US IT Camp - Azure Hybrid Cloud HOL - FY14H2 - 201405 PDF

Hands-on Lab: Build and Manage a
Dev/Test Server Farm in the Cloud using

Microsoft Azure Infrastructure Services
Microsoft Azure Infrastructure Services provides cloud-based storage, virtual networks and virtual
machines that can be provisioned on-demand to support lab, pilot or production application workloads.
In this Hands-on Lab, youll build a functional Dev/Test lab environment that includes Active Directory,
SQL Server and SharePoint Server 2013 virtual machines on a common virtual network running on the
Microsoft Azure cloud platform, as depicted in blue in the figure below.
Youll be leveraging a Microsoft Azure FREE Trial Subscription program to build this cloud-based lab
environment for development and test lab purposes.
As you provision this lab environment, youll gain hands-on experience with the following management
tools:
Microsoft Azure Management Portal

Windows PowerShell and the Microsoft Azure PowerShell Module
System Center 2012 R2 App Controller
System Center 2012 R2 Orchestrator
After completing this hands-on lab document, you will be able to easily extend this lab environment
with additional virtual machines if load-balancing and high availability are needed.
1|P a g e
Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud
Lab Requirements
The following components are required to successfully complete this Hands-on Lab:
A modern web-browser with HTML5 and Javascript enabled

Remote Desktop Client connection software
Internet connectivity
Lab Conventions
In this lab, well be using a naming convention of XXXlabYYY01 for some cloud resources, where XXX will
be replaced with your unique initials and YYY will be replaced with an abbreviation representing the
function of a virtual machine or Microsoft Azure configuration component, such as ad, db or web.
Lets Get Started!

In this step-by-step lab guide, you will learn how to:
1)
2)
3)
4)
5)
6)
7)
8)
9)
10)
Get Started with Microsoft Azure Infrastructure Services

Register a DNS Server in Microsoft Azure
Define a Virtual Network in Microsoft Azure
Configure Windows Server Active Directory in a Microsoft Azure VM
Configure SQL Server 2012 in a Microsoft Azure VM
Configure SharePoint Server 2013 in a Microsoft Azure VM
Provision Virtual Machines via Windows PowerShell for System Center 2012 R2
Manage Microsoft Azure with System Center 2012 R2 App Controller
Automate Microsoft Azure with System Center 2012 R2 Orchestrator
Shut down the On-demand Dev/Test Lab Environment
Estimated time to complete: 3 hours

COMPLETING LAB EXERCISES This Hands-on Lab Guide provides flexibility when completing exercises.
If you are interested in provisioning SharePoint as part of your Dev/Test lab environment on Microsoft
Azure, you can complete the exercises in the order written. However, if you are more interested in
managing Microsoft Azure with System Center 2012 R2, you can complete Exercises 1-5 and then skip to
Exercises 7-9. You can complete Exercise 6 later, as time permits.
POWERSHELL BEGINNER? Some of the steps in this Hands-on Lab require typing PowerShell command
lines. If youre new to PowerShell, weve made it easy to copy/paste these command lines into the
appropriate virtual machine by providing a set of PowerShell snippets for these lab exercises. You can
access these snippets at http://aka.ms/FY14H2AzureHOLSnippets from the browser on your local PC.
BEFORE LEAVING TODAY be sure to complete Exercise 10 to shut down all running Microsoft Azure
virtual machines to avoid continuing virtual machine compute charges.
2|P a g e
Exercise 1: Get Started with Microsoft Azure Infrastructure Services

In this exercise, you will activate a free Microsoft Azure Trial Subscription and then setup two
components that will be needed for the other exercises in this lab: a Microsoft Azure Affinity Group and
a Microsoft Azure Storage Account.
1) Sign-up for your FREE Microsoft Azure Trial Account.
Sign-up for a FREE trial of Microsoft Azure at http://aka.ms/MicrosoftAzureFreeTrial so that you can
follow along with the steps in this Hands-on Lab.
When signing up for a Free Trial subscription, you will be prompted to login with Microsoft Account
(formerly Windows Live ID) credentials. If you do not have valid Microsoft Account credentials, you
may create new credentials at https://signup.live.com.
Note: During the Free Trial sign-up process, you will be asked for credit card information to confirm
that you are a legitimate free trial subscriber. Your credit card information is only used to confirm
your identity and you will NOT be charged for any Microsoft Azure services unless you explicitly
convert your trial subscription to a paid subscription at a later date.
2) Login to the Microsoft Azure Management Portal.
Login to the web-based Microsoft Azure Management Portal at http://manage.windowsazure.com
with the same logon credentials you used to sign-up for the FREE Trial above.
Once youve logged in, you should see the main Microsoft Azure Management portal dashboard.
On the blue side navigation bar of the Microsoft Azure Management Portal, youll find the options
for managing Virtual Machines, Virtual Networks, Storage and Settings in the cloud. These are the
items well be primarily working with in this hands-on lab.
TIP! You may need to scroll the blue side navigation bar up and down to see all of the options.
3) Define a new Microsoft Azure Affinity Group.
Affinity Groups in Microsoft Azure are used to group your cloud-based services together, such as
Virtual Machines, Virtual Networks and Storage, in order to achieve optimal performance. When
you use an affinity group, Microsoft Azure will keep all services that belong to your affinity group
running within a common cluster of resources in the same datacenter region to reduce latency and
increase performance.
a) Create a new Affinity Group by selecting Settings from the blue side navigation bar in the
Microsoft Azure Management Portal. You may need to scroll the blue side navigation bar down
to see this selection.
b) On the Settings page, select the Affinity Groups tab on the top navigation bar.
3|P a g e
c) Click the +ADD button on the bottom navigation bar.

d) On the Create Affinity Group form, enter the following details:
Name: Enter a unique name for your new Affinity Group, such as labag01
Region: Select your closest Microsoft Azure datacenter sub-region.
Click the
button to create a new Affinity Group.
4) Create a new Microsoft Azure Storage Account.

Virtual Machines that are provisioned in Microsoft Azure are stored in the world-wide cloud-based
Microsoft Azure Storage service. In terms of high availability, the Storage service provides built-in
storage replication capability where every VM is replicated to three separate locations within the
Microsoft Azure data center region you select. In addition, Microsoft Azure Storage provides a georeplication feature for also replicating your VMs to a remote data center region.
a) Create a new Storage account by clicking the +NEW button on the bottom toolbar in the
Microsoft Azure Management Portal and then select Data Services | Storage | Quick Create.
b) Complete the following fields for creating your Storage account:
URL: Enter a globally unique DNS hostname for your new storage account, such as XXXlabstor01
(where XXX is replaced with your initials)
Region/Affinity Group: Select the Affinity Group you created in Step 3 above.
Replication: Ensure that the Geo-Redundant option is selected.
Click the CREATE STORAGE ACCOUNT button to create your new Microsoft Azure Storage
account.
4|P a g e
Exercise 2: Register a DNS Server in Microsoft Azure

Register the internal IP address that our domain controller VM will be using for Active
Directory-integrated Dynamic DNS services by performing the following steps:
1) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you signed
up for your Free Microsoft Azure Trial.
2) Select Networks located on the side navigation panel on the Microsoft Azure Management Portal
page.
3) Click the +NEW button located on the bottom navigation bar and select
Networks | Virtual Network | Register DNS Server.
4) Complete the DNS Server fields as follows:
NAME: Enter a unique name for the new DNS Server information, such as labdns01
DNS Server IP Address: 10.0.0.4
5) Click the REGISTER DNS SERVER button.
5|P a g e
Exercise 3: Define a Virtual Network in Microsoft Azure

Define a common virtual network in Microsoft Azure for running Active Directory, Database and
SharePoint virtual machines by performing the following steps:
2) Select Networks located on the side navigation panel on the Microsoft Azure Management Portal
page.
Networks | Virtual Network | Quick Create.
4) Complete the Virtual Network fields as follows:
NAME: Enter a unique name for the new Virtual Network, such as labnet01
Address Space: 10.---.---.--Maximum VM Count: 4096 [CIDR: /20]
Location: Select your closest Microsoft Azure datacenter sub-region.
DNS Server: Select the DNS Server registered in Exercise 2 above.
5) Click the CREATE A VIRTUAL NETWORK button.
6|P a g e
Exercise 4: Configure Windows Server Active Directory in a Microsoft

Azure VM
Provision a new Microsoft Azure VM to run a Windows Server Active Directory domain
controller in a new Active Directory forest by performing the following steps:
2) Select Virtual Machines located on the side navigation panel on the Microsoft Azure Management
Portal page.
Compute | Virtual Machine | From Gallery.
4) On the Choose an Image page, select Windows Server 2012 R2 Datacenter and click the
button.
5) On the Virtual machine Configuration page, complete the fields as follows:

Version Release Date: Select the latest version release date to build a new VM with the latest OS
updates applied.
Virtual Machine Name: labad01
Tier: Standard
Size: A1 (1 core, 1.75GB Memory)
New User Name: AzureAdmin
New Password and Confirm Password fields: Choose and confirm a new local Administrator
password.
Record the password you entered here: __________________________________________.
Click the
button to continue.
TIP! It is suggested to use secure passwords for Administrator users and service accounts, as
Microsoft Azure virtual machines could be accessible from the Internet knowing just their DNS. You
can also read this document on the Microsoft Security website that will help you select a secure
password: http://www.microsoft.com/security/online-privacy/passwords-create.aspx.
7|P a g e
6) On the Virtual machine Configuration page, complete the fields as follows:

Cloud Service: Create a new cloud service
Cloud Service DNS Name: Enter a globally unique DNS name for the new cloud service, such as
XXXlabad.cloudapp.net
Region/Affinity Group/Virtual Network: Select labnet01 the Virtual Network defined in Exercise 3
above.
Virtual Network Subnets: Select Subnet-1 (10.0.0.0/23)
Storage Account: Select the Storage Account defined in Exercise 1 above.
Availability Set: Create an availability set
Availability Set Name: Enter a name for the new availability set, such as labad.
Click the
button to continue.
7) On the Virtual Machine Configuration page, click the

begin provisioning the new virtual machine.
button to accept the default values and
As the new virtual machine is being provisioned, you will see the Status column on the Virtual
Machines page of the Microsoft Azure Management Portal cycle through several values including
Stopped, Stopped (Provisioning), and Running (Provisioning). When provisioning for this new Virtual
Machine is completed, the Status column will display a value of Running and you may continue with
the next step in this guide.
8) After the new virtual machine has finished provisioning, click on the name (labad01) of the new
Virtual Machine displayed on the Virtual Machines page of the Microsoft Azure Management Portal.
9) On the virtual machine Dashboard page for labad01, make note of the Internal IP Address displayed
on this page located on the right-side of the page. This IP address should be listed as 10.0.0.4.
TIP! If a different internal IP address is displayed, the virtual network and/or virtual machine
configuration was not completed correctly. In this case, click the DELETE button located on the
bottom toolbar of the virtual machine details page for labad01, and go back to Exercise 2 and
Exercise 3 to confirm that all steps were completed correctly.
8|P a g e
10) On the virtual machine Dashboard page for labad01, click the Connect button located on the
bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to the
console of this virtual machine.
Logon at the console of your virtual machine with the local Administrator credentials as follows:
User name: labad01\AzureAdmin
Password: Enter the password recorded in Step 5 above.
11) From within the Remote Desktop session for labad01, install the Active Directory Domain Services
role and promote this server to a domain controller in a new Active Directory forest.
This task can be performed in two different ways: (1) by using the Add Roles and Features wizard in
the Server Manager tool or (2) via the Active Directory PowerShell cmdlets. To reduce the time
required to complete this task in this lab, youll be using PowerShell to complete this task.
a) From the Server Manager tool, click on the Tools menu in the top-right menu bar and select
Windows PowerShell ISE.
b) In the Administrator: Windows PowerShell ISE window, run the following cmdlets:
Set-DnsClient InterfaceAlias "Ethernet*" `
ConnectionSpecificSuffix contoso.com
Install-WindowsFeature AD-Domain-Services IncludeManagementTools
Install-ADDSForest DomainName contoso.com
c) When prompted for the SafeModeAdministratorPassword, enter and confirm the same
password recorded in Step 5 above.
d) When prompted with Do you want to continue with this operation, press Enter to accept the
default answer.
e) A new Active Directory Domain Services forest will be configured. After labad01 restarts,
continue with the next step.
9|P a g e
Logon at the Remote Desktop console of your virtual machine with the domain Administrator
credentials as follows:
User name: AzureAdmin@contoso.com
Password: Enter the password recorded in Step 5 above.
13) From within the Remote Desktop session for labad01, create user accounts in Active Directory that
will be used when installing and configuring SharePoint Server 2013 and System Center 2012 R2
later in this hands-on lab:
CONTOSO\sp_farm SharePoint Farm Data Access Account
CONTOSO\sp_serviceapps SharePoint Farm Service Applications Account
CONTOSO\sc_admin System Center Service Account
This task can be performed in two different ways: (1) by using the Active Directory Users and
Computers tool located in the Server Manager Tools menu or (2) via the Active Directory PowerShell
cmdlets. To reduce the time required to complete this task in this lab, youll be using PowerShell to
complete this task.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlets provided below. When
prompted to Provide New Password, enter the password recorded in Step 5 above.
$newPassword = (Read-Host -Prompt "Provide New Password" `
-AsSecureString)
New-ADUser -Name sp_farm -AccountPassword $newPassword `
-ChangePasswordAtLogon $False -PasswordNeverExpires $True `
Enabled $True
New-ADUser -Name sp_serviceapps -AccountPassword $newPassword `
Enabled $True
New-ADUser -Name sc_admin -AccountPassword $newPassword `
Enabled $True
Add-ADGroupMember -Identity "Domain Admins" -Members "sc_admin"
10 | P a g e
c) After the new Active Directory users are created, close the Administrator: Windows PowerShell
ISE window and continue with the next step.
14) From within the Remote Desktop session of labad01, disable Internet Explorer Enhanced Security
Configuration (ESC).
a) In the Server Manager tool, click on Local Server in the left navigation pane and select IE
Enhanced Security Configuration.
b) Turn off enhanced security for Administrators and click the OK button.
Note: Modifying Internet Explorer Enhanced Security configurations is not good practice for
production environments and is only performed for the purpose of this particular hands-on
lab guide.
15) From within the Remote Desktop session for labad01, download the installation bits for System
Center 2012 R2. Youll be using these installation bits later in this hands-on lab.
a) Create a new folder named C:\Installs
b) Click the Start button and launch Internet Explorer from the Start screen.
c) From within Internet Explorer, browse to http://aka.ms/dlscsuite2012
d) Click the Get Started Now button to begin the download process.
e) Login with your Microsoft account and complete the download registration form.
f) When prompted to install the Akamai Netsession Interface download tool, scroll down inside
the dialog box and click If you cannot complete the installation, click here.
g) Click the OK button to use an alternate download method.
h) In the Downloading Files list located on the top-right of the web page, scroll inside the list box
and download the following files to the C:\Installs folder:
- SC2012_R2_SCAC.exe
- SC2012_R2_SCO.exe
- SC2012_R2_SCVMM.exe
Once the download of the last file has begun, continue with the next exercise while the process
completes in the background.
11 | P a g e
Exercise 5: Configure SQL Server 2012 in a Microsoft Azure VM

Provision a new Microsoft Azure VM to run SQL Server 2012 by performing the following steps:
Portal page.
4) On the Choose an Image page, select SQL Server 2012 SP1 Enterprise on Windows Server 2012 and
click the
button.
5) On the Virtual Machine Configuration page, complete the fields as follows:
updates applied.
Virtual Machine Name: labdb01
Tier: Standard
Size: A3 (4 cores, 7GB Memory)
New Password and Confirm Password fields: Use the same password recorded in Exercise 4, Step 5.
Click the
12 | P a g e
button to continue.

XXXlabfarm.cloudapp.net
above.
Availability Set Name: labdb
Click the
button to continue.

8) After the new virtual machine has finished provisioning, click on the name (labdb01) of the new
9) On the virtual machine Dashboard page for labdb01, make note of the Internal IP Address displayed
on this page. This IP address should be listed as 10.0.0.x, where x is a valid host ID on the virtual
network.
13 | P a g e
10) On the virtual machine Dashboard page for labdb01, click the Connect button located on the
console of this virtual machine. Logon at the console of your virtual machine with the local
Administrator credentials defined in Step 5 above as follows:
User name: labdb01\AzureAdmin
Password: Enter the password recorded in Exercise 4, Step 5.
11) Join this server to the contoso.com domain and restart the server to complete the domain join
operation.
This task can be performed in two different ways: (1) by using the Local Server page in the Server
Manager tool or (2) via the Add-Computer PowerShell cmdlet. To reduce the time required to
complete this task in this lab, youll be using PowerShell to complete this task.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlets provided below.
Add-Computer DomainName contoso.com
c) When prompted for Administrator credentials, enter the following user name and password:
d) Restart the labdb01 virtual machine by issuing the following PowerShell cmdlet:
Restart-Computer
12) After the server restarts, connect again via Remote Desktop to the servers console and login with
the local Administrator credentials defined above in Step 5 as follows:
User name: labdb01\AzureAdmin
14 | P a g e
13) Add the CONTOSO\AzureAdmin user to SQL Server with the Sysadmin server role assigned.
This task can be performed in two different ways: (1) by using the SQL Server Management Studio
tool or (2) via the SQLPS PowerShell cmdlets. To reduce the time required to complete this task in
this lab, youll be using PowerShell to complete this task.
Set-ExecutionPolicy RemoteSigned Force
Import-Module SQLPS
Set-Location SQLSERVER:\sql\labdb01
Invoke-Sqlcmd -Query "CREATE LOGIN [CONTOSO\AzureAdmin] FROM
WINDOWS"
Invoke-Sqlcmd -Query "EXEC sp_addsrvrolemember
'CONTOSO\AzureAdmin', 'sysadmin'"
14) In order to allow SharePoint to connect to the SQL Server instance in this virtual machine, you will
need to add an Inbound Rule for the SQL Server requests in the Windows Firewall.
This task can be performed in two different ways: (1) by using the Windows Firewall with Advanced
Security tool or (2) via the New-NetFirewallRule PowerShell cmdlet. To reduce the time required to
b) In the Administrator: Windows PowerShell ISE window, run the cmdlet provided below.
New-NetFirewallRule -DisplayName "SQLServer-AllowInbound" `
-Action Allow -Direction Inbound -LocalPort 1433 -Protocol TCP
The configuration for this virtual machine is now complete, and you may continue with the next
exercise in this hands-on lab guide.
TIP! This lab provides flexibility in completing exercises. If you are interested in continuing to build a
SharePoint dev/test lab environment on Microsoft Azure, you can complete Exercise 6 next. However, if
you are more interested in managing Microsoft Azure with System Center 2012 R2, you can skip to
Exercises 7-9 and come back to Exercise 6 at a later time.
15 | P a g e
Exercise 6: Configure SharePoint Server 2013 in a Microsoft Azure VM

Provision a new Microsoft Azure VM to run SharePoint Server 2013 by performing the following
steps:
Portal page.
4) On the Choose an Image page, select SharePoint Server 2013 Trial and click the
button.

Virtual Machine Name: labweb01
Tier: Standard
Size: A4 (8 cores, 14GB Memory)
Click the
button to continue.

Cloud Service: XXXlabfarm.cloudapp.net (Select the existing Cloud Service provisioned in Exercise 5)
above.
Availability Set Name: labweb
16 | P a g e
7) On the Virtual Machine Configuration page, add an additional firewall endpoint for web (HTTP)
network traffic by completing the following fields:
Name: WebHTTP
Protocol: TCP
Public Port: 80
Private Port: 80
Click the
button to continue.

9) After the new virtual machine has finished provisioning, click on the name (labweb01) of the new
10) On the virtual machine Dashboard page for labweb01, make note of the Internal IP Address
displayed on this page. This IP address should be listed as 10.0.0.x, where x is a valid host ID on the
virtual network.
11) On the virtual machine Dashboard page for labweb01, click the Connect button located on the
console of this virtual machine. Logon at the console of your virtual machine with the local
Administrator credentials defined in Step 5 above as follows:
User name: labweb01\AzureAdmin
17 | P a g e
operation.
d) Restart the labweb01 virtual machine by issuing the following PowerShell cmdlet:
Restart-Computer
13) After the server restarts, connect again via Remote Desktop to the servers console and login with
the domain Administrator credentials as follows:
14) On the Desktop, double-click on the SharePoint 2013 Products Configuration Wizard shortcut to
launch the configuration wizard. Click the Next button to continue. If prompted to start or reset
services, click the Yes button.
15) In the SharePoint Products Configuration Wizard, when prompted on the Connect to server farm
dialog, select the option to Create a new server farm.
18 | P a g e
16) On the Specify Configuration Database Settings, specify the following values for each field:
Database Server: labdb01
Username: CONTOSO\sp_farm
Password: Type the password specified when the sp_farm domain user account was created earlier
in Exercise 4.
17) Click the Next > button and accept all default values in the SharePoint Products Configuration
Wizard.
When prompted for a Passphrase for the new SharePoint farm, enter and confirm the same
password recorded in Exercise 4, Step 5.
Click the Finish button when prompted to complete the wizard.
TIP! SharePoint will require several minutes to complete this initial provisioning process.
18) The SharePoint 2013 Central Administration web page should launch automatically. When
prompted, click the Start the Wizard button to begin the Initial Farm Configuration Wizard.
19) When prompted for Service Account, type the CONTOSO\sp_serviceapps domain username and
password specified when this account was created earlier in Exercise 4.
20) Accept all other default values and click the Next > button to continue.
TIP! SharePoint will require several minutes to complete this initial provisioning process.
21) On the Create a Site Collection page, create a new top-level Intranet site collection using the
following field values:
Title and Description: Enter your preferred Title and Description for the new site collection
URL: Select the root URL path http://labweb01/
Select experience version: 2013
Select a template: Publishing | Publishing Portal
Click the OK button to provision a new top-level Intranet site collection.
After the new top-level Intranet site collection is provisioned, test navigating to the URL for this site
collection from within the Remote Desktop session to the server.
22) On the SharePoint 2013 Central Administration site, configure a Public URL alternate access mapping
for accessing the new top-level Intranet site collection from the Internet.
19 | P a g e
a) On the Central Administration site home page, click the Configure alternate access mappings
link.
b) On the Alternate Access Mappings page, click the Edit Public URLs link.
c) On the Edit Public Zone URLs page, select and specify the following values:
Alternate Access Mapping Collection: SharePoint - 80
Internet: http://XXXlabfarm.cloudapp.net
Click the Save button to complete the Alternate Access Mapping configuration.
23) Close the Remote Desktop session to the server.
24) Test browsing to the following public URL to confirm that you are able to access the Intranet site
collection that is configured on SharePoint:
URL: http://XXXlabfarm.cloudapp.net
When prompted to authenticate to the web site, login with the following credentials:
If you are unable to successfully browse to this SharePoint site collection, carefully review Step 6 and
Step 21 to ensure that you have completed both steps correctly.
The configuration for this virtual machine is now complete, and you may continue with the next exercise
in this hands-on lab guide.
20 | P a g e
Exercise 7: Provision Virtual Machines via Windows PowerShell for

System Center 2012 R2
In this exercise, you will provision two new virtual machines in Microsoft Azure by using Windows
PowerShell and the Microsoft Azure PowerShell module. These virtual machines will be used in later lab
exercises for System Center 2012 R2 App Controller and System Center 2012 R2 Orchestrator.
You will perform this exercise from within a Remote Desktop session on virtual machine labad01.
Portal page.
3) On the Virtual Machines page, click on the name of virtual machine labad01.
Password: Enter the password recorded in Exercise 4, Step 5 above.
5) Download and Install the Microsoft Azure PowerShell Module.
a) Launch Internet Explorer by first clicking the Start button and then clicking the Internet Explorer
tile on the Start Screen.
b) From within Internet Explorer, browse to the following link location:
http://go.microsoft.com/?linkid=9811175
c) When prompted, click the Run button to run the installation program. The Web Platform
Installer will launch.
d) On the Web Platform Installer dialog box, click the Install button.
e) When prompted for Prerequisites, click the I Accept button.
f) When the installation process has completed, click the Finish button and then click the Exit
button.
21 | P a g e
g) Restart virtual machine labad01. When the virtual machine has restarted, logon again using the
same process and credentials as used in Step 4 above.
6) Configure the Microsoft Azure PowerShell Module for your Microsoft Azure subscription.
b) In the Administrator: Windows PowerShell ISE window, run the cmdlet provided below.
Add-AzureAccount
When prompted to Sign in, sign in with the same Microsoft account credentials that you used
when activating your Microsoft Azure free trial subscription.
c) Confirm that your Microsoft Azure subscription has been properly connected via PowerShell by
running the following cmdlet:
Get-AzureSubscription
d) Set the default Microsoft Azure subscription and storage account by running the cmdlets below.
Be sure to update these lines with your subscription name that was listed in the GetAzureSubscription cmdlet output above and replace XXX with your unique initials before running
these commands.
# Update the line below with your Microsoft Azure subscription
name, for example "Free Trial"
$subscription = "REPLACE WITH YOUR SUBSCRIPTION NAME"
$storageAccount = "XXXlabstor01" # Replace XXX with your initials
Set-AzureSubscription SubscriptionName $subscription `
CurrentStorageAccount $storageAccount
Select-AzureSubscription Default $subscription
7) Provision a new virtual machine named labac01 on the existing Microsoft Azure virtual network by
using the below PowerShell cmdlets. During the VM provisioning process, this new VM will be
automatically joined to the contoso.com Active Directory domain. This virtual machine will be used
for System Center 2012 R2 App Controller in a later lab exercise.
Be sure to update these lines to replace XXX with your unique initials before running these
commands.
$vm1Name = "labac01"
$vmServiceName = "XXXlabmgmt" # Replace XXX with your initials
22 | P a g e
$vmAffinityGroup = "labag01"
$vNetName = "labnet01"
$subnetName = "Subnet-1"
$vmImage = @((Get-AzureVMImage | Where-Object Label `
-like "Windows Server 2012 R2 Datacenter*").ImageName)[-1]
# When prompted for username below, enter AzureAdmin
$vmAdmin = Get-Credential
$vmAdminUser = $vmAdmin.Username
$vmAdminPassword = $vmAdmin.GetNetworkCredential().Password
$vmDomain = "contoso.com"
$vmDomainNetBIOS = "CONTOSO"
$vm1 = New-AzureVMConfig Name $vm1Name ImageName $vmImage `
InstanceSize Medium | Add-AzureProvisioningConfig `
WindowsDomain AdminUserName $vmAdminUser `
Password $vmAdminPassword JoinDomain $vmDomain `
Domain $vmDomainNetBIOS DomainUserName $vmAdminUser `
DomainPassword $vmAdminPassword |
Set-AzureSubnet SubnetNames $subnetName
$vm1 | New-AzureVM ServiceName $vmServiceName `
VnetName $vNetName -AffinityGroup $vmAffinityGroup
8) Provision a new virtual machine named labo01 on the existing Microsoft Azure virtual network by
using the below PowerShell cmdlets. During the VM provisioning process, this new VM will be
automatically joined to the contoso.com Active Directory domain. This virtual machine will be used
for System Center 2012 R2 Orchestrator in a later lab exercise.
$vm2Name = "labo01"
$vm2 = New-AzureVMConfig Name $vm2Name ImageName $vmImage `
InstanceSize Medium | Add-AzureProvisioningConfig `
WindowsDomain AdminUserName $vmAdminUser `
Password $vmAdminPassword JoinDomain $vmDomain `
Domain $vmDomainNetBIOS DomainUserName $vmAdminUser `
DomainPassword $vmAdminPassword |
Set-AzureSubnet SubnetNames $subnetName
$vm2 | New-AzureVM ServiceName $vmServiceName
When virtual machines labac01 and labo01 are displayed with a Running status on the Virtual Machines
page of the Microsoft Azure Management Portal, you may continue with the next exercise.
23 | P a g e
Exercise 8: Manage Microsoft Azure with System Center 2012 R2 App

Controller
In this exercise, you will configure System Center 2012 R2 App Controll er for managing your Microsoft
Azure subscription.
You will begin this exercise by establishing a Remote Desktop connection to virtual machine labac01.
1) Establish a Remote Desktop connection to virtual machine labac01.
a) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you
signed up for your Free Microsoft Azure Trial.
b) Select Virtual Machines located on the side navigation panel on the Microsoft Azure
Management Portal page.
c) On the Virtual Machines page, click on the name of virtual machine labac01.
d) On the virtual machine Dashboard page for labac01, click the Connect button located on the
bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to
the console of this virtual machine.
2) From within the Remote Desktop session connected to labac01, disable Internet Explorer Enhanced
Security Configuration (ESC).
lab guide.
24 | P a g e
3) From within the Remote Desktop session connected to labac01, extract the necessary installation
files and install the pre-requisite components for installation of System Center 2012 R2 App
Controller.
b) In the Administrator: Windows PowerShell ISE window, run the commands provided below to
extract the necessary installation files.
net use x: \\labad01\c$
x:\installs\sc2012_r2_scac /silent
x:\installs\sc2012_r2_scvmm /silent
net use x: /d
c) In the Administrator: Windows PowerShell ISE window, run the commands provided below to
install the System Center 2012 R2 Virtual Machine Manager management console as a prerequisite component for installation of System Center 2012 R2 App Controller.
cd "\sc2012 r2 scvmm"
Start-Process -FilePath ".\setup.exe" -ArgumentList "/client /i
/IACCEPTSCEULA" Wait
4) From within the Remote Desktop session connected to labac01, complete the installation of System
Center 2012 R2 App Controller.
a) In the Administrator: Windows PowerShell ISE window, run the commands provided below to
launch the setup program for System Center 2012 R2 App Controller.
cd "\sc2012 r2 scac"
.\setup.exe
b) On the App Controller Setup dialog box, click Install to begin the installation process.
c) During the App Controller Setup wizard, click the Next button to proceed through each page.
When prompted by the wizard, enter the following field val ues:
Product Key: leave blank (evaluation edition)
Installation Path: default (C:\Program Files\Microsoft System Center 2012 R2\App Controller)
Domain account: CONTOSO\sc_admin
Port: default (18622)
25 | P a g e
Generate self-signed certificate: Selected

SQL Server database server: labdb01
SQL Server port: 1433
SQL Server instance name: MSSQLSERVER
SQL Server database name: default (AppController)
NOTE: After entering the SQL Server database information, you may need to click the Next
button more than once to proceed to the next wizard page.
Customer Experience Improvement Program: Yes, I am willing to participate in CEIP
d) When prompted, click the Install button to begin the installation of System Center 2012 R2 App
Controller.
When the installation process has completed, click the Finish button.
5) From within the Remote Desktop session connected to labac01, export the self-signed certificate
generated during the installation process and upload to the Microsoft Azure Management Portal.
This certificate will be used to securely authenticate to your Microsoft Azure subscription via the
App Controller management server.
During this step, you will export the certificate file twice: one exported copy will be saved as a .CER
certificate file that can be uploaded to the Microsoft Azure Management Portal, and a second
exported copy will be saved as a .PFX certificate file that can be uploaded to the System Center 2012
R2 App Controller portal.
Internet Information Services (IIS) Manager.
b) Click on LABAC01 in the connections panel. If prompted to Get started with Microsoft Web
Platform, click the No button.
c) In the center panel of the Internet Information Services (IIS) Manager tool, double-click on
Server Certificates.
d) On the Server Certificates page, right-click on the System Center 2012 R2 App Controller
certificate and click on View on the pop-up menu.
e) On the Certificate dialog box, click the Details tab and then click the Copy to File button. This
will launch the Certificate Export Wizard.
26 | P a g e
f) Navigate through the Certificate Export Wizard using the Next button. When prompted, enter
the following information:
Export Private Key: No
Export File Format: default (DER encoded binary X.509 .CER)
File name: c:\sc2012 r2 scac\labac01.cer
After specifying all of the above information, click the Finish button to complete the export
process. Click the OK button twice to dismiss each open dialog box.
g) On the Server Certificates page, right-click on the System Center 2012 R2 App Controller
certificate and click on Export on the pop-up menu.
h) In the Export Certificate dialog box, enter the following information:
Export to: c:\sc2012 r2 scac\labac01.pfx
Password: Enter and confirm the same password recorded in Exercise 4, Step 5.
After specifying all of the above information, click the OK button to complete the export
process.
i)
Sign in at the Microsoft Azure Management Portal with the logon credentials used when you
j)
Select Settings located on the side navigation panel on the Microsoft Azure Management Portal
page. You may need to scroll down the side navigation panel to see this selection.
k) On the Settings page, click on the Management Certificates tab.

l)
On the Management Certificates page, click on the Upload button located on the bottom black
toolbar. When prompted, browse to c:\sc2012 r2 scac\labac01.cer and click the
button.
Your newly uploaded certificate should appear with a name of labac01.contoso.com.
m) For your newly uploaded certificate, select the value listed in the Subscription ID column and
copy this value to your clipboard for later use in this lab exercise.
6) Launch the System Center 2012 R2 App Controller portal and login as CONTOSO\AzureAdmin.
a) From within the Remote Desktop session connected to labac01, browse to
https://labac01.contoso.com
If prompted with a website security error, click on Continue to this website. This error is
generated due to the self-signed certificate used within this hands-on lab. In a production
environment, a certificate signed by a trusted certificate authority would normally be used
27 | P a g e
instead of a self-signed certificate.

b) If prompted to Install Silverlight, click through the process of installing the Silverlight plug-in
and, when completed, refresh the browser page.
c) When prompted to authenticate to the App Controller portal site, login with the following
credentials:
User name: CONTOSO\AzureAdmin
7) Connect System Center 2012 R2 App Controller to your Microsoft Azure subscription.
a) On the Overview page of the App Controller portal site, click on the link to Connect a Windows
Azure subscription that is located in the center of the page.
b) In the Connect a Windows Azure subscription form, enter the following information:
Name: My Azure Cloud
Subscription ID: Paste the value copied to your clipboard above in Step 5m
Management certificate: Browse to c:\sc2012 r2 scac\labac01.pfx
Management certificate password: Enter the password used above in Step 5h when exporting
the certificate.
After supplying the above information, click the OK button to connect App Controller to your
Microsoft Azure subscription.
8) Manage your Microsoft Azure Cloud via System Center 2012 R2 App Controller.
a) Note that the App Controller Overview page has been updated to reflect the connection to your
Microsoft Azure subscription in the Public Clouds column.
Also note that this same App Controller portal could also be connected to multiple Microsoft
Azure subscriptions, multiple on-premises Private Clouds managed by System Center 2012 R2
Virtual Machine Manager, and multiple Hosting Service Providers. Leveraging the App
Controller portal in this manner provides a single web-based management tool for managing all
virtual machines in a Hybrid Cloud environment.
b) Click on Virtual Machines in the left navigation pane of the App Controller portal. Note that
App Controller displays a list of all virtual machines provisioned across all connected clouds.
c) On the Virtual Machines page, right-click on a virtual machine to review the management
options available for managing a single virtual machine in a connected cloud.
28 | P a g e
You will see options for Open Diagram, Properties, Shutdown, Restart, Remote Desktop, and
Delete.
d) From the right-click popup menu, select Properties. Scroll through the Properties of new virtual
machine form to review each of the currently provisioned settings for this virtual machine.
When your review is complete, click the Cancel button and continue to the next step.
e) On the Virtual Machines page, note that new virtual machines can be provisioned in a
connected cloud by clicking the Deploy button on the top toolbar.
f) Click on Library in the left navigation panel of the App Controller portal.
g) On the Library page, note that a list of Disks, Images and Microsoft Azure storage accounts is
presented.
h) On the Library page, click on Shares in the center panel. Note that the Add button on the top
toolbar can be used to add local on-premises shared folders to the App Controller portal for the
purpose of copying virtual machine hard disks between on-premises Private Clouds and
Microsoft Azure clouds.
When you have completed exploring the System Center 2012 R2 App Controller portal for Hybrid Cloud
management, you may continue with the next exercise.
29 | P a g e
Exercise 9: Automate your Lab Environment with System Center 2012 R2

Orchestrator
In this exercise, you will configure System Center 2012 R2 Orchestrator for automating your Microsoft
Azure subscription.
You will begin this exercise by establishing a Remote Desktop connection to virtual machine labo01.
1) Establish a Remote Desktop connection to virtual machine labo1.
a) Sign in at the Microsoft Azure Management Portal with the logon credentials used when you
b) Select Virtual Machines located on the side navigation panel on the Microsoft Azure
Management Portal page.
c) On the Virtual Machines page, click on the name of virtual machine labo01.
d) On the virtual machine Dashboard page for labo01, click the Connect button located on the
bottom navigation toolbar and click the Open button to launch a Remote Desktop Connection to
the console of this virtual machine.
2) From within the Remote Desktop session connected to labo01, disable Internet Explorer Enhanced
Security Configuration (ESC).
lab guide.
30 | P a g e
3) From within the Remote Desktop session connected to labo01, extract the necessary installation
files and install the pre-requisite components for installation of System Center 2012 R2
Orchestrator.
net use x: \\labad01\c$
x:\installs\sc2012_r2_sco /silent
net use x: /d
c) In the Administrator: Windows PowerShell ISE window, run the command provided below to
install pre-requisite components for installation of System Center 2012 R2 Orchestrator.
Install-WindowsFeature NET-Framework-Core
4) From within the Remote Desktop session connected to labo01, complete the installation of System
Center 2012 R2 Orchestrator.
a) In the Administrator: Windows PowerShell ISE window, run the commands provided below to
launch the setup program for System Center 2012 R2 Orchestrator.
cd "\sc2012 r2 sco"
.\SetupOrchestrator.exe
b) In the System Center 2012 R2 Orchestrator Setup dialog box, click Install to begin the installation
process.
c) During the System Center 2012 R2 Orchestrator Setup wizard, click the Next button to proceed
through each page. When prompted by the wizard, enter the following field values:
Organization: Contoso
Product Key: Leave blank (evaluation edition)
Select features to install: Default (all features)
Software Prerequisites: Click the radio button option for Activate .NET and IIS features/roles
Username: CONTOSO\sc_admin
31 | P a g e
Domain: CONTOSO
Database server: labdb01
Database server port: 1433
Database server authentication credentials: Windows Authentication
Database: Default (create a new database named Orchestrator)
Orchestrator users group: Default (LABO01\OrchestratorUsersGroup)
Web service port: default (81)
Orchestration console port: default (82)
Installation Location: Default (C:\Program Files (x86)\Microsoft System Center 2012
R2\Orchestrator)
Microsoft Update: On (recommended)
Customer Experience Improvement Program: Yes, I am willing to participate in CEIP
Error Reporting: Yes, I am willing to participate anonymously. Please automatically send my
error reports.
d) When prompted, click the Install button to begin the installation process for System Center
2012 R2 Orchestrator.
When the installation process has completed, uncheck all checkbox options located at the
bottom of the Setup completed successfully page, and click the Close button.
5) From within the Remote Desktop session connected to labo01, download and extract the Microsoft
Azure Integration Pack for System Center 2012 R2 Orchestrator.
a) Browse to http://www.microsoft.com/en-us/download/details.aspx?id=39622 and download
the System_Center_2012_R2_Integration_Packs.EXE file to the c:\sc2012 r2 sco folder location.
cd "\sc2012 r2 sco"
.\System_Center_2012_R2_Integration_Packs
When prompted to Choose Directory For Extracted Files, accept the default path
32 | P a g e
(c:\sc2012 r2 sco) and click the OK button.

6) From within the Remote Desktop session connected to labo01, deploy the Microsoft Azure
Integration Pack for System Center 2012 R2 Orchestrator.
a) Click the Start button tip to navigate to the Start Screen, and then click the
the bottom of the screen to navigate to the All Apps view.
button located at
b) On the Apps screen, click on the Deployment Manager tile located under the Microsoft System
Center 2012 category.
c) In the System Center 2012 R2 Orchestrator Deployment Manager tool, right-click on Integration
Packs in the left navigation panel, and click Register IP with the Orchestrator Management
Server
d) Navigate through the Integration Pack Registration Wizard pages using the Next and Finish
buttons.
When prompted to Select Integration Packs or Hotfixes, click the Add button and browse to
C:\SC2012 R2 SCO\SC2012R2_Integration_Pack_for_Azure.OIP
e) In the System Center 2012 R2 Orchestrator Deployment Manager tool, right-click on Integration
Packs in the left navigation panel, and click Deploy IP to Runbook Server or Runbook Designer
f) Navigate through the Integration Pack or Hotfix Deployment Wizard pages using the Next and
Finish buttons. When prompted, use the following information:
Deploy Integration Packs or Hotfixes: click the checkbox for System Center Integration Pack for
Windows Azure
Computer: enter labo01 and click the Add button
g) When the deployment of the System Center Integration Pack for Windows Azure has completed,
you may close the System Center 2012 R2 Orchestrator Deployment Manager tool.
7) From within the Remote Desktop session connected to labo01, generate and export a self-signed
certificate. This certificate will be used to securely authenticate to your Microsoft Azure
subscription via the Orchestrator management server.
During this step, you will export the certificate file twice: one exported copy will be saved as a .CER
certificate file that can be uploaded to the Microsoft Azure Management Portal, and a second
exported copy will be saved as a .PFX certificate file that can be registered with System Center 2012
R2 Orchestrator.
Internet Information Services (IIS) Manager.
33 | P a g e
b) Click on LABO01 in the connections panel. If prompted to Get started with Microsoft Web
Platform, click the No button.
c) In the center panel of the Internet Information Services (IIS) Manager tool, double-click on
Server Certificates.
d) In the Actions panel located at the right, click Create Self-Signed Certificate. When prompted,
enter the following information:
Friendly name for certificate: System Center 2012 R2 Orchestrator
Certificate store: Personal
Click the OK button to generate the new self-signed certificate.
e) On the Server Certificates page, right-click on the System Center 2012 R2 Orchestrator
certificate and click on View on the pop-up menu.
f) On the Certificate dialog box, click the Details tab and then click the Copy to File button. This
will launch the Certificate Export Wizard.
g) Navigate through the Certificate Export Wizard using the Next button. When prompted, enter
the following information:
Export Private Key: No
Export File Format: default (DER encoded binary X.509 .CER)
File name: c:\sc2012 r2 sco\labo01.cer
After specifying all of the above information, click the Finish button to complete the export
process. Click the OK button twice to dismiss each open dialog box.
h) On the Server Certificates page, right-click on the System Center 2012 R2 Orchestrator
certificate and click on Export on the pop-up menu.
i)
In the Export Certificate dialog box, enter the following information:

Export to: c:\sc2012 r2 sco\labo01.pfx
Password: Enter and confirm the same password recorded in Exercise 4, Step 5.
After specifying all of the above information, click the OK button to complete the export
process.
j)
Sign in at the Microsoft Azure Management Portal with the logon credentials used when you
34 | P a g e
k) Select Settings located on the side navigation panel on the Microsoft Azure Management Portal
page. You may need to scroll down the side navigation panel to see this selection.
l)
On the Settings page, click on the Management Certificates tab.
m) On the Management Certificates page, click on the Upload button located on the bottom black
toolbar. When prompted, browse to c:\sc2012 r2 sco\labo01.cer and click the
button.
Your newly uploaded certificate should appear with a name of labo01.contoso.com.
n) For your newly uploaded certificate, select the value listed in the Subscription ID column and
copy this value to your clipboard for later use in this lab exercise.
8) From within the Remote Desktop session connected to labo01, connect System Center 2012 R2
Orchestrator to your Microsoft Azure subscription.
a) Click the Start button tip to navigate to the Start Screen, and then click the
the bottom of the screen to navigate to the All Apps view.
button located at
b) On the Apps screen, click on the Runbook Designer tile located under the Microsoft System
Center 2012 category.
c) In the System Center 2012 R2 Orchestrator Runbook Designer tool, click on the Options menu
located on the top menu bar and select Windows Azure.
d) In the Windows Azure dialog box, click the Add button to add a new Microsoft Azure
subscription.
e) In the Add Configuration dialog, enter the following information for the Microsoft Azure
subscription to be connected:
Name: My Azure Cloud
Type: Azure Management Configuration Settings
Azure Endpoint: default (https://management.core.windows.net)
PFX File Password: Enter the password recorded in Exercise 4, Step 5
PFX File Path: c:\sc2012 r2 sco\labo01.pfx
Subscription ID: Paste the value copied to your clipboard in Step 7n above
Click the OK button to save this connection to your Microsoft Azure subscription.
35 | P a g e
f) Click the Finish button to close the Windows Azure dialog box.
9) From within the Remote Desktop session connected to labo01, create a basic Runbook to automate
Microsoft Azure virtual machine provisioning by creating a new storage container, cloud service and
virtual machine instance.
As part of the process in creating this Runbook, you will be leveraging four (4) activities that are
provided by the previously installed Microsoft Azure Integration Pack: Azure Virtual Machine
Images, Azure Storage, Azure Cloud Services and Azure Virtual Machines. After this Runbook is
created, it should look like the sample diagram below.
a) In the System Center 2012 R2 Orchestrator Runbook Designer tool, right-click on Runbooks in
the left navigation panel and select New | Runbook.
b) Click on the Check Out button on the top toolbar to check out the new Runbook for editing.
c) In the Activities list in the right navigation panel, click on Windows Azure to expand the set of
activities associated with the Microsoft Azure Integration Pack.
d) Click on the Azure Virtual Machine Images activity in the Activities list and drag it into the upper
left of the New Runbook design surface located in the middle panel of the Runbook Designer
tool.
Right-click on this activity and click on Properties to set the following property values:
Configuration Name: My Azure Cloud
Choose an Activity: List OS Images
Filters: Label equals Windows Server 2012 R2 Datacenter, April 2014
Click the Finish button to save the property values for this activity.
36 | P a g e
e) Click on the Azure Storage activity in the Activities list and drag it to the New Runbook design
surface so that it is located to the right of the previous activity.
Click on the previous activity and drag the right arrow handle over this new activity to connect
the two activities together.
Right-click on the Azure Storage activity in the New Runbook design surface and click on
Properties to set the following property values:
Choose an Activity: Create Container
Storage Account Name: XXXlabstor01 (where XXX is replaced with your unique initials)
Container Name: labvhds
f) Click on the Azure Cloud Services activity in the Activities list and drag it to the New Runbook
design surface so that it is located to the right of the previous activity.
Right-click on the Azure Cloud Services activity in the New Runbook design surface and click on
Properties to set the following property values:
Choose an Activity: Create Cloud Service
Service DNS Prefix: XXXlabvms (where XXX is replaced with your unique initials)
Label: XXXlabvms (where XXX is replaced with your unique initials)
Description: Lab VMs
Location/Affinity Group: Affinity Group
Location/Affinity Group Value: labag01
37 | P a g e
g) Click on the Azure Virtual Machines activity in the Activities list and drag it to the New Runbook
design surface so that it is located to the right of the previous activity.
Right-click on the Azure Virtual Machines activity in the New Runbook design surface and click
on Properties to set the following property values:
Choose an Activity: Create VM Deployment
Service Name: right-click and select Subscribe | Published Data | Azure Cloud Services |
Service DNS Prefix
Deployment Name: XXXlabvm01 (where XXX is replaced with your unique initials)
Deployment Slot: Production
Label: labvm01
VM Instance Name: labvm01
Image Type: Platform Image
Operating System Type: Windows
Computer Name: labvm01
Admin Password: Enter the password recorded in Exercise 4, Step 5
Container URI: right-click and select Subscribe | Published Data | Azure Storage | Container
Url
Blob VHD Name: labvm01
Source Image Name: right-click and select Subscribe | Published Data | Azure Virtual Machine
Images | Name
Wait for Completion: True
38 | P a g e
10) From within the Remote Desktop session connected to labo01, run the newly created Runbook
using the System Center 2012 R2 Orchestrator Runbook Tester.
a) Click on the Runbook Tester button that is located on the top toolbar of the System Center 2012
R2 Orchestrator Runbook Designer tool.
b) In the System Center 2012 R2 Orchestrator Runbook Tester tool, click on the Run button on the
top toolbar.
c) As the Runbook executes, monitor progress in the bottom Log panel in the Runbook Tester tool.
d) After the Runbook successfully completes, sign-in to the Microsoft Azure Management Portal
and confirm that labvm01 has been automatically provisioned as a new virtual machine by
navigating to the Virtual Machines portal page.
EXTRA CREDIT! Use the System Center 2012 R2 App Controller portal on labac01 to delete the virtual
machine, cloud service and storage container that were provisioned as part of this automated Runbook.
Note that after deleting the virtual machine, you may be required to wait a few minutes before you are
able to sucessfully delete storage resources.
When you have completed exploring the cloud resources that were automatically provisioned by the
System Center 2012 R2 Orchestrator Runbook, you may continue with the next exercise.
39 | P a g e
Exercise 10: Shut down the On-demand Dev/Test Lab Environment

Your functional Dev/Test Lab environment is now complete, but you likely wont be using this lab
environment 24x7 around-the-clock. As long as the virtual machines are running, they will continue to
accumulate compute hours against your Microsoft Azure subscription.
To preserve your compute hours for productive lab work, be sure to shut down each VM from the
Microsoft Azure Management Portal when not in use. After each VM is successfully shut down, the
status of each VM will be listed in the portal as Stopped (Deallocated) and compute charges will not
accumulate for VMs in this state.
Follow these steps to shut down your virtual machines:
Portal page.
3) For each provisioned virtual machine, click on the virtual machine name to select that virtual
machine, and then click on the Shut down button located on the bottom toolbar.
When all virtual machines are listed in the portal with a Stopped (Deallocated) status, you have
completed this exercise.
TIP! It is important to shut down the VMs from the Microsoft Azure Management Portal to properly deallocate compute resources and prevent compute charges from accumulating. If you shut down VMs
from within the Guest OS or from the System Center 2012 R2 App Controller portal, the VMs will be
placed in a different Stopped status where compute resources are not de-allocated and compute
charges in this state will still apply.
40 | P a g e
Additional Resources
Congratulations! Youve completed this Hands-on Lab for Building and Managing a Dev/Test Farm in the
Cloud using Microsoft Azure Infrastructure Services.
If you enjoyed this Hands-On Lab, be sure to check-out our full set of Cloud Step-By-Step Guides for
building other common hybrid cloud scenarios at:
Cloud Labs Step-by-Step Guides

http://aka.ms/CloudLab
Guided Hands-On Lab: Build a Cross-Premises Site-to-Site VPN

http://aka.ms/VNetCloudLab
Guided Hands-On Lab: Migrate VMs from VMware to Microsoft Azure

http://aka.ms/VMWCloudLab
Guided Hands-On Lab: Migrate VMs from Amazon AWS to Microsoft Azure
http://aka.ms/AWSCloudLab
Guided Hands-On Lab: Orchestrate Private Cloud Failover with Microsoft Azure Hyper-V Recovery
Manager
http://aka.ms/HVMCloudLab
Step-by-Step: Cloud Backups of Microsoft Azure Virtual Machines using PowerShell ( Part 1)
http://aka.ms/BackupWindowsAzureVM
Step-by-Step: Cloud Restores of Microsoft Azure Virtual Machines using PowerShell ( Part 2 )
http://aka.ms/AzureVMRestoreCloudLab
Build Your Hybrid Cloud in a Month

http://aka.ms/BuildYourCloud
Introduction to PowerShell
http://aka.ms/PoshIntro
41 | P a g e
Alternate to Exercise 7: Provision Virtual Machines for System Center

2012 R2
Exercises 7A and 7B below are provided as alternate exercises to the original Exercise 7 in this Hands -on
Lab Guide. These alternate exercises leverage the Microsoft Azure Management Portal to provision
virtual machines for System Center 2012 R2, rather than leveraging the Microsoft Azure PowerShell
Module for this purpose.
Exercise 7A: Provision Virtual Machine for System Center 2012 R2 App
Controller
Provision a new Microsoft Azure VM for System Center 2012 R2 App Controller by performing
the following steps:
Portal page.
button.

updates applied.
Virtual Machine Name: labac01
Tier: Standard
Size: A2 (2 cores, 3.5GB Memory)
Click the
42 | P a g e
button to continue.

XXXlabmgmt.cloudapp.net
above.
Availability Set: (None)
Click the
button to continue.
7) On the Virtual Machine Configuration page, click the button to accept the default firewall
endpoint values and begin provisioning the new virtual machine.
8) After the new virtual machine has finished provisioning, click on the name (labac01) of the new
9) On the virtual machine Dashboard page for labac01, make note of the Internal IP Address displayed
network.
43 | P a g e
10) On the virtual machine Dashboard page for labac01, click the Connect button located on the bottom
navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console
of this virtual machine. Logon at the console of your virtual machine with the local Administrator
credentials defined in Step 5 above as follows:
User name: labac01\AzureAdmin
operation.
d) Restart the labac01 virtual machine by issuing the following PowerShell cmdlet:
Restart-Computer
You have completed the initial provisioning of this Microsoft Azure virtual machine for System
Center 2012 R2 App Controller. In a later exercise in this Hands-on Lab Guide, you will complete
the installation and configuration of System Center 2012 R2 App Controller.
44 | P a g e
Exercise 7B: Provision Virtual Machine for System Center 2012 R2

Orchestrator
Provision a new Microsoft Azure VM for System Center 2012 R2 Orchestrator by performing the
following steps:
Portal page.
button.

updates applied.
Virtual Machine Name: labo01
Tier: Standard
Size: A2 (2 cores, 3.5GB Memory)
Click the
45 | P a g e
button to continue.

Cloud Service: XXXlabmgmt
XXXlabmgmt.cloudapp.net
above.
Availability Set: (None)
Click the
button to continue.
7) On the Virtual Machine Configuration page, click the button to accept the default firewall
endpoint values and begin provisioning the new virtual machine.
8) After the new virtual machine has finished provisioning, click on the name (labo01) of the new
9) On the virtual machine Dashboard page for labo01, make note of the Internal IP Address displayed
network.
46 | P a g e
10) On the virtual machine Dashboard page for labo01, click the Connect button located on the bottom
navigation toolbar and click the Open button to launch a Remote Desktop Connection to the console
of this virtual machine. Logon at the console of your virtual machine with the local Administrator
credentials defined in Step 5 above as follows:
User name: labo01\AzureAdmin
operation.
d) Restart the labo01 virtual machine by issuing the following PowerShell cmdlet:
Restart-Computer
You have completed the initial provisioning of this Microsoft Azure virtual machine for System
Center 2012 R2 Orchestrator. In a later exercise in this Hands-on Lab Guide, you will complete
the installation and configuration of System Center 2012 R2 Orchestrator.
47 | P a g e

US IT Camp - Azure Hybrid Cloud HOL - FY14H2 - 201405 PDF

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

US IT Camp - Azure Hybrid Cloud HOL - FY14H2 - 201405 PDF

Transféré par

Droits d'auteur :

Formats disponibles

Hands-on Lab: Build and Manage a

Dev/Test Server Farm in the Cloud using

Microsoft Azure Management Portal

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

A modern web-browser with HTML5 and Javascript enabled

Lets Get Started!

Get Started with Microsoft Azure Infrastructure Services

Estimated time to complete: 3 hours

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 1: Get Started with Microsoft Azure Infrastructure Services

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

c) Click the +ADD button on the bottom navigation bar.

button to create a new Affinity Group.

4) Create a new Microsoft Azure Storage Account.

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 2: Register a DNS Server in Microsoft Azure

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 3: Define a Virtual Network in Microsoft Azure

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 4: Configure Windows Server Active Directory in a Microsoft

5) On the Virtual machine Configuration page, complete the fields as follows:

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

6) On the Virtual machine Configuration page, complete the fields as follows:

7) On the Virtual Machine Configuration page, click the

button to accept the default values and

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 5: Configure SQL Server 2012 in a Microsoft Azure VM

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

6) On the Virtual Machine Configuration page, complete the fields as follows:

7) On the Virtual Machine Configuration page, click the

button to accept the default values and

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 6: Configure SharePoint Server 2013 in a Microsoft Azure VM

5) On the Virtual Machine Configuration page, complete the fields as follows:

6) On the Virtual Machine Configuration page, complete the fields as follows:

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

8) On the Virtual Machine Configuration page, click the

button to accept the default values and

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 7: Provision Virtual Machines via Windows PowerShell for

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 8: Manage Microsoft Azure with System Center 2012 R2 App

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Generate self-signed certificate: Selected

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

k) On the Settings page, click on the Management Certificates tab.

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

instead of a self-signed certificate.

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Bui l d & Manage a De v / Te st Se rv e r Farm i n the Cl oud

Exercise 9: Automate your Lab Environment with System Center 2012 R2