Windows Admin Center Azure Connection

Windows Admin Center is a new, locally-deployed, browser-based management tool set that lets you manage your Windows Servers with no Azure or cloud dependency. Windows Admin Center gives you full control over all aspects of your server infrastructure and is particularly useful for managing servers on private networks that are not connected to the Internet.

With every new version there are new plugins or options in Windows Admin Center so you server management is getting easier and quicker. In this blog I will show you how to build a point to site VPN from a windows server 2019 with Windows Admin Center. You will need the Insiders preview For this. 

The Azure Network Adapter extension in Windows Admin Center "automates the configuration for the Azure Virtual Network gateway as well as the on-premises VPN client," Microsoft’s announcement explained.

 

The setup of point-to-site VPN connections is enabled by using an Azure Network Adapter network extension in Windows Admin Center. In the Server manager under network there is the option to add the Azure VPN

Do the Azure Network adapter (ANA) + and If you are not registered to Azure already in the Windows Admin Center then you need to do this first.

Do the Register Windows Admin Center to azure.

Do Register, Remember you need to enable Popups I your browser is you are not allowing this.

Copy the Code and use this in the next login windows.

Paste the Code into the screen and you are sign in into Azure.

The next steps are importand as most of us don read the text and just press next. ‘-)

We select a tenant what to use in the Azure portal. You can find the right ID in you Azure Active directory

By doing Properties you will see the Tenand ID

Do register.

As Most do next and complaining it doesn’t work see the text :

Require permissions then click Grand permissions on YES. So go to the Azure portal

You’ll need to visit the Azure portal to grant permissions to the application:

Go to the Azure AD app registration

Select ‘Settings’ > ‘Required permissions’, then click ‘Grant Permissions’ > ‘Yes’

If you for get this step the popup will fail and you can’t add the network.

Now we can really begin with the Azure VPN connection. #ANA

Fill in the details your subscription and location with the network.

 

If you don’t have a Azure network you need to create one first in the Azure portal, as a Point to site connection is connection to you azure network.

After a few moments you can see in the Azure Portal that the Gateway is created.

Note: The creation could take much longer (~25 minutes) if the Azure Virtual Network gateway needs to be created. In this case it is I did not have a gateway.

Once your Point-to-site VPN is “Connected” your server now has a connection to the Azure Virtual Network.  The server will be able to communicate to any Azure resources in the Virtual Network.

In the Windows Admin Center you get a nice detailed overview of the connection. Once your Point-to-site VPN is “Connected” your server now has a connection to the Azure Virtual Network.  The server will be able to communicate to any Azure resources in the Virtual Network.

On the Client you see also the extra networks. I created Two extra Point to Site connections. to two different subscriptions.  just to see if this was working.

To test if the connection was working I connect to a Azure VM by the internal IP.

The internal network IP of the Azure VM.

As you can see the Created certificates to Azure are on the Windows server 2019.

See how easy this is!

---

Ready to give it a shot!?  Try out Azure Network Adapter in the Windows Admin Center Version 1809!
Note: Windows Admin Center Version 1809 will be released in September.

---

Previously creating hybrid cloud connectivity required expertise in networking, certificate management, and even infrastructure setup and maintenance.  Now with the Azure Network Adapter in Windows Admin Center (version 1809), hybrid connectivity can be configured with the click of a button!  The Azure Network Adapter automates the configuration of the Azure Virtual Network gateway and VPN client installation for you!

 

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Robert Smit MVP Linkedin profile

Google  : Robert Smit MVP profile

Windows Server 2019 USB file Witness

This blog post is the first of a series on Windows Server 2019. #MSIgnite is coming and there will be a lot of new features coming. So in preparation I’ll show you what is changed and how to build things in Windows Server 2019. In this there is a upgrade and some new functions to the Cluster.

1. Hybrid: Windows Server 2019 and Windows Admin Center will make it easier for our customers to connect existing on-premises environments to Azure. With Windows Admin Center it also easier for customers on Windows Server 2019 to use Azure services such as Azure Backup, Azure Site Recovery, and more services will be added over time.
2. Security: Security continues to be a top priority for our customers and we are committed to helping our customers elevate their security posture. Windows Server 2016 started on this journey and Windows Server 2019 builds on that strong foundation, along with some shared security features with Windows 10, such as Defender ATP for server and Defender Exploit Guard.
3. Application Platform: Containers are becoming popular as developers and operations teams realize the benefits of running in this new model. In addition to the work we did in Windows Server 2016, we have been busy with the Semi-Annual Channel releases and all that work culminates in Windows Server 2019. Examples of these include Linux containers on Windows, the work on the Windows Subsystem for Linux (WSL), and the smaller container images.
4. Hyper-converged Infrastructure (HCI): If you are thinking about evolving your physical or host server infrastructure, you should consider HCI. This new deployment model allows you to consolidate compute, storage, and networking into the same nodes allowing you to reduce the infrastructure cost while still getting better performance, scalability, and reliability.

 

Installing the Windows Server 2019 is not different than 2016. There is an extra disk space warning menu.

As an upgrade I want to keep my files.

If you need to free up more disk space then there is a little warning. It may happen that the screen needs to refresh before you see the confirm option.

The upgrade is starting depending on the server speed it will take some time. 

After the upgrade is done and the first logon the Server manager is starting and there is a popup of would you like to install Windows Admin Center.

 

Now that the upgrade is done we can take a look at the Cluster Changes. First if we check the Cluster Functional Level with PowerShell.

Get-Cluster | Select ClusterFunctionalLevel

This is now Version 10

• Windows Server 2012 R2 functional level value of 8
• Windows Server 2016 functional level value of 9
• Windows Server 2019 functional level value of 10

 

The other big change is the placement of your witness files. this can now be on a USB device.

One of the quorum models for Failover Clustering is the ability to use a file share as a witness resource.  As a recap, the File Share Witness is designated a vote in the Cluster when needed and can act as a tie breaker in case there is ever a split between nodes (mainly seen in multi-site scenarios). See also my other blog posts https://robertsmit.wordpress.com/category/clustering/ 

This means NO kerberos, NO domain controller, NO certificates, and NO Cluster Name Object needed, and NO account needed on the nodes.

Simply plug your USB drive into the port in the router and get into your router’s interface.  In there, you can set up your share name, username, and password for access.  Use the PowerShell command above pointing it to the router and share, and you are good to go.  To answer your next question, this works with SMB 2.0 and above.  SMB 3.0 is not required for the witness type.

Setting up the share on my network device

Next is setting the Witness, this can only be done with PowerShell.

Set-ClusterQuorum -FileShareWitness \\SERVER\SHARE -Credential $(Get-Credential)

A credential popup, and type your account and password.

After this check your cluster and you can see the Witness is set.

 

Other Cluster Changes are there but not direct visible in the Gui PowerShell is needed/

When comparing the Storage space section there are some other options and more. Not all options are new some have a different value.

 

Windows Server 2019                                                                                                          Windows Server 2016

One of these changes is S2DBusTypes in Windows Server 2016 it has a value of 0 but it could be changed if you had different storage. (not supported)

I created a blog post about this to add USB storage to build a SOFS with clustered storage spaces. So enabling the options I start Building My Scaleout File Server with My USB thumbdrive Storage.

https://robertsmit.wordpress.com/2015/05/18/building-usb-sofs-with-storage-spaces-direct-s2d-ws2016/

With a little help of this STORAGE_BUS_TYPE enumeration on MSDN we could do Fun things with some old disks.

https://msdn.microsoft.com/en-us/library/windows/desktop/ff800833(v=vs.85).aspx

 

In server 2019 it has a value of 396288 which is the the number of the supported disk types for Storage spaces direct.

S2DBusTypes                           : 396288

Changing these values is not best practice and could brake your cluster. Or bring unstable situations. 

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Robert Smit MVP Linkedin profile

Google  : Robert Smit MVP profile

Share this:

In the Azure portal every day there are some changes some are big others are minor.

In this blog I show you the change in the VM creation.

When Creating a NEW VM you can see the change now there are several tabs and the best part is you can jump forward with out filling in all the fields.

Creating the NSG port rules.  Select which virtual machine network ports are accessible from the public internet. You can specify more limited or granular network access on the Networking tab.

Creating the NSG directly

The Identity Settings with the Auto-Shutdown and even select the backup

I think this layout is much better and gives you a better overview on the VM creation with all the options.  Hope this will be there for the Containers also

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Robert Smit MVP Linkedin profile

Google  : Robert Smit MVP profile

Share this:

The new new tool Windows Admin Center is THE tool to use when managing your Environment you can install this on almost any server (no Domain Controller) but even this device needs a reboot from time to time. Therefor we make the Windows Admin Center High available. When installing this on a cluster the Tools gets better uptime. And is there when you need it. The resources that are used is minimal.

Windows Admin Center is a new, locally-deployed, browser-based management tool set that lets you manage your Windows Servers with no Azure or cloud dependency. Windows Admin Center gives you full control over all aspects of your server infrastructure and is particularly useful for managing servers on private networks that are not connected to the Internet.

Windows Admin Center is the modern evolution of "in-box" management tools, like Server Manager and MMC. It complements System Center – it’s not a replacement.

First we take our cluster, in this case my test cluster witch runs all kinds of load.

Get the latest Windows Admin center build. http://aka.ms/WACDownload

save this on the Cluster node, and remember you can’t run Windows Admin Center with IE – Internet Explorer!

When checking this I saw the Cluster team create already a Powershell Script to make the WAC HA. so there goes my blog.

Well You can run the PowerShell Scripts. But that’s no Fun.  but I understand if you are busy and or you don’t want to know what is behind the script.

https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/deploy/high-availability

In this case I do it all manual, well not all there are some good parts in the Script

First we need a Certificate, I use a self signed and yes this needs to be changed every 90 days

Fill in the Variables 

$clientAccessPoint="mvpwac03"
$tmpPassword = "Temppassword"
$certPath = "c:\temp\sme3.pfx"
#####
Write-Output "Creating self signed certificate"
    $domain= (Get-WmiObject win32_computersystem).Domain
    $dnsName = $clientAccessPoint+"."+$domain
    $cert = New-SelfSignedCertificate -DnsName $dnsName -CertStoreLocation "cert:\LocalMachine\My" -NotAfter (Get-Date).AddMonths(3)
    $certPassword = ConvertTo-SecureString -String $tmpPassword -Force -AsPlainText
    $cert | Export-PfxCertificate -FilePath $certPath -Password $certPassword | Out-Null 

 

Import the Certificate

$cert.Import($certPath, $certPassword,’DefaultKeySet’)

Save the Thumbprint for later

$cert.Thumbprint

Now We are installing the Windows Admin Center , I use a preview but get the latest version here http://aka.ms/WACDownload

Don’t forget the trusted site checkbox.

Here is the Thumbprint that is used in the Certificate , Next is installing the Windows Admin Center.

Now that Windows Admin Center is installed We are almost ready.

The next steps are stopping the services and set this to manual as the Failover Cluster Manager controls the run status

Set-Service ServerManagementGateway -startuptype "manual"
Stop-Service ServerManagementGateway

Now that this is ready we need to think about the file location as this is currently on the C drive.

And we don’t want to have two or more configurations. there for we place this on the CSV volume.

Copy all the file into the CSV volume folder

When this is done we are adjusting the Services.

 

$staticAddress="10.255.255.222"
$portNumber="443"
$smePath="C:\ClusterStorage\vdisk20\ux"
$certThumbprint="1D243A17BBD62271DA0DF8EE4FF0FD65C5AE5A37"
$clientAccessPoint="mvpwac03"
$registryPath = "HKLM:\Software\Microsoft\ServerManagementGateway\Ha"

    New-ItemProperty -Path $registryPath -Name IsHaEnabled -Value "true" -PropertyType String -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name StoragePath -Value $smePath -PropertyType String -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name Thumbprint -Value $certThumbprint -PropertyType String -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name Port -Value $portNumber -PropertyType DWord -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name ClientAccessPoint -Value $clientAccessPoint -PropertyType String -Force | Out-Null
    $staticAddressValue = $staticAddress -join ‘,’
    New-ItemProperty -Path $registryPath -Name StaticAddress -Value $staticAddress -PropertyType String -Force | Out-Null
   
    New-ItemProperty -Path HKLM:\Software\Microsoft\ServerManagementGateway -Name InstallDir -Value $smePath -PropertyType String -Force | Out-Null
    New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\ServerManagementGateway -Name ImagePath -Value $smePath\sme.exe -PropertyType String -Force | Out-Null

   
    #grant permissions to Network Service for the UX folder
    $Acl = Get-Acl $UxFolder
    $sID = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-20")
    $Ar = New-Object  system.security.accesscontrol.filesystemaccessrule($sID,"FullControl","ContainerInherit,ObjectInherit","None", "Allow")
    $Acl.SetAccessRule($Ar)
    Set-Acl $UxFolder $Acl

 

After running this the path changed to the CSV location and the HA values are there

 

The Windows Admin Center HA values are there.

The last step on this cluster node is creating the cluster resource.

$staticAddress="10.255.255.222"
$clientAccessPoint="mvpwac03"
$registryPath2 = "SOFTWARE\Microsoft\ServerManagementGateway\Ha"
   
Add-ClusterGenericServiceRole -ServiceName ServerManagementGateway -Name $clientAccessPoint -CheckpointKey $registryPath2 -StaticAddress $staticAddress

Remember the HA cluster resource does not need the  HKLM:\ as in the other variables.

Now we have installed the Windows Admin Center in the Cluster.  For all the other nodes in the cluster we need to do almost the same.

Or we could export the Register keys and add them in the nodes as we already placed the files on the CSV and created a cluster resource.

All the other nodes don’t have a Windows Admin Center services. Using the register keys is working but you will need a reboot.  As we create first a fake services and then place the regkeys no reboot is needed. Or just import the register keys and do a reboot of the node.

New-Service -Name ServerManagementGateway -DisplayName "Windows Admin Center" -BinaryPathName "C:\ClusterStorage\vdisk20\ux"

First regkey <>

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManagementGateway]
"Version"="1.1.24609.0"
"InstallDir"="C:\\ClusterStorage\\vdisk20\\ux"
"SmePort"="443"
"UseHttps"="1"
"DevMode"=""
"DataEncryptionCertificateThumbprint"="83D5FBC5AD758C2B23BADBD83117AC5EAA0E8F2B"
"RedirectPort80"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManagementGateway\Ha]
"IsHaEnabled"="true"
"StoragePath"="C:\\ClusterStorage\\vdisk20\\ux"
"Thumbprint"="1D243A17BBD62271DA0DF8EE4FF0FD65C5AE5A37"
"Port"=dword:000001bb
"ClientAccessPoint"="mvpwac03"
"StaticAddress"="10.255.255.222"

 

Second Regkey <>

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ServerManagementGateway]
"Type"=dword:00000010
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"ImagePath"="C:\\ClusterStorage\\vdisk20\\ux\\sme.exe"
"DisplayName"="Windows Admin Center"
"ObjectName"="NT Authority\\NetworkService"
"Description"="Windows Admin Center"
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,00,00,00,00,d0,07,00,00,00,00,00,00,d0,07,00,00,00,00,00,00,00,00,00,00
"Environment"=hex(7):43,00,4f,00,4d,00,50,00,55,00,54,00,45,00,52,00,4e,00,41,\
  00,4d,00,45,00,3d,00,4d,00,56,00,50,00,57,00,41,00,43,00,30,00,33,00,00,00,\
  5f,00,43,00,4c,00,55,00,53,00,54,00,45,00,52,00,5f,00,4e,00,45,00,54,00,57,\
  00,4f,00,52,00,4b,00,5f,00,46,00,51,00,44,00,4e,00,5f,00,3d,00,4d,00,56,00,\
  50,00,57,00,41,00,43,00,30,00,33,00,2e,00,6d,00,76,00,70,00,2e,00,6c,00,6f,\
  00,63,00,61,00,6c,00,00,00,5f,00,43,00,4c,00,55,00,53,00,54,00,45,00,52,00,\
  5f,00,4e,00,45,00,54,00,57,00,4f,00,52,00,4b,00,5f,00,48,00,4f,00,53,00,54,\
  00,4e,00,41,00,4d,00,45,00,5f,00,3d,00,4d,00,56,00,50,00,57,00,41,00,43,00,\
  30,00,33,00,00,00,5f,00,43,00,4c,00,55,00,53,00,54,00,45,00,52,00,5f,00,4e,\
  00,45,00,54,00,57,00,4f,00,52,00,4b,00,5f,00,4e,00,41,00,4d,00,45,00,5f,00,\
  3d,00,4d,00,56,00,50,00,57,00,41,00,43,00,30,00,33,00,00,00,00,00

With this in place all nodes can run Windows admin center in HA mode, but it will not run on IE. and this is the only default browser on the server. To test if it is working you will need Edge or Chrome.

As you can see it is not that simple to make things high available. Using the Powershell scripts provided by microsoft But if using these script you need to rename the MSI file if you are using the insiderspreview or any other build that is not named as ServerManagementGateway.msi

WindowsAdminCenterPreview1808.msi rename to ServerManagementGateway.msi 

You can deploy Windows Admin Center in a failover cluster to provide high availability for your Windows Admin Center gateway service. The solution provided is an active-passive solution, where only one instance of Windows Admin Center is active. If one of the nodes in the cluster fails, Windows Admin Center gracefully fails over to another node, letting you continue managing the servers in your environment seamlessly.

High-availability deployment scripts from Windows Admin Center HA Setup Scripts zip file. Download the .zip file containing these scripts to your local machine and then copy the scripts as needed.

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Robert Smit MVP Linkedin profile

Google  : Robert Smit MVP profile

Share this:

It is a true honor to get awarded for the 10th time as an Microsoft Most Valuable Professional (MVP).

I received an e-mail from Microsoft and I am happy, honored and proud to share that I have been re-awarded as Microsoft Most Valuable Professional (MVP) 2019

The Microsoft Most Valuable Professional (MVP) program is, according to Microsoft, given to “technology experts who passionately share their knowledge with the community”. It is a distinction that Microsoft awards to non-Microsoft employees who help other members of the development communities, either by answering (correctly!) to questions in forums, writing blog posts, presenting at events, making sample code available, among others. The award is granted on a yearly basis and it is possible to receive it multiple times. It is a way for Microsoft to show their appreciation to those who care and spend their time helping others. Above all and in addition to their amazing technical abilities, MVPs are always willing to help others – that’s what sets them apart.

I was first awarded MVP in 2009, back then I was in a category called High Availability which got merged into Cloud and Datacenter Management. I those days Tech-Ed was the Ignite from now and Symon Perriman was Program Manager – Server Clustering & High Availability. I was very busy with SQL Cluster and File Cluster. As Building MOM (Microsoft Operations Manager) packs to monitor all kinds of applications. I was involved in In a lot off beta testing, so I may have gotten Microsoft’s attention.

MVPs don’t receive any payment whatsoever from Microsoft. We don’t have to follow their instructions or are in any way told what to do, but we do have a code of conduct and are bound to certain rules, like, do not disclose confidential information that we are given by Microsoft.

One of the benefits of being a Microsoft Most Valuable Professional (MVP) is the chance to attend the Global Summit. The MVP Global Summit is where all the MVPs in the world get together in Bellevue and Redmond, WA. In recent years, it was usually held in November, but this year got moved close to Spring (March 4-7).

To Keep my MVP Award I’m doing Ask the Experts / Ask me anything on the Cloud Roadshows / Techdays or other events where possible. Answer Community Questions where I can.  Be a Windows Insider get you the Early bit of the software and is a great place to meet other community members.  As the Microsoft Tech Community  has his own platform with great options to connect to other members. There are also a lot of Yammer groups, As Azure Advisory and Azure previews. This makes it also hard to BLOG, not that there is no content or time (well a bit) there are great items but as the most is covered with the NDA. It is waiting on the release moments of the products so that I can release the blogs, often I write blogs from the first versions and in the final release the screens or options are different. But it is a great way to help shape the product and interact with the product teams and do interviews or join product group sessions.

Next to my job as EMEA Cloud Solution Architect with Insight.com This roll ask also a lot of my time and I don’t know how long I can keep up doing both. But for now I’m real happy to be re-awarded as Microsoft Most Valuable Professional (MVP) 2019

Thank you Community for reading my blog , Follow me on twitter Thank You.

 

 

Again a big Thank You Community for following me and reading my blog Thanks

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Robert Smit MVP Linkedin profile

Google  : Robert Smit MVP profile

Share this:

Windows Admin Center is a new, locally-deployed, browser-based management tool set that lets you manage your Windows Servers with no Azure or cloud dependency. Windows Admin Center gives you full control over all aspects of your server infrastructure and is particularly useful for managing servers on private networks that are not connected to the Internet.

Windows Admin Center is the modern evolution of "in-box" management tools, like Server Manager and MMC. It complements System Center and Operations Management Suite – it’s not a replacement.

To get started get the latest version from the Windows insiders page.

Windows Admin Center also provides these solutions:

• Computer Management – Provides a subset of the Server Manager features for managing Windows 10 client PCs
• Failover Cluster Manager – Provides support for ongoing management of failover clusters and cluster resources
• Hyper-Converged Cluster Manager – Provides an all-new experience tailored for Storage Spaces Direct and Hyper-V. It features the Dashboard and emphasizes charts and alerts for monitoring.

So the installation is just a simple MSI file Downloaded here https://aka.ms/wacdownload

  

When not using a self signed certificate you can use your own certificate and add the thumbprint to the installation

You can also create your own self signed certificate and use a silent setup

New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname MVP16core10.mvp.local

Silent setup for Installing Windows Admin Center

msiexec /i WindowsAdminCenter1804.25.msi /qn /L*v log.txt SME_PORT=443 SSL_CERTIFICATE_OPTION=generate

msiexec /i WindowsAdminCenter1804.25.msi /qn /L*v log.txt SME_PORT=443 SME_THUMBPRINT=F377B0BC731AFB1F93558C035155DE148C6214F3 SSL_CERTIFICATE_OPTION=installed

 

After installing and opening the webpage there is a welcome screen. guess we all do the Skip Tour.

 

Adding servers is really easy.  do it manually or import a csv file

Now that Windows servers are added real time info is visible in the portal.

With the extra extensions new features are added to the Windows Admin Center WAC

Currently more and more add on extensions are added to the Windows Admin Center. this makes the tool even more important to use.

https://github.com/Microsoft/windows-admin-center-sdk/

There are some great extensions for Windows Admin center. like the Storage Migration preview or the DataOn extention. Or adding the login to the Azure AD.

In the services wen can add the Azure Active directory. Keep in mind once it set I couldn’t it set back to the local account.

For Connection to the Azure AD you need a little Powershell script download it here : https://aka.ms/WACAzureConnectScript

To allow the Windows Admin Center gateway to communicate with Azure to leverage Azure Active Directory authentication for gateway access, or to create Azure resources on your behalf (for example, to protect VMs managed in Windows Admin Center using Azure Site Recovery), you must first connect your Windows Admin Center gateway to Azure. You only need to do this once for your Windows Admin Center gateway – the setting is preserved when you update your gateway to a newer version.

To connect your gateway, you must run the New-AadApp.ps1 PowerShell script (there is also a hyperlink in the Windows Admin Center UI for this download, which is visible wherever you try to use an Azure integration feature for the first time), which creates a web application in Azure AD with the name "SME-gateway" and registers the application with the Windows Admin Center gateway. This allows Windows Admin Center to connect to Azure resources like Azure AD on your behalf. You can run the script from any computer that has access to the Windows Admin Center gateway and to Azure.

You need to install the AD powershell modules on the Server.

 
Install-Module AzureRM.Resources

Install-Module AzureAD

$cred = Get-Credential

.\New-AadApp.ps1 -GatewayEndpoint "https://mvp16core10.mvp.local" -Credential $cred

The Logon Box will appear and logon with your Azure Credentials.

Now that you are logged on you will see an App registration in your Azure AD.

If needed you need to give the App permissions

Close browser and login into the Windows admin center 

Windows Admin center will ask you for the Azure AD credentials

 

Keep in mind for Connection to the On premise Windows Admin Center you need to have WinRM firewall ports open to the WAC and WinRM enabled. but this is logical. The connection is over a Public IP or better a Site to Site VPN or express route connection.  Make sure your NSG is correct configured.

One on the nice options of WAC – Windows Admin Center is the HTML5 RDP connection. Quick and easy RDP into the VM.

Remember that I installed the extensions Storage migration service. ( this works only with server 2019)

The new Storage Migration servers will be added to the admin center. But optional server features must be added before usage.

the Above are the migration options. Migrate directly all your files to a Server 2019 or Azure Files storage

And on the Windows Server 2019 you must enable the following features.

.

And you need an orchestrator role therefore you need to install the RSAT Storage Migration Server tools

 

After this you can create a migration JOB to move all the files.

A full blog post from Ned Pyle gives in-depth details how to migrate the files 

https://blogs.technet.microsoft.com/filecab/2018/04/12/introducing-the-windows-server-storage-migration-service/

 

Next week there is the Windows Server Summit 2018 there will be more info about Windows server 2019 and Windows Admin Center.

Join the meeting!

Get started now

The Windows Server Summit is on June 26, 2018, but you can get started now by joining the Windows Insiders program and downloading the Windows Server 2019 preview. Don’t forget to also download Windows Admin Center, the evolution of Windows Server in-box management tools.

see you on June 26th!

 

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Robert Smit MVP Linkedin profile

Google  : Robert Smit MVP profile

Share this:

In Almost a week Microsoft is hosting a Virtual event:Windows Server Summit This year Windows Server reaches the incredible mark of 25 years in market. If you’re a Microsoft professional, you probably built your career on the Windows platform and we appreciate the trust you deposited on us. The launch of Windows Server 2019 later this year solidifies the importance of Windows Server on Microsoft’s hybrid strategy and now we want to help you take the next step in your career and support you in the journey of either move to the cloud, leverage cloud services on-premises, or evolve your datacenter infrastructure and applications.

Join us on Tuesday, June 26, 2018 for a virtual experience to learn tips and tricks for modernizing your infrastructure and applications—regardless of whether you’re running Windows Server on-premises or in the cloud.

• Save the date
• Sign up for updates

We’re just a week away from the Windows Server Summit. The event will be on June 26, 2018 at 9:00 AM Pacific Time. We have a packed agenda with tons of good content, lots of demos, and excellent speakers.

Erin Chapple, Director of Program Manager and Arpan Shah, General Manager of Azure Infrastructure Marketing will kick of the event with a keynote to discuss what’s new around Windows Server, Microsoft’s hybrid strategy, roadmap, and much more. After that, we dive into the new functionalities of Windows Server 2019 and Windows Admin Center.

 

Learn how to build the future with Windows Server

Explore the roadmap for Windows Server, discover new skills and best practices, and get your questions answered in conversations with the Microsoft experts behind our products.

Hybrid

Learn how Windows Server helps you integrate Azure services into your on-premises environment and how to better run Windows Server in Azure.

Security

Better security starts with the Operating System. Learn how Windows Server helps you elevate your company’s security posture.

Application platform

Containers are changing the way developers and operations teams run applications. Learn how Windows Server helps you modernize yours.

Hyper-converged infrastructure (HCI)

Windows Server 2016 introduced new HCI capabilities that are game-changers. Now, check what’s new around HCI for Windows Server 2019.

Sign up for updates

Get started now

The Windows Server Summit is on June 26, 2018, but you can get started now by joining the Windows Insiders program and downloading the Windows Server 2019 preview. Don’t forget to also download Windows Admin Center, the evolution of Windows Server in-box management tools.

We can’t wait to (virtually) see you on June 26th!

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Robert Smit MVP Linkedin profile

Google  : Robert Smit MVP profile