Configuring cloud witness in Windows Server 2016 Cluster Azure Files #cloud #azure #winserv   7 comments

Cloud Witness is a new type of Failover Cluster quorum witness being introduced in Windows Server 2016. But you will need an Azure Subscription to use this unless you are using your own private cloud to use a file share witness in a third  DataCenter. As this post is an edited post but still actual

Earlier I create a blog post about creating a file share in Azure.

https://robertsmit.wordpress.com/2014/06/16/microsoft-azure-file-server-system-error64-or-new-azurestorageshare-cannot-bind-parameter-context-azure-cloud-mvpbuzz/

image

But now this file share can also be used for your Private Cluster Or Azure Cluster but remember your cluster needs internet access to connect to Microsoft Azure.

 

image

Edited 5-11-2014 <>>>>>>

So if you want to have a file witness then you will need the fileshare option but the cloud witness is using the BLOB storage and will cost you almost noting with Azure Credits

However the File share is still in preview under Windows Azure Files  http://msdn.microsoft.com/en-us/library/azure/dn167006.aspx

Sign up for a preview http://azure.microsoft.com/en-us/solutions/storage-backup-recovery/

Now that we have created a new storage account We can use this for the cluster.

If you select the storage account you will see something like this.

image

We are using the blob storage and skip the above but you can use this for other things

<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

image

At the bottom you can select the Manage Access Keys. This is the information we needed for the cluster.

image

Keep this save ! You will need this in your cluster.

image

When opening my windows Cluster Failover manager under more actions you can configure the quorum settings.

image

As always we do the Advance configuration.

imageimage

Now we check the Cloud Witness option.

image

We use the Account name and the Key from the Azure portal that we created earlier.

The screen may differ as you could have a different version!

imageimage

And we have a Cloud Witness here configured in my Public Cloud.

image

We don’t need a site to site VPN just connect the Cluster nodes to Internet ( atleast a Azure connection )

image

If we check the Azure Configuration and there you can see the creation of MSFT-Cloud-Witness. With the files in the blob storage.

 

 

You can also configure this in azure.

With the Get-ClusterQuorum we find quickly what witness we have.

image

and Configuring this is also quickly done put your account name and key in the set-clusterquorum and it will create a Cloud Witness.

Set-ClusterQuorum -AccessKey V7CR1/DijezGyA== -AccountName clusterw10 –CloudWitness

image

Happy clustering

Flickr Tags: ,,,,,

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

OMS Network Performance Monitor #MSOMS #NPM #Azure   Leave a comment

When Using OMS you can benefit of the Network Performance Monitor (NPM), that helps you perform near real-time monitoring of network performance parameters (such as packet loss and network latency) and localize network faults. It not only detects network performance issues, but it also localizes the source of the problem to a particular network segment or device to make it easy for you to locate and fix a network performance issue.

OMS Network Performance Monitor (NPM)

You can detect network issues with the solution dashboard which displays summarized information about your network including recent network health events, unhealthy network links, and subnetwork links that are facing high packet loss and latency. You can drill-down into a network link to view the current health status of subnetwork links as well as node-to-node links.

So what to do to get the full benefit of the NPM.

Deploying NPM involves four basic steps.
1. Enabling the solution on your OMS workspace
2. Installing the OMS agents
3. Configuring the OMS agents
4. Configuring the solution.

Diagram that shows how the solution works.

I Assume you already have the OMS Agent in place and connected and reporting to OMS,if not below are two screens on how to enable the NPM and installing the Agent. And a lot of cool new features are there.

imageimage

Installing the OMS agent Windows Or Linux.

 

OMS Network Performance Monitor (NPM)

Firewall ports are required to be opened on the servers so that the agents can connect to each other.

Run the script without any parameters in a power shell window with administrative privileges. This script creates few registry keys required by NPM and creates windows firewall rules to allow agents to create TCP connections with each other

The port opened by default would be 8084. You have the option of using a custom port by providing the parameter ‘portNumber’ to the script. However, the same port should be used on all the machines where the script is executed.

Note that the script will configure only windows firewall locally. If you have a network firewall you should make sure that it is allowing traffic destined for the TCP port being used by NPM

OMS Network Performance Monitor Agent Configuration Script

OMS Network Performance Monitor (NPM)

Now that the solution is enabled we can configure some networks. All the networks are discovered by the Agent and it will turn-up automatically.

 OMS Network Performance Monitor (NPM)

You can Add a new network ( read this as a Name ) as we give the IP subnet a name and link the subnet to the network

image

Give the network a name and link the subnet to It

image

And don’t forget to save the network. now that the networks have names it is easier to understand the networks.

When looking at the nodes you can easily see what networks the machine is using

image

The monitoring of the networks

image

If you don’t want to monitor Certain networks you can disable the monitoring of this network.

 

Set monitoring rules

Network Performance Monitor generates health events about the connectivity between a pair of nodes or subnetwork or network links when a threshold is breached. These thresholds can be learned automatically by the system or you can configure them custom alert rules.

The Default rule is created by the system and it creates a health event whenever loss or latency between any pair of networks or subnetwork links breaches the system-learned threshold. You can choose to disable the default rule and create custom monitoring rules

OMS Network Performance Monitor (NPM)

In the monitoring rules you can create a special rule set say for the SQL server , Webservers or DMZ / ISCSI networks with each a set of his own rules.

With all this in place and when things are running you may need to tweak the thresholds a bit.

image

There a great in depth overviews and you can adjust them to drip down.

image

Normally this is not the best view for a network but this is a test lab and machines are not always running.

Topology Dashboard

If you click the View topology map link, you will see the hop-by-hop topology of the routes between the source and destination nodes. The unhealthy routes or hops will be colored in red, which will help you to quickly localize the problem to a particular section of the network.

 

image

And if you want to get more detail about your network drill down and adjust the time setting from 7 days to 6 hours

image

to get a Daily overview with OMS Network Performance Monitor with the data based on 6 hours

image

Get a good view of the latency of your network between servers/ HOP’s

Log Analytics search

All data that is exposed graphically through the Network Performance Monitor dashboard and drill-down pages is also available natively in Log Analytics search. You can query the data using the search query language and create custom reports by exporting the data to Excel or PowerBI. The Common Queries blade in the dashboard has some useful queries that you can use as the starting point for creating your own queries and reports.

More and more new OMS features are coming so I guess the data Size is still Growing

 

image

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Posted August 26, 2016 by Robert Smit [MVP] in Azure, MSOMS

Tagged with , ,

Azure Server management tools Manage your servers from anywhere #servermgmt #Azure #SMT   Leave a comment

Server management tools is an Azure service that offers a set of web-based GUI and command line tools to manage Windows Servers. This is especially useful when managing headless servers such as Nano Server and Server Core. These tools also provide rapid access to your on-premises infrastructure in a common dashboard alongside your Azure resources, thereby providing a consistent management experience across your infrastructure. Server management tools supports a set of basic server diagnostic tools.  The Tools are working on Windows Server 2012,Windows Server 2012R2,Windows Server 2016 and Nano Server

Server management tools requires a gateway which can be configured on any server in your environment. The gateway enables communication between the Microsoft Azure portal and your Windows Server machines, whether on-premises in your infrastructure, or hosted in a cloud provider.

A while a go I already created a blog post on this but as there are so many new features a fresh post is in place.

https://robertsmit.wordpress.com/2016/02/12/azure-server-management-tools-offers-a-set-of-web-gui-tools-to-manage-azurestack-servers-rsmt-asmt/

Even now that my wish on the Uservoice is added to the Service Management Tools #SMT the tools are getting better all the time.

How are things working below is a schematic overview.

server management tools

 

A Server management tools gateway is required to enable communication between the Microsoft Azure portal and your Windows Server 2016 machines. A gateway is typically deployed and configured on the same local network as the Windows Server machine(s) you wish to manage. The machine must have an internet connection.

Building the Connection go to Azure and look for Server Management Tools

server management tools

check the Server Management tools and a new right screen will open

server management tools

Just check Create.

imageserver management tools

A common mistake is give the computer name and the gateway the same name. but this will Fail!!

Important Item In the Computer name and the Gateway name can’t be the same name It can but you will not be able to manage this server remotely.

image

provide the NAME/IP/FQDN of the machine you want to connect to ( so not the GATEWAY SERVER )

If this is the first Server management tools connection you are creating, you will also need to choose to create a new Server management tools gateway and give it a name. You will be prompted to complete the gateway configuration after the Server management tools connection is created.

 

Configuring a new Server management tools Gateway

image

When creating the gateway you need to do little configuration on the Gateway server local

server management tools

I choose for automatic updates and you will need to generate a link with the gateway package

 

image

check the generate a package link and use this link to install the gateway

https://pdrsmtrppreviewneu.blob.core.windows.net/ce12af764058e42b8a603d3c2c77f1915/gateway.

image

 

  1. Use the generated link to download the gateway deployment package now, or copy the link URL to download the package later from the machine on which you intend to install the package.

  2. From the machine that you want to designate as the gateway, unzip the package and run GatewayService.MSI.

  3. Once the gateway installation completes, return to the Microsoft Azure portal and reopen your Server management tools connection.

  4. You should now be able to manage your Windows Server 2016 machine if the Microsoft Azure portal can reach it through the gateway.

server management tools

server management toolsserver management tools

now that the Gateway is installed you should see a OK status in the Azure console if not you need to do some extra settings.

After OK status

image

In case the Ok is not showing check your Firewall or past the rule below in the Firewall

NETSH advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow

If you wish to connect using the local Administrator account, you will need to enable this policy on the target machine by running the following command in an administrator session on the target machine:

REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1

And if the WinRM settings are not in place you will need to set the correct winrm settings as well,

winrm set winrm/config/client @{ TrustedHosts="10.255.255.59" }

Change the IP with your own server when you set this on the manage server the trusted host must be the gateway server.

Now that the Service Management Tools Gateway is in place and working the Service Management Tools Connections needs configuration and this is where all the magic happens.

server management tools

when opening the Service Management Tools Connections you will need to set the administrator credentials else you can’t connect and do stuff on your server.

 

image

You can save the Credentials or Fill the in every time you need the Service Management Tools Connections for you server. A new feature is Persist credentials

The ability to save the credentials used to manage the target machines. From the credential entry dialog, you can opt to store credentials securely. The credentials are first encrypted using standard AES 256 encryption and then securely stored within Azure. These credentials can only be decrypted using the certificate which is stored in the Server management tools gateway. When you go to manage an instance, the encrypted credentials are passed down to the Server management tools gateway for decryption, and are then used to process all management requests on the target machine. Even though the credentials are securely stored in Azure, the on-premises certificate provides an additional level of security because only your gateway can decrypt the stored credentials since only your gateway has the certificate used to encrypt them. The certificate used to encrypt the credentials is never passed to Azure and the Azure service will never have access to unencrypted user credentials.

 

image

A brief overview of the server you can customize the view but the more you put in the overview the slower the content is showing in the browser. Unless you need it.

A long list of options and server management tools are there and the list is getting longer, File Explorer,Firewall rules and PowerShell script saving and Certificate manager are all new to the Service Management Tools Connections.

image

 

PowerShell script editor enhancements

The script editor is now equipped with basic file browsing capabilities. You can browse through the files on the target machine and open an existing script. You can create a new script or modify an existing one and save it on the target machine.

Script editor is now also integrated with your Azure Blob storage. You can save your scripts in your blob and make them available across all your servers and to other members of the subscription.

image

image

As the script editor can save the scripts or open the scripts from a blob account so you don’t need to type everything for each server

imageimage

the one thing is missing here is creating a Storage Account. this would be handy if you could create one here.

 

image

On the Storage account you can create a container for you files or if you already have one place the files in this container.

imageimageimage

But when you don’t want to place the files in Azure and leaf them on your server this is also an option.

image image

the File Explorer is a great option to look and use files on the Server and when you look at the storage you will see all the drives and what a great feature it shows even unhealthy drives.

The Certificate manager is also new to the server management tools

It brings the much needed ability to remotely manage certificates on targeted computers. With capabilities such as viewing all or a specific set of certificates, along with relevant event log channels, it helps you to find the root cause of certificate related issues. You can also import, export and delete certificates.

As you can see I  play a lot with the Certificates on the Hyper-V server guess it is time to do some certificate cleaning.

image

 

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Posted August 25, 2016 by Robert Smit [MVP] in Azure

Tagged with

Deploying Storage Spaces Direct with VMM 2016 or with Powershell #Cloud #hyperconverged #SysCtr #S2D   Leave a comment

Windows Server 2016 comes with al lot of new options and Hyper-converged is one of the new options. In this blog post I’ll show you what options you have when using VMM and S2D. The tools are great but so is PowerShell and it always depends on what and how you are building things.

Storage Spaces Direct is a bit like building a Do It Your Self San multiple heads lots of Storage can lose one Head , low costs.

Storage Spaces Direct seamlessly integrates with the Hyper-V / Files Servers you know today. The Windows Server 2016 software defined storage stack, including Clustered Shared Volume File System (CSVFS), Storage Spaces and Failover Clustering.

The hyper-converged deployment scenario has the Hyper-V servers and Storage Spaces Direct components on the same cluster. Virtual machine’s files are stored on local CSVs. This allows for scaling Hyper-V clusters together with the storage it is using. Once Storage Spaces Direct is configured (Enable-ClusterS2D) and the CSV volumes are available, configuring and provisioning Hyper-V is the same process and uses the same tools that you would use with any other Hyper-V deployment on a failover cluster. but now with System Center Virtual Machine Manager 2016 we can also configure this during the deployment.

Hyper-Converged Stack

Above are the layers shown, as you can see the Storage is defined in 3 parts physical disks, spaces and the CSV volumes.

So basically we can configure the cluster with Storage Spaces Direct by hand (PowerShell) or if you are using VMM you can do this by using templates and the GUI. but is this the same and is this handy ? The only change I did in this post is create a Scale out file server to use the Storage Spaces Direct volumes.

Well it is nice that you can do this but when configuring this by hand it gives you much more flexibility and configuration and yes maybe more complex but understanding the method is better than following a wizard.

Let see the options we have in VMM there are a couple of ways to configure this it all depends.

imageimage

Create a Hyper-V cluster and tap the enable Storage Spaces Direct option.

 

image

Or Create a Scale Out file server and check what you want shared Storage or enable Storage Spaces Direct option.

But you can also Create the cluster in VMM and configure later the Storage Spaces Direct. The fact is that VMM 2016 can create and maintain the Storage layer. all from a single interface.

So for this demo I use 4 Servers Sofs02,Sofs04,Sofs06,Sofs08 each server has 8 local Disks

 

image

These 4 servers will be transformed to a Storage Space Direct Cluster

first let me check of all the disks on the server.

Get-PhysicalDisk | ? CanPool -EQ 1 | FT FriendlyName, BusType, MediaType, Size

image

Storage Spaces Direct uses BusType and MediaType to automatically configure caching, storage pool and storage tiering. In Hyper-V virtual machines, the media type is reported as unspecified. So if you are using tools that are expecting certain types of disk you need to fix this.

else when running the cluster validation the cluster creation will fail.

Found a disk with unsupported media type on node ‘Sofs02.mvp.local’. Supported media types are SSD and HDD.

image

Step one is creating a Hyper-v cluster.

 

imageimage

As my servers are in the Storage VMM host group I’ll pick this group. Give the cluster a name and Check the Storage Spaces Direct check box.

So typical when creating this by hand you would do this in PowerShell

install-WindowsFeature "Failover-Clustering","RSAT-Clustering" -IncludeAllSubFeature –ComputerName “sofs02”,”sofs04”,”sofs06”,”sofs08”

Test-Cluster -Node “sofs02”,”sofs04”,”sofs06”,”sofs08”

New-Cluster –Name Democlu201 -Node “sofs02”,”sofs04”,”sofs06”,”sofs08”  -NoStorage -StaticAddress "10.255.255.110"

Enable-ClusterS2D -CacheMode Disabled -AutoConfig:0 –SkipEligibilityChecks  ( as you are running VHDX disks )

The big difference here is you can’t customize this cluster during this step so no Quorum or any other settings.

image

Selecting all the nodes

image

Giving the Cluster a Fix IP or pick one random from the IP pool

image

All the tasks are running an in a few minutes we have a Cluster that holds a Storage Space Direct unless it Fails the cluster validation test.

If you are using the S2D you must run the Cluster validation test and remember only SSD and HDD media type Disks are supported. So if the media type is unspecified or unknown the Validation report will fail and so is this job.

image

In our case the job went successful and the cluster with Storage Space Direct is ready for usage.

image

Now that the cluster is ready you can use the Storage after creating the pool.

And if you already have build a hyper-converged  Cluster Hyper-V servers and Storage Spaces Direct components then you can us this also in VMM.

image

Now that the Cluster is added we can create a Pool.

In case you build the Storage Spaces Direct with Powershell you end up with something like this :

#Create storage pool 
New-StoragePool  -StorageSubSystemName Pool01.mvp.local –FriendlyName Pool01 -WriteCacheSizeDefault 0 -FaultDomainAwarenessDefault StorageScaleUnit -ProvisioningTypeDefault Fixed -ResiliencySettingNameDefault Mirror -PhysicalDisk (Get-StorageSubSystem  -Name Pool01.mvp.local| Get-PhysicalDisk)

#list Storage pool

Get-StoragePool Pool01

#removal of the Storagepool 
Remove-StoragePool –Name Pool01.mvp.local

But when using the VMM Gui tool you will not get the friendly name as when you do this in Powershell

image

image

But this is easy changable

TO check if the Cluster Storage Spaces Direct is enabled you can run a PowerShell command

(Get-Cluster).S2DEnabled

Or check your Cluster under Storage en Enclosures Every server is listed as his own enclosure.

image

Now that the Enclosures are listed We create the pools and the disks

image

We select the Clustered Pool and do manage to create the Virtual disk

image

image

We create a New Pool and if you not created a Classification you will need to do this to.

Give this a name and Pick the disk that you want I select all the Disk and use them for one big Pool.

image

Now that we have selected all the disk and created the pool we can create a Virtual disk on the Pool

image

Creating the disk can be a little confusing in the VMM GUI as you need to press Cancel and OK.

imageimage

Give the disk a name

imageimage

Pick the right Size as my pool s 168GB and I can only do a Mirror you understand I can’t create a 160Gb disk, I have 4 nodes press ca

 

How can this guide help you? You can use this guide and the Software-Defined Storage Design Calculator spreadsheet to design a storage solution that uses the Storage Spaces and Scale-Out File Server functionality of Windows Server 2012 R2 along with cost-effective servers and shared serial-attached SCSI (SAS) storage enclosures.

#Create virtual disks
New-Volume –StoragePoolFriendlyName Pool01 -FriendlyName CSV02 -PhysicalDiskRedundancy 1 -FileSystem CSVFS_REFS –Size 48GB

As you can see I created a Scale out file server and used the Storage Spaces Direct as storage.

image

#create Cluster
New-StorageFileServer –StorageSubSystemName DemoClu201.mvp.local –FriendlyName Demosofs201 -HostName Demosofs201.mvp.local -Protocols SMB

#Create file shares and Folders 
md C:\ClusterStorage\Volume1\shares\VM01

New-SmbShare –Name VM01 -Path C:\ClusterStorage\Volume1\shares\VM01 -FullAccess "mvp\Domain Admins"

image

Now that the File share and SOFS is in place we can add the share to the hyper-v server or cluster for usage.

image

When creating a VM we can use the Storage Spaces Direct to place a VM but as you can see in this post there are several methods to do things and each option has a different choice the right one well it is all on you and it depends. see this table below with the pros and cons.

Storage Spaces deployment tools

Tool

Advantages

Disadvantages

Failover Cluster Manager & Server Manager

  • Easy to use

  • Slow automatic refreshes in Server Manager when working with storage

  • Some tasks require Windows PowerShell

  • No automation can make provisioning more than a couple virtual disks and file shares tedious

System Center Virtual Machine Manager

  • Easy to use

  • Partial automation of cluster deployment

  • Automated management of file share permissions

  • Can be used to deploy and manage VMs

  • Some tasks require Windows PowerShell (including storage tiers)

  • Requires System Center licenses

  • Might require additional infrastructure if you don’t already have System Center or are deploying at a scale that’s greater than your existing deployment can handle

Microsoft Deployment Toolkit

  • Lots of control over operating system installation options

  • Can be used to deploy other PCs and servers

  • Can be complex

  • Some approaches require System Center Configuration Manager licenses

Windows PowerShell

  • Complete control over all aspects of storage

  • Can automate by writing scripts

  • Requires knowledge of Windows PowerShell

  • Scripts require development and testing

After writing this post I can see If you should do this then I would use PowerShell to build the cluster and Storage Spaces direct and add them to VMM but for deploying the basics VMM could be very handy but it all depends on your infra structure.

The VMM option is really great but for me it takes to long to do stuff and often the job fails because I made a typo or the naming is not the way I want it. And the usage of the Storage Spaces Well the Hyper-Converged option vs the Converged option it has it challenges and it all depends on the hardware you have. but for my testlab or in Azure S2D runs great.

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Posted August 22, 2016 by Robert Smit [MVP] in Windows Server 2016

Tagged with ,

System Center 2016 VMM Place template VM in Custom OU #sysctr #Cloud #Deploy #VM   Leave a comment

when using VMM and deploying templates you not always want to place them in the default OU computers

image

But instead you want the Template Server 2016 places in OU TP5 and Hyper-V server directly placed in the OU Hyper-v.

Default there is no Gui item in the VMM console to do this. Say on the domain join tab place this VM in the Hyper-V OU

 image

Instead of this you need to fill in the Value in Powershell. and Make a custom OU field.

image

You can Add Custom Properties as you like.

But first we are creating a Custom Guest OS profile this profile is the basis for the new build template and the Custom OU Placement.

image

Now that the Custom OS profile is in place we can check it there is a domain OU field

Get-SCGuestOSProfile

image

this shows us the field that we must fill in to get the right OU placement.

Get-SCGuestOSProfile |select Name

image

Get-SCGuestOSProfile -name "Guest OS 2016TP5"

Setting this in the OS profile

Get-SCGuestOSProfile -name "Guest OS 2016TP5" |Set-SCGuestOSProfile -DomainJoinOrganizationalUnit "OU=SCVMM16,DC=MVP,DC=local"

image

Now when I create a new template with this OS profile the VM is place in the SCVMM16 OU but it is not anywhere visible in the GUI.

and what if I have already build templates how to place them in Custom OU.

Yes you can do this. First I select all the templates to pick the right one

Get-SCVMTemplate |select name

image

 

$template = Get-SCVMTemplate | where {$_.Name -eq "ws2016G2"}
$template |select name

image

As I made the OU a variable :

$ou = "OU=SCVMM16,DC=MVP,DC=local"

Set-SCVMTemplate -VMTemplate $template -DomainJoinOrganizationalUnit $ou

 

image

So now the Template has a custom OU also.

But still there is no GUI property to show this. therefore go to the Template and create a Custom Property

image

go to the Manage custom Properties

image

Select Virtual Machine Template Properties give it a name “ custom OU “ and assign this to the template

image

Now that tis is assigned we can enable this in the GUI

imageimage

But before we get any value in this field we need match this with the PowerShell Value DomainJoinOrganizationalUnit

 

Get-SCVMTemplate | %{ Set-SCCustomPropertyValue -InputObject $_ -CustomProperty $(Get-SCCustomProperty -Name "Custom OU") -Value $_.DomainJoinOrganizationalUnit }

 

image

As you can see there is an error this is because one template has no value.

image image

 

Now With new deployments the VM’s will be places in the Custom OU

image

 

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

System Center 2016 VMM Current Updates installation | Cumulative Update 1 & 2   Leave a comment

When testing with Windows Server 2016 and system Center 2016 you need to install the CU1 and CU2 update to get the best results. there are several fixes in these updates.

 

 

 

Issue 1: As a Delegated Administrator (DA), when you try to configure the load balancer on the Network Controller Service, the service crashes with a NULL pointer exception.

Issue 2: When you try to configure VPN connections that are running on a Network Controller-managed gateway, VMM does not display the VPNServerAddress object on the VMM Console.

Issue 6: Creating Shielded VMs on Guarded Hosts on an untrusted network or on a perimeter network fails.

To get more info on all the fixes and solutions and read the KB you may need to change something in the Database! So no hit and run on the System Center  cumulative Updates. 

image

As you can see only 86 days left on this evaluation.

image

After the updates make sure the Hyper-v servers have the latest Agent version!

 

How to obtain and install CU1 for System Center 2016 VMM Technical Preview 5

Download information

Update packages for VMM are available by manual download.


Manual download of the update packages

Go to the following websites to manually download the update packages from the Microsoft Download Center:

Installation instructions
 
How to obtain and install Cumulative Update 2 for System Center 2016 Virtual Machine Manager Technical Preview 5
 
Download information
Update packages for Virtual Machine Manager are available by manual download.
Manual download of the update packages
Go to the following websites to manually download the update packages from the Microsoft Download Center:

DownloadDownload the Server update package now.

Add your Azure Subscription v1 only to System Center Virtual Machine manager 2016 #SCVMM #Azure #MSCloud   Leave a comment

When you are testing Virtual Machine Manager (VMM) in System Center 2016 and you want to connect your Azure Subscription connected you need a Certificate and publish this is the admin portal. But as you thought he cool I can access all my resource groups VM’s and my old VM’s eh no VMM 2016 Preview can only manage  the old VM’s.

To do this go to the VMM Console and Add Subscription

image

Easy as it is fill in the blanks

The Display name is the name you want and has no pointer to Azure

the Subscription ID is directly linked to Azure this is where your VM’s are

image

The Certificate we need to make this by hand.

First the Subscription ID go to the Azure.com portal and in the Subscriptions there is the ID.

image

image

Next we need a Certificate for a selfsigned certificate we can use Makecert but what fun is that .

Makecert.exe

https://robertsmit.wordpress.com/2015/05/01/manage-azure-with-system-center-2012-r2-virtual-machine-manager-scvmm-2012-r2-ur6/

 

Create a new self-signed certificate

You can use any tool available to create a self-signed certificate as long as they adhere to these settings:

  • An X.509 certificate.
  • Contains a private key.
  • Created for key exchange (.pfx file).
  • Subject name must match the domain used to access the cloud service. > You cannot acquire an SSL certificate for the cloudapp.net (or for any Azure related) domain; the certificate’s subject name must match the custom domain name used to access your application. For example, contoso.net, not contoso.cloudapp.net.
  • Minimum of 2048-bit encryption.
  • Service Certificate Only: Client-side certificate must reside in the Personal certificate store.

There are two easy ways to create a certificate on Windows, with the makecert.exe utility, or IIS.

Makecert.exe

This utility has been deprecated and is no longer documented here. Please see this MSDN article for more information.

Create a Certificate with Powershell

there is a new command in powershell : New-SelfSignedCertificate

this is how we create a certificate quick and easy and I also exported the Certificate

#Create new Certificate
$cert = New-SelfSignedCertificate -Subject AzureVMM01 -FriendlyName AzureVMM01 -Type Custom -CertStoreLocation "Cert:\currentuser\My" -KeyExportPolicy ExportableEncrypted -KeyLength 2048 -KeySpec KeyExchange

#set password for PFX
$password = ConvertTo-SecureString -String "P@ssw0rd" -Force -AsPlainText

#Export Certificate
Export-PfxCertificate -Cert $cert -FilePath "c:\cert\scvmm16azure.pfx" -Password $password

# to use this certificate in the Azure management portal export it to a .cer file
Export-Certificate -Type CERT -Cert $cert -FilePath "c:\cert\scvmm16azure.cer"

 

image

Now that the Certificate is exported I can upload this in the Old Azure V1 portal

image

Go to Settings and Management Certificates at the bottom there is a upload link.

image

Select the fresh created Certificate with the right subscription ( must be the same as the ID picked earlier )

image

Now that the Azure Certificate is in place I check browse and see the local certificate also.

image

After these steps we see the subscription in the console

image

here you can manage the VM’s with out the Azure v1 Portal.

As the the Resource Group option is still unavailable you can Vote for this in the user https://systemcentervmm.uservoice.com

Add Azure Resource Manager Stack based Azure VMs to the subscription view

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

  • Twitter

  • Follow

    Get every new post delivered to your Inbox.

    Join 2,027 other followers

    %d bloggers like this: