Windows Admin Center (WAC) is a flexible, locally-deployed, browser-based management platform and solution. It contains core tools for troubleshooting, configuration, management and maintenance for Windows Server, Windows Client, Software-Defined Storage (SDS), Software-Defined Network (SDN), Microsoft Hyper-V Server, and more.
At Microsoft Ignite in Orlando this week, Microsoft announced a new integration service between Azure Backup and Windows Admin Center. For additional Azure integration services, please check the following link.
The prerequisites are very simple as follows.
First you need to make sure you are running Windows Admin Center (WAC) Version 1809 and you have installed Azure Backup extension. If you are currently using version 1804 of Windows Admin Center, please make sure to upgrade to version 1809.
Next, you need to register Windows Admin Center gateway with Azure. You can register the gateway with Azure from the same window. Once you authenticate with Azure, you need to select the Tenant ID to grant permission, and finally click Register.
You are almost done! in the last step, you’ll need to visit the Azure portal and grant permissions to the application.
Go to the Azure AD app registration | Select ‘Settings‘ > ‘Required permissions‘, then click ‘Grant Permissions‘ > ‘Yes‘
Once permission is granted, you are ready now to enable Azure Backup.
Enable Azure Backup in Windows Admin Center
To enable Azure Backup, take the following easy steps:
- Add the desired Windows Server to Windows Admin Center
- Once you add the server, connect to it, select Backup on the left-hand side, and then click Set up Azure Backup.
- Click Login into Microsoft Azure portal, if you don’t have an Azure account, you can directly Sign-up and create a new account.
- Once you login, Windows Admin Center automatically pulls subscription details from your Azure account, so that everything in Azure is set up for you to quickly Backup your Windows Server. Thanks to the automatic provisioning of resources in Azure, you can pretty much just review the selections including the Recovery Services Vault where your server backup will be stored, and simply skip to Step 3 to select Backup Items and Schedule for your servers backup.
- In this example, I will update the settings in Step 2 to match the nearest Azure datacenter and the desired Recovery Services Vault.
- In Step 3: Select Backup Items and Schedule. You can select System State or additional volumes, and quickly estimate the size of your total backup, and then select from one or more presets for backup and retention schedules to meet your backup needs.
- The final step, is to secure your backup with an Encryption Passphrase, so your backup data is protected both in transit and at rest. Enter minimum 16 characters encryption passphrase and click Apply. As a side note, the encryption key should be stored in a safe place such as Azure Key Vault. Otherwise, cloud recovery is kind of, well, impossible later.
- Windows Admin Center does the magic of provisioning resources in your Azure subscription, and setting up your server with Azure Backup while configuring the selected backup and retention schedules.
Monitor Azure Backup in Windows Admin Center
Once the set up is completed, you will be taken to the Azure Backup dashboard that has a rich set of monitoring and management tools.
As you can see in the screenshot below, at the top in the Overview page, you can actually see various essential information’s such as Recovery Services Vault where your backups are kept, you can also look at when the latest recovery point was created what was the last backup status, and additional information.
Manage Azure Backup in Windows Admin Center
In the same Overview page, you can also performing frequent operations such as an ad-hoc Backup, this is especially useful when you want to patch your server.
You can also go the Jobs page, and see the list of all backup operations and their status. You can even click on any job and see it’s status in details. This is very useful to troubleshoot failed jobs and figure out what is the problem. And you can even configure Alerts and Notifications for completion and failures of various backup jobs that are triggered on the server, so you can remotely monitor your server backups.
You can click on Recovery Points page and see all the recovery points that have been created for the server and even recover data from this place.
Last but not least, let’s look at the enhanced security aspect of Azure Backup in Windows Admin Center that helps prevent your backups from being attacked by Ransomware and other malicious corruptions and deletions. So when the attacker is trying to delete backup data from your server, in that case, it will be actually prompted to enter a security PIN. Now the hacker might not have access to your server, but to get the security PIN, it needs to be able to access the Recovery Services Vault in Azure and then get the PIN to delete the Backup. Well, if a malicious Admin who had access to the Recovery Services Vault and deleted your backups, there’s no need to worry though, because Azure Backup actually retains these backups for up to 14 days so you can recover this data. This way you can actually protect your backups and always ensure you have multiple recovery points to recover from, in case your server is attacked by Ransomware or otherwise.
That’s it! Very simple.
Azure Backup in Windows Admin Center will automatically sets up the Microsoft Azure Recovery Services (MARS) agent and allows managing the MARS agent without having to RDP into the server. So it is not replacing the MARS agent but instead providing an interactive experience (single pane of glass) that allows for remote management of the MARS Agent from setting it up, to applying policy, to performing frequent operations and monitoring, and being able to restore remotely. This is especially useful for server core which does not have GUI.
As you have seen, Microsoft is investing more and more in Windows Admin Center (WAC), which is making it easy for Windows Server admins to easily leverage services in Azure and ensure a seamless and effective management of servers by providing the best of Azure and on-premises through a single management interface. Thus providing first class management of hybrid infrastructure with the use of optimal combination of on-premises infrastructure and the cloud.
Last but not least, Windows Admin Center is a freely available management tool for anyone to use and makes managing a set of servers with or without GUI remotely, very easy, especially for “day-to-day activities”. Download a copy of Windows Admin Center 1809 from here and enjoy modern management.
Thank you for reading my blog.
If you have any questions or feedback, please leave a comment.