Branchcache demonstration, part 2

Welcome back to my Branchcache demonstration.

Configure the Hosted Cache server

Picking up where part 1 left off, the next step is to configure the host cache server, though you can implement Branchcache without this. In hosted cache mode we store the cache on a designated server in the branch office and clients can pick up cached content from here. On the server located in the branch office , just start up Powershell and run

Install-WindowsFeature BranchCache -IncludeManagementTools

Once the feature is installed you configure the server, still from Powershell with

Enable-BCHostedServer (For servers who’s not domain joined)


Enable-BCHostedServer -RegisterSCP (For domain joined, enables automatic discovery from BC-clients)

To confirm the configuration you run


You should see the status something like this


and further down


Configure the clients

As for the clients things are simply configured in Group Policy

First we go to “Computer Configuration, Policies, Administrative Templates, Network, BranchCache” and set the following settings


Setting both the Distributed cache mode and the automatic hosted cache discovery makes the client search AD for a hosted cache server. If it finds a local server then it operates in hosted cache mode, and if not then the clients switch over to distributed mode.

Next we need the firewall configured. In the GPO we navigate to “Computer Configuration, Policies, Windows Settings, Security Settings, Windows Firewall with Advanced Security”

  1. Create a new inbound rule, select “predefined” and “BranchCache – Content Retrieval (Uses HTTP)“, next twice and then “Allow the connection” and click Finish
  2. Create a new inbound rule, select “predefined” and “BranchCache – Peer Discovery (Uses WSD)“, next twice and then “Allow the connection” and click Finish
  3. In outbound rules, create the exact same 2 rules as you just did for inbound.

After the GPO is done and linked to the correct OU you can turn to your clients and run

gpupdate /force

Then the Brachcache service must be restarted, so run from Powershell

Restart-Service PeerDistSvc

And to check the status it’s


Notice that the client has detected a hosted cache server and is then set itself to use it.


So from now on the data from the file share on the content server will be cached on the hosted cache server whenever a client in the branch office access it.

Does it work?

In order to verify this I have performed the following test:

  1. On the hosted cache server, start performance monitor and load all Branchcache counters
  2. From one client copy a file from the file share on the content server to the local hard drive
  3. From another client copy the same file to its local hard drive
  4. Check the Branchcache counters on the hosted cache server that Branchcache works.

And after these steps I had the following result i Performance Monitor


“SMB:Bytes from server” is from the first copy operation where the data is copied from the content server and then cached on this server. “SMB:Bytes from cache” is the second copy operation where the clients get all the data from the cache on the hosted cache server instead of from the content server which is located in another site. Looks great! 🙂

Finally, if you want to read more aboiut deploying Branchcache I recommend you read the Branchcache Deployment Guide from Microsoft. It can be downloaded here:


Branchcache demonstration, part 1

Introduction to Branchcahce

Branchcache was introduced in Windows Server 2008 R2 and it is a tool to reduce the impact of having low bandwidth between a branchoffice and a central file server. The short description would be that either a dedicated server, or the clients themselves, cache the content when a file is opened or copied across the WAN link. When the next client access the same file, most of the content is available on the LAN and the need to copy data across the WAN link is reduced, resulting in a better user experience.

If you want to read more about Branchcache you can check out my own post about it:

In Windows Server 2012 there has been many improvements to Branchcache. A few highlights include:

  • No limitation to number of hosted cache servers in each branch office
  • No need for a separate GPO for each site
  • No need to deploy a certificate to the hosted cache servers
  • Clients can autoconfigure between hosted cache and distributed cache mode
  • Duplicate content is only downloaded once
  • Cache is encrypted by default
  • Cache can now be pre-loaded

Full list of changes are located here:

Branchcache can operate in either “hosted cache mode” where a server in the branch office stores the cache, or in “distributed cache mode” where the clients store and shares the cache among themselves. Now I want to make a simple demonstration of Branchcache in hosted cache mode using Windows Server 2012 and Windows 8. First of all:

The lab setup

  • 1 domain divided in 2 sites “HQ” and “SmallOffice” (guess which one is the branch office) with a DC in each site.
  • 1 centralized file server as “content server” (the server containing the files)
  • 1 server in the branch office as “hosted cache server” (the server containing the cache of the content)
  • 2 clients in the branch office
  • All servers are Windows Server 2012, all clients are Windows 8

AD Sites is one of the key components here so make sure you define your sites and subnets correctly.

Setting up the content server

In Windows Server 2012 Powershell is dramatically expanded and improved so it’s no surprise that we use Powershell in the implementation  On the newly installed Windows Server open Powershell and run

Install-WindowsFeature FS-BranchCache -IncludeManagementTools


Next up is to enable the hash publication of the content server. Here we make a GPO and link it to the OU containing the content server. 2 simple settings located under “Computer Configuration, Policies, Administrative Templates, Network, Lanman Server”. Once it’s deployed it’s time for a “gpupdate” on the content server


After the group policy is set you have to share a folder and enable brachcache on that share. Simpe way to do so in the GUI


Now that the content server is ready I’m gonna fill it up with some files and in part 2 we will set up the Hosted cache server and the clients and I’ll do a proof of concept.

See you in part 2!

Hyper-V backup using Windows Server Backup

A new feature in Windows Server 2012 is that Windows Server Backup (WSB) now has Hyper-V support, meaning you can use it to take backup of and restore virtual machines running on Hyper-V. This provides a complete backup and restore solution out-of-the-box which can prove to be good enough in some environments, particularly in the SMB market.

Install Windows Server Backup

To install Windows Server Backup you can use

  • Server Manager – Added as a feature under “”Add/Remove Roles and Features”
  • Command Line – Run “start /w ocsetup WindowsServerBackup”
  • Powershell (2012) – Run “Add-WindowsFeature Windows-Server-Backup”
  • Powershell (2008 R2) – Run “Import-Module ServerManager” and then “Add-WindowsFeature -Name Backup-features -IncludeAllSubFeature”

Nice 2 know about Windows Server Backup 

  1. WSB uses VSS (Volume Shadow copy Service) to create a .VHDX file which contains a snapshot of the virtual machines that is backed up. This also enables WSB to take full backup of and flush the transaction logs of VSS-aware databases like Active Directory and Microsoft Exchange when you select “VSS full backup”, this is not selected by default.
  2. WSB uses VSS to manage the backup versions, and since VSS is pr-volume this makes WSB unable to maintain several versions of a backup job when you backup to a network share. A backup to a network share will overwrite the previous backup. If you backup to you locally connected drive you can have several versions.
  3. When you backup a VM you get a warning saying the VM will be put in saved state while the backup runs. This is not the case. The VM will continue to run uninterrupted and no one will notice you are backing it up.

Backing up a VM

“wbadmin start backup” is the primary command to backup you vm’s and I won’t go through all the options and switches but there are a few examples.

To backup a VM named “Server1” to the disk mapped as Y, run the following command:

wbadmin start backup -backuptarget:Y: -hyperv:Server1

To backup a VM named “Server1” to a shared folder, run the following command:

wbadmin start backup -backuptarget:\\server2\backup -hyperv:Server1

To backup a VM named “DC1” to a the mapped as Y and flush the transaction logs of AD, run the following command:

wbadmin start backup -backuptarget:Y: -hyperv:DC1 -vssFull

Restore a VM

“wbadmin start recovery” is the primary command to recover a VM from backup. Recovering a VM is slightly more trickier than backing it up, but I have never heard of a backup product where a restore is easier than taking a backup. The command has several options and switches but I’ll stick to the basic ones in this post.

The restore procedure involves finding the version of your backups you want to restore, then which items within that version before the restore itself. To begin with you find your backup versions with the following command

wbadmin get versions


This will provide a list for the backups taken from the local machine. Look for the field “Version Identifier” which you need in the next command. Then we take a look what resides in this backup version with the next command

wbadmin get items -version:(version identifier)


Here you see I have a VM named “LAB2-PC2” that I am able to restore from this backup. To do so I have to grab the “vm identifier” value and the backup version number from before and run the following command

wbadmin start recovery -itentype:hyperv -version:(version identifier) -items:(VM identifier)


Notice the warnings that it will delete the VM if it still exists and restore the VM from the backup. Also you have to verify the network settings of the VM after the restore. As mentioned this command has a numerous options for restoring to alternate locations and such so I would suggest that you go exploring with “wbadmin -?” or have a look at

Restore a single file or folder

WSB only provides a snapshot og the vm and you have to restore the entire vm or nothing at all. But if you just need to restore a file or a folder, then locate the .VHDX file in the backup and mount in disk manager and extract the files from there. Alternatively you can restore on another hyper-v host and boot it up ther to extract the files.

Final words

I’ll keep this short and straight to the point: TEST YOUR BACKUP!

Longer version: I’m convinced one of the more common failures among IT is that people does not try a proper restore until the day they need it the most. I can’t express how important it is that you test your backups and try a restore. Create a restore procedure and write it down! When the day comes that you need it, you will thank yourself that you did.

Thank you for reading, hopefully you have enjoyed it.

The story of DFS and one-way replication

Greetings. Finally my schedule allows me to blog a little bit again, and this time I’m going to return to DFS Replication (DFS-R) and mention a few things about one-way replication.

The default

A default DFS-R setup features a two-way replication which replicates all changes made in either enabled partner in the replication group. This means that any changes made on any partner will be replicated throughout the replication group. Now there are several scenarios (for example software distribution from a central storage) where you want to prevent changes made in the branch offices to replicate.

One-way replication vs Read-only replication

With Windows 2008 R2 we got the option to make replicated member read-only. This marks the entire replicated folder, with subfolders and files, as read only for all users. This way there is no replication from this member because no changes can ever be made. This is the supported way of achieving one-way replication, but you are limited to read access and can’t make any changes whatsoever to the replicated folder.




The other way is to manually edit the replication connections and set the connection status to “disabled”. This will prompt a warning message saying the topology is not fully connected. This configuration is NOT supported but it kind of works. So what does “kind of works” mean? Well, say there’s a central site and a branch office with DFS-R to replicate a folder and you disable the sending connection from the branc hoffice to the central site.

  • Files and folders created in the central site is replicated to the branch office
  • Files and folders created in the branch office are not replicated to the central site

So far so good? However:

  • If a file is first copied to the branch office, and later an updated version of the same file is copied to the central site, the older version in the branch office will not be updated.
  • This seem to be true for Windows Server 2008 R2 and in my Windows 2012 lab, the file in the branch office is replaced and local changes are being discarded when a newer version of that file is copied into the central site.
  • I have not found anything that suggest this configuration is supported in Windows Server 2012



To sum up

The choice of one-way replication in DFS-R is to make a replicated member real-only if you are using 2008 R2. This is the supported configuration. There are an unsupported way which is to disable the replication connections in DFS-R and it works with one exception unless you run Windows Server 2012 where so far this seem to work as it should.


I hope you have enjoyed this post, more DFS-R to come so stay tuned 😉

Server Core vs Minimal interface vs Full interface

DISCLAIMER: This article contains some information from Windows 8. Windows 8 is currently in beta and there’s no guarantee that the final product will behave the same or contain the same features. Nothing in Windows 8 is final and everything is subject to change.

One of my favourite feature in Windows 2008 was the Server Core option, where you installed the server without any GUI and only had a command prompt, notepad and registry editor to set up and manage your server with. This part sounds a lot worse than it really is because you usually just set up your server once with basic configuration and then administer it remotely.

Advantage: Besides a slightly less hardware consumption, the big profit is that the server is automatically immune to several exploits as a large portion of the code for a regular Windows Server is not installed at all. Internet Explorer is the prime example here, and Server Core cannot be affected by IE vulnerabilites since IE does not exist at all. Less code = smaller attacksurface = fewer applicable patches = fewer reboots.

Disadvantage: Server Core is limited in which roles/features it can host and the fact that managing/troubleshooting it can be a bit trickier. It got a lot better in 2008 R2 as Server Core got more features like powershell and the “sconfig” command and could host more roles and features. But it was still a bit scary and slightly risky from a management point of view. Also 3rd party software could be challenging or impossible to install and run on Server Core.

In Windows Server 8 (or Windows server 2012 as the name will be at launch) Microsoft have made huge changes to the Server Core:

  • 3 configuration options: Server Core,  Minimal Interface and Full interface
  • Minimal interface is basically Server Core with local management tools and mmc consoles and can run more roles.
  • You can switch between the 3 configurations at will, though it requires a reboot each time
  • “Server Core” can run quite a few server roles and “Minimal interface” configuration can run almost all roles and features. (I have not tried every single one yet, and RDSH is an exception)

Changing between the GUI configurations

Full Interface -> Minimal Interface / Server Core
The easiest transition is from the “Full Interface” and  “Minimal Interface” configurations. If you have the “Full Interface” on your server you just have to launch Server Manager and choose “Remove Roles and Features” from the Manage-menu. Navigate to “features” and scroll down to and expand “User Interfaces and Infrastructure”. In a “Full Interface” configuration both “Server Graphical Shell” and “Graphical Management Tools…..” are installed. Removing “Server Graphical Shell” will put your server into “Minimal interface” and if you also remove “Graphical Management Tools…” your server goes into Server Core.

Taken from a “Minimal interface” configuration. Installing the highlighted feature puts the server into “Full interface” configuration

Minimal interface -> Server Core
Launch Server Manager and follow the same instructions as for “Full Interface”. Remove “Graphical Management Tools…” to put the server in “Server Core” configuration. Minimal interface -> Full interface Launch Server Manager and add the feature “Server Graphical Shell” to put the server in “Full interface” configuration. (Screenshot above)

Server Core -> Minimal interface

  • If you have another Windows 8 Server or client I strongly recommend you use Server Manager remotely from that server or client to install the features “Graphical Management Tools…” for “Minimal interface” and “Server Graphical Shell” for “Full interface”.
  • If you don’t have any way to manage the server remotely with the Windows 8 Server Manager, then you have the “sconfig” command that brings up a text based menu for server configuration. From there you can easily restore the GUI which puts the server into “Full Interface” configuration. (Screenshot)

The “sconfig” menu with the option to restore the graphical interface

  • Last option is to use dism or powershell to install either the GUI or just the graphical management tools. It will use Windows Update as source but I’ve had a few problems with it (a bug or perhaps user error? ;)) so if you’re asked for the source you need to mount a .wim-image from the installation media first.
  1. Create a folder to mount the .wim-image to. In this example c:\mount
  2. You need to locate the index number in the .wim file for an image with gui-installation (like “SERVERDATACENTER”). Use the command  dism wimfile:d:\sources\install.wim (d:\ is the installation DVD, adjust accordingly) Notice the index number from the output for the server version that does not end with “core”. Screenshot further down
  3. Mount that image with the following command: Dism /mount-wim /WimFile:d:\sources\install.wim /Index:<#_from_step_2> /MountDir:c:\mount /readonly (d:\ is the installation DVD, adjust accordingly). Screenshot further down
  4. Start powershell and run Install-WindowsFeature Server-Gui-Mgmt-Infra –Restart –Source c:\mount\windows\winsxs to get to “Minimal interface” configuration, or run Install-WindowsFeature Server-Gui-Mgmt-Infra,Server-Gui-Shell –Restart –Source c:\mount\windows\winsxs to get to “Full interface” configuration.
  5. Instead of Powershell you can use dism. Follow step 1-3 and then run dism /online /Enable-Feature /Featurename:ServerCore-FullServer /FeatureName:Server-gui-mgmt /source:c:\mount\windows\winsxs to get to “Minimal interface” configuration, or run dism /online /Enable-Feature /Featurename:ServerCore-FullServer /FeatureName:Server-gui-mgmt /FeatureName:Server-GUI-Shell /source:c:\mount\windows\winsxs to get “Full interface” configuration.

The index of a .wim-file. We want the images without “core in the end.

Mounting the correct image in the .wim-file before running the installation

Wrapping up, the Server Core is in my opinion one of the most underestimated security featuers of  Windows Server family, and this time the improvements from 2008 R2 to Windows 8 are huge, and I can think of only 3rd party software as a valid reason to run servers in Full interface configuration instead of Minimal interface configuration.