microsoft private cloud: evaluation guide benefit of the private cloud over public cloud is that it...

Clouds

Microsoft Private Cloud:

Evaluation Guide

IT

2

Table of Contents

Copyright Information ................................................................................................................................. 3

Introduction: The Microsoft Private Cloud ........................................................................................... 4

Part 1 – Configure and Deploy Your Private Cloud Infrastructure ............................................... 7

Chapter 1: Explanation of Private Cloud Components ..................................................................... 8

Chapter 2: The Private Cloud Evaluation Guide Scenario & Architectural Overview ......... 13

Chapter 3: Installing the Private Cloud through the Unified Installer ...................................... 33

Chapter 4: Connecting the System Center Components ............................................................. 50

Chapter 5: Configuring Your Private Cloud Infrastructure ......................................................... 102

Chapter 6: Building Clouds .................................................................................................................... 128

Part 2 – Application Performance Management and Service Delivery & Automation .... 144

(Note: Part 2 will be in this same document, added at a later date) .............................................

Appendix A .................................................................................................................................................. 146

Appendix B .................................................................................................................................................. 151

Appendix C .................................................................................................................................................. 156

01

3

Copyright Information

© 2012 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views

expressed in this document, including URL and other Internet Web site references, may change without notice.

You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property

in any Microsoft product. You may copy and use this document for your internal, reference purposes. You may

modify this document for your internal, reference purposes.

4

Introduction: The Microsoft Private Cloud

Overview

This Private Cloud Evaluation Guide is built to give you the necessary information to evaluate the private cloud. In

this evaluation guide, you will go through an entire scenario that you can use to evaluate the private cloud on

your own premises in a proof of concept environment. This guide is split into two parts. The first part will walk you

through deploying and configuring the infrastructure for the private cloud. The second part will go through the

service model and application performance management as well as how to gain operational benefits through

service delivery and automation. The second part will be included in this document at a later date. Please refer back

to the download link for updates to this guide. This guide is intentionally built so that you can run it on -lower-level

hardware for the purpose of evaluation. It is also possible to follow this guide and change the scenario to your

own environment and parameters. This introduction will walk you through the content of this guide as well as

give you some background on the Microsoft private cloud and the components that help you build it. We advise

you to read this section if you are not familiar with the concept of the Microsoft private cloud.

Chapters

This evaluation guide consists of two parts:

Part 1 – Configure and Deploy Your Private Cloud Infrastructure

Chapter 1: Explanation of the Private Cloud Components

Chapter 2: The Private Cloud Evaluation Guide Scenario and Architectural Overview

Chapter 3: Installing the Components of System Center 2012 through the Unified Installer.

Chapter 4: Connecting the Components of System Center 2012

Chapter 5: Configuring Your Private Cloud Infrastructure

Chapter 6: Building Clouds and Delegating Access

Part 2 – Application Performance Management and Service Delivery & Automation

Note: Part 2 will be in this same document, added at a later date

Chapter 7: Creating Services

Chapter 8: Monitoring Your Newly Deployed Service

Chapter 9: Automation as a Key Foundation of Your Private Cloud

Chapter 10: Creating a Self-Service Catalog and Automate Offering to Your Customers or End-users

Chapter 11: Hybrid Cloud Management

Chapter 12: Protecting Your Data in the Private Cloud

A Private Cloud – Today’s Datacenter . . . Optimized

The architecture and functionality of most modern datacenters reflect the growth of the parent organization it

serves. Whether this has been by steady organic growth or by rapid expansion through mergers and acquisitions,

the result is typically a very heterogeneous environment that includes some best-of-breed point solutions, levels

of standardization and isolated environments tailored to fit the demands of specific business groups. This makes

for an environment that can be both difficult to manage, and impairs the agility of its various business units. Each

time a request is submitted for a new application or service, the centralized IT function needs to hand-craft and

5

deliver that request in a made-to-order fashion. Applications are built to accommodate peak usage, dedicating

infrastructure which often lies underutilized much of the time. IT is a challenging place to be; internal customers

expect the ease and reliability of the sorts of consumer apps they use every day, such as Hotmail, Xbox Live, and

so forth, but often they don’t grasp the true scale at which these services run. Private cloud technologies allow any

business a better ability to achieve the types of efficiencies in datacenter operation and application provisioning

that has, to date, been the hallmark of much larger organizations.

The concept of IT as a Service has been discussed in various forms for decades. For many businesses today, this

opportunity for on demand IT manifests itself through the idea of a private cloud. Modeled around the success of

public cloud offerings such as Microsoft Windows Azure and Amazon Web Services the private cloud is about

automatically and efficiently delivering necessary services on request and dynamically scaling those services to

meet demand. The private cloud computing model simplifies the ability of IT to deliver IT services. A private

cloud shares many of the characteristics of public cloud computing such as resource pooling, self-service, elasticity

and usage-based charge models but does so with dedicated physical resources that allow an organization to

maintain complete control over their data and processes. A key to the success of private cloud deployments will

be the tools and technologies that allow businesses to approach the levels of operational efficiency and high

availability that are the hallmark of public cloud offerings; the set of private cloud enabling tools from Microsoft

System Center 2012 help you to achieve just that.

The notion of pooled resources means that all compute, network, and storage assets are aggregated into a

common grouping that can then be delegated within the organization. This is a shift from today’s model in which

an Application Owner will likely know (and probably fund) the exact hardware on which his application is

physically deployed. In a cloud environment, this owner will only care that adequate capacity to run his

application has been delegated to him. This, in turn, frees up the Datacenter Administrator to better optimize

resource utilization; to move and shed loads as required and focus on activities that enable greater business value.

There needs to be a true self-service interface to which services are published from central IT and consumed by

the business units; even where explicit cross charge accounting is not put in place. Application Owners and

customers need to be able to easily ‘purchase’ and provision their resources when they want and at the level of

service and cost they choose. This common understanding of available ‘off the shelf’ service offerings is

fundamental to the notion of cloud computing. It doesn’t mean that custom requests aren’t possible; indeed a

key benefit of the private cloud over public cloud is that it maintains a greater degree of flexibility, but commodity

offerings vs. custom offerings may mean the difference between completing the task in 30 minutes vs. 2 weeks.

The services deployed need to be elastic and scale up and down automatically based on demand. By designing

this capability into the services that are deployed, central IT no longer needs to over-provision capacity to

6

accommodate any potential spikes in load. Finally it’s important to deploy a usage based environment that

allows the Datacenter Administrator and Application Owner to view resource utilization and, ideally set up the

right economic incentives to efficiently run their applications and know cost and usage through appropriate

chargeback models.

A private cloud deployment captures all of these characteristics, but above and beyond the public cloud, it also

allows organizations to maintain total control over their applications and data as well as offering an ability to

customize deployed resources; both common blockers for businesses looking at public cloud solutions.

Ultimately, most customers will find portions of their organization that live best in a private deployment and

portions that live best in a public deployment. The world will exist in a hybrid state for the foreseeable future and

it’s important for companies to evaluate their particular needs to determine the best combination for them. As a

leader in both public and private cloud technology Microsoft is well positioned to help organizations realize this

vision of cloud computing.

7

Part 1 – Configure and Deploy Your Private

Cloud Infrastructure

8

Chapter 1: Explanation of the Private Cloud

Components

Overview

Highly virtualized computing gives you the benefits of increased utilization of your servers, power savings, and

reduced server footprint. We are familiar with these as they are in datacenters today. However, this does not equal

the private cloud.

A private cloud provides all of those benefits plus highly integrated and automated management, scalable and

elastic platforms, and self-service IT infrastructure.

Through a highly automated infrastructure, an organization can reduce operational costs by automating many

tasks that previously required manual intervention. Through the service catalog an organization can provide a

self-service IT infrastructure to business units and departments with an SLA. This forces service-level discussion

and removes the burden to procure, provision, and manage infrastructure on a per-application, ad-hoc basis. With

a scalable and elastic infrastructure, an organization can enable faster delivery of capacity as resource needs

change. By utilizing a Windows Server 2008 R2 SP1 infrastructure along with System Center 2012, the Microsoft

private cloud allows you to deploy a flexible and responsive infrastructure, designed to simplify day-to-day tasks

and enable management of applications at the service level, rather than that of individual servers.

The following table highlights private cloud capabilities, aligned by industry and to Windows Server 2008 R2 and

the components of System Center 2012 that we are going to discuss in this chapter.

Microsoft Windows Server 2008 R2 SP1

Microsoft Windows Server 2008 R2 SP1 is the operating system that runs your private cloud. In this evaluation

guide it will run as the host hypervisor, the OS for the different infrastructure components, and for the application

that we will deploy, manage, and monitor.

9

Windows Server 2008 R2 SP1 evaluation can be downloaded from http://technet.microsoft.com/en-

us/evalcenter/dd459137.aspx

Hyper-V

Hyper-V is the server virtualization technology within Windows Server 2008 R2 SP1. It allows you to run virtual

machines on top of the host Operating System when your hardware is capable of running virtualized loads.

System Center Orchestrator

System Center Orchestrator is a workflow engine that allows you to automate the creation, deployment and

monitoring of resources in your private cloud. Better said, Orchestrator provides you with orchestration,

integration and automation of IT processes. Orchestrator works in conjunction with all the System Center

components and can also be used to automate components from 3rd

party applications like HP ILO and OA,

VMware vSphere and many others (for a full list of Orchestrator 2012 integration packs see

http://technet.microsoft.com/en-us/library/hh295851.aspx ).

Orchestrator consists of the following:

Components Description

Management Server The management server is the communication layer between the Runbook

Designer and the orchestration database

Runbook Server A runbook server is where an instance of a runbook runs. A runbook is a

collection of actions bundled together that Orchestrator will run performing

various automated actions. Runbook servers communicate directly with the

orchestration database. You can deploy multiple runbook servers per

Orchestrator installation to increase capacity and redundancy.

Orchestration Database The database is a Microsoft SQL Server database that contains all of the

deployed runbooks, the status of running runbooks, log files, and

configuration data for Orchestrator.

Runbook Designer The Runbook Designer is the tool used to build, edit, and manage

Orchestrator runbooks. One runbook or different runbooks together form

your workflow(s).

Runbook Tester Runbook Tester is a run-time tool used to test runbooks developed in the

Runbook Designer. This tool allows you to test your runbooks before taking

them into production.

Orchestration Console The Orchestration console lets you start or stop runbooks and view real-time

status on a web browser. This is a Silverlight-based web console.

Orchestrator Web Service The Orchestrator web service is a Representational State Transfer (REST)-

based service that enables custom applications to connect to Orchestrator to

start and stop runbooks, and retrieve information about operations by using

custom applications or scripts. The Orchestration console uses this web service

to interact with Orchestrator.

Deployment Manager Deployment Manager is a tool used to deploy integration packs (IPs), runbook

servers, and Runbook Designers

http://technet.microsoft.com/en-us/evalcenter/dd459137.aspxhttp://technet.microsoft.com/en-us/evalcenter/dd459137.aspxhttp://technet.microsoft.com/en-us/library/hh295851.aspx

10

integration pack (IP) An integration pack is a collection of custom activities specific to a product or

technology. Microsoft and other companies provide integration packs with

activities to interact with their product from an Orchestrator runbook.

Orchestrator Integration

Toolkit

The Orchestrator Integration Toolkit lets you extend your library of activities

beyond the collection of standard activities and integration packs. The

Integration Toolkit has wizard-based tools to create new activities and

integration packs for Orchestrator. Developers can also use the Integration

Toolkit to create integration packs from custom activities that they build by

using the Orchestrator SDK.

System Center App Controller

System Center App Controller is a Silverlight web-based interface that allows you to manage, build, configure and

deploy services both on the private and the public cloud. With this interface, you will have a common self-service

experience through your different clouds. This interface is mainly used to provide self-service capabilities for your

application owners.

The ability to control and manage applications and services within the private cloud is critical. A key requirement,

as organizations begin using hybrid apps, will be the ability to connect with services in other clouds and to

manage them through a single management experience.

Component Name Description

App Controller Server The App Controller Server runs the web-based Silverlight application to

manage, build, configure and deploy services both on your private cloud and

the public cloud.

Database The database that contains the necessary information for the connection to

your Azure subscriptions and your Virtual Machine Manager service(s).

PowerShell Module The App Controller PowerShell Module provides administrators with the ability

to automate App Controller administration.

System Center Virtual Machine Manager

System Center Virtual Machine Manager is the component that provides you with virtual machine management

AND service deployment. This component comes with support for multi-hypervisor environments and is the

system that allows you to define, create and manage your private cloud environment(s).

11


VMM Management Server The computer on which the Virtual Machine Manager service runs and which

processes commands and controls communications with the VMM database,

the library server, and virtual machine hosts.

VMM Console The Virtual Machine Manager Console is the graphical user interface to your

VMM environment.

VMM Self-Service Portal A website used to deploy and request virtual machines.

VMM Database The VMM database stores all the Virtual Machine Manager configuration and

information regarding the hosts and virtual guests.

VMM Library Server The VMM Library Server is a catalog of resources containing all the ISO files,

virtual hard disks, templates and profiles used to deploy virtual machines and

services.

System Center Operations Manager

System Center Operations Manager provides you with deep application diagnostics and infrastructure monitoring

of your private cloud components. It can offer you a thorough overview of the performance and availability of

applications deployed in your datacenter, private or public cloud.


Management Server The Operations Manager Management Server is the focal point for

administering the management group and communicating with the database.

When you open the Operations console and connect to a management group,

you connect to a management server for that management group. Depending

on the size of your computing environment, a management group can contain

a single management server or multiple management servers.

Operations Console The Operations Manager is the graphical user interface that will give you the

single pane of glass monitoring of your private cloud.

Operations Manager Database The OpsMgr database is where all the collected data like performance & event

data, alerts etc. are stored.

Operations Manager Data

Warehouse

The OpsMgr data warehouse is used for long term reporting.

Operations Manager Web

Console

The OpsMgr web console provides a browser-based alternative to the OpsMgr

console.

Operations Manager Advisor Browser-based console to provide deep insight in your .Net applications

Gateway Server A gateway server is used to monitor untrusted environments like a DMZ

Audit Collection Server ACS is used for collecting and auditing security events.

System Center Service Manager

Service Manager provides an integrated platform for automating and adapting your organization’s IT service

management best practices, such as those found in Microsoft Operations Framework (MOF) and Information

Technology Infrastructure Library (ITIL). It provides built-in processes for incident and problem resolution, change-

control, and release management.

12


Management Server Contains the main software part of a Service Manager installation. You can use

the Service Manager management server to manage incidents, changes, users,

and tasks.

Database The database that contains Service Manager configuration items (CI) from the

IT Enterprise; work items, such as incidents, change requests, and the

configuration for the product itself. This is the Service Manager

implementation of a Configuration Management Database (CMDB).

Data warehouse management

server

The computer that hosts the server piece of the data warehouse.

Data warehouse databases Databases that provide long-term storage of the business data that Service

Manager generates. These databases are also used for reporting.

Service Manager console The user interface (UI) piece that is used by both the help desk analyst and the

help desk administrator to perform Service Manager functions, such as

incidents, changes, and tasks. This part is installed automatically when you

deploy a Service Manager management server. In addition, you can manually

install the Service Manager console as a stand-alone part on a computer.

Self-Service Portal A web-based interface into Service Manager.

System Center Data Protection Manager

Data Protection Manager (DPM) enables disk-based and tape-based data protection and recovery for servers such

as SQL Server, Exchange Server, SharePoint, virtual servers, file servers, and support for Windows desktops and

laptops. DPM can also centrally manage system state and Bare Metal Recovery (BMR) which will allow us to

protect the servers that contain our virtualized infrastructure.


DPM server The DPM server contains the program files of the Data Protection Manager

installation. This server will be responsible for all the protection and recovery

jobs

Database The DPM database will contain all the information of your Data Protection

Manager environment. All protection group information, agent information,

recovery points and so on are stored here.

Central Console Operations Management is used as the platform for the central console and is

used to manage your SCDPM server (or multiple DPM servers)

Storage Pool The Storage Pool contains your storage that will be used to take disk-to-disk

backups

Summary

In this first chapter, you reviewed the components that are needed to deploy a private cloud. Now you know all

the building blocks to start with your evaluation of the private cloud.

You can download Windows Server 2008 R2 SP1 from http://technet.microsoft.com/en-

us/evalcenter/dd459137.aspx and download the System Center components from

http://technet.microsoft.com/en-us/evalcenter/hh505660.aspx?ocid=otc-f-corp-jtc-DPR&wt.mc_id=TEC_103_1_33

In the next chapter we will explain how to construct and design a new private cloud.

http://technet.microsoft.com/en-us/evalcenter/dd459137.aspxhttp://technet.microsoft.com/en-us/evalcenter/dd459137.aspxhttp://technet.microsoft.com/en-us/evalcenter/hh505660.aspx?ocid=otc-f-corp-jtc-DPR&wt.mc_id=TEC_103_1_33

13

Chapter 2: The Private Cloud Evaluation Guide

Scenario & Architectural Overview

Overview

Evaluating a private cloud can be a time-consuming and difficult task. How do you start? What kind of hardware

do you need? Which scenarios do you want to test?

With this Private Cloud Evaluation Guide, you can test and try all the components of System Center 2012 in

combination with Hyper-V. With this guide you will learn how to build a private cloud and explore how the

combinations of the components of System Center 2012 allow you to manage your application from start to

finish. After all, in this new era of cloud computing, it’s all about the app.

Our Scenario and End-Goal

Throughout the evaluation guide, we will work with a specific scenario, users and a well-defined goal. To do this,

we have designed the evaluation guide after a fictitious company, Contoso and their employees. At the end of

each chapter, we will summarize the outcomes

Contoso.com

Here is background information about the Contoso Ltd., including details about the nature of their business

operations, size and location, etc.

Contoso, Ltd. is a global manufacturing and shipping company, dealing primarily with building materials.

Customers are large retail home improvement chains

Contoso maintains 75 locations in 10 countries on 3 continents

o 2,000 servers, 700 of which are physical servers and 1,250 which are virtual servers hosted with

Windows 2008 R2 Hyper-V

o 12,000 employees total, with an IT department of about 150 people.

o Three data centers (Seattle, Tokyo and Brussels)

o Separate management reporting structures exist on each continent

14

Jeff, the Datacenter Admin

Jeff is a datacenter administrator within Contoso. His major concerns are keeping the

infrastructure up and running, and accommodating all the requests from his application

owners. The major challenges that Jeff has are:

Managing change is difficult due to lack of well-defined procedures provisioning

and managing services and related infrastructure

Service requests and incidents are currently managed in a third party ticketing

system. However, problem correlation is difficult due to lack of a comprehensive

CDMB to track IT assets

Availability of key revenue-generating services is suffering due to recurring

incidents that currently require manual intervention

2-4 week delays in service and resource provisioning have resulted in tension

between IT and other business units

Lack of visibility into virtual and physical datacenter resources has resulted in

widespread performance problems in LOB applications

Emily, the Application Owner

Emily is an Application owner. She is responsible for her line of business application that

needs to be deployed. Emily’s biggest challenges are:

Keeping the different versions up-to-date (production, test environment,

acceptance…)

Being able to deploy the application rapidly

Getting the needed resources from IT quickly

Ensuring that engineering and IT work together well

Get applications to market faster

Other Persona

Jack: VP of Marketing – Application (Lob) Owner

“The Board:” CxOs (CEO or CIO)

Contoso Engineering Group: Application Development

Mike: Team Member of Emily’s group

The End-Goal: Its’ All about the Application

15

“The Board” of Contoso has asked a consultancy firm to investigate the pain points of IT within the company and

to provide advice on a possible solution. The consultancy company has investigated both the issues with the IT

group as the users of IT. The key pain points are server sprawl and virtual server sprawl. Users are looking at

purchasing IT services outside the IT department in the cloud and are convinced that they can get it cheaper

elsewhere.

The results showed that there are many concerns about compliance and security. The complexity of the

infrastructure is also becoming extremely difficult to manage.

Based on these results, “the Board” of Contoso has given the datacenter admin a challenge. Jeff needs to build a

private cloud so that Emily has the ability to manage the applications she is responsible for. Emily and Jack should

be able to deploy their application rapidly into production and scale whenever the need should arise. The

application should also be monitored as a whole and should have the ability to upgrade to a new version without

or with minimal interruption. Emily and Jack should also have self-service capabilities and a user interface where

they can see their environments.

16

Figure 1: Management Components

In Figure 1: Management Components, you see an overview of what we are going to build with the components of

System Center 2012. In the picture, you can see 3 main categories:

Application Management is all about deploying and operating business applications.

Service Delivery and Automation involves standardizing and automating service and resource

provisioning, managing change and access controls, etc.

Infrastructure Management is needed to be able to deploy and operate the entire underlying

infrastructure on which our business applications and services run.

The Scenario

Throughout the different chapters of this Private Cloud Evaluation Guide we will work towards the specific

demands of the business. After running through the different chapters, you will have a private cloud with an

application in it that can be monitored, automated, deployed and managed as a service and self-service

possibilities. In this first part of the Evaluation Guide, Jeff is going to get all the components installed and then

prepare everything for the private cloud. In the last chapter, Jeff will deploy his first cloud. In the second part of

the Evaluation Guide, which will be released on a later date, Jeff will continue his work and configure automation,

backup and so on for the application so Emily can easily deploy the application and be confident Jeff can meet the

agreed-upon SLA.

Architectural Overview

Here is the overview of what hardware we are going to use for our private cloud evaluation. This can be different

from your environment but this is the minimum required to evaluate the private cloud.

17

Following servers are used:

Name Function CPU Memory Disk IP

Hyperv02 Hyper-v host 4 24 GB 1 TB 192.168.1.2

Orchestrator Orchestrator +

Unified Installer

server

2 vCPU 2 GB 40 GB 192.168.1.3

VMM Virtual Machine

manager server

2 vCPU 2 GB 80 GB 192.168.1.4

AppController App Controller

server

2 vCPU 2 GB 40 GB 192.168.1.5

OpsMgr Operations

Manager Server

2 vCPU 2 GB 40 GB 192.168.1.6

Hyperv02

Orchestrator VMM AppController OpsMgr

ServiceMgr ServiceMgrDW DPM

Virtual - Virtual Network

AD

Hyper-V Host

Operations ManagerSQL Server 2008 R2

AppControllerSQL Server 2008 R2

Virtual Machine Manager

SQL Server 2008 R2

OrchestratorSQL Server 2008 R2

Service ManagerSQL Server 2008 R2

Service Manager Data Warehouse

SQL Server 2008 R2

Data Protection Manager

SQL Server 2008 R2Domain Controller

18

ServiceMgr Service Manager

server

2 vCPU 2 GB 40 GB 192.168.1.7

ServiceMgrDW Service Manager

Datawarehouse

2 vCPU 2 GB 40 GB 192.168.1.8

DPM Data Protection

Manager server

2 vCPU 2 GB 40 GB 192.168.1.9

AD Domain Controller 1 vCPU 512 MB 40 GB 192.168.1.10

Table 1: Server Information

When you are going to deploy the infrastructure and work through the different exercises, you can use your own

IP addresses and better hardware. If you work with different IP ranges, you need to take into account that for

some of the exercises, you will also need to change the ranges.

The two most important considerations for your private cloud management infrastructure regarding performance

will be:

Memory

Disk IO

If you want to change the specifications of the virtual machines, please read the Prerequisites in Chapter 3 to

verify that you meet the necessary requirements in advance.

What you need in advance

In this section we are going to discuss the environment required before you can continue with this evaluation

guide.

Hyper-V Host(s)

Depending on the architecture, you should have one or more Hyper-V hosts installed with Windows Server 2008

R2 SP1. You can download the evaluation version of Windows here: http://technet.microsoft.com/en-

us/evalcenter/dd459137

Your Active Directory should be prepared with a few users and groups (see below). For information on how to

install Active Directory, visit http://technet.microsoft.com/en-us/library/cc755103(v=ws.10).aspx

The Virtual Network

You need to prepare your Virtual Network so that the virtual machines can communicate with the hosts and with

the other virtual machines. In a production environment, you will be working with different vlan’s, but for this

guide we worked with a single network adapter, configured with the following parameters:

Parameter Value

Name Virtual – Virtual Network

Notes Microsoft Virtual Switch

Connection Type External (to your network adapter)

Allow management operating system to share this

network adapter

Checked

file:///C:/Users/v-anmarv/Documents/SCPM/April%2017th%20GA/Chapter%201-6%202012_04_12_2033.docx%23Prerequisiteshttp://technet.microsoft.com/en-us/evalcenter/dd459137http://technet.microsoft.com/en-us/evalcenter/dd459137http://technet.microsoft.com/en-us/library/cc755103(v=ws.10).aspx

19

Virtual Servers

The servers in Table 1: Server Information should already be deployed and joined to the domain. Follow this

procedure to deploy a virtual machine on Hyper-V:

Creating Virtual Server

1. Open Hyper-V Manager

20

2. In the Actions pane, select New > Virtual Machine

3. In the Before You Begin screen, select Next

4. In the Specify Name and Location screen, fill in the Name of the virtual machine and the Location

where you want to store the files. Then select Next

5. In the Assign Memory screen, fill in the amount of memory allocated for this Virtual Machine. Note that

the amount should be at least 2048 MB for the unified installer requirements (see chapter 3), the

21

Domain Controller can be 512 MB and then select Next

6. In the Configure Networking screen, select your virtual network that you have created and select Next

7. In the Connect Virtual Hard Disk screen, fill in the size for your VHD, specify the location and name of

your VHD and select Next

22

8. In the Installation Options screen, select how you want to install the Operations System. In our case,

since we downloaded the ISO from the evaluation center, we choose the ISO and then select Next

9. In the Completing the New Virtual Machine Wizard screen review your settings and select Finish to

create the machine

23

Installing and Configuring the OS

You can find all the required steps to install the OS in Appendix.

Configure and Join Domain

1. In the Initial Configuration Tasks window, select Configure Networking

2. In the Network Connections window, right-click on the Local Area Connection Network icon and select

Properties

file:///C:/Users/v-anmarv/Documents/SCPM/April%2017th%20GA/Chapter%201-6%202012_04_12_2033.docx%23Appendix

24

Select Internet Protocol Version 4 (TCP/IPv4) and find all the required steps to install the OS in Appendix.

3. Properties

4. Fill in the appropriate network information. Note that this information can be different in your

environment. Select OK

file:///C:/Users/v-anmarv/Documents/SCPM/April%2017th%20GA/Chapter%201-6%202012_04_12_2033.docx%23Appendix

25

5. Select Close and Close the network connections window

6. On the Initial Configuration tasks window select Provide computer name and domain

7. On the System Properties window, select Change

26

8. Fill in the Computer name and Domain and select OK

9. On the Windows Security window, fill in the name and password of the user that has permissions to join

this server to the domain and select OK

10. Select OK when you get the Welcome message

27

11. Select OK when you get the restart notification

12. Select Close in the System Properties window

13. Select Restart now to finish the process and to restart the server

Repeat the procedures for all servers.

Group Policies

To make the evaluation easier, we’ve created a Group Policy on domain level to enable and disable a few settings.

By default Jeff disabled all Windows Firewalls on the server machines and enabled remote desktop for easy access.

It is not necessary to disable Windows Firewall and you can review the requirements for Windows Firewall on the

different TechNet pages for the components. Jeff knows that he will need to configure the Windows Firewall in

production, but since this is an evaluation, he wants to deploy the systems fast and get quickly results.

Passwords

All passwords in this evaluation guide are the same. For every account, we are using the password: “P@ssw0rd”

(with the 0 being zero)

Users

In Active Directory, we are going to create a few users.

http://technet.microsoft.com/en-us/library/cc507089.aspx

28

1. Open Active Directory Users and Computers

2. Create an OU by right-clicking on Contoso.com (or the root of your domain) and choose New >

Organizational Unit

3. Name the OU PrivateCloudUsers or choose another name and select OK

29

4. On the newly created OU right click and choose New > User

5. Fill in the New Object window with the following parameters and then select Next

Parameter Value

First name Jeff

Full name Jeff

User Logon name Jeff

6. Fill in the Password and select Password never expires and select Next and Finish to create the user

30

7. Repeat steps 4 to 6 for the following users with the following parameters

Parameter Value

First name Emily

Full name Emily

User Logon name Emily

Parameter Value

First name Mike

Full name Mike

User Logon name Mike

Parameter Value

First name Jack

Full name Jack

User Logon name Jack

8. Right-click on the newly created user and select Properties

9. Change the properties for the two users according to the following parameters

User Parameter Value

Jeff Description DataCenter Administrator

Emily Description Application Owner

Jeff Member off Add Domain Admins

31

Security Groups

We also need some security groups for this evaluation. Build the following security groups:

Parameter Value

Name ProductionEmilyCloud

Type Global Security

Members Emily

32

Hardware and other possibilities

It is not necessary to run the private cloud evaluation on the same hardware or the same setup as described

above. You can work with multiple Hyper-V hosts and/or split-off the domain controller role to another server.

You can also separate the Orchestrator and Unified Installer role on different machines. With this evaluation guide

we tried to deploy the private cloud with a minimum amount of hardware.

Please note that the configuration found above is the absolute minimum to follow the scenario in this evaluation

guide.

The biggest blockers for evaluating the private cloud will be (in this order):

Memory

Disk IO

We advise at least 24 GB but 32+ GB is preferable.

Disk IO is the second biggest blocker for the evaluation. In total, you would need at least 500 – 600 GB of hard

disk space. SSD Disk (or better hardware) is strongly recommended. Running the private cloud on lower Disk IO

components may cause a lot of performance issues as previously discussed.

Summary

In this chapter Jeff has prepared the infrastructure necessary to start with the evaluation of the private cloud by

using the System Center Unified Installer (Chapter 3). In production environments, this will probably be done

differently and you may have other deployed systems / procedures in place. Now that we have a base

infrastructure in place, we can continue on to Chapter 3 and start the installation of the components.

33

Chapter 3: Installing the Private Cloud through the

Unified Installer

Overview

To help in getting started with a private cloud, Microsoft has created the System Center Unified Installer for

evaluation and proof of concept purposes. The Unified Installer automates much of the installation process for the

System Center 2012 components. The installation scripts deploy the System Center components and are

designed for either a lab or proof of concept. In this chapter, we will use the Unified Installer to install our

environment.

In this chapter, Jeff is going to use the Unified Installer to install all of the components of System Center 2012,

back-end database engines and prerequisites.

Before you Begin

Please take the time to read through the important notes and prerequisites before using the Unified Installer.

Important Notes

The documentation and workarounds for the known issues listed below can be found in the Unified Installer

Release Notes: http://technet.microsoft.com/en-us/library/hh751278.aspx

A "Logon Failure" Message is displayed when accessing SCUI.EXE using non-local domain credentials

"This program might not have installed correctly" message might display when attempting to extract the

Unified Installer on a local drive when using Windows 7 SP1

DPM installation might fail

Preexisting installations of SQL Server might cause deployment to fail

Prerequisites

The latest prerequisites information can be found here: http://technet.microsoft.com/en-us/library/hh751268.aspx

Hardware (per target computer, Virtual or Physical):

a. CPU: Dual-core 2.1 gigahertz (GHz)

b. RAM: 2 gigabytes (GB) minimum, 4 GB recommended

c. Disk space: 10 GB of free space

Software

a. One of the following versions of Windows operating systems: 64-bit edition of Windows 7 Service

Pack 1 (SP1) or Windows Server 2008 R2 with (SP1)

b. Internet Information Services (IIS)

c. Microsoft .NET Framework 3.51

d. Windows PowerShell 2.0

e. You must use the same OS locale on both the installer computer (the computer where you run

the Unified Installer) and the target computer (the computer where you install a System Center

http://technet.microsoft.com/en-us/library/hh751278.aspxhttp://technet.microsoft.com/en-us/library/hh751268.aspx

34

2012 component)

.NET Framework 4.0 (http://go.microsoft.com/fwlink/p/?LinkID=232304)

Windows Automated Installation Kit 2.0 (http://go.microsoft.com/fwlink/p/?LinkID=224463)

Report Viewer 2008 SP1 Redistributable (http://go.microsoft.com/fwlink/p/?LinkID=234896)

Microsoft Report Viewer 2010 Redistributable Package (http://go.microsoft.com/fwlink/?LinkId=234118)

Trial Version of SQL Server 2008 R2 (http://go.microsoft.com/fwlink/?LinkId=239628)

SP1 for SQL Server 2008 R2 (http://go.microsoft.com/fwlink/p/?LinkID=235126)

Cumulative Update Package 4 for SQL Server 2008 R2 (http://go.microsoft.com/fwlink/?LinkId=238411)

SQL Server 2008 R2 Native Client

a. x86 package: (http://go.microsoft.com/fwlink/?LinkID=188400)

b. x64 package: (http://go.microsoft.com/fwlink/?LinkID=188401)

c. IA-64 package: (http://go.microsoft.com/fwlink/?LinkID=188402)

Microsoft SQL Server 2008 R2 Command Line Utilities

a. x86 package: (http://go.microsoft.com/fwlink/?LinkID=188429)

b. x64 package: (http://go.microsoft.com/fwlink/?LinkID=188430)

c. IA-64 package: (http://go.microsoft.com/fwlink/?LinkID=188431)

Microsoft Analysis Management Objects

a. x86 package: (http://go.microsoft.com/fwlink/p/?LinkID=218847)

b. x64 package: (http://go.microsoft.com/fwlink/p/?LinkID=218910)

c. IA-64 package: (http://go.microsoft.com/fwlink/p/?LinkID=218912)

Creating the Installer Computer

The Installer Computer is the computer where you will run the Unified Installer. The Unified Installer can be run on

a Windows Server 2008 R2 SP1 or a Windows 7 SP1. In our scenario, to save on resources, we are going to run the

Unified Installer on the same server that we are going to run System Center Orchestrator (Orchestrator). To be

able to run the Unified Installer, we need to prepare this machine in advance. We do this by changing the local

policy of that server. We can also do this by using a Group Policy but Jeff decides to follow the documentation on

TechNet and therefore changes the local policy.

http://go.microsoft.com/fwlink/p/?LinkID=232304http://go.microsoft.com/fwlink/p/?LinkID=224463http://go.microsoft.com/fwlink/p/?LinkID=234896http://go.microsoft.com/fwlink/?LinkId=234118http://go.microsoft.com/fwlink/?LinkId=239628http://go.microsoft.com/fwlink/p/?LinkID=235126http://go.microsoft.com/fwlink/?LinkId=238411http://go.microsoft.com/fwlink/?LinkID=188400http://go.microsoft.com/fwlink/?LinkID=188401http://go.microsoft.com/fwlink/?LinkID=188402http://go.microsoft.com/fwlink/?LinkID=188429http://go.microsoft.com/fwlink/?LinkID=188430http://go.microsoft.com/fwlink/?LinkID=188431http://go.microsoft.com/fwlink/p/?LinkID=218847http://go.microsoft.com/fwlink/p/?LinkID=218910http://go.microsoft.com/fwlink/p/?LinkID=218912

35

1. Open a blank MMC (Click Start > Run, type MMC and select OK)

2. Add the Group Policy Object (File > Add/Remove Snap-in, choose Group Policy Object, select Add)

3. In the Select Group Policy Object dialog box, select Finish

4. In the Add or Remove Snap-ins window, select OK

36

5. In the Console1 window, browse to Credential Delegation. (Console Root, expand Local Computer

Policy > Computer Configuration > Administrative Templates > System > Credential Delegation)

6. Open Allow Delegating Fresh Credentials in the Settings pane

7. In the Allow Delegating Fresh Credentials dialog box, do the following:

Enable the policy

In the Options area, click Show and enter WSMAN/* in the value field

37

Make sure that Concatenate OS defaults with input above is selected, and then select OK

8. Open Allow Delegating Fresh Credentials with NTLM-only Server Authentication in the Settings

pane

9. In the Allow Delegating Fresh Credentials with NTLM-only Server Authentication dialog box, do the

following:

Enable the policy

In the Options area, click Show and enter WSMAN/* in the value field

Make sure that Concatenate OS defaults with input above is selected, and then select OK

10. In the Console1 window, browse to WinRm Client. (Console Root, expand Local Computer Policy >

Computer Configuration > Administrative Templates > Windows Components > Windows Remote

Management (WRM) > WinRM Client)

11. Open Allow CredSSP authentication in the Settings pane

38

12. In the Allow CredSSP authentication dialog box, click Enabled, and then select OK

13. Open Trusted Hosts in the Settings pane

14. In the Trusted Hosts dialog box, select Enabled

15. In the Options area, in TrustedHostsList, type *, and then select OK

16. Close the Local Group Policy Editor.

39

Preparing the Target Computers

To prepare the Target Computers, you can either change the local policy on each target computer or create a

group policy object for those servers. We created a new OU in Active Directory and placed all the target

computers in that OU.

On that OU, we created a GPO with the following parameters

Location Parameter Value

Computer Configuration / Administrative

Templates / Windows Components /

Windows Remote Management (WinRM)

/ WinRM Service

Allow automatic configuration of listeners Enabled

IPv4 filter: *

IPv6 filter: *



Windows Remote Management (WinRM)

/ WinRM Service

Allow CredSSP authentication Enabled



Windows Remote Shell

Allow Remote Shell Access Enabled

40



Windows Remote Shell

Specify maximum amount of memory in

MB per Shell

2048

The GPO report will look like this:

Preparing the Prerequisites and Source Files

Before you start with the installation, you need to prepare the source files and prerequisites. After downloading

the evaluation versions of System Center 2012 you will need to extract some of these installers and you also need

to download all the prerequisite files and place them on a share.

Create a share on the installer computer with all the prerequisites and install media as shown below:

http://technet.microsoft.com/en-us/evalcenter/hh505660.aspx?ocid=otc-f-corp-jtc-DPR&wt.mc_id=TEC_103_1_33

41

All of the components and prerequisites need to be extracted into separate folders in order for the Unified

Installer to work.

If the downloaded files come in ISO or .zip format, you will need to extract them. When you have bits that are one

or more .exe files, run a command prompt as an administrator and run the .exe with the –extract parameter with it.

Example: To extract AppController, run AppController.RTM.exe –extract

A new pop-up window will open asking you where you want to extract the files.

Installation of the System Center Components with the Unified

Installer

Now that Jeff has done all the preparations, he can start with the deployment of the components. Since Jeff

decided to run the Unified Installer on the same computer as the one where he is going to run Orchestrator, he

will start on that server.

1. Log on to the computer Orchestrator by using the Domain Administrator account

If you want to use another account than the administrator account, you need to take into account that that

user has administrative credentials on both the Installer computer and the Target Computers

2. On the Unified Installer installation media, right-click setup.exe, and then select Run as administrator to

open the System Center 2012 Wizard

42

If .NET 3.5 is not installed, you will receive the following notification and it will be installed automatically.

3. If you receive the following notification, select Yes to continue

4. On the System Center 2012 page, select Install System Center

5. On the System Center Unified Installer window, select OK to continue

43

6. On the Product Registration page, read the Microsoft Software License Terms, and accept by

selecting, I have read, understood, and agree with the terms of the license agreement. Since we are

doing an evaluation, Jeff also select Install as an evaluation edition and then select Next

44

7. On the Component Selection page, select the System Center 2012 components to install. In our

evaluation, Jeff is going to install Orchestrator, Virtual Machine Manager, App Controller, Operations

Manager, Service Manager and Data Protection Manager and then select Next

8. On the Component Media Location page, select Browse or type the folder where you stored the

installation media. In our case, the source files are located on a share on the hyperv02 server and then

select Next

45

Specifying a mapped drive for installation files is not supported. You must specify location by universal

naming convention (UNC) or by copying the installation files to a local hard disk drive.

9. On the Prerequisite License Terms page, select I accept these License Terms for the prerequisites that

you will be using, and then select Next. These are the prerequisites that you downloaded earlier and

placed into the different folders.

10. On the Perquisite Media Location page, select Browse or type the folder where you stored the

installation media and then click Next

46

11. On the Installation Destination Location page, accept the defaults, and then select Next

Due to constraints for the path name, the destination location for DPM cannot be changed.

12. On the Servers page, type the name of the server or servers that will host the System Center 2012

components, and then select Next

For this release, you must use a computer short name when you are specifying the computer that will host a

System Center 2012 component. Do not use a fully qualified domain name (FQDN) or an IP address when

you are defining a target computer. The computer names must be unique. You can install only one

component per computer.

47

13. On the Service Accounts page, in Installer Account, type the credentials for the account that will

perform the installation, and then select Next

You can change the installer account for the components. For the Installer Account, the Domain and

Account names cannot be changed. For the Service Manager Administrator Role Group, no password is

needed.

14. Depending on the components you select—for example, Operations Manager or Service Manager—you

might be presented with a Component Specific Questions page. If so, provide the requested information

48

(for example, the management group name), and then click Next

15. On the Communications and Updates page, indicate your preferences for the Customer Experience

Improvement Program, Error Reporting, and Microsoft Update, and then select Next

16. On the Installation Validation page, examine the settings, and then select Install

17. When installation is complete, select Next

49

The deployment progress bar times out after two hours. Some installations may exceed the default time-out

period. In these cases, your installation might still be running in the background. You can confirm that by

checking the local system installation logs.

18. On the Deployment Summary Report page, select Finish

Troubleshooting the Unified Installer If the installation of one of the components should go wrong, then you can find the log files at the following

locations:

Component Name Log Location

Orchestrator \Users\\AppData\Local\Microsoft System

Center 2012\Orchestrator\LOGS

VMM \programdata\vmmlogs

Operations Manager \Users\\AppData\Local\SCOM\Logs

App Controller \Users\\AppData\Local\AppController\Logs

DPM \Program Files\Microsoft System Center 2012\Data

Protection Manager\DPMLogs

System Center 2012 Configuration Manager \ConfigManagerSetup.log

Service Manager \Users\\AppData\Local\Temp\1

Unified Installer \Users\\AppData\Local\Microsoft System

Center 2012\Unified Installer\LOGS

Summary In this chapter, Jeff has installed all the System Center components through the use of the Unified Installer. Now

he has all the management tools he needs to continue with his private cloud evaluation. In the next chapter, Jeff

is going to connect the components together.

50

Chapter 4: Connecting the System Center

Components

Overview

One of the biggest strengths of System Center 2012 is its integrated approach to workflow, knowledge and data

management. System Center 2012 has connectors and integration packs that simplify communication between

the components that help to provide full life-cycle management of your applications and infrastructure. In this

chapter we will start with the overview of how to connect the components together.

Now that Jeff has installed all the components by using the Unified Installer, he is going to set up the connections

between the components. Because Jeff’s goal is to make sure that Emily’s application is monitored, deployed, and

upgradable, he needs to ensure that all of the components are working and communicating together. In this

chapter, we are going to create all these connections.

Bringing the System Center 2012 Components Together

When we look back at the model of interaction between Emily and Jeff, we see that the Orchestrator and Service

Manager components are located in the middle of the model. This is not a coincidence. Service Manager and

Orchestrator automate the workflows, the data management required to deliver self-service and efficiently deliver

the private cloud SLAs.

51

In this figure we see how the components work together. We will now describe the different connections and

then Jeff will configure them in his environment.

Orchestrator and the Integration Packs

Jeff knows that Orchestrator comes with an entire set of automation activities out of the box. But Orchestrator

can easily be extended by using integration packs. An integration pack is a combination of activities that can

extend the functionality of Orchestrator to provide more automation capabilities and integration into other third-

party applications. In this evaluation, Jeff is going to use the Integration Packs to System Center 2012.

Registering Integration Packs

Before we can use an integration pack in Orchestrator, we need to register it. Jeff is going to register four

integration packs.

1. Open the System Center 2012 Orchestrator Deployment Manager

52

2. Right-click on Integration Packs and choose Register IP with the Orchestrator Management Server…

3. On the Welcome to the Integration Pack Registration Wizard select Next

4. Select the Add button and browse to the location where you stored your Integration Packs

5. Select the System Center 2012 Virtual Machine Manager Integration Pack and the select Open

53

6. Repeat this process for the following integration packs:

System Center 2012 Data Protection Manager

System Center 2012 Operations Manager

System Center 2012 Service Manager

7. Select Next when you have added all the management packs

8. On the Completing the Integration Pack page, select Finish

54

9. Accept the End-User License Agreement by selecting Accept. You will have to do this four times (one

EULA per integration pack)

Deploying Integration Packs

Now that Jeff has registered the Integration Packs, he also needs to deploy them to each Runbook server and to

each server / workstation with a runbook designer that will use the integration packs. In our evaluation, Jeff is

going to deploy them on the Orchestrator server as this is the server that he is going to use for the evaluation.

1. Open the System Center 2012 Orchestrator Deployment Manager

55

2. Right-click on Integration Packs and choose Deploy IP to Runbook Server or Runbook Designer…

3. On the Welcome to the Integration Deployment Wizard select Next

4. On the Deploy Integration Packs or Hotfixes page select the four integration packs that we registered

and then select Next

System Center Integration Pack for System Center 2012 Data Protection Manager

System Center Integration Pack for System Center 2012 Virtual Machine Manager

System Center Integration Pack for System Center 2012 Service Manager

System Center Integration Pack for System Center 2012 Operations Manager

56

5. On the Computer Selection Details page, type in the name of the runbook server (in our case this is

Orchestrator) and select the Add button. Then select Next

6. On the Installation Configuration page, Jeff is going to choose to deploy the Integration Packs now.

This will stop all the running runbooks on that server. If that would be a problem, then Jeff could have

chosen to schedule the installation or to install the Integration Packs without stopping the runbooks and

restart the server afterwards.

7. On the Completing the Integration Pack Deployment page, select Finish

57

8. You can verify that the deployment is successful by looking at the Runbook Designers folder within the

Orchestrator Deployment Manager to see that the Integration Packs are there. You can do the same by

looking at the Runbook Servers and selecting Orchestrator to see if the Integration Packs are shown.

Configuring the System Center 2012 Virtual Machine Manager Integration Pack

Before Jeff can actually use the Integration Packs, he needs to configure them so that they have a connection to

the correct server(s) and that they have a username and password to connect to these servers. In the next steps,

Jeff is going to configure the four integration packs that he just registered and deployed.

Before Jeff can configure an integration pack, he needs to make sure that the prerequisites are OK. In the

documentation on TechNet, he finds all the information that he needs:

http://technet.microsoft.com/en-us/library/hh295851.aspx

To configure the System Center 2012 Virtual Machine Manager Integration Pack, Jeff needs to have the

following prerequisites:

System Center 2012 – Orchestrator

System Center 2012 – Virtual Machine Manager (VMM)

Windows Management Framework (Windows PowerShell 2.0 and WinRM 2.0)

Jeff has deployed the Orchestrator server and the VMM server in Chapter 3. The Orchestrator server is

configured on Windows Server 2008 R2 SP1 so the Windows Management Framework is also covered. Last but

not least, Jeff needs to change the execution policy of PowerShell. The execution policy in Windows PowerShell

determines which scripts must be digitally signed before they will run. By default, the execution policy is set to

Restricted which prohibits loading any configuration files or running any scripts.

1. Right Click on the PowerShell icon and choose Run As Administrator

http://technet.microsoft.com/en-us/library/hh295851.aspx

58

2. In the PowerShell window, type set-executionpolicy remotesigned and select Enter

3. Type Y when asked

4. Jeff is now ready to connect the Integration Pack to the Virtual Machine Manager server. Open System

Center 2012 Orchestrator Runbook Designer

59

5. On the menu bar, select Options and select SC 2012 Virtual Machine Manager

6. On the Prerequisite Configuration page, select Add…

7. On the Add Configuration page, type in the Name (VMM Connection) and click on the … button to add

the Type (System Center Virtual Machine Manager). Then fill in the following properties and then select

OK

VMM Administrator Console: vmm.contoso.com

VMM Server: vmm.contoso.com

User: administrator

Domain: contoso

60

Password: **********

Authentication Type (Remote only): Default

Port (Remote only): 5985

Use SSL (Remote only): False

Cache Session Timeout (Min.): 10

8. Select Finish

Jeff has now configured the Integration Pack to connect to Virtual Machine Manager in his environment.

Configuring the System Center 2012 Service Manager Integration Pack

Jeff continues by configuring the System Center 2012 Service Manager Integration Pack. Just as before, he

reads the prerequisites first:

System Center 2012 – Orchestrator

System Center 2012 – Service Manager

The Service Manager IP is supported for use only on computers set to use:

61

o The ENU Locale

o The U.S. English date format (month/day/year)

Jeff doesn’t need to do anything special to configure this Integration Pack so he can go directly to System

Center 2012 Orchestrator Runbook Designer

1. Open System Center 2012 Orchestrator Runbook Designer

2. On the menu bar, select Options and select SC 2012 Service Manager

3. On the Connections page, select Add…

62

4. Fill in the following information, then select the Test Connection button

Name: Service Manage Connection

Server: servicemgr.contoso.com

Domain: contoso

User name: administrator

Password: ******

Polling: 10

Reconnect: 10

5. When the window Test connection succeeded appears, select OK and then OK again

6. Select Finish

63

Configuring the System Center 2012 Operations Manager Integration Pack

The next integration pack that needs to be configured is System Center 2012 Operations Manager.

Jeff looks again on the TechNet Page and notices that he needs the following prerequisites:

System Center 2012 - Orchestrator

System Center 2012 – Operations Manager

Operations Manager console on each computer where an Orchestrator Runbook server or Runbook

Designer is installed. Orchestrator will use the Operations Manager console to interact with Operations

Manager.

Before configuring the Integration Pack, Jeff installs the Operations Manager console on the Orchestrator

server. The procedure for this can be found in the Appendix.

Jeff is now ready to connect the Integration Pack to the Operations Manager server.


2. On the menu bar, select Options and select SC 2012 Operations Manager

3. On the Microsoft System Center Operations Manager Connections page, select Add…

64

4. On the System Center Operations Manager Connection Settings page, fill in the following information

and select Test Connection

• Name: OpsMgr.contoso.com

• Domain: contoso

• User name: administrator

• Password: *******

5. When the Connection successful dialog box appears, select OK twice

6. Select Finish

65

Configuring the System Center 2012 Data Protection Manager Integration Pack

The last integration pack that Jeff wants to deploy is the Data Protection Manager integration pack. As usual, he

checks the prerequisites:

System Center 2012 - Orchestrator

System Center 2012 – Data Protection Manager (DPM)

Windows Management Framework

All the prerequisites are OK. The integration pack also requires that the execution policy of PowerShell is set to

Remote Signed but we already did that when we configured the Virtual Machine Manager integration pack.

The System Center Data Protection Manager Integration Pack requires that the PowerShell remoting is

enabled. This integration pack uses Windows PowerShell remote commands to communicate with the DPM

server, regardless of whether the server is remote or local. If you have not already done so, you must configure the

DPM server and the Orchestrator client computer to receive Windows PowerShell remote commands that are sent

by the Orchestrator server.

To enable PS Remoting:

1. On the DPM server

2. Open a Windows PowerShell (x86) console as an administrator.

3. Type Enable-PSRemoting and select Enter

66

4. Select Y when asked to continue

5. Select Y again when asked to perform this action

Jeff can now configure the Data Protection Manager integration pack.


2. On the menu bar, select Options and select SC 2012 Data Protection Manager

67

3. On the Prerequisite Configuration page, select Add…

4. Fill in the following configuration and then select OK

DPM Administrator Console: DPM.Contoso.com

DPM Server: DPM.Contoso.com

User: administrator

Domain: Contoso

Password: ******

Authentication Type: Default

Port: 5985

Use SSL: false

Cache Session Timeout: 10

68

5. Select Finish

Additional Exercise – Install Active Directory Integration Pack

If want to perform the remaining exercises in this Private Cloud Evaluation Guide, you’ll first need to install

the Active Directory Integration Pack, otherwise this exercise is optional.

1. Download the Active Directory Integration Pack:

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=28020

2. Register the integration pack

3. Deploy the integration pack

4. Configure the integration pack with the information below:

Name: Active Directory Connection

Type: Microsoft Active Directory Domain Configuration

Configuration User Name: administrator

Configuration Password: ******

Configuration Domain Controller Name: contoso.com

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=28020

69

Service Manager and the Connectors

Jeff has created the connections in System Center 2012 Orchestrator. Now he needs to configure the

Connectors in System Center 2012 Service Manager. Connectors in Service Manager are used to build the

configuration management database, CMDB. The CMDB is created and maintained by importing configuration

items (CI’s) from Active Directory Domain Services, Operations Manager, Virtual Machine manager, and

Configuration Manager There is also a connector that allows you to automatically import alerts from Operations

Manager and you can import data manually as well from a CSV file. By having an accurate and easily maintained

CMDB, Jeff can accurately create the organizational processes and automated responses required to maintain his

private cloud SLAs.

For creating the connectors in Service Manager, Jeff logs on to the Service Manager server as a Domain

Administrator

The Active Directory Connector

The Active Directory Connector will import users, groups, printers and computers as configuration items into the

Service Manager CMDB database. Those objects then can be used as objects in incidents, requests and so on.

Jeff is going to configure this connector.

1. In the Service Manager console, under Administration, click on Connectors

I

2. In the Tasks pane, on the right, select the Create connector button

70

3. Choose Active Directory connector

4. On the Before you begin page, select Next

5. On the General page, type in the following parameters and select Next

Name: Active Directory Connector

Description: Connector for Active Directory

Enable this connector: checked

71

6. On the Domain or organizational unit page, select the domain then select New… to create a specific

account for this connection or choose an already created account. In this case, we are going to create a

new one.

7. On the Run As Account page, fill in the following parameters; after that, when back on the Domain/OU

page test the connection and select Next

Name: Active Directory Account

Description: Account to connect to Active Directory

Account: Windows Account

User name: administrator

Password: ******

72

Domain: Contoso

8. On the Select objects screen, select All computers, printers, users and user groups and select Next

9. On the Confirm connector settings screen, review your settings and select Create to create the

connector

73

10. On the Completion screen, select Close

The Operations Manager Alert Connector

The next connector that Jeff wants to connect is the Operations Manager Alert Connector. This connector is

responsible for checking on a defined schedule if there are new Operations Manager Alerts. These alerts are

then matched against the rule(s) that Jeff will create. The connector can also be configured to work bi-

directionally. If an analyst closes an incident that has been created through this connector, the Alert will be closed

in Operations Manager and vice versa.

74



3. Choose Operations Alert connector


75

5. On the General page, type in the following parameters and select Next

Name: Operations Manager Alert Connector for Critical Only Alerts

Description: This is a Connector to connect OpsMgr with Service Mgr for all critical alerts

Enable: checked

6. On the Server Details screen, type in the following configuration and select Next

Server name: opsmgr.contoso.com

Run As Account: create a new account with the name Operations Manager Account (see

procedure above).

76

7. On the Alert Routing Rules screen, select the Add button to create a new Alert Routing rule

8. On the Add Alert Routing Rule screen, add the following parameters and then select Next

Name: All Critical Alerts

Template: Operations Manager Incident Templates

Criteria: Severity: Critical

77

9. Back on the Alert Routing Rules screen, select Next

10. On the Create a schedule page, select the frequency that Service Manager uses to poll Operations

Manager and choose whether to auto close the incidents in Operations Manager when they are resolved

or closed in Service Manager and whether to resolve the incidents in Service Manager when the alerts are

closed in Operations Manager. In our scenario, we are going to select both because we want to auto-

resolve incidents in Service Manager when they are closed in Operations Manager and when the service

desk resolves an alert, it should close the alert in Operations Manager when this alert is not an alert the

system can resolve automatically. Select Next

78

11. On the Confirm the connector settings screen, review your selections and select Create

12. Select Close when the connector is created successfully

79

The Operations Manager CI Connector

The Operations Manager Configuration Item connector imports objects into Service Manager that are discovered

by Operations Manager.



80

3. Choose Operations Alert connector

4. In the Before you begin screen, select Next

5. On the General page, fill in the following details and then select Next

Name: Operations Manager CI Connector

Description: This is the connector to pull the CI information from Operations Manager

Enable: Checked

81

6. On the server details page, fill in the following details and then select Next

Server name: OpsMgr.contoso.com

Run As Account: Use the same Operations Manager Account as created before

7. On the Management Packs page, select the Select All checkbox and select Next

Jeff wants to make sure that the management packs that are imported in Operations Manager are also

imported in Service Manager

82

8. On the Schedule page, create a schedule that synchronizes this connector every day at 11.00 PM. Now

Jeff knows that changes (new discoveries and ‘deletions’) during the day will be synchronized in the

evening. Select Next

9. On the Summary page, review your settings and select Create

83

10. On the Completion page, select Close

The Virtual Machine Manager Connector

Jeff continues with the Virtual Machine Manager connector. This connector will import objects, such as clouds,

templates, and virtual machines.


84

2. In the Tasks pane, select the Create connector button

3. Choose Virtual Machine Manager connector


85

5. On the General page, type in the following details and select Next

Name: Virtual Machine Manager Connector

Description: Connector used for Virtual Machine Manager

Enable this connector: Checked

6. On the Connection page, fill in the following details and select Next

Server Name: vmm.contoso.com

Run As Account: VMM Account (create one using the procedures noted above)

86



87

The Orchestrator Connector

The System Center Orchestrator Connector provides the capability to synchronously invoke runbooks from within

Service Manager through the use of workflows.


2. In the Tasks pane, select the Create connector button

88

3. Choose Orchestrator connector

4. On the Before you Begin page, select Next

5. In the General screen, enter the following parameters and select Next

Name: Orchestrator Connector

Description: Connector used for Orchestrator

Enable the connector: checked

89

6. On the Connection page, fill in the URL for the Orchestrator Web Service URL. This is

http://servername:port/Orchestrator2012/Orchestrator.svc so in our environment this is

http://orchestrator:81/Orchestrator2012/Orchestrator.svc. Add also a Run As Account with the name

Orchestrator Account as described earlier. Select the Test Connection and when this has succeeded,

select Next

7. On the Sync folder page, you can select which folders in Orchestrator that you want to import. If you

choose the \ folder as Jeff is going to do, then you will import all the runbooks from Orchestrator. Select

Next

http://servername:port/Orchestrator2012/Orchestrator.svchttp://orchestrator:81/Orchestrator2012/Orchestrator.svc

90

8. On the Web Console URL page, enter the IRL for the Web Console of Orchestrator. This is

http://orchestrator:82/ (or http://orchestratormanagementserver:port). Select Next


http://orchestrator:82/http://orchestratormanagementserver:port

91


Service Manager and the Data Warehouse

After you have deployed the service manager management servers and data warehouse management servers, you

need to set up reporting. To do this, you run the Data Warehouse Registration Wizard. This wizard registers the

service manager management group with the data warehouse management group. It also deploys management

packs from the service manager management server to the data warehouse management server.

This process can take several hours to complete. It is advised that you don’t turn off any services during this

period. You can work with Service Manager during this time without any problems.

92

Registering with the Data Warehouse

Jeff is not going to evaluate the reporting now but he sure will want to look into this in a later phase of the

evaluation. For now, he is going to register the Service Manager installation with the Data Warehouse

1. In the System Center 2012 Service Manager console, go to Administration

2. On the Administration Overview page, click on Register with Service Manager Data Warehouse

3. On the Before You Begin page, select Next

93

4. On the Data Warehouse page, type in the Server name ServiceMgrDW and select the Test Connection

button.

5. If the connection test succeeds, select Next

94

6. On the Credentials page, select the DW_ServiceManagerMG SecureReference Run As Account and

select Next

7. The system will request you to enter the Password for these credentials. Enter the password and select

OK

95

8. On the Summary page, review your selections and select Create

9. When the Report Deployment process popup appears, select OK


96

How to determine when the Data Warehouse registration is complete

Jeff knows that the synchronization process can take up to a few hours. In the meantime, he will continue with his

evaluation. During this time, he also would like to check on the status of the registration process.

Jeff can see if the initial synchronization process is finished by following this procedure:

1. In the System Center 2012 Service Manager console, go to Data Warehouse > Data Warehouse Jobs

2. In the Data Warehouse Jobs pane, double click MPSyncJob

97

3. On the MPSyncJob details page, go to Status and review the Job details list. The management pack

deployment process is complete when the status for all of the management packs is Associated or

Imported

4. After the management packs have been deployed (as determined in step 3), make sure that the following

five data warehouse jobs appear in the Data Warehouse Jobs pane:

Extract_

Extract_

Load.Common

Transform.Common

MPSyncJob

98

Virtual Machine Manager and Operations Manager

Connecting System Center 2012 Virtual Machine Manager with System Center 2012 Operations Manager allows

you to monitor the health and availability of the virtual machines and hosts that VMM manages. You can also

monitor the VMM Management server, the VMM database server, library servers, and VMM Self-Service Portal

web servers, and see diagram views of the virtualized environment through the Operations console in Operations

Manager. As services are deployed in Virtual Machine Manager, a corresponding Distributed Application will be

created in Operations Manager. Also, through the connections between Virtual Machine Manager and Operations

Manager, you can view reports on the health and utilization of your private cloud infrastructure.

Jeff wants to make sure that he has those views. Because Virtual Machine Manager will be crucial in his private

cloud, he needs to make sure that every component is healthy.

Before he can start connecting Virtual Machine Manager and Operations Manager he needs to verify some

prerequisites:

Credentials

o An account which is a member of the Operations Manager Administrators user role

o An account which is a member of the VMM Administrator user role

Management Packs

o SQL Server Core Library version 6.0.5000.0 or later

(http://www.microsoft.com/download/en/details.aspx?id=10631)

o Windows Server Internet Information Services Library version 6.0.5000.0 or later

o Windows Server Internet Information Services 2003 version 6.0.5000.0 or later

o Windows Server 2008 Internet Information Services 7 version 6.0.6539.0 or later

(http://www.microsoft.com/download/en/details.aspx?id=9815)

Operations Manager console installed on the VMM Server

Since this is an evaluation, he can use the administrator role for the credentials.

The procedure on how to import Management Packs can be found in the Appendix.

The procedure on how to install the Operations Manager console on the VMM Server can also found in the

Appendix.

Jeff performs these procedures first and then starts with the connecting procedure.

1. In the System Center Virtual Machine Manager console, go to Settings > System Center

http://www.microsoft.com/download/en/details.aspx?id=10631http://www.microsoft.com/download/en/details.aspx?id=9815

99

2. On the Settings pane, double click on Operations Manager Server

3. On the Introduction page, select Next

4. On the Connection to Operations Manager page, enter the following information and then select Next

100

Server name: OpsMgr

Use the VMM server service account: checked

Enable Performance and Resource Optimization (PRO): checked

Enable maintenance mode integration with Operations Manager: checked

5. On the Connection to VMM page, fill in the following data and select Next

User name: contoso\administrator

Password: ******

6. On the Summary page, review your settin