System Center 2016 VMM Place template VM in Custom OU #sysctr #Cloud #Deploy #VM

when using VMM and deploying templates you not always want to place them in the default OU computers

But instead you want the Template Server 2016 places in OU TP5 and Hyper-V server directly placed in the OU Hyper-v.

Default there is no Gui item in the VMM console to do this. Say on the domain join tab place this VM in the Hyper-V OU

Instead of this you need to fill in the Value in Powershell. and Make a custom OU field.

You can Add Custom Properties as you like.

But first we are creating a Custom Guest OS profile this profile is the basis for the new build template and the Custom OU Placement.

Now that the Custom OS profile is in place we can check it there is a domain OU field

Get-SCGuestOSProfile

this shows us the field that we must fill in to get the right OU placement.

Get-SCGuestOSProfile |select Name

Get-SCGuestOSProfile -name "Guest OS 2016TP5"

Setting this in the OS profile

Get-SCGuestOSProfile -name "Guest OS 2016TP5" |Set-SCGuestOSProfile -DomainJoinOrganizationalUnit "OU=SCVMM16,DC=MVP,DC=local"

Now when I create a new template with this OS profile the VM is place in the SCVMM16 OU but it is not anywhere visible in the GUI.

and what if I have already build templates how to place them in Custom OU.

Yes you can do this. First I select all the templates to pick the right one

Get-SCVMTemplate |select name

$template = Get-SCVMTemplate | where {$_.Name -eq "ws2016G2"}
$template |select name

As I made the OU a variable :

$ou = "OU=SCVMM16,DC=MVP,DC=local"

Set-SCVMTemplate -VMTemplate $template -DomainJoinOrganizationalUnit $ou

So now the Template has a custom OU also.

But still there is no GUI property to show this. therefore go to the Template and create a Custom Property

go to the Manage custom Properties

Select Virtual Machine Template Properties give it a name “ custom OU “ and assign this to the template

Now that tis is assigned we can enable this in the GUI

But before we get any value in this field we need match this with the PowerShell Value DomainJoinOrganizationalUnit

Get-SCVMTemplate | %{ Set-SCCustomPropertyValue -InputObject $_ -CustomProperty $(Get-SCCustomProperty -Name "Custom OU") -Value $_.DomainJoinOrganizationalUnit }

As you can see there is an error this is because one template has no value.

Now With new deployments the VM’s will be places in the Custom OU

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

System Center 2016 VMM Current Updates installation | Cumulative Update 1 & 2

When testing with Windows Server 2016 and system Center 2016 you need to install the CU1 and CU2 update to get the best results. there are several fixes in these updates.

Issue 1: As a Delegated Administrator (DA), when you try to configure the load balancer on the Network Controller Service, the service crashes with a NULL pointer exception.

Issue 2: When you try to configure VPN connections that are running on a Network Controller-managed gateway, VMM does not display the VPNServerAddress object on the VMM Console.

Issue 6: Creating Shielded VMs on Guarded Hosts on an untrusted network or on a perimeter network fails.

To get more info on all the fixes and solutions and read the KB you may need to change something in the Database! So no hit and run on the System Center cumulative Updates.

As you can see only 86 days left on this evaluation.

After the updates make sure the Hyper-v servers have the latest Agent version!

How to obtain and install CU1 for System Center 2016 VMM Technical Preview 5

Download information

Update packages for VMM are available by manual download.

Manual download of the update packages

Go to the following websites to manually download the update packages from the Microsoft Download Center:

Download the Virtual Machine Manager Server update package now.

Download the Administrator Console (amd64) update package now.

Download the Administrator Console (i386) update package now.

Installation instructions

How to obtain and install Cumulative Update 2 for System Center 2016 Virtual Machine Manager Technical Preview 5

Download information

Update packages for Virtual Machine Manager are available by manual download.
Manual download of the update packages

Go to the following websites to manually download the update packages from the Microsoft Download Center:

Download Download the Server update package now.

Download the Administrator Console (amd64) update package now.

Download the Administrator Console (i386) update package now.

Add your Azure Subscription v1 only to System Center Virtual Machine manager 2016 #SCVMM #Azure #MSCloud

When you are testing Virtual Machine Manager (VMM) in System Center 2016 and you want to connect your Azure Subscription connected you need a Certificate and publish this is the admin portal. But as you thought he cool I can access all my resource groups VM’s and my old VM’s eh no VMM 2016 Preview can only manage the old VM’s.

To do this go to the VMM Console and Add Subscription

Easy as it is fill in the blanks

The Display name is the name you want and has no pointer to Azure

the Subscription ID is directly linked to Azure this is where your VM’s are

The Certificate we need to make this by hand.

First the Subscription ID go to the Azure.com portal and in the Subscriptions there is the ID.

Next we need a Certificate for a selfsigned certificate we can use Makecert but what fun is that .

Makecert.exe

https://robertsmit.wordpress.com/2015/05/01/manage-azure-with-system-center-2012-r2-virtual-machine-manager-scvmm-2012-r2-ur6/

Create a new self-signed certificate

You can use any tool available to create a self-signed certificate as long as they adhere to these settings:

An X.509 certificate.
Contains a private key.
Created for key exchange (.pfx file).
Subject name must match the domain used to access the cloud service. > You cannot acquire an SSL certificate for the cloudapp.net (or for any Azure related) domain; the certificate’s subject name must match the custom domain name used to access your application. For example, contoso.net, not contoso.cloudapp.net.
Minimum of 2048-bit encryption.
Service Certificate Only: Client-side certificate must reside in the Personal certificate store.

There are two easy ways to create a certificate on Windows, with the makecert.exe utility, or IIS.

Makecert.exe

This utility has been deprecated and is no longer documented here. Please see this MSDN article for more information.

Create a Certificate with Powershell

there is a new command in powershell : New-SelfSignedCertificate

this is how we create a certificate quick and easy and I also exported the Certificate

#Create new Certificate
$cert = New-SelfSignedCertificate -Subject AzureVMM01 -FriendlyName AzureVMM01 -Type Custom -CertStoreLocation "Cert:\currentuser\My" -KeyExportPolicy ExportableEncrypted -KeyLength 2048 -KeySpec KeyExchange

#set password for PFX
$password = ConvertTo-SecureString -String "P@ssw0rd" -Force -AsPlainText

#Export Certificate
Export-PfxCertificate -Cert $cert -FilePath "c:\cert\scvmm16azure.pfx" -Password $password

# to use this certificate in the Azure management portal export it to a .cer file
Export-Certificate -Type CERT -Cert $cert -FilePath "c:\cert\scvmm16azure.cer"

Now that the Certificate is exported I can upload this in the Old Azure V1 portal

Go to Settings and Management Certificates at the bottom there is a upload link.

Select the fresh created Certificate with the right subscription ( must be the same as the ID picked earlier )

Now that the Azure Certificate is in place I check browse and see the local certificate also.

After these steps we see the subscription in the console

here you can manage the VM’s with out the Azure v1 Portal.

As the the Resource Group option is still unavailable you can Vote for this in the user https://systemcentervmm.uservoice.com

Add Azure Resource Manager Stack based Azure VMs to the subscription view

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog

Install the OMS agent using GPO automation with Powershell OMS WorkSpace lookup #MSOMS #Azure

Suppose you want to deploy the OMS ( Microsoft Operations Management Suite ) Agent but you don’t want to do this by hand. Well Supposed you could run a Powershell script that installs the Agent. But in this case it is about deployments and a lot of VM’s are getting deployed and removed and you don’t want to put the Agent in the Template VM. I recently had to build a poor man’s lightweight deployment solution. As there is noting yet in the Cloud I used the good Old Active Directory.

https://www.microsoft.com/en-us/cloud-platform/operations-management-suite

So Old Skool deployment by GPO as you could use this for any file or solution. and yes Powershell could also be handy but in this case the VM’s can be remote controlled as the remote Port is firewalled.

Create a GPO in my case “ Deploy-OMS”

Edit the GPO

and Go to the Computer Settings right Click on the folder choose New and folder

I use Update the folder Pick a name

Now the GPO Creates a folder on all targeted Machines I did place this GPO on top be carful with that!

Next same as on the Folder new file

In this new file I’ll use the Source and destination keep in mind the destination is on the machine where the agent needs to be.

Do this for both files or if you have more then do this per file and If you want to limited this a bit there a a few options to do that.

the Apply once option and the Item-Level targeting based on your Query the GPO will Execute or Not. (this is not needed but it is optional )

As I used a CMD batch file you need to create one with your task

I used this one liner to install the OMS Agent use your own key and save this file as a CMD file

"c:\Package-deploy\MMASetup-AMD64.exe" /C:"setup.exe /qn ADD_OPINSIGHTS_WORKSPACE=1 OPINSIGHTS_WORKSPACE_ID=d69d8969-1111-4586-80f0-4a11bc111199c OPINSIGHTS_WORKSPACE_KEY=3zNTcggsfsfsdgjhkldsaOyQ0/dgMwsbdtrgQVPXqu== AcceptEndUserLicenseAgreement=1"

In case you can’t find the Workspace ID check your portal and go to the settings Dashboard. and get your info.

But In case you want to do a little bit of Powershell. OMS Powershell

First let me check if the Modules are installed if not Install the modules.

Find-Module AzureRM.OperationalInsights | Install-Module
Install-Module AzureRM.OperationalInsights -Scope CurrentUser
Get-Module AzureRm.OperationalInsights

Next we need to login to your Subscription

If you have Multiple subscriptions pick the right one

Select-AzureRmSubscription –SubscriptionId

#Get your WorkSpace ID
Get-AzureRmOperationalInsightsWorkspace |select Name,ResourceGroupName,CustomerId

I use these two as variable

$ResourceGroupName = "OI-Default-East-US"
$WorkSpaceName = "clustermvp"

Now we get the key that we needed.

Get-AzureRmOperationalInsightsWorkspaceSharedKeys -ResourceGroupName $ResourceGroupName -Name $WorkSpaceName

See how easy Powershell is just take baby steps find the info and you will learn every day step by step.

Follow Me on Twitter @ClusterMVP

Follow My blog https://robertsmit.wordpress.com

Linkedin Profile Http://nl.linkedin.com/in/robertsmit

Google Me : https://www.google.nl

Bing Me : http://tinyurl.com/j6ny39w

Manage Azure with System Center 2012 R2 Virtual Machine Manager #SCVMM 2012 R2 #UR6

With Update Rollup 6 for System Center 2012 R2 Virtual Machine Manager (VMM 2012 R2 UR6) you have the option to manage Azure Virtual machines.

What you can do with this feature
If you already manage your on-premises virtual machines in Virtual Machine Manager, you can use this feature to perform some very basic actions on Azure instances without leaving the VMM console. For example, you can do the following:

Add or remove one or more Azure subscriptions by using the VMM console.
See a list view of details and statuses of all role instances in all deployments in that subscription.
Manually update the list of instances.
Perform the following basic actions on the instances:
- Start
- Stop
- Shutdown
- Restart
- Connect through RDP

I tried to get this done all by PowerShell but it failed on me during lack of time to test this.

So basically you need a Azure Management Certificate

What you need to do is create a Certificate We use makecert and as you need the whole studio for just the makecert you can download the file from my onedrive http://1drv.ms/1GMrelk

What we need is just a display name , azure Subscription ID and a Certificate.

In my example you will need the Azure PowerShell Module.

You can download and install the Azure PowerShell modules by running the Microsoft Web Platform Installer. When prompted, click Run. The Web Platform Installer installs the Azure PowerShell modules and all dependencies. Follow the prompts to complete the installation.

First we make a self signed Certificate.

c:\makecert -sky exchange -r -n "CN=clustermvpazureFake" -pe -a sha1 -len 2048 -ss My "c:\clustermvpazureFake.cer"

Now that I have a Certificate I can upload this in my personal store.

Import-Certificate -FilePath "c:\clustermvpazureFake.cer" -CertStoreLocation ‘Cert:\currentuser\My’ -Verbose

sure you can do this manually but this is faster.

the next step is get my subscription ID

The basic steps to get my subscription is always the same get my publish file an list all my subscriptions

Import-Module Azure
Import-Module "C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\Azure\Azure.psd1"
Get-AzurePublishSettingsFile
Import-AzurePublishSettingsFile "c:\azureapril.publishsettings"
Get-AzureSubscription

Selecting my Subscription.

Select-AzureSubscription "MVP-Cluster"

Getting my ID in just some easy steps I get my ID

$getauzsub= Get-AzureSubscription | Where-Object {$_.Subscriptionname -eq "MVP-Cluster"}
$azuresubid = $getauzsub.SubscriptionId
$azuresubid

This ID You can copy past this from the PowerShell into the GUI and selecting my certificate that we just created and imported in the store.

And As you will get a warning : The Subscription could not be authenticated by azure. Ensure that your Certificate and Subscription ID are valid.

We forgot to Upload the Certificate to Azure.

As there are many post on the web to upload the management certificate with PowerShell it all failed on me. So we upload the certificate by hand.

Set-AzureSubscription -SubscriptionName $azuresubname -SubscriptionId $azuresubid -Certificate $getCert

Uploading the just created Certificate to Azure.

In the Azure portal go to settings on the bottom and select management Certificates

And on the bottom there is an upload option you can select the Certificate and the subscription just make sure this will be the same as in the VMM console

Now that the certificate is uploaded we go back to the VMM console and press finish and in a few seconds the Azure content is loaded in the VMM Console.

and Easy starting and stopping with the RDP is there real handy one step closer a a real hybrid Cloud.