Imirce go Cruinniú Mullaigh Nuálaíoch:
Foghlaim conas is féidir le haistriú agus nuachóiriú go Azure feidhmíocht, athléimneacht agus slándáil do ghnó a threisiú, rud a chuireann ar do chumas glacadh go hiomlán le IS.Cláraigh anois
Ní thacaítear leis an mbrabhsálaí seo a thuilleadh.
Uasghrádú go Microsoft Edge chun leas a bhaint as na gnéithe is déanaí, nuashonruithe slándála, agus tacaíocht theicniúil.
Connect machines at scale by running PowerShell scripts with Configuration Manager
Alt
Microsoft Configuration Manager facilitates comprehensive management of servers supporting the secure and scalable deployment of applications, software updates, and operating systems. Configuration Manager has an integrated ability to run PowerShell scripts.
You can use Configuration Manager to run a PowerShell script that automates at-scale onboarding to Azure Arc-enabled servers.
Before you get started, be sure to review the prerequisites and verify that your subscription and resources meet the requirements. For information about supported regions and other related considerations, see supported Azure regions. Also review our at-scale planning guide to understand the design and deployment criteria, as well as our management and monitoring recommendations.
If you don't have an Azure subscription, create a free account before you begin.
Automatic connection for SQL Server
When you connect a Windows or Linux server to Azure Arc that also has Microsoft SQL Server installed, the SQL Server instances will automatically be connected to Azure Arc as well. SQL Server enabled by Azure Arc provides a detailed inventory and additional management capabilities for your SQL Server instances and databases. As part of the connection process, an extension is deployed to your Azure Arc-enabled server and new roles will be applied to your SQL Server and databases. If you don't want to automatically connect your SQL Servers to Azure Arc, you can opt out by adding a tag to the Windows or Linux server with the name ArcSQLServerExtensionDeployment and value Disabled when it's connected to Azure Arc.
Prerequisites for Configuration Manager to run PowerShell scripts
The following prerequisites must be met to use PowerShell scripts in Configuration Manager:
The Configuration Manager version must be 1706 or higher.
To import and author scripts, your Configuration Manager account must have Create permissions for SMS Scripts.
To approve or deny scripts, your Configuration Manager account must have Approve permissions for SMS Scripts.
To run scripts, your Configuration Manager account must have Run Script permissions for Collections.
Generate a service principal and prepare the installation script
Before you can run the script to connect your machines, you must:
Follow the steps to create a service principal for onboarding at scale. Assign the Azure Connected Machine Onboarding role to your service principal, and limit the scope of the role to the target Azure landing zone. Make a note of the Service Principal Secret, as you'll need this value later.
Before you begin, check in Configuration Manager Default Settings that the PowerShell execution policy under Computer Agent is set to Bypass.
In the Configuration Manager console, select Software Library.
In the Software Library workspace, select Scripts.
On the Home tab, in the Create group, select Create Script.
On the Script page of the Create Script wizard, configure the following settings:
Script Name – Onboard Azure Arc
Script language - PowerShell
Import – Import the installation script that you generated in the Azure portal.
In the Script Wizard, paste the script generated from Azure portal. Edit this pasted script with the Service Principal Secret for the service principal you generated.
Complete the wizard. The new script is displayed in the Script list with a status of Waiting for approval.
Approve the script in Configuration Manager
With an account that has Approve permissions for SMS Scripts, do the following:
In the Configuration Manager console, select Software Library.
In the Software Library workspace, select Scripts.
In the Script list, choose the script you want to approve or deny. Then, on the Home tab, in the Script group, select Approve/Deny.
In the Approve or deny script dialog box, select Approve for the script.
Complete the wizard, then confirm that the new script is shown as Approved in the Script list.
Run the script in Configuration Manager
Select a collection of targets for your script by doing the following:
In the Configuration Manager console, select Assets and Compliance.
In the Assets and Compliance workspace, select Device Collections.
In the Device Collections list, select the collection of devices on which you want to run the script.
Select a collection of your choice, and then select Run Script.
On the Script page of the Run Script wizard, choose the script you authored and approved.
Select Next, and then complete the wizard.
Verify successful connection to Azure Arc
The script status monitoring indicates whether the script has successfully installed the Connected Machine Agent to the collection of devices. Successfully onboarded Azure Arc-enabled servers will also be visible in the Azure portal.
Next steps
Review the Planning and deployment guide to plan for deploying Azure Arc-enabled servers at any scale and implement centralized management and monitoring.
Learn how to manage your machine using Azure Policy for such things as VM guest configuration, verifying that the machine is reporting to the expected Log Analytics workspace, enabling monitoring with VM insights, and much more.
This module covers the topic of enabling Azure Arc for Windows or Linux machines in your environment. Enabling Arc-enabled servers is done either manually or by using an automated method with a provided template script.
As a Windows Server hybrid administrator, you integrate Windows Server environments with Azure services and manage Windows Server in on-premises networks.
