Archive

Archive for December, 2014

Deploying System Center Operations Manager vNext

December 29, 2014 1 comment

Recently Microsoft released the preview version of their next release of Windows Server, Hyper-V and System Center as did Savision with Live Maps for System Center.

Note: This blog post was first published here : http://www.savision.com/resources/blog/installing-system-center-opsmgr-vnext-and-savision-live-maps-part-i-mvp-alessandro

You can download System Center vNext Preview here and Savision Live Maps from here.

To start, make sure of the following:

  1. You installed the SQL Server 2014 as the database server for the System Center vNext preview edition. To note, I run into SQL connectivity issues when I tried to use an SQL 2012 version, with a message stating that I did not have a compatible version of SQL installed. Whereas the documentation says that SQL 2012 is supported for vNext preview it is not the case.
  2. If the SQL Server is installed on a dedicated machine (recommended), that the host firewall is configured to allow inbound connections on port 1433 (SQL) , 80(http) and 443 (https)

  1. You installed Reporting Services (SSRS), Analysis Services and Full Text Search as it is required by Operations Manager.
  2. You created an account to install System Center and it is member of local administrators. For this post, I created an account named “sc-admin”.
  3. Logon on the machine you plan to install System Center with the “sc-admin”
  4. The “sc-admin” account has permissions to create a database in the installed SQL server. You can achieve this by either adding the account to the SQL server administrators when install SQL Server, of by adding the account using SQL Server Management Studio, by expanding Security->Logins and then creating a new login, adding the “sc-admin” account and selecting “sysadmin” as permission under Server Roles (preferable). You can also, if security is a concern, create a OperationsManager database and give the account DB Owner (dbo) permission.

     

    If the credentials you are using to install do not have permission to create the database you will receive the following message:

     

  5. The SQL Server Agent is started and set to automatic:

    Or else the following error will appear when the Reporting Services configuration times come in the Operations Manager installation wizard.

     

 

Quick Note: You will notice that although you are installing System Center Operations Manager vNext, the initial screen will show 2012R2 🙂

  1. To initiate the installation, click on Install and the Preview logo will appear

    I also recommend selecting the Download the latest updates to the setup program checkbox.


  2. Select the System Center features you want to install. For this post, I am selecting: Management Server, Operations Console and Reporting Server. Click Next to continue.

  3. In the Select Installation location, provide the path for Operations Manager installation and click on Next.

  4. Your system will now be checked for hardware and software against System Center requirements. If some requirements are missing it will appear on the screen for your resolution.

    The below example, Report Viewer is missing. To fix the issue, click on the to expand

     

     

    Note that in the above example there are two warnings: the first one about the system not having the recommended 4GB of memory and the second one about a pending restart. As I am installing this for a demo purpose, I can safely ignore the 1st warning, but I will have to click on Cancel and restart the machine in order to proceed the installation.

     

    Click on the link to download and install Report Viewer

     

  5. If no error is reported, click on Next to continue.
  6. In the Specify the installation option, select Create the first Management server in a new management group and provide the name. For this post I am using the name “lab” for the management group name.

  7. Click on Next to continue and accept the License terms and click on Next to proceed.

  8. In the configure operational database, type the SQL server name and port (if different for the default 1433)

  9. Click on Next to progress and to the next step where you will need to provide the Data Warehouse database configuration

 

  1. Click on Next to continue and in the next step confirm the SQL Server instance that is running the SQL Reporting Services and then click on Next to proceed.

  1. In the Configure Operations Manager accounts, provide the accounts details and click on Next to proceed.

  2. In the Help improve Operations manager, select the desired options and click on Next to proceed.

  3. In the Update screen select the desired option (On is recommended) and click on Next to proceed.

  4. On the Installation Summary, click on Install and wait for the installation to complete.

Now we have System Center Operations Manager successfully installed.

 

Advertisements

Cloud and Identity Access

December 8, 2014 1 comment

Identity and Access

Controlling who can access which resources is key for Cloud projects. Recently I was talking with a customer that has external users (partners) and internal users and the ability to  centralize and manage the access for those users is essential.

Azure provides ways for customers to federate user identities to Azure Active Directory as well as enabling  Multi-Factor Authentication and the new Role Based Access Control (RBAC) features can be used to restrict access and permissions for specific cloud resources.

Monitoring

To help detect suspicious access, Azure Active Directory offers reports that alert you to anomalous activity, such as a user logging in from an unknown device. In addition, operational logging and alerting capabilities can notify customers if someone stops a website or if a virtual machine is deleted. It is possible also to use an on premise System Center Operations Manager to monitor  the availability and performance of resources that are running on Windows Azure.

The reports provides up to 30 days of data representing key changes in the directory, providing the action, timestamp, the user/application that performed the action, and the user/application on which the action was performed.

Network

With new VNET-to-VNET connectivity, multiple virtual networks can be directly and securely linked to one another. In addition, ExpressRoute is now generally available, enabling customers to establish a private connection to Azure datacenters, keeping their traffic off the Internet. Building on those enhancements, Microsoft also introduced Network Security Groups  for easier subnet isolation in multi-tier topologies.

Security

Azure uses industry-leading capabilities, including recent enhancements to TLS/SSL cipher suites and Perfect Forward Secrecy, to encrypt content flowing over the internet between the customer and the Azure service

Microsoft is committed to advancing cloud security with a goal to not only meet, but exceed the level of protection most enterprises have in place on-premises or in their own datacenters. For the latest information on security features and best practices, visit the Microsoft Azure Trust Center.

Azure RemoteApp will be generally available on December 11, 2014

December 5, 2014 1 comment

Azure RemoteApp delivers Windows Server session-based applications from Azure.

Azure RemoteApp, enable users to access corporate applications from anywhere and on a variety of devices, scale up or down to meet the dynamic business needs without large capital expense or management complexity, and centralize and protect corporate applications with the security features and reliability of Azure.

Azure RemoteApp will be generally available on December 11, 2014.  Azure RemoteApp instances created during the current public preview period will continue to function as they do today. These instances will automatically transition to a 30-day free trial on December 11, 2014. The limit of two app collections and 10 users per instance will continue to be enforced during the free trial period. To remove these limitations, you can exit the free trial at any point and be charged the rates detailed on the Azure RemoteApp Pricing Details webpage.

For more information, please visit the Azure RemoteApp webpage. For a comprehensive look at pricing, please visit the Azure RemoteApp Pricing Details webpage.