Windows Server

Register Windows Admin Center with Azure: What are the new capabilities in Windows Server 2022

WindowsServer2022

Windows Server 2022 (WS2022) is now in preview, the next release in our Long-Term Servicing Channel (LTSC) which will be generally available later this calendar year. It builds on Windows Server 2019. WS2022 includes advanced multi-layer security, hybrid capabilities with Azure, and a flexible platform to modernize applications with containers. advanced multi-layer security, hybrid capabilities with Azure, and a flexible platform to modernize applications with containers. WS2022 Operating System builds on the existing “Windows Server 2019“. This operating system can also be installed locally without much focus on cloud integration. This allows classic (legacy) server roles such as WDSDHCPDNSADFS, Active Directory Domain Services (Domain Controller), and Internet Information Services (IIS) to be configured on the server. See the following guides on how to perform Post OS Installation configuration of Windows Server 2019 Properties, how to install Windows Server 2016 Operating System, how to install Windows Server 2019 on a VMware Workstation, and how to install and configure Ubuntu Linux, see this link for more information.

WS2022 builds on Windows Server 2019 which is the most adopted Windows Server ever. Windows Server 2022 LTSC release is planned for later in 2021 will be available in ISO format in 18 languages, and in VHDX format in English. See the following guide on how to install Windows Server 2022 on VMware Workstation. If you participated in Microsft igite this year, nothing was shared on Windows Server 2022 Support and Licensing. Usually, the LTSC designation would suggest that the Windows Server 2022 product when released, would have 10 years of support which is typically divided into two halves "five-year periods "mainstream" and "extended" support.

WS2022 has three major enhancements to security, portal integration, and Windows Containers support on Kubernetes.
1 Advanced multi-layer security: With the increase in cyber-security threats and impacts of incidents, security is a top priority. Windows Server 2022 includes security capabilities like secured-core servers and secure connectivity. Secured-core server brings powerful threat protection together to provide multi-layer security across hardware, firmware, and the operating system. It uses the Trusted Platform Module 2.0 and System Guard to boot up Windows Server securely and minimize risk from firmware vulnerabilities. Secured-core server also includes virtualization-based security (VBS) features like Credential Guard and Hypervisor-protected code integrity (HVCI). Credential Guard provides preventative defense for sensitive assets like credentials, and HVCI applies hardware rooted security to prevent advanced malware from tampering with the system.

Secured connectivity adds an additional layer of security during transport for advanced protection. Windows Server 2022 improves connection security with faster and more secure encrypted hypertext transfer protocol secure (HTTPS) and transport layer security (TLS) 1.3 enabled by default. Click on this link to learn more about TLS cipher suites available in WS2022. Users can further secure server communications with industry-standard AES-256 encryption which now supports server message block (SMB) protocol and better controls.

2 – Hybrid capabilities with Azure: Azure Arc and Storage Migration Service are two key hybrid capabilities that work best with Windows Server 2022. Azure Arc is Microsoft’s multi-cloud management tool that also supports server management on-premises. The Storage Migration Service permits the seamless connectivity of file servers on-premises to file servers on Azure. Azure Arc enables customers to manage, secure, and govern Windows Server on-premises, at the edge, or in multi-cloud environments from a single control plane in Azure. Through Azure Arc, users can easily employ Azure management capabilities such as Azure Policy, Azure Monitor, and Azure Defender for those servers. Just a few simple clicks in Windows Admin Center can help enable connectivity to Azure Arc. Further, we have enhanced Windows Admin Center v2103 with significantly improved virtual machine management, a simpler event viewer, and many more updates. Windows Admin Center is also available in the Azure portal. Kindly refer to these guides I have written on WAC. How to upgrade Windows Admin Center, how to update install, update and uninstall extensions in Windows Admin Center, setup System Insights on Windows Admin Center (WAC), how to setup WAC, how to schedule and run the update via Windows Admin Center, and how to Test Network Connection to the Windows Admin Center (WAC) Gateway

In order to use Windows Admin Center to register Azure Stack HCI clusters, your Windows Admin Center gateway must be registered to an Azure Active Directory (Azure AD) application ID that is approved by your organization’s Azure AD admin. Register Windows Admin Center on the same management PC you plan to use to register your cluster(s), using the same Azure Active Directory (tenant) ID. Below is a screenshot of WAC running in my lab environment. To use Azure services with Windows Admin Center, you have to register it with Azure.
Launch Windows Admin Center and select the Settings gear icon in the upper right, which will take you to your Account page. Then, from the Gateway menu at the left, select Azure, and then click Register.

Screenshot-2021-04-11-at-03.43.46

You will be requested to copy the code as shown below. If you do not have an Azure account, you will be required to create an account first.

Screenshot-2021-04-11-at-03.54.28

In the second step, enter the code you copied in step 1 above. This will open up another browser window into which you can paste the code displayed on your app or device.

Screenshot-2021-04-11-at-03.54.58

After pasting in the code, you’ll be notified that you’re about to be signed in to Windows Admin Center on a remote device or service. Enter your email or phone number.
– Note: If your device is managed, you will be taken to your organisation’s sign-in page for authentication

Screenshot-2021-04-11-at-03.55.37

Enter your password and click on sign-in

Screenshot-2021-04-11-at-03.57.11

If you have MFA enabled which I highly recommend for best practices, please enter it code here.

Screenshot-2021-04-11-at-03.59.04

You should see the following message: “You have signed in to the Windows Admin Center application on your device.” Close the browser window to return to the original registration page. Unfortunately, I do not have the complete screenshot, but just click on close 🙂

Screenshot-2021-04-11-at-03.59.48

Connect to Azure Active Directory by supplying your Azure Active Directory (tenant) ID and application ID. If you already have an Azure tenant ID and you’ve followed the preceding steps, the tenant ID field may be pre-populated and may contain multiple options.
– Select the correct tenant ID.

Screenshot-2021-04-11-at-04.04.04

But if you have an existing application ID, click Use existing, an empty field will appear for you to enter the ID provided by your administrator. After entering your ID, Windows Admin Center will confirm that an account with that ID is found. When connected,
- Select Sign in to sign in to Windows Admin Center with your Azure account.

Note: If you are an Azure AD admin, grant permissions in Azure by navigating to Azure AD, then App registrations. 
- Select All applications and search for WindowsAdminCenter. Select the display name of the gateway you're registering. Take note of the Application (client) ID displayed near the top of the page, as you'll need to provide it to the user. Next, navigate to API permissions. Under Grant consent, select Grant admin consent. Then, give the application ID to the user. If you plan to use the same application ID for multiple users, proceed otherwise skip to the next steps.

Windows Server 2022 enhances the seamless connectivity of file servers on-premises to file servers on Azure. Updates to Storage Migration Service allow customers to migrate file servers from NetApp FAS to Windows Servers. Using Storage Migration Service to migrate data to servers allows customers to maintain low latency while reducing their on-premises storage footprint.

3 – Flexible application platform: Windows Server is used to run large-scale and distributed applications. In WS2022, several platform improvements for Windows Containers, including application compatibility and the Windows Container experience with Kubernetes. A major improvement includes reducing the Windows Container image size, which leads to faster download time and better performance. In addition, you can run applications that depend on Azure Active Directory with group Managed Services Accounts (gMSA) without domain joining the container host. Furthermore, there are several other enhancements that simplify the Windows Container experience with Kubernetes. These enhancements include support for host-process containers for node configuration, IPv6, and consistent network policy implementation with Calico.

In addition to platform improvements, the Windows Admin Center tool makes it easy to containerize .NET applications. Once the application is in a container, you can host it on Azure Container Registry and then deploy it to other Azure services, including Azure Kubernetes Service. WS 2022 supports business-critical and large-scale applications like SQL Server that require 48TB of memory and 2,048 logical cores running on 64 physical sockets.

Here are my highlights
- Improved icons (I love them all).
- You can enable Light mode if you do not like the dark mode on Windows Server 2022
- Microsoft Edge is the default browser in Windows Server 2022. Unlike in Windows 10, it can be uninstalled if you do not want to web browser on your server.
Screenshot-2021-04-11-at-03.50.32

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x