Certificate-based 2012 R2 Hyper-V Replication (powershell)

Similar Messages

• Windows Server 2012 R2 Hyper V on a SBS 2011 Domain replication failure

  I have a SBS 2011 Domain which I am adding two 2012 R2 Standard servers in order to facilitate virtualization and consolidate physical servers. I have the two 2012 R2 servers up and running and a test server running virtually on Hyper-V.   I want
  to test replication from one Hyper-V host to the other, however, I am unable to setup Kerberos delegation in the SBS 2011 AD domain.  Specifically, the Service Type of Microsoft Virtual System Migration Service is not listed.  CIFS is available,
  however, there are no Service Types having to do with Hyper-V available.
  I have upgraded the AD using adprep from the 2012 R2 installation disc, however, this has not added the service types.
  Thank you in advance for the help!

  Hi Justin,
  Thank you for the information.  I had originally reviewed the article you mentioned in your reply, however, this did not work for me.  It accurately described the problem I am having, however, the solution did not work.
  I did a little review of the syntax of the command SETSPN and found that the article referenced above has a "/" instead of a "\" in the command line.  When I modified my syntax to reflect using the forward slash, the command seemed to processed
  correctly, however, when I go back to the delegation steps, the service name is still not there.  I did verify the service was registered properly by listing out all the SPN registrations.
  Clarifying Question:  Based on the command I ran to add this Service, I am wondering if I used the correct servers.  Basically, I have the following:
  Server 1 - SBS 2011 domain controller
  Server 2 - 2012 R2 Hyper-V Server
  Server 3 - 2012 R2 Hyper-V Server
  I want to setup this Kerberos delegation for CIFS and Microsoft Virtual System Migration on Server 2 and 3 and am setting this up using ADUC on Server 1.  I ran the SETSPN command on Server 1 for Server 1 - was this the correct thing to do or should
  I have an SPN entry for Server 2 and/or 3?
  Sorry for what is probably a very basic question.
  Thank you again for your help.

• Hyper-v replication Error Hyper-V received a digital certificate that is not valid from the Replica server 'burstingreplica'. Error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp"

  Hi,
  When trying to initiate hyper-v replication from the main server i'm getting this error in the event logs.
  Hyper-V failed to enable replication for virtual machine 'RECADemo': A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. (0x800B0101). (Virtual Machine ID 561591B6-567C-...)--I'm using certificate based auth and cert is installed/recognized on both machines.Please help.Thanks,Jaffer
  Jaf

  Hi,
  This error occurs because the Microsoft Certificate Trust List Publisher certificate expired. A copy of the CTL with an expired signing certificate exists in the CryptnetUrlCache
  folder. Please try to renew the Trust List Publisher certificate.
  The related KB:
  Event ID 4107 or Event ID 11 is logged in the Application log in Windows and in Windows Server
  http://support.microsoft.com/kb/2328240
  How to Renew the Site Server Signing Certificate (Microsoft Certificate Services)
  http://blogs.technet.com/b/configmgrteam/archive/2009/02/11/how-to-renew-the-site-server-signing-certificate-microsoft-certificate-services.aspx
  Manage Trusted Publishers
  http://technet.microsoft.com/en-us/library/cc733026.aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Hyper-V Replication Certificate Question

  Hi,
  Possibly a common question so apologies if it's simple.
  My main server is HV1.company.local
  My second server will be cloud based and standalone in a workgroup, let's call it hv2 and for arguments sake I'll add the DNS entries of hv2.mydomain.co.uk
  and a certificate for this address.
  Certificates will obviously need to be internet facing so will go for HV1.companydomain.com for the first server.
  Do I just use internal DNS to sort out the fact that the server name is .local?
  Anyone with experience in this set up with best practice and any gotcha's would be much appreciated,
  Cheers,
  JJ

  Hi Sir,
  >>My second server will be cloud based
  Based on my understanding of your case , first you may ensure two hosts can access the IP of each other directly (whatever dns or hosts file ).
  If the network prerequisite is met , then we can think of  it as a workgroup environment and build certificate-based replication for two hyper-v host :
  https://social.technet.microsoft.com/Forums/en-US/c3e309b6-1d5d-4e52-b859-cf36bd5af47d/forum-faq-how-to-implement-hyperv-replica-in-workgroup-environment?forum=winserverhyperv
  Best Regards
  Elton Ji
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• DPM 2012 R2 and Hyper-V Replication, huge conflict and failure to backup

  I have recently created new 2012 R2 servers with DPM 2012 R2 in attempts to upgrade an environment.
  When attempting to create Protection Groups for Hyper-V VM, DPM will consistently omit any VM that happens to have Hyper-V Replication enabled, whether that server is the primary VM instance or a replica VM instance.  ALL other Hyper-V VMs are listed,
  only those with Replication enabled are omitted.  This happens on both DPM 2012 R2 servers, exactly the same results - all VMs without Hyper-V Replication enabled are listed, none of the VMs with replication enabled are visible in the list.
  Obviously we need to be able to backup VMs with Hyper-V replication since replication is only a tiny portion of a DR strategy, it doesn't cover ANY recovery scenario other than the loss of the primary VM - it doesn't allow for restoring any missing or damaged
  files or undoing any other changes to the VM.
  The DPM 2012 R2 server have the latest update rollup (#4) applied and the protection agents have also been updated.
  Looking for some hints since DPM 2012 R2 is supposed to support backing up both the primary and replica VMs, especially when the Hyper-V host if Server 2012 R2.
  Might have to use Windows Server Backup or Veeam's free Hyper-V backup since aside from enabling Hyper-V replication to keep a couple snapshots, DPM isn't a viable backup options in combination with Hyper-V replication.

  As per the following blog:
  http://blogs.technet.com/b/dpm/archive/2014/04/25/backing-up-of-replica-vms-using-dpm.aspx
  you should be able to backup Hyper-V VMs even if they are replica VM.
  When you configure DPM to protect both primary and recovery hosts, VM will appear on any of the Servers as it will have the same GUID.
  So, protect primarya nd recovery hosts using different DPM or if you want to protect both primary and recovery using same DPM, make sure that you check both servers so as to discover VM.
  Regards, Trinadh [MSFT] This posting is provided AS IS with no warranties, and confers no rights. If you found the reply helpful, please MARK IT AS ANSWER. Looking for source of information for DPM? http://blogs.technet.com/b/dpm/ http://technet.microsoft.com/en-in/library/hh758173.aspx

• Hyper-V replication across versions (2012 to 2012 R2 and vice versa)

  Does Hyper-V support cross-version replication? In other words, can Windows Server 2012 Hyper-V replicate to Windows Server 2012 R2 Hyper-V server? Vice versa? I tried looking for documentation or blog posts about this but couldn't find any.

  Hi,
  Base on my test, the Hyper-V 2012r2 can't replicate to Hyper-v 2012.
  Additional, the following similar thread may will helpful of your question.
  Windows 2008 HyperV Replica in Windows 2012 HyperV
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/f92b1af2-d3cd-4a5e-a850-dadf0c33d2a1/windows-2008-hyperv-replica-in-windows-2012-hyperv?forum=winserverhyperv
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• 2012 R2 Hyper-V Cluster Replication to Single Non-Cluster Host?

  I can't seem to find a straight answer and in my testing, this doesn't seem to work. Is it supported to replicate from a 2012 R2 Hyper-V cluster to a remote, single 2012 R2 Hyper-V non-cluster host?

  Yes, it's supported, and yes it works. The cluster uses the Hyper-V Replica Broker and the destination system does not.
  Eric Siron Altaro Hyper-V Blog
  I am an independent blog contributor, not an Altaro employee. I am solely responsible for the content of my posts.
  "Every relationship you have is in worse shape than you think."
  To replicate back to the primary site I'll need a replica broker at the DR site however, correct?

• Certificate based authencation logs

  We do have have certificate based authentication enabled using SCEP Profile which gets authenticated with one of our Win2K8 Certificate Server using root certificate. Do we have any option to check somewhere in the ISE logs to see if our users are using certificates to authenticate in the network.
  In our current logs, we do not see anywhere which concludes that certificates is being used.
  ISE Ver 1.2.899.
  EAP-FAST
  EAP Chaining
  Same authc for wired and wlan.
  Thanks&Regards
  Manmohan Singh

  Since I'm using workgroup servers and certificates, I tested the commands manually to observe the output, modifying the steps that require certificatethumbprint as a mandatory parameter.  I did not get success on this first attempt, but I will keep
  trying over the next few days as I have time.
  Thank you for the exemplary script.  It does indeed reveal at least one missed step, such as completing failover, which was necessary to prevent the set-vmreplication from being blocked by the VM's current state.
  In my manual execution, setting the primary as replica had to be performed on the primary after coming back online, at which point both the primary and the replica degenerated to a mutual replica state.  I didn't spend much time trying to correct this
  condition in powershell, but in Hyper-V management I was able to re-establish replication, although it keeps pausing on the new existing primary (now replica) and the replica (now primary) doesn't indicate replication as being paused.
  I will most likely need to remove replication from the VM and start over.  
  It appears that native Windows authentication (matching usernames and passwords) and certificates will be required to successfully reverse replication.  Ultimately, since I will use a service account to enact the role reversal, I tested with a local
  admin that did not exist on both systems. Setting the AsReplica in Set-VMReplication appears to use RPC as the command failed with a permission denied error.
  I will append my findings.  You've given me a great starting point.
  -Michael Kelsey

• Hyper-V Replication stops working (General Access Denied)

  For a customer we have a MAIN/DR solution based on Hyper-V and Replicas.
  Main is equipped with 2 x Windows 2012 in a cluster, DR has one host standalone with Hyper-V.
  The whole shebang is managed via SCVMM 2012 and we have replication enabled for around 4 VM's going from MAIN to DR.
  Everything is working ok for a while and then all of a sudden we're getting events in our NOC about the fact that the replication has stopped. Upon further investigation we found a couple of events stating:
  "Hyper-V failed to open the file 'C:\ClusterStorage\Volume1\VP-SCSQL01\VP-SCSQL01_E.vhdx' for replication in primary server for virtual machine 'VP-SCSQL01': General access denied error (0x80070005). (Virtual Machine ID B7020EE9-A781-4F50-B387-E781FC7F2315)"
  When we recreate the replication (so really deleting everything and setting the VM replication up from scratch) it starts and works fine. Resuming replication does not work.

  Hi Bart,
  Have you tried to enabled hyper-v replica broker for hyper-v cluster ?
  If you have enabled hyper-v replica broker , please try to use cluster manager to reproduce this issue and check if there is any useful event log .
  Best Regards
  Elton Ji
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Network Questions on 2012 R2 Hyper-V Cluster

  I am going through the setup and configuration of a clustered Windows Server 2012 R2 Hyper-V host. 
  I’ve followed as much documentation as I can find, and the Cluster Validation is passing with flying colors, but I have three questions about the networking setup.
  Here’s an overview as well as a diagram of our configuration:
  We are running two Server 2012 R2 nodes on a Dell VRTX Blade Chassis. 
  We have 4-dual port 10 GBe Intel NICS installed in the VRTX Chassis. 
  We have two Netgear 12-Port 10 GBe switches, both uplinked to our network backbone switch.
  Here’s what I’ve done on each 2012 R2 node:
  -Created a NIC team using two 10GBe ports from separate physical cards in the blade chassis.
  -Created a Virtual Switch using this team called “Cluster Switch” with “ManagementOS” specified.
  -Created 3 virtual Nics that connect to this “Cluster Switch”: 
  Mangement (10.1.10.x), Cluster (172.16.1.x), Live Migration (172.16.2.x)
  -Set up VLAN ID 200 on the Cluster NIC using Powershell.
  -Set Bandwidth Weight on each of the 3 NICS.  Mangement has 5, Cluster has 40, Live Migration has 20.
  -Set a Default Minimum Bandwidth for the switch at 35 (for the VM traffic.)
  -Created two virtual switches for iSCSI both with 
  “-AllowManagementOS $false” specified.
  -Each of these switches is using a 10GBe port from separate physical cards in the blade chassis.
  -Created a virtual NIC for each of the virtual switches: 
  ISCSI1 (172.16.3.x) and ISCSI2 (172.16.4.x)
  Here’s what I’ve done on the Netgear 10GB switches:
  -Created a LAG using two ports on each switch to connect them together.
  -Currently, I have no traffic going across the LAG as I’m not sure how I should configure it.
  -Spread out the network connections over each Netgear switch so traffic from the virtual switch “Cluster Switch” on each node is connected to both Netgear 10 GB switches.
  -Connected each virtual iSCSI switch from each node to its own port on each Netgear switch.
  First Question:  As I mentioned, the cluster validation wizard thinks everything is great. 
  But what about the traffic the Host and Guest VMs use to communicate with the rest of the corporate network? 
  That traffic is on the same subnet as the Management NIC. 
  Should the Management traffic be on that same corporate subnet, or should it be on its own subnet? 
  If Management is on its own subnet, then how do I manage the cluster from the corporate network? 
  I feel like I’m missing something simple here.
  Second Question:  Do I even need to implement VLANS in this configuration? 
  Since everything is on its own subnet, I don’t see the need.
  Third Question:  I’m confused how the LAG will work between the two 10 Gbe switches when both have separate uplinks to the backbone switch. 
  I see diagrams that show this setup, but I’m not sure how to achieve it without causing a loop.
  Thanks!

  "First Question:  As I mentioned, the cluster validation wizard thinks everything is great. 
  But what about the traffic the Host and Guest VMs use to communicate with the rest of the corporate network? 
  That traffic is on the same subnet as the Management NIC. 
  Should the Management traffic be on that same corporate subnet, or should it be on its own subnet? 
  If Management is on its own subnet, then how do I manage the cluster from the corporate network? 
  I feel like I’m missing something simple here."
  This is an operational question, not a technical question.  You can have all VM and management traffic on the same network if you want.  If you want to isolate the two, you can do that, too.  Generally, recommended
  practice is to create separate networks for host management and VM access, but it is not a strict requirement.
  "Second Question:  Do I even need to implement VLANS in this configuration? 
  Since everything is on its own subnet, I don’t see the need."
  No, you don't need VLANs if separation by IP subnet is sufficient.  VLANs provide a level of security against snooping that simple subnet isolation provides.  Again, up to you as to how you want to configure things. 
  I've done it both ways, and it works both ways.
  "Third Question:  I’m confused how the LAG will work between the two 10 Gbe switches when both have separate uplinks to the backbone switch. 
  I see diagrams that show this setup, but I’m not sure how to achieve it without causing a loop."
  This is pretty much outside the bounds of a clustering question.  You might want to take network configuration questions to a networking forum.  Or, you may want to talk with Netgear specialist.  Different networking
  vendors can accomplish this in different ways.
  .:|:.:|:. tim

• 2012 R2 Hyper-V HOST with virtualized 2008 R2 SP1 RDSH - Remote FX Capable?

  This article goes over RemoteFX and RDSH for 2008 R2 SP1, but nothing is discussed in regards to 2012 R2 Hyper-V HOSTs for the virtualized RDSH server.
  http://blogs.msdn.com/b/rds/archive/2011/03/25/q-amp-a-microsoft-remotefx-and-remote-desktop-session-host-servers.aspx
  My goal is to use a 2012 R2 Hyper-V HOST server to provide RemoteFX vGPU performance to a 2008 R2 SP1 RDSH server. Is this possible? If not, are there any solutions that can provide graphics performance benefits to an RDSH server? If so, are there limitations?
  What are the benefits?

  Hi,
  A Server 2008 R2 VM does not support vGPU (neither does 2012/2012 R2).  One possibility if the apps you want to improve are DirectX-based is to run RDSH on a physical server, with a GPU installed,
  and enable the Use hardware default graphics adapter for all Remote Desktop Services sessions group policy setting.
  Please thoroughly test with the intended applications, GPU, and expected concurrent number of sessions to see if this configuration benefits you.  It only potentially benefits DirectX applications, and only applies to full desktop connections,
  not RemoteApps.
  Additionally you may want to test Windows Server Technical Preview/Windows Technical Preview since it has enhanced vGPU capabilities for the VMs.  vGPU is supported for a single-user Windows Server RDSH VM.  Please see the document below (and
  its comments) for more information:
  RemoteFX vGPU Updates in Windows Server Next
  http://blogs.msdn.com/b/rds/archive/2014/11/05/remotefx-vgpu-updates-in-windows-server-next.aspx
  Thanks.
  -TP

• Server 2012 R2 Hyper-V Host Loses Network Connectivity

  Here's the scenario...
  We have two 2012 R2 Hyper-V hosts (VM1 and VM2) in a cluster that have 8 virtual machines that live on them. The servers are each utilizing three network connections that are teamed (Switch Independent, Address Hash).  They all go to the same switch.
  Three nights ago at approximately 11:30 PM VM2 lost network connectivity. The server was up it was just inaccessible from the network. I could not ping in or out from it, no internet connection, yet the network connection icon did not show that it was
  disconnected.
  Two nights ago we had no issues.
  Last night, same thing happened at 11:30 PM. VM2 loses it network connection.
  The only thing that seems to fix the issue is a reboot. Once the server comes back up everything is back to normal.
  Anyone have any idea what is happening here? I do not see anything that sticks out in the logs that could point me in the right direction....

  Hi Sir,
  Based on my experience , first you may need to keep the physical NIC driver up-to-date .
  Also please check if there is "VMQ"/"virtual machine queue" property in advanced properties of physical NICs:
  If yes please disable it for each team member then check the result .
  Best Regards,
  Elton Ji
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] .

• Certificate based authentication

  I have a client application that requires certificate based authentication.
  I could not find any instructions on how to set this up in the 11g manuals. So I reverted to the 5.2 manual (http://docs.oracle.com/cd/E19850-01/816-6698-10/ssl.html#18500), and followed some instructions found online.
  I have completed the setup, and the client is able to authenticate using his certificate, and I have verified this in the logs.
  [22/Mar/2012:13:13:33 -0500] conn=34347 op=-1 msgId=-1 - SSL 128-bit RC4; client CN=userid,OU=company,L=city,ST=state,C=US; issuer CN=issuing,DC=corp,DC=company,DC=lan
  [22/Mar/2012:13:13:33 -0500] conn=34347 op=-1 msgId=-1 - SSL client bound as uid=userid,ou=employees,o=company
  [22/Mar/2012:13:13:33 -0500] conn=34347 op=0 msgId=1 - BIND dn="" method=sasl version=3 mech=EXTERNAL
  When adding the usercertificate attribute to the ID I used the following LDIF:
  version: 1
  dn: uid=userid,ou=employees,o=company
  changetype: modify
  replace: userCertificate
  usercertificate: < file:///home/user/Certs/usercert.bin
  the file was a binary encoded certificate file.
  Here is the part that I don't understand when I do a search (or LDIF export) of the user object with the certificate it just returns a short base64 encoded string. when I decode this string, it is just the literal string of "< file:///home/user/Certs/usercert.bin".
  So it appears that the certificate has not been stored on the user object in binary, and yet the certificate authentication still works. The file mentioned, does not exist on the LDAP server (the cert was loaded from another server), so there is no way that it is reading the cert from the file.
  Anyone have any idea what is going on here? And why certificate auth works, when there appears to be not cert stored in LDAP?
  If by chance this is how it is all suppose to work, then how do I go about backing up the usercertificate attribute when I do my LDAP data backups?
  Thanks
  Brian

  Cyril,
  Thanks for the reply.
  I believe I am doing both types of certificate authentication, you are describing. My issue is that when I perform the steps to store the PEM formatted cert into the directory server, rather than storing a binary value of the cert, it appears to be storing the path to the file I attempted to import. The odd part is that I can still authenticate even after this is done.
  I tried to post as much info as I could before without posting any sensitive data, I'll try and expand on that below.
  Here is my documentation of the steps taken to configure the server and setup a user, for what I believe to be certificate based authentication, where the user is authenticated solely on the certificate that they provide (no password is sent).
  1. Server must be running SSL, all connections for Certificate Auth are done over SSL (just a note)
  2. From the DSCC
  ----a. Directory Servers Tab -> Servers Tab -> Click Server Name
  ----b. Security Tab -> General Tab
  ----c. In "Client Authentication" section, select:
  --------i. LDAP Settings: "Allow Certificate-Based Client Authentication"
  --------ii. This should be the default setting.
  3. On the directory server setup the /ldap/dsInst/alias/certmap.conf file:
  ----a. certmap default default
  ----default:DNComps
  ----default:FilterComps uid,cn
  4. restart the directory server
  5. Do the following to setup the user who will be connecting. On their unix account (or similar)
  ----a. Create a directory to hold the certDB
  --------i. mkdir certdb
  ----b. Create a CertDB
  --------i. /ldap/dsee7/bin/certutil -N -d certdb
  ------------1) Enter a password when prompted
  ----c. Import the CA cert
  --------i. /ldap/dsee7/bin/certutil -A -n "OurRootCA" -t "C,," -a -I ~/OurRootCA.cer -d certdb
  ----d. Create a cert request
  --------i. /ldap/dsee7/bin/certutil -R -s "cn=userid,ou=company,l=city,st=state,c=US" -a -g 2048 -d certdb
  ----e. Send the cert request to the PKI Team to generate a user cert
  ----f. Take the text of the generated cert & save it to a file
  ----g. Import the new cert into your certdb
  --------i. /ldap/dsee7/bin/certutil -A -n "certname" -t "u,," -a -i certfile.cer -d certdb
  ----h. Create a binary version of cert
  --------i. /ldap/dsee7/bin/certutil -L -n "certname" -d certdb -r > userid.bin
  ----i. Add the binary cert to the user's LDAP entry (version: 1 must be included - I read this in a doc somewhere, but it doesn't seem to matter)
  --------i. ldapmodify
  ------------1) ldapmodify -h host -D "cn=directory manager" -w password -ac
  ------------2)
  ------------version: 1
  ------------dn: uid=userid,ou=employees,o=company
  ------------sn: Service Account
  ------------givenName: userid
  ------------uid: userid
  ------------description: Service Account for LDAP
  ------------objectClass: top
  ------------objectClass: person
  ------------objectClass: organizationalPerson
  ------------objectClass: inetorgperson
  ------------cn: Service Account
  ------------userpassword: password
  ------------usercertificate: < file:///home/userid/Certs/userid.bin
  ------------nsLookThroughLimit: -1
  ------------nsSizeLimit: -1
  ------------nsTimeLimit: 180
  After doing this setup I am able to perform a search using the certificate:
  ldapsearch -h host -p 1636 -b "o=company" -N "certname" -Z -W CERTDBPASSWORD -P certdb/cert8.db "(uid=anotherID)"
  This search is successful, and I can see it logged, as having been a certificate based authentication:
  [23/Mar/2012:13:25:20 -0500] conn=44605 op=-1 msgId=-1 - fd=136 slot=136 LDAPS connection from x.x.x.x:53574 to x.x.x.x
  [23/Mar/2012:13:25:20 -0500] conn=44605 op=-1 msgId=-1 - SSL 128-bit RC4; client CN=userid,OU=company,L=city,ST=state,C=US; issuer CN=issuer,DC=corp,DC=company,DC=lan
  [23/Mar/2012:13:25:20 -0500] conn=44605 op=-1 msgId=-1 - SSL client bound as uid=userid,ou=employees,o=company
  [23/Mar/2012:13:25:20 -0500] conn=44605 op=0 msgId=1 - BIND dn="" method=sasl version=3 mech=EXTERNAL
  If I understand correctly that would be using the part 2 of your explanation as using the binary encoded PEM to authenticate the user. If I am not understanding that corretly please let me know.
  Now the part that I am really not getting is that the usercertificate that is stored on the ID is as below:
  dn: uid=userid,ou=employees,o=company
  usercertificate;binary:: PCBmaWxlOi8vL2hvbWUvdXNlcmlkL0NlcnRzL3VzZXJpZC5iaW4
  which decodes as: < file:///home/userid/Certs/userid.bin
  So I'm still unclear as to what is going on here, or what I've done wrong. Have I set this up incorrectly such that Part 2 as you described it is not what I have setup above? Or am I missunderstanding part 2 entirely?
  Thanks
  Brian
  Edited by: BrianS on Mar 23, 2012 12:14 PM
  Just adding ---- to keep my instruction steps indented.

• Windows Server 2008 Standard 64 bit edt support Hyper-v replication

  Dear Team.
  Windows Server 2008 Standard 64 bit edt support Hyper-v replication or not.
  If my primary physical server down so my secondary server act as primary server.

  Hi,
  Windows Server 2008 Hyper-V do not Support Hyper-V replica.
  This is a new Feature in Hyper-V for Windows Server 2012.
  http://technet.microsoft.com/en-us/library/hh831410.aspx#BKMK_Replica
  Regards
  Sebastian

• Limit Hyper-V Replication Data Transfer Rate

  Hello,
  i need to limit data transfer rate for Hyper-v replication because between two Datacenter have bandwidth limitation.
  Please suggest

  You can use the New-NetQoSPolicy cmdlet to set the throttling limits -
  http://technet.microsoft.com/en-us/library/hh967468.aspx. Based on the destination port (the port on which the replica server has been configured to receive replication traffic - maybe it's port 80 in your case) or the destination subnet, you can specify
  a throttling value (-ThrottleRateActionBitsPerSecond) or assign a weight (MinBandwidthWeightAction).
  Eg: New-NetQosPolicy "Replica traffic to 8080" –DestinationPort 8080 –ThrottleRateActionBitsPerSecond 100000
  or check the link to Thomas blog
  http://www.thomasmaurer.ch/2013/12/throttling-hyper-v-replica-traffic/