Administrator Guide
Table Of Contents
- Dell Hybrid Cloud System for Microsoft Cloud Platform System Standard Version 1.5 Administrators Guide based on release 1803
- Overview
- Administration
- What to do first
- Next steps
- Managing Dell Hybrid Cloud System for Microsoft
- Creating tenant VM networks
- Adding tenant VM networks to the cloud
- Flagging the operating system VHD in the VM templates
- Enabling guest-specified IP addresses in VMM
- Creating additional tenant storage shares
- Using Windows Azure Pack
- Default Windows Azure Pack configuration
- Before you go into production
- Setting up tenant portal access on an isolated network
- Replacing self-signed certificates
- Disabling the tenant AuthSite and the admin Windows AuthSite websites
- Updating to a Security Token Service and re-establishing trust
- How to open the management portal for administrators
- How to open the management portal for tenants
- Offering services to tenants
- Optional configuration
- Automating tasks for efficiency
- Windows Azure Pack API reference content for developers
- Configuring disaster recovery protection
- Operations
- Monitoring
- Backup and recovery
- Onboard to Azure Backup
- Default backup schedule and retention policy
- DPM protection groups
- Disable machine account password rotation on management VMs
- Protecting tenant VMs
- Recovering VMs and databases—high level
- Recovering from management component failures
- Recovering a tenant VM
- Recovering DPM from DPM failures
- Adding extra disks to DPM
- Monitoring DPM
- Using the Dell Hybrid Cloud System for Microsoft data consistency runbooks
- Updating the Dell Hybrid Cloud System for Microsoft
- Shutting down and starting up the stamp
- Security
- Appendix A Expanding the stamp
- Appendix B Performing a factory reset
- Appendix C Retrieving cluster names, host names, and IP addresses
- Appendix D Ports and protocols
Security
This chapter discusses security issues pertaining to:
• User accounts
• Passwords
• Encryption keys
• Managing antivirus, antimalware, and certica
tes.
Topics:
• User accounts and groups that are added by default
• Resetting service account passwords
• Rotating Windows Azure Pack encryption keys
• Managing antivirus and antimalware
• Managing certicates
User accounts and groups that are added by default
Tables in this section identify and describe user accounts and security groups that are created by the Dell Hybrid Cloud System for
Microsoft deployment process.
All Active Directory objects for Dell Hybrid Cloud System for Microsoft are created in the Active Directory organizational unit (OU) that you
specied during deployment.
NOTE: Never log on to Dell Hybrid Cloud System for Microsoft, or sign in to the Windows Azure Pack website, by using service
accoun
ts. Do not use service accounts directly for administrative operations. Service accounts should only be used by Dell
Hybrid Cloud System for Microsoft services and processes to communicate internally.
User accounts
Because the Dell Hybrid Cloud System for Microsoft is integrated with your Active Directory domain, you can use existing domain user
accounts for management. Make sure you add accounts to the appropriate security groups. See the Groups table as well.
Table 33. User accounts
Type Accounts Privileges Usage Password Management
Delegated administrator Account is specied b
y
customer during
deployment.
Has Full Control
permissions to the parent
OU (and all child objects)
that was created for the
Dell Hybrid Cloud System
for Microsoft in Active
Used to deploy the Dell
Hybrid Cloud System for
Microsoft stamp.
Controlled via domain
policy.
4
114 Security