Tuesday, January 30, 2024

How Windows Admin Center can make your server management easier and more secure


Windows Admin Center (WAC) is a web-based tool that lets you manage your Windows servers and clients from anywhere, without needing to connect to the cloud. It is a modern and flexible solution that complements your existing management tools and integrates with Azure services.

In this blog post, I will highlight some of the benefits of using WAC and the upcoming features that will make it even better. The latest release up to date is the WAC version 2311.

Benefits of Windows Admin Center

WAC offers many advantages over traditional management tools, such as:

  • Familiar functionality – WAC contains many of the familiar tools you currently use to manage Windows Servers and clients, such as Server Manager, MMC, PowerShell, and more. You can access them from a single, browser-based interface that is easy to use and navigate.
  • Easy to install and use – You can install WAC on a Windows 11 computer or a Windows Server 2022 acting as a gateway, and start managing your servers and clients in minutes. You don’t need to install any agents or dependencies on the managed machines. You can also publish your WAC gateway to the public Internet and manage your servers from anywhere, securely and remotely.
  • Complements existing solutions – WAC works with solutions like System Center and Azure management and security, adding to their capabilities to perform detailed, single-machine management tasks. You can also leverage the power of Azure for monitoring, backup, file sync, security, and more, by integrating your on-premises servers with Azure hybrid services.
  • Enhanced security for your management platform – WAC has many security features that make your management platform more secure, such as role-based access control, gateway authentication, HTTPS encryption, and support for Windows Defender Application Control (WDAC). You can also use WAC to manage your WDAC-enforced infrastructure, which restricts the applications that users are allowed to run and the code that runs in the system core.

Upcoming features of Windows Admin Center

WAC is constantly evolving and improving, thanks to the feedback and suggestions from the community and customers. Some of the new features that are coming soon or are already available in preview are:

  • Search settings with smart keywords – The settings pages for WAC, Cluster Manager, Server Manager, and Computer Management now contain a search box to improve navigation. The search feature can handle non-trivial keywords to match more than just the section title.
  • Support for 400% zoom – WAC now supports up to 400% zoom for visually impaired users. You can zoom and navigate through WAC without any issues or concerns.
  • Windows Admin Center in Azure – This new capability allows you to manage the Windows Server OS running on Azure IaaS seamlessly and at a more granular level. WAC in Azure is available to customers running Windows Server 2016, 2019, or 2022 virtual machines. You can access it from the Azure portal and perform tasks such as file sharing, certificate management, firewall configuration, and more.
  • File sharing functionality in the files tool – You can now share files and folders from your servers and clients using WAC. You can create and manage shares, set permissions, and access them from other machines. You can also use WAC to manage existing shares created by other tools.

WAC file and folders screen

WAC file and folders screen

  • Azure update management integration in the updates tool – You can now use WAC to enroll your servers and clients to Azure update management, which is a service that helps you manage updates across your hybrid environment. You can schedule updates, review compliance, and monitor the update status from WAC.

You can install WAC simply on a Windows 11 computer and start managing in minutes, or install on a Windows 2022 server acting as a gateway to enable your entire organization to manage computers from their web browser.

How to install and configure Windows Admin Center in an enterprise environment

If you want to use Windows Admin Center in an enterprise environment, you need to install it on a server that acts as a gateway for multiple users to access and manage their servers and clients. You also need to configure some settings to ensure the security and performance of your management platform. In this section, I will guide you through the steps to install and configure Windows Admin Center in an enterprise environment.

Install Windows Admin Center on a server

To install Windows Admin Center on a server, you need to download the MSI package from the official website and run it on the server that you want to use as a gateway. You can also use PowerShell or other deployment tools to automate the installation process. You can install Windows Admin Center on a Windows Server 2016, 2019, or 2022 with desktop experience or Server Core.

You can select a port to use for WAC, during installation

You can select a port to use for WAC, during installation

During the installation, you need to specify the following options:

  • Certificate – The SSL certificate that Windows Admin Center uses for HTTPS encryption. You can choose to generate a self-signed certificate for testing purposes, or use an existing certificate that is already installed on the server. The certificate must match the DNS name or IP address of the server, and wildcard certificates are not supported.

WAC certificate selection before finishing the installer finishes

WAC certificate selection before finishing the installer finishes

  • User access – The users or groups that are allowed to access Windows Admin Center. You can use local users or groups, or domain users or groups. You can also use Azure Active Directory (AAD) users or groups if you have an Azure subscription and a hybrid identity setup. You can add or remove users or groups later from the Windows Admin Center settings page.
  • TrustedHosts – The option to let Windows Admin Center manage your TrustedHosts settings. TrustedHosts is a PowerShell configuration that allows remote connections to servers or clients in a workgroup environment, or when using local administrator credentials in a domain. If you enable this option, Windows Admin Center will automatically add or remove the managed nodes to the TrustedHosts list of the gateway server. If you disable this option, you need to manually configure TrustedHosts on the gateway server and the managed nodes.

After the installation is complete, you can access Windows Admin Center from a web browser on a remote computer by entering the URL of the gateway server, such as https://gateway-server:port. You need to sign in with a user account that has access to Windows Admin Center and the managed nodes.

Windows Admin Center – add some servers/clients to manage screen

Windows Admin Center – add some servers/clients to manage screen

Configure Windows Admin Center settings

After you install Windows Admin Center on a server, you can configure some settings to customize your management platform. You can access the settings page by clicking the gear icon on the top right corner of the Windows Admin Center window. Some of the settings that you can configure are:

  • Extensions: Extensions are add-ons that enhance the functionality of Windows Admin Center. You can install, update, or uninstall extensions from the Extensions page. You can also enable or disable automatic updates for extensions. Some of the extensions that are available for Windows Admin Center are Azure Backup, Azure File Sync, Azure Monitor, Cluster Creation, and more.

Install additional extensions via Settings > Extensions

Install additional extensions via Settings > Extensions

  • Gateway – The Gateway page shows the information and status of the gateway server, such as the version, port, certificate, and user access. You can also restart or uninstall the gateway service from this page. You can also configure the gateway proxy settings if you need to connect to the Internet through a proxy server.
  • PowerShell – The PowerShell page allows you to configure the PowerShell settings for Windows Admin Center, such as the execution policy, the module path, and the script timeout. You can also enable or disable PowerShell remoting and PowerShell transcription. PowerShell remoting allows you to run PowerShell commands on remote servers or clients from Windows Admin Center. PowerShell transcription records the PowerShell commands and outputs in a text file for auditing purposes.

PowerShell Scripts allows you to script repetitive tasks

PowerShell Scripts allows you to script repetitive tasks

  • Updates – The Updates page allows you to check for updates for Windows Admin Center and install them if available. You can also enable or disable automatic updates for Windows Admin Center. You can also integrate Windows Admin Center with Azure Update Management, which is a service that helps you manage updates across your hybrid environment. You can enroll your servers or clients to Azure Update Management, schedule updates, review compliance, and monitor the update status from Windows Admin Center.

Link: WAC blog here

Conclusion

Windows Admin Center is a powerful and versatile tool that can help you manage your Windows servers and clients more easily and securely. It is a modern and flexible solution that complements your existing management tools and integrates with Azure services. It also offers many new features and updates that make it even better. If you haven’t tried it yet, you can download it for free and start managing your servers and clients today. You can also provide your feedback and suggestions to the WAC team and help shape the future of the product.



from StarWind Blog https://ift.tt/bGaeJnQ
via IFTTT

No comments:

Post a Comment