Tag: Windows Server 2016

Deploy and Configure Windows Admin Center in Azure VM

Deploy and Install Windows Admin Center in an Azure VM

The great thing about Windows Admin Center (WAC) you manage every Windows Server doesn’t matter where it is running. You can manage Windows Servers on-prem, in Azure or running at other cloud providers. Now if you want to use Windows Admin Center to manage your virtual machines running in Azure, you can use either an on-prem WAC installation and connecting it using a public IP address or a VPN connection, or you can deploy and install Windows Admin Center in Azure. This blog post will show you how you can deploy and install Windows Admin Center in an Azure virtual machine (VM).

How to deploy and install Windows Admin Center in an Azure virtual machine (VM)

With this guide, you can directly deploy and install a new Windows Admin Center gateway in an Azure VM. If you have already a VM deployed, you can also follow this guide to install Windows Admin Center manually. For the installation, we will use Azure Cloud Shell do run a PowerShell installation script.

Preparation

As mentioned we will run the installation script from Azure Cloud Shell. Optionally you can also install Azure PowerShell on your location machine and run the same steps for the installation on your local machine.

  1. Set up Azure Cloud Shell if you haven’t done it yet.
  2. Start the PowerShell experience in Cloud Shell.
  3. Optional: If you want to use your own existing certificate, upload the certificate to Azure Key Vault.

Installation

Now you can start with the installation process. First, you will need to download the installation script from the following URL. Navigate to your home directory and download the file using PowerShell.

Download Windows Admin Center with PowerShell in Cloud Shell

Download Windows Admin Center with PowerShell in Cloud Shell

# Navigate to your home directory
cd ~
 
# Download file
Invoke-WebRequest -Uri https://aka.ms/deploy-wacazvm -OutFile Deploy-WACAzVM.zip
 
# Expand Zip file
Expand-Archive ./Deploy-WACAzVM.zip
 
# Change Directory
cd Deploy-WACAzVM

After successfully downloading and unpacking the Windows Admin Center deployment script, you will need to modify a couple of parameters. I will use the default parameters to deploy a new Windows Server 2019 and generate a self-signed certificate. However, if you want to use other options, check out the script parameter list.

Configure Parameter

Configure Parameter

$ResourceGroupName = "demo-wac-rg"
$VirtualNetworkName = "wac-vnet"
$SecurityGroupName = "wac-nsg"
$SubnetName = "wac-subnet"
$VaultName = "wac-key-vault"
$CertName = "wac-cert"
$Location = "westeurope"
$PublicIpAddressName = "wac-public-ip"
$Size = "Standard_D4s_v3"
$Image = "Win2019Datacenter"
$Credential = Get-Credential
 
$scriptParams = @{
ResourceGroupName = $ResourceGroupName
Name = "wac-vm1"
Credential = $Credential
VirtualNetworkName = $VirtualNetworkName
SubnetName = $SubnetName
Location = $Location
Size = $Size
Image = $Image
GenerateSslCert = $true
}
./Deploy-WACAzVM.ps1 @scriptParams

This will deploy a new Azure virtual machine with Windows Admin Center installed and open the specific port 443 on the public IP address. You can find more install options and parameters to install WAC on an existing virtual machine or with an existing certificate on Microsoft Docs.

Deploy and Configure Windows Admin Center in Azure VM

Deploy and Configure Windows Admin Center in Azure VM

After the deployment has finished, simply click on the URL or IP address and it will open the Windows Admin Center portal.

Windows Admin Center Running in Microsoft Azure

Windows Admin Center Running in Microsoft Azure

I hope this gives you an overview about how you can deploy Windows Admin Center in an Azure VM. If you have any questions, please let me know in the comments.



Cluster Functional Level and Cluster Upgrade Version

Learn about Windows Server Cluster Functional Levels

A couple of weeks ago, I released a blog post about Hyper-V VM Configuration versions to give an overview about the version history of Hyper-V virtual machines. After that I had the chance to work with John Marlin (Microsoft Senior Program Manager High Availability and Storage) on a similar list of Windows Server Cluster Functional Levels.

Why Cluster Functional Levels are important

With Windows Server 2016, Microsoft introduced a new feature called Cluster OS Rolling Upgrade or Cluster Rolling Upgrade. This feature allows you to upgrade the operating system of the cluster nodes to a new version, without stopping the cluster. With mixed-OS mode, you can have for example 2012 R2 and 2016 nodes in the same cluster. Keep in mind that this should only be temporary, while you are upgrading the cluster. You can basically upgrade node by node, and after all nodes are upgraded, you then upgrade the Cluster functional Level to the latest version.

List of Windows Server Cluster Functional Levels

Since the feature Cluster OS Rolling Upgrade was first introduced with Windows Server 2016, you never really knew about Cluster Functional Levels before. However, it already existed since Windows Server NT4.

Windows Server VersionCluster Functional Level
Windows Server 201910.x
Windows Server 20169
Windows Server 2012 R28
Windows Server 20127
Windows Server 2008 R26
Windows Server 20085
Windows Server 2003 R24
Windows Server 20033
Windows Server 20002
Windows Server NT41

Tips and PowerShell

If you want to know more about Cluster OS Rolling Upgrade, you can check out the Microsoft Docs. Together with John, I created a quick list of some tips for you, and some of the important PowerShell cmdlets.

To check which Cluster Functional Levels your cluster is running on, you can use the following PowerShell cmdlet:

Get-Cluster | Select ClusterFunctionalLevel

If you have upgraded all nodes in the cluster, you can use the Update-ClusterFunctionalLevel to update the Cluster Functional Level. Also make sure that you upgrade the workloads running in that cluster, for example upgrade the Hyper-V Configuration Version or in a Storage Spaces Direct Cluster, the Storage Pool version (Update-StoragePool).

Update-ClusterFunctionalLevel

In Windows Server 2019 the Clustering team introduced a new PowerShell cmdlet to check how many nodes of the cluster are running on which level. Get-ClusterNodeSupportedVersion helps you to identify the Cluster Functional Level and the Cluster Upgrade Version.

Get-ClusterNodeSupportedVersion

Cluster Functional Level Get-ClusterNodeSupportedVersion

This means that the functional level is 10 (Windows 2019).  The Upgrade version column is what you can upgrade to/with, meaning 11.1 or Windows 2019 only.

Cluster Functional Level and Cluster Upgrade Version

This means your Cluster Functional Level is 10.

If you are running System Center Virtual Machine Manager, the Cluster OS rolling upgrade can be fully automated as well. Check out the Microsoft Docs for Perform a rolling upgrade of a Hyper-V host cluster to Windows Server 2016 in VMM.

To find out more about information Cluster operating system rolling upgrade, like how-to, requirements and limitations, check out the Microsoft Windows Server Docs page.



Azure Confidential Compute VM Deployment

Protect Workloads with Azure Confidential Computing

A year ago Microsoft announced that they were working on a new technology in Azure to protect and encrypt data in use, called Azure Confidential Computing. If you are moving sensitive data to the cloud, you also want to encrypt it. Today, you can do this for data in transit and data at rest. However, data in use is a challenge. Azure Confidential Computing addresses precisely that scenario and helps you to encrypt data in use. Microsoft was running a private preview program in the last year, and at Microsoft Ignite this year, Microsoft opened up a public preview.

What is Azure Confidential Computing

Azure Confidential Computing together with Intel SGX technology, addresses the following threads:

  • Malicious insiders with administrative privilege or direct access to hardware on which it is being processed
  • Hackers and malware that exploit bugs in the operating system, application, or hypervisor
  • Third parties accessing it without their consent

There are ways to secure data at rest and in transit, but you need to protect your data from threats as it’s being processed. Now you can. Confidential computing adds new data security capabilities using trusted execution environments (TEEs) or encryption mechanisms to protect your data while in use. TEEs are hardware or software implementations that safeguard data being processed from access outside the TEE. The hardware provides a protected container by securing a portion of the processor and memory. Only authorized code is permitted to run and to access data, so code and data are protected against viewing and modification from outside of TEE.



Install SNMP Feature on Windows Server Core

Install SNMP on Windows Server Core

If you run Windows Server as Core Installation, like Windows Server 2016 Core or any Microsoft Hyper-V Server edition and you want to use SNMP (Simple Network Management Protocol) on that system, you first have to install the SNMP feature on that Core Server. After that you can use the MMC to remotely connect to the services list on the Core Server.

Install SNMP on Windows Server Core

First lets see if the SNMP feature is installed, using PowerShell:

 
Get-WindowsFeature *SNMP*

By default the SNMP feature is not installed. To install the SNMP feature on Windows Server Core, you can run the following command:

 
Install-WindowsFeature SNMP-Service -IncludeAllSubFeature -Verbose


Windows Server FTP

Install FTP Server on Windows Server

Windows Server has IIS build in, which also offers an FTP server option. The File Transfer Protocol (FTP) is still a very popular protocol that allows users to simply upload and download files. Of course today you have more modern options, however, it is still very often used and a lot of legacy applications still support it. In this blog post, I wanna quickly go rough how you can install the FTP Server on Windows Server. I do this on a brand new Windows Server 2019 operating system, however, it didn’t really change since early Windows Server versions.

Install FTP Server Feature on Windows Server

Install FTP on Windows Server using PowerShell

First, you will need to install the FTP feature. I usually simply do that using PowerShell to install the FTP Server feature in Windows Server. You can also do that using the Server Manager. However, if you want to use PowerShell, you can use the following command:

 
Install-WindowsFeature Web-Ftp-Server -IncludeAllSubFeature -IncludeManagementTools -Verbose


Windows Admin Center Azure Backup

Set up Azure Backup in Windows Admin Center

With Windows Admin Center you have a great new web-based management experience for Windows Server. With Microsoft efforts to bring Hybrid Cloud capabilities closer to your on-premises systems, they added support for Azure Backup in Windows Admin Center. This allows you to simply configure Azure Backup for your Windows Server with a couple of clicks.

Setting up a cloud backup of a server is simple and saves you a lot of time and resources. It is especially great if you have a small environment in your datacenter or hosted at a different service provider, where having an own backup infrastructure doesn’t make much sense.

Configure Azure Backup in Windows Admin Center

Windows Admin Center Azure Backup

First you will need to register your Windows Admin Center to Microsoft Azure. This can be done in the settings of Windows Admin Center. If you haven’t done this yet, the wizard will guide you through. After this is done you can go to the Azure Backup Extension in Windows Admin Center and sign in. You can now configure Azure Backup directly in Windows Admin Center.

Configure Azure Backup in Windows Admin Center

This will Azure Backup client on Windows Server and as well as in Microsoft Azure. It will create the Recovery Services Vault and the necessary resources

Windows Admin Center Setting up Azure Backup

Register Recovery Services Resource Provider

If you get the error message “Error Failed to create Microsoft Azure Recovery Services Vault. Detailed error: Das Abonnement ist nicht für die Verwendung des Namespace  Microsoft.RecoveryServices” registriert.” You will need to register the Recovery Services Resource Provider in you Azure Subscription.

Register Azure Recovery Services Resource Provider

Configure and Recover from Azure Backup

Windows Admin Cenetr Azure Backup Settings

After Azure Backup is fully configured, you can see the configuration, the latest recovery points and you also will be able to recover data.

I hope this post was helpful and showed you how simple it is to back up your servers to the cloud using Windows Admin Center and Azure Backup. If you have any questions, feel free to leave a comment.

Configure Azure Hybrid Services in Windows Admin Center Video Series

I have created a short video series which shows how to set up the Azure Hybrid services directly from Windows Admin Center. You can start with the intro here and then follow the different videos, and check out our overview blog about Configure Azure Hybrid Services in Windows Admin Center.

Besides, you can also have a look at my other blog post about how to set up Azure hybrid cloud services.

Also, check out my blog post about Microsoft investments in Windows Server 2019. You can download Windows Admin Center here. If you have any questions, feel free to leave a comment.How to buy Azure Stack HCI Solutions

WAC is also part of the Azure Stack HCI solutions, check out my blog about it.



Windows Server 2019 Upgrade

Windows Server 2019 In-place Upgrade

As another part of my series for Windows Server 2019, this blog post covers the in-place upgrade feature. The in-place upgrade allows you to upgrade your existing LTSC versions of Windows Server 2012 R2 or Windows Server 2016 servers to Windows Server 2019. Windows Server 2019 In-place Upgrade will enable businesses to update to the latest version quickly. Especially if you have servers which you might need to install some dependencies for the applications. I saw a lot of customers who not have documented their server installations and neither used infrastructure as code to deploy them. For these customers, it can be hard to upgrade to newer versions of Windows Server. With the Windows Server 2019 In-Place Upgrade feature, this should get a lot easier. Especially since Windows Server 2019 brings a lot of improvements.

Upgrade Matrix

You can in-place upgrade to Windows Server 2019 from

If you run older versions of Windows Server, you might have to upgrade to Windows Server 2012 R2 or Windows Server 2016 first.

Windows Server Upgrade Path

Windows Server Upgrade Path (Image: Microsoft Docs)

To find out more about the in-place upgrade on the Microsoft Docs page.

How to in-place upgrade to Windows Server 2019

Windows Server 2016 upgrade to Windows Server 2019

To in-place upgrade to Windows Server 2019, insert the Windows Server 2019 media into the existing server, by attaching an ISO file, copying the sources, adding a USB drive or even a DVD drive and start the setup.exe.

Installing Windows Server 2019

The setup will discover the existing installation and will let you perform an in-place upgrade. The installation will run for a couple of minutes; it will take quite some time depending on the speed of your server hardware and the installed roles and features.

Microsoft MVP Didier Van Hoye did write a great blog post about Upgrade testing. In that blog post, he has a quick look at upgrading to Windows Server 2019.

You can also find an overview of what is coming new in Windows Server 2019, in my blog: Windows Server 2019 – What’s coming next.