Archive for the ‘Azure’ Category

How to: Resize virtual machines in #Azure With #Powershell Multiple or Single virtual machines   Leave a comment

With the new VM sizes in Azure you may want to change the Size as you get more VM for less money. but remember the VM will restart! so better fi

RDSTWEAKERS.COM

But changing the VM by hand is a time consuming  job So Powershell could be very handy in this case. you can change the Vm size easily with a one-liner

So first we need to login into the azure Subscription.

Login-AzureRmAccount

If you have multiple Subscriptions you need to select the right subscription.

$subscrip=Get-AzureRmSubscription | Out-GridView -OutputMode Single -Title ‘Please select a Azure Subscription.’
Select-AzureRmSubscription -TenantId  $subscrip.TenantId

Get-AzureRmVM

image

 

$vm = Get-AzureRmVM -VMName MVPCB10 -ResourceGroupName RSG-VNET
$vm.HardwareProfile.VmSize = "Standard_D2_v3"
Update-AzureRmVM -VM $vm -ResourceGroupName RSG-VNET

Ok this seems nice but I have 50 VM’s that I like to change

#set new Size to VM
1..5 | % {
$vm = Get-AzureRmVM -ResourceGroupName RSG-VNET -VMName MVPCB1$_
$vm.HardwareProfile.VmSize = "Standard_D13_v2_Promo"
Update-AzureRmVM -VM $vm -ResourceGroupName RSG-VNET

}

Better But if you used random names then the above will not really help you in quick size changing. The next step would be selecting all the VM that needs to be changed and selecting a Size for changing. That sounds great but how to start ?

With the Out-GridView you can do great things. to bad that the price is not available in this.

image

 

The script would be like this :

 

$VMList = Get-AzureRmVm | Out-GridView -OutputMode Multiple -Title ‘Please select an Azure Virtual Machine to resize.’;
$TargetSize = Get-AzureRmVmSize -Location westeurope | Out-GridView -OutputMode Single -Title ‘Please select a target Azure Virtual Machine size.’;
foreach ($VM in $VMList) {
  Write-output "Resizing Microsoft Azure Virtual Machine" $VM.Name "in Resource Group" $VM.ResourceGroupName "to size" $TargetSize
 
  Update-AzureRmVm -VM $VM -ResourceGroupName $VM.ResourceGroupName -Verbose
}
Get-AzureRmVm

After this the VM’s are all changed in a other Size.

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

https://rdstweakers.com

Posted July 18, 2017 by Robert Smit [MVP] in Azure

Tagged with

How to start with Azure Cloud Shell The beginning #Azure #ACS #shell #Storage   Leave a comment

Microsoft just released the Azure Cloud Shell option in the Azure Portal. here is a quick step by step on how to use this and how to add this with storage explorer when creating a storage account.

Azure CLI 2.0 is optimized for managing and administering Azure resources from the command line, and for building automation scripts that work against the Azure Resource Manager

https://docs.microsoft.com/en-us/cli/azure/install-azure-cli

Azure Cloud Shell

Azure

a LRS storage account is created on your behalf with an Azure file share containing a default 5-GB disk image.

This disk image is used to sync and persist your $Home directory. Regular storage costs apply. Three resources will be created on your behalf:

  • Resource Group named: cloud-shell-storage-<region>
  • Storage Account named: cs-uniqueGuid
  • File Share named: cs-<user>-<domain>-com-uniqueGuid

image

imageimage

So that’s it. To easy? 

As the default help shows you with  az account list you get a list off your azure subscriptions

Azure Cloud Shell

For selecting the right subscription when creating resources 

  • az account set –subscription "MVP-platforms"

Remember using options use – and not like in powershell –

Now creating a Resource group in the selected Subscription

  • az group create –name clustermvp –location westus

image

So very handy on quick creating items in the shell, Still I prefer PowerShell but that’s my thing and I see the options of this and It is a nice new feature.

Quick on creating a new storage account and get the right connection

create a new storage account

  • az storage account create  –resource-group clustermvp –location westus –name clustermvp –sku Standard_LRS –kind Storage

image
 
Now you need to get the connection string to use

az storage account show-connection-string –resource-group clustermvp –name clustermvp

image

Copy the connection string for usage in storage explorer or other usage.

image

Using the connection string in storage explorer

 

imageimage

Fully working string.

image

If you want to know more about the Azure CLI check the docs site on azure CLI

https://docs.microsoft.com/en-us/cli/azure/install-azure-cli

 

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Posted May 14, 2017 by Robert Smit [MVP] in Azure

Tagged with

Free ebook Microsoft Azure Essentials and Windows Server 2016 #Free #Azure #CloudOS   Leave a comment

There are some great Ebooks around and now there is a second edition of Microsoft Azure Essentials: Fundamentals of Azure Introducing and also a free ebook Introducing Windows Server 2016. Both Books a very handy For starting or as introducing the Windows Server 2016.

Free ebook: Microsoft Azure Essentials: Fundamentals of Azure, Second Edition

 Microsoft Azure Essentials: Fundamentals of Azure, Second Edition (ISBN 9781509302963), by Michael Collier and Robin Shahan

 

 

 

 

 

 

 

 

Microsoft Azure is Microsoft’s cloud computing platform, providing a wide variety of services you can use without purchasing and provisioning your own hardware. Azure enables the rapid development of solutions and provides the resources to accomplish tasks that may not be feasible in an on-premises environment. Azure’s compute, storage, network, and application services allow you to focus on building great solutions without the need to worry about how the physical infrastructure is assembled.

This book covers the fundamentals of Azure you need to start developing solutions right away. It concentrates on the features of the Azure platform that you are most likely to need to know rather than on every feature and service available on the platform. This book also provides several walkthroughs you can follow to learn how to create VMs and virtual networks, websites and storage accounts, and so on. In many cases, real-world tips are included to help you get the most out of your Azure experience.

In addition to its coverage of core Azure services, the book discusses common tools useful in creating and managing Azure-based solutions. The book wraps up by providing details on a few common business scenarios where Azure can provide compelling and valuable solutions, as well as a chapter providing overviews of some of the commonly used services not covered in the book.

 

Free ebook: Introducing Windows Server 2016

Introducing Windows Server 2016 (ISBN 9780735697744), by John McCabe and the Windows Server team.

Windows Server has powered a generation of organizations, from small businesses to large enterprises. No matter what your area of expertise, this book will introduce you to the latest developments in Windows Server 2016. Each chapter has been written by either field experts or members of the product group, giving you the latest information on every improvement or new feature that is included in this version of Windows Server.

 

 

 

 

   

 

 

 

 

 

Windows Server has powered a generation of organizations, from small businesses to large enterprises. No matter what your role in IT, you can be guaranteed you that have touched Windows Server at some point in your career or at very least you have seen it from afar! This book introduces you to Windows Server 2016, which is the next version of Windows Server. No matter what your area of expertise, this book will introduce you to the latest developments in Windows Server 2016.

Each chapter has been written by either field experts or members of the product group, giving you the latest information on every improvement or new feature that is included in this version of Windows Server. This information will help you to prepare for Windows Server 2016 and give you the means to develop and design a path to introduce Windows Server 2016 into your environment and take full advantage of what is to come. This book is being written at a time when the product is still evolving and it should be noted that things might change or not appear in the final version of Windows Server 2016 when released. All guidance in the chapters is meant to be tried and evaluated in a test environment; you should not implement it in a production environment.

This book assumes that you are familiar with key concepts surrounding Windows Server (i.e., Microsoft Hyper-V, Networking, and Storage) as well as cloud technologies such as Microsoft Azure. In this book, we cover a variety of concepts related to the technology and present scenarios with a customer focus, but it is not intended as a how-to or design manual. You can use other sources, including the online Microsoft resources, to stay up to date with the latest developments on the roles and features of Windows Server 2016. The online resources will also contain the latest how-to procedures and information about designing a Windows Server 2016 infrastructure for your business.

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Posted October 6, 2016 by Robert Smit [MVP] in Azure

Tagged with

OMS Network Performance Monitor #MSOMS #NPM #Azure   2 comments

When Using OMS you can benefit of the Network Performance Monitor (NPM), that helps you perform near real-time monitoring of network performance parameters (such as packet loss and network latency) and localize network faults. It not only detects network performance issues, but it also localizes the source of the problem to a particular network segment or device to make it easy for you to locate and fix a network performance issue.

OMS Network Performance Monitor (NPM)

You can detect network issues with the solution dashboard which displays summarized information about your network including recent network health events, unhealthy network links, and subnetwork links that are facing high packet loss and latency. You can drill-down into a network link to view the current health status of subnetwork links as well as node-to-node links.

So what to do to get the full benefit of the NPM.

Deploying NPM involves four basic steps.
1. Enabling the solution on your OMS workspace
2. Installing the OMS agents
3. Configuring the OMS agents
4. Configuring the solution.

Diagram that shows how the solution works.

I Assume you already have the OMS Agent in place and connected and reporting to OMS,if not below are two screens on how to enable the NPM and installing the Agent. And a lot of cool new features are there.

imageimage

Installing the OMS agent Windows Or Linux.

 

OMS Network Performance Monitor (NPM)

Firewall ports are required to be opened on the servers so that the agents can connect to each other.

Run the script without any parameters in a power shell window with administrative privileges. This script creates few registry keys required by NPM and creates windows firewall rules to allow agents to create TCP connections with each other

The port opened by default would be 8084. You have the option of using a custom port by providing the parameter ‘portNumber’ to the script. However, the same port should be used on all the machines where the script is executed.

Note that the script will configure only windows firewall locally. If you have a network firewall you should make sure that it is allowing traffic destined for the TCP port being used by NPM

OMS Network Performance Monitor Agent Configuration Script

OMS Network Performance Monitor (NPM)

Now that the solution is enabled we can configure some networks. All the networks are discovered by the Agent and it will turn-up automatically.

 OMS Network Performance Monitor (NPM)

You can Add a new network ( read this as a Name ) as we give the IP subnet a name and link the subnet to the network

image

Give the network a name and link the subnet to It

image

And don’t forget to save the network. now that the networks have names it is easier to understand the networks.

When looking at the nodes you can easily see what networks the machine is using

image

The monitoring of the networks

image

If you don’t want to monitor Certain networks you can disable the monitoring of this network.

 

Set monitoring rules

Network Performance Monitor generates health events about the connectivity between a pair of nodes or subnetwork or network links when a threshold is breached. These thresholds can be learned automatically by the system or you can configure them custom alert rules.

The Default rule is created by the system and it creates a health event whenever loss or latency between any pair of networks or subnetwork links breaches the system-learned threshold. You can choose to disable the default rule and create custom monitoring rules

OMS Network Performance Monitor (NPM)

In the monitoring rules you can create a special rule set say for the SQL server , Webservers or DMZ / ISCSI networks with each a set of his own rules.

With all this in place and when things are running you may need to tweak the thresholds a bit.

image

There a great in depth overviews and you can adjust them to drip down.

image

Normally this is not the best view for a network but this is a test lab and machines are not always running.

Topology Dashboard

If you click the View topology map link, you will see the hop-by-hop topology of the routes between the source and destination nodes. The unhealthy routes or hops will be colored in red, which will help you to quickly localize the problem to a particular section of the network.

 

image

And if you want to get more detail about your network drill down and adjust the time setting from 7 days to 6 hours

image

to get a Daily overview with OMS Network Performance Monitor with the data based on 6 hours

image

Get a good view of the latency of your network between servers/ HOP’s

Log Analytics search

All data that is exposed graphically through the Network Performance Monitor dashboard and drill-down pages is also available natively in Log Analytics search. You can query the data using the search query language and create custom reports by exporting the data to Excel or PowerBI. The Common Queries blade in the dashboard has some useful queries that you can use as the starting point for creating your own queries and reports.

More and more new OMS features are coming so I guess the data Size is still Growing

 

image

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Posted August 26, 2016 by Robert Smit [MVP] in Azure, MSOMS

Tagged with , ,

Azure Server management tools Manage your servers from anywhere #servermgmt #Azure #SMT   Leave a comment

Server management tools is an Azure service that offers a set of web-based GUI and command line tools to manage Windows Servers. This is especially useful when managing headless servers such as Nano Server and Server Core. These tools also provide rapid access to your on-premises infrastructure in a common dashboard alongside your Azure resources, thereby providing a consistent management experience across your infrastructure. Server management tools supports a set of basic server diagnostic tools.  The Tools are working on Windows Server 2012,Windows Server 2012R2,Windows Server 2016 and Nano Server

Server management tools requires a gateway which can be configured on any server in your environment. The gateway enables communication between the Microsoft Azure portal and your Windows Server machines, whether on-premises in your infrastructure, or hosted in a cloud provider.

A while a go I already created a blog post on this but as there are so many new features a fresh post is in place.

https://robertsmit.wordpress.com/2016/02/12/azure-server-management-tools-offers-a-set-of-web-gui-tools-to-manage-azurestack-servers-rsmt-asmt/

Even now that my wish on the Uservoice is added to the Service Management Tools #SMT the tools are getting better all the time.

How are things working below is a schematic overview.

server management tools

 

A Server management tools gateway is required to enable communication between the Microsoft Azure portal and your Windows Server 2016 machines. A gateway is typically deployed and configured on the same local network as the Windows Server machine(s) you wish to manage. The machine must have an internet connection.

Building the Connection go to Azure and look for Server Management Tools

server management tools

check the Server Management tools and a new right screen will open

server management tools

Just check Create.

imageserver management tools

A common mistake is give the computer name and the gateway the same name. but this will Fail!!

Important Item In the Computer name and the Gateway name can’t be the same name It can but you will not be able to manage this server remotely.

image

provide the NAME/IP/FQDN of the machine you want to connect to ( so not the GATEWAY SERVER )

If this is the first Server management tools connection you are creating, you will also need to choose to create a new Server management tools gateway and give it a name. You will be prompted to complete the gateway configuration after the Server management tools connection is created.

 

Configuring a new Server management tools Gateway

image

When creating the gateway you need to do little configuration on the Gateway server local

server management tools

I choose for automatic updates and you will need to generate a link with the gateway package

 

image

check the generate a package link and use this link to install the gateway

https://pdrsmtrppreviewneu.blob.core.windows.net/ce12af764058e42b8a603d3c2c77f1915/gateway.

image

 

  1. Use the generated link to download the gateway deployment package now, or copy the link URL to download the package later from the machine on which you intend to install the package.

  2. From the machine that you want to designate as the gateway, unzip the package and run GatewayService.MSI.

  3. Once the gateway installation completes, return to the Microsoft Azure portal and reopen your Server management tools connection.

  4. You should now be able to manage your Windows Server 2016 machine if the Microsoft Azure portal can reach it through the gateway.

server management tools

server management toolsserver management tools

now that the Gateway is installed you should see a OK status in the Azure console if not you need to do some extra settings.

After OK status

image

In case the Ok is not showing check your Firewall or past the rule below in the Firewall

NETSH advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow

If you wish to connect using the local Administrator account, you will need to enable this policy on the target machine by running the following command in an administrator session on the target machine:

REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1

And if the WinRM settings are not in place you will need to set the correct winrm settings as well,

winrm set winrm/config/client @{ TrustedHosts="10.255.255.59" }

Change the IP with your own server when you set this on the manage server the trusted host must be the gateway server.

Now that the Service Management Tools Gateway is in place and working the Service Management Tools Connections needs configuration and this is where all the magic happens.

server management tools

when opening the Service Management Tools Connections you will need to set the administrator credentials else you can’t connect and do stuff on your server.

 

image

You can save the Credentials or Fill the in every time you need the Service Management Tools Connections for you server. A new feature is Persist credentials

The ability to save the credentials used to manage the target machines. From the credential entry dialog, you can opt to store credentials securely. The credentials are first encrypted using standard AES 256 encryption and then securely stored within Azure. These credentials can only be decrypted using the certificate which is stored in the Server management tools gateway. When you go to manage an instance, the encrypted credentials are passed down to the Server management tools gateway for decryption, and are then used to process all management requests on the target machine. Even though the credentials are securely stored in Azure, the on-premises certificate provides an additional level of security because only your gateway can decrypt the stored credentials since only your gateway has the certificate used to encrypt them. The certificate used to encrypt the credentials is never passed to Azure and the Azure service will never have access to unencrypted user credentials.

 

image

A brief overview of the server you can customize the view but the more you put in the overview the slower the content is showing in the browser. Unless you need it.

A long list of options and server management tools are there and the list is getting longer, File Explorer,Firewall rules and PowerShell script saving and Certificate manager are all new to the Service Management Tools Connections.

image

 

PowerShell script editor enhancements

The script editor is now equipped with basic file browsing capabilities. You can browse through the files on the target machine and open an existing script. You can create a new script or modify an existing one and save it on the target machine.

Script editor is now also integrated with your Azure Blob storage. You can save your scripts in your blob and make them available across all your servers and to other members of the subscription.

image

image

As the script editor can save the scripts or open the scripts from a blob account so you don’t need to type everything for each server

imageimage

the one thing is missing here is creating a Storage Account. this would be handy if you could create one here.

 

image

On the Storage account you can create a container for you files or if you already have one place the files in this container.

imageimageimage

But when you don’t want to place the files in Azure and leaf them on your server this is also an option.

image image

the File Explorer is a great option to look and use files on the Server and when you look at the storage you will see all the drives and what a great feature it shows even unhealthy drives.

The Certificate manager is also new to the server management tools

It brings the much needed ability to remotely manage certificates on targeted computers. With capabilities such as viewing all or a specific set of certificates, along with relevant event log channels, it helps you to find the root cause of certificate related issues. You can also import, export and delete certificates.

As you can see I  play a lot with the Certificates on the Hyper-V server guess it is time to do some certificate cleaning.

image

 

 

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Posted August 25, 2016 by Robert Smit [MVP] in Azure

Tagged with

Microsoft Azure Active Directory and Office 365 Readiness Wizard integration with your on-premises AD #Office365   Leave a comment

In this blog post I connect my Office 365 with my on premise Active Directory Based on the Azure AD Connect

Before you start installing Azure AD Connect, make sure to download Azure AD Connect and complete the pre-requisite steps in Azure AD Connect: Hardware and prerequisites.

Azure AD Connect allows you to quickly onboard to Azure AD and Office 365

Integrating your on-premises directories with Azure AD makes your users more productive by providing a common identity for accessing both cloud and on-premises resources. With this integration users and organizations can take advantage of the following:

  • Organizations can provide users with a common hybrid identity across on-premises or cloud-based services leveraging Windows Server Active Directory and then connecting to Azure Active Directory.
  • Administrators can provide conditional access based on application resource, device and user identity, network location and multifactor authentication.
  • Users can leverage their common identity through accounts in Azure AD to Office 365, Intune, SaaS apps and third-party applications.
  • Developers can build applications that leverage the common identity model, integrating applications into Active Directory on-premises or Azure for cloud-based applications

Azure AD Connect makes this integration easy and simplifies the management of your on-premises and cloud identity infrastructure.

 

image image

As using the Office 365 domain the .Local are useless you can’t resolve them over the internet.

 

Installing Microsoft Azure Active Directory Connect

When Installing Microsoft Azure Active Directory Connect you will need the pre-requisite steps in Azure AD Connect: Hardware and prerequisites.

image image

In the next steps you can customize the installation

image

I change the Default install Location

I use a dedicated SQL server that holds my Sync DB and this can be a my sql express DB.

I pre Created a Service Account that has the right amount of rights else you will see an account like MSOL_46396c1d8b6e.

 

imageimage

I used my 356 account and the password and I use Password sync.

 

imageimage

Connect my local Active Directory with my own local Account. Filling in the blanks and use Add Directory

imageimage

In the next steps you can customize the sync properties and the OU that you want to sync. If you pick the whole AD then all objects are synced and Deletion in the Web is not real funny.

imageimage

After I picked the OU for filtering we are ready for the first sync.

image image

as you can choose sync right now or later

imageimage

as you can see there is a new sync user created in Office 365

image

and on the server where you installed Microsoft Azure Active Directory Connect there is a troubleshooting tool

it can be found : C:\Program Files\Microsoft Azure AD Sync\UIShell\miisclient.exe

 

image

 

This is the installation on premise but you can also use the Office 365 Wizard to sync your AD.

Logon as an Office 365 Global Administrator and in the Admin Center Settings there is an Azure AD option

But Remember : When you are using a Free or trail subscription the usage of the Azure AD Free Version will not work you will need to use the Azure AD instead.

image

imageimage

Connecting to the Dirsync wizard and starting the Readiness Wizard will guide you to 3 steps

image

Step 1 a new popup will do the checks

image

A little download will popup

image

The Tools are installed and will run. If not make sure you have admin rights on the machine that is running this assistant

imageimage

Now that the scan is ready and completed we can see some details about the scan

image

my demo Ad is not that big

image

it also scans my Domains  / UPC records and shows me what is suitable and what not

image

my domains in the O365 suite

image

image

After correcting the domain setup I can use the domains for O365.

 

image

A little clean up is needed in my AD

image

The next step is installing Azure AD Connect I already did this above and I’m running this on the same machine so no problem to go further.

 

image

the last step and the AD sync is working.

imageimage

So this is all a lot of steps but basically it is al very simple when you have the right info and the domains setup up then you are good to go.

And remember don’t sync the entire AD just as test.

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Posted July 13, 2016 by Robert Smit [MVP] in Azure

Tagged with

#Azure Server Management Tools offers a set of web-GUI #tools to manage #AzureStack Servers #RSMT #ASMT   1 comment

Azure Server management tools is currently in preview. Any data collected by Server management tools will be stored in the US.!

As this is a preview you can play with this and it is Cool a nice web management. With the Management server you can manage your on premise AzureStack or Deploy a Template with SCVMM. or just turnoff al your domain controllers.  Oh ok I must re-think my security Policy.

As many Azure is External in some cases it is handled just like a server in a DMZ site. So “real dangerous” this is the Cloud directly connected to the WEB.

This DMZ is now turned and be able to manage your internal servers, what is some one has my azure account that has this gateway…. Well I think this is a cool new feature with a lot of new options. In fact I created a cluster in the Azure GUI but it is running on premises.   

Server management tools enables you to remotely manage machines running Windows Server 2016 Technical Preview. Currently, the tools offer the following capabilities:

  • View and change system configuration
  • View performance across various resources and manage processes and services
  • Manage devices attached to the server
  • View event logs
  • View the list of installed roles and features
  • Use a PowerShell console to manage and automate

The Server management tools connection is routed through a Server management tools gateway. When you create a new connection, you will have the opportunity to create a new gateway or select an existing gateway if one already exists in the same resource group. Click on Create to establish a connection to your Windows Server 2016 Technical Preview machine and start exploring the features available today.

Open your Azure management portal and search : Server management tools in the marketplace

image

Select the Server management tools and a new window opens with the network layout on how things are connected.

Image01

So Hit Create

image

The Create option opens a new menu with all kinds of options Name Subscription , Resourcegroup.

image

As this is my first server I create it all Fresh so no connections to other Resource Groups

image

Configuring a new Server management tools Gateway

If you are creating a new gateway, you will see the following status:

image

Click to open the Gateway Configuration page and read carefully and follow the directions to set up your on-premises machine or Azure VM as the gateway.

An Server management tools gateway is required to enable communication between the Microsoft Azure portal and your Windows Server 2016 machine. A gateway is typically deployed and configured on the same local network as the Windows Server machine(s) you wish to manage. The customized gateway deployment package below allows you to install the gateway software on a machine of your choice, and automatically configures the gateway profile to register with your Azure subscription. The deployment package must be run locally on the machine that you want to designate as the Server management tools gateway.

Steps to configure your gateway

image

Save the File on your Windows Server 2016

image

Use the generated link to download the gateway deployment package now, or copy the link URL to download the package later from the machine on which you intend to install the package.

  1. From the machine that you want to designate as the gateway, unzip the package and run GatewayService.MSI.

  2. Once the gateway installation completes, return to the Microsoft Azure portal and reopen your Server management tools connection.

  3. You should now be able to manage your Windows Server 2016 machine if the Microsoft Azure portal can reach it through the gateway.

image

The Extracted File is the installation file with the JSON config file.

A quick setup is needed on the Windows Server 2016.

imageimageimageimage

As you can see there is an extra Services running on the Windows Server 2016

image

When I do a Refresh in the Azure Resource Group.

image

The manage as command is there just go to the Manage As and fill in the server admin account to manage this server

 

image

Fill in the account I us a Local Account as in this scenario I’ll not jumping thru my domain. 

image

You have established a remote connection to your resource and are now able to perform management tasks on it through the Azure Portal.

image

Some errors here with no surprise My local Firewall and Remote management WINRM is not configured as the text below described.

Unable to connect to the server ‘mvpmgt01’: WinRM cannot process the request. The following error with errorcode 0x80090311 occurred while using Kerberos authentication: There are currently no logon servers available to service the logon request. Possible causes are: -The user name or password specified are invalid. -Kerberos is used when no authentication method and no user name are specified. -Kerberos accepts domain user names, but not local user names. -The Service Principal Name (SPN) for the remote computer name and port does not exist. -The client and remote computers are in different domains and there is no trust between the two domains. After checking for the above issues, try the following: -Check the Event Viewer for events related to authentication. -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport. Note that computers in the TrustedHosts list might not be authenticated. -For more information about WinRM configuration, run the following command: winrm help config.

Managing Workgroup machines

In order to manage workgroup machines (e.g. non-domain-joined Nano Servers), run this command as an administrator on the Server management tools gateway machine:

This setting is different than in the guide in Azure

winrm set winrm/config/client’@{TrustedHosts="< NAME OR IP >"}’

When creating a Server management tools connection to the workgroup machine, use the machine’s IP address as the computer name.

Additional connectivity requirements

If you wish to connect using the local Administrator account, you will need to enable this policy on the target machine by running the following command in an administrator session on the target machine:

REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1

If you wish to connect to a workgroup machine which is not on the same subnet as the gateway, run the following command in an administrator session on the target machine:

NETSH advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow

Now it is play time

image

image

As you can see you can manage the local server, there are more options like powershell and event viewer but this is not easy to use in the web-GUI

image

 

Happy Stacking

Robert Smit

Twitter: @clustermvp

Cloud and Datacenter MVP

Posted February 12, 2016 by Robert Smit [MVP] in Azure, AzureStack, Windows Server 2016

Tagged with

  • Twitter

  • %d bloggers like this: