Determine Windows Activation Status with PowerShell

Determine Windows Activation Status with PowerShell

function Get-ActivationStatus {
[CmdletBinding()]
    param(
        [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
        [string]$DNSHostName = $Env:COMPUTERNAME
    )
    process {
        try {
            $wpa = Get-WmiObject SoftwareLicensingProduct -ComputerName $DNSHostName `
            -Filter "ApplicationID = '55c92734-d682-4d71-983e-d6ec3f16059f'" `
            -Property LicenseStatus -ErrorAction Stop
        } catch {
            $status = New-Object ComponentModel.Win32Exception ($_.Exception.ErrorCode)
            $wpa = $null    
        }
        $out = New-Object psobject -Property @{
            ComputerName = $DNSHostName;
            Status = [string]::Empty;
        }
        if ($wpa) {
            :outer foreach($item in $wpa) {
                switch ($item.LicenseStatus) {
                    0 {$out.Status = "Unlicensed"}
                    1 {$out.Status = "Licensed"; break outer}
                    2 {$out.Status = "Out-Of-Box Grace Period"; break outer}
                    3 {$out.Status = "Out-Of-Tolerance Grace Period"; break outer}
                    4 {$out.Status = "Non-Genuine Grace Period"; break outer}
                    5 {$out.Status = "Notification"; break outer}
                    6 {$out.Status = "Extended Grace"; break outer}
                    default {$out.Status = "Unknown value"}
                }
            }
        } else {$out.Status = $status.Message}
        $out
    }
}

This function is designed to be compatible with Get-ADComputer  cmdlet. You can pipe cmdlet output to a function. For example, if you want to get activation status for all computers in the domain, you can use the following command sequence:

 Get-ADComputer -Filter * | Get-ActivationStatus

and here is example output:

PS C:\> Get-ADComputer -Filter * | Get-ActivationStatus ComputerName Status ———— —— Server Licensed TestPC1 Licensed TestPC2 The RPC server is unavailable TestPC3 Licensed TestPC4 Unlicensed PS C:\>

The RPC server is unavailable status means that WMI call was unsuccessfull (for example, remote computer is offline or unreachable due to network connectivity or firewall issues).

Enterprise customers may use Volume Activation Management Tool 2.0  .

Shielded Virtual Machines

Shielded Virtual Machines

You are already planning your deployment of WS2016 if security is important to you. Some features have made their way over from Windows 10 Enterprise; Credential Guard hides LSASS in a special Hyper-V partition called VSM, protecting stored administrator rights from malware behind a hardware-supported security boundary. Device Guard protects critical parts of the kernel against rogue software, ensuring that what is running is what is meant to be running.

Those that are running Hyper-V in a sensitive environment can deploy some very interesting functionality. A Host Guardian Service (HGS) can be deployed into an isolated environment; this enables a Hyper-V feature called shielded virtual machines. A host is checked for health (for example, root kit malware) when it boots up, and virtual machines are only allowed to start on or live migrate to healthy and authorized hosts — this prevents virtual machines being run on unauthorized or compromised environments. Shielding can also prevent KVPs (host-guest integrations) and console access to a virtual machine. Owners of virtual machines might be sensitive to unwanted or unauthorized peeking by administrators; virtual TPM allows the tenant to encrypt their virtual machine’s disks using BitLocker so that no one without guest admin rights can peek at the OS, programs, or data in the virtual hard disk files.

The HGS authorizing hosts to run Hyper-V Shielded Virtual Machines [Image Credit: Microsoft]

The HGS authorizing hosts to run Hyper-V Shielded Virtual Machines [Image Credit: Microsoft]

Nano Server (Windows Server 2016)

Install Nano Server

Windows Server 2016 offers a new installation option: Nano Server. Nano Server is a remotely administered server operating system optimized for private clouds and datacenters. It is similar to Windows Server in Server Core mode, but significantly smaller, has no local logon capability, and only supports 64-bit applications, tools, and agents. It takes up far less disk space, sets up significantly faster, and requires far fewer updates and restarts than Windows Server. When it does restart, it restarts much faster. The Nano Server installation option is available for Standard and Datacenter editions of Windows Server 2016.

Nano Server is ideal for a number of scenarios:

  • As a “compute” host for Hyper-V virtual machines, either in clusters or not
  • As a storage host for Scale-Out File Server.
  • As a DNS server
  • As a web server running Internet Information Services (IIS)
  • As a host for applications that are developed using cloud application patterns and run in a container or virtual machine guest operating system

Important differences in Nano Server

Because Nano Server is optimized as a lightweight operating system for running “cloud-native” applications based on containers and micro-services or as an agile and cost-effective datacenter host with a dramatically smaller footprint, there are important differences in Nano Server versus Server Core or Server with Desktop Experience installations:

  • Nano Server is “headless;” there is no local logon capability or graphical user interface.
  • Only 64-bit applications, tools, and agents are supported.
  • Nano Server cannot serve as an Active Directory domain controller.
  • Group Policy is not supported. However, you can use Desired State Configuration to apply settings at scale.
  • Nano Server cannot be configured to use a proxy server to access the internet.
  • NIC Teaming (specifically, load balancing and failover, or LBFO) is not supported. Switch-embedded teaming (SET) is supported instead.
  • System Center Configuration Manager and System Center Data Protection Manager are not supported.
  • Best Practices Analyzer (BPA) cmdlets and BPA integration with Server Manager are not supported.
  • Nano Server does not support virtual host bus adapters (HBAs).
  • Nano Server does not need to be activated with a product key. When functioning as a Hyper-V host, Nano Server does not support Automatic Virtual Machine Activation (AVMA). Virtual machines running on a Nano Server host can be activated using Key Management Service (KMS) with a generic volume license key or using Active Directory-based activation.
  • The version of Windows PowerShell provided with Nano Server has important differences. For details, see PowerShell on Nano Server.
  • Nano Server is supported only on the Current Branch for Business (CBB) model–there is no Long-Term Servicing Branch (LTSB) release for Nano Server at this time. See the following subsection for more information.

Current Branch for Business

Nano Server is serviced with a more active model, called Current Branch for Business (CBB), in order to support customers who are moving at a “cloud cadence,” using rapid development cycles. In this model, feature update releases of Nano Server are expected two to three times per year. This model requires Software Assurance for Nano Servers deployed and operated in production. To maintain support, administrators must stay no more than two CBB releases behind. However, these releases do not auto-update existing deployments; administrators perform manual installation of a new CBB release at their convenience. For some additional information, see Windows Server 2016 new Current Branch for Business servicing option.

The Server Core and Server with Desktop Experience installation options are still serviced on the Long-Term Servicing Branch (LTSB) model, comprising 5 years of mainstream support and 5 years of extended support.

Installation scenarios

Evaluation

You can obtain a 180-day-licensed evaluation copy of Windows Server from Windows Server Evaluations. To try out Nano Server, choose the Nano Server | 64-bit EXE option, and then come back to either Nano Server Quick Start or Deploy Nano Server to get started.

Clean installation

Because you install Nano Server by configuring a VHD, a clean installation is the quickest and simplest deployment method.

  • To get started quickly with a basic deployment of Nano Server using DHCP to obtain an IP address, see the Nano Server Quick Start
  • If you’re already familiar with the basics of Nano Server, the more detailed topics starting with Deploy Nano Server offer a full set of instructions for customizing images, working with domains, installing packages for server roles and other features both online and offline, and much more.
Important

Once Setup has completed and immediately after you have installed all of the server roles and features you need, check for and install updates available for Windows Server 2016. For Nano Server, see the “Managing updates in Nano Server” section of Manage Nano Server.

Upgrade

Since Nano Server is new for Windows Server 2016, there isn’t an upgrade path from older operating system versions to Nano Server.

Migration

Since Nano Server is new for Windows Server 2016, there isn’t migration path from older operating system versions to Nano Server.

Reference : https://docs.microsoft.com/en-us/windows-server/get-started/getting-started-with-nano-server

Windows Containers on Windows Server

Windows Containers on Windows Server

This exercise walks through basic deployment and use of the Windows container feature on Windows Server 2016. During this exercise, you install the container role and deploy a simple Windows Server container. Before starting this quick start, familiarize yourself with basic container concepts and terminology. You can find this information in the Quick Start Introduction.

This quick start is specific to Windows Server containers on Windows Server 2016. Additional quick start documentation, including containers in Windows 10, are found in the table of contents on the left hand side of this page.

Prerequisites:

One computer system (physical or virtual) running Windows Server 2016. If you are using Windows Server 2016 TP5, please update to Window Server 2016 Evaluation.

Critical updates are needed in order for the Windows Container feature to function. Please install all updates before working through this tutorial.1

If you would like to deploy on Azure, this template makes it easy.
2

1. Install Docker

To install Docker we’ll use the OneGet provider PowerShell module which works with providers to perform the installation, in this case the MicrosoftDockerProvider. The provider enables the containers feature on your machine. You also install Docker which requires a reboot. Docker is required in order to work with Windows containers. It consists of the Docker Engine and the Docker client.1

Open an elevated PowerShell session and run the following commands.

First, install the Docker-Microsoft PackageManagement Provider from the PowerShell Gallery.

Install-Module -Name DockerMsftProvider -Repository PSGallery -Force

Next, you use the PackageManagement PowerShell module to install the latest version of Docker.

Install-Package -Name docker -ProviderName DockerMsftProvider

When PowerShell asks you whether to trust the package source ‘DockerDefault’, type A to continue the installation. When the installation is complete, reboot the computer.

Restart-Computer -Force

Tip: If you want to update Docker later:

  • Check the installed version with Get-Package -Name Docker -ProviderName DockerMsftProvider
  • Find the current version with Find-Package -Name Docker -ProviderName DockerMsftProvider
  • When you’re ready, upgrade with Install-Package -Name Docker -ProviderName DockerMsftProvider -Update -Force, followed by Start-Service Docker

2. Install Windows Updates

Ensure your Windows Server system is up-to-date by running:2

sconfig

This shows a text-based configuration menu, where you can choose option 6 to Download and Install Updates:

===============================================================================
                         Server Configuration
===============================================================================

1) Domain/Workgroup:                    Workgroup:  WORKGROUP
2) Computer Name:                       WIN-HEFDK4V68M5
3) Add Local Administrator
4) Configure Remote Management          Enabled

5) Windows Update Settings:             DownloadOnly
6) Download and Install Updates
7) Remote Desktop:                      Disabled
...

When prompted, choose option A to download all updates.

3. Deploy Your First Container

For this exercise, you download a pre-created .NET sample image from the Docker Hub registry and deploy a simple container running a .Net Hello World application.1

Use docker run to deploy the .Net container. This will also download the container image which may take a few minutes.

docker run microsoft/dotnet-samples:dotnetapp-nanoserver

The container starts, prints the hello world message, and then exits.

         Dotnet-bot: Welcome to using .NET Core!
    __________________
                      \
                       \
                          ....
                          ....'
                           ....
                        ..........
                    .............'..'..
                 ................'..'.....
               .......'..........'..'..'....
              ........'..........'..'..'.....
             .'....'..'..........'..'.......'.
             .'..................'...   ......
             .  ......'.........         .....
             .                           ......
            ..    .            ..        ......
           ....       .                 .......
           ......  .......          ............
            ................  ......................
            ........................'................
           ......................'..'......    .......
        .........................'..'.....       .......
     ........    ..'.............'..'....      ..........
   ..'..'...      ...............'.......      ..........
  ...'......     ...... ..........  ......         .......
 ...........   .......              ........        ......
.......        '...'.'.              '.'.'.'         ....
.......       .....'..               ..'.....
   ..       ..........               ..'........
          ............               ..............
         .............               '..............
        ...........'..              .'.'............
       ...............              .'.'.............
      .............'..               ..'..'...........
      ...............                 .'..............
       .........                        ..............
        .....


**Environment**
Platform: .NET Core 1.0
OS: Microsoft Windows 10.0.14393

For in depth information on the Docker Run command, see Docker Run Reference on Docker.com.

Next Steps

Container Images on Windows Server

Windows Containers on Windows 10

For more info please refer :

Windows Containers Quick Start

Windows Containers Quick Start

The Windows container quick start introduces the product and container terminology, steps through simple container deployment examples, and also provides reference for more advanced topics. If you are new to containers or Windows containers, walking through each step of this quick start will provide you with practical hands on experiences with the technology.

1. What are Containers

They are an isolated, resource controlled, and portable operating environment.

Basically, a container is an isolated place where an application can run without affecting the rest of the system, and without the system affecting the application. Containers are the next evolution in virtualization.

If you were inside a container, it would look very much like you were inside a freshly installed physical computer or a virtual machine. And, to Docker, a Windows container can be managed in the same way as any other container.

2. Windows Container Types

Windows Containers include two different container types, or runtimes.

Windows Server Containers – provide application isolation through process and namespace isolation technology. A Windows Server container shares a kernel with the container host and all containers running on the host.

Hyper-V Containers – expand on the isolation provided by Windows Server Containers by running each container in a highly optimized virtual machine. In this configuration the kernel of the container host is not shared with other Hyper-V Containers.

3. Container Fundamentals

When you begin working with containers you will notice many similarities between a container and a virtual machine. A container runs an operating system, has a file system and can be accessed over a network just as if it was a physical or virtual computer system. That said, the technology and concepts behind containers are very different from that of virtual machines. The following key concepts will be helpful as you begin creating and working with Windows Containers.

Container Host: – Physical or Virtual computer system configured with the Windows Container feature.

Container OS Image: – Containers are deployed from images. The container OS image is the first layer in potentially many image layers that make up a container. This image provides the operating system environment.

Container Image: – A container image contains the base operating system, application, and all application dependencies needed to quickly deploy a container.

Container Registry: – Container images are stored in a container registry, and can be downloaded on demand.

Dockerfile: – Dockerfiles are used to automate the creation of container images.

Next Step:

Windows Server Container Quick Start

Windows 10 Container Quick Start

Reference : https://docs.microsoft.com/en-us/virtualization/windowscontainers/quick-start/

Microsoft Windows Server 2016 What’s New

Security at the OS level

Windows Server 2016 includes built-in breach resistance to help thwart attacks on your systems and meet compliance goals. Even if someone finds a way into your environment, the layers of security built into Windows Server 2016 limit the damage they can cause and help detect suspicious activity.

  • Protect your virtual machines. Use the unique Shielded Virtual Machines feature to encrypt your VMs with BitLocker and help ensure they can run only on hosts approved by the Host Guardian Service.
  • Help secure admin credentials. Protect admin credentials from Passthe-Hash attacks using Credential Guard and Remote Credential Guard, and control administrator privileges with Just-In-Time Administration and Just Enough Administration, which together help minimize the time and capability granted for specific privileges.
  • Protect the operating system. Resist breaches with built-in Control Flow

Guard, which helps prevent memory corruption attacks, and Windows Defender, optimized for server roles. Help ensure only trusted software can be run on the server with Device Guard.

  • Improve ability to detect attacks. Use advanced auditing capabilities to help detect malicious behavior.
  • Meet compliance requirements. Built-in security components help address certification requirements for government and industry data-protection regulations, including SOX, ISO 27001, PCI DSS 3.2, and FedRAMP. Find more information at microsoft.com/en-us/ cloud-platform/windows-server-security#compliance.

Application innovation

Increasingly, organizations use apps to help differentiate themselves from the competition. Apps help win, engage, and support customers. Developers building and updating the apps tend to have little patience for the realities of IT infrastructure. They don’t want to wait long for IT services, and they want apps in production to work the same way the apps work on developers’ machines.

Windows Server 2016 supports application innovation using container technology and microservices. Containers can help speed application deployment and streamline the way IT operations and development teams collaborate to deliver applications. In addition, developers can use microservices architectures to separate app functionality into smaller,

“Most of our application portfolio consists of older legacy applications that are cumbersome to update. By moving these applications into Windows Server containers and embracing a microservices architecture, we can break these big applications apart and update the pieces independently. This will reduce customer downtime and increase business agility.”

– Stephen Tarmey

Chief Architect

Tyco International

  • Deliver container benefits to existing apps. Containers help you move existing applications into a modern DevOps environment with little or no code changes, while gaining benefits such as continuous application delivery and better security. Containers can help you introduce new architectures, including microservices, which improve application agility and scale. Also, when developers package apps into containers for delivery to IT, they help standardize on a platform that streamlines deployment on-premises, to any cloud, or to a hybrid architecture across clouds. Now developers can use a production-ready, fully-supported version of Docker Engine to build, ship, and run containers in Windows Server 2016
  • Build cloud-native and hybrid apps. Create new microservices applications using fewer and compressed resources, and more agile “just enough” technologies. Use containers to build, test, and deploy the apps to any cloud, including Microsoft Azure cloud infrastructure. Developers will appreciate the lightweight Nano Server installation option, which delivers Windows Server 2016 as a quick-start, practical platform optimized for building next-generation applications with containers or microservices.

Installation options

Customers who choose the Datacenter or Standard editions are able to customize their installation of Windows Server 2016 by choosing from three options:

Option Scenario Details
Server Core Small-footprint, headless operating system removes the desktop UI from the server and runs only required components. •   Includes local graphical tools such as Task Manager and PowerShell for local or remote management.

•   Does not include MMC or Server Manager.

•   Supported as Long Term Servicing Branch (LTSB).

Nano Server Extremely small, headless operating system ideal for reducing your datacenter footprint or running applications that use containers and microservices. •   Manage remotely, via PowerShell or the web-based Server management tools, or use existing remote management tools such as MMC or System Center.

•   Requires Software Assurance and Current Branch for Business servicing model.

Server with Desktop Experience

(previously known as

Server with a GUI)

Provides user experience for those who need to run an app that requires a local user interface or for a Remote Desktop Services Host. •   Experience a full Windows client shell and experience, consistent with Windows 10.

•   Use with Microsoft Management Console (MMC) and Server management tools available locally on the server.

•   Supported as Long Term Servicing Branch (LTSB).

Take the next step. Learn more at www.microsoft.com/windowsserver

How to Reset HP iLO via Command Line SSH iLO IP

To Reset HP ILO via SSH :

  1. Connect to the iLO via IP address using your chosen SSH client (use PuTTY for Windows)
  2. Login with an Administrator account (or an account with equivalent rights)
  3. At the command type
       cd /map1
    Press Enter
  4. Then type
       reset
    Press Enter
Resetting HP iLO via SSH

The iLO will begin to reset itself. Resetting it fixes a lot of hung-up issues and freezes on the interface. In this Scenario it also recommended to Update iLO Firmware to the latest version wherever possible. Firmware update do not require reboots or downtime .