VMware: My favorite Windows 2012R2 template configuration

9

image

 

Virtual Hardware (VMX) Template configuration

Hardware Value
Memory 2 GB
CPU’s Number of virtual sockets: 1
Number of cores per socket: 2
Video card Number of video displays: 1
Total video memory: 5 MB (1280×1024)
VMCI device None
SCSI Controller 0
Hard disk 1
LSI Logic SAS, bus sharing: none
40 GB, Thick Provision Eager Zeroed (<—best performance)
CD/DVD Drive 1 Client Device
Floppy Drive 1 Removed
Network Adapter 1 VMXNET3, network: VM Network with DHCP (for joining domain)
General Options OS: Microsoft Windows Server 2012 R2 (64-bit)
VMware Tools Advanced: Check and upgrade Tools during power cycling
Virtual Machine Version 8 (not 9 because you only can edit version 9 via vSphere web-client)
Advanced > General Enable logging

 

Virtual Machine BIOS configuration

image

Configuration Value
Boot-time Diagnostics Screen Enabled

image

Configuration Value
Hard Drive 1
Removable Devices 2
Network boot from VMXNET3 3
CD-Rom Drive 4

 

image

Configuration Value
Serial port A Disabled
Serial port B Disabled
Parallel port Disabled
Floppy disk controller Disabled

 

Microsoft Windows Server 2012 R2 template configuration

– Always install the latest VMware Tools (in my case: ESXi 5.5 u2)

image

 

– Disable IPv6

image

 

– Change the CD/DVD Drive 1 from drive letter D:\ to X:\

image

– Install VMware display driver: VMware SVGA 3D (Microsoft Corporation – WDDM)

image

Driver located: C:\Program Files\Common Files\VMware\Drivers\wddm_video\


– Enable Remote Desktop Protocol:
Allow connections from computers running Remote Desktop with Network Level Authentication (recommended)

image

– Computer Name: change full computer name to W2012R2-DC-TMPL

image


– Windows Updates:
Install all available Windows Updates

image


– Startup and Recovery

: Change the default value from 30 seconds to 5 for faster booting during system failure

image


– (Optional; security risk!!) Disable UAC:
Never notify when: Programs try to install software or make changes to my computer + I make changes to Windows setting

image


– Notification bar:
Always show all icons and notifications on the taskbar

image

 

– Internet Explorer: Turn Internet Explorer Enhanced Security off for Administrators. Leave it On for users.

image

 

– Internet options: Use black + Check: Delete browsing history on exit

image

 

– Account: Select for local Administrator account: Password never expires

image

 

– Power Option: customize power plan to: High performance

image

– Feature: install feature SNMP

image


– Desktop:
Show icons on the Administrators desktop

image

 

– Folder options: Check Allows show icons, never thumbnails + Allows show menus + Display the full path in the title bar. Uncheck: Hide extensions for known file types

image

 

Finalize Windows 2012R2 template procedure

– Clear Microsoft Event Logs: System, Security, Application
– Defragment the C drive
– Shutdown Windows 2012R2 Template server

 

Customization Specifications Manager

– Computer Name: Use virtual machine name. This because I use sometimes scripts to deploy multiple VM’s with PowerCLI

image

 

– Network: configure default network settings with static

image

image

image

 

– Workgroup or Domain: configure Windows Server Domain

image

 

– Operation System Options: Always select: Generate New Security ID (SID)

image

About Author

9 thoughts on “VMware: My favorite Windows 2012R2 template configuration

  1. Netjes, komt aardig over een met mijn template.
    Ik laat echter de UAC meestal netjes aanstaan 😉 (alleen voor SQL wil ik een uitzondering maken)

  2. Marcel :

    Netjes, komt aardig over een met mijn template.
    Ik laat echter de UAC meestal netjes aanstaan ;-) (alleen voor SQL wil ik een uitzondering maken)

    Bedank Marcel! Ja zat in dubio, pas het artikel wel aan naar “Optioneel”, daar is inderdaad ruimte voor discussie 🙂

  3. I think you can leave “Enabled logging” to of on the vm configuration, and I highly don’t recommend completely removing ipv6. I’ve seen a bunch of applications break because of that, and besides, we are eventually adapting ipv6. I’d rather disable Link-Layer Topology Discover and QOS Packet Scheduler (Well unless you really wan’t to control your per port/app traffic, I’d only see this in a very highly saturated vm network environment). remember to do a dism update cleanup after you update to free some space. otherwise nice article

    @Mike

    You’d only see performance on the first few usage of the vm, but after awhile both just leverages out. by general rule though on production systems I’d think its better (and safe) to go with thick provisioning

Leave a Reply

Your email address will not be published. Required fields are marked *