VMware: My favorite Windows 2012R2 template configuration
Virtual Hardware (VMX) Template configuration
Hardware | Value |
Memory | 2 GB |
CPU’s | Number of virtual sockets: 1 Number of cores per socket: 2 |
Video card | Number of video displays: 1 Total video memory: 5 MB (1280×1024) |
VMCI device | None |
SCSI Controller 0 Hard disk 1 |
LSI Logic SAS, bus sharing: none 40 GB, Thick Provision Eager Zeroed (<—best performance) |
CD/DVD Drive 1 | Client Device |
Floppy Drive 1 | Removed |
Network Adapter 1 | VMXNET3, network: VM Network with DHCP (for joining domain) |
General Options | OS: Microsoft Windows Server 2012 R2 (64-bit) |
VMware Tools | Advanced: Check and upgrade Tools during power cycling |
Virtual Machine Version | 8 (not 9 because you only can edit version 9 via vSphere web-client) |
Advanced > General | Enable logging |
Virtual Machine BIOS configuration
Configuration | Value |
Boot-time Diagnostics Screen | Enabled |
Configuration | Value |
Hard Drive | 1 |
Removable Devices | 2 |
Network boot from VMXNET3 | 3 |
CD-Rom Drive | 4 |
Configuration | Value |
Serial port A | Disabled |
Serial port B | Disabled |
Parallel port | Disabled |
Floppy disk controller | Disabled |
Microsoft Windows Server 2012 R2 template configuration
– Always install the latest VMware Tools (in my case: ESXi 5.5 u2)
– Disable IPv6
– Change the CD/DVD Drive 1 from drive letter D:\ to X:\
– Install VMware display driver: VMware SVGA 3D (Microsoft Corporation – WDDM)
Driver located: C:\Program Files\Common Files\VMware\Drivers\wddm_video\
– Enable Remote Desktop Protocol: Allow connections from computers running Remote Desktop with Network Level Authentication (recommended)
– Computer Name: change full computer name to W2012R2-DC-TMPL
– Windows Updates: Install all available Windows Updates
– Startup and Recovery
: Change the default value from 30 seconds to 5 for faster booting during system failure
– (Optional; security risk!!) Disable UAC: Never notify when: Programs try to install software or make changes to my computer + I make changes to Windows setting
– Notification bar: Always show all icons and notifications on the taskbar
– Internet Explorer: Turn Internet Explorer Enhanced Security off for Administrators. Leave it On for users.
– Internet options: Use black + Check: Delete browsing history on exit
– Account: Select for local Administrator account: Password never expires
– Power Option: customize power plan to: High performance
– Feature: install feature SNMP
– Desktop: Show icons on the Administrators desktop
– Folder options: Check Allows show icons, never thumbnails + Allows show menus + Display the full path in the title bar. Uncheck: Hide extensions for known file types
Finalize Windows 2012R2 template procedure
– Clear Microsoft Event Logs: System, Security, Application
– Defragment the C drive
– Shutdown Windows 2012R2 Template server
Customization Specifications Manager
– Computer Name: Use virtual machine name. This because I use sometimes scripts to deploy multiple VM’s with PowerCLI
– Network: configure default network settings with static
– Workgroup or Domain: configure Windows Server Domain
– Operation System Options: Always select: Generate New Security ID (SID)
Netjes, komt aardig over een met mijn template.
Ik laat echter de UAC meestal netjes aanstaan 😉 (alleen voor SQL wil ik een uitzondering maken)
Bedank Marcel! Ja zat in dubio, pas het artikel wel aan naar “Optioneel”, daar is inderdaad ruimte voor discussie 🙂
LIKE! @sanderdaems
Very nice one, big thanks! Used this article to build my Windows 2012R2 template!
You might consider adding the parameter from this article in the template configuration:
https://blog.vmpros.nl/2015/04/07/vmware-repeated-characters-when-typing-in-remote-console/
Great Guide, you may look at installing the Disk Cleanup Wizard. I have found this helpful for cleaning up files from the local drives.
unticking ipv6 merely unbinds it, it doesn’t disable ipv6… see https://support.microsoft.com/en-gb/kb/929852
How much better performance is gained from thick provisioned vs. thin? Has anyone ever benchmarked?
I think you can leave “Enabled logging” to of on the vm configuration, and I highly don’t recommend completely removing ipv6. I’ve seen a bunch of applications break because of that, and besides, we are eventually adapting ipv6. I’d rather disable Link-Layer Topology Discover and QOS Packet Scheduler (Well unless you really wan’t to control your per port/app traffic, I’d only see this in a very highly saturated vm network environment). remember to do a dism update cleanup after you update to free some space. otherwise nice article
@Mike
You’d only see performance on the first few usage of the vm, but after awhile both just leverages out. by general rule though on production systems I’d think its better (and safe) to go with thick provisioning