What we see these days is that more and more companies embrace, public clouds, like Azure, and start working in a hybrid cloud scenario. Where they not only run their resources and workloads on-premises in their own data centers, but also in Azure or in other public cloud environments, like AWS or Google Cloud.
And this is where Windows Admin Center (WAC) comes into play, because it can not only be used to centrally manage your complete Windows server environment. But next to that it can also be used as a gateway to extend your on-premises servers to the cloud by using all kind of Azure Hybrid Cloud services, like Azure Arc, Azure Monitor or Azure Backup.
To be able to use these Azure hybrid services within WAC, there are some configuration steps you need to complete. First of all, you must register your Windows Admin Center gateway with Azure. For this registration, which you only need to do once, your Windows Admin Center gateway requires an Azure Active Directory (Azure AD) application ID. During this registration, also all the necessary permissions needed to create and manage Azure resources on your behalf will be automatically configured.
In this blog post, I will show you all the required steps you need to follow to register your WAC instance with Azure.
- WAC (currently version 2110) running on a local Windows Server instance (Windows Server 2019 or 2022) and configured as a Gateway Server. You can download WAC from here.
- The user who registers the gateway needs to have the Windows Admin Center gateway administrator role.
- An Azure Subscription
- An Azure Administrator account
You can find more information about the he different installation options for WAC over here
Open your Windows Admin Center from a web browser, like Edge or Chrome (preferably from a privileged access workstation). When logged in, click on the Settings gear icon, which you can find in the top right corner, to open the Account page.
On the Account page click on Register with Azure.
And then click Register to start registering your WAC with Azure.
On the Get started with Azure in Windows Admin Center page, which opens on the right-side, select Azure Global from the Select an Azure cloud dropdown menu. Then click the Copy button to copy the uniquely generated device code.
Click the Enter the code URL, which will open up another browser window into which you can then paste the code you just copied.
After pasting the code, click Next.
On the Sign in pop-up page you need to enter the credentials to connect your WAC with Azure. So, first of all enter your accounts email address for authentication and then click Next.
Then enter the password for the account and click Sign in.
If MFA is enabled for your account, approve the sign in request with your Microsoft Authenticator app.
When you are asked to confirm that you are trying to sign into Windows Admin Center, click Continue.
If all went well, you then should see the following message: “You have signed in to the Windows Admin Center application on your device. You may now close this window.” If so, close the browser window and return to the original registration page.
Back on the registration page, click Create New under the Azure Active Directory Application field (or select Use existing if you already have an existing Azure AD application ID). Then click Connect, to create a new Azure AD application from which you will be able to manage your gateway user(s) and gateway administrator(s) access.
If your account has the sufficient Azure RBAC role, you should see a confirmation saying: Now connected to Azure AD. If so, select Sign in to sign into Windows Admin Center with your Azure Administrator account.
On the Permissions requested dialog box, click Accept.
If all went well, you should now see that Windows Admin Center is successfully registered with Azure.
You can now also verify your signed in Azure Account or even switch accounts under the Account page.
You can also verify or change any settings for the newly created WAC Azure AD app by login in into the Azure Portal, where you open the Azure Active Directory page. You can then find the WAC Azure AD app under the Manage field, by clicking on App registrations and selecting All applications.
You now have successfully registered your WAC with Azure and you can start onboarding your on-premises servers and start using the available Azure services.
These days you can use WAC to enable all kind of Microsoft hybrid cloud scenarios. To do so, first you will need to register your Windows Admin Center gateway with Azure, which allows WAC to communicate with Azure. Afterwards you can onboard your on-premises or other cloud servers and start using Azure Hybrid features like Azure Backup, Azure Site Recovery, Azure Arc or Azure Monitor directly from inside WAC to manage, backup or better protect them.
Pingback: Festive Tech Calendar 2021: Battle for the Hybrid Cloud – The Christmas edition – Wim Matthyssen