Virtualising Hyper-V ‘Validation Fails’

KB ID 0001580

Problem

Normally if you saw this error, it would mean that you didn’t have the advanced virtual extensions turned on, in the physical machine’s BIOS. But here I’m installing on Hyper-V in a vSphere/ESX environment;

Validation Results
The validation process found problems on the server which you want to install features. The selected features are not compatible with the current configuration of your selected server. Click OK to select different features.

Hyper-V cannot be installed: The processor does not have required virtualisation capabilities.

Solution

The VM in question needs to be ‘Powered Off’. Then edit its settings > VM Options > Expand CPU > Hardware virtualisation > Tick “Expose hardware assisted virtualisation to the guest” > OK.

Power on the VM, and then install the Hyper-V role.

Virtualising Hyper-V on Hyper-V

You need to expose the underlying virtualisation extensions on Hyper-V as well, with the following command;

[box]

Set-VMProcessor -VMName “server-name” -ExposeVirtualizationExtensions $true

[/box]

You also need to enable ‘MAC Spoofing’ on the advanced settings of the network card of the VM.

Related Articles, References, Credits, or External Links

NA

Using 32 and 64 Bit WMI Filters For Group Policy

KB ID 0001341 

Problem

I was trying to deploy some client AV packages today, there was an x86 version (x32 Bit) and a x64 bit version of the client software. As I was deploying the software via Group Policy I needed to write a different policy for each package. Then I needed to make sure the x32 bit client only deployed to x32 bit machines, and the 64 bit client only deployed to x64 bit machines.

To do that you need a simple WMI filter.

Create an x86 (32 Bit) WMI Filter

Open the Group Policy Management Console (gpmc.msc) on a domain controller > Drill down to your domain > WMI Filter > New > Give it a sensible name (you will be picking it from a list) > Add > Paste in the following;

[box]SELECT AddressWidth FROM Win32_Processor WHERE AddressWidth =’32′[/box]

Click OK > Accept the warning > OK.

Create a 64 Bit WMI Filter

Open the Group Policy Management Console (gpmc.msc) on a domain controller > Drill down to your domain > WMI Filter > New > Give it a sensible name (you will be picking it from a list) > Add > Paste in the following;

[box]SELECT AddressWidth FROM Win32_Processor WHERE AddressWidth =’64′[/box]

Click OK > Accept the warning > OK.

Applying a WMI Filter to a GPO

With the group policy selected > Scope Tab > WMI Filtering > Select the appropriate filter.

Related Articles, References, Credits, or External Links

Windows 10 Create a WMI Filter for Group Policy

VMware Workstation – Error – ” Virtualized Intel VT-x/EPT is disabled”

KB ID 0000540 

Problem

Seen on VMware Workstation, when attempting to virtualise a product that IS a virtualisation hypervisor (ESX for example).

Error: Virtualized Intel VT-x/EPT is disabled for this ESX VM. You will only be able to run 32-bit nested VMs.

At first I (wrongly) assumed that I needed to enable something in the BIOS on my laptop, and searched though every page to enable some virtualization setting that was turned off. But that’s NOT what it’s telling you. what it is telling you is you are trying to virtualize a virtualization product, so all the clever VT settings from your physical machines CPU will be shown to VMware workstation. But that presents a Virtual CPU to the OS you are installing as a guest (In the case above ESX) and THAT virtual CPU does NOT have Intel- VT-x/EPT enabled.

So a “Nested VM” – is a Guest VM, running Inside a Guest Hypervisor, that’s been virtualized.

Solution

Note: I’m using VMware workstation 8.

1. Right click the VM in question and select “Settings”.

2. Hardware Tab > Processors > Tick the option to enable VT-x/EPT or V/RVI > OK.

3. Restart the guest machine.

Note: You can also do this be editing the machines .vmx file with a text editor and adding the following lines;

[box]

monitor.virtual_mmu = "hardware"

monitor.virtual_exec = "hardware"

vhv.enable = "TRUE"

monitor_control.restrict_backdoor = "true"

[/box]

Related Articles, References, Credits, or External Links

NA