Administrator Guide
Table Of Contents
- Dell Hybrid Cloud System for Microsoft Cloud Platform System Standard Version 1.5 Administrators Guide based on release 1803
- Overview
- Administration
- What to do first
- Next steps
- Managing Dell Hybrid Cloud System for Microsoft
- Creating tenant VM networks
- Adding tenant VM networks to the cloud
- Flagging the operating system VHD in the VM templates
- Enabling guest-specified IP addresses in VMM
- Creating additional tenant storage shares
- Using Windows Azure Pack
- Default Windows Azure Pack configuration
- Before you go into production
- Setting up tenant portal access on an isolated network
- Replacing self-signed certificates
- Disabling the tenant AuthSite and the admin Windows AuthSite websites
- Updating to a Security Token Service and re-establishing trust
- How to open the management portal for administrators
- How to open the management portal for tenants
- Offering services to tenants
- Optional configuration
- Automating tasks for efficiency
- Windows Azure Pack API reference content for developers
- Configuring disaster recovery protection
- Operations
- Monitoring
- Backup and recovery
- Onboard to Azure Backup
- Default backup schedule and retention policy
- DPM protection groups
- Disable machine account password rotation on management VMs
- Protecting tenant VMs
- Recovering VMs and databases—high level
- Recovering from management component failures
- Recovering a tenant VM
- Recovering DPM from DPM failures
- Adding extra disks to DPM
- Monitoring DPM
- Using the Dell Hybrid Cloud System for Microsoft data consistency runbooks
- Updating the Dell Hybrid Cloud System for Microsoft
- Shutting down and starting up the stamp
- Security
- Appendix A Expanding the stamp
- Appendix B Performing a factory reset
- Appendix C Retrieving cluster names, host names, and IP addresses
- Appendix D Ports and protocols
To x this condition, do the f
ollowing:
1 In
Active Directory Users and Computers, expand the Dell Hybrid Cloud System for Microsoft OU, and then click the <
Prex
>-
Fabric account.
2 Right-click the account, and then click
Reset Password.
3 Change the password.
4 Clear the check box for the User must change password at next logon option, and then click
OK.
5 Close
Active Directory Users and Computers.
6 Open the VMM console.
7 In the
Settings workspace, expand Security, and then click Run As Accounts.
8 Right-click the
<
Prex
>-Fabric Run As account, and then click Properties.
9 Type the same password that you set in Active Directory Users and Computers. Click OK, and then close the VMM console.
10 Try running the MCPasswordReset
script again.
Rotating Windows Azure Pack encryption keys
Windows Azure Pack for Windows Server uses encryption algorithms, encryption keys, and passwords to secure communications between
the databases and users in the management and tenant portals.
You can reset Windows Azure Pack account encryption keys if you believe they have been compromised or accessed by unauthorized
users; or as part of periodic, regular security maintenance.
NOTE: Before you run Windows Azure Pack encryption key rotation runbooks, we strongly recommend that you back up the SQL
Serv
er databases, and all Windows Azure Pack VMs. For information about how to do this, see
Backup and recovery .
Use the following runbooks for password and encryption key rotation. You must run them in the listed order.
Table 37. Runbooks for Encryption
Runbook Name Description Order
Reset-MgmtSvcCoreEncryption.ps1 Rotates encryption keys for sites on <Prex>APA01. 1
Reset-MgmtSvcPublicEncryption.ps1 Rotates encryption keys for sites on <Prex>APT01. 2
To run the runbooks:
1 Sign in to the Windows Azure Pack management portal for administrators with an account that is a member of the <
Prex
>-Ops-
Admins group.
2 On the Automation page, click Runbooks.
3 Find and run the Reset-MgmtSvcCoreEncryption runbook.
4 Find and run the Reset-MgmtSvcPublicEncryption runbook.
Managing antivirus and antimalware
The following sections discuss strategies for dealing with malware and virus threats.
Overview of default antimalware conguration
During Dell Hybrid Cloud System for Microsoft deployment, Microsoft does the following:
1 Sets up VMM to install update baselines on managed servers.
2 Sets up Windows Server Update Services to automatically approve antimalware updates.
130 Security