Administrator Guide
Table Of Contents
- Dell Hybrid Cloud System for Microsoft Cloud Platform System Standard Version 1.5 Administrators Guide based on release 1803
- Overview
- Administration
- What to do first
- Next steps
- Managing Dell Hybrid Cloud System for Microsoft
- Creating tenant VM networks
- Adding tenant VM networks to the cloud
- Flagging the operating system VHD in the VM templates
- Enabling guest-specified IP addresses in VMM
- Creating additional tenant storage shares
- Using Windows Azure Pack
- Default Windows Azure Pack configuration
- Before you go into production
- Setting up tenant portal access on an isolated network
- Replacing self-signed certificates
- Disabling the tenant AuthSite and the admin Windows AuthSite websites
- Updating to a Security Token Service and re-establishing trust
- How to open the management portal for administrators
- How to open the management portal for tenants
- Offering services to tenants
- Optional configuration
- Automating tasks for efficiency
- Windows Azure Pack API reference content for developers
- Configuring disaster recovery protection
- Operations
- Monitoring
- Backup and recovery
- Onboard to Azure Backup
- Default backup schedule and retention policy
- DPM protection groups
- Disable machine account password rotation on management VMs
- Protecting tenant VMs
- Recovering VMs and databases—high level
- Recovering from management component failures
- Recovering a tenant VM
- Recovering DPM from DPM failures
- Adding extra disks to DPM
- Monitoring DPM
- Using the Dell Hybrid Cloud System for Microsoft data consistency runbooks
- Updating the Dell Hybrid Cloud System for Microsoft
- Shutting down and starting up the stamp
- Security
- Appendix A Expanding the stamp
- Appendix B Performing a factory reset
- Appendix C Retrieving cluster names, host names, and IP addresses
- Appendix D Ports and protocols
• Searches for
.pfx les at \\host\share\WebSiteName\VMName\*.pfx
• If it nds no .pfx les a
t the VM level, it searches \\host\share\WebSiteName\*.pfx
• If it nds no
.pfx les at the website level, it searches \\host\share\*.pfx
• If it nds no .pfx les a
t all, it returns the following error message: Error, no .pfx le
Step 5 Update to the new trusted certica
tion authority certicate on
each component virtual machine
You must run a runbook to update to the new, signed certicates for the Windows Azure Pack website services, SMA, and SPF.
1 Create a PowerShell Credential asset. The password for this asset must match the password that was used to protect the private key
o
f the new certicates.
NOTE
: If you want to restore a certicate, this password must match the password you used in
Step
1.
a In the Windows Azure Pack management portal for administrators, click Automation in the navigation pane.
b On the
Automation page, click Assets.
c Click
Add Setting, and then in the Add Setting window, click Add Credential.
d In the Credential Type list, click PowerShell Credential.
e In the
Name box, type a name for the asset (for example, CertImport), and then click the Next arrow.
f In the
User Name box, enter a user name; for example, SMACred. This does not need to be an existing user in the domain, or
have any specic permissions.
g In the
Password and Conrm Password boxes, type a password. This password must match the password that was used to
protect the private key of the certicates that you want to import.
2 Run the Set-SslCerticate
runbook to update to the new trusted certication authority certicate. The SSL certicates must be
provided as .pfx les, and must include a private key protected by a password. The runbook takes the following parameters:
Table 40. Set-SslCerticate runbook parameters
Input Parameter Details
ComputerNames You must specify the computer names in JSON format.
• To update the certicates on both VMs, specify:
["<
Prex
>APA01" , "<
Prex
>-APT01"]
• To update the certicates on a single VM, specify:
["<
Prex
>APA01"] or ["<
Prex
>APT01"]
Fileshare The UNC le share that you created in the previous procedure to store the
new .pfx certicates; for example, \\<
Prex
>CON01\ImportCerts
PFXCredential The name of the PowerShell Credential asset that you created in the rst
step of this procedure; for example, CertImport
NOTE: Each time that you run the runbook, even if the runbook has a status of Completed, make sure that you check the output
for errors.
Step 6 Secure the shares that you created
You should take steps to secure the shares where you stored the certicate information. Or, alternately, you can remove sharing completely,
if so desired.
You can now:
138 Security