1 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Hands-on Lab: Build and Manage a
Dev/Test Server Farm in the Cloud using Microsoft Azure Infrastructure Services Microsoft Azure Infrastructure Services provides cloud-based storage, virtual networks and virtual machines that can be provisioned on-demand to support lab, pilot or production application workloads. In this Hands-on Lab, youll build a functional Dev/Test lab environment that includes Active Directory, SQL Server and SharePoint Server 2013 virtual machines on a common virtual network running on the Microsoft Azure cloud platform, as depicted in blue in the figure below.
Youll be leveraging a Microsoft Azure FREE Trial Subscription program to build this cloud-based lab environment for development and test lab purposes. As you provision this lab environment, youll gain hands-on experience with the following management tools: Microsoft Azure Management Portal Windows PowerShell and the Microsoft Azure PowerShell Module System Center 2012 R2 App Controller System Center 2012 R2 Orchestrator After completing this hands-on lab document, you will be able to easily extend this lab environment with additional virtual machines if load-balancing and high availability are needed.
2 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Lab Requirements The following components are required to successfully complete this Hands-on Lab: A modern web-browser with HTML5 and Javascript enabled Remote Desktop Client connection software Internet connectivity Lab Conventions In this lab, well be using a naming convention of XXXlabYYY01 for some cloud resources, where XXX will be replaced with your unique initials and YYY will be replaced with an abbreviation representing the function of a virtual machine or Microsoft Azure configuration component, such as ad, db or web. Lets Get Started! In this step-by-step lab guide, you will learn how to: 1) Get Started with Microsoft Azure Infrastructure Services 2) Register a DNS Server in Microsoft Azure 3) Define a Virtual Network in Microsoft Azure 4) Configure Windows Server Active Directory in a Microsoft Azure VM 5) Configure SQL Server 2012 in a Microsoft Azure VM 6) Configure SharePoint Server 2013 in a Microsoft Azure VM 7) Provision Virtual Machines via Windows PowerShell for System Center 2012 R2 8) Manage Microsoft Azure with System Center 2012 R2 App Controller 9) Automate Microsoft Azure with System Center 2012 R2 Orchestrator 10) Shut down the On-demand Dev/Test Lab Environment Estimated time to complete: 3 hours COMPLETING LAB EXERCISES This Hands-on Lab Guide provides flexibility when completing exercises. If you are interested in provisioning SharePoint as part of your Dev/Test lab environment on Microsoft Azure, you can complete the exercises in the order written. However, if you are more interested in managing Microsoft Azure with System Center 2012 R2, you can complete Exercises 1-5 and then skip to Exercises 7-9. You can complete Exercise 6 later, as time permits. POWERSHELL BEGINNER? Some of the steps in this Hands-on Lab require typing PowerShell command lines. If youre new to PowerShell, weve made it easy to copy/paste these command lines into the appropriate virtual machine by providing a set of PowerShell snippets for these lab exercises. You can access these snippets at http://aka.ms/FY14H2AzureHOLSnippets from the browser on your local PC. BEFORE LEAVING TODAY be sure to complete Exercise 10 to shut down all running Microsoft Azure virtual machines to avoid continuing virtual machine compute charges. 3 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 1: Get Started with Microsoft Azure Infrastructure Services In this exercise, you will activate a free Microsoft Azure Trial Subscription and then setup two components that will be needed for the other exercises in this lab: a Microsoft Azure Affinity Group and a Microsoft Azure Storage Account. 1) Sign-up for your FREE Microsoft Azure Trial Account.
Sign-up for a FREE trial of Microsoft Azure at http://aka.ms/MicrosoftAzureFreeTrial so that you can follow along with the steps in this Hands-on Lab.
When signing up for a Free Trial subscription, you will be prompted to login with Microsoft Account (formerly Windows Live ID) credentials. If you do not have valid Microsoft Account credentials, you may create new credentials at https://signup.live.com.
Note: During the Free Trial sign-up process, you will be asked for credit card information to confirm that you are a legitimate free trial subscriber. Your credit card information is only used to confirm your identity and you will NOT be charged for any Microsoft Azure services unless you explicitly convert your trial subscription to a paid subscription at a later date.
2) Login to the Microsoft Azure Management Portal.
Login to the web-based Microsoft Azure Management Portal at http://manage.windowsazure.com with the same logon credentials you used to sign-up for the FREE Trial above.
Once youve logged in, you should see the main Microsoft Azure Management portal dashboard.
On the blue side navigation bar of the Microsoft Azure Management Portal, youll find the options for managing Virtual Machines, Virtual Networks, Storage and Settings in the cloud. These are the items well be primarily working with in this hands-on lab.
TIP! You may need to scroll the blue side navigation bar up and down to see all of the options.
3) Define a new Microsoft Azure Affinity Group.
Affinity Groups in Microsoft Azure are used to group your cloud-based services together, such as Virtual Machines, Virtual Networks and Storage, in order to achieve optimal performance. When you use an affinity group, Microsoft Azure will keep all services that belong to your affinity group running within a common cluster of resources in the same datacenter region to reduce latency and increase performance.
a) Create a new Affinity Group by selecting Settings from the blue side navigation bar in the Microsoft Azure Management Portal. You may need to scroll the blue side navigation bar down to see this selection.
b) On the Settings page, select the Affinity Groups tab on the top navigation bar.
4 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
c) Click the +ADD button on the bottom navigation bar.
d) On the Create Affinity Group form, enter the following details:
Name: Enter a unique name for your new Affinity Group, such as labag01
Region: Select your closest Microsoft Azure datacenter sub-region.
Click the button to create a new Affinity Group.
4) Create a new Microsoft Azure Storage Account.
Virtual Machines that are provisioned in Microsoft Azure are stored in the world-wide cloud-based Microsoft Azure Storage service. In terms of high availability, the Storage service provides built-in storage replication capability where every VM is replicated to three separate locations within the Microsoft Azure data center region you select. In addition, Microsoft Azure Storage provides a geo- replication feature for also replicating your VMs to a remote data center region.
a) Create a new Storage account by clicking the +NEW button on the bottom toolbar in the Microsoft Azure Management Portal and then select Data Services | Storage | Quick Create.
b) Complete the following fields for creating your Storage account:
URL: Enter a globally unique DNS hostname for your new storage account, such as XXXlabstor01 (where XXX is replaced with your initials)
Region/Affinity Group: Select the Affinity Group you created in Step 3 above.
Replication: Ensure that the Geo-Redundant option is selected.
Click the CREATE STORAGE ACCOUNT button to create your new Microsoft Azure Storage account.
5 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 2: Register a DNS Server in Microsoft Azure Register the internal IP address that our domain controller VM will be using for Active Directory-integrated Dynamic DNS services by performing the following steps: 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Networks located on the side navigation panel on the Microsoft Azure Management Portal page.
3) Click the +NEW button located on the bottom navigation bar and select Networks | Virtual Network | Register DNS Server.
4) Complete the DNS Server fields as follows:
NAME: Enter a unique name for the new DNS Server information, such as labdns01
DNS Server IP Address: 10.0.0.4
5) Click the REGISTER DNS SERVER button.
6 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 3: Define a Virtual Network in Microsoft Azure Define a common virtual network in Microsoft Azure for running Active Directory, Database and SharePoint virtual machines by performing the following steps: 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Networks located on the side navigation panel on the Microsoft Azure Management Portal page.
3) Click the +NEW button located on the bottom navigation bar and select Networks | Virtual Network | Quick Create.
4) Complete the Virtual Network fields as follows:
NAME: Enter a unique name for the new Virtual Network, such as labnet01
Address Space: 10.---.---.---
Maximum VM Count: 4096 [CIDR: /20]
Location: Select your closest Microsoft Azure datacenter sub-region.
DNS Server: Select the DNS Server registered in Exercise 2 above.
5) Click the CREATE A VIRTUAL NETWORK button.
7 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 4: Configure Windows Server Active Directory in a Microsoft Azure VM Provision a new Microsoft Azure VM to run a Windows Server Active Directory domain controller in a new Active Directory forest by performing the following steps: 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
3) Click the +NEW button located on the bottom navigation bar and select Compute | Virtual Machine | From Gallery.
4) On the Choose an Image page, select Windows Server 2012 R2 Datacenter and click the button.
5) On the Virtual machine Configuration page, complete the fields as follows:
Version Release Date: Select the latest version release date to build a new VM with the latest OS updates applied.
Virtual Machine Name: labad01
Tier: Standard
Size: A1 (1 core, 1.75GB Memory)
New User Name: AzureAdmin
New Password and Confirm Password fields: Choose and confirm a new local Administrator password.
Record the password you entered here: __________________________________________.
Click the button to continue.
TIP! It is suggested to use secure passwords for Administrator users and service accounts, as Microsoft Azure virtual machines could be accessible from the Internet knowing just their DNS. You can also read this document on the Microsoft Security website that will help you select a secure password: http://www.microsoft.com/security/online-privacy/passwords-create.aspx.
8 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
6) On the Virtual machine Configuration page, complete the fields as follows:
Cloud Service: Create a new cloud service
Cloud Service DNS Name: Enter a globally unique DNS name for the new cloud service, such as XXXlabad.cloudapp.net
Region/Affinity Group/Virtual Network: Select labnet01 the Virtual Network defined in Exercise 3 above.
Storage Account: Select the Storage Account defined in Exercise 1 above.
Availability Set: Create an availability set
Availability Set Name: Enter a name for the new availability set, such as labad.
Click the button to continue.
7) On the Virtual Machine Configuration page, click the button to accept the default values and begin provisioning the new virtual machine.
As the new virtual machine is being provisioned, you will see the Status column on the Virtual Machines page of the Microsoft Azure Management Portal cycle through several values including Stopped, Stopped (Provisioning), and Running (Provisioning). When provisioning for this new Virtual Machine is completed, the Status column will display a value of Running and you may continue with the next step in this guide.
8) After the new virtual machine has finished provisioning, click on the name (labad01) of the new Virtual Machine displayed on the Virtual Machines page of the Microsoft Azure Management Portal.
9) On the virtual machine Dashboard page for labad01, make note of the Internal IP Address displayed on this page located on the right-side of the page. This IP address should be listed as 10.0.0.4.
TIP! If a different internal IP address is displ ayed, the virtual network and/or virtual machine configuration was not completed correctly. In this case, click the DELETE button located on the bottom toolbar of the virtual machine details page for labad01, and go back to Exercise 2 and Exercise 3 to confirm that all steps were completed correctly.
9 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
10) On the virtual machine Dashboard page for labad01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine.
Logon at the console of your virtual machine with the local Administrator credentials as follows:
User name: labad01\AzureAdmin
Password: Enter the password recorded in Step 5 above.
11) From within the Remote Desktop session for labad01, install the Active Directory Domain Services role and promote this server to a domain controller in a new Active Directory forest.
This task can be performed in two different ways: (1) by using the Add Roles and Features wizard in the Server Manager tool or (2) via the Active Directory PowerShell cmdlets. To reduce the time required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the following cmdlets:
c) When prompted for the SafeModeAdministratorPassword, enter and confirm the same password recorded in Step 5 above.
d) When prompted with Do you want to continue with this operation, press Enter to accept the default answer.
e) A new Active Directory Domain Services forest will be configured. After labad01 restarts, continue with the next step.
10 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
12) On the virtual machine Dashboard page for labad01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine.
Logon at the Remote Desktop console of your virtual machine with the domain Administrator credentials as follows:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Step 5 above.
13) From within the Remote Desktop session for labad01, create user accounts in Active Directory that will be used when installing and configuring SharePoint Server 2013 and System Center 2012 R2 later in this hands-on lab:
CONTOSO\sp_farm SharePoint Farm Data Access Account
CONTOSO\sp_serviceapps SharePoint Farm Service Applications Account
CONTOSO\sc_admin System Center Service Account
This task can be performed in two different ways: (1) by using the Active Directory Users and Computers tool located in the Server Manager Tools menu or (2) via the Active Directory PowerShell cmdlets. To reduce the time required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlets provided below. When prompted to Provide New Password, enter the password recorded in Step 5 above.
$newPassword = (Read-Host -Prompt "Provide New Password" ` -AsSecureString)
11 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
c) After the new Active Directory users are created, close the Administrator: Windows PowerShell ISE window and continue with the next step.
14) From within the Remote Desktop session of labad01, disable Internet Explorer Enhanced Security Configuration (ESC).
a) In the Server Manager tool, click on Local Server in the left navigation pane and select IE Enhanced Security Configuration.
b) Turn off enhanced security for Administrators and click the OK button.
Note: Modifying Internet Explorer Enhanced Security configurations is not good practice for production environments and is only performed for the purpose of this particular hands-on lab guide.
15) From within the Remote Desktop session for labad01, download the installation bits for System Center 2012 R2. Youll be using these installation bits later in this hands-on lab.
a) Create a new folder named C:\Installs
b) Click the Start button and launch Internet Explorer from the Start screen.
c) From within Internet Explorer, browse to http://aka.ms/dlscsuite2012
d) Click the Get Started Now button to begin the download process.
e) Login with your Microsoft account and complete the download registration form.
f) When prompted to install the Akamai Netsession Interface download tool, scroll down inside the dialog box and click If you cannot complete the installation, click here.
g) Click the OK button to use an alternate download method.
h) In the Downloading Files list located on the top-right of the web page, scroll inside the list box and download the following files to the C:\Installs folder:
Once the download of the last file has begun, continue with the next exercise while the process completes in the background.
12 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 5: Configure SQL Server 2012 in a Microsoft Azure VM Provision a new Microsoft Azure VM to run SQL Server 2012 by performing the following steps: 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
3) Click the +NEW button located on the bottom navigation bar and select Compute | Virtual Machine | From Gallery.
4) On the Choose an Image page, select SQL Server 2012 SP1 Enterprise on Windows Server 2012 and click the button.
5) On the Virtual Machine Configuration page, complete the fields as follows:
Version Release Date: Select the latest version release date to build a new VM with the latest OS updates applied.
Virtual Machine Name: labdb01
Tier: Standard
Size: A3 (4 cores, 7GB Memory)
New User Name: AzureAdmin
New Password and Confirm Password fields: Use the same password recorded in Exercise 4, Step 5.
Click the button to continue.
13 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
6) On the Virtual Machine Configuration page, complete the fields as follows:
Cloud Service: Create a new cloud service
Cloud Service DNS Name: Enter a globally unique DNS name for the new cloud service, such as XXXlabfarm.cloudapp.net
Region/Affinity Group/Virtual Network: Select labnet01 the Virtual Network defined in Exercise 3 above.
Storage Account: Select the Storage Account defined in Exercise 1 above.
Availability Set: Create an availability set
Availability Set Name: labdb
Click the button to continue.
7) On the Virtual Machine Configuration page, click the button to accept the default values and begin provisioning the new virtual machine.
As the new virtual machine is being provisioned, you will see the Status column on the Virtual Machines page of the Microsoft Azure Management Portal cycle through several values including Stopped, Stopped (Provisioning), and Running (Provisioning). When provisioning for this new Virtual Machine is completed, the Status column will display a value of Running and you may continue with the next step in this guide.
8) After the new virtual machine has finished provisioning, click on the name (labdb01) of the new Virtual Machine displayed on the Virtual Machines page of the Microsoft Azure Management Portal.
9) On the virtual machine Dashboard page for labdb01, make note of the Internal IP Address displayed on this page. This IP address should be listed as 10.0.0.x, where x is a valid host ID on the virtual network.
14 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
10) On the virtual machine Dashboard page for labdb01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine. Logon at the console of your virtual machine with the local Administrator credentials defined in Step 5 above as follows:
User name: labdb01\AzureAdmin
Password: Enter the password recorded in Exercise 4, Step 5.
11) Join this server to the contoso.com domain and restart the server to complete the domain join operation.
This task can be performed in two different ways: (1) by using the Local Server page in the Server Manager tool or (2) via the Add-Computer PowerShell cmdlet. To reduce the time required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlets provided below.
c) When prompted for Administrator credentials, enter the following user name and password:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5.
d) Restart the labdb01 virtual machine by issuing the following PowerShell cmdlet:
Restart-Computer
12) After the server restarts, connect again via Remote Desktop to the servers console and login with the local Administrator credentials defined above in Step 5 as follows:
User name: labdb01\AzureAdmin
Password: Enter the password recorded in Exercise 4, Step 5.
15 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
13) Add the CONTOSO\AzureAdmin user to SQL Server with the Sysadmin server role assigned.
This task can be performed in two different ways: (1) by using the SQL Server Management Studio tool or (2) via the SQLPS PowerShell cmdlets. To reduce the time required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlets provided below.
Set-ExecutionPolicy RemoteSigned Force
Import-Module SQLPS
Set-Location SQLSERVER:\sql\labdb01
Invoke-Sqlcmd -Query "CREATE LOGIN [CONTOSO\AzureAdmin] FROM WINDOWS"
14) In order to allow SharePoint to connect to the SQL Server instance in this virtual machine, you will need to add an Inbound Rule for the SQL Server requests in the Windows Firewall.
This task can be performed in two different ways: (1) by using the Windows Firewall with Advanced Security tool or (2) via the New-NetFirewallRule PowerShell cmdlet. To reduce the time required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlet provided below.
New-NetFirewallRule -DisplayName "SQLServer-AllowInbound" ` -Action Allow -Direction Inbound -LocalPort 1433 -Protocol TCP The configuration for this virtual machine is now complete, and you may continue with the next exercise in this hands-on lab guide. TIP! This lab provides flexibility in completing exercises. If you are interested in continuing to build a SharePoint dev/test lab environment on Microsoft Azure, you can complete Exercise 6 next. However, if you are more interested in managing Microsoft Azure with System Center 2012 R2, you can skip to Exercises 7-9 and come back to Exercise 6 at a later time.
16 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 6: Configure SharePoint Server 2013 in a Microsoft Azure VM Provision a new Microsoft Azure VM to run SharePoint Server 2013 by performing the following steps: 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
3) Click the +NEW button located on the bottom navigation bar and select Compute | Virtual Machine | From Gallery.
4) On the Choose an Image page, select SharePoint Server 2013 Trial and click the button.
5) On the Virtual Machine Configuration page, complete the fields as follows:
Virtual Machine Name: labweb01
Tier: Standard
Size: A4 (8 cores, 14GB Memory)
New User Name: AzureAdmin
New Password and Confirm Password fields: Use the same password recorded in Exercise 4, Step 5.
Click the button to continue.
6) On the Virtual Machine Configuration page, complete the fields as follows:
Cloud Service: XXXlabfarm.cloudapp.net (Select the existing Cloud Service provisioned in Exercise 5)
Region/Affinity Group/Virtual Network: Select labnet01 the Virtual Network defined in Exercise 3 above.
Storage Account: Select the Storage Account defined in Exercise 1 above.
Availability Set: Create an availability set
Availability Set Name: labweb
17 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
7) On the Virtual Machine Configuration page, add an additional firewall endpoint for web (HTTP) network traffic by completing the following fields:
Name: WebHTTP
Protocol: TCP
Public Port: 80
Private Port: 80
Click the button to continue.
8) On the Virtual Machine Configuration page, click the button to accept the default values and begin provisioning the new virtual machine.
As the new virtual machine is being provisioned, you will see the Status column on the Virtual Machines page of the Microsoft Azure Management Portal cycle through several values including Stopped, Stopped (Provisioning), and Running (Provisioning). When provisioning for this new Virtual Machine is completed, the Status column will display a value of Running and you may continue with the next step in this guide.
9) After the new virtual machine has finished provisioning, click on the name ( labweb01) of the new Virtual Machine displayed on the Virtual Machines page of the Microsoft Azure Management Portal.
10) On the virtual machine Dashboard page for labweb01, make note of the Internal IP Address displayed on this page. This IP address should be listed as 10.0.0.x, where x is a valid host ID on the virtual network.
11) On the virtual machine Dashboard page for labweb01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine. Logon at the console of your virtual machine with the local Administrator credentials defined in Step 5 above as follows:
User name: labweb01\AzureAdmin
Password: Enter the password recorded in Exercise 4, Step 5.
18 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
12) Join this server to the contoso.com domain and restart the server to complete the domain join operation.
This task can be performed in two different ways: (1) by using the Local Server page in the Server Manager tool or (2) via the Add-Computer PowerShell cmdlet. To reduce the time required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlets provided below.
c) When prompted for Administrator credentials, enter the following user name and password:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5.
d) Restart the labweb01 virtual machine by issuing the following PowerShell cmdlet:
Restart-Computer
13) After the server restarts, connect again via Remote Desktop to the servers console and login with the domain Administrator credentials as follows:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5.
14) On the Desktop, double-click on the SharePoint 2013 Products Configuration Wizard shortcut to launch the configuration wizard. Click the Next button to continue. If prompted to start or reset services, click the Yes button.
15) In the SharePoint Products Configuration Wizard, when prompted on the Connect to server farm dialog, select the option to Create a new server farm.
19 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
16) On the Specify Configuration Database Settings, specify the following values for each field:
Database Server: labdb01
Username: CONTOSO\sp_farm
Password: Type the password specified when the sp_farm domain user account was created earlier in Exercise 4.
17) Click the Next > button and accept all default values in the SharePoint Products Configuration Wizard.
When prompted for a Passphrase for the new SharePoint farm, enter and confirm the same password recorded in Exercise 4, Step 5.
Click the Finish button when prompted to complete the wizard.
TIP! SharePoint will require several minutes to complete this initial provisioning process.
18) The SharePoint 2013 Central Administration web page should launch automatically. When prompted, click the Start the Wizard button to begin the Initial Farm Configuration Wizard.
19) When prompted for Service Account, type the CONTOSO\sp_serviceapps domain username and password specified when this account was created earlier in Exercise 4.
20) Accept all other default values and click the Next > button to continue.
TIP! SharePoint will require several minutes to complete this initial provisioning process.
21) On the Create a Site Collection page, create a new top-level Intranet site collection using the following field values:
Title and Description: Enter your preferred Title and Description for the new site collection
URL: Select the root URL path http://labweb01/
Select experience version: 2013
Select a template: Publishing | Publishing Portal
Click the OK button to provision a new top-level Intranet site collection.
After the new top-level Intranet site collection is provisioned, test navigating to the URL for this site collection from within the Remote Desktop session to the server.
22) On the SharePoint 2013 Central Administration site, configure a Public URL alternate access mapping for accessing the new top-level Intranet site collection from the Internet.
20 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
a) On the Central Administration site home page, click the Configure alternate access mappings link.
b) On the Alternate Access Mappings page, click the Edit Public URLs link.
c) On the Edit Public Zone URLs page, select and specify the following values:
Click the Save button to complete the Alternate Access Mapping configuration.
23) Close the Remote Desktop session to the server.
24) Test browsing to the following public URL to confirm that you are able to access the Intranet site collection that is configured on SharePoint:
URL: http://XXXlabfarm.cloudapp.net
When prompted to authenticate to the web site, login with the following credentials:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5. If you are unable to successfully browse to this SharePoint site collection, carefully review Step 6 and Step 21 to ensure that you have completed both steps correctly. The configuration for this virtual machine is now complete, and you may continue with the next exercise in this hands-on lab guide.
21 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 7: Provision Virtual Machines via Windows PowerShell for System Center 2012 R2 In this exercise, you will provision two new virtual machines in Microsoft Azure by using Windows PowerShell and the Microsoft Azure PowerShell module. These virtual machines will be used in later lab exercises for System Center 2012 R2 App Controller and System Center 2012 R2 Orchestrator. You will perform this exercise from within a Remote Desktop session on virtual machine labad01. 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
3) On the Virtual Machines page, click on the name of virtual machine labad01.
4) On the virtual machine Dashboard page for labad01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine.
Logon at the Remote Desktop console of your virtual machine with the domain Administrator credentials as follows:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5 above.
5) Download and Install the Microsoft Azure PowerShell Module.
a) Launch Internet Explorer by first clicking the Start button and then clicking the Internet Explorer tile on the Start Screen.
b) From within Internet Explorer, browse to the following link location: http://go.microsoft.com/?linkid=9811175
c) When prompted, click the Run button to run the installation program. The Web Platform Installer will launch.
d) On the Web Platform Installer dialog box, click the Install button.
e) When prompted for Prerequisites, click the I Accept button.
f) When the installation process has completed, click the Finish button and then click the Exit button.
22 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
g) Restart virtual machine labad01. When the virtual machine has restarted, logon again using the same process and credentials as used in Step 4 above.
6) Configure the Microsoft Azure PowerShell Module for your Microsoft Azure subscription.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlet provided below.
Add-AzureAccount
When prompted to Sign in, sign in with the same Microsoft account credentials that you used when activating your Microsoft Azure free trial subscription.
c) Confirm that your Microsoft Azure subscription has been properly connected via PowerShell by running the following cmdlet:
Get-AzureSubscription
d) Set the default Microsoft Azure subscription and storage account by running the cmdlets below. Be sure to update these lines with your subscription name that was listed in the Get- AzureSubscription cmdlet output above and replace XXX with your unique initials before running these commands.
# Update the line below with your Microsoft Azure subscription name, for example "Free Trial"
$subscription = "REPLACE WITH YOUR SUBSCRIPTION NAME"
$storageAccount = "XXXlabstor01" # Replace XXX with your initials
7) Provision a new virtual machine named labac01 on the existing Microsoft Azure virtual network by using the below PowerShell cmdlets. During the VM provisioning process, this new VM will be automatically joined to the contoso.com Active Directory domain. This virtual machine will be used for System Center 2012 R2 App Controller in a later lab exercise.
Be sure to update these lines to replace XXX with your unique initials before running these commands.
$vm1Name = "labac01"
$vmServiceName = "XXXlabmgmt" # Replace XXX with your initials
23 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
8) Provision a new virtual machine named labo01 on the existing Microsoft Azure virtual network by using the below PowerShell cmdlets. During the VM provisioning process, this new VM will be automatically joined to the contoso.com Active Directory domain. This virtual machine will be used for System Center 2012 R2 Orchestrator in a later lab exerci se.
$vm2 | New-AzureVM ServiceName $vmServiceName When virtual machines labac01 and labo01 are displayed with a Running status on the Virtual Machines page of the Microsoft Azure Management Portal, you may continue with the next exercise. 24 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 8: Manage Microsoft Azure with System Center 2012 R2 App Controller In this exercise, you will configure System Center 2012 R2 App Controll er for managing your Microsoft Azure subscription. You will begin this exercise by establishing a Remote Desktop connection to virtual machine labac01. 1) Establish a Remote Desktop connection to virtual machine labac01.
a) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
b) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
c) On the Virtual Machines page, click on the name of virtual machine labac01.
d) On the virtual machine Dashboard page for labac01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine.
Logon at the Remote Desktop console of your virtual machine with the domain Administrator credentials as follows:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5 above.
2) From within the Remote Desktop session connected to labac01, disable Internet Explorer Enhanced Security Configuration (ESC).
a) In the Server Manager tool, click on Local Server in the left navigation pane and select IE Enhanced Security Configuration.
b) Turn off enhanced security for Administrators and click the OK button.
Note: Modifying Internet Explorer Enhanced Security configurations is not good practice for production environments and is only performed for the purpose of this particular hands-on lab guide.
25 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
3) From within the Remote Desktop session connected to labac01, extract the necessary installation files and install the pre-requisite components for installation of System Center 2012 R2 App Controller.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the commands provided below to extract the necessary installation files.
net use x: \\labad01\c$
x:\installs\sc2012_r2_scac /silent
x:\installs\sc2012_r2_scvmm /silent
net use x: /d
c) In the Administrator: Windows PowerShell ISE window, run the commands provided below to install the System Center 2012 R2 Virtual Machine Manager management console as a pre- requisite component for installation of System Center 2012 R2 App Controller.
4) From within the Remote Desktop session connected to labac01, complete the installation of System Center 2012 R2 App Controller.
a) In the Administrator: Windows PowerShell ISE window, run the commands provided below to launch the setup program for System Center 2012 R2 App Controller.
cd "\sc2012 r2 scac"
.\setup.exe
b) On the App Controller Setup dialog box, click Install to begin the installation process.
c) During the App Controller Setup wizard, click the Next button to proceed through each page. When prompted by the wizard, enter the following field val ues:
Product Key: leave blank (evaluation edition)
Installation Path: default (C:\Program Files\Microsoft System Center 2012 R2\App Controller)
Domain account: CONTOSO\sc_admin
Port: default (18622) 26 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Generate self-signed certificate: Selected
SQL Server database server: labdb01
SQL Server port: 1433
SQL Server instance name: MSSQLSERVER
SQL Server database name: default (AppController)
NOTE: After entering the SQL Server database information, you may need to click the Next button more than once to proceed to the next wizard page.
Customer Experience Improvement Program: Yes, I am willing to participate in CEIP
d) When prompted, click the Install button to begin the installation of System Center 2012 R2 App Controller.
When the installation process has completed, click the Finish button.
5) From within the Remote Desktop session connected to labac01, export the self-signed certificate generated during the installation process and upload to the Microsoft Azure Management Portal. This certificate will be used to securely authenticate to your Microsoft Azure subscription via the App Controller management server.
During this step, you will export the certificate file twice: one exported copy will be saved as a .CER certificate file that can be uploaded to the Microsoft Azure Management Portal, and a second exported copy will be saved as a .PFX certificate file that can be uploaded to the System Center 2012 R2 App Controller portal.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Internet Information Services (IIS) Manager.
b) Click on LABAC01 in the connections panel. If prompted to Get started with Microsoft Web Platform, click the No button.
c) In the center panel of the Internet Information Services (IIS) Manager tool, double-click on Server Certificates.
d) On the Server Certificates page, right-click on the System Center 2012 R2 App Controller certificate and click on View on the pop-up menu.
e) On the Certificate dialog box, click the Details tab and then click the Copy to File button. This will launch the Certificate Export Wizard.
27 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
f) Navigate through the Certificate Export Wizard using the Next button. When prompted, enter the following information:
After specifying all of the above information, click the Finish button to complete the export process. Click the OK button twice to dismiss each open dialog box.
g) On the Server Certificates page, right-click on the System Center 2012 R2 App Controller certificate and click on Export on the pop-up menu.
h) In the Export Certificate dialog box, enter the following information:
Export to: c:\sc2012 r2 scac\labac01.pfx
Password: Enter and confirm the same password recorded in Exercise 4, Step 5.
After specifying all of the above information, click the OK button to complete the export process.
i) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
j) Select Settings located on the side navigation panel on the Microsoft Azure Management Portal page. You may need to scroll down the side navigation panel to see this selection.
k) On the Settings page, click on the Management Certificates tab.
l) On the Management Certificates page, click on the Upload button located on the bottom black toolbar. When prompted, browse to c:\sc2012 r2 scac\labac01.cer and click the button.
Your newly uploaded certificate should appear with a name of labac01.contoso.com.
m) For your newly uploaded certificate, select the value listed in the Subscription ID column and copy this value to your clipboard for later use in this lab exercise.
6) Launch the System Center 2012 R2 App Controller portal and login as CONTOSO\AzureAdmin.
a) From within the Remote Desktop session connected to labac01, browse to https://labac01.contoso.com
If prompted with a website security error, click on Continue to this website. This error is generated due to the self-signed certificate used within this hands-on lab. In a production environment, a certificate signed by a trusted certificate authority would normally be used 28 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
instead of a self-signed certificate.
b) If prompted to Install Silverlight, click through the process of installing the Silverlight plug-in and, when completed, refresh the browser page.
c) When prompted to authenticate to the App Controller portal site, login with the following credentials:
User name: CONTOSO\AzureAdmin
Password: Enter the password recorded in Exercise 4, Step 5.
7) Connect System Center 2012 R2 App Controller to your Microsoft Azure subscription.
a) On the Overview page of the App Controller portal site, click on the link to Connect a Windows Azure subscription that is located in the center of the page.
b) In the Connect a Windows Azure subscription form, enter the following information:
Name: My Azure Cloud
Subscription ID: Paste the value copied to your clipboard above in Step 5m
Management certificate: Browse to c:\sc2012 r2 scac\labac01.pfx
Management certificate password: Enter the password used above in Step 5h when exporting the certificate.
After supplying the above information, click the OK button to connect App Controller to your Microsoft Azure subscription.
8) Manage your Microsoft Azure Cloud via System Center 2012 R2 App Controller.
a) Note that the App Controller Overview page has been updated to reflect the connection to your Microsoft Azure subscription in the Public Clouds column.
Also note that this same App Controller portal could also be connected to multiple Microsoft Azure subscriptions, multiple on-premises Private Clouds managed by System Center 2012 R2 Virtual Machine Manager, and multiple Hosting Service Providers. Leveraging the App Controller portal in this manner provides a single web-based management tool for managing all virtual machines in a Hybrid Cloud environment.
b) Click on Virtual Machines in the left navigation pane of the App Controller portal. Note that App Controller displays a list of all virtual machines provisioned across all connected clouds.
c) On the Virtual Machines page, right-click on a virtual machine to review the management options available for managing a single virtual machine in a connected cloud.
29 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
You will see options for Open Diagram, Properties, Shutdown, Restart, Remote Desktop, and Delete.
d) From the right-click popup menu, select Properties. Scroll through the Properties of new virtual machine form to review each of the currently provisioned settings for this virtual machine.
When your review is complete, click the Cancel button and continue to the next step.
e) On the Virtual Machines page, note that new virtual machines can be provisioned in a connected cloud by clicking the Deploy button on the top toolbar.
f) Click on Library in the left navigation panel of the App Controller portal.
g) On the Library page, note that a list of Disks, Images and Microsoft Azure storage accounts is presented.
h) On the Library page, click on Shares in the center panel. Note that the Add button on the top toolbar can be used to add local on-premises shared folders to the App Controller portal for the purpose of copying virtual machine hard disks between on-premises Private Clouds and Microsoft Azure clouds. When you have completed exploring the System Center 2012 R2 App Controller portal for Hybrid Cloud management, you may continue with the next exercise.
30 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 9: Automate your Lab Environment with System Center 2012 R2 Orchestrator In this exercise, you will configure System Center 2012 R2 Orchestrator for automating your Microsoft Azure subscription. You will begin this exercise by establishing a Remote Desktop connection to virtual machine labo01. 1) Establish a Remote Desktop connection to virtual machine labo1.
a) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
b) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
c) On the Virtual Machines page, click on the name of virtual machine labo01.
d) On the virtual machine Dashboard page for labo01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine.
Logon at the Remote Desktop console of your virtual machine with the domain Administrator credentials as follows:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5 above.
2) From within the Remote Desktop session connected to labo01, disable Internet Explorer Enhanced Security Configuration (ESC).
a) In the Server Manager tool, click on Local Server in the left navigation pane and select IE Enhanced Security Configuration.
b) Turn off enhanced security for Administrators and click the OK button.
Note: Modifying Internet Explorer Enhanced Security configurations is not good practice for production environments and is only performed for the purpose of this particular hands-on lab guide.
31 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
3) From within the Remote Desktop session connected to labo01, extract the necessary installation files and install the pre-requisite components for installation of System Center 2012 R2 Orchestrator.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the commands provided below to extract the necessary installation files.
net use x: \\labad01\c$
x:\installs\sc2012_r2_sco /silent
net use x: /d
c) In the Administrator: Windows PowerShell ISE window, run the command provided below to install pre-requisite components for installation of System Center 2012 R2 Orchestrator.
Install-WindowsFeature NET-Framework-Core
4) From within the Remote Desktop session connected to labo01, complete the installation of System Center 2012 R2 Orchestrator.
a) In the Administrator: Windows PowerShell ISE window, run the commands provided below to launch the setup program for System Center 2012 R2 Orchestrator.
cd "\sc2012 r2 sco"
.\SetupOrchestrator.exe
b) In the System Center 2012 R2 Orchestrator Setup dialog box, click Install to begin the installation process.
c) During the System Center 2012 R2 Orchestrator Setup wizard, click the Next button to proceed through each page. When prompted by the wizard, enter the following field values:
Organization: Contoso
Product Key: Leave blank (evaluation edition)
Select features to install: Default (all features)
Software Prerequisites: Click the radio button option for Activate .NET and IIS features/roles
Username: CONTOSO\sc_admin
Password: Enter the password recorded in Exercise 4, Step 5 above. 32 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Domain: CONTOSO
Database server: labdb01
Database server port: 1433
Database server authentication credentials: Windows Authentication
Database: Default (create a new database named Orchestrator)
Installation Location: Default (C:\Program Files (x86)\Microsoft System Center 2012 R2\Orchestrator)
Microsoft Update: On (recommended)
Customer Experience Improvement Program: Yes, I am willing to participate in CEIP
Error Reporting: Yes, I am willing to participate anonymously. Please automatically send my error reports.
d) When prompted, click the Install button to begin the installation process for System Center 2012 R2 Orchestrator.
When the installation process has completed, uncheck all checkbox options located at the bottom of the Setup completed successfully page, and click the Close button.
5) From within the Remote Desktop session connected to labo01, download and extract the Microsoft Azure Integration Pack for System Center 2012 R2 Orchestrator.
a) Browse to http://www.microsoft.com/en-us/download/details.aspx?id=39622 and download the System_Center_2012_R2_Integration_Packs.EXE file to the c:\sc2012 r2 sco folder location.
b) In the Administrator: Windows PowerShell ISE window, run the commands provided below to extract the necessary installation files.
cd "\sc2012 r2 sco"
.\System_Center_2012_R2_Integration_Packs
When prompted to Choose Directory For Extracted Files, accept the default path 33 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
(c:\sc2012 r2 sco) and click the OK button.
6) From within the Remote Desktop session connected to labo01, deploy the Microsoft Azure Integration Pack for System Center 2012 R2 Orchestrator.
a) Click the Start button tip to navigate to the Start Screen, and then click the button located at the bottom of the screen to navigate to the All Apps view.
b) On the Apps screen, click on the Deployment Manager tile located under the Microsoft System Center 2012 category.
c) In the System Center 2012 R2 Orchestrator Deployment Manager tool, right-click on Integration Packs in the left navigation panel, and click Register IP with the Orchestrator Management Server
d) Navigate through the Integration Pack Registration Wizard pages using the Next and Finish buttons.
When prompted to Select Integration Packs or Hotfixes, click the Add button and browse to C:\SC2012 R2 SCO\SC2012R2_Integration_Pack_for_Azure.OIP
e) In the System Center 2012 R2 Orchestrator Deployment Manager tool, right-click on Integration Packs in the left navigation panel, and click Deploy IP to Runbook Server or Runbook Designer
f) Navigate through the Integration Pack or Hotfix Deployment Wizard pages using the Next and Finish buttons. When prompted, use the following information:
Deploy Integration Packs or Hotfixes: click the checkbox for System Center Integration Pack for Windows Azure
Computer: enter labo01 and click the Add button
g) When the deployment of the System Center Integration Pack for Windows Azure has completed, you may close the System Center 2012 R2 Orchestrator Deployment Manager tool.
7) From within the Remote Desktop session connected to labo01, generate and export a self-signed certificate. This certificate will be used to securely authenticate to your Microsoft Azure subscription via the Orchestrator management server.
During this step, you will export the certificate file twice: one exported copy will be saved as a .CER certificate file that can be uploaded to the Microsoft Azure Management Portal, and a second exported copy will be saved as a .PFX certificate file that can be registered with System Center 2012 R2 Orchestrator.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Internet Information Services (IIS) Manager.
34 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
b) Click on LABO01 in the connections panel. If prompted to Get started with Microsoft Web Platform, click the No button.
c) In the center panel of the Internet Information Services (IIS) Manager tool, double-click on Server Certificates.
d) In the Actions panel located at the right, click Create Self-Signed Certificate. When prompted, enter the following information:
Friendly name for certificate: System Center 2012 R2 Orchestrator
Certificate store: Personal
Click the OK button to generate the new self-signed certificate.
e) On the Server Certificates page, right-click on the System Center 2012 R2 Orchestrator certificate and click on View on the pop-up menu.
f) On the Certificate dialog box, click the Details tab and then click the Copy to File button. This will launch the Certificate Export Wizard.
g) Navigate through the Certificate Export Wizard using the Next button. When prompted, enter the following information:
After specifying all of the above information, click the Finish button to complete the export process. Click the OK button twice to dismiss each open dialog box.
h) On the Server Certificates page, right-click on the System Center 2012 R2 Orchestrator certificate and click on Export on the pop-up menu.
i) In the Export Certificate dialog box, enter the following information:
Export to: c:\sc2012 r2 sco\labo01.pfx
Password: Enter and confirm the same password recorded in Exercise 4, Step 5.
After specifying all of the above information, click the OK button to complete the export process.
j) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
35 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
k) Select Settings located on the side navigation panel on the Microsoft Azure Management Portal page. You may need to scroll down the side navigation panel to see this selection.
l) On the Settings page, click on the Management Certificates tab.
m) On the Management Certificates page, click on the Upload button located on the bottom black toolbar. When prompted, browse to c:\sc2012 r2 sco\labo01.cer and click the button.
Your newly uploaded certificate should appear with a name of labo01.contoso.com.
n) For your newly uploaded certificate, select the value listed in the Subscription ID column and copy this value to your clipboard for later use in this lab exercise.
8) From within the Remote Desktop session connected to labo01, connect System Center 2012 R2 Orchestrator to your Microsoft Azure subscription.
a) Click the Start button tip to navigate to the Start Screen, and then click the button located at the bottom of the screen to navigate to the All Apps view.
b) On the Apps screen, click on the Runbook Designer tile located under the Microsoft System Center 2012 category.
c) In the System Center 2012 R2 Orchestrator Runbook Designer tool, click on the Options menu located on the top menu bar and select Windows Azure.
d) In the Windows Azure dialog box, click the Add button to add a new Microsoft Azure subscription.
e) In the Add Configuration dialog, enter the following information for the Microsoft Azure subscription to be connected:
PFX File Password: Enter the password recorded in Exercise 4, Step 5
PFX File Path: c:\sc2012 r2 sco\labo01.pfx
Subscription ID: Paste the value copied to your clipboard in Step 7n above
Click the OK button to save this connection to your Microsoft Azure subscription.
36 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
f) Click the Finish button to close the Windows Azure dialog box.
9) From within the Remote Desktop session connected to labo01, create a basic Runbook to automate Microsoft Azure virtual machine provisioning by creating a new storage container, cloud service and virtual machine instance.
As part of the process in creating this Runbook, you will be leveraging four (4) activities that are provided by the previously installed Microsoft Azure Integration Pack: Azure Virtual Machine Images, Azure Storage, Azure Cloud Services and Azure Virtual Machines. After this Runbook is created, it should look like the sample diagram below.
a) In the System Center 2012 R2 Orchestrator Runbook Designer tool, right-click on Runbooks in the left navigation panel and select New | Runbook.
b) Click on the Check Out button on the top toolbar to check out the new Runbook for editing.
c) In the Activities list in the right navigation panel, click on Windows Azure to expand the set of activities associated with the Microsoft Azure Integration Pack.
d) Click on the Azure Virtual Machine Images activity in the Activities list and drag it into the upper left of the New Runbook design surface located in the middle panel of the Runbook Designer tool.
Right-click on this activity and click on Properties to set the following property values:
Configuration Name: My Azure Cloud
Choose an Activity: List OS Images
Filters: Label equals Windows Server 2012 R2 Datacenter, April 2014
Click the Finish button to save the property values for this activity.
37 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
e) Click on the Azure Storage activity in the Activities list and drag it to the New Runbook design surface so that it is located to the right of the previous activity.
Click on the previous activity and drag the right arrow handle over this new activity to connect the two activities together.
Right-click on the Azure Storage activity in the New Runbook design surface and click on Properties to set the following property values:
Configuration Name: My Azure Cloud
Choose an Activity: Create Container
Storage Account Name: XXXlabstor01 (where XXX is replaced with your unique initials)
Container Name: labvhds
Click the Finish button to save the property values for this activity.
f) Click on the Azure Cloud Services activity in the Activities list and drag it to the New Runbook design surface so that it is located to the right of the previous activity.
Click on the previous activity and drag the right arrow handle over this new activity to connect the two activities together.
Right-click on the Azure Cloud Services activity in the New Runbook design surface and click on Properties to set the following property values:
Configuration Name: My Azure Cloud
Choose an Activity: Create Cloud Service
Service DNS Prefix: XXXlabvms (where XXX is replaced with your unique initials)
Label: XXXlabvms (where XXX is replaced with your unique initials)
Description: Lab VMs
Location/Affinity Group: Affinity Group
Location/Affinity Group Value: labag01
Click the Finish button to save the property values for this activity.
38 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
g) Click on the Azure Virtual Machines activity in the Activities list and drag it to the New Runbook design surface so that it is located to the right of the previous activity.
Click on the previous activity and drag the right arrow handle over this new activity to connect the two activities together.
Right-click on the Azure Virtual Machines activity in the New Runbook design surface and click on Properties to set the following property values:
Configuration Name: My Azure Cloud
Choose an Activity: Create VM Deployment
Service Name: right-click and select Subscribe | Published Data | Azure Cloud Services | Service DNS Prefix
Deployment Name: XXXlabvm01 (where XXX is replaced with your unique initials)
Deployment Slot: Production
Label: labvm01
VM Instance Name: labvm01
Image Type: Platform Image
Operating System Type: Windows
Computer Name: labvm01
Admin Password: Enter the password recorded in Exercise 4, Step 5
Container URI: right-click and select Subscribe | Published Data | Azure Storage | Container Url
Blob VHD Name: labvm01
Source Image Name: right-click and select Subscribe | Published Data | Azure Virtual Machine Images | Name
Wait for Completion: True
Click the Finish button to save the property values for this activity.
39 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
10) From within the Remote Desktop session connected to labo01, run the newly created Runbook using the System Center 2012 R2 Orchestrator Runbook Tester.
a) Click on the Runbook Tester button that is located on the top toolbar of the System Center 2012 R2 Orchestrator Runbook Designer tool.
b) In the System Center 2012 R2 Orchestrator Runbook Tester tool, click on the Run button on the top toolbar.
c) As the Runbook executes, monitor progress in the bottom Log panel in the Runbook Tester tool.
d) After the Runbook successfully completes, sign-in to the Microsoft Azure Management Portal and confirm that labvm01 has been automatically provisioned as a new virtual machine by navigating to the Virtual Machines portal page. EXTRA CREDIT! Use the System Center 2012 R2 App Controller portal on labac01 to delete the virtual machine, cloud service and storage container that were provisioned as part of this automated Runbook. Note that after deleting the virtual machine, you may be required to wait a few minutes before you are able to sucessfully delete storage resources. When you have completed exploring the cloud resources that were automatically provisioned by the System Center 2012 R2 Orchestrator Runbook, you may continue with the next exercise.
40 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 10: Shut down the On-demand Dev/Test Lab Environment Your functional Dev/Test Lab environment is now complete, but you likely wont be using this lab environment 24x7 around-the-clock. As long as the virtual machines are running, they will continue to accumulate compute hours against your Microsoft Azure subscription. To preserve your compute hours for productive lab work, be sure to shut down each VM from the Microsoft Azure Management Portal when not in use. After each VM is successfully shut down, the status of each VM will be listed in the portal as Stopped (Deallocated) and compute charges will not accumulate for VMs in this state. Follow these steps to shut down your virtual machines: 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
3) For each provisioned virtual machine, click on the virtual machine name to select that virtual machine, and then click on the Shut down button located on the bottom toolbar. When all virtual machines are listed in the portal with a Stopped (Deallocated) status, you have completed this exercise. TIP! It is important to shut down the VMs from the Microsoft Azure Management Portal to properly de- allocate compute resources and prevent compute charges from accumulating. If you shut down VMs from within the Guest OS or from the System Center 2012 R2 App Controller portal, the VMs will be placed in a different Stopped status where compute resources are not de-allocated and compute charges in this state will still apply.
41 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Additional Resources Congratulations! Youve completed this Hands-on Lab for Building and Managing a Dev/Test Farm in the Cloud using Microsoft Azure Infrastructure Services. If you enjoyed this Hands-On Lab, be sure to check-out our full set of Cloud Step-By-Step Guides for building other common hybrid cloud scenarios at: Cloud Labs Step-by-Step Guides
http://aka.ms/CloudLab
Guided Hands-On Lab: Build a Cross-Premises Site-to-Site VPN
http://aka.ms/VNetCloudLab
Guided Hands-On Lab: Migrate VMs from VMware to Microsoft Azure
http://aka.ms/VMWCloudLab
Guided Hands-On Lab: Migrate VMs from Amazon AWS to Microsoft Azure
http://aka.ms/AWSCloudLab
Guided Hands-On Lab: Orchestrate Private Cloud Failover with Microsoft Azure Hyper-V Recovery Manager
http://aka.ms/HVMCloudLab
Step-by-Step: Cloud Backups of Microsoft Azure Virtual Machines using PowerShell ( Part 1)
http://aka.ms/BackupWindowsAzureVM
Step-by-Step: Cloud Restores of Microsoft Azure Virtual Machines using PowerShell ( Part 2 )
http://aka.ms/AzureVMRestoreCloudLab
Build Your Hybrid Cloud in a Month
http://aka.ms/BuildYourCloud
Introduction to PowerShell
http://aka.ms/PoshIntro 42 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Alternate to Exercise 7: Provision Virtual Machines for System Center 2012 R2
Exercises 7A and 7B below are provided as alternate exercises to the original Exercise 7 in this Hands-on Lab Guide. These alternate exercises leverage the Microsoft Azure Management Portal to provision virtual machines for System Center 2012 R2, rather than leveraging the Microsoft Azure PowerShell Module for this purpose. Exercise 7A: Provision Virtual Machine for System Center 2012 R2 App Controller Provision a new Microsoft Azure VM for System Center 2012 R2 App Controller by performing the following steps: 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
3) Click the +NEW button located on the bottom navigation bar and select Compute | Virtual Machine | From Gallery.
4) On the Choose an Image page, select Windows Server 2012 R2 Datacenter and click the button.
5) On the Virtual Machine Configuration page, complete the fields as follows:
Version Release Date: Select the latest version release date to build a new VM with the latest OS updates applied.
Virtual Machine Name: labac01
Tier: Standard
Size: A2 (2 cores, 3.5GB Memory)
New User Name: AzureAdmin
New Password and Confirm Password fields: Use the same password recorded in Exercise 4, Step 5.
Click the button to continue.
43 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
6) On the Virtual Machine Configuration page, complete the fields as follows:
Cloud Service: Create a new cloud service
Cloud Service DNS Name: Enter a globally unique DNS name for the new cloud service, such as XXXlabmgmt.cloudapp.net
Region/Affinity Group/Virtual Network: Select labnet01 the Virtual Network defined in Exercise 3 above.
Storage Account: Select the Storage Account defined in Exercise 1 above.
Availability Set: (None)
Click the button to continue.
7) On the Virtual Machine Configuration page, click the button to accept the default firewall endpoint values and begin provisioning the new virtual machine.
As the new virtual machine is being provisioned, you will see the Status column on the Virtual Machines page of the Microsoft Azure Management Portal cycle through several values including Stopped, Stopped (Provisioning), and Running (Provisioning). When provisioning for this new Virtual Machine is completed, the Status column will display a value of Running and you may continue with the next step in this guide.
8) After the new virtual machine has finished provisioning, click on the name (labac01) of the new Virtual Machine displayed on the Virtual Machines page of the Microsoft Azure Management Portal.
9) On the virtual machine Dashboard page for labac01, make note of the Internal IP Address displayed on this page. This IP address should be listed as 10.0.0.x, where x is a valid host ID on the virtual network.
44 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
10) On the virtual machine Dashboard page for labac01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine. Logon at the console of your virtual machine with the local Administrator credentials defined in Step 5 above as follows:
User name: labac01\AzureAdmin
Password: Enter the password recorded in Exercise 4, Step 5.
11) Join this server to the contoso.com domain and restart the server to complete the domain join operation.
This task can be performed in two different ways: (1) by using the Local Server page in the Server Manager tool or (2) via the Add-Computer PowerShell cmdlet. To reduce the time required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlets provided below.
c) When prompted for Administrator credentials, enter the following user name and password:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5.
d) Restart the labac01 virtual machine by issuing the following PowerShell cmdlet:
Restart-Computer
You have completed the initial provisioning of this Microsoft Azure virtual machine for System Center 2012 R2 App Controller. In a later exercise in this Hands-on Lab Guide, you will complete the installation and configuration of System Center 2012 R2 App Controller.
45 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
Exercise 7B: Provision Virtual Machine for System Center 2012 R2 Orchestrator Provision a new Microsoft Azure VM for System Center 2012 R2 Orchestrator by performing the following steps: 1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed up for your Free Microsoft Azure Trial.
2) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management Portal page.
3) Click the +NEW button located on the bottom navigation bar and select Compute | Virtual Machine | From Gallery.
4) On the Choose an Image page, select Windows Server 2012 R2 Datacenter and click the button.
5) On the Virtual Machine Configuration page, complete the fields as follows:
Version Release Date: Select the latest version release date to build a new VM with the latest OS updates applied.
Virtual Machine Name: labo01
Tier: Standard
Size: A2 (2 cores, 3.5GB Memory)
New User Name: AzureAdmin
New Password and Confirm Password fields: Use the same password recorded in Exercise 4, Step 5.
Click the button to continue.
46 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
6) On the Virtual Machine Configuration page, complete the fields as follows:
Cloud Service: XXXlabmgmt
Cloud Service DNS Name: Enter a globally unique DNS name for the new cloud service, such as XXXlabmgmt.cloudapp.net
Region/Affinity Group/Virtual Network: Select labnet01 the Virtual Network defined in Exercise 3 above.
Storage Account: Select the Storage Account defined in Exercise 1 above.
Availability Set: (None)
Click the button to continue.
7) On the Virtual Machine Configuration page, click the button to accept the default firewall endpoint values and begin provisioning the new virtual machine.
As the new virtual machine is being provisioned, you will see the Status column on the Virtual Machines page of the Microsoft Azure Management Portal cycle through several values including Stopped, Stopped (Provisioning), and Running (Provisioning). When provisioning for this new Virtual Machine is completed, the Status column will display a value of Running and you may continue with the next step in this guide.
8) After the new virtual machine has finished provisioning, click on the name (labo01) of the new Virtual Machine displayed on the Virtual Machines page of the Microsoft Azure Management Portal.
9) On the virtual machine Dashboard page for labo01, make note of the Internal IP Address displayed on this page. This IP address should be listed as 10.0.0.x, where x is a valid host ID on the virtual network.
47 | P a g e B u i l d & Ma n a g e a D e v / T e s t S e r v e r F a r m i n t h e C l o u d
10) On the virtual machine Dashboard page for labo01, click the Connect button located on the bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console of this virtual machine. Logon at the console of your virtual machine with the local Administrator credentials defined in Step 5 above as follows:
User name: labo01\AzureAdmin
Password: Enter the password recorded in Exercise 4, Step 5.
11) Join this server to the contoso.com domain and restart the server to complete the domain join operation.
This task can be performed in two different ways: (1) by using the Local Server page in the Server Manager tool or (2) via the Add-Computer PowerShell cmdlet. To reduce the time required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlets provided below.
c) When prompted for Administrator credentials, enter the following user name and password:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Exercise 4, Step 5.
d) Restart the labo01 virtual machine by issuing the following PowerShell cmdlet:
Restart-Computer
You have completed the initial provisioning of this Microsoft Azure virtual machine for System Center 2012 R2 Orchestrator. In a later exercise in this Hands-on Lab Guide, you will complete the installation and configuration of System Center 2012 R2 Orchestrator.