In this article with Server Management Tools Service from Azure is still in Preview, we will demonstrate on how to deploy an Azure Resource Manager network environment and an Azure Management Server (AZUMGTSVR01) in Azure to be the Server Management Tools Gateway server that will communicate with Server Management Tools Service from Microsoft Azure to get started with Server Management Tools. In order to demonstrate the functionalities of Server Management Tools, we will also deploy a Nano Server (NANOSERVER01) in Azure that will be managed by the Server Management Tools Service in Microsoft Azure to complete the demonstration.
As a proof of concept in managing any Windows Server or Nano Server hosted in a Public Cloud (Eg. Azure or maybe Amazon AWS) instead of On-Premise Datacenter, we will demonstrate how to deploy Server Management Tools Gateway in a Virtual Machine and manage those nodes located in the Public Cloud.
With that concept in mind and a high level diagram illustration below displaying on the possibilities of having Server Management Tools Gateway for On-Premise or Public Cloud environment tapping on Server Management Tools Service provided by Microsoft Azure, let us get started.
↑ Return to Top
In order to begin the deployment, we will requires the followings:
¹ Once you added a Server to be a Server Management Tools Gateway, you will generate a package link to obtain the package to be installed on that server.
² Server Management Tools Service from Microsoft Azure are only available in those listed locations and may be only available in other locations at a later phase.
In this section, we will start off with how to deploy an Azure Resource Manager Resource Group and Virtual Network for our public cloud environment in the respective Server Management Tools available location.
In this section, we will begin our journey in deploying a virtual machine to be the Server Management Tools Gateway and a virtual machine to be the headless Nano Server that will be managed by the Server Management Tools Service in Azure. Therefore, let's start by logging into Microsoft Azure using AzureRM PowerShell.
# Login to Azure using Azure PowerShell Cmdlet
Login-AzureRmAccount ;
# Select a Azure Subscription to use
Select-AzureRmSubscription `
-Subscriptionid "GUID of subscription" ;
In this section, we will create a Resource Group located in Central US where Server Management Tools Service is available.
# Create a new Azure Resource Manager Resource Group
New-AzureRmResourceGroup `
-Name "CNUS-ARM-DEV-ENV" `
-Location "Central US" `
-Tag @{Name="Department";Value="IT"}, `
@{Name="CostCentre";Value="Innovation"}, `
@{Name="Location";Value="Central US"}, `
@{Name="Function";Value="Development"} ;
Based on the Resource Group location that we previously created, we will create a Virtual Network located in Central US where Server Management Tools Service is available.
# Create a new Azure Resource Manager Virtual Network
New-AzureRmVirtualNetwork `
-ResourceGroupName "CNUS-ARM-DEV-ENV" `
-Name "CNUS-ARM-DEV-ENV-VN" `
-AddressPrefix "192.168.2.0/24" `
-Subnet (New-AzureRmVirtualNetworkSubnetConfig `
-Name "GatewaySubnet" `
-AddressPrefix "192.168.2.248/29"),
(New-AzureRmVirtualNetworkSubnetConfig `
-Name "Subnet-DEV-ENV" `
-AddressPrefix "192.168.2.0/25") `
Now that we have our Resource Group and Virtual Network created in Central US, we will request a Public IP Address for our Azure Management Server (AZUMGTSVR01) that will be the Server Management Tools Gateway server that will communicate with Server Management Tools Service in Azure.
# Request a new Azure Resource Manager Virtual Network
# Dynamic Public IP Address for AZUMGTSVR01
New-AzureRmPublicIpAddress `
-Name "CNUS-ARM-DEV-ENV-VN-PIP-AZUMGTSVR01" `
-AllocationMethod "Dynamic" `
# Create an Azure Resource Manager
# Virtual Machine configuration
$newVMConfigParams = @{
"VMName" = "AZUMGTSVR01" ;
"VMSize" = "Standard_A0" ;
} ;
$newAzureRmVMConfig = `
New-AzureRmVMConfig `
@newVMConfigParams ;
# Configure the Azure Resource Manager
# Virtual Machine operating system
$newAzureRmVMOperatingSystemParams = @{
"VM" = $newAzureRmVMConfig ;
"Windows" = $true ;
"ComputerName" = "azumgtsvr01" ;
"Credential" = ( `
Get-Credential `
-Message "Please input new local administrator username and password.") ;
"ProvisionVMAgent" = $true ;
"EnableAutoUpdate" = $true ;
$AzureVirtualMachine = `
Set-AzureRmVMOperatingSystem `
@newAzureRmVMOperatingSystemParams ;
# Obtain the Azure Resource Manager
# Virtual Machine image offer
$AzureRmVMImageOffer = `
Get-AzureRmVMImageOffer `
-PublisherName "MicrosoftWindowsServer" ;
# Virtual Machine source image
$newAzureRmVMSourceImageParams = @{
"PublisherName" = "MicrosoftWindowsServer" ;
"Version" = "latest" ;
"Skus" = "Windows-Server-Technical-Preview" ;
"VM" = $AzureVirtualMachine ;
"Offer" = $AzureRmVMImageOffer.Offer ;
Set-AzureRmVMSourceImage `
@newAzureRmVMSourceImageParams ;
# Virtual Machine network interface
$newAzureRmVMNetworkInterfaceParams = @{
"Name" = "CNUS-ARM-DEV-ENV-VMNI" ;
"ResourceGroupName" = "CNUS-ARM-DEV-ENV" ;
"Location" = "Central US" ;
"SubnetId" = (
(
Get-AzureRmVirtualNetwork `
).Subnets | `
Where-Object { $_.Name -eq "Subnet-DEV-ENV" }
).Id ;
"PublicIpAddressId" = (
Get-AzureRmPublicIpAddress `
-ResourceGroupName "CNUS-ARM-DEV-ENV"
"Tag" = @{Name="Department";Value="IT"}, `
$newAzureRmVMNetworkInterface = `
New-AzureRmNetworkInterface `
@newAzureRmVMNetworkInterfaceParams ;
# Add Azure Resource Manager
# to Azure Virtual Machine
Add-AzureRmVMNetworkInterface `
-VM $AzureVirtualMachine `
-Id $newAzureRmVMNetworkInterface.Id ;
# storage account for Virtual Machine
# VHD creation
$newAzureRmStorageAccountParams = @{
"Name" = "cnus8storage8account0001" ;
"Kind" = "Storage" ;
"Type" = "Standard_LRS" ;
$newAzureRmStorageAccount = `
New-AzureRmStorageAccount `
@newAzureRmStorageAccountParams ;
# Construct Azure Virtual Machine
# operating system VHD disk Uri
$newAzureRmOperatingSystemDiskUri = `
$newAzureRmStorageAccount.PrimaryEndpoints.Blob.ToString() + `
"vhds/" + `
$newAzureRmVMConfig.Name + `
"_OperatingSystem" + `
".vhd" ;
# Virtual Machine operating system disk
$newOperatingSystemDiskParams = @{
"Name" = "OperatingSystem" ;
"CreateOption" = "fromImage" ;
"VhdUri" = $newAzureRmOperatingSystemDiskUri ;
Set-AzureRmVMOSDisk `
@newOperatingSystemDiskParams ;
# Virtual Machine now
$newAzureRmVirtualMachineParams = @{
New-AzureRmVM `
@newAzureRmVirtualMachineParams ;
Before we start with Server Management Tools setup process, we need to have some servers to be in the environment that will be managed and therefore we will deploy a headless Nano Server into Azure.
# Dynamic Public IP Address
-Name "CNUS-ARM-DEV-ENV-VN-PIP-NANOSERVER01" `
"VMName" = "NANOSERVER01" ;
"ComputerName" = "nanoserver01" ;
"Name" = "CNUS-ARM-DEV-ENV-VMNI-nanoserver01" ;
# Get the Existing Azure Resource Manager
$ExistingAzureRmStorageAccount = `
Get-AzureRmStorageAccount `
-Name "cnus8storage8account0001" `
-ResourceGroupName "CNUS-ARM-DEV-ENV" ;
$ExistingAzureRmStorageAccount.PrimaryEndpoints.Blob.ToString() + `
With the Management Server and Nano Server deployed in Azure, we can start the Server Management Tools setup process by configuring the Management Server in Azure to be the Server Management Tools Gateway server.
# Create an AzureRm Server Management Gateway
New-AzureRmServerManagementGateway `
-GatewayName "CNUS-ARM-DEV-ENV-SMTG" `
-AutoUpgrade `
-Tags @{"Department"="IT"; `
"CostCentre"="Innovation" ; `
"Location"="Central US" ; `
"Function"="Development" } ;
Once you have executed New-AzureRmServerManagementGateway AzureRM PowerShell Command, you can validate the setup in the Azure Portal using your web browser and obtain the Server Management Tools Gateway package for the installation in the Management Server.
Once you have copied the URL, you will have to establish Remote Desktop Connection to the Management Server and download the package for installation. In the example below, we will launch PowerShell Console with Elevated Privileges to initiate the download, uncompress the package and start the Server Management Tools Gateway installation using PowerShell commands.
# Create a Temp folder
New-Item `
-Path "C:\Temp" `
-Type directory ;
# Download the Compressed Server Management
# Gateway Deployment Package
Invoke-WebRequest `
-Uri "<# Input copied Server Management Tools Gateway package URL #>"`
-OutFile "C:\Temp\gateway.cnus-arm-dev-env-smgt.zip" ;
# Extract Compressed Server Management
Add-Type -Assembly “System.IO.Compression.FileSystem” ;
[IO.Compression.ZipFile]::ExtractToDirectory("C:\Temp\gateway.cnus-arm-dev-env-smgt.zip", "C:\Temp\Server-Management-Gateway") ;
# Install Server Management Gateway
# Deployment Package
Start-Process `
-FilePath "C:\Temp\Server-Management-Gateway\GatewayService.msi" `
-ArgumentList "/l*v C:\Temp\install_GatewayService.log" ;
With those commands executed, the Server Management Tools Gateway Setup will prompt on the screen where you will have to accept the terms in the License Agreement and select the Install button.
Next, Server Management Tools Gateway Setup will request for a Server Certificate that it will use to establish a secure connection with the Server Management Tools Service in Azure. For this demonstration, we will be generating a self-signed certificate because we do not have a certificate authority that is available to issue a Server Certificate for the Management Server.
Finally, you will have to select the Finish button to exit out of the Server Management Tools Gateway Setup prompt.
Once that is done, we can launch the web browser, navigate back to the Server Management Tools Gateway Overview blade page and view the health state. If the configuration are all correct and communication is properly established, you should at least view a green icon with a OK on the Health column.
In this section, we will demonstrate on how we can have the Server Management Tools Gateway communicates with all the servers that are non-domain joined or workgroup and still have them managed by the Server Management Tools Service in Azure. If all your servers in the environment are domain joined, you can skip this section.
# Verify if the Nano Server is a Trusted Hosts on the
# Azure Management Server (AZUMGTSVR01) to allow
# Azure Server Management Tools to communicate with it
Get-Item `
-Path "WSMan:\localhost\Client\TrustedHosts" ;
# Set the entire Subnet to be a Trusted Hosts on the
Set-Item `
-Path "WSMan:\localhost\Client\TrustedHosts" `
-Value "192.168.2.*" `
-Force ;
Once we have the Server Management Tools Gateway setup properly, we can starting adding any servers that is in the environment into the Server Management Tools Service to have them managed as Server Management Tools Nodes.
# Get the Nano Server Private IP Address that
# reside in Azure
$NanoServerPrivateIPAddress = ((Get-AzureRmNetworkInterface `
-Name CNUS-ARM-DEV-ENV-VMNI-nanoserver01 `
-ResourceGroupName CNUS-ARM-DEV-ENV).IpConfigurations).PrivateIpAddress ;
# Add the Nano Server that reside in Azure
# to be managed by Azure Server Management Tools
New-AzureRmServerManagementNode `
-GatewayName "CNUS-ARM-DEV-ENV-SMGT" `
-NodeName "NANOSERVER01" `
-ComputerName $NanoServerPrivateIPAddress `
"Function"="Development" } `
-Credential (Get-Credential `
-Message "Please input local administrator username and password.") ;
After we have added the Nano Server to be managed in the Server Management Tools, we will have to return back to the Azure Portal and input the Administrative Credential that the Server Management Tools will utilize to manage the node.
After the Manage as Administrative Credential have been provided, you will notice that the Status will be at a Connecting state and eventually reach the OK state if your credential is correct. Viola! Immediately, you will start to see the CPU Processor and Memory metric tiles responding live on the browser.
What is actually intriguing about the development of Server Management Tools Service in Microsoft Azure is the fact that it provides so much functionalities in managing servers remotely through the web browser. With the future of headless Nano Server, this Server Management Tools Service in Microsoft Azure will be a great tool set for any administrators to dream for. Not forgetting that it also has the capability to allow administrator to execute PowerShell commands remotely to the server from the web browser.
Below is a list of the available tools that any administrator can perform through the Server Management Tools Service offered from Microsoft Azure:
Ryen Kia Zhi Tang edited Revision 5. Comment: Draft
This article was included in next TechNet Wiki Magazine (Flipboard) October 2016 Edition