MED-V Configuration Hiccups

Microsoft Enterprise Desktop Virtualization, or MED-V… an really cool new technology.  And as with any right-out-of-the-stable product, documentation is a bit sparse.  Worse, there are currently no Microsoft-sponsored forums for the product.  Those of us wising to deploy right away are going to be figuring things out on our own… again.

A few tidbits so far:

  • There appears to be a missing manual, available at various places on the Internet, but not from Microsoft.  Perhaps it came with the MED-V beta?  Anyway, it has some good step-by-step configuration info for IIS that is not present in the official manual.  Get it here:
  • When setting up an HTTP distribution server for MED-V, make sure the following role services get installed:
    • BITS Server Extensions (added as a general feature after IIS is installed)
    • Windows Authentication
    • Basic Authentication
    • Client Certificate Mapping Authentication
  • You will need to grant read/write access to the image upload directory on the IIS server… kind of a “duh” note; however, you may want to add the permissions from the IIS console rather than from explorer, as doing so avoids issues with web.config and BITS transaction file permissions.
  • Before you download a MED-V image to a MED-V client, you will need to add the two following MIME types to the IIS server:
    • .index – application/octet-stream
    • .ckm – application/octet-stream
  • Reporting Database configuration:
    • Documentation suggests but does not specifically state that when configuring MED-V to use a remote SQL server for the reporting database, you should need to use SQL Authentication. If you attempt to use Windows Integrated security, you will see that the Med-V service attempts to connect to the new database as an “anonymous user” (which, of course, fails).
    • The documentation tells you to provide the SQL Server “SA” login and password to the MED-V database configuration tool.  This, if course, is not necessary.  You can and should create a separate SQL login for MED-V.  This login will need to have “dbcreator” rights at the time you create the database, but this role can be revoked as soon as the database has been created.
    • Your database connection string should resemble the following example:
      Data Source=DBSERVER1Instance1;Initial Catalog=MEDVReports;uid=medvReportUser;password=G1bb3r1$hP@ssw0rd
  • XP Image Configuration:
    • When configuring your XP image for sysprep and domain join, you must create an sysprep.inf configuration that will run mini-sup in fully unatteded mode.  You file must contain the following entries in addition to your preferred local settings:
    • [Unattended]




      FullName=”User Full Name”
      OrgName=”Your Organization Name”

    • You also must configure the automatic administrator logon option for at least as many times as are required to perform your planned computer rename and domain join operations (whcihc would be two reboots, but you might want to pad it a bit to be safe).  Keep in mind that the MED-V client will not be able to hook into the guest GINA using your MED-V login creds until the workstation has been joined to the domain.