Manage Windows Server in the Azure Portal With Windows Admin Center

5 Min. Read

Updated on 03/03/2021 – This article was updated to include the latest announcement made by the Windows Admin Center team during Microsoft Ignite 2021.

In this article, I will share with you how to natively manage Windows Server VMs in the Azure Portal with the new Windows Admin Center extension (public preview).

Introduction

Windows Admin Center (WAC) is a flexible, locally-deployed, browser-based management platform, and solution. It contains core tools for troubleshooting, configuration, management, and maintenance for Windows Server, Windows Client, Software-Defined Storage (SDS), Software-Defined Network (SDN), Microsoft Hyper-V Server, and more…

Windows Admin Center is not only for managing servers, clusters, hyper-converged infrastructure, and Windows 10 PCs, but it also lets you connect your Windows Server to Azure hybrid services whether they are running on-premises or in a different cloud provider. There are many more hybrid services for Windows Server, which you can leverage with Windows Admin Center.

For the complete list of all Azure hybrid services integration with Windows Admin Center, please check the official documentation from Microsoft here.

At Microsoft Ignite in September 2020, Microsoft announced a new way to natively manage your Windows Server IaaS virtual machines from within the Azure Portal with Windows Admin Center. This is a great capability, which will provide you with granular management, configuration, troubleshooting, and maintenance functionality for managing your Windows Server VMs in the Azure Portal directly without the need to RDP into the VM. The first public preview was closed by the end of September 2020.

Finally, after long waiting, and during Microsoft Ignite in March 2021, the Windows Admin Center team announced the public preview v2 of Windows Admin Center in the Azure Portal broadly.

What’s new in Public Preview V2

At the time of this writing (March 2021), Microsoft added the following new features:

  • Support for connection over a Private IP address besides the support over a Public IP address for added security.
  • Support for VMs with custom images.
  • Support for VMs that are domain controllers.
  • Bug fixes.
  • Performance improvements.

Prerequisites

To follow this article, you need to have the following prerequisites:

  1. Azure subscription. If you don’t have an Azure subscription, you can create a free one here.
  2. Windows Server 2016 or Windows Server 2019 Azure virtual machine. If you don’t have a virtual machine, you can follow this quick start guide to create a new Windows Server virtual machine in the Azure Portal.
    • Please note that the VM you create in Azure must have at least 3 GiB of RAM or more. This is a requirement for the Windows Admin Center extension to work properly.
  3. The management PC or machine that you use to connect to the Azure portal has the following requirements:
    • The Microsoft Edge or Google Chrome browser.
    • You need to have access to the virtual network that is connected to the VM (this is more secure than using a public IP address to connect). For example, if you want to manage the VM in Azure from on-premises using a Private IP address, then you need to have network connectivity over private networks such as site-to-site VPN, point-to-site VPN, or ExpressRoute.

Install Windows Admin Center extension

Log in to the Azure Portal and take the following steps:

  1. Select the desired Windows Server virtual machine where you want to install the new extension, and then navigate to the “Windows Admin Center (preview)” tab on the left-hand side of the VM under Settings.Manage Windows Server in the Azure Portal With Windows Admin Center 2
  2. In the Windows Admin Center page, select a public inbound port through which Windows Admin Center will communicate to the VM (you can choose a different port if you want), and then click the Install button. For security precautions, do NOT select ‘open this port for me‘ which is only recommended for testing purposes, because if you let Azure configure this port for you in the Network Security Group, the port will be open to any source with the highest priority which you don’t want to do for production VMs. Manage Windows Server in the Azure Portal With Windows Admin Center 3
  3. The installation of the extension will take around 5 minutes to complete.
  4. If you want to connect to the VM from specific public IP addresses, then you want to navigate to the ‘Networking‘ tab of the VM and add a new inbound security rule as shown in the figure below. Here is an example of what the inbound rule settings look like. You need to set the Source to IP addresses, and the Source IP addresses of all your management system IPs. The Destination is set to Any and the Destination port ranges to the port you specified in the previous step, and the Protocol is set to Any.Add inbound security rule

Connect to Windows Admin Center in Azure

Once the inbound security rule is added, you can take the following steps:

  1. Switch back to the “Windows Admin Center (preview)” tab on the left-hand side of the VM under Settings. Then specify whether you want to use a Private IP address or Public IP address, then click on “Connect” as shown in the figure below. The connection will take around one minute, as part of the connection process, Microsoft periodically renews your Windows Admin Center certificate for security purposes.Connecting to Azure VM using Windows Admin Center in the Azure Portal
  2. Then you will be asked to enter your VM’s local administrator credentials. Enter the username and password and click ‘Sign in‘.Manage Windows Server in the Azure Portal With Windows Admin Center 4
  3. Once the credentials are entered, Windows Admin Center will start loading which might take up to 1 minute. The first load time might be a little longer, however, any subsequent load will be just a few seconds.

If you are familiar with Windows Admin Center UI experience, it looks and feels exactly the same. Consistency is Key! Here is a screenshot of accessing my Azure VM through Windows Admin Center natively in the Azure Portal, VM blade.

Manage Windows Server in the Azure Portal With Windows Admin Center 5

That’s it there you have it!

How it works…

When you install the Windows Admin Center extension from the Azure Portal, it installs a lightweight .msi package on your Windows Server Azure VM. The extension manages your server using Remote PowerShell and WMI over WinRM.

By opening an inbound security port to the internet, you can access the UI of the Windows Admin Center directly from the Azure Portal directly. This will eliminate the need to install the Windows Admin Center in a dedicated VM in Azure to manage your servers, so less VM is always great to reduce cost.

What about the Azure Bastion management service where you can privately and fully manage RDP and SSH access to your virtual machines?

Windows Admin Center extension does not interact with or impact Azure Bastion in any way. Windows Admin Center has to be deployed on a per-VM basis and requires a public IP address, while Azure Bastion works on Private IPs for all VMs that are part of a single virtual network. Additionally, Azure Bastion is not free and it’s billed per hour, however, Windows Admin Center is free! You have a lot of flexibility and options here.

Summary

In this article, I showed you how to get started managing your Windows Servers IaaS VMs in the Azure Portal natively. This will help you reduce the need to Remote Desktop (RDP) into your Azure VM for management. The new Windows Admin Center IaaS extension in Azure will provide you tools that you are already familiar with, such as Device Manager, Task Manager, Windows Firewall, Hyper-V Manager, and most other MMC tools.

At the time of this writing, the Windows Admin Center extension in the Azure Portal is in public preview V2. I would expect further enhancement and additional features to be added in the near future.

Windows Admin Center is a freely available management tool for anyone to use and makes managing a set of Windows servers with or without GUI remotely, very easy, especially for “day-to-day activities” without the need to login into your Azure VM for management, and without complex installation.

__
Thank you for reading my blog.

If you have any questions or feedback, please leave a comment.

-Charbel Nemnom-

Related Posts

Previous

How To Import, Export, and Share Workbooks in Azure Sentinel

Passed AZ-303 Exam: Microsoft Azure Architect Technologies #MicrosoftLearn

Next

2 thoughts on “Manage Windows Server in the Azure Portal With Windows Admin Center”

Leave a comment...

  1. Hello Charbel, I did follow your your instructions as described in this blog article. After installing a new virtual machine in Azure with enough memory, in the left pane under “Settings” no Windows Admin Center (Preview) entry did appear. Do you have any clue why the new feature is missing ??

  2. Hello Rudolf,
    Thanks for the comment.
    Did you signup for the private preview here: https://aka.ms/WACinPortalSignUp
    Once you signup, you will receive the URL to access Windows Admin Center (Preview) in the Azure Portal.
    However, I just noticed that the preview is closed now (Sign up closed on 9/30/2020). Sorry!
    Thanks!
    -Charbel

Let me know what you think, or ask a question...

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to Stay in Touch

Never miss out on your favorite posts and our latest announcements!

The content of this website is copyrighted from being plagiarized!

You can copy from the 'Code Blocks' in 'Black' by selecting the Code.

Please send your feedback to the author using this form for any 'Code' you like.

Thank you for visiting!