1
00:00:00,005 --> 00:00:03,002
- [Instructor] I'm in my file server, file server one,

2
00:00:03,002 --> 00:00:04,009
and what I'm going to do is I'm going to download

3
00:00:04,009 --> 00:00:09,000
a great utility for management, and monitoring,

4
00:00:09,000 --> 00:00:13,000
and maintaining your servers, called Windows Admin Center.

5
00:00:13,000 --> 00:00:16,002
It is a web based utility that allows us

6
00:00:16,002 --> 00:00:20,003
to manage any computer from a web browser.

7
00:00:20,003 --> 00:00:24,002
I've typed into my search, windows admin center download,

8
00:00:24,002 --> 00:00:26,004
and I get this site from Microsoft

9
00:00:26,004 --> 00:00:29,009
that allow me to download Windows Admin Center.

10
00:00:29,009 --> 00:00:31,004
For safety sake, you want to make sure

11
00:00:31,004 --> 00:00:34,007
that it says microsoft.com, and the certificate

12
00:00:34,007 --> 00:00:38,004
also says it's coming from Microsoft, which it is.

13
00:00:38,004 --> 00:00:43,007
So I'm going to go to the download section,

14
00:00:43,007 --> 00:00:47,001
and go ahead and install.

15
00:00:47,001 --> 00:00:48,006
You need to make sure that you don't have

16
00:00:48,006 --> 00:00:51,009
internet information services on your server already,

17
00:00:51,009 --> 00:00:54,008
because it may cause a port conflict

18
00:00:54,008 --> 00:00:58,004
with port 443 or port 80.

19
00:00:58,004 --> 00:01:01,004
I'll accept the terms and click next.

20
00:01:01,004 --> 00:01:04,005
I'm just going to choose the required data,

21
00:01:04,005 --> 00:01:06,006
and I'm not going to use Microsoft update,

22
00:01:06,006 --> 00:01:08,002
but it's a good idea to do that,

23
00:01:08,002 --> 00:01:10,008
but just for demonstration purposes I won't,

24
00:01:10,008 --> 00:01:14,002
choose the defaults here, click next,

25
00:01:14,002 --> 00:01:16,002
and then you can see you're going to be using

26
00:01:16,002 --> 00:01:19,002
port 443, which is going to be SSL.

27
00:01:19,002 --> 00:01:21,002
So it's going to generate a self-sign certificate,

28
00:01:21,002 --> 00:01:24,002
now that will cause a warning to come up

29
00:01:24,002 --> 00:01:27,004
on most web browsers, but you can also purchase

30
00:01:27,004 --> 00:01:30,002
an SSL certificate, and then you can go ahead

31
00:01:30,002 --> 00:01:34,004
and provide that information there.

32
00:01:34,004 --> 00:01:37,002
Once the installation is complete, it'll give me the option

33
00:01:37,002 --> 00:01:41,002
to open it up from my web browser, and then I'll log in.

34
00:01:41,002 --> 00:01:43,000
Installation is complete, I'm just going to click

35
00:01:43,000 --> 00:01:45,005
on the link and it'll just take me right to it

36
00:01:45,005 --> 00:01:51,000
using my default web browser.

37
00:01:51,000 --> 00:01:53,003
And you may get an initial error saying

38
00:01:53,003 --> 00:01:56,001
that it cannot connect to it, but just give it

39
00:01:56,001 --> 00:01:58,007
a few seconds and then it will pop up.

40
00:01:58,007 --> 00:02:00,009
And now it's prompted me for my username and password,

41
00:02:00,009 --> 00:02:06,000
which I'll enter in.

42
00:02:06,000 --> 00:02:08,001
And now it's launching Windows Admin Center

43
00:02:08,001 --> 00:02:10,007
for the first time.

44
00:02:10,007 --> 00:02:14,004
Now this is just connecting me to the admin center itself,

45
00:02:14,004 --> 00:02:16,002
I don't necessarily have access

46
00:02:16,002 --> 00:02:18,008
to any other servers as of yet.

47
00:02:18,008 --> 00:02:21,006
So what I'm going to do is I'm going to take a look here

48
00:02:21,006 --> 00:02:25,000
at file server one, this is my gateway server,

49
00:02:25,000 --> 00:02:27,005
but it's also the server that I'm on.

50
00:02:27,005 --> 00:02:29,001
This means it's the jumping off point

51
00:02:29,001 --> 00:02:30,008
to connect to other servers.

52
00:02:30,008 --> 00:02:32,009
So I'm going to click on add,

53
00:02:32,009 --> 00:02:35,002
and look at all the different things I can add.

54
00:02:35,002 --> 00:02:38,007
I'm going to start by clicking on add for servers,

55
00:02:38,007 --> 00:02:43,006
and I'll put in the server name.

56
00:02:43,006 --> 00:02:46,003
Now it's doing a search, and typically,

57
00:02:46,003 --> 00:02:49,008
it doesn't accept the credentials that you logged in with,

58
00:02:49,008 --> 00:02:52,005
you usually have to go ahead and type in

59
00:02:52,005 --> 00:02:54,008
the username and password once again.

60
00:02:54,008 --> 00:02:57,007
This is a bug that's been going on for quite a while,

61
00:02:57,007 --> 00:03:02,001
and I don't anticipate it'll be fixed anytime soon.

62
00:03:02,001 --> 00:03:05,006
It says it found the server, so I'll click add,

63
00:03:05,006 --> 00:03:07,002
and there's my server.

64
00:03:07,002 --> 00:03:09,000
I'm going to add again, this time I'm going to add

65
00:03:09,000 --> 00:03:12,003
a little bit different, I'm going to click on add,

66
00:03:12,003 --> 00:03:13,005
and this time I'm going to click on

67
00:03:13,005 --> 00:03:19,002
search active directory.

68
00:03:19,002 --> 00:03:21,008
Click search, and you can see it found it

69
00:03:21,008 --> 00:03:24,008
a little bit faster, so if you have computers

70
00:03:24,008 --> 00:03:27,009
that are either domain controllers or members of the domain,

71
00:03:27,009 --> 00:03:30,001
then it might be a little bit faster to do it that way.

72
00:03:30,001 --> 00:03:32,004
You could also click on import a list,

73
00:03:32,004 --> 00:03:34,002
but I haven't found that to be as fast

74
00:03:34,002 --> 00:03:37,005
or as useful as the other two options.

75
00:03:37,005 --> 00:03:39,005
Now I'm going to click add one last time,

76
00:03:39,005 --> 00:03:41,006
and choose a Windows PC, and that's because

77
00:03:41,006 --> 00:03:44,000
I have a Windows 11 computer.

78
00:03:44,000 --> 00:03:47,007
So I've typed in the client one name,

79
00:03:47,007 --> 00:03:50,005
and now that computer has been added as well.

80
00:03:50,005 --> 00:03:53,002
So I've got all four of my computers.

81
00:03:53,002 --> 00:03:56,005
Now, if I'd like, I can also add in my cluster,

82
00:03:56,005 --> 00:03:58,001
so I'm on a cluster right now,

83
00:03:58,001 --> 00:04:00,006
so if I wanted to add that, my fail over cluster manager

84
00:04:00,006 --> 00:04:03,000
works just fine, so I'm not going to add that here,

85
00:04:03,000 --> 00:04:06,003
it also allows me to add in any Azure virtual machines,

86
00:04:06,003 --> 00:04:08,007
so if I've created any Azure virtual machines,

87
00:04:08,007 --> 00:04:11,005
I can add them, I can even click on create new,

88
00:04:11,005 --> 00:04:13,002
and then add them, as long as I have

89
00:04:13,002 --> 00:04:15,009
an account already set up.

90
00:04:15,009 --> 00:04:19,003
I'm going to click cancel, now that I have all my computers

91
00:04:19,003 --> 00:04:23,000
added in, I'm going to start by clicking on the DC2 server,

92
00:04:23,000 --> 00:04:25,006
it's going to connect to it.

93
00:04:25,006 --> 00:04:28,003
And it's adding in all these different tools

94
00:04:28,003 --> 00:04:30,003
on the left hand side.

95
00:04:30,003 --> 00:04:33,005
Now you can see that I've got some graphical information,

96
00:04:33,005 --> 00:04:36,003
which is very interesting, but we can see

97
00:04:36,003 --> 00:04:39,000
some of the same things that you can open

98
00:04:39,000 --> 00:04:40,008
with the Microsoft management console,

99
00:04:40,008 --> 00:04:42,009
you can open up with Windows Admin Center,

100
00:04:42,009 --> 00:04:45,007
such as certificates.

101
00:04:45,007 --> 00:04:48,003
If I'd like to look at the root certificates,

102
00:04:48,003 --> 00:04:50,009
then I can choose on authroot,

103
00:04:50,009 --> 00:04:53,001
and here's a list of those certificates.

104
00:04:53,001 --> 00:04:55,008
In the overview, you can see that some have expired

105
00:04:55,008 --> 00:04:59,005
and some are healthy, but I have a total of 60 certificates,

106
00:04:59,005 --> 00:05:02,000
and these are all certificates that were added in

107
00:05:02,000 --> 00:05:03,004
during the installation of Windows,

108
00:05:03,004 --> 00:05:06,007
I have yet to add any in myself, with the exception

109
00:05:06,007 --> 00:05:09,009
of my Windows Admin Center, self-signed certificate.

110
00:05:09,009 --> 00:05:13,000
And another example is I can click on firewall,

111
00:05:13,000 --> 00:05:16,007
and here I can manage the firewall by adding in ports,

112
00:05:16,007 --> 00:05:21,001
I can enable firewall rules, or disable them as well.

113
00:05:21,001 --> 00:05:23,008
Here, we see the three different types, the domain,

114
00:05:23,008 --> 00:05:26,000
the private, and the public, by default,

115
00:05:26,000 --> 00:05:29,003
the public is going to have the most amount of blocked ports,

116
00:05:29,003 --> 00:05:31,008
and that's because if you're out in public,

117
00:05:31,008 --> 00:05:33,009
then you want to have the most protection,

118
00:05:33,009 --> 00:05:35,009
whereas if you're in domain or private,

119
00:05:35,009 --> 00:05:38,005
then you actually have more open ports,

120
00:05:38,005 --> 00:05:40,008
because you're in a trusted environment.

121
00:05:40,008 --> 00:05:43,007
However, when you're going to have a domain controller,

122
00:05:43,007 --> 00:05:45,005
it's not going to be out in the public,

123
00:05:45,005 --> 00:05:48,006
so the only one that really matters is going to be the domain.

124
00:05:48,006 --> 00:05:51,007
Now we have incoming and outgoing rules, just as we would

125
00:05:51,007 --> 00:05:54,008
if we went into the Windows Defender Firewall

126
00:05:54,008 --> 00:05:58,002
from a command prompt or from the search box.

127
00:05:58,002 --> 00:06:01,003
And here are all the rules, I can certainly go in

128
00:06:01,003 --> 00:06:03,005
and make changes to those if I need to,

129
00:06:03,005 --> 00:06:06,006
here I can click on a particular rule,

130
00:06:06,006 --> 00:06:09,000
and then I can click on disable if I'd like,

131
00:06:09,000 --> 00:06:12,001
or delete, or make changes to the settings.

132
00:06:12,001 --> 00:06:15,003
I'm going to go back to my Windows Admin Center,

133
00:06:15,003 --> 00:06:17,005
and DC1 is going to look just like DC2,

134
00:06:17,005 --> 00:06:20,006
so I'm going to try clicking on client.

135
00:06:20,006 --> 00:06:22,008
For management, you can add in all your different

136
00:06:22,008 --> 00:06:26,007
clients that are joined to your domain.

137
00:06:26,007 --> 00:06:28,007
And now we see the Windows client

138
00:06:28,007 --> 00:06:30,003
the same way that we saw the server,

139
00:06:30,003 --> 00:06:31,003
although on the left hand side,

140
00:06:31,003 --> 00:06:34,007
there are a lot less tools that you can use.

141
00:06:34,007 --> 00:06:36,007
The Windows Admin Center allows you to manage

142
00:06:36,007 --> 00:06:39,006
any Windows server or client, from any computer

143
00:06:39,006 --> 00:06:42,000
that can access a web browser.