I take advantage of VirtualField incessantly to create digital machines for testing new variations of Fedora, new utility applications, and many administrative instruments like Ansible. I’ve even used VirtualField to check the creation of a Windows visitor host.
Never have I ever used Windows as my main working system on any of my private computer systems and even in a VM to carry out some obscure job that can not be carried out with Linux. I do, nonetheless, volunteer for a corporation that makes use of one monetary program that requires Windows. This program runs on the workplace supervisor’s pc on Windows 10 Pro, which got here preinstalled.
This monetary utility is just not particular, and a better Linux program may simply exchange it, however I’ve discovered that many accountants and treasurers are extraordinarily reluctant to make adjustments, so I’ve not but been in a position to persuade these in our group emigrate.
This set of circumstances, together with a current safety scare, made it extremely fascinating to transform the host operating Windows to Fedora and to run Windows and the accounting program in a VM on that host.
It is necessary to grasp that I’ve an excessive dislike for Windows for a number of causes. The main ones that apply to this case are that I’d hate to pay for an additional Windows license – Windows 10 Pro prices about $200 – to put in it on a brand new VM. Also, Windows 10 requires sufficient info when setting it up on a brand new system or after an set up to allow crackers to steal one’s identification, ought to the Microsoft database be breached. No one ought to want to supply their identify, cellphone quantity, and start date with a purpose to register software program.
The bodily pc already had a 240GB NVMe m.2 storage system put in in the one obtainable m.2 slot on the motherboard. I made a decision to put in a brand new SATA SSD within the host and use the prevailing SSD with Windows on it because the storage system for the Windows VM. Kingston has a wonderful overview of varied SSD units, kind components, and interfaces on its website online.
That strategy meant that I would not must do a totally new set up of Windows or any of the prevailing utility software program. It additionally meant that the workplace supervisor who works at this pc would use Linux for all regular actions equivalent to e-mail, net entry, doc and spreadsheet creation with LibreOffice. This strategy will increase the host’s safety profile. The solely time that the Windows VM can be used is to run the accounting program.
Back it up first
Before I did the rest, I created a backup ISO picture of all the NVMe storage system. I made a partition on a 500GB exterior USB storage drive, created an ext4 filesystem on it, after which mounted that partition on /mnt. I used the dd command to create the picture.
I put in the brand new 500GB SATA SSD within the host and put in the Fedora 32 Xfce spin on it from a Live USB. At the preliminary reboot after set up, each the Linux and Windows drives have been obtainable on the GRUB2 boot menu. At this level, the host could possibly be dual-booted between Linux and Windows.
Looking for assist in all of the web locations
Now I wanted some info on making a VM that makes use of a bodily arduous drive or SSD as its storage system. I rapidly found a variety of details about how to do that within the VirtualField documentation and the web on the whole. Although the VirtualField documentation helped me to get began, it isn’t full, leaving out some important info. Most of the opposite info I discovered on the web can also be fairly incomplete.
With some important assist from one among our Opensource.com Correspondents, Joshua Holm, I used to be in a position to break by means of the cruft and make this work in a repeatable process.
Making it work
This process is definitely pretty easy, though one arcane hack is required to make it work. The Windows and Linux working techniques have been already in place by the point I used to be prepared for this step.
First, I put in the latest model of VirtualField on the Linux host. VirtualField will be put in from many distributions’ software program repositories, straight from the Oracle VirtualField repository, or by downloading the specified package deal file from the VirtualField website online and putting in regionally. I selected to obtain the AMD64 model, which is definitely an installer and never a package deal. I take advantage of this model to bypass an issue that’s not associated to this specific undertaking.
The set up process at all times creates a vboxusers group in /and so forth/group. I added the customers supposed to run this VM to the vboxusers and disk teams in /and so forth/group. It is necessary so as to add the identical customers to the disk group as a result of VirtualField runs because the consumer who launched it and in addition requires direct entry to the /dev/sdx system particular file to work on this situation. Adding customers to the disk group gives that degree of entry, which they might not in any other case have.
I then created a listing to retailer the VMs and gave it possession of root.vboxusers and 775 permissions. I used /vms for the listing, but it surely could possibly be something you need. By default, VirtualField creates new digital machines in a subdirectory of the consumer creating the VM. That would make it not possible to share entry to the VM amongst a number of customers with out creating a large safety vulnerability. Placing the VM listing in an accessible location permits sharing the VMs.
I began the VirtualField Manager as a non-root consumer. I then used the VirtualField Preferences ==> General menu to set the Default Machine Folder to the listing /vms.
I created the VM with no digital disk. The Type ought to be Windows, and the Version ought to be set to Windows 10 64-bit. Set an inexpensive quantity of RAM for the VM, however this may be modified later as long as the VM is off. On the Hard disk web page of the set up, I selected the “Do not add a virtual hard disk” and clicked on Create. The new VM appeared within the VirtualField Manager window. This process additionally created the /vms/Test1 listing.
I did this utilizing the Advanced menu and carried out the entire configurations on a single web page, as seen in Figure 1. The Guided Mode obtains the identical info however requires extra clicks to undergo a window for every configuration merchandise. It does present a bit extra in the way in which of assist textual content, however I didn’t want that.
Figure 1: Create a brand new digital machine however don’t add a tough disk.
Then I wanted to know which system was assigned by Linux to the uncooked Windows drive. As root in a terminal session, use the lshw command to find the system project for the Windows disk. In this case, the system that represents all the storage system is /dev/sdb.
# lshw -short -class disk,quantity
H/W path Device Class Description
/zero/100/17/zero /dev/sda disk 500GB CT500MX500SSD1
/zero/100/17/zero/1 quantity 2047MiB Windows FAT quantity
/zero/100/17/zero/2 /dev/sda2 quantity 4GiB EXT4 quantity
/zero/100/17/zero/three /dev/sda3 quantity 459GiB LVM Physical Volume
/zero/100/17/1 /dev/cdrom disk DVD+-RW DU-8A5LH
/zero/100/17/zero.zero.zero /dev/sdb disk 256GB TOSHIBA KSG60ZMV
/zero/100/17/zero.zero.zero/1 /dev/sdb1 quantity 649MiB Windows FAT quantity
/zero/100/17/zero.zero.zero/2 /dev/sdb2 quantity 127MiB reserved partition
/zero/100/17/zero.zero.zero/three /dev/sdb3 quantity 236GiB Windows NTFS quantity
/zero/100/17/zero.zero.zero/four /dev/sdb4 quantity 989MiB Windows NTFS quantity
[root@office1 and so forth]#
Instead of a digital storage system situated within the /vms/Test1 listing, VirtualField must have a method to establish the bodily arduous drive from which it’s as well. This identification is completed by making a *.vmdk file, which factors to the uncooked bodily disk that might be used because the storage system for the VM. As a non-root consumer, I created a vmdk file that factors to all the Windows system, /dev/sdb.
$ VBoxManage internalcommands createrawvmdk -filename /vms/Test1/Test1.vmdk -rawdisk /dev/sdb
RAW host disk entry VMDK file /vms/Test1/Test1.vmdk created efficiently.
I then used the VirtualField Manager File ==> Virtual Media Manager dialog so as to add the vmdk disk to the obtainable arduous disks. I clicked on Add, and the default /vms location was displayed within the file administration dialog. I chosen the Test1 listing after which the Test1.vmdk file. I then clicked Open, and the Test1.vmdk file was displayed within the checklist of accessible arduous drives. I chosen it and clicked on Close.
The subsequent step was so as to add this vmdk disk to the storage units for our VM. In the settings menu for the Test1 VM, I chosen Storage and clicked on the icon so as to add a tough disk. This opened a dialog that confirmed the Test1vmdk digital disk file in a listing entitled Not hooked up. I chosen this file and clicked on the Choose button. This system is now displayed within the checklist of storage units related to the Test1 VM. The solely different storage system on this VM is an empty CD/DVD-ROM drive.
I clicked on OK to finish the addition of this system to the VM.
There was another merchandise to configure earlier than the brand new VM would work. Using the VirtualField Manager Settings dialog for the Test1 VM, I navigated to the System ==> Motherboard web page and positioned a verify within the field for Enable EFI. If you don’t do that, VirtualField will generate an error stating that it can not discover a bootable medium if you try to boot this VM.
The digital machine now boots from the uncooked Windows 10 arduous drive. However, I couldn’t log in as a result of I didn’t have an everyday account on this technique, and I additionally didn’t have entry to the password for the Windows administrator account.
Unlocking the drive
No, this part is just not about breaking the encryption of the arduous drive. Rather, it’s about bypassing the password for one of many many Windows administrator accounts, which nobody on the group had.
Even although I may boot the Windows VM, I couldn’t log in as a result of I had no account on that host and asking folks for his or her passwords is a horrible safety breach. Nevertheless, I wanted to log in to the VM to put in the VirtualField Guest Additions, which would offer seamless seize and launch of the mouse pointer, permit me to resize the VM to be bigger than 1024×768, and carry out regular upkeep sooner or later.
This is an ideal use case for the Linux functionality to vary consumer passwords. Even although I’m accessing the earlier administrator’s account to start out, on this case, he’ll not assist this technique, and I will not be capable of discern his password or the patterns he makes use of to generate them. I’ll merely clear the password for the earlier sysadmin.
There is a really good open supply software program instrument particularly for this job. On the Linux host, I put in chntpw, which most likely stands for one thing like, “Change NT PassWord.”
# dnf -y set up chntpw
I powered off the VM after which mounted the /dev/sdb3 partition on /mnt. I decided that /dev/sdb3 is the proper partition as a result of it’s the first massive NTFS partition I noticed within the output from the lshw command I carried out beforehand. Be certain to not mount the partition whereas the VM is operating; that would trigger important corruption of the information on the VM storage system. Note that the proper partition may be totally different on different hosts.
Navigate to the /mnt/Windows/System32/config listing. The chntpw utility program doesn’t work if that’s not the current working listing (PWD). Start this system.
# chntpw -i SAM
chntpw model 1.00 140201, (c) Petter N Hagen
Hive <SAM> identify (from header): <SystemRootSystem32ConfigSAM>
ROOT KEY at offset: 0x001020 * Subkey indexing sort is: 686c <lh>
File measurement 131072  bytes, containing 11 pages (+ 1 headerpage)
Used for knowledge: 367/44720 blocks/bytes, unused: 14/24560 blocks/bytes.
<>========<> chntpw Main Interactive Menu <>========<>
Loaded hives: <SAM>
1 - Edit consumer knowledge and passwords
2 - List teams
- - -
9 - Registry editor, now with full write assist!
q - Quit (you can be requested if there's something to avoid wasting)
What to do?  ->
The chntpw command makes use of a TUI (Text User Interface), which gives a set of menu choices. When one of many main menu gadgets is chosen, a secondary menu is normally displayed. Following the clear menu names, I first selected menu merchandise 1.
What to do?  -> 1
===== chntpw Edit User Info & Passwords ====
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | dis/lock |
| 03ec | john | ADMIN | dis/lock |
| 01f7 | DefaultAccount | | dis/lock |
| 01f5 | Guest | | dis/lock |
| 01f8 | WDAGUtilityAccount | | dis/lock |
Please enter consumer quantity (RID) or zero to exit: [3e9]
Next, I chosen our admin account, john, by typing the RID on the immediate. This shows details about the consumer and affords further menu gadgets to handle the account.
Please enter consumer quantity (RID) or zero to exit: [3e9] 03eb
================= USER EDIT ====================
RID : 1003 [03eb]
00000221 = Users (which has four members)
00000220 = Administrators (which has 5 members)
Account bits: 0x0214 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain belief ac | [ ] Wks belief act. | [ ] Srv belief act |
[X] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login rely: zero, whereas max tries is: zero
Total login rely: 47
- - - - User Edit Menu:
1 - Clear (clean) consumer password
2 - Unlock and allow consumer account [probably locked now]
three - Promote consumer (make consumer an administrator)
four - Add consumer to a gaggle
5 - Remove consumer from a gaggle
q - Quit enhancing consumer, again to consumer choose
Select: [q] > 2
At this level, I selected menu merchandise 2, “Unlock and enable user account,” which deletes the password and permits me to log in with no password. By the way in which – that is an computerized login. I then exited this system. Be certain to unmount /mnt earlier than continuing.
I do know, I do know, however why not! I’ve already bypassed safety on this drive and host, so it issues not one iota. At this level, I did log in to the previous administrative account and created a brand new account for myself with a safe password. I then logged in as myself and deleted the previous admin account in order that nobody else may use it.
There are additionally directions on the web for utilizing the Windows Administrator account (01f4 within the checklist above). I may have deleted or modified the password on that account had there not been an organizational admin account in place. Note additionally that this process will be carried out from a dwell USB operating on the goal host.
So I now had the Windows SSD operating as a VM on my Fedora host. However, in a irritating flip of occasions, after operating for just a few hours, Windows displayed a warning message indicating that I wanted to “Activate Windows.”
After following many extra dead-end net pages, I lastly gave up on attempting to reactivate utilizing an present code as a result of it appeared to have been someway destroyed. Finally, when making an attempt to comply with one of many on-line digital assist chat classes, the digital “Get help” utility indicated that my occasion of Windows 10 Pro was already activated. How can this be the case? It saved wanting me to activate it, but once I tried, it mentioned it was already activated.
By the time I had spent a number of hours over three days doing analysis and experimentation, I made a decision to return to booting the unique SSD into Windows and are available again to this at a later date. But then Windows – even when booted from the unique storage system – demanded to be reactivated.
Searching the Microsoft assist website was unhelpful. After having to fuss with the identical automated assist as earlier than, I known as the cellphone quantity offered solely to be informed by an automatic response system that every one assist for Windows 10 Pro was solely offered by web. By now, I used to be practically a day late in getting the pc operating and put in again on the workplace.
Back to the longer term
I lastly sucked it up, bought a duplicate of Windows 10 Home – for about $120 – and created a VM with a digital storage system on which to put in it.
I copied numerous doc and spreadsheet information to the workplace supervisor’s dwelling listing. I reinstalled the one Windows program we want and verified with the workplace supervisor that it labored and the information was all there.
So my goal was met, actually a day late and about $120 quick, however utilizing a extra commonplace strategy. I’m nonetheless making just a few changes to permissions and restoring the Thunderbird tackle ebook; I’ve some CSV backups to work from, however the *.mab information include little or no info on the Windows drive. I even used the Linux discover command to find all those on the unique storage system.
I went down plenty of rabbit holes and needed to extract myself and begin over every time. I bumped into issues that weren’t straight associated to this undertaking, however that affected my work on it. Those issues included fascinating issues like mounting the Windows partition on /mnt on my Linux field and getting a message that the partition had been improperly closed by Windows (sure – on my Linux host) and that it had mounted the inconsistency. Not even Windows may try this after a number of reboots by means of its so-called “recovery” mode.
Perhaps you observed some clues within the output knowledge from the chntpw utility. I reduce out among the different consumer accounts that have been displayed on my host for safety causes, however I noticed from that info that the entire customers have been admins. Needless to say, I modified that. I’m nonetheless stunned by the poor administrative practices I encounter, however I suppose I shouldn’t be.
In the top, I used to be pressured to buy a license, however one which was no less than a bit inexpensive than the unique. One factor I do know is that the Linux piece of this labored completely as soon as I had discovered all the required info. The situation was coping with Windows activation. Some of you will have been profitable at getting Windows reactivated. If so, I’d nonetheless wish to understand how you probably did it, so please add your expertise to the feedback.
This is but another excuse I dislike Windows and solely ever use Linux alone techniques. It can also be one of many causes I’m changing the entire group’s computer systems to Linux. It simply takes time and convincing. We solely have this one accounting program left, and I must work with the treasurer to seek out one which works for her. I perceive this – I like my very own instruments, and I want them to work in a method that’s finest for me.