Do NOT add a newer boot file into an older Windows Deployment Service

In my company, there is a Windows Deployment Service (WDS for short) hosted by Windows Server 2012 R2. Since I got the new release of Windows Server yesterday, named Windows Server 2012 R2 with Update, I added the boot.wim from the new CD into this server and began my nightmare.

Result: All boot images from installation CD work great. But all capture images are failed to start, no matter the capture image is pre-existed, new created or copied from other servers. They’re failed in 2 ways:

  • Error in \Windows\System32\boot\winload.exe with status code 0xc000000f after the loading bar completed; or,
  • Black screen after displaying the Windows logo.

To fix this, I’ve tried to remove the new added boot image but this trying is ineffective. Finally, I googled and find there is a person who added a Windows 8 Preview boot file into an old WDS server, which lead to the similar result. The way to fix is:

  1. Stop the WDS;
  2. Restore the Boot folder from a previous version; and,
  3. Restart the WDS.

If you don’t have backup, you may need to reinstall WDS.

I guess when you add a new boot image into a WDS, it will update the existed boot folder to the latest version, which may not be compatible with other boot files. Maybe it will be fixed after patching the server OS, but it’s better never to do such a thing again.

Update: There is another way to fix the broken capture image file directly. But you have to do that for every capture file.

Enable Remote Management for Hyper-V Server

After a clean installation process, firewall of Hyper-V Server is set to deny any remote connection by default.

If you need to management other than using console, you may want to enable inbound rules for Remote Management and Remote Desktop by running these commands in the console.

To enable the Remote Management:

cscript C:\windows\system32\scregedit.wsf /im 1

To enable the Remote Desktop:

cscript C:\windows\system32\scregedit.wsf /ar 0

And, you need to enable the remote desktop from the sconfig (the blue console window) also.

Remove unwanted IP addresses belong to Domain Controllers from DNS

If you have multiple IP addresses on domain controller and do not want to publish them all to local DNS, the original way may not help because no matter how you setup, all the interfaces can still access the DNS (localhost).

In this case, you can do this by editing the registry directly.

Open regedit.exe from Domain Controller, navigate to HKLM\System\CurrentControlSet\Services\DNS\Parameters, add a string value, named as PublishAddresses, and set the value to the IP address which you want to be published to DNS.

Don’t forget to reboot and delete the existed unwanted records from DNS manually.

Set Windows Update to use http proxy

By default, Windows Update will access to microsoft update server or your WSUS server directly, no matter you set a http proxy in IE option window or not. If your computer cannot access the internet directly, that may cause a problem.

To resolve that, you need to:

  1. Set a http proxy in IE option window;
  2. Open cmd window by administrator permission;
  3. Enter this command and press enter:
    netsh winhttp import proxy source=ie

To disable the proxy setting of Windows Update, do the similars above, just changing the step 1 to disable that http proxy.

Remove A records of Domain Controller from DNS

Because it’s possible to access the DNS through all IP addresses of domain controller, you will see lots of A records pointed to each IP address of domain controller. That may cause some problem for client while determining the IP address of domain controller.

To resolve this, you have 2 choices:

1 Remove DNS service on some IP address. This will avoid the specified IP address is listed as an A record because it’s not possible to access the DNS through this IP any more.

But if you have to enable DNS on that IP, a public IP address for example, you may want to choose the 2nd way.

2 Create a REG_SZ key named PublishAddresses in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters, and set value to all IP addresses that you want to listed in DNS. If you need to declare multiple IP addresses, please separate them by space. Reboot when done.

Only all specified IP addresses will be displayed as A records in this way.

This function does NOT affect the failover cluster. All IP addresses belongs to cluster will still remain existed.



Shutdown firewall of Hyper-V Server

After deployment of Hyper-V Server, I trapped in trouble of  linking Hyper-V Server to SCVMM.

Finally, I find a way to shutdown firewall of Hyper-V Server, which helps me resolved the problem.

  1. Log on to Hyper-V Server;
  2. Type this into cmd window:
    netsh advfirewall set allprofiles state off

Enable Jumbo Frame on Hyper-V Server

I have some hyper-v servers with broadcom NICs. Due to lack of UI (device manager and property window of NIC), it’s not easy to enable Jumbo Frame (MTU9000) setting.

After a google dig and some experiment, I find a way to achieve that.

  1. Install BACS (Broadcom Advanced Control Suite). You may want to use this tool for creating team also. Remember the 4-digit number within brackets before the NIC you want to change MTU.
  2. Open regedit, expand HKEY_LOCAL_MACHINE\CurrentControlSet\Control\Class\4D36E972-E325-11CE-BFC1-08002BE10318}\(4-digit-number-of-NIC) on the left panel, you will get a value named “*JumboMTU” on the right. Change it to 9014 or any other value you need.
  3. Type this command “netsh int ipv4 sh int” to list all network. Remember the Name of the connection you want to change MTU.
  4. Type this command to change it to 9000 or any other value. The value should be the value you’ve set in step 2, minus 14:
    netsh interface ipv4 set subinterface “Connection Name” mtu=9000 store=persistent
  5. Reboot to apply.

How to migrate WSUS Database from WID to SqlServer on Windows Server 2012

I was trapped in migrating WSUS database from Windows Internal Database to a dedicated SqlServer instance. Due to lots of changes taken in in WSUS and WID of Windows Server 2012, the old way as Windows Server 2008R2 does not work anymore. Finally, I found a solution to do that.
All your needs:
1 A working instance of WSUS, which has a database in WID.
2 SqlServer installation package.
3 Backup before migration.

Migration steps:
1 Install a SqlServer instance. For my case, SqlServer 2012 Express x64 is chosen.
2 Install a SqlServer Management Studio.
3 Log on to this server by LOCAL ADMINISTRATOR. If your server joined a domain, you have to do this by local administrator. No matter your domain account is in local administrators group or not, you cannot do that with a domain account.
4 Open SqlServer Management Studio and connect to server \.\pipe\MICROSOFT##WID\tsql\query using Windows Authentication. You will find a database named SUSDB listed.
5 Stop service WSUS Service and IIS Admin Service.
6 Detach SUSDB. Drop active connections if needed.
7 Log off and log on to this server with your account if you like. You may need an account from local administrators group.
8 Copy database files out from C:\Windows\WID\Data. You need 2 files related to SUSDB.
9 Remove Role Windows Server Update Services and Feature Windows Internal Database. Server will have to reboot after this step.
10 Install removed role and feature again. Choose database instead of WID database. When asked to specify a path for storing updates, use the same file location as before.
11 Finish post deployment but do not open MMC.
12 Open SqlServer Management Studio and connect to the SqlServer instance installed by step 1. You need to run this instance by administrator privilege, or you will get a read-only database in next steps.
13 Stop service WSUS Service and IIS Admin Service.
14 Delete SUSDB database from SqlServer Management Studio.
15 Attach SUSDB from the location where you copied to in step 8.
16 Start service WSUS Service and IIS Admin Service.
17 End.

PS: SqlServer database is not like one in WID, it cannot be backed up by Windows Server Backup. Please choose a separated folder or volume for your database files and setup an agent job to backup them.


本工具可以将所有中国的IP v4地址段抽取出来,并按照用户给定的格式保存。

运行需要:dotnet Framework 4.0

运行时的格式:CNRouteExtractor filename