Loading...

Enable Windows Sandbox on 1903 with and without PowerShell

Reply A+ A-

Windows 10, 1903 introduced a new feature called Windows Sandbox. We will see how to enable and test it on a Hyper-V VM.

In this post I will explain you how to:
- Enable hardware virtualization on the VM
- Enable Windows Sandbox on the VM

What is Windows Sandbox ?
Windows Sandbox is a new feature that allows you to run a virtualized environment from your Windows host computer.
You will be able for instance to execute a specific application on an isolated environment.
Windows Sandbox uses hardware virtualization to create this isolated environment.
You won't need to install a VM to use it.
Indeed it will use OS from your host computer.
You will be able to run it from the Start menu or create a WSB shortcut to run a sandbox with a specific configuration (we will see that).

How to enable it ?
Enable VM Virtualization
By default if you haven't enabled Hardware virtualization on your VM the Sandbow feature will be greyed out, as below:

In my example below, my VM is named 1903
To enable it, proceed as below:
1 / Stop the VM
2 / Check virtualization state using the below commandline:
3 / Enable it using the commandline below
4 / Check again virtualization state

5 / Now you will be able to enable Windows Sandbox feature

Enable Windows Sandbox
Windows Sandbox is a Windows 10 feature.
You can enable it from Windows or from PowerShell.

Enable Windows Sandbow from Windows
1 / In the search bar, type feature
2 / Go to Apps & features

3 / In the Apps & features part, go to Programs and Features
4 / Go to Turn Windows features on or off
5 / In the Features part, check Windows Sandbox
6 / Restart computer

Enable Windows Sandbox from PowerShell
1 / Open PowerShell
2 / Type the below commandline

Start Windows Sandbox
1 / Search Windows Sandbox  

2 / Start it


How to configure a Sandbox ?
As mentioned before, you can run a Sandbox from the Start menu or from a WSB shortcut.

WSB, what is it ?
Well, it's pretty simple, the WSB file will allow you to run a Sandbox with a specific configuration.
The WSB structure is based on XML, so you add configuration with open and close tags.
The main structure should begin by <Configuration></Configuration>, as below:
How to create the WSB file ?
1 / Create a new file on your desktop, for instance
2 / Give it a name with .wsb extention (in my case it's called MDT Sandbox)
3 / Edit the WSB file, for instance with Notepad++

What can I configure ?
See below some options you can configure on your Sandbox
- Virtualized GPU (Enable or Disable)
- Networking (Enable or Disable)
- Share a folder from the host (Path and access)
- Startup script
- Startup program

See below a picture from MS that explains Sandbox 
See below Tag to use depending of the option you want to add.
You can map multiple shared folders and run multiple startup commandlines.
Things to note
- The default Sandbox user name will be WDAGUtilityAccount
- When you map a shared folder, it will be automatically located on the desktop Sandbox.
- Once you close a Sandbox everything will be discared and lost


Sandbox in action
Example 1: Run a simple PS1
1 / Networking and Virtualized GPU will be enabled.
2 / One folder will be shared: C:\Scripts
- In the Scripts folder there is a Install.ps1 file.
3 / The ps1 file will be executed at startup
4 / This script will just display a messagebox

See below the used WSB configuration file:
See below the Sandbox in action:

Example 2: Test a WPF GUI
1 / Networking and Virtualized GPU will be enabled.
2 / One folder will be shared: C:\Applications
- In the Applications folder there is the WPF GUI to display
3 / The ps1 file will be executed at startup
4 / This script will just display a messagebox

See below the used WSB configuration file:
See below the Sandbox in action:

Example 3: Install EXE
1 / Networking and Virtualized GPU will be enabled
2 / One folder will be shared: C:\Applications.
- In the Applications folder there is Notepad++ EXE file
3 / The EXE will be launched silently at startup

See below the used WSB  configuration file:
See below the Sandbox in action:


What's next ?
In my next post I will try to focus on Windows Sandbox configuration.
I will also create a tool to manage WSB files.




Windows_Sandbox 5269646889778924476

Enregistrer un commentaire

Accueil item

Award

Learn KQL in one month

Sponsors

You want to support me ?

Mes articles en français

Books in French


Stats