Windows

Windows Server 2016 Core: Apply Windows Updates, with SCONFIG

In my previous post ‘Windows Server 2016 Core Configuration, with SCONFIG‘ I stepped through how to use the sconfig tool to modify settings on Windows Server 2016 Core.  In this post, I will introduce you to how to go about running Windows Updates and applying them to your server.

Here are the steps I used:

  1. Log into the console of your Windows Server 2016 Core System
    You need to log in as an administrator and should arrive at a command prompt
  2. Enter the command Sconfig and press enter
    The Server Configuration tool interface should be displayed
  3. Select 6 from the Server Configuration List
    This opens the Windows update software, allowing you to search for updatable software
  4. Select from the list of results the software update that you would like to download and install.
    You can choose a single update or update them all
  5. Depending on the update you may be required to reboot your system, select yes to restart

That’s it – Congrats you have updated your Windows Server 2016 Core Server

Windows Server 2016 Core Configuration, with SCONFIG

Windows Server 2016 Core has a built-in configuration tool named Sconfig.  This tool is used to configure and manage several aspects of Server Core installations. This simplifies tasks such as changing settings such as network, remote desktop, hostname and domain memberships, etc.

To use the Server Configuration Tool

  1. Log into the console of your Windows Server 2016 Core System
    You need to log in as an administrator and should arrive at a command prompt
  2. Enter the command Sconfig and press enter
    The Server Configuration tool interface should be displayed

 

Note: You can use Server Configuration Tool in 2016 Server Core and 2016 Server with Desktop Experience installations.

Install VMware Tools Windows Server 2016 Core

I just completed my install of Windows Server 2016 Core as a guest in my VMware Lab. Now that this has been completed the next step is for me to install the VMware tools so that I can take advantage of various features; specifically, template deployment with customization options

About:VMware:Tools: VMware software tools enhance the performance of the guest operating system and improve the management of the virtual machine guests operating systems.

How to install:

  1. Select your VM from vCenter and select ‘Guest OS > Install VMware Tools
    This mounts the VMware CD Image containing the installation files
  2. Inside the guest machine type ‘powershell’
    This will drop you from the command shell to powershell prompt
  3. Next type the command Get-PSDrive
    This will return the drives attached to the system
  4. Change to the drive that the VMware tools are currently mounted
    In my case, this was drive letter “D”
  5. Issue the command .\setup64.exe to start the install process

    Note: issuing just setup.exe or setup64.exe will end in an error as Windows poweshell does not load commands such as this by default 
  6. Follow the steps of the VMware tools installer and restart when completed.

 

Ref: http://jermsmit.com/howto-install-vmware-tools-on-windows-server-2102-r2-server-core/

Hyper-V Virtualization: Turning Hyper-V On and Off

I recently started using Hyper-V on my Windows 10 workstation to task advantage of using technologies such as Docker that leverages Hyper-V to run its container images.  I also run VMware Player for running virtual machines.

The following commands make it a simpler task to toggle Hyper-V on and off again.

To Turn Hyper-V off, run the following command then restart your computer:

bcdedit /set hypervisorlaunchtype off

To turn Hyper-V back on, run the following command then restart your computer:

bcdedit /set hypervisorlaunchtype on (or auto start)

 

Note:  Quick method to check the status of Hyper-V – Get-WindowsOptionalFeature -Online -FeatureName *hyper*

Microsoft: Meltdown and Spectre Check via PowerShell

Like many folks around the world, I was wondering if this Meltdown and Spectre flaw would impact my computers and virtual machines.  Microsoft has started to release emergency fixes for Windows 10 and its been said that Windows 8 and legacy 7 will also receive patches.

Microsoft has released a PowerShell script that lets users check whether they have protection in place.

Steps to take:

  1. Open PowerShell (I like to use PowerShell ISE)
  2. Run PowerShell as as Administrator.
  3. Type Install-Module SpeculationControl and press Enter.
  4. When the installation completes, type Import-Module SpeculationControl and press Enter.
  5. Type Get-SpeculationControlSettings and press Enter.

In the list of results that’s displayed, you’re looking to see that a series of protections are enabled — this will be listed as True.  Ref: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Should reassemble 

Speculation control settings for CVE-2017-5715 [branch target injection]

  • Hardware support for branch target injection mitigation is present: True
  • Windows OS support for branch target injection mitigation is present: True
  • Windows OS support for branch target injection mitigation is enabled: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

  • Hardware requires kernel VA shadowing: True
  • Windows OS support for kernel VA shadow is present: True
  • Windows OS support for kernel VA shadow is enabled: True
  • Windows OS support for PCID optimization is enabled: True