Administrator Guide
Table Of Contents
- Dell Hybrid Cloud System for Microsoft Cloud Platform System Standard Version 1.5 Administrators Guide based on release 1803
- Overview
- Administration
- What to do first
- Next steps
- Managing Dell Hybrid Cloud System for Microsoft
- Creating tenant VM networks
- Adding tenant VM networks to the cloud
- Flagging the operating system VHD in the VM templates
- Enabling guest-specified IP addresses in VMM
- Creating additional tenant storage shares
- Using Windows Azure Pack
- Default Windows Azure Pack configuration
- Before you go into production
- Setting up tenant portal access on an isolated network
- Replacing self-signed certificates
- Disabling the tenant AuthSite and the admin Windows AuthSite websites
- Updating to a Security Token Service and re-establishing trust
- How to open the management portal for administrators
- How to open the management portal for tenants
- Offering services to tenants
- Optional configuration
- Automating tasks for efficiency
- Windows Azure Pack API reference content for developers
- Configuring disaster recovery protection
- Operations
- Monitoring
- Backup and recovery
- Onboard to Azure Backup
- Default backup schedule and retention policy
- DPM protection groups
- Disable machine account password rotation on management VMs
- Protecting tenant VMs
- Recovering VMs and databases—high level
- Recovering from management component failures
- Recovering a tenant VM
- Recovering DPM from DPM failures
- Adding extra disks to DPM
- Monitoring DPM
- Using the Dell Hybrid Cloud System for Microsoft data consistency runbooks
- Updating the Dell Hybrid Cloud System for Microsoft
- Shutting down and starting up the stamp
- Security
- Appendix A Expanding the stamp
- Appendix B Performing a factory reset
- Appendix C Retrieving cluster names, host names, and IP addresses
- Appendix D Ports and protocols
certication authority certica
te. To view the certicate chain, open the Certicates snap-in (Certmgr.msc), double-click the certicate,
and then click the Certication Path tab.
1 In the Windows Azure Pack management portal for administrators, click Automation, and then click Runbooks.
Depending on the number of certica
tes you have, and the certicate chain, you may have to run this runbook multiple times.
For example, say that you have one wildcard certicate that is registered at the domain level that you want to use for all sites on both
VMs. It has an intermediate certication authority certicate and a root certication authority certicate. In this case, you would run
the runbook two times.
• First, specify the share path of the root .cer le in CerPathName, and Root for StoreName in one run.
• Second, specify the share path of the intermediate .cer le f
or CerPathName, and CA as StoreName in the second run.
2 When you run the runbook, specify the following parameters:
Table 39. Runbook parameters
Input Parameter Details
CerPathName The full path and le name wher
e you saved the Internet Security Certicate (.cer) le in
Step 2; for example, \\<
Prex
>CON01\TCAShare\
lename
.cer
ComputerNames You must specify the computer names in JSON format.
• To import the
.cer le to both VMs, specify:
["<Prex>APA01" , "<Prex>-APT01"]
• To import the
.cer le to a single VM, specify:
["<Prex>APA01"] or ["<Prex>APT01"]
StoreLocation For SSL certica
tes, type LocalMachine.
StoreName Possible values include:
• Root
Use this value for the Trusted Root Certica
tion Authorities store.
• CA
Use this value for the Intermediate Certica
tion Authorities store
• MY
Use this value for the Personal store.
Step 4 Prepare the le shar
e with the new .pfx certicates
Prerequisites
• Before you do this step, make sure that the new certica
tes are in .pfx le format. If not, you can use the Certicates snap-in
(Certmgr.msc) to convert them. For more information, see the TechNet article
Export a certica
te with the private key (
http://
t
echnet.microsoft.com/library/cc737187(v=ws.10).aspx).
• Make sure that you know the password that was used to protect the private key.
Procedure
1 On the Console VM, create a le shar
e; for example, \\<
Prex
>CON01\ImportCerts. Make sure that the <Prex>-System account
has Read/Write permissions.
2 Do either of the following:
• If you are using one wildcard certicate for both VMs, and it is registered at the domain level (for example, *.contoso.com), go to
Step 3.
136 Security