Migrating a Windows Server 2003 Virtual Machine to Azure (Really?)

Recently I was asked to archive a virtual machine running Windows Server 2003 from an old VMWare vSphere cluster to Azure. (Really? Yes, really!) Although they will not be using the machine actively, they spin it up a couple times a year just to retrieve old data for reference.

It would be pretty sad if they had to keep the cluster alive just for this machine, so I suggested moving it to Azure and keep it de-allocated unless they need it. Much more cost-effective and stored there safely. You only pay for the storage of the managed disks and the time the machine actually runs a couple of hours a year. They agreed, so let’s see what we had to do to make this happen as this isn’t as straightforward as it would be migrating a newer Windows Server version to Azure.

Of course, it’s not recommended to keep a Windows Server 2003 system in your infrastructure but sometimes legacy applications force your hand. However, because the machine in this case is not actively connected to the network unsupervised, it poses a minimal security risk.

Table of Contents

Support for Windows Server 2003 on Azure

First things first… Does Microsoft even support running Windows Server 2003 in Azure? Short answer: Yes, they do! As official support for Windows Server 2003 ended in 2015, Microsoft no longer provides patches and support for the OS itself. However, they still officially support running it on Azure up until the OS layer. Both 32-bits and 64-bits version of Windows Server 2003 are supported.

The official documentation states the following:

Microsoft ended extended support for Windows Server 2003 on July 14, 2015. If you are running Windows Server 2003, this may put your applications and business at risk, since there may be no security or software updates. You can still move a Windows Server 2003 VM to Azure, and receive assistance in troubleshooting issues that concern running Windows Server 2003 on Azure. However, this support is limited to issues that don’t require OS-level troubleshooting or patch.

There are a few other things to take into account when considering moving your Windows Server 2003 workloads to Azure:

  • You can create a Windows Server 2003 Azure VM from specialized VHD only, not from a generalized (sysprepped) VHD. This makes it impossible to create generalized images from the migrated machine.
  • Windows Server 2003 will not work on Azure out of the box so make sure to review the preparatory work in the migration steps.
  • You will need your own Windows Server 2003 license, and it must be valid. There is no option to purchase it through Azure plans/licensing for Windows.
  • Only two virtual processors per machine are supported officially.
  • You cannot perform an in-place upgrade to newer version of Windows Server after it’s migrated to Azure.
  • Migration will require a re-activation of Windows Server 2003 because it detects that the hardware has changed.
  • The Virtual Machine Agent for Azure is not supported so there will be no telemetry from the guest OS in Azure.

Migration process

Most of the migration work is done through the regular Azure Migrate process, using the virtual Azure Migrate Appliance. As this is not specific to migrating a Windows Server 2003 machine, I will not cover detailed steps on how to set up Azure Migrate for Hyper-V and/or VMWare vSphere. There are plenty of other guides out there that tell you how to do that. Instead, I will focus on Windows Server 2003-specific steps and quirks.

This guide focuses on migrating from a Hyper-V or VMWare vSphere appliance. Physical machine migration is based on Azure Site Recovery with an agent. Agent-based migration is not supported for Windows Server 2003.

Preparation

Hyper-V Integration Services

Azure virtualization uses Hyper-V technology to run you virtual machines. This means that the necessary Hyper-V drivers and integrations need to be installed in the OS in order to connect to the virtual hardware like the network adapters.

Newer Windows Server versions have at least the bare minimum drivers installed by default so they will work on the Azure platform out of the box. Windows Server 2003 however, does not. This is why you have to make sure that any Windows Server 2003 machines you want to migrate should have Hyper-V Integration Services installed or provisioned before you migrate it to Azure. Check out the Options 1 and 2 below to see how to install Hyper-V Integration Services for your virtual machine.

Suppress Terminal Services Errors

If your machine is domain-joined and you move your machine to a domain site that has modern and fully-patched Domain Controllers, you may run into errors when connecting through Terminal Services/RDP/RDS. If you only use local users to logon to your Windows Server 2003 machine, you can skip creating the registry key below as local users/admins are not affected.

“The system cannot log you on due to the following error: The RPC server is unavailable. Please try again or consult your system administrator.”

The cause is some type of incompatibility between Windows Server 2003 and modern Domain Controllers that causes the Windows Server 2003 Server RPC service to be unable to retrieve the Terminal Server configuration for the user’s account from Active Directory. The registry key below will allow the logon process to ignore the errors and continue.

HKLM\System\CurrentControlSet\Control\Terminal Server
Name: IgnoreRegUserConfigErrors
Type: REG_DWORD Value: 1

Option 1 – Migrate from Hyper-V

If your hypervisor is Hyper-V, this is a walk in the park. To check whether the Hyper-V Integration Services are already installed on your machine, you can simply check if the services are present on the guest machine.

  1. Log on to the guest machine using an administrative account.
  2. Open up the Services console by running “services.msc” from the Run dialog or Command Prompt.
  3. Check if the Hyper-V Integration Services are present:

Optionally, you can check if the following registry key exists:

HKLM\Software\Microsoft\Virtual Machine\Auto
Name: IntegrationServicesVersion

If the Integration Services are already installed, you’re good to go.

If not and if you’re running Hyper-V on Windows Server 2012 or Windows Server 2012 R2, all you need is the vmguest.iso that’s located in C:\Windows\System32\ on your hypervisor.

If you are running a newer version of Windows Server on the hypervisor level, you are out of luck. Hyper-V versions running on Windows Server 2016 or higher do not have a vmguest.iso file that contain the Windows Server 2003 compatible setup files. You will have to extract the vmguest.iso file from a machine running Windows Server 2012 or Windows Server 2012 R2 with the Hyper-V role installed.

Then, once you have the appropriate vmguest.iso file, mount it to the optical drive of the guest machine. From the optical drive inside the guest machine, simply run the setup.exe from the appropriate x86 (32-bits) or amd64 (64-bits) folder to install the Integration Services on Windows Server 2003.

Now migrate your server to Azure by using Azure Migrate as you would do normally. It should successfully boot, connect to your Virtual Network and you should be able to connect to it though a Remote Desktop connection.

Option 2 – Migrate from VMWare vSphere

Now when you’re migrating from VMWare vSphere, installation is a bit more tricky. This is because Hyper-V Integration Services will not allow itself to be installed if it detects that it’s not running on a Hyper-V Hypervisor. This means that you cannot install them before you migrate it to Azure. The official solution is functional, but it kinda makes me feel dirty. Nevertheless, it’s the only option we have.

You still need the vmguest.iso file that we mentioned in Option 1 above to install the Integration Services. Because you are not running Hyper-V, you will need to extract it from a machine running Windows Server 2012 or Windows Server 2012 R2 with the Hyper-V role installed (located in C:\Windows\System32\).

Extract the vmguest.iso file and copy the contents of the appropriate x86 (32-bits) or amd64 (64-bits) folder to a location on the C:\ drive. I copied the x86 folder to C:\vmguest as you can see in the screenshot below.

Next, we need to make sure that the setup is run the first time after the machine boots on the Azure platform.

  1. Log on to the guest machine using an administrative account.
  2. Open “gpedit.msc” from the Run dialog or Command Prompt.
  3. Open Computer configuration > Windows Settings > Scripts (Startup/Shutdown).
  4. Open Startup and add the setup.exe file path to the scripts. In my example, the input would be C:\vmguest\x86\setup.exe.

Don’t worry about booting the machine on the old VMWare vSphere platform with the startup script in place. The setup will not run from a non-Hyper-V platform.

Now migrate your server to Azure by using Azure Migrate as you would do normally.

On the first boot on the Azure platform, Windows Server 2003 will automatically install the Hyper-V Integration Services from the location you specified. A prompt to reboot will appear in the boot diagnostics screenshot in Azure, informing you of a pending reboot. (If you do not have boot diagnostics enabled, wait 20 minutes and then reboot. That should be ample time for the setup to complete.)

At this point, reboot the server in Azure through the Azure Portal or by using your favourite Azure shell.

After the reboot, the server should successfully boot, connect to your Virtual Network and you should be able to connect to it though a Remote Desktop connection.

You can remove the startup script entry and optionally remove the installation folder from the guest machine after it has been successfully migrated to Azure.

Reactivate Windows Server 2003

After the migration has successfully completed, the machine will require a re-activation of Windows Server 2003 because it detects that the underlying hardware has changed. I was able to re-activate using phone activation but your mileage may vary.

Leave a Reply

Your email address will not be published. Required fields are marked *