Windows Utilities Release
The Windows Utilities Release provides BOSH jobs intended to be used as addons, that help operators configure the operating system.
See os-conf-release for Linux OS Configuration.
Example Runtime Configurations
Include the release in your runtime-config.yml:
--- releases: ... - name: windows-utilities version: <some-version>
Setting a password:
addons: ... - name: <some-name> jobs: - name: set_password release: windows-utilities properties: set_password: username: "SomeUser" # defaults to "Administrator" password: "Foobar123!" # must meet default Windows complexity requirements include: stemcell: - os: windows2012R2
set_password job should not be used in conjunction with the
Randomizing each VM's password
addons: - name: <some-name> jobs: - name: randomize_password release: windows-utilities properties: randomize_password: username: "SomeUser" # defaults to "Administrator" include: stemcell: - os: windows2012R2
Enabling experimental BOSH SSH support on Windows
addons: - name: <some-name> jobs: - name: enable_ssh release: windows-utilities include: stemcell: - os: windows2012R2
Configuring a KMS host for your volume-licensed Windows VM to register and activate with
addons: - name: <some-name> jobs: - name: set_kms_host release: windows-utilities properties: set_kms_host: host: some-kms-host.privatedomainname port: 12345 # defaults to 1688 include: stemcell: - os: windows2012R2
Enabling RDP access for Administrators on your Windows Cell
addons: - name: <some-name> jobs: - name: enable_rdp properties: enable_rdp: enabled: true release: windows-utilities include: stemcell: - os: windows2012R2
Note that all of these jobs can be disabled by adding
enabled: false to their properties.
Using These Jobs to RDP With a Remote Desktop Client
To RDP to a windows VM, you can use three of these jobs in conjunction:
- enable_ssh - to make it easy to setup a tunnel with the BOSH CLI
- set_password - alternatively, you may be able to setup a user using your IaaS
To create a tunnel for your RDP client:
bosh ssh -d <deployment> <job> --opts='-L 3389:<internal-ip-of-job>:3389'
Then use your RDP client to connect to
using the password set for the
--vars-store variable generation
will not be able to fulfill the complexity requirements,
as it does not include upper-case letters.
This will not cause the job to fail, however the password will not work.
If you're using --vars-store, you'll need to pass the password
in with a vars file or
-v arg at deployment time.
If you have a bosh director with a credhub,
you may have better luck with password generation.
To launch powershell (or other programs),
first do Ctl + Shift + Esc to open task manager,
Click "More details" in the lower left hand corner,
File>Run New Task.