I have been running Windows Server 2008 R2 as my primary production server platform since it’s release. With the impending release of Windows Server 2012, I thought it would be a good time to go ahead and update the home server network to the latest and greatest so I can take advantage of….the latest greatest! This post will detail my experience with the process.
I generally encourage people to not upgrade production servers in-place because of my experience doing so back in the Windows Server 200 days. Of course now, taking a production server offline for a lengthy upgrade is usually not acceptable. We can mitigate this somewhat in the world of virtualization by upgrading a replica VM of a production server while leaving the original up and running. But I primarily wanted to see if the in-place process was improved at all and to see if I could complete it successfully. There certainly are some advantages to doing in-place, the biggest being that I don’t have to migrate any data or settings. I also don’t have a second physical box any longer on which to build a second machine. So for me, in-place seems like a good option.
So here are some details on my home server environment -
Home built server
I have been running Windows Server 2008 R2 as my primary production server platform since it’s release. With the impending release of Windows Server 2012, I thought it would be a good time to go ahead and update the home server network to the latest and greatest so I can take advantage of.the latest greatest!. This article describes an update in which new TLS cipher suites are added and cipher suite default priorities are changed in Windows RT 8.1, Windows 8.1, Windows Server 2012 R2, Windows 7, or Windows Server 2008 R2. These new cipher suites improve compatibility with servers that support a limited set of cipher suites.
Intel Core i7 Quad Core
32 gigs RAM
Hardwar RAID with a bunch of drives for storage.
Windows Server 2008 R2 Enterprise – Roles: AD Domain Services, DNS, File Services, Hyper-V
In preparation for the in-place upgrade, I did the following -
Complete patch-up through Windows Update
Backed up the entire server
Shut Down all running virtual machines
I then launched Windows Setup and after providing the basic information, I was notified that I needed to update my Schema. I opened an Administrative CMD prompt, then ran the following from the Windows Server 2012 R2 source media -
f:supportadprepadprep /forestprep
f:supportadprepadprep /domainprep
No errors there so I restarted Windows Setup and continued through to the file copy phase. Now I am just waiting on things to copy and start rebooting -
About 15 mins later I started the reboot phases. These lasted another 30 minutes before I was presented with the standard Ctrl+Alt+Del Logon! (total of 44 minutes for the upgrade to complete)
I logged in via an RDP session (since that is how I normally admin this server) to check out critical services and event logs -
The only issue in the event logs pertained to the Net.Tcp Listener Adapter -
The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Sure enough, the Net.Tcp Port Sharing Service was disabled. I set to automatic, started, then started the Listener. Once that was resolved, my Dashboard was all green -
Almost seems too good to be true! I decided to clear the event logs and reboot just to make sure everything was good. The server still came up with no issues.
The last thing I need to verify is that my virtual machines come back online. As you can see below, I have a few test and production machines I still use on the home network -
Azjol-Nerub is a production web server
Gallifrey is a production Domain Controller
The rest are test machines that aren’t normally running.
Both of the productions machines started up and I was able to remote into them with no issues. I am not sure what to think of how smoothly the in-place upgrade process went. I have only performed a handful of in-place upgrades in Windows CLIENT machines in the last 12 years. I much prefer a clean install. But after this upgrade going so smoothly, I may have to re-think the advice I give.
I will be monitoring the install and will follow-up if any unexpected issues pop up.
-Cheers!
11:37AM
Certificate issues on a View server prevent you from connecting to View Administrator or cause a red health indicator to be displayed for a server.
You cannot connect to View Administrator on the View Connection Server instance with the problem. When you connect to View Administrator on another View Connection Server instance in the same pod, you see that the dashboard health indicator is red for the problem View Connection Server instance.
From the other View Connection Server instance, clicking the red health indicator displays SSL Certificate: Invalid and Status: (blank), indicating that a valid certificate could not be found. The View log file contains a log entry of type ERROR with the following error text: No qualifying certificates in keystore.
The View log data is located in C:ProgramDataVMwareVDMlogslog-*.txt on the View Connection Server instance.
Cause
A certificate might not be installed successfully on a View server for any of the following reasons:
The certificate is not in the Personal folder in the Windows local computer certificate store.
The certificate store does not have a private key for the certificate.
The certificate does not have a friendly name of vdm.
The certificate was generated from a v3 certificate template, for a Windows Server 2008 or later server. View cannot detect a private key, but if you use the Certificate snap-in to examine the Windows certificate store, the store indicates that there is a private key.
Verify that the certificate is imported into the Personal folder in the Windows local computer certificate store.
See Import a Signed Server Certificate into a Windows Certificate Store.
Verify that the certificate contains a private key.
See Import a Signed Server Certificate into a Windows Certificate Store.
Verify that the certificate has a friendly name of vdm.
If the certificate was generated from a v3 certificate template, obtain a valid, signed certificate from a CA that does not use a v3 template.