Installation Guide

Next installation step: Boot Windows VM on cluster

Creating a Windows VM is much easier built through virt-manager on a desktop machine compared to using command-line tools on a cluster node. Additionally, the Windows 11 installer is VERY picky about the environment it will allow Windows to be installed on. It looks at the processors, secure boot environment, and a long list of other requirements that can be difficult to satisfy on a Linux server host. It is MUCH simpler, to create a Windows VM somewhere else and just copy the qcow2 file over and run it from there. Windows only checks for the picky environment upon install, not at boot.

You will need:

• Windows 11 ISO
• A desktop machine with virt-manager installed

Inside virt-manager, the following are adequate for a minimum install:

• Memory: 8192
• CPUs: 4
• Disk Image: 64G
• Virtual network 'default': NAT Boot the VM from the installation disk
• Select languages, and install.

Select the version of Windows you want to run.

• You will need Professional or Enterprise if you want more than 64 cores.
• N versions do not have some of the media players and other media-related software.
• Enterprise has options for active directory, group policy, and KMS Licensing.

Continue through the install process:

• Custom Install Windows only
• Select "allocated space" hard drive created earlier
• Install
• Select country or region
• Select keyboard layout
• Name your machine

Since we will be using randomly generated job-specific credentials, we do not want to set up Microsoft accounts. We want local accounts. Your VM most likely does not have internet access, it will now go to a screen that will finally say that it couldn't find internet access. Retry?

• Do NOT press retry. There most likely is no network.

• Press Shift+F10. This will bring up a command prompt.

• In the command prompt type oobe\bypassnro. This will send you back to selecting your country of region. Go through those prompts again, except this time it will not require Internet.

• Who is going to use this device? This is the username of the administrative account on the machine. Choose something appropriate.

• Enter a password. This is the administrator password used to install software, etc on the image. You can change it later from inside the OS if needed.

• Choose privacy settings

• Updates will be applied. This may take a long time.

• Machine will reboot and will finally come up with a login prompt.

• Log in using username and password set earlier.

• Create a standard user account. This will be the account that all of the standard users will use when they use the machine. Choose a username that is appropriate for all users to share. Something like user1, or perhaps something site specific.

Make sure to log in as this user and set sane settings and defaults for this account. These settings and defaults will be shared by everyone using this image.

Initially, set the password for the shared account to something that will be used for testing, since the password will be stored plain text in the test configs. Once you get past the initial testing phase, change the password to something more secure and permanent. This more permanent password will be used any time the VM is booted without the SMBIOS flags used by the OnDemand job to tell the VM to change the password of this user at boot. Only administrators will use the permanent password to install software or make changes to the image.

Next we will install the Virtio Drivers on your VM. Windows will run under qemu, and the Virtio drivers are custom drivers specifically written by the open source community to make Windows run well on qemu.

• Download the driver ISO from fedora here: https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso
• Shutdown the VM and add the ISO CDRom to your image. (Using virt-manager, add hardware, storage, Select custom storage, browse to downloaded ISO, device type is CD-ROM, "Finish")
• Boot the VM with the CD-ROM mounted. Log in as Administrator and go to the CD-ROM drive. Double-click on the virtio-win-gt-x64 installer and go through the installer.
• See this page for additional instructions, links, etc. https://pve.proxmox.com/wiki/Windows_VirtIO_Drivers

The 7lbd_win_setup.ps1 script is used to make most of the customizations needed to make a Windows VM work with 7lbd. It:

1. Creates necessary folder structure
2. Copies win_userconfig.ps1 to the correct location
3. Sets proper permissions on the script
4. Enables Remote Desktop and adds user1 (or specified user) to the Remote Desktop Users group
5. Creates a scheduled task to run the user configuration (password change) script at startup
6. Verifies all actions were completed successfully

The win_userconfig.ps1 PowerShell script will be configured by the 7lbd_win_setup.ps1 script to run at VM boot to change the password to the temporary password provided by Open OnDemand.

To run the 7lbd_win_setup.ps1 script, first copy the 7lbd_win_setup.ps1 script and the win_userconfig.ps1 script onto your VM. If your VM has network, then download the files and put them in the same directory, then run the setup script. If your VM does not have network, mount the provided scripts.iso as a CD-ROM to your VM.

By default, Windows treats PowerShell scripts very different than Linux treats Bash scripts. Unless permitted, Windows will not let users run whatever code they want, even if they have read and execute permissions. PowerShell execution has to be granted before scripts can be run. To temporarily allow scripts to be run, run a Powershell terminal as Administrator, and then issue the following command:

Set-ExecutionPolicy Bypass -Scope Process -Force

This will make it so all PowerShell scripts will temporarily run from that PowerShell console. From that enabled PowerShell console, cd to the directory that contains the two PowerShell scripts and run 7lbd_win_setup.ps1. It should complete the rest of the configuration tasks for you.

Use the following command, with whatever username you named your shared user account

7lbd_win_setup.ps1 --Username user1

The script should give you a status report after execution.