Spinning up a bunch of virtual desktops in Amazon WorkSpaces (videos)

This was a pretty fun project that I had gotten so I figured I would share the experience. There are multiple use cases for virtual desktops. In our case, it’s ephemeral – only need them for a few days for a class so that all students can share the same experience without the need for anything but a web browser. They can probably get a better experience with the PCoIP client, but it could be against some company policies. Most companies will allow HTTPs out, so we figured this would be the easiest way.

The way Amazon WorkSpaces works is that each desktop is assigned to a single user and the users sit in the directory service. The service I’m using is the Simple AD (Samba 4) as I had no need for a huge directory. To create the users, we will just need a UID (sAMAccountName in AD) and a password if using the API to create the desktops. If using the Amazon portal to create the desktops, you’ll need the first and last name and an email address as well. You can easily import a CSV file with this information, but for the sake of simplicity, I just use a generic account name and numbers.

After creating the directory and starting up a single desktop, I went to the “Programs” in the Control Panel and “Turn Windows Features on and off” and “Features” to install the “AD DS and AD LDS Tools”. More information on the RSAT tools is available here: https://wiki.samba.org/index.php/Installing_RSAT 

Here’s a short video on how to do it:

Once the RSAT tools are installed, the “dsadd” command will be available to add users. This is the script I’m using that asks for the users and then creates the users:

echo off
set /p users=Number of users to create:
echo "Creating %users% students"
set count=0
    set /a count+=1
    echo creating student%count%
    dsadd user "cn=student%count%,cn=users,dc=corp,dc=amazonworkspaces,dc=com" -samid student%count% -pwd Student%count%
    if "%count%"=="%users%" goto done
    goto createusers

The script will create users with the username student# with passwords Student# – the capital “S” is just for password complexity.

After creating the users, we can go and create the desktops. To do this, I used awscli. On a Mac or Linux system, it can be easily installed running “easy_install awscli”. After installation, there will be a config and credentials file that should be configured in the .aws directory in your home directory. Once that’s set, you can check to see what workspaces you have by running “aws workspaces describe-workspaces” – that gives you an idea of what your workspaces look like. The minimal template I’m using for workspaces looks like this:

 "Workspaces" : [
   "DirectoryId" : "d-9267258c77",
   "UserName" : "%username%",
   "WorkspaceProperties": {
   "RunningMode": "AUTO_STOP"
   "BundleId" : "wsb-gw81fmq2p"

The DirectoryId is the directory service where the users are housed, I’ll be replacing the %username% with student#, and I added RunningMode just to save on costs – they’ll automatically suspend after an hour of idling. It takes about 90s to spin back up if they suspend. The BundleId is the VM that you want to provision. This one is the customized one for our classroom.

With the template in place, we’re ready to run the script:


echo "Number of Desktops to Create [20?]"
read desktops
echo $desktops
         while [  $COUNTER -lt $desktops ]; do
             let COUNTER=COUNTER+1
             echo Creating Desktop number $COUNTER
        sed "s/%username%/student$COUNTER/g" create-workspaces.json > /tmp/student$COUNTER.json
        aws workspaces create-workspaces --cli-input-json file:///tmp/student$COUNTER.json
echo Created $desktops Desktops.

You can remove the temporary files in /tmp afterwards.

Here’s a short video of the scripts in action.

Have fun with your desktops!

How to use PowerCLI to register or unregister a bunch of templates at a time …

I recently resignatured a datastore that housed all of my templates and ran into an issue with a bunch of datastores that wouldn’t unmount and a slew orphaned templates. To get rid of them, I had to unregister them all and then register them, but had a ton, so I didn’t want to do them one at a time.

Unregistering the VM templates is easy. Just select them all, right click and click “remove from inventory”. The registering part is harder – need to browse the datastore and then right click and add to inventory and give it a name. So, I did it with PowerCLI.

The first thing we want to do is get a list of all of the vmtx files in the datastore that the templates reside in. I do it like this:

$vmtxs = gci vmstore:\$((Get-Datacenter -name "DCpod"))\templates -Recurse -Include *.vmtx | select -exp datastorefullpath

You can list it and you should see something like this:

PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> $vmtxs
[templates] Win8.1_Template/Win8.1_Template.vmtx
[templates] Windows 10 template/Windows 10 template.vmtx
[templates] Win2K8R2_Template_1/Win2K8R2_Template.vmtx
[templates] Ubuntu_Server_Template/Ubuntu_Server_Template.vmtx
[templates] Win2K12R2_Template/Win2K12R2_Template.vmtx
[templates] webservertemplate2/webservertemplate2.vmtx

With the list of files, you can loop through and register them all on a particular host like this:

PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> foreach($vmtx in $vmtxs)
$currentname = ($vmtx -split "/|\.")[1]
$vm = new-template -name $currentname -templatefilepath $vmtx -vmhost esxhostname.domain.com


Lenovo T400 blank screen issue on Windows 10

Someone who owns a very well SEO company came to me with a freshly installed Windows 10 OS on a Lenovo T400 and showed me that he would get a black screen at start up. He would suspend the machine (close the lid), and it would come back to normal. He would reboot, and the same problem would reproduce again.

This didn’t happen when he first installed the OS. Only happened after the OS was installed and Windows update was run. I was suspicious that it might be a driver issue, but Lenovo’s website didn’t show much.

Then looked into the device manager and saw this:


What’s interesting here is that the laptop actually has 2 video cards. I think it’s for power savings. I took a gamble and disabled the Intel video card. The problem went away!

Update: Booted into the BIOS and under video settings, found that the Lenovo could install a Switchable graphics driver along with their power management software so that it could save power. So, my hunch was correct. So, no need to disable the Intel card. Just boot into the BIOS and set it to discrete or the other one, whatever it is. I just set mine to discrete.

Microsoft PowerShell takes forever to open!

If you’re in a situation where it appears to take forever to open a PowerShell prompt, Internet access might be the problem.

The easiest resolution at this point appears to allow Internet access to the machine. If that is not possible, you can disable the check for the publisher’s certificate revocation. You can do this from Internet Explorer (or Control Panel, Internet Options) by clicking on Tools, Internet Options. Under the Security section of the Advanced tab, uncheck “Check for publisher’s certificate revocation”.


NOTE: These type of security features are in place for a reason. Take caution when considering disabling these.

A relatively easy/inexpensive way to speed up your old desktop or laptop for ~$100

Ghost binaries on bootable CD/DVD or USB thumb drive
Windows 7 installation DVD or USB thumb drive

There are several ways to speed up some old computers. Sometimes, they might not even be old – they’re just slow.

My mother’s laptop was crawling. It had a dual-core 2ghz chip, 4gb ram. Why was it slow? I figured, 4gb ram is enough to run Windows 7 – I’m running a bunch of VMs and I only have 5gb ram on the server. So, it had to be i/o. Since I had an old 128gb SSD from a laptop I had before, I put it in. The problem was, the laptop had a 320gb hd. Clonezilla wouldn’t clone it – gave me some issues with partimage. I remember that the old Ghost 2003 would do a bigger to smaller disk. So, I tried that. Ghost gave me other issues. I tried ghost.exe -fdsp because this is Windows 7. Vista changed some things with NTFS or something that made Ghost stop working with the default settings. The first time I tried Ghost, it ran for 90 minutes and ran into a bad sector. 🙁 It failed. So I tried bypassing it. I ran ghost with the -BSC -FRO switches. It then ran into some issue with a big file or something and told me to pass the -NTC- switch. Well, that failed and told me the same thing, so I just decided to abandon the ghost idea and start fresh.

Since I had the idea of upgrading my mom’s hd, I did the same with a couple of other computers, so my process has been repeated. On the other machines, I got 1tb Seagate ssd hybrid desktop drives (sshd) for $80 each. Ghost 2003 or 8.0 both work for Windows 7. The first thing I did was put the SSD in along with the disk I wanted to clone. I booted from one of my old Ghost DVD archives, but on one machine, there was only 2 SATA ports, so I had to figure out a way to build a bootable USB thumb drive. The one I ended up using was UNetbootin – with that, I created a FreeDOS bootable thumb drive and copied the ghost.exe binary there. Since the stupid Ghost DVD archive only had .GHO files on it and I could access the DOS partition, I ended up copying ghost.exe by extracting it from an old Hiren’s Boot CD. With that, I was able to boot from USB. You can copy ghost.exe onto the USB drive, but FreeDOS boots in it’s own jail or something. The ghost.exe actually ends up on b:\. You should be able to then do the clone using ghost.exe -FDSP -BSC -FRO. After a successful clone, since this is Windows 7, we’re not exactly done yet. The disk will not boot – will give
Windows failed to start. A recent hardware or software change might be the cause. To fix the problem:

1.Insert your Windows installation disc and restart your computer.
2.Choose your language settings, and then click “Next.”
3.Click “Repair you computer.” If you do not have this disc, contact your system administrator or computer manufacturer for assistance.

Status: 0xc0000225

Info: The boot selection failed because a required device is inaccessible.

This is an easy fix. Just follow the directions. Boot with the Windows 7 install DVD or USB thumb drive and go to repair and it’s done almost automatically. On one host, it asked to run CHKDSK afterwards. I let it run and everything was dandy as well. But if all else fails you could buy one of the best budget gaming laptops that is guaranteed to run great.

if vCenter Server Heartbeat or Neverfail Heartbeat failover appears to be not working or taking a long time …

The main symptom of this problem would be that the vCenter Server Heartbeat console or Neverfail Management Client console would show that the services had failed over, but if you were to try to ping it, it wouldn’t respond.
Logically, there there are some hypotheses you could come up with:

1) Network packet filter isn’t revealed on the active server, so we can’t connect to it.
2) Something wrong w/ the service.
3) The console is wrong and on the backend, nothing failed over.

These would be all wrong.

What we found was that it was an issue with ARP caching on the switches. Because the VM or host abruptly fell off the network, the switches hadn’t expired the ARP entries and that they were stale. You would think that it would be fixed in a minute after the ARP entries expired, but I guess the chain could take a little longer.

Probably the best way to troubleshoot this would be to get on a host on the same network segment and try a ping. If that fails, you could run “arp -a” and check to see if you indeed have the right mac address of the host you want to connect to. If not, you could probably log into the switch to delete the entry or you can create a task to run the command during switchover:

“C:\Program Files\VMware\VMware vCenter Server Heartbeat\R2\bin>nfpktfltr.exe arp”

You should then see the switchover happen without the long delay.

I’m starting to hate Sony laptops!

I guess it’s not just Sony. It’s just managing device drivers. Windows 7 has fixed most issues, but man … keyword = MOST!

A friend asked me to upgrade her laptop to Windows 7. It’s a Sony VGN-FJ67C/R. It’s a laptop from China, so you probably won’t run into the exact same one, but you might run into a similar issue with one from here.

So, I installed Windows and it found a few drivers – the ones that were missing were the Wireless network, video, sound, camera, and mass controller. I’ll thank God that Windows detected and installed the driver for the network. Had it not done that, I’m sure finding it on the net first would’ve been a pain. I started with a Windows update, then went through the device manager and started my search for drivers one at a time. The first was the video driver. Ven 8086 and dev 2592 sent me to Intel’s site and told me that it was a 915GM. Unfortunately, Intel didn’t make a driver for Windows 7 on it. Damn it! Searched around a little bit … couldn’t find it. Well, not a show stopper. Let’s move on. So, updates finished installing and I restart the machine. Somehow, magically, the video card driver starts to install. Awesome! Well, I find that the audio driver is installed too. The damn sound doesn’t work though! Oh man … this will be a pain … well, after an hour long exhaustive search (Sony doesn’t have drivers – HP does, but they don’t work), I just go to RealTek.com and install the RealTek HD drivers from there. Magically, it works! It’s Ven 10EC Dev 0260 if you’re interested. That was a pain in the ass! Last, but not least, I had the mass controller – ven 104c and dev AC8E – TI PCI-7×20/6×20. It wasn’t too bad. I just installed the Windows XP driver and it worked! Actually, some site said that they tried it, so I just followed suit. Superb! 🙂

This took a little longer than expected, but man… I guess it was satisfying. 🙂

Hope a person that reads this doesn’t spend as much time as I did! 🙂