Best Practice for MSP managing client Hyper-V Servers

Iron Contributor

We're a MSP and most of our clients servers have Hyper-V Servers (True Hyper-V Server; not a Windows Server with the role installed). Managing these systems has been a real challenge over the years for us (Using the Hyper-V Management Console from a machine other than the host).

 

Most clients are SMB. 1 Hyper-V Host and 1 VM (The DC). As a result each client's Hyper-V Server is not domain joined. Most are Hyper-V Server 2012 R2; Some are Hyper-V Server 2016.

 

The machines we try to support from (our own laptops when we're onsite) and/or a BDR appliance we leave onsite are both Windows 10 Pro. Our laptops are domain joined to OUR (the MSP) domain. The BDR appliances on-site at each client are NOT domain joined (to ours, or the clients) for security reasons to keep the backups protected if ransomware hits.

 

Is there no clean way for us to use the Hyper-V Management Console on our laptop's or the BDR easily? This is like pulling teeth each time we need to use this and it's always slowing us down when we need to use it the most. It seems to have got worse with Windows 10 and Server 2016 in the requirements to manage these machines when we're NOT on the same domain. It seems the process varies depending on which OS the host is, which OS the machine we want to manage from is, if domain/workgroup, and a myriad of other settings.

 

We have no such problems managing VMWare Hosts or Xen Hosts; managing those hypervisors is CAKE simple and takes seconds to engage regardless of the machine I'm connecting from.

 

We're proficient in doing stuff via powershell, so we often times use that instead to avoid this fiasco, but certain things MUST be done via the GUI (Like troubleshooting failed VM boots etc). I opened a case with MS Partner Support, and it's been almost a month and they've not answered me with anything of substance, other than to use HVRemote (which we're aware of, but doesn't help in Windows 10/Server 2016 era with delegated credentials and/or CredSSP). I find it impossible to believe there is no best practice here for doing this and perhaps I'm just looking in the wrong spots.

 

It's reached the point that we've decided to abandon Hyper-V as our Hypervisor of choice if we can't get this sorted which sucks because I otherwise like Hyper-V.

 

Anyone help a brother out here?

5 Replies

Looks great and I will try that and report back on the 2016/W10 combos, which we have a few out there. Bulk of our clients are still on 2012R2 as their host.

 

Any ideas on 2012 R2 hosts (workgroup) with W10 Pro (Workgroup) as the client? 

Any ideas on 2012 R2 hosts (workgroup) with W10 Pro (Domain) as the client?

 

The first option (workgroup w10pro client) could cover the bulk of our needs as I guess using the BDR would be more "convenient" vs having to do this on our domain-joined laptops with every single client we run into.

I'd think this method should work equally well on 2012 R2

 

 

@Brian Martin 

 

Hi Brian,

 

Waking this from the dead.

 

We are in a similar boat and I'm reaching to multiple parties to see if there is any common solution for hypervisor management for MSPs.  I'd love to mange VMware updates, monitor underlying hardware issues, and configure from a single pane of glass.

Thanks,

David

@D85id 

 

I got nothing for VMWare, though I think vSphere will do this already.

 

For Windows, Microsoft shortly after made "Windows Admin Center" which is what we use which does all that we need, and the new iterations of that have really expanded on the non-domain-joined management which is exactly what we need.