Around the time that Microsoft released the public beta of SharePoint 2010 they also released a demonstration virtual machine, known as the 2010 Information Worker Virtual Machine, which was updated to RTM in mid-June. This is a fantastic resource for demonstrating SharePoint 2010. The content and demonstration scenarios (including walk-throughs) represent a huge investment from Microsoft and it would be foolish not to at least evaluate these assets. Personally, I think it’s silly to reinvent this wheel.
Now the public beta trial is expiring and people are moving to the RTM build. It appears to be much improved, in that more of the product works in this version and a few niggles have been fixed now. However, it’s widely acknowledged that the resource requirements for this virtual machine are gargantuan due to the breadth of what it offers.
What you get
The first of these VMs doesn’t just have SharePoint Server 2010 (Enterprise). It has:
- Active Directory Domain Services
- SQL 2008 R2
- Office Professional Plus 2010 (including Visio and Project)
- SharePoint Designer 2010
- Visual Studio 2010
- Office Web Applications
- FAST Search for SharePoint 2010
- Project Server 2010
- Office Communication Server 2007 R2
There is a second VM with Exchange Server 2010 which you can use as needed. Note: when downloading the RAR files which self-extract to the VM export files, I highly recommend using the Akamai download links. They will save you time and frustration.
Why I’m writing about it
The first of these VMs does a lot, and will chew up more virtual resources than most physical demo machines have to provide. In this post I documented the tweaks I made to our copy of the Virtual Machines and I’ve reviewed the event logs to identify any other issues that are present in the shipped state. I also spent some time fixing the start-up of some services due to observed delays in network connectivity.
The optimisations achieved here are not immense but they establish a firmer baseline from which to carry out further improvements. Unfortunately I have not had the time to explore the best approach to taking these core assets and removing the bulky bits in order to provide snapshots that unleash bits of the functionality as needed. With time I hope to revisit this and potentially explore other uses for this environment.
SharePoint Server Reconfiguration
These are the steps I’ve taken to reconfigure the SharePoint Virtual Machine:
- Imported the virtual machine. Plugged the Hyper-V Internal Network in to the first NIC and added a second NIC with the Hyper-V ICS Network plugged in to it. To understand more about the NIC naming conventions I’m using here and how we use these Hyper-V networks, please refer to my series on SharePoint development environments.
- If you’re curious, we dual-boot our Sales laptops in to this development environment so our sales people can use Hyper-V as needed.
- The default SharePoint VM RAM is set to 5120MB (5GB) RAM. This could be increased up to ~6GB on a host with 8GB RAM, assuming the load on the root partition is minimal during demonstration and the Exchange VM is not being used concurrently.
- If using a UK keyboard through the Hyper-V Virtual Machine Connection, the password will need to be entered as pass“word1
- Note: at login a warm-up script runs, which I will discuss more in a moment.
- I changed the time zone to London.
- I changed UAC to “Notify me only when programs try to make change to my computer (do not dim my desktop)”. I find that with Known Hyper-V graphics performance issues this setting achieves the right balance between usability and security.
- I reviewed the event logs to identify which Manual Services would start up at a delay. Approximately five minutes after the machine started the Virtual Disk Service started up. That was followed by the following services:
Service Startup Type Application Experience Manual BI Indexing Connector Service Automatic (Delayed Start) Certificate Propagation Manual Diagnostic Policy Service Automatic (Delayed Start) Diagnostic System Host Manual Distributed Transaction Coordinator Automatic (Delayed Start) FAST Search for SharePoint Automatic FAST Search for SharePoint Browser Engine Manual FAST Search for SharePoint QRProxy Manual FAST Search for SharePoint Sam Admin Manual FAST Search for SharePoint Sam Worker Manual Function Discovery Provider Host Manual IPsec Policy Agent Manual Microsoft .Net Framework NGEN v4.0.30319_X86 Automatic (Delayed Start) Microsoft .Net Framework NGEN v4.0.30319_X64 Automatic (Delayed Start) Network Connections Manual Network List Service Manual Office 64 Source Engine Manual Office Software Protection Platform Manual Portable Device Enumerator Service Manual Remote Access Connection Manager Manual Remote Desktop Services Manual Remote Desktop Services Configuration Manual Remote Desktop Services UserMode Port Redirector Manual Secure Socket Tunneling Protocol Service Manual SPP Notification Service Manual SQL Full-Text Daemon Launcher Manual Telephony Manual Windows Defender Automatic (Delayed Start) Windows Module Installer Manual Windows Remote Management Automatic (Delayed Start) Windows Search Automatic (Delayed Start) Windows Update Automatic (Delayed Start) WinHTTP Web Proxy Auto-Discovery Service Manual
- In my testing, switching the Network Connections and WinHTTP Web Proxy Auto-Discovery Service services to Automatic would reduce time to CTRL+ALT+DEL from five minutes to three minutes. It’s worth verifying these results in your environment.
I disable the following services, per my normal virtual machine hardening processes. I don’t believe that any of them are necessary in this environment:
- Certificate Propagation
- Desktop Windows Manager Session Manager
- Distributed Link Tracking Client
- Encrypted File System
- Function Discovery Provider Host
- Function Discovery Resource Publication
- IP Helper
- Microsoft iSCSI Initiator Service
- Multimedia Class Scheduler
- Problem Reports and Solutions Control Panel Support
- Remote Procedure Call (RPC) Locator
- Smart Card
- Smart Card Removal Policy
- Special Administration Console Helper
- Tablet PC Input Service
- Windows Audio
- Windows Audio Endpoint Builder
- Windows Error Reporting Service
- Windows Search
- Wired AutoConfig
I also disabled these services. I have no idea why they were ever enabled.
- Microsoft Fibre Channel Platform Registration Service
- Microsoft FTP Service
Following a reboot to assess boot times after hardening, I was prompted with a firewall exception warning for SharePoint Workspace. I allowed this exception.
I mentioned earlier that a warm-up script launched at login. I reviewed the contents of the script and identified that it enumerated all sites in the farm, so I browsed to each site that was getting warmed up to have a look at that content. Most of these sites pull up the “select a template” page, indicating that there is not content in the web application, so I have chosen to disable the script for now and will likely revisit the use of the IIS.NET application warm-up module when it matures. In the mean time, I recommend that recipients of this build take a snapshot of the VM while the http://intranet and Central Admin web applications are fully warmed up for their needs so they can roll back to that point as needed.
While in MCSONFIG, I turned off:
- Watson Subscriber for SENS Network Notifications
Microsoft Office 2010 (these are sync services – probably best to leave them running)
Microsoft Office Communicator 2007 R2 (this is preferential)
Housekeeping and simple benchmarks
At this point I wanted to take some basic start-up timings so I shut down the VM, but before starting back up I changed the Hyper-V VM’s BIOS settings to boot from IDE before CD. After that I took some pretty unscientific measurements of boot times and resource consumption on my Dell XPS M1330:
- CTRL+ALT+DEL: 2:56.
- Desktop: 3:47.
- Baseline RAM consumption down from >4.5GB to ~3.65GB before hitting the intranet and Central Administration web apps (remember, they aren’t warmed up anymore).
- RAM consumption at just under 4GB after hitting Central Administration.
- RAM consumption at ~4.25GB after hitting http://intranet.
After taking these measurements I shut down the VM and took a snapshot.
These changes are optional, depending on how you will use the VM in your environment. I opted to add a second IP address on our existing internal network range, as follows:
- The initial IP address is 192.168.150.1/255.255.255.0.
- Rename the Local Area Connection NIC to Hyper-V Internal Connection (or your preference).
- Rename the Local Area Connection 2 (or maybe 3) NIC to Hyper-V ICS Connection (or your preference).
- In IPv4 properties on the Hyper-V ICS Connection, change the Advanced TCP/IP Settings to not “Register this connection’s addresses in DNS”, as it is dynamic.
- I disabled IPv6 on both NICs as it is already disable on our host’s network connections.
Add a second IPv4 address to the Hyper-V Internal Connection: 192.168.200.150/255.255.255.0.
- I also added 192.168.200.150 on the DNS tab for this NIC.
- Check DNS to make sure the new address is added.
- Add a HOSTS file entry in the root partition for demo2010a pointing at 192.168.200.150.
- If desirable, add another entry pointing for intranet.contoso.com pointing at 192.168.200.150. This can be used for browsing from the root partition’s browser.
- Tested logging on via Remote Desktop and browsing to Central Admin from the Host machine.
Client tools and other changes
Some final changes are optional, but I think generally desirable.
- Install Firefox, Opera, Safari, Chrome.
- Install PDF Exchange Viewer or your choice of PDF viewer.
- Update: As mentioned by Leon Zandman in the comments here, the free SysInternals ZoomIt tool is very useful for presentations. You may also want to consider adding it.
- Add the environment variable path to the 14 hive’s BIN.
And that’s it for the SharePoint VM. Shutdown and take a new snapshot, optionally deleting the first one. I would suggest exporting the VM if time/resources permit, noting that export operations can be time-consuming and disk intensive.
In part two I’ll discuss the Exchange VM, event logs and potential future improvements.
On TwitterMy Tweets
- Tristan Watkins on Office 365 Single Sign Out with ISA or TMG as the ADFS Proxy
- Tristan Watkins on Adding Drivers to Windows Deployment Services Boot Images
- Mike Redman on Office 365 Single Sign Out with ISA or TMG as the ADFS Proxy
- sameer on Adding Drivers to Windows Deployment Services Boot Images
- Tristan Watkins on SharePoint 2010 SEO Analysis with the IIS SEO Toolkit
- Administrivia (1)
- Authentication (14)
- Business Continuity (3)
- Client applications (18)
- Consultancy and Design (17)
- Hardware (9)
- IT Management (13)
- Miscellaneous (5)
- Mobile (3)
- Networking (18)
- Office 365 Grid (5)
- Performance (26)
- Power (2)
- Security (24)
- SharePoint (78)
- Unified Communications (3)
- Virtualisation (30)
- Windows (57)
TagsActive Directory ADFS administration Amazon Web Services ASUS binding BLOB Claims Cloud DCOM Dell development DNS EC2 Graphics Hyper-V IaaS ICS IIS Information Rights Management Intel IRM Lync NUMA Office 365 PowerShell RMS SAML Search SEO Service Application SharePoint SharePoint 2007 SharePoint 2010 SLAT STSADM User Information User Profile Virtual Machine VMWare w3wp Windows 7 Windows Deployment Services Windows Server 2008 R2 Workgroup
Archives by Month