 2012 - Issue #891 Image

Snapshot Snags

  1. Editor's Corner
    • From the Mailbag
    • Snapshot Snags
    • Tip of the Week
    • Recommended for Learning
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Events Calendar
    • TechMentor Conference Redmond, Aug 20-24, 2012
    • Americas
    • Europe
    • Asia/Pacific
  4. Webcast Calendar
    • Register for Webcasts
  5. Tech Briefing
    • Troubleshooting issues with Hyper-V snapshots
    • Microsoft hits Java where it hurts
    • Bringing Windows Azure Services to Windows Server
    • A Summary of the Amazon Web Services June 29 Outage
  6. Windows Server News
    • Cloud computing bookshelf: Great summer reads
    • Offline VDI pros and cons: Who needs virtual desktop connectivity?
    • Private cloud performance monitoring: Crafting a plan of attack
    • Pop quiz: VMware snapshots 101
  7. WServerNews FAVE Links
    • This Week's Links We Like. Fun Stuff.
  8. WServerNews - Product of the Week
    • Three Free Tools to Simplify Active Directory Administration


Three Free Tools to Simplify Active Directory Administration

SolarWinds free trio of Active Directory Admin Tools help you manage and remove computers and users from Active Directory, and allow you to add users in bulk. These tools run on current Windows® versions, and they are even certified with Windows 7 through a strategic relationship with Microsoft®! With these tools you to scan Active Directory and optionally remove users and computers who have not logged in for a certain amount of time or optionally remove computers that are over a certain number of days old. And the User Import Tool allows you to create users in bulk using a CSV file. You can even specify the attributes.

Download Free AD Admin Tools


Editor's Corner

SAVE THIS NEWSLETTER so you can refer back to it later for tips, tools and other resources you might need to do your job or troubleshoot some problem you're dealing with. And please feel free to FORWARD IT TO A COLLEAGUE who you think might find it useful. Thanks!

From the Mailbag

This week's newsletter is about Hyper-V snapshots.  While capturing snapshots usually goes smoothly enough in most circumstances, if you're not careful with these you can sometimes get snagged on the rough edges of this capability.  But before we examine this subject, let's begin by digging into the Mailbag.

Keyboard Conundrums (Issue #886)

Yes we're STILL getting feedback on our issue concerning keyboards.  Here's one reader's thinking concerning the key placement of certain keys on today's keyboards:

As an old-time reprobate dinosaur, I must chime in here...

I started in computers before the IBM PC.  My first operating system was Pickles & trout CPM.  Function keys were on the left, and the control key was where the computer gods intended it to be, just to the left of the A key.

It has always been my theory that moving the function keys to the top, and changing the position of the control key was part of the micro$oft "take over the world" monopoly conspiracy.  It was one of the ways in which m$Word killed off WordPerfect.  WordPerfect was based on many multiple key combinations, ALL OF WHICH COULD BE EXECUTED WITH A SINGLE HAND when the function keys and control key were in their original positions.  Once function keys moved to the top, it took two hands to use the same shortcuts.

My current keyboard of choice, although it is no longer manufactured is the Avant stellar keyboard which does have the function keys and the control key (after swapping key caps) in the correct positions.  It also allows key remapping. These keyboards are descended from the excellent line of Northgate keyboards.  The only place I know of that you can get these now, or have your current ones repaired is at:

I shared the above reader's feedback because of some frustration I was experiencing with a new keyboard this morning.  The stupid keyboard has the Delete key in a different place than I'm used to, and the result is that each time I try to delete text, I end up pressing the Power key which shuts down my computer.  Needless to say, that particular keyboard quickly got tossed into the recycle bin when the bunch of new keyboards I ordered from NewEgg arrived.

PowerShell Tips (Issue #899)

James Brundage was one of those smart people at Microsoft who contributed to the Windows 7 Resource Kit which I was lead author for.  James is a PowerShell expert and now runs a company called Start-Automating that provides PowerShell services, solutions and training.  Check out the Admin Tools section of this newsletter for some PowerShell tools he and his team have developed. And if you don't have it yet, here's a link to the Resource Kit:

Building Images (Issue #890)

In the Tech Briefing of this newsletter, we included links to some deployment blogs that we recommend our readers check out.  A reader named Silvio from Switzerland had one more blog to suggest:

Hello I'm a faithful reader from at least 15 years ago (with NT server) and I just wanted to give you an URL that helped me a lot for all the stuff involved in deploying W7 :

then search deploying, and a lot of answers will come out .

Augusto's blog looks really good, thanks for suggesting it!

The issue also included a link to Altaro Hyper-V Backup Freeware Edition, which we recommended as an easy to use Hyper-V aware backup solution.  Richard from the UK had another product to recommend along these lines:

Firstly, thank you for your time and effort for the newsletter - it's very much appreciated.

In today's newsletter you mention Altaro Hyper-V Backup.  Have you ever seen Hyperoo:

It's not as sophisticated as Altaro (although I haven't had time to test the new v2 yet) but it's brilliant at backing up the virtual drives (as opposed to the virtual machines).

One of our servers is populated by non-critical virtual machines and Hyperoo is a great solution for us.  In fact, I'm looking into testing it on our more important machines.

For small business like us the £50.00 license fee per server makes it a no-brainer!

If anyone has similar products to recommend, feel free to email us at [email protected]

A reader needs help

Speaking of recommending products, Alain from South Africa asked for some help/advice which unfortunately I'm unable to provide, so I'm sharing Alain's email with our readers in case someone out there in the IT Pro community can suggest a product/solution that might help meet the needs of the scenario he described:

I really like what you've done with WServerNews… it is much more interesting now….

I have a question that you might be able to assist with:

I have found Networx which does what is required, but requires that a user is logged on - not something that is needed when you are running a server.

Hope that you have some solution for me - I have tried all kinds of things, but no luck!

Does anyone have any suggestions for Alain's scenario?  Email me at [email protected]

Now on to this issue's main topic.

Snapshot Snags

You can take snapshots with Hyper-V.  You can also take snapshots with cameras.  You would think that Hyper-V snapshots are the more geeky ones, but even snapshots taking with a camera can be geeky IF YOU USE ENOUGH GLUE:

Are snapshots supported in a production environment?

Before you use a technology or capability from Microsoft or some other vendor in your production environment, you need to make sure that technology/capability is supported (and recommended) for the particular usage case you have in mind.  So, broadly speaking then, is using Hyper-V snapshots supported/recommended on a production network?  Let's see what official guidance we can find concerning this question from the Hyper-V Virtual Machine Snapshots FAQ in the TechNet Wiki:

Snapshots provide a fast and easy way to revert the virtual machine to a previous state. For this reason, virtual machine snapshots are intended mainly for use in development and test environments. Having an easy way to revert a virtual machine can be very useful if you need to recreate a specific state or condition so that you can troubleshoot a problem.

There are certain circumstances in which it may make sense to use snapshots in a production environment. For example, you can use snapshots to provide a way to revert a potentially risky operation in a production environment, such as applying an update to the software running in the virtual machine...

We do not recommend using snapshots on virtual machines that provide time-sensitive services, or when performance or the availability of storage space is critical... Microsoft does not support the use of snapshots on virtual machines hosting the Active Directory Domain Services role (also known as "domain controllers") or virtual machines hosting the Active Directory Lightweight Directory Services role.

So the official word concerning the use of snapshots in a production environment seems to be the following:

But be careful concerning that last point.  More on that in a moment.

Are there any other downsides to using snapshots in production?

I can think of several:

Can you use snapshots for backups?

Let's look again for an official word from Microsoft concerning this.  From the previously cited Hyper-V Virtual Machine Snapshots FAQ:

Should snapshots be used as a substitute for backups? No, because virtual machine snapshots are not the same as backups created by a Volume Shadow Copy Service (VSS) writer. We do not recommend using virtual machine snapshots as a permanent data or system recovery solution. Even though virtual machine snapshots provide a convenient way to store different points of system state, data, and configuration, there are some inherent risks of unintended data loss if they are not managed appropriately. A backup solution helps provide protection that is not provided by snapshots.

One reason that snapshots are not an acceptable substitute for a backup is that they do not protect against problems that may occur on the server running Hyper-V, such as a hardware malfunction on the physical computer or a software-related issue in the management operating system. Another reason is that applications that run in a virtual machine are not aware of the snapshot, and will not be able to adjust appropriately. For example, if you used a virtual machine snapshot to restore an Exchange server, the server would expect the same set of client connections that were present when the snapshot was taken.

If you have any Hyper-V hosts deployed, it's worth taking a few minutes to read through the entire FAQ.

Safely resuming after applying a snapshot

Applying a snapshot to a virtual machine in a production environment isn't usually a problem.  It's when you restart the virtual machine after applying the snapshot that problems can occur.  One reason for this is because the underlying security protocols in Active Directory Domain Services assume that time is always moving forwards, and when you resume a VM to which a snapshot has been applied the VM appears to AD DS to have suddenly moved backwards in time.  Another reason is that timestamps, transaction logs, and similar data often contain randomly generated numbers, and resuming a VM to which a snapshot has been applied can sometimes cause the same random number to be generated twice for the same transaction log file.  This like this can cause certain services to crash.

Is there a solution or workaround?  Apart from never applying snapshots captured from production VMs (in which case why bother capturing them, right?) the best recommendation I've heard is this:  if you need to resume a production VM to which a snapshot has been applied, disconnect the VM from all external networks before restarting it to make sure that no other machines on your production network can see the VM until you've restarted it and ensured everything is working properly. 

Taking snapshots before applying critical software updates

I mentioned that you could consider taking snapshots just before you perform a critical software update so you can revert to the snapshot if the update causes problems.  For example, let's say you need to apply a software update to a guest running in a production virtual machine.  You do the following:

  1. You disconnect the VM from your production network.
  2. You take a snapshot of the running VM.
  3. You apply the software update to the guest. 
  4. The guest restarts to finish applying the update.
  5. You now perform some tests and determine that the update has caused some unexpected issues, so you revert the snapshot to restore the configuration and state of the guest to those saved in the snapshot.  You're now back to where you started and everything should be OK unless the guest's computer account happened to expire in AD DS while you were performing your tests, in which case you may need to rejoin the VM to the domain.

What if you find no issues with the update?  In that case, the scenario may play out like this:

  1. You disconnect the VM from your production network.
  2. You take a snapshot of the running VM.
  3. You apply the software update to the guest. 
  4. The guest restarts to finish applying the update.
  5. You perform tests and determine that the update will caused no problems, so you delete the no-longer needed snapshot.
  6. To complete the deletion process, you shut down the virtual machine and wait for the snapshot (AHVD) file to merge with the virtual hard disk (VHD) file of the virtual machine. This can take some time if the snapshot is large.
  7. Once the merge is finished, the AHVD file is automatically deleted, you start the virtual machine.

The problem here is that the merge process can take some time depending on how much the VM has changed since you created the snapshot, whether the VM was running when you created the snapshot, how much available disk space you have for the merge process, and how many snapshots you have in your snapshot tree.  For a good discussion of these issues, see this post on the Virtual PC Guy Blog:

The bottom line is, before you delete a snapshot make sure you back up the virtual machine, have lots of free disk space on the host for the merge process to use, and plan for scheduled downtime for the merge to complete. 

Snapshot troubleshooting

For some discussions on troubleshooting various issues related to Hyper-V snapshots, see the links in the Tech Briefing section of this newsletter.

Share your wisdom

Got any tips or gotchas concerning Hyper-V snapshots to share with other readers of WServerNews?  Let us know at [email protected]

Get Hyper-V help

To get answers to your Hyper-V snapshot questions, try posting them to the Hyper-V forum on TechNet:

Tip of the Week

A helpful reader named Holger Kröber from Germany pointed out to me recently that I had made an error in a Windows Deployment Services tip I had published in the Admin KnowledgeBase on WindowsNetworking.com.  Here is the corrected tip:

Disable F8 during LTI install

MDT 2010 allows you to press F8 during the install process in order to open a WinPE command prompt if this is needed. You might want to disable this functionality however in a production deployment environment to prevent end-users from accidentally interrupting installation.

To disable F8 keypress functionality for MDT, use Notepad to open the the winpeshl.ini file found in the C:\Program Files\Microsoft Deployment Toolkit\Templates directory of your MDT 2010 installation and replace /Bootstrap with /BootstrapNoSF8 in these text files.

In a follow-up conversation with Holger on this issue, he shared some additional thoughts on how to quickly enable/disable the F8 key to make it easier to troubleshooting issues with Windows Deployment Services.  He then gave me permission to share his thoughts with other WServerNews readers:

What a shame, that there is no easier solution for this. Sometimes i just want to quickly activate/deactivate the F8 key, e.g. for troubleshooting purposes.

It seems, that every time I want to change it, I have to edit the INI file, then update the deployment-share and then import the generated boot.wim to WDS - by far to many steps I think!

But I'm sure that there is a way to automate that task:

  1. Mount the boot.wim and directly edit the file %mountdir%\Windows\system32\winpeshl.ini
  2. The script should support the activation and deactivation of the F8-key.

Another solution is to completely deactivate the boot.wim and only activate it during deployment phases, thus reducing the number of users that hit the f12-key during the PXE phase and then executing the command prompt (whether F8 or Shift+F10) and compromising the system. E.g. as batch file:

wdsutil /set-image /Image:"Microsoft Windows Setup (x86)" 
/ImageType:Boot /Architecture:x86 /Enabled:Yes
wdsutil /get-image /Image:"Microsoft Windows Setup (x86)"
/ImageType:Boot /Architecture:x86 | find "Status:"

And vice versa:

wdsutil /set-image /Image:"Microsoft Windows Setup (x86)" 
/ImageType:Boot /Architecture:x86 /Enabled:No wdsutil /get-image /Image:"Microsoft Windows Setup (x86)"
/ImageType:Boot /Architecture:x86 | find "Status:"

And if I have finished my script for editing the winpeshl.ini directly in the boot.wim I will let you know!

Cheers, Holger

Got any tips of your own to share with our readers?  Email me at [email protected]

Recommended for Learning

This week we have three new books on security from McGraw-Hill Professional:

Security Automation Essentials: Streamlined Enterprise Security Management & Monitoring with SCAP from McGraw-Hill Professional helps you understand and implement Security Content Automation Protocol (SCAP) technologies and standards for your organization:

The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information At Risk from McGraw-Hill Professional shows you how to implement and manage effective response plans for handling the inevitable information security incidents that your organization will experience:

Wireless Network Security: A Beginner's Guide from McGraw-Hill Professional explains how wireless networks can be compromised and what you can do to protect them:

Quote of the Week

"Preventative maintenance will be enforced.  Particular attention should be given to tire pressure, lubrication, battery, voltage, water in radiators..."

--from War As I Knew It, by General George. S. Patton

It may seem strange that you'd find mundane advice like this in a book about warfare, but Patton realized the importance of paying close attention to every detail before, during and after an engagement.  The same is true for those who administer computer systems and networks, where preventive maintenance includes regularly testing backups by performing restores, documenting changes to network and system configurations, and not procrastinating when an alert or warning is raised in an event log or monitoring system.

Until next week,

Cheers, Mitch Tulloch


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Download SolarWinds free NTFS Permissions Analyzer for Active Directory and get complete visibility into the effective permissions and access rights for a specific file folder or share drive.

Prepare your organization for the surprises in Exchange 2010 with Metalogix.

PowerShell Pipeworks is a Framework for making Sites and Services with Windows PowerShell:

ScriptCop is a tool to help make sure your PowerShell scripts follow the rules:


Events Calendar

TechMentor Conference Redmond, Aug. 20-24, 2012

TechMentor, the top conference for IT professionals, is coming to the Microsoft campus! Register with code TMRTU for a $300 discount:




Add your event

Contact Michael Vella at [email protected] to get your conference or other event listed in our Events Calendar.


Webcast Calendar

Register for Webcasts

 Add your Webcast

Contact Michael Vella at [email protected] to get your webcast listed in our Webcasts Calendar.


Tech Briefing

Troubleshooting issues with Hyper-V snapshots

Check out the following discussion threads from the TechNet forums concerning troubleshooting various kinds of issues relating to use of snapshots in Hyper-V environments:

Hyper-V snapshot compact, merge, edit?

Hyper-V snapshot sizing

Hyper-V snapshots deleting

Unable to delete snapshots in Hyper-V

Mystery AVHD file and no snapshots lists in Hyper-V

Disk space problems on Hyper-V after deleting snapshot

Hyper-V Snapshot Consolidation

Microsoft hits Java where it hurts

From InfoWorld comes a report of a Microsoft security researcher who warns of a deteriorating situation with the Java Runtime Environmnet:

Bringing Windows Azure Services to Windows Server

From the Server & Cloud Blog comes this info about how Microsoft is bringing Windows Azure capabilities to Windows Server 2012:

A Summary of the Amazon Web Services June 29 Outage

Seth Eliot on his MSDN blog Your Software Has Bugs shares an analysis of the recent outage of Amazon Web Services triggered by a large scale electrical storm:


Windows Server News

Cloud computing bookshelf: Great summer reads

With record-high temps scorching most of the U.S., it's the perfect time to turn off the computer, grab a book and hit the beach. Access one expert's top cloud computing book recommendations in this essential tip.

Offline VDI pros and cons: Who needs virtual desktop connectivity?

Going with an offline VDI strategy can help with a BYOD initiative and facilitate mobile and remote workers, but disconnected VDI comes with a few challenges. Gain insight into the pros and cons of this approach in this expert tip.

Private cloud performance monitoring: Crafting a plan of attack

Private cloud performance monitoring is critical, and the best plans take a multi-prong approach that build off of virtualization best practices. Learn more in this featured article.

Pop quiz: VMware snapshots 101

VMware snapshots play an important part in backing up many virtual infrastructures, but how well do you understand how they work? Take this quiz to find out.


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff


A fantastic pit stop of Sebastian Vettel where his team did their job in just 4 seconds:

The Danish Air Force landed a Hercules C-130  transport aircraft on a beach, turned around and took off. Here is a view from the cockpit and from the ground:

The world's highest hydraulic boat lift can haul 1,900 tons in 90 seconds and uses no electricity - just water and gravity!

Tree relocation made easy, using an ingenious truck-mounted tree spade:

It is the worst nightmare of any parent, but luckily for this mama bear, she was given a helping hand after losing her youngsters.

If you enjoyed the original 'Evian Babies', you may have fun watching them perform to "The Rollerskate Song" by folk singer Melanie:


WServerNews - Product of the Week

Three Free Tools to Simplify Active Directory Administration

SolarWinds free trio of Active Directory Admin Tools help you manage and remove computers and users from Active Directory, and allow you to add users in bulk. These tools run on current Windows® versions, and they are even certified with Windows 7 through a strategic relationship with Microsoft®! With these tools you to scan Active Directory and optionally remove users and computers who have not logged in for a certain amount of time or optionally remove computers that are over a certain number of days old. And the User Import Tool allows you to create users in bulk using a CSV file. You can even specify the attributes.

Download Free AD Admin Tools


WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.