ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Managing Hyper-V

    Scheduled Pinned Locked Moved IT Discussion
    328 Posts 24 Posters 88.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • wirestyle22W
      wirestyle22 @Mike Davis
      last edited by

      @Mike-Davis said in Managing Hyper-V:

      In part of my strategy to prevent CryptoLocker or a bad actor from taking out my backups if a computer/server gets infected, I'm not domain joining my hosts now. I realized that even with a share on the network that used a service account, if a hacker elevates privileges and gets domain admin, they can reset the password on the backup service account and then wipe out my backups. If the backup target is not domain joined, they can't do that. Same idea with the host.

      I'm curious as to what others are thinking. We love disk to disk backups, but it's really hard to air gap them with out physical interaction.

      How are you managing your non-domain connected hyper-v hosts?

      Mike DavisM 1 Reply Last reply Reply Quote 0
      • DustinB3403D
        DustinB3403
        last edited by

        I'm in the camp of not joining your hypervisors to the domain.

        If you get locked (because of domain controls) out of your hypervisors then you're SOL, along with the domain functions.

        scottalanmillerS JaredBuschJ dbeatoD 3 Replies Last reply Reply Quote 2
        • Mike DavisM
          Mike Davis @wirestyle22
          last edited by

          @wirestyle22 said in Managing Hyper-V:

          How are you managing your non-domain connected hyper-v hosts?

          5nine manager. I first had to use it to manager a Hyper-v 2016 box on a network where I didn't have any Windows 10 machines. It seems to work well.

          wirestyle22W 1 Reply Last reply Reply Quote 3
          • DashrenderD
            Dashrender @Mike Davis
            last edited by

            @Mike-Davis said in Managing Hyper-V:

            In part of my strategy to prevent CryptoLocker or a bad actor from taking out my backups if a computer/server gets infected, I'm not domain joining my hosts now. I realized that even with a share on the network that used a service account, if a hacker elevates privileges and gets domain admin, they can reset the password on the backup service account and then wipe out my backups. If the backup target is not domain joined, they can't do that. Same idea with the host.

            I'm curious as to what others are thinking. We love disk to disk backups, but it's really hard to air gap them with out physical interaction.

            OK I can see this. As long as you don't really cripple remote/any admin of the system, I suppose this is doable.

            But in the case of Hyper-V manager, your control workstation just becomes the major target in your scenerio. They infect that, then they keylog your passwords for managing the Hyper-V hosts, and it's still over. If they can get as far as your AD that they are changing passwords there, then it's pretty likely they will get on your workstation as well, and do the same.

            Question - is your admin workstation part of the domain? If yes, then it definitely suffers all the issues you're trying to solve by not having the Hyper-V hosts as part of the domain.

            1 Reply Last reply Reply Quote 0
            • wirestyle22W
              wirestyle22 @Mike Davis
              last edited by

              @Mike-Davis said in Managing Hyper-V:

              @wirestyle22 said in Managing Hyper-V:

              How are you managing your non-domain connected hyper-v hosts?

              5nine manager. I first had to use it to manager a Hyper-v 2016 box on a network where I didn't have any Windows 10 machines. It seems to work well.

              5nine Hyper-V Manager isn't really an option for me as the only thing that is available now is the 30 day trial of the datacenter edition. The free edition no longer exists as of a week ago.

              1 Reply Last reply Reply Quote 1
              • scottalanmillerS
                scottalanmiller @DustinB3403
                last edited by

                @DustinB3403 said in Managing Hyper-V:

                I'm in the camp of not joining your hypervisors to the domain.

                If you get locked (because of domain controls) out of your hypervisors then you're SOL, along with the domain functions.

                We all had 5Nine for free till a few days ago.

                dbeatoD triple9T 2 Replies Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller
                  last edited by

                  Not something that I've looked into yet. But if you use PowerShell to manage Hyper-V, is there anyway to get console access without another tool? Like can PS be used to activate an RDP session to a VM console redirect?

                  Mike DavisM 1 Reply Last reply Reply Quote 1
                  • scottalanmillerS
                    scottalanmiller
                    last edited by

                    https://powertoe.wordpress.com/2012/03/13/powerbits-8-opening-a-hyper-v-console-from-powershell/

                    JaredBuschJ 1 Reply Last reply Reply Quote 1
                    • Mike DavisM
                      Mike Davis @scottalanmiller
                      last edited by

                      @scottalanmiller said in Managing Hyper-V:

                      Not something that I've looked into yet. But if you use PowerShell to manage Hyper-V, is there anyway to get console access without another tool? Like can PS be used to activate an RDP session to a VM console redirect?

                      I've been able to install screen connect on it and manage it that way.

                      scottalanmillerS 1 Reply Last reply Reply Quote 1
                      • wirestyle22W
                        wirestyle22
                        last edited by

                        The issue with that is my lack of powershell knowledge

                        scottalanmillerS Mike DavisM 2 Replies Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller @wirestyle22
                          last edited by

                          @wirestyle22 said in Managing Hyper-V:

                          The issue with that is my lack of powershell knowledge

                          base knowledge needed to work on Windows. Just how it is.

                          wirestyle22W matteo nunziatiM 2 Replies Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller @Mike Davis
                            last edited by

                            @Mike-Davis said in Managing Hyper-V:

                            @scottalanmiller said in Managing Hyper-V:

                            Not something that I've looked into yet. But if you use PowerShell to manage Hyper-V, is there anyway to get console access without another tool? Like can PS be used to activate an RDP session to a VM console redirect?

                            I've been able to install screen connect on it and manage it that way.

                            How do you get SC onto a fresh install of Windows? You need to make the base image somewhere with a console.

                            Mike DavisM 1 Reply Last reply Reply Quote 0
                            • wirestyle22W
                              wirestyle22 @scottalanmiller
                              last edited by

                              @scottalanmiller said in Managing Hyper-V:

                              @wirestyle22 said in Managing Hyper-V:

                              The issue with that is my lack of powershell knowledge

                              base knowledge needed to work on Windows. Just how it is.

                              Directly conflicts with me wanting to turn myself into a proper linux systems administrator

                              scottalanmillerS 1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller @wirestyle22
                                last edited by

                                @wirestyle22 said in Managing Hyper-V:

                                @scottalanmiller said in Managing Hyper-V:

                                @wirestyle22 said in Managing Hyper-V:

                                The issue with that is my lack of powershell knowledge

                                base knowledge needed to work on Windows. Just how it is.

                                Directly conflicts with me wanting to turn myself into a proper linux systems administrator

                                Not really. Good practices on Windows are good practices on Linux. They are not as different as people think.

                                wirestyle22W 1 Reply Last reply Reply Quote 1
                                • wirestyle22W
                                  wirestyle22 @scottalanmiller
                                  last edited by

                                  @scottalanmiller said in Managing Hyper-V:

                                  @wirestyle22 said in Managing Hyper-V:

                                  @scottalanmiller said in Managing Hyper-V:

                                  @wirestyle22 said in Managing Hyper-V:

                                  The issue with that is my lack of powershell knowledge

                                  base knowledge needed to work on Windows. Just how it is.

                                  Directly conflicts with me wanting to turn myself into a proper linux systems administrator

                                  Not really. Good practices on Windows are good practices on Linux. They are not as different as people think.

                                  I just mean i have extremely limited time and I have been using it to read about Red Hat and the Linux Command Line. The prospect of also studying for Powershell is off-putting 😞

                                  DashrenderD 1 Reply Last reply Reply Quote 0
                                  • ObsolesceO
                                    Obsolesce
                                    last edited by

                                    I prefer them on a domain if possible. As soon as the Hyper-V group policies hit, remote management is automatic and guaranteed. (with the exception of Nano Server, I run a script)

                                    1 Reply Last reply Reply Quote 0
                                    • Mike DavisM
                                      Mike Davis @scottalanmiller
                                      last edited by

                                      @scottalanmiller said in Managing Hyper-V:

                                      @Mike-Davis said in Managing Hyper-V:

                                      @scottalanmiller said in Managing Hyper-V:

                                      Not something that I've looked into yet. But if you use PowerShell to manage Hyper-V, is there anyway to get console access without another tool? Like can PS be used to activate an RDP session to a VM console redirect?

                                      I've been able to install screen connect on it and manage it that way.

                                      How do you get SC onto a fresh install of Windows? You need to make the base image somewhere with a console.

                                      download the .msi installer and use the command line msiexec /i to install it the same way you install the open manage tools. In Screen Connect it's like you're sitting at the console:
                                      0_1498230085374_sc.png

                                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                                      • Mike DavisM
                                        Mike Davis @wirestyle22
                                        last edited by

                                        @wirestyle22 said in Managing Hyper-V:

                                        The issue with that is my lack of powershell knowledge

                                        How often are you creating new VMs and all that? Just google it and you're good to go. The day to day stuff is pretty much menu driven:
                                        0_1498230418313_host2.png

                                        wirestyle22W 1 Reply Last reply Reply Quote 0
                                        • wirestyle22W
                                          wirestyle22 @Mike Davis
                                          last edited by wirestyle22

                                          @Mike-Davis said in Managing Hyper-V:

                                          @wirestyle22 said in Managing Hyper-V:

                                          The issue with that is my lack of powershell knowledge

                                          How often are you creating new VMs and all that? Just google it and you're good to go. The day to day stuff is pretty much menu driven:
                                          0_1498230418313_host2.png

                                          The installation of Hyper-V is easy. I have not been able to figure out how to manager a non-domain connected host from a domain connected workstation via hyper-v manager. If powershell management is the only option then I have a problem

                                          1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @Mike Davis
                                            last edited by

                                            @Mike-Davis said in Managing Hyper-V:

                                            @scottalanmiller said in Managing Hyper-V:

                                            @Mike-Davis said in Managing Hyper-V:

                                            @scottalanmiller said in Managing Hyper-V:

                                            Not something that I've looked into yet. But if you use PowerShell to manage Hyper-V, is there anyway to get console access without another tool? Like can PS be used to activate an RDP session to a VM console redirect?

                                            I've been able to install screen connect on it and manage it that way.

                                            How do you get SC onto a fresh install of Windows? You need to make the base image somewhere with a console.

                                            download the .msi installer and use the command line msiexec /i to install it the same way you install the open manage tools. In Screen Connect it's like you're sitting at the console:
                                            0_1498230085374_sc.png

                                            What's your method for installing and configuring the base OS to get to that point?

                                            Mike DavisM 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 11
                                            • 12
                                            • 13
                                            • 14
                                            • 15
                                            • 16
                                            • 17
                                            • 13 / 17
                                            • First post
                                              Last post