Administrator Guide
Table Of Contents
- Dell Hybrid Cloud System for Microsoft Cloud Platform System Standard Version 1.5 Administrators Guide based on release 1803
- Overview
- Administration
- What to do first
- Next steps
- Managing Dell Hybrid Cloud System for Microsoft
- Creating tenant VM networks
- Adding tenant VM networks to the cloud
- Flagging the operating system VHD in the VM templates
- Enabling guest-specified IP addresses in VMM
- Creating additional tenant storage shares
- Using Windows Azure Pack
- Default Windows Azure Pack configuration
- Before you go into production
- Setting up tenant portal access on an isolated network
- Replacing self-signed certificates
- Disabling the tenant AuthSite and the admin Windows AuthSite websites
- Updating to a Security Token Service and re-establishing trust
- How to open the management portal for administrators
- How to open the management portal for tenants
- Offering services to tenants
- Optional configuration
- Automating tasks for efficiency
- Windows Azure Pack API reference content for developers
- Configuring disaster recovery protection
- Operations
- Monitoring
- Backup and recovery
- Onboard to Azure Backup
- Default backup schedule and retention policy
- DPM protection groups
- Disable machine account password rotation on management VMs
- Protecting tenant VMs
- Recovering VMs and databases—high level
- Recovering from management component failures
- Recovering a tenant VM
- Recovering DPM from DPM failures
- Adding extra disks to DPM
- Monitoring DPM
- Using the Dell Hybrid Cloud System for Microsoft data consistency runbooks
- Updating the Dell Hybrid Cloud System for Microsoft
- Shutting down and starting up the stamp
- Security
- Appendix A Expanding the stamp
- Appendix B Performing a factory reset
- Appendix C Retrieving cluster names, host names, and IP addresses
- Appendix D Ports and protocols
Figure 72. WAPCerts
The root folders for the Windows Azure Pack websites are named MgmtSvc-*, where * is the name of the Windows Azure Pack
service—for example, MgmtSvc-TenantSite.
In each root level folder, there is a second-level folder that is the name of the VM on which the certicate is installed. This folder
contains the following les:
• The exported .pfx le
• A Java Script Object Notation (JSON) representation of the certica
te—.json le
• A text le wher
e you can view the certicate subject name, expiration date, and other information.
Step 2 Obtain certica
tes from a trusted certication authority and copy
the .cer les to a share
1 If you have not already, obtain one or more certica
tes from a trusted certication authority, as described in
Obtain a Certica
te on
the Microsoft website.
2 On the Console VM, follow the same procedure that you did earlier to create a UNC le shar
e for the trusted certication
authority .cer les. For example, create a le share that is named \\<
Prex
>CON01\TCAShare. Make sure that the <Prex>-System
account has Read/Write permissions.
3 Copy the certica
te (.cer) le or les to the share location.
NOTE: Notice that there may be both a root certica
tion authority certicate and an intermediate certication authority
certicate.
Step 3 Import the trusted root and intermediate certica
tion authority.cer
les to establish the certicate chain on each VM
This step establishes the correct certica
te chain of trust on each VM. A certicate chain consists of all the certicates that are needed to
certify the subject that is identied by the end certicate. For example, an intermediate certication authority certicate is linked to a root
Security 135