dell emc cloud for microsoft azure stack—patch and update ... · introduction 7 introduction ......

Dell EMC Cloud for Microsoft Azure Stack—Patch and UpdateInstallation Guide Version Valid from Dell EMC 1910 release

November 2019

Revision 02

Installation Guide

Abstract

This installation guide describes how to install patches and updates in Microsoft AzureStack integrated systems for the Dell EMC Cloud for Microsoft Azure Stack solution.This guide is based on the Dell EMC 1910 release.

Dell EMC Solutions

Copyright © 2018-2019 Dell Inc. or its subsidiaries. All rights reserved.

Dell believes the information in this publication is accurate as of its publication date. The information is subject to change without notice.

THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS-IS.” DELL MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH

RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS

FOR A PARTICULAR PURPOSE. USE, COPYING, AND DISTRIBUTION OF ANY DELL SOFTWARE DESCRIBED IN THIS PUBLICATION REQUIRES AN

APPLICABLE SOFTWARE LICENSE.

Dell Technologies, Dell, EMC, Dell EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be the property of their

respective owners. Published in the USA.

Dell EMCHopkinton, Massachusetts 01748-91031-508-435-1000 In North America 1-866-464-7381www.DellEMC.com

2 Dell EMC Cloud for Microsoft Azure Stack—Patch and Update

Introduction 7Introduction........................................................................................................ 8Audience.............................................................................................................8Solution overview............................................................................................... 8

Update packages for Microsoft Azure Stack..........................................8We value your feedback.................................................................................... 10Document change matrix...................................................................................10

Prerequisites 13Prerequisites..................................................................................................... 14Accessing the current environment................................................................... 14Downloading the latest Dell EMC Customer Toolkit...........................................14Downloading Dell EMC Patch and Update Automation...................................... 15Configure Just Enough Administration (JEA) on the system............................. 15OMNM software update....................................................................................15

Dell EMC Patch and Update Automation Framework 17Dell EMC Patch and Update Automation Overview........................................... 18Installing the Dell EMC Patch and Update Automation...................................... 19Enabling Windows automatic login (optional).................................................... 21Creating a task to automatically run the tool (optional).....................................21Running the Dell EMC Patch and Update Automation.......................................23Disabling automatic login.................................................................................. 28Disabling the auto-run task............................................................................... 29

Verifying HLH Configuration 31Verify the HLH GPO policy............................................................................... 32Verifying registry mitigations on the HLH host, OME VM, and OMNM VM.......32

Upgrading the OEM Extension package 35Add Hardware Manager IP address and credentials in Azure Stack...................36Updating OEM package.................................................................................... 36

Identify the version of the OEM package............................................. 37Upgrade the OEM extension package.................................................. 37

Apply the Azure Stack 1910 update................................................................... 38

Troubleshooting 39View Dell EMC Patch and Update Automation log and trace files...................... 41View Azure Stack OEM package updates log and trace files..............................41While executing Switch Firmware Update, "No Catalog Found" error appears....42Dell EMC Patch and Update Automation stops functioning...............................42Trust relationship cannot be established for SSL/TLS secure channel..............42Update installation fails.....................................................................................43OMNM Software upgrade process failing during setting the system into Auditmode.................................................................................................................43Switch firmware update fails during pre-check phase or upgrade steps............43

Chapter 1

Chapter 2

Chapter 3

Chapter 4

Chapter 5

Chapter 6

CONTENTS

Dell EMC Cloud for Microsoft Azure Stack—Patch and Update 3

Single VM or multiple VMs went to corrupted state..........................................44The update process fails during OMNM software upgrade................................47The OMNM software update process fails during extraction or merging of CodeIntegrity Policy..................................................................................................47The OMNM software update process fails during starting, stopping Synergyservice or updating oware service.....................................................................48OME VM connection issues after restart.......................................................... 48OME VM connection lost during the BMC switch update................................. 48ToR or BMC switch goes down during switch firmware update........................ 49ToR switch in "not responding" state during the firmware update in OMNM....49ToR switch firmware update fails with an error BGP check failed.....................49Dell EMC Patch and Update Automation skips HLH VMs Backup because ofshortage of space in HLH drive......................................................................... 49Dell EMC Patch and Update Automation skips HLH VMs Backup because VMsare not in running state.....................................................................................50Dell EMC Patch and Update Automation skips HLH VMs Backup because OMEand OMNM VMs names are modified................................................................50Dell EMC Patch and Update Automation skips HLH VMs Backup due toexecution failure............................................................................................... 50Dell EMC Patch and Update Automation throws retry pop up for HLH VMsBackup in pre-check workflow.......................................................................... 51OpenManage Essentials is blocked by Windows Defender Application Control....51JEA endpoints not working from OME to HLH and OMNM VM........................ 52Retry pop-up appears in Pre-check workflow: Driver updates folder not found....53OS updates failure due to WUSA error and Patch and Update Automation toolthrows errors.................................................................................................... 53Error message appears: "OpenManage Enterprise does not have requiredpermission".......................................................................................................54Issues if not getting the EULA acceptance page...............................................54Failure of the first time login to OpenManage Enterprise..................................55Failing to add OpenManage Enterprise adapter in SAE..................................... 55Issues after using incorrect password for multiple times while logging in toOpenManage Enterprise................................................................................... 55After adding OpenManage Enterprise adapter in SAE, HLH or Scale Unit nodego to staging mode........................................................................................... 55OpenManage Enterprise discovery job incomplete error...................................56OME-VM throws error- "Cannot bind argument to parameter 'OMEPSSession'because it is null" or "Failed to create PS Session with Hardware Manager".... 56Error message appears: DSC status at HLH is Failure. Connect to HLH <HLH IPAddress> and issue Cmdlet Get-DscConfigurationStatus to check status aftersometime.......................................................................................................... 57[ERROR] Caught exception ->System.Management.Automation.RuntimeException....................................... 58After changing OME-VM administrator username, schedule backup stopsworking.............................................................................................................58Status tab shows ‘HLH VM Backup -Skipped’.................................................. 59Scheduled backup failed while uninstalling the Patch and Update Automationtool................................................................................................................... 59Patch and Update Automation tool fails to update SAE and throws error......... 59

Dell EMC Patch and Update Automation Configurations 61Editing configuration settings........................................................................... 62

Profile tab............................................................................................ 62

Appendix A

Contents


Workflow tab....................................................................................... 63Settings tab......................................................................................... 64

OpenManage Enterprise 67OpenManage Enterprise................................................................................... 68

Copy InstallOMEnterprise script from Dell EMC Customer Toolkit...... 68Deploying OpenManage Enterprise for Azure Stack.............................68

Windows Defender Application Control (WDAC) 73Windows Defender Application Control (WDAC)...............................................74

Placing WDAC policy into audit mode...................................................74Enforcing WDAC policy........................................................................ 75

Verify BitLocker Recovery Password 77Verifying BitLocker Recovery Password........................................................... 78Resuming and Suspending BitLocker................................................................ 79Suspending BitLocker....................................................................................... 79Resuming BitLocker.......................................................................................... 79

Updating ACLs on the BMC switch 81Update switch with ACLs..................................................................................82Updating ACLs on the BMC switch...................................................................82

Configure the 'ssh-only' ACL 87Configure the ‘ssh-only’ ACL............................................................................ 88

Configure Just Enough Administration (JEA) on the system 89Configure Just Enough Administration (JEA) on the system............................ 90

Configuring JEA on HLH, OME VM, and OMNM VM............................ 91

Update OMNM software 93Updating OMNM software................................................................................94Importing actions into OMNM.......................................................................... 95

Create a File share in HLH server and OMNM-VM 99Create a File share in HLH server and OMNM-VM.......................................... 100

Setting up Email subscription 103Setting up Email subscription.......................................................................... 104

Appendix B

Appendix C

Appendix D

Appendix E

Appendix F

Appendix G

Appendix H

Appendix I

Appendix J

Contents


Contents


CHAPTER 1

Introduction

This chapter presents the following topics:

l Introduction.............................................................................................................................8l Audience................................................................................................................................. 8l Solution overview....................................................................................................................8l We value your feedback......................................................................................................... 10l Document change matrix....................................................................................................... 10


IntroductionMicrosoft Azure Stack operators are faced with the enormous challenge of keeping their solutionboth secure and functional. They must ensure that the solution is not vulnerable to threats—external or internal—while maintaining negotiated service-level agreements.

AudienceThe installation guide is for Azure Stack operators (13G and 14G) who intend to perform lifecycleoperations (Patch and Update) for firmware update on Hardware Lifecycle Host (HLH), operatingsystem (OS) updates on HLH, and the management VMs, switch (TORs and BMC) update, driverupdates on HLH, and SAE software update on OME-VM.

Solution overviewAs a Microsoft Azure Stack systems provider, Dell EMC is committed to ensuring that your AzureStack environment is both secure and functional. Therefore, Dell EMC releases updates for AzureStack integrated systems on a regular basis. These updates may include software, driver, securitypolicy, and firmware updates across core components of the system. Dell EMC delivers theupdates that can be applied independently of Microsoft updates.

Even though Dell EMC provides guidance on how to apply the various packages, the specific orderthat you apply them is not mandatory. Microsoft typically releases their packages before Dell EMCreleases its Customer Toolkit. It is recommended to apply the Microsoft Patch and Update (withthe latest Customer Toolkit’s OEM extension) prior to running the Dell EMC specific packages.

For 1910 release, Dell EMC recommends that you apply the updates in the following sequence:

1. Microsoft Azure Stack Version Update

2. OEM Extension Update

3. Dell EMC Patch and Update Automation (Refer to Dell EMC Patch and Update AutomationFramework)

Note: The 1910 Dell EMC Patch and Update automation tool is compatible with both MicrosoftWindows server 2016 and 2019 for HLH server.

Update packages for Microsoft Azure StackPhysical Hosts, Infrastructure VMs, and Management VMs are updated through a combination ofupdate packages provided by Microsoft and by Dell EMC.

Note: Refer to the release note to determine the appropriate Dell EMC Patch and Updateversions for each release.

The following table outlines which packages deliver the updates, and how they are applied:

DeliveryFramework

DeliveryMechanism

Update Type ComponentsUpdated

DownloadLocation

NotificationSource

Azure StackUpdateFramework

Admin portalupdate tile

Azure Stacksoftware fullupdates andhotfixes

Scale Unitnode andinternalmanagementVM patchesand features

l Connected AdminPortalupdatedtile

l Connected only.Adminportal

Introduction


DeliveryFramework

DeliveryMechanism


DownloadLocation

NotificationSource

orfunctionalityenhancements

l DisconnectedAzureStackupdatedownloader

updatetile

l RSS orATOMfeed

l AzureStackoperatordocumentation

Admin portalupdate tile

OEMExtensionPackage

Scale Unitoperatingsystemdrivers andserverfirmware

Dell EMCCustomerToolkit on DellEMC supportby productpage

Proactiveupdate alertson the DellEMC supportby productpage

Dell EMCFramework

Dell EMCPatch andUpdateAutomationtool

HLH and DellEMC networkswitchupdates

l HLHfiirmwareanddrivers

l HLH andDell EMCVM OS

l Dell EMCswitchfirmware

l SAEsoftwareupdateson OMEVM

Dell EMCsupport byproduct page


Dell EMCPatch andUpdateInstallationGUIDE

Dell EMCmanagementsoftware

l OpenManageEnterprise

l OpenManageNetworkManager

Dell EMCCustomerToolkit anddocumentation on Dell EMCsupport byproduct page


WorkloadSpecific

Varies Resourceproviders

l MicrosoftRPs likeAppservice

l Thirdparty RPs

l AzureStackOperatordocumentation

l Vendordirected

Varies

Introduction


DeliveryFramework

DeliveryMechanism


DownloadLocation

NotificationSource

Varies User defined l Userworkloads

l Marketplacegalleryitems

Varies Varies

The switches included with the Azure Stack solution also receive periodic updates. The followingtable outlines which packages deliver the updates, and how they are applied.

Updates BMC & TOR Switches

Switch Firmware Updates (Dell EMCSwitches)

Provided by Dell EMC Customer Toolkit,applied using the Dell EMC Patch and UpdateAutomation.

Switch Firmware Updates (Cisco Switches) Downloaded via customers Cisco supportentitlements, applied by the customer.

The updates in this guide do not apply to Tenant VMs. Maintenance of Tenant VM operatingsystems and applications should be conducted by their respective operators or administrators.

We value your feedbackDell EMC and the authors of this document welcome your feedback on the solution and thesolution documentation. Contact Dell EMC Solutions team with your comments.

Authors: Sujath, Muhammad, Austin, and Bibhu

Document change matrixThe following table lists the major changes in the guide for this release:

Table 1 Revisions

Date Release Description

November 2019 1910 Based on the Dell EMC 1910 release.

October 2019 1908 Based on the Microsoft 1908 and Dell EMC 1908releases.

August 2019 1906 revision 02 Based on the Microsoft 1906 and Dell EMC 1906releases.

August 2019 1906 Based on the Microsoft 1906 and Dell EMC 1906releases.

June 2019 1905 Based on the Microsoft 1905 and Dell EMC 1905releases.

May 2019 1904 Based on the Microsoft 1904 and Dell EMC Dell EMC1904 releases.

Introduction


MAILTO:[email protected]?SUBJECT=FEEDBACK:%20DELL%20EMC%20CLOUD%20FOR%20MICROSOFT%20AZURE%20STACK%E2%80%9414G%20PATCH%20AND%20UPDATE%20INSTALLATION%20GUIDE%20(302-005-763%20REV%2001)

Table 1 Revisions (continued)

Date Release Description

April 2019 1903 Based on the Microsoft 1902 and Dell EMC VxRack AS1903 releases.

March 2019 1902 Based on the Microsoft and Dell EMC VxRack AS 1902releases.

February 2019 1901 Based on the Microsoft 1811 and Dell EMC VxRack AS1901 releases.

January 2019 1811 Based on the Microsoft and Dell EMC VxRack AS 1811releases.

December 2018 1810 Based on the Microsoft 1809 and Dell EMC VxRack AS1810 releases.

November 2018 1809 Based on the Microsoft and Dell EMC VxRack AS 1809releases.

September 2018 1808 Based on the Microsoft and Dell EMC VxRack AS 1808releases.

August 2018 1807 Based on the Microsoft and Dell EMC VxRack AS 1807releases.

Introduction


Introduction


CHAPTER 2

Prerequisites


l Prerequisites..........................................................................................................................14l Accessing the current environment........................................................................................14l Downloading the latest Dell EMC Customer Toolkit............................................................... 14l Downloading Dell EMC Patch and Update Automation...........................................................15l Configure Just Enough Administration (JEA) on the system..................................................15l OMNM software update........................................................................................................ 15


PrerequisitesPerform the following steps before using the Patch and Update Automation tool. There are somesteps which are one-time-activity and some you must perform in every release. Refer to each stepcarefully to know details. From every step, there is a reference which takes you to Appendix thatexplains in detail about the step. If you have already performed a step and that is not require inevery release, you can proceed to the next step.

CAUTION We strongly recommend to use the latest version of the customer toolkit to avoidpossible error.

CAUTION The OME, OMNM, and OpenManage Enterprise VMs running on HLH are backed upby the Dell EMC Patch and Update Automation so that you can restore these VMS manually incase of any failure or corruption. If the tool fails to perform the backup, be sure to manuallyback up the VMs.

Note: The Dell EMC Patch and Update Automation for the 13G and 14G systems have differentsystem models.

Accessing the current environmentProcedure

1. Validate installation of OpenManage Enteprise

Make sure that you have installed 3.2 version of the OpenManage Enterprise. If you have3.2 version of the OpenManage Enterprise, proceed to the next step.

If you have not installed 3.2 version of the OpenManage Enterprise, refer to Appendix:OpenManage Enterprise and install 3.2 version of OpenManage Enterprise.

2. Validate network switch ACLs.

If you have already performed this step in the previous releases, you do not need to do itagain and you can proceed to the next step.

If you are using the Patch and Update Automation tool for the first time or have notperformed this step before, refer to Appendix: Updating ACLs on the BMC switch andvalidate network switch ACLs.

3. Verify BitLocker Recovery Password Backups, refer to Verify BitLocker RecoveryPassword.

Note: Ensure that you have saved the Recovery Password to an external location.

If you have already verified BitLocker Recovery Password Backups, you do not have toverify it again and you can proceed to the next step.

Downloading the latest Dell EMC Customer ToolkitProcedure

1. Download the latest Customer Toolkit on your OME VM.

2. Once you have downloaded and copied the customer toolkit zip to OME, right click the fileand unblock before extracting the contents on the OME server.

Prerequisites


Run the following command to unblock the file: Get-ChildItem -path <path whereCutomerToolKit Extracted>-Recurse | Unblock-file .

If the Customer Toolkit contents are blocked, the Patch and Update process fails.

3. Extract the contents of the new Customer Toolkit to C:\DellEMC-Update.

4. If you have run the UpdateWDAC tool previously on this system, copy the contents of theexisting C:\DellEMC-Update\UpdateWDAC-1.x.x to a temporary folder on the OMEVM and delete the existing C:\DellEMC-Update. The Archive child folder is important andwill be migrated.

Note: If you are not sure whether UpdateWDAC was previously executed, then check bylooking for an Archive directory in C:\DellEMC-Update\UpdateWDAC-1.x.x\.

Downloading Dell EMC Patch and Update AutomationProcedure

1. Download the latest Dell EMC Patch and Update Automation from the Dell EMC OnlineSupport website: Drivers & Downloads.

You can subscribe to receive email notifications for new Dell EMC Customer Tool Kit andDell EMC Patch and Update Automation. To know how to subscribe, refer to Setting upEmail subscription.

Configure Just Enough Administration (JEA) on the systemAbout this task

Dell EMC Patch and Update Automation uses Just Enough Administration (JEA) sessions tocommunicate with HLH and OMNM as part of the update process. Always run the JEAConfiguration script to ensure that the system has the latest configuration.

CAUTION Starting from 1903 version of the Dell EMC Patch and Update Automation includesHLH VM backup feature. To enable HLH VMs backup workflow, you must execute the latestversion of the JEA Configuration in HLH post PS script.

Refer to Appendix: Configure JEA on the system to know the procedure to configure JEA on thesystem..

OMNM software updateThe following table lists the supported switch models and types for firmware update using the DellEMC Patch and Update Automation.

Table 2 Switch models and types for firmware update

Model Type

Dell EMC Networking S4048-ON 10 Gb ToR

Dell EMC Networking S3048-ON 1 Gb BMC

Dell EMC Networking S5048F-ON 25 Gb ToR

Note: Dell EMC Patch and Update Automation does not support the 25 Gb Cisco NetworkingToR switch firmware update.

Prerequisites


https://www.dell.com/support/home/us/en/04?app=drivers

Note: The minimum firmware version supported by the tool to update the switch firmware is9.11. For firmware versions earlier than 9.11, you can update the switch firmware manually fromthe switch. To receive instructions on how to update the switch firmware manually from theswitch, contact the Dell EMC customer support.

See Appendix: Update OMNM software to update OMNM software.

Prerequisites


CHAPTER 3

Dell EMC Patch and Update AutomationFramework


l Dell EMC Patch and Update Automation Overview................................................................ 18l Installing the Dell EMC Patch and Update Automation...........................................................19l Enabling Windows automatic login (optional).........................................................................21l Creating a task to automatically run the tool (optional)......................................................... 21l Running the Dell EMC Patch and Update Automation........................................................... 23l Disabling automatic login.......................................................................................................28l Disabling the auto-run task....................................................................................................29


Dell EMC Patch and Update Automation OverviewThe Dell EMC Patch and Update Automation is comprised of the following components:

l Product Version

l HLH Firmware Upgrade

l HLH Drivers Upgrade

l HLH VM Backup

l HLH Windows OS Upgrade

l OMNM VM Windows OS Upgrade

l OME VM Windows OS Upgrade

l NFS Share Creation for OpenManage Enterprise Upgrade

l Switch Firmware Upgrade

l SupportAssist Enterprise Upgrade

The Dell EMC Patch and Update Automation has two workflows: Pre-check and Upgrade.

In the Pre-check workflow, the tool scans and compares the system components with Dell EMCCustomer Toolkit that has been downloaded. After the pre-check scan is complete, the tooldisplays the available updates if any for each component.

A product version is applied after all the patch & upgrade workflows are complete.

After you click Update, the upgrade workflow starts. The components with the available updatesdisplayed during the pre-check workflow are updated sequentially. The administrator cannotdeselect any steps in the workflow during an upgrade. During the Upgrade phase, you can view thelive logs in the Console view. After the Upgrade phase is complete, you can view the result in theSummary window.

After you launch the Dell EMC Patch and Update Automation, the following Welcome windowappears, which shows the steps that will run during the update process.

Figure 1 Dell EMC Patch and Update Automation Welcome page

The following menu options, as shown in Figure 1, lead you through the wizard workflow:

l Configuration

l Status

Dell EMC Patch and Update Automation Framework


l Summary

The Configuration window contains the following tabs:

l Profile—Mandatory credential fields that you must complete.

l Workflow—Auto-populated fields except for Backup Target Folder Path and OMEnterpriseRPM Folder Path.

l Settings—Auto-populated fields that can remain at the default unless they must be changedby your administrator during troubleshooting.

For more information, refer to Appendix: Patch and Update Automation Tool Steps andConfigurations.

Installing the Dell EMC Patch and Update AutomationBefore you begin

If you used the previous version of the Dell EMC Patch and Update Automation, then uninstall oldversion and delete the folder Patch and Update Automation Tool in C:\Program Files(x86)\DellEMC.

About this task

To install the Dell EMC Patch and Update Automation on the OME VM:

Procedure

1. Run the .msi file. When the Setup Wizard appears, click Next.

2. Review the License Agreement, and then select I Agree and click Next.



3. When the Confirm Installation window appears, click Next.

4. During the installation, the Installing Dell EMC Patch and Update Automation windowappears.

5. After the installation is complete, the Installation Complete window appears. Click Close.



Enabling Windows automatic login (optional)About this task

The ongoing background process installs the updates through iDRAC, which restarts the host HLHmachine for each update installation. This restarts the OME VM and OMNM VM hosted on theHLH. Enabling automatic login ensures that you do not have to manually enter the user name andpassword during these restarts.Alternatively, if you select the HLH for servicing, it may restart during the firmware updateprocess. If this occurs, reconnect to the OME VM, log in, and relaunch the Dell EMC Patch andUpdate Automation.

Note: Automatic login is optional. After the HLH restart, you must log in to the OME VM andrun the tool.

For more information, see How to turn on automatic logon in Windows on the Microsoft Supportwebsite.

Note: While performing the steps mentioned in How to turn on automatic logon in Windows,launch regedit as administrator. If you do not run regedit as administrator, the necessarychanges are not saved and auto-logon does not work.

Creating a task to automatically run the tool (optional)About this task

Note: Once you created the task to automatically run the Dell EMC Patch and UpdateAutomation, you can enable the same for all the future P&U executions.

To create a task to automatically launch the Dell EMC Patch and Update Automation after theOME VM restarts:

Procedure

1. Go to Task Scheduler. Under Actions, select Create Task.



HTTPS://SUPPORT.MICROSOFT.COM/EN-IN/HELP/324737/HOW-TO-TURN-ON-AUTOMATIC-LOGON-IN-WINDOWS

HTTPS://SUPPORT.MICROSOFT.COM/EN-IN/HELP/324737/HOW-TO-TURN-ON-AUTOMATIC-LOGON-IN-WINDOWS

2. In the Create Task window, under General, enter the name, for example, PnU AutomationTool, as shown in the following figure.

3. Under Triggers, click New.

4. In the Edit Trigger dialog box, for Begin the task, select At log on.

5. Under Settings, select Specific user. Click Change User to add a new user, and then clickOK.

6. In the Create Task window, under Actions, select New. In the New Action window, selectBrowse to locate the .exe file in the tool folder, and then click Open.



7. In the New Action window, in the Start in (optional) field, enter the application folder pathto enable the Dell EMC Patch and Update Automation to restart successfully. Click OK toclose the New Action window.

8. To close the scheduler, in the Create Task window, click OK.

Running the Dell EMC Patch and Update AutomationThis section explains how to run the Dell EMC Patch and Update Automation.

About this task

Note: The Dell EMC Patch and Update Automation skips HLH VMs back up if the HLH VMswere backed up in the last 24 hours.

Note: Make sure that you save and shut down all the applications on OME VM and HLH hostbefore executing the Dell EMC Patch and Update Automation to have.

Procedure

1. In the Dell EMC Patch and Update Automation Welcome window, select the Acceptance ofTerms and Conditions box, and then click Accept to navigate to the Configuration page.To know details about the parameters, refer to Appendix A: Dell EMC Patch and UpdateAutomation Configurations.



You can view notifications if there are any in the Notification pane of the Configurationpage.

The Configuration page shows the current version of the Dell EMC Patch and UpdateAutomation above the Notification pane.

2. Under Profile, enter all the credentials.

Note: If you enter an invalid value in the Dell EMC Patch and Update Automation userinterface, the input field turns red. Once a field turns red, it continues to be red evenafter you enter the correct value. The red color disappears only after you enter thecorrect value and click Next.

3. Click File browser and select the DeploymentData File and ConfigurationData File. If youhave not changed the default file location, you must copy the DeploymentData andConfigurationData files to: C:\Program Files (x86)\DellEMC\DeploymentJSON.Else, the Workflow tab does not auto populate the fields.

a. If you are using Microsoft Windows Server OS 2016, you can get the DeploymentDataFile and ConfigurationData File from the HLH host in D:\DeploymentFiles\JSONS.

b. If you are using Microsoft Windows Server OS 2019, you can get the DeploymentDataFile and ConfigurationData File from the HLH host in E:\AzureStack.

Figure 2 Profile Tab

4. Click Next.

5. The Customer Toolkit is a requirement for the Dell EMC Patch and Update Automation.Copy the Customer Toolkit you downloaded in Downloading the latest Dell EMC CustomerToolkit to: C:\Program Files (x86)\DellEMC.



Copy only the ZIP file. Do not the extract the contents of the ZIP file.

6. Under Workflow, click the folder icon beside DellEMC Customer Toolkit Folder to selectthe desired Customer Toolkit (if there are multiple version of Customer Toolkits).

Figure 3 Workflow Tab

OpenManage Enterprise RPM folder Path is an optional field. Use it only if you havedownloaded OpenManage Enterprise RPM package, See OpenManage Enterprise. If youhave not downloaded OpenManage Enterprise RPM package, you can ignore it.

Backup Target Folder Path is an optional parameter. To use Backup Target Folder Path,enter a network share path. The Patch and Update Automation tool copies HLH VM backupsin this network share.

7. Click Next.

If the following error message appears, check the values you entered in HLH Remote UserName, HLH Remote User Password on the Profile tab, and HLH IPAddress on theWorkflow tab:

Not able to connect to HLH. Please check credentials and IP. For further debugging, please check logs.

If the following error message appears, check the iDRAC username and password that youentered. In 13G, this error appears because of timeout also.

Not able to retrive Server Model. For further debugging, please check logs.

8. Under Settings, click Next.



Figure 4 Settings Tab

Note: If you have not configured HTTPS on OMNM, then ensure that you setUseHTTPSForOMNM to False.

Note: From 1906 release onwards, the Dell EMC Patch and Update Automation toolsupports only HTTPS. If you are using the Dell EMC Patch and Update Automation toolfor the first time, on the Setting tab, from the UseHTTPSForOMNM dropdown list,select True.

If you use an older version of the CTK then the following pop-up message appears and theDell EMC Patch and Update Automation does not allow you to execute anymore.

In the Status window, you can see the progress of the system scan for the followingcomponents:

l Product Version

l HLH Firmware Upgrade

l HLH Driver Upgrade

l HLH VM backup

l HLH Windows OS Upgrade

l OMNM VM Windows OS Upgrade

l OME VM Windows OS Upgrade

l NFS Share Creation for OpenManage Enterprise Upgrade

l Switch Firmware Upgrade

l SupportAssist Enterprise Upgrade



The Status window has two views, as shown in the following figures: Graphical View andConsole View.

Figure 5 Status window: Graphical View

Figure 6 Status window: Console View

When the scan is complete, the Status window displays the available updates which iscalled the Pre-check step. For a package with no updates available, it shows as NoUpdates available. For a package with available updates, it shows as Updates available.

9. Click Update to start updating the available packages.



After you click Update, the tool starts updating the Dell EMC components with the availableupdates and shows the steps completed of the update. For more details, you can switch toConsole View.

10. After all updates are successfully complete, click Finish.

After successful scheduled HLH backup, the following pop up message appears:

If the scheduled HLH backup fails, the following pop up message appears:

The Summary window appears and displays the result of the upgrade (a new productversion and the respective versions of the all the patch & upgrade workflows).

Note: After successful HLH VMs backup, OME & OMNM VMs backup files are presentin HLH <Drive>:\DellEMC-VMsBackup. The value of <Drive> depends on value inSettings tab. If the VMs went to saved state and corrupted after HLH OS Update, referto All VMs went to saved state and corrupted after HLH OS update to restore the OME,OMNM, and OpenManage Enterprise VMs,

Figure 7 Summary page

Disabling automatic loginAbout this task

If you enabled the auto-login feature, perform the following steps to disable the auto-login feature:



Procedure

1. Remove the DefaultUserName value and click OK.

2. Remove the DefaultPassword value and click OK.

3. Change the AutoAdminLogon key from 1 (true) to 0 (false).

Disabling the auto-run taskAbout this task

If you created a task to automatically launch the tool after the OME VM restarts, perform thefollowing steps to disable the task:

Procedure

1. Go to Task Scheduler.

2. Navigate to the folder where you created the task.

3. Right-click the task name and select Disable.



CHAPTER 4

Verifying HLH Configuration


l Verify the HLH GPO policy....................................................................................................32l Verifying registry mitigations on the HLH host, OME VM, and OMNM VM........................... 32


Verify the HLH GPO policyAbout this task

Perform the following steps to verify the HLH GPO policy:

Procedure

1. Connect to the HLH through RDP, from a physical console, or via the iDRAC virtual console.

2. Using File Explorer, navigate to \\{OME-VM-IP}\CustomerToolkit\, where OME-VM-IP refers to the IP address of the OME VM.

Note: The directory is automatically created using the 1809 or later Customer Toolkit.

In the following figure, 192.168.1.1 is an example of OME-VM IP Address:

3. Copy the Security folder to C:\DellEMC-Update on the HLH OS.

4. Open PowerShell with administrator privileges.

5. Navigate to C:\DellEMC-Update\Security.

6. Run the following commands:

.\LGPO.exe /g C:\DellEMC-Update\Security\GPO

.\LGPO.exe /m C:\DellEMC-Update\Security\Registry.pol

7. Restart the HLH.

Verifying registry mitigations on the HLH host, OME VM, andOMNM VM

About this task

Note: The 1908 version of the Dell EMC Patch and Update automation tool supports onlyMicrosoft Windows server 2016.

If your Azure Stack system was originally deployed with 1712 or any later release, the deploymentincludes setting registry values to enable mitigations against the speculative execution side-channel vulnerabilities described in Appendix C: Speculative execution side-channel vulnerabilities.To verify that the registry mitigation settings remain properly configured on each OS instance,from the HLH host, the OME VM, and the OMNM VM respectively:



Procedure

1. Connect to the HLH host via RDP or a console.

2. Log in using an account with local administrator privileges.

3. Open an elevated (administrator) PowerShell session.

4. To set the registry values, run the following commands:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /freg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /freg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v MinVmVersionForCpuBasedMitigations /t REG_SZ /d "1.0" /f

For more information, see Windows Server guidance to protect against speculativeexecution side-channel vulnerabilities on the Microsoft Support website.

5. To restart Windows run the Restart-Computer cmdlet.

6. Repeat the previous steps to apply the update on the remaining OME VM and OMNM VMhosts.



https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

CHAPTER 5

Upgrading the OEM Extension package

This chapter presents the following topic:

l Add Hardware Manager IP address and credentials in Azure Stack....................................... 36l Updating OEM package.........................................................................................................36l Apply the Azure Stack 1910 update....................................................................................... 38


Add Hardware Manager IP address and credentials in AzureStack

About this task

You must add the JEA account credentials that you created with the Register-JEAConfiguration.ps1 (see Configure Just Enough Administration (JEA) on the system)script and the IP address of the Hardware Manager (OME-VM) to Azure Stack.

Procedure

1. From HLH, open a PowerShell session as an Administrator.

2. To create a privileged endpoint (PEP) in Azure Stack on the Hardware Lifecycle Host(HLH), enter the following command:

$cred = Get-Credential$session = New-PSSession -ComputerName <IP_address_of_ERCS> -ConfigurationName PrivilegedEndpoint -Credential $credEnter-PSSession $session

Enter the CloudAdmin credentials for the $cred parameter (for example, user name:companyDomain\CloudAdmin).

For details about privileged endpoint, see https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-privileged-endpoint.

3. In the remote session, enter the following command:

Set-OEMExternalVM -VMType HardwareManager -IPAddress ‘<OME-VM IP address>’

For the -IPAddress parameter, enter the IP address of the OME-VM. A window opens andprompts for the user name and password. Enter the user name and password of the JEAaccount that you previously created with the Register-JEAConfiguration.ps1 scriptfor OME.

For example,

Set-OEMExternalVM -VMType HardwareManager -IPAddress ‘192.168.1.1’

Note: It takes five to ten minutes to complete this step.

Updating OEM packageNote: The OEM package is present in the Customer Toolkit. See Downloading the latest DellEMC Customer Toolkit.



Identify the version of the OEM packageAbout this task

To identify the version of the Original Equipment Manufacturer (OEM) package your stack wasdeployed with:

Procedure

1. Open the Microsoft Azure Stack - Administration Dashboard and click Dashboard.

2. Click Update.

The Update window appears as shown in the following figure. The Update window showsyour current stamp version (Current version) and the latest deployed version of the OEMpackage (Current OEM version) for the stack.

Upgrade the OEM extension packageAbout this task

The process for upgrading the OEM extension package is similar to the process for installing theMicrosoft Azure Stack updates.

Note: Starting from the release 1901, Microsoft is using the new ZIP format for the OEMpackage update. The legacy format (<package>.exe and <package>.bin) are no longersupported in 1901 and the later releases.

To upgrade the OEM extension package:



Procedure

1. Navigate to the C:\DellEMC-Update\ folder on the OME VM where you extracted theCloud for Microsoft Azure Stack Customer Toolkit <version>.

An OEM extension update package includes the following files:

l A <package>.zip file that contains the payload for the update.

l An oemMetadata.xml file that contains essential information about the update, forexample, the publisher, model, name, prerequisite, size, and support path URL.

2. The OEM extension files ( <package>.zip and oemMetadata.xml) are located in theroot of the Microsoft Azure Stack Customer Toolkit <version> folder.

3. To import and install the updates, follow the instructions available at the Microsoft Applyupdates in Azure Stack web page.

Apply the Azure Stack 1910 updateTo apply the Azure Stack 1910 update, follow the instructions available at the Microsoft Manageupdates in Azure Stack overview web page.



https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-update-prepare-package

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-update-prepare-package

CHAPTER 6

Troubleshooting

This chapter presents the following topic:

l View Dell EMC Patch and Update Automation log and trace files...........................................41l View Azure Stack OEM package updates log and trace files.................................................. 41l While executing Switch Firmware Update, "No Catalog Found" error appears......................42l Dell EMC Patch and Update Automation stops functioning................................................... 42l Trust relationship cannot be established for SSL/TLS secure channel.................................. 42l Update installation fails......................................................................................................... 43l OMNM Software upgrade process failing during setting the system into Audit mode........... 43l Switch firmware update fails during pre-check phase or upgrade steps................................ 43l Single VM or multiple VMs went to corrupted state.............................................................. 44l The update process fails during OMNM software upgrade.................................................... 47l The OMNM software update process fails during extraction or merging of Code Integrity

Policy.................................................................................................................................... 47l The OMNM software update process fails during starting, stopping Synergy service or

updating oware service..........................................................................................................48l OME VM connection issues after restart...............................................................................48l OME VM connection lost during the BMC switch update......................................................48l ToR or BMC switch goes down during switch firmware update.............................................49l ToR switch in "not responding" state during the firmware update in OMNM........................ 49l ToR switch firmware update fails with an error BGP check failed......................................... 49l Dell EMC Patch and Update Automation skips HLH VMs Backup because of shortage of

space in HLH drive................................................................................................................ 49l Dell EMC Patch and Update Automation skips HLH VMs Backup because VMs are not in

running state.........................................................................................................................50l Dell EMC Patch and Update Automation skips HLH VMs Backup because OME and OMNM

VMs names are modified....................................................................................................... 50l Dell EMC Patch and Update Automation skips HLH VMs Backup due to execution failure.... 50l Dell EMC Patch and Update Automation throws retry pop up for HLH VMs Backup in pre-

check workflow......................................................................................................................51l OpenManage Essentials is blocked by Windows Defender Application Control...................... 51l JEA endpoints not working from OME to HLH and OMNM VM.............................................52l Retry pop-up appears in Pre-check workflow: Driver updates folder not found.................... 53l OS updates failure due to WUSA error and Patch and Update Automation tool throws errors

.............................................................................................................................................. 53l Error message appears: "OpenManage Enterprise does not have required permission"........ 54l Issues if not getting the EULA acceptance page................................................................... 54l Failure of the first time login to OpenManage Enterprise...................................................... 55l Failing to add OpenManage Enterprise adapter in SAE..........................................................55l Issues after using incorrect password for multiple times while logging in to OpenManage

Enterprise............................................................................................................................. 55l After adding OpenManage Enterprise adapter in SAE, HLH or Scale Unit node go to staging

mode..................................................................................................................................... 55l OpenManage Enterprise discovery job incomplete error....................................................... 56l OME-VM throws error- "Cannot bind argument to parameter 'OMEPSSession' because it is

null" or "Failed to create PS Session with Hardware Manager".............................................56


l Error message appears: DSC status at HLH is Failure. Connect to HLH <HLH IP Address> andissue Cmdlet Get-DscConfigurationStatus to check status after sometime.......................... 57

l [ERROR] Caught exception -> System.Management.Automation.RuntimeException...........58l After changing OME-VM administrator username, schedule backup stops working.............. 58l Status tab shows ‘HLH VM Backup -Skipped’.......................................................................59l Scheduled backup failed while uninstalling the Patch and Update Automation tool...............59l Patch and Update Automation tool fails to update SAE and throws error..............................59

Troubleshooting


View Dell EMC Patch and Update Automation log and tracefiles

To determine the cause of an error, view messages in the appropriate log and trace files.

A log file provides the details at a high level. A trace file is a verbose file that contains informationthat is captured while the tool is running. The files are stored in ddmmyyyy_mmhhss format. Forexample:

l DellEMC MHC PNU Trace_22122017_105308.txt

l DellEMC MHC PNU Log_22112017_105229.log

You can find the log and trace files by the following means:

l C:\Program Files (x86)\DellEMC\Patch and Update Automation Tool folder inthe OME VM.

l You can click View Log in the Status or Summary windows.

Note: For HLH schedule backup, go to C:\Program Files (x86)\DellEMC\VxRack ASPatch and Update Automation\HLHVMBackup_dd-MMM-yyyy.log. TheHLHVMBackup_dd-MMM-yyyy.log file contains information, warnings, and errors raisedduring HLH schedule backup execution. Example of such a log file is HLHVMBackup_04-Nov-2019.log.

View Azure Stack OEM package updates log and trace filesAbout this task

You can view the Azure Stack OEM package updates as mentioned in the Microsoft site, see Monitor updates in Azure Stack using the privileged endpoint.You can collect the Azure Stack update logs from the Microsoft site, see Collect Azure Stackdiagnostic logs now (on demand).

Procedure

1. Perform the following steps to get quick and easy update related logs:

a. Connect the privileged endpoint session to one of the ERCS Virtual Machine.

b. Run one of the following commands through the privileged endpoint session.

l Get-AzureStackUpdateStatus: This command gives a high-level overview of theupdate status.

l Get-AzureStackUpdateVerboseLog -Wait: This command gives an active viewof the logging.

l Get-AzureStackUpdateVerboseLog -Full: This command lets you to the sameoutput in file for debugging.

2. Perform the following steps to view Dell EMC firmware update logs:

a. Login to OME-VM.

You can view the running logs in the following path: C:\ProgramData\DellEMC\FirmwareUpdate\Logs\FirmwareUpdate.log.

Troubleshooting


https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-monitor-update

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-configure-on-demand-diagnostic-log-collection

https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-configure-on-demand-diagnostic-log-collection

You can view the past logs in the following path: C:\ProgramData\DellEMC\FirmwareUpdateLogs\.

While executing Switch Firmware Update, "No CatalogFound" error appears

Problem

While executing Switch Firmware Update the following error message appears:

[ERROR] No catalog file present under Firmware\Switches\SwitchFirmwareCatalog.json path of OEM package. Skipping execution as no update information found

Solution

Use the latest version of the Patch and Update Automation tool with the latest customer toolkit.

Dell EMC Patch and Update Automation stops functioningProblem

The Dell EMC Patch and Update Automation stops or fails during an ongoing upgrade.

Solution

Running the tool creates some transactional files that are maintained by the tool. Failure to cleanthese files might create some unwanted behavior. To restart the tool, delete the following files,which were created when the tool was last run:

l File.log, which can be found in the PSScripts folder

l AzsHLHUpgradeJobs.json, which can be found in the following folder: pnu-feature_DellPEPSTools\Post Deploy Firmware Patch and Update AzureStack

Trust relationship cannot be established for SSL/TLS securechannel

Problem

The underlying connection is closed, that is, the trust relationship for the SSL/TLS secure channelcannot be established. The remote certificate is invalid according to the validation procedure.

Solution

The OME VM where the Dell EMC Patch and Update Automation runs does not need to have atrust relationship with the Azure Stack endpoints for secure communication. You must install theSSL certificate (ARM admin) that were created during the Azure Stack deployment. Install thesecertificates in the OME VM so that the underlying communication is not blocked. For informationabout how to add SSL certificates, refer to Dell EMC Patch and Update Automation prerequisites.

Troubleshooting


Update installation failsProblem

During the installation of an update, a failure occurs and an error message appears.

Solution

Select one of the following options:

l View Log—Enables you to view the log file.

l Retry—Performs several background processes—such as checking and resolving any networkor memory issues—and enables you to retry the installation.

l Exit—Stops the complete workflow so you can restart from the beginning.Note: Edit parameters is only available during pre-check. Edit parameters allows you toedit parameters in Configuration window and then restart the Pre-check step.

OMNM Software upgrade process failing during setting thesystem into Audit mode

Problem

The update process may sometimes fail during setting the system into Audit mode.

Solution

For any failure that happens during setting the system in Audit mode, revert the system toEnforced mode.

To revert the System to Enforced mode:

1. Copy the CIPolicy Backup_SIPolicy.p7b file from the C:\OMNMSoftwareUpdate-<version>\Backup_SIPolicy.p7b folder to C:\Windows\System32\CodeIntegrity\SIPolicy.p7b.

2. Rename the Backup_SIPolicy.p7b to SIPolicy.p7b file before copying it to the CodeIntegrityfolder.

3. Restart the system and verify in System Information > Device Guard CodeIntegrityPolicythat the system is in Enforced mode.

Switch firmware update fails during pre-check phase orupgrade steps

Problem

The switch firmware update fails during the pre-check phase or after the firmware update phasewith an error that critical alerts are found.

Solution

Log in to the OMNM portal and review the critical alarms. To resume the update process, try toclose the alarm and rerun from the Dell EMC Patch and Update Automation.

Troubleshooting


Single VM or multiple VMs went to corrupted stateProblem

Single VM or multiple VMs went to corrupted state.

Solution

If the VMs go to saved stated and are unable to resume back, restore back the VMs to the originalstate using the (programmatic Patch and Update automation created or manually customercreated) snapshots.

The Dell EMC Patch and Update Automation takes OME & OMNM VMs backup in HLH. You canfind the backups in <Drive>:\DellEMC-VMsBackup and the Backup Target Folder Path if youentered a network share path under the Workflow tab as mentioned in Running the Dell EMCPatch and Update Automation > Step 6.

Note: <Drive> is as per the configurations in the Dell EMC Patch and Update Automation tool’ssettings page.

Perform the following steps to restore OME and OMNM VMs from the HLH's Hyper-V:

1. Connect to the HLH machine.

2. Delete the non-working VM residual files. This is optional, and you can ignore if your disk hasenough space.

a. Delete the VMs which are in saved state from the Hyper-V.

b. Navigate to the path mentioned above using file explorer and delete the VM files that arenot working.

3. Rename the folder DellEMC-VMsBackup to DellEMC-VMs.

a. Check if <Drive> has DellEMC-VMs, and delete it as it belongs to previous VMs.

Note: If you specified Backup Target Folder Path parameter under the Workflow tab(See Running the Dell EMC Patch and Update Automation > Workflow tab) and want torestore from this network path, copy the contents from the network path (mentioned inthe parameter) to folder C:\DellEMC-VMs if you are using Microsoft Windows Server2016 or E:\DellEMC-VMs if you are using Microsoft Windows Server 2019.

Note: If you want to restore a specific VM (OME, OMNM or OpenManage Enterprise), goto the specific folder in <Drive>:\DellEMCVMsBackup (or \\10.xx.xxx.xxx\backup\DellEMCVMsBackup for network share) and copy to folder C:\DellEMC-VMsif you are using Microsoft Windows Server 2016 or E:\DellEMC-VMs if you are usingMicrosoft Windows Server 2019.

Troubleshooting


4. Open HLH Hyper-V and select Import Virtual Machine option. Click Next.

5. To restore DellEMC-OMEVM, select folder C:\DellEMC-VMs\DellEMC-OMEVM if you areusing Microsoft Windows Server 2016 and select E:\DellEMCVMBuild\DellEMC-VMs ifyou are using Microsoft Windows Server 2019. Click Next.

Troubleshooting


6. Select the snapshot of DellEMC-OMEVM and click Next.

7. Select Register the virtual machine in-place (use the existing unique ID) and click Next.

8. Click Finish.

9. Once VM is created successfully in Hyper-V, rename the VM to DellEMC-OMEVM in Hyper-Vuser interface.

10. Repeat the steps from 6 to 10 to restore DellEMC-OMNMVM by selecting folderC:\DellEMC-VMs\DellEMC-OMNMVM if you are using Microsoft Windows Server 2016 and

Troubleshooting


selecting E:\DellEMCVMBuild\DellEMC-VMs if you are using Microsoft Windows Server2019 in step 6. Complete steps 7 - 9.

11. Make sure that the names of the restored OME and OMNM VMs are DellEMC-OMEVM andDellEMC-OMNMVM respectively.

Note: After restoration, if you start Patch and Update Automation tool, the tool may start fromthe same state where it left. To avoid this, forcefully close and restart the Patch and UpdateAutomation tool or delete DellEMC MHC PNU Data.dat and DellEMC MHC PNUInstance.txt files in the following path: C:\Program Files (x86)\DellEMC\VxRackAS Patch and Update Automation .

The update process fails during OMNM software upgradeProblem

The update process may sometimes fail during OMNM software upgrade.

Solution

If OMNM software installation fails to upgrade the Software, restore the VM backup that youcreated before the OMNM software update.

The OMNM software update process fails during extraction ormerging of Code Integrity Policy

Problem

The update process may sometimes fail during extraction or merging of Code Integrity Policy.

Solution

If the update process fails during merging or enforcing the policy, open a PowerShell session inadministrator mode and perform the following steps:

1. Run the following commands:

a. New-CIPolicy -Audit -Level Publisher -Fallback Hash -FilePath“C:\OMNMSoftwareUpdate-<version>\HashAuditPolicy.xml” –UserPEs 3>CIPolicyLog.txt

b. Merge-CIPolicy -PolicyPaths “C:\OMNMSoftwareUpdate-<version>\BaselineAuditPolicy.xml”, “C:\OMNMSoftwareUpdate-<version>\HashAuditPolicy.xml” -OutputFilePath “C:\OMNMSoftwareUpdate-<version>\ MergedAuditDeviceGuardPolicy.xml” | out-null

c. Set-RuleOption -FilePath “C:\OMNMSoftwareUpdate-<version>\MergedAuditDeviceGuardPolicy.xml” -Option 3 –Delete

d. $BinConvert = ConvertFrom-CIPolicy “C:\OMNMSoftwareUpdate-<version>\MergedAuditDeviceGuardPolicy.xml” “C:\OMNMSoftwareUpdate-<version>\MergedAuditDeviceGuardPolicy.bin”

e. Copy-Item $BinConvert “C:\Windows\System32\CodeIntegrity\SIPolicy.p7”

2. Run the following command: net stop synergy3. Change the directory(cd) to: <OMNM Application Path>\oware\synergy

\tomcat-7.0.70\bin\

Troubleshooting


4. Run the following command: .\service.bat update5. Run the following command: net start synergy6. Restart the system.

The OMNM software update process fails during starting,stopping Synergy service or updating oware service

Problem

The update process may sometimes fail during starting, stopping Synergy service or updatingoware service.

Solution

Open a PowerShell session in administrator mode and perform the following steps:

1. Run the following command: net stop synergy2. Change the directory(cd) to <OMNM Application Path>\oware\synergy

\tomcat-7.0.70\bin\3. Run the following command: .\service.bat update4. Run the following command: net start synergy5. Restart the system.

OME VM connection issues after restartProblem

After restart, you are unable to connect to the OME VM and the IP address does not appear.

Solution

To connect to iDRAC, perform the following steps:

1. Log in to HLH by launching the KVM console.

2. Go to C:\DriverUpdate\NetworkBackup.

3. Open Powershell in Administrator mode and run the following command:

netsh exec .\ipconfig.dat$allDnsData = Get-Content '.\dnssettings.dat' | ConvertFrom-Jsonforeach ($dnsdata in $allDnsData) {$interfaceName = $dnsdata.ElementName$dnsAddress = $dnsdata.AddressSet-DnsClientServerAddress -InterfaceAlias $interfaceName -ServerAddresses $dnsAddress}

4. Restart your system by running the following command: Restart-Computer –Force.

OME VM connection lost during the BMC switch updateProblem

OME VM connection is lost during the BMC switch firmware update.

Troubleshooting


Solution

As part of the BMC switch firmware update process, the Patch and Update Automation Toolreboots the BMC switch. When rebooting, there will be connectivity issues in accessing OME VMbecause it is connected to the BMC switch. Reconnect to the OME VM after the switch reboot iscomplete and the network is up.

ToR or BMC switch goes down during switch firmware updateProblem

ToR or BMC switch goes down during switch firmware update.

Solution

Contact Dell EMC support.

ToR switch in "not responding" state during the firmwareupdate in OMNM

Problem

The ToR switch is in "not-responding" state during the firmware update in OMNM. This causes theswitch firmware update to fail. This issue occurs in some cases where the switch is stuck at theinitial boot window.

Solution

To resolve this issue, establish a serial console connection to the switch. Follow the onscreeninstructions by pressing a key to complete the upgrade process for the switch.

ToR switch firmware update fails with an error BGP checkfailed

Problem

The ToR switch firmware update fails with an error BGP check failed.

Workaround

This issue is occurs if the BGP routes for the Azure Stack Software Load Balancer do not appearafter the ToR switch firmware update. Contact Dell EMC Support for help.

Dell EMC Patch and Update Automation skips HLH VMsBackup because of shortage of space in HLH drive

Problem

The Dell EMC Patch and Update Automation skips HLH VMs Backup due to shortage of space inHLH Drive. A skip message appears in the HLH VMs backup pre-check workflow (graphical view).The following log message appears: HLH Machine <HLH IP address> does not haveminimum of 200 GB to continue with VMs backup.Solution

Perform the following steps:

Troubleshooting


1. The HLH drive where HLH VMs backup is stored is present in the settings page parameterHLHDriveToTakeVMBackup. Change the HLHDriveToTakeVMBackup to switch to a drivewith sufficient space.

2. Alternately, you can also clean up the space from the selected drive to create the necessaryspace.

Dell EMC Patch and Update Automation skips HLH VMsBackup because VMs are not in running state

Problem

Dell EMC Patch and Update Automation skips HLH VMs Backup because VMs are not in runningstate. The Pre-check workflow (Graphical view) displays Skip message. The following logmessage appears: VMs are not in Running state. Please make sure both theVMs DellEMC-OMNMVM and DellEMC-OMEVM are in Running State.Solution

For a successful HLH VMs backup, ensure that the VMs are in running state.

Dell EMC Patch and Update Automation skips HLH VMsBackup because OME and OMNM VMs names are modified

Problem

The Dell EMC Patch and Update Automation skips HLH VMs Backup because the OME andOMNM VMs names are modified. The following log message appears in the HLH VMs backup pre-check workflow (graphical view): VM Names have been changed from *OME* and*OMNM*. Cannot continue with VM backup.Solution

Change the names of the OME and OMNM VMs in the HLH Hyper-V with strings *OME* and*OMNM*. Ensure the name of the OME VM contains *OME* in it and the name of the OMNMVM contains *OMNM* in it.

Dell EMC Patch and Update Automation skips HLH VMsBackup due to execution failure

Problem

The Dell EMC Patch and Update Automation skips HLH VMs Backup due to execution failure. Thefollowing log message appears HLH VMs backup execution workflow (graphical view):<Exception message thrown during operation>. HLH VMs Backup operationhas failed.

Example 1 Solution

Contact Dell EMC Support to troubleshoot the execution failure. In the meantimeperform manual backups of HLH VMs before the subsequent Dell EMC Patch andUpdate Automation execution.

Troubleshooting


Dell EMC Patch and Update Automation throws retry pop upfor HLH VMs Backup in pre-check workflow

Problem

Dell EMC Patch and Update Automation throws the following retry pop up for HLH VMs Backup inPre-check workflow:

Solution

This issue occurs because of the old JEA configurations in HLH. Get the latest 1903 JEA profilesfor HLH and perform the steps mentioned in the Dell EMC Patch and Update Installation guide toupdate the JEA end points.

OpenManage Essentials is blocked by Windows DefenderApplication Control

Problem

OpenManage Essentials displays a message as shown in the following figure when opening theapplication.

Troubleshooting


Solution

Place WDAC into audit mode, slipstream related audit events into your base policy, and enforcethe updated policy as follows:

1. On the OME VM, open PowerShell with Administrator Privileges.

2. Navigate to: C:\DellEMC-Update\UpdateWDAC-1.x.x.

3. Import the following PowerShell Module by running: Import-ModuleCreateWDACPolicies-<version>.psm1.

4. To put the environment in audit mode, run the following cmdlet: New-OMEWDACPolicy –AuditPolicy.

5. Reboot the VM

6. Open OpenManage Essentials and navigate to the following window:


8. Import the following PowerShell Module by running: Import-ModuleCreateWDACPolicies-<version>.psm1.

9. To set the current audit policy in enforced mode, run: New-OMEEnforcedAuditPolicy.

10. Reboot the VM.

11. Ensure that you can open OpenManage Essentials.

JEA endpoints not working from OME to HLH and OMNM VMProblem

Register JEA script does not continue to run after the first reboot on the HLH and OMNM servers.When logged into both the (HLH and OMNM VM) servers, the script requires manual intervention.

Troubleshooting


Solution

Provide appropriate input into the PowerShell console, the script will be able to continue andultimately succeed.

Note: This issue occurs with RegisterJEAConfiguration_1.0.1811.25 from versionCloud for Microsoft Azure Stack VxRackAS 14G Customer Toolkit2-1-1901. This issue is resolved from version Cloud for Microsoft Azure StackVxRackAS 14G Customer Toolkit 2-1-1902 onwards.

Retry pop-up appears in Pre-check workflow: Driver updatesfolder not found

Problem

Error message appears: Driver updates folder not found.

Solution

Ensure that you did not make any changes to the downloaded Customer Toolkit files and re-initiatePatch and Update execution. In case the error still exists, contact Dell EMC support.

OS updates failure due to WUSA error and Patch and UpdateAutomation tool throws errors

Problem

While executing Windows OS update for HLH, OME, and OMNM management Virtual machines,WUSA may not be able to succeed and return back an inappropriate return code. The Patch andUpdate Automation tool stops and retrying the execution may not produce the desired results.

Troubleshooting


Solution

You can manually execute the OS update and rerun the Patch and Update Automation tool toproceed further.

Error message appears: "OpenManage Enterprise does nothave required permission"

Problem

Error message appears: NFS Share: OMEntRPM doesn't has required permission.

Solution


1. Manually add the OpenManage Enterprise IP address and host name in hosts file inC:\Windows\System32\drivers\etc.

2. Connect to OME VM.

3. Go to C:\Windows\System32\drivers\etc.

4. Open hosts file, edit the file, and save it to the desktop with no file extension before copying itback to C:\Windows\System32\Drivers\etc\ because of permissions issues.

5. Run the following script: .\Install-OMEnterprise.ps1 -Rerun

Issues if not getting the EULA acceptance pageProblem

After launching the OpenManage Enterprise VM, if you are not able to get the EULA acceptance, itcauses issues such as you can not assign IP or change password.

Solution


1. Go to the Hyper-V.

2. Select DellEMC-OMEntVM and right click.

3. Click Turnoff. A pup-up appears.

4. Select again Turnoff.

5. Again select DellEMC-OMEntVM and right click.

6. Click Delete.

7. Once delete is done, run Install-OMEnterprise.ps1 with all the parameters mentionedabove.

Troubleshooting


Failure of the first time login to OpenManage EnterpriseProblem

After deployment of OpenManage Enterprise VM and assigning IP, if you keep it idle, the first timelogin it may fail. It shows password is wrong. When you enter the password again, validation fails.

Solution

Restart the services.

Failing to add OpenManage Enterprise adapter in SAEProblem

Sometimes you may not be able to add OpenManage Enterprise adapter in SAE.

Solution

Check whether OperManage Enterprise adapter version 1.4 is applied or not. If not, run it manuallyand try to add OpenManage Enterprise in SAE again.

Issues after using incorrect password for multiple times whilelogging in to OpenManage Enterprise

Problem

Sometimes you may not be able to add OpenManage Enterprise adapter in SAE.

Solution

While logging in to OpenManage Enterprise, if you enter incorrect password multiple time, the siteblocks your account for half an hour. Wait for half an hour and try logging in again.

After adding OpenManage Enterprise adapter in SAE, HLH orScale Unit node go to staging mode

Problem

Sometimes After adding OpenManage Enterprise adapter in SAE, HLH or Scale Unit node goes tostaging mode.

Troubleshooting


Figure 8 HLH or Scale Unit node in stagging mode

Solution

Wait and re-sync after 24 hours.

OpenManage Enterprise discovery job incomplete errorProblem

The Install-OMEnterprise.ps1 script fails with the following error message:

Invoke-OMEntSUNodeDiscovery : Failed to create discovery config in OM Enterprise [<OM Enterprise IPAddress>] due to: Discovery job [ID: <Job ID>] is incomplete

Solution

This error might occur due to the wrong iDRAC admin credentials provided while executing thescript. Re-start the script by providing the correct iDRAC admin credentials.

OME-VM throws error- "Cannot bind argument to parameter'OMEPSSession' because it is null" or "Failed to create PSSession with Hardware Manager"

Problem

OME-VM throws the following error:

l Cannot bind argument to parameter 'OMEPSSession' because it is nulll Failed to create PS Session with Hardware ManagerThis error occurs if the following are not inplace:

l Unblock Customer Toolkit Zip

l Check OME Network Connection Profile

l Incorrect JEA Credentials

Troubleshooting


Solution

l Unblock Customer Toolkit Zip

Once you downloaded and copied the customer toolkit zip to OME, ensure you unblock the filebefore extracting the contents on the OME server. If the file contents are blocked, it throws error-Cannot bind argument to parameter 'OMEPSSession' because it is null.

l Check OME Network Connection Profile

On OME, launch a PowerShell window as administrator and run the following comand: Get-NetConnectionProfile.

If the Network category is Private; this is correct. If Network category has any other value,then run the following command. Replacing the InterfaceIndex (XXX) with the number from theresults of the command above: Set-NetConnectionProfile -InterfaceIndex XXX -NetworkCategory PrivateIf the network category is Public, you will see the same error- Cannot bind argument toparameter 'OMEPSSession' because it is null.

l Incorrect JEA Credentials

Ensure that you enter the correct JEA username and password. JEA credentials are not the sameas the CloudAdmin account (DellEMC-OMEVM\accountname). Ensure that the JEA passworddoes not contain any special character, for example, @, # or %.

Error message appears: DSC status at HLH is Failure. Connectto HLH <HLH IP Address> and issue Cmdlet Get-DscConfigurationStatus to check status after sometime

Problem

If the Desired State Configuration (DCS) status is Fail, while running the Dell EMC Patch andAutomation tool, on the Status tab, in the Cleanup extracted folder phase, the following errormessage appears:

DSC status at HLH is Failure. Connect to HLH <HLH IP Address> and issue Cmdlet Get-DscConfigurationStatus to check status after sometime.

Solution


1. Connect to HLH (10.xxx.xxx.xxx)

2. Open Powershell in admin mode and run the following command: $testdscconfig= Get-DscConfigurationStatus.

3. Run the following command: $testdscconfig.status.Ensure that the status is Success. See the following figure.

4. If the status is Fail, to know which resource is in Fail state, run the following command:$testdscconfig.ResourcesNotInDesiredState

Troubleshooting


It takes 30 to 40 minutes to change the status. After running the command, if the status is stillFail, contact the support.

[ERROR] Caught exception ->System.Management.Automation.RuntimeException

Problem

If you have not configured JEA on HLH server, OME-VM, and OMNM-VM, the following error mayoccur:

[ERROR] Caught exception -> System.Management.Automation.RuntimeException: The term <VisibleCmdlets, VisibleFunction, External commands or VisibleProviders> is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Solution

If you have not applied JEA on HLH server, OME-VM, and OMNM-VM, perform the followingsteps:

1. Perform the steps mentioned in Configure Just Enough Administration (JEA) on the system

2. Perform the steps mentioned in Configuring JEA on HLH, OME VM, and OMNM VM

If you have not applied the latest JEA on HLH server, OME-VM, and OMNM-VM, perform thefollowing steps:

1. Perform the steps mentioned in Configure Just Enough Administration (JEA) on the system

2. Perform the steps mentioned in Configuring JEA on HLH, OME VM, and OMNM VM

3. For applying latest JEA, you can use the previously used RemoteUser parameter name andpassword or a new RemoteUser parameter and password (applicable to HLH server, OME-VM,and OMNM-VM).

After changing OME-VM administrator username, schedulebackup stops working

Problem

After changing OME-VM administrator username, schedule backup stops working.

Solution


1. Log in to the OME-VM using the new administrator user credentials.

2. Run the Patch and Update Automation tool and enter credentials details in Profile section andclick on Next.

3. Exit the Patch and Update Automation tool.

4. From your local machine, open Task Scheduler and select taskDellEMC_Execute_VMBackup. Right-click and select Run.

Troubleshooting


Status tab shows ‘HLH VM Backup -Skipped’Problem

While running the Patch and Update Automation, sometimes the Status tab shows HLH VMBackup -Skipped.

Solution

If the Status tab shows HLH VM Backup -Skipped or Skipped HLH VM backup, check logson the Summary tab for details. It does not always mean backup has not been taken. Check thePatch and Update logs to understand and troubleshoot the exact issue. Click View Log underSummary tab to open the log file or go to C:\Program Files (x86)\DellEMC\VxRack ASPatch and Update Automation\ folder and open the latest updated log.

Scheduled backup failed while uninstalling the Patch andUpdate Automation tool

Problem

Scheduled backup failed while uninstalling the Patch and Update Automation tool.

Solution


1. Open task scheduler from your OME-VM and go to Task Scheduler library.

2. Delete the job DellEMC_Execute_VMBackup in the task scheduler.

Patch and Update Automation tool fails to update SAE andthrows error

Problem

Patch and Update Automation tool fails to update SAE and throws the following error message:

<Date Time> [WARN] Upgrade SupportAssist Enterprise: SupportAssistEnterprise_<version> was not installed properly in the system.

Solution

In the customer toolkit, go to AzS_DellEMC_R640_R740xd_R840_CustomerToolkit_2-1-xxxx-xx \UpgradeSAE-x.x.x and manually run the following script: SoftwareInstall-x.x.x.ps1.

Troubleshooting


Troubleshooting


APPENDIX A

Dell EMC Patch and Update AutomationConfigurations

This appendix presents the following topics:

l Editing configuration settings................................................................................................62


Editing configuration settingsAbout this task

Normally, when you access the Dell EMC Patch and Update Automation, the system automaticallyprovides the default parameters. If the tool does not autofill the parameters, and clicking Retrydoes not resolve the issue, your administrator can manually enter the parameters.To edit the configuration settings in Dell EMC Patch & Update Automation:

Procedure

1. In the Dell EMC Patch and Update Automation, navigate to Configuration > Profile tab.

2. Enter the values in the relevant field(s) by referring the following sections, and then clickNext.

Note: Do not leave any field empty. The tool generates an error message prompting youto enter the values.

Note: If you enter a wrong value in the Dell EMC Patch and Update Automation userinterface, the input field turns red. Once a field turns red, it continues to be red evenafter you enter the correct value. The red color disappears only after you enter thecorrect value and click Next.

Profile tabYou must enter all the fields in the Profile window. The following figure shows the Profile window.

Figure 9 Profile tab

The following table shows details of each field on the Profile window.

Dell EMC Patch and Update Automation Configurations


Table 3 Profile page in the Dell EMC Patch and Update Automation

Parameter Description

iDRAC User Login name for the BMC/iDRAC on the HLHnodes

iDRAC Password Password for BMC/iDRAC login

Firmware SMB Share Host User Username that can access a file share createdon the host that is running the Dell EMCPatch and Update Automation (the OME VM)Example: <username under which the tool hasbeen executed>

Firmware SMB Share Host Password Password for file share user

HLH Remote User Name User member of the Remote ManagementUsers group on HLH

Note: HLH Remote User Name is createdduring application of JEA configuration.This gives access to HLH JEA endpoints.

HLH Remote User Password Password for the HLH Remote user specifiedabove

OMNM Remote User Name User member of the Remote ManagementUsers group on OMNM VM

Note: OMNM Remote User Name iscreated during application of JEAconfiguration. This gives access toOMNM VM JEA endpoints.

OMNM Remote User Password Password for the OMNM Remote userspecified above

OMNM Portal Admin User Name OMNM Portal Admin User Name

OMNM Portal Admin Password OMNM Portal Admin Password

BackupNetworkShareUsername Username for the Network share specified inthe Workflow tab.

BackupNetworkSharePassword Password for the Network Share specified inthe Workflow tab.

Workflow tabThe following figure shows the available parameters in the Workflow window. This windowappears when you click Accept from the Welcome window. In the Workflow window, the file-browser icon allows you to find the required file and set the path location. You can hover themouse over the parameter fields to see information regarding the parameter values.



Figure 10 Workflow tab

The following table shows details of the parameters on the Workflow window:

Table 4 Workflow window in the Dell EMC Patch and Update Automation


Dell EMC Customer Toolkit Folder Folder path of the Cloud for Microsoft AzureStack Dell EMC Customer ToolkitExample: C:\PNU\Toolkit

The Cloud for Microsoft Azure Stack DellEMC Customer Toolkit ZIP file is available inthis folder.

HLH iDRAC IPAddress IP address of the HLH iDRAC.

HLH IPAddress IP address of the HLH server.

OMNM VM IPAddress IP Address of OMNM VM, for example,10.XXX.XX.XYZ.

OMEnterprise RPM Folder Path (Optional,use this if you have deployed OpenManageEnterprise)

OpenManage Enterprise RPM package folderpath in OME Virtual Machine.

OMEnterprise IPAddress (Optional, use this ifyou have deployed OpenManage Enterprise)

IPAddress of OpenManage Enterprise VM(example: 10.xxx.xxx.xxx).

Software Load Balancer BGP ASN BGP ASN of the Software Load Balancer(SLB) running on the AzureStack, forexample, 64910.

BackupTargetFolderPath Path to Backup Target (Local drive or folderor network path).

Settings tabThe following figure shows the settings that your administrator can change.



Figure 11 Settings tab

The following table provides details about each parameter in the Settings window.

Table 5 Settings window in the Dell EMC Patch and Update Automation


EnableSmb1Protocol Allows you to set true or false, which enables/disables the SMB v1.By default, the value is set to False. Use the

list box to change the value to True.

MAXRetriesForServiceStart Allows you to set the maximum number ofretries to check for WinRM service to start onthe remote machine after the restart.

UseHTTPSForOMNM From 1906 release onwards, the Dell EMCPatch and Update Automation tool supportsonly HTTPS. If you are using the Dell EMCPatch and Update Automation tool for thefirst time, on the Setting tab, from theUseHTTPSForOMNM dropdown list, selectTrue.

BGPSummaryActionName BGP Summary Action imported in to theOMNM. By default it is to set BGP Summary.Do not change the BGPSummaryActionNameunless the name of the action is different inOMNM

HLHDriveToTakeVMBackup For the HLH VMs Backup step, if you areusing Microsoft Windows Server 2016 you canselect the HLH drive (C or D) where HLH VMsbackup file would be stored. if you are usingMicrosoft Windows Server 2019, select Edrive.

Backup Schedule For the recurrence, there are three options:Daily, Weekly, and Monthly. By

default Monthly option is selected.



Schedule HLH server backup

About this task

On the Setting tab, in the Recurrence section, you can set HLH server backup schedule byselecting Daily, Weekly or Monthly radio buttons. You can also perform HLH server backup ondemand as follows:

Procedure

1. On your local machine, go to Control Panel > Administrative tools > Task Scheduler.

2. Select the task Name- DellEMC_Execute_VMBackup.

3. Click Properties.

4. Under the Triggers tab, select the trigger (Daily, Weekly or Monthly) and click Edit.

5. Check out the Enable button.

If the Patch and Update Automation tool fails or skips to copy to the Backup Target FolderPath, manually copy the backup files from C:\DellEMC-VMsBackup (E:\DellEMC-VMsBackup in case of Windows 2019) to \\10.xx.xxx.xxx\backup\DellEMCVMsBackup (Backup Target Folder Path).

Back to "Running the Patch and Update Automation tool"



APPENDIX B

OpenManage Enterprise


l OpenManage Enterprise........................................................................................................68


OpenManage EnterpriseOpenManage Enterprise is the latest systems management and monitoring application from DellEMC. OpenManage Enterprise replaces OpenManage Essentials as part of Dell EMC Cloud forMicrosoft Azure Stack 1906 Release . We recommend you install the latest version of theOpenManage Enterprise.

Copy InstallOMEnterprise script from Dell EMC Customer ToolkitAbout this task

Refer to the Downloading the latest customer toolkit to know how to download the latestcustomer's toolkit. In OME VM, go to the path C:\DellEMC-Update\Prerequisites andcopy the InstallOMEnterprise_<version> by leveraging the shared folder on the HLHserver , see Create a file share in HLH. Copy the InstallOMEnterprise_<version> folderfrom HLH share folder to local C:\DellEMC-Update in HLH. If you are using Microsoft WindowsServer 2019, copy the InstallOMEnterprise_<version> folder from HLH share folder tolocal E:\DellEMC-Update in HLH.

Deploying OpenManage Enterprise for Azure StackAbout this task

Perform the following steps to deploy OpenManage Enterprise for Azure Stack:

Procedure

1. Perform the following steps to enter inputs:

a. Copy InstallOMEnterprise_version from HLH share to C:\DellEMC-Update.

b. Open an administrative PowerShell session from HLH.

c. Navigate to C:\DellEMC-Update\InstallOMEnterprise_version.

d. Enter file path of the DeploymentDataJson: D:\DeploymentFiles\JSONs\DeploymentData.json.

e. Enter file path of the ConfigurationDataJson: D:\DeploymentFiles\JSONs\ConfigurationData.json.

f. Enter OMEVMCredentials.

g. Enter iDRAC Credential.

h. Enter the file path of the OMEntZipPath parameter. This is optional. You can give anyfile path.

For example, D:\Share\ openmanage_enterprise_vhd_format_3.2.zip or thedefault path is D:\DellEMCVMBuild\VHDLibrary\ .

You can download the openmanage_enterprise_vhd_format_<version>.zipfile from the following link: https://www.dell.com/support/home/us/en/04/drivers/DriversDetails?driverId=8PM2K.

i. Enter RackNumber. This is an optional parameter.

The following figure show the output:



HTTPS://WWW.DELL.COM/SUPPORT/HOME/US/EN/04/DRIVERS/DRIVERSDETAILS?DRIVERID=8PM2K

HTTPS://WWW.DELL.COM/SUPPORT/HOME/US/EN/04/DRIVERS/DRIVERSDETAILS?DRIVERID=8PM2K

2. Install OpenManage Enterprise VM.

After installing the VM successfully, the following message appears:

3. Perform the following steps to launch the OpenManage Enterprise VM:

a. Click Accept.

b. Choose keyboard layout from the available list of layout.



c. Change the admin password. Make sure that the admin password contains a specialcharacter and an upper case.

d. Select Set Networking Parameters > Configure Network Interface and then enter thefollowing details:

l Static IPv4 Address (10.XXX.XXX.118). Default IP should be set 10.xxx.xxx.118. Youcan find it from the ConfigurationData.json, use External3.

l Static Gateway (10.XXX.XXX.XXX)

l Subnet Mask (255.255.XXX.XXX)

l Preferred DNS (192.168.XXX.XXX)



4. Add OMEnterprise data. Use the password you set in the OpenManage Enterprise VM in theprevious steps.

If it fails first time, you will be prompted to enter OpenManage Enterprise IP address andpassword.

Enter the IP address assigned to OpenManage Enterprise VM in previous step. The defaultIP address is 10.xxx.xxx.118.

The following messages appear:

l Connection to OMEnterprise succeededl Saved OMEnterprise data successfully

Note: The script performs the steps 5 and 6. You do not have to do these manually. Incase of any error, perform the steps 5 and 6 manually.

5. Add NFS Share.

The following message appears: NFSshare created successfully.

6. Discovery Scale Unit nodes in OMEnterprise.

a. Discovery HLH node in OMEnterprise.

b. Configures OpenManage Enterprise Console first time settings.

c. Adding OpenManage Enterprise Version in As-Built JSON

Check if OpenManage Enterprise is deployed properly by performing the following steps:



a. Log in to OME VM.

b. Go to https://10.xxx.xxx.118/

c. Enter user ID (default ID: admin) and password (the password which you set in theprevious steps.).

d. The OpenManage Enterprise page appears as follows:

Figure 12 OpenManage Enterprise

e. Click Devices > All devices. You can see all the added devices (HLH and Scal Unitnodes).

Back to "Accessing the current environment"



APPENDIX C

Windows Defender Application Control (WDAC)

This appendix presents the following topic:

l Windows Defender Application Control (WDAC)................................................................... 74


Windows Defender Application Control (WDAC)SAE (Updated by the Patch and Update Automation tool) and OpenManage Enterprise give youthe ability to leverage the latest features and software enhancements. Ensure that you are runningOpenManage Enterprise version 3.2. If not, see OpenManage Enterprise.

Note: If you are running OpenManage Enterprise version 3.2, proceed to Placing WDAC policyinto audit mode.

CAUTION OpenManage Essentials has been deprecated in Dell EMC 1906 and is beingreplaced with OpenManage Enterprise which runs on a standalone VM.

Placing WDAC policy into audit modeAbout this task

To put the WDAC policy into audit mode:

Procedure

1. On the OME VM, open PowerShell with Administrator Privileges.

2. Navigate to: C:\DellEMC-Update\UpdateWDAC-1.x.x.

3. Import the following module: Import-Module CreateWDACPolicies-1.x.x.psm1

4. If you have run UpdateWDAC from a previous Customer Toolkit, run the following cmdlet tomerge over the previous Archive directory: MigrateArchive -ArchiveSource <path>\UpdateWDAC-x.x.x\Archive

(For -ArchiveSource parameter path mentioned in the above cmdlet, use the temporaryfolder path you selected in Step 2 of Downloading the latest Dell EMC Customer Toolkit. Forexample, C:\Temp\UpdateWDAC-1.x.x). Refer to the following figure.

5. To put the environment in audit mode, run the following cmdlet: New-OMEWDACPolicy –AuditPolicy

Figure 13 Putting new environment into audit mode

6. Reboot the VM.



Enforcing WDAC policyAbout this task

Perform the following steps to enforce WDAC policy:

Procedure


2. Navigate to C:\DellEMC-Update\UpdateWDAC-1.x.x.

3. To import the PowerShell module, run: Import-Module CreateWDACPolicies-<version>.psm1

4. To set the current audit policy in enforced mode, run: New-OMEEnforcedAuditPolicy.

Note: This cmdlet is included in the module that you imported in the previous step.

5. Restart the VM.

Back to Prerequisites



APPENDIX D

Verify BitLocker Recovery Password


l Verifying BitLocker Recovery Password................................................................................78l Resuming and Suspending BitLocker.....................................................................................79l Suspending BitLocker............................................................................................................79l Resuming BitLocker...............................................................................................................79


Verifying BitLocker Recovery PasswordBefore you begin

Ensure that BitLocker feature and its tools are installed on HLH host by entering the followingcommand: Get-WindowsFeature -Name Bitlocker,RSAT-Feature-Tools-BitLocker.

If the BitLocker features and its tools are not in Installed state, enable the features by enteringthe following command: Install-WindowsFeature -Name Bitlocker,RSAT-Feature-Tools-BitLocker.

About this task

To verify that a BitLocker Recovery Password for the C: drive in HLH is available:

Procedure

1. Open an elevated (administrator) PowerShell on the HLH host.

2. Run the following command: (Get-BitLockerVolume -MountPoint“C:”).KeyProtector

3. Ensure that a key protector for RecoveryPassword is listed, and that this numericalpassword has been saved somewhere outside of the HLH host.

This makes it possible to decrypt your drive if BitLocker becomes active during the updateprocess.

4. If a RecoveryPassword key protector is not present, run the following command: Add-BitLockerKeyProtector –MountPoint “C:” -RecoveryPasswordProtectorThe new password is displayed when it is created. You can repeat the previous command todisplay it again.

We recommend that you confirm that a RecoveryPassword key protector is also availablefor the D: drive. Create this key protector if it is not present.

5. To confirm the presence of the key protector RecoveryPassword or to create it if it isabsent, substitute D: in place of C: in both commands in this procedure.



Resuming and Suspending BitLockerAbout this task

The Dell EMC Patch and Update Automation resumes and suspends the BitLocker automaticallywhen required. If it does not work for any reason, or you want to resume or suspend the BitLocker,refer to the next sections.Back to Prerequisites

Suspending BitLockerAbout this task

To suspend BitLocker on the OS volume:

Procedure

1. Open an elevated (administrator) PowerShell on HLH.

2. Run the following command: Suspend-BitLocker -MountPoint "C:" -RebootCount 0

3. Verify that the Protection Status is set to Off.

Note: There is no need to suspend the D: drive.

Resuming BitLockerAbout this task

To resume BitLocker on the C: drive:

Procedure

1. Open an elevated (administrator) PowerShell on HLH.

2. Run the following command: PS C:\> Resume-BitLocker -MountPoint "C:"Back to "Accessing the current environment"



APPENDIX E

Updating ACLs on the BMC switch


l Update switch with ACLs...................................................................................................... 82l Updating ACLs on the BMC switch....................................................................................... 82


Update switch with ACLsProcedure

1. Open File Explorer and

2. Copy your ConfigurationData.json to C:\DellEMC-Update\UpdateACL-version.

3. Open an Administrative PowerShell Session.

4. Navigate to C:\DellEMC-Update\UpdateACL-version.

5. Execute UpdateACLWrapper-version.ps1.

6. When prompted, enter the respective switch credentials that you want to update.

If the script does not work, you can update the ACLs manually, see Updating ACLs on theBMC switch.

Note: If the following error message appears, see Appendix: Configure the 'ssh-only'ACL:

WARNING: Exiting -> Caught exception -> the following switches (10.120.100.00 10.120.100.11 10.120.100.01) could not establish an SSH session

To check the status, go to C:\DellEMC-Update\UpdateACL-x.x.x\UpdateACL_Log.json and check the logs. Ensure that status is Success.

Updating ACLs on the BMC switchAbout this task

To allow access from the OME and OMNM IPs, configure the following ACL changes on the BMCswitch. You need the ConfigurationData.JSON file to get the values for all the parameters.

ip access-list extended Rack01-BMCMgmtINseq <index> permit ip host <OME IP> <P2P_Rack01/BMC_To_Rack01/Tor1> countseq <index> permit ip host <OMNM IP> <P2P_Rack01/BMC_To_Rack01/Tor1 > countseq <index> permit ip host <OME IP> <P2P_Rack01/BMC_To_Rack01/Tor2 > countseq <index> permit ip host <OMNM IP> <P2P_Rack01/BMC_To_Rack01/Tor2> countseq <index> permit ip host <OME IP> <Rack01-SwitchMgmt> countseq <index> permit ip host <OMNM IP> <Rack01-SwitchMgmt> countseq <index> permit ip host <OME IP> <Rack01-CL01-SU01-InternalVIPs> countseq <index> permit ip host <OMNM IP> <Rack01-CL01-SU01-InternalVIPs> count

ip access-list extended Rack01-BMCMgmt_OUTseq <index> permit ip <P2P_Rack01/BMC_To_Rack01/Tor1> host <OME IP> countseq <index> permit ip <P2P_Rack01/BMC_To_Rack01/Tor1> host <OMNM IP> countseq <index> permit ip <P2P_Rack01/BMC_To_Rack01/Tor2> host <OME IP> countseq <index> permit ip <P2P_Rack01/BMC_To_Rack01/Tor2> host <OMNM IP> countseq <index> permit ip <Rack01-SwitchMgmt> host <OME IP> countseq <index> permit ip <Rack01-SwitchMgmt> host <OMNM IP> countseq <index> permit ip <Rack01-CL01-SU01-InternalVIPs> host <OME IP> countseq <index> permit ip <Rack01-CL01-SU01-InternalVIPs> host <OMNM IP> count

The following table describes the parameters that are mentioned in the ACLs.



Table 6 ACL parameters

Parameter name Description Sample value

<index> A unique sequence numbermust be used for each entityin the access control list.Entities are evaluated fromlow to high, and sequencenumbers of 500 and higherare reserved for entities thatare defined duringdeployment.

90,100,110, and so on

<OME IP> Search for External1 IP in theConfigurationData.JSON file.

10.128.4.16

<OMNM IP> Search for External1 IP in theConfigurationData.JSON file.

10.128.4.16

<P2P_Rack01/BMC_To_Rack01/Tor1>

P2P Subnet for BMC to TOR1. In theConfigurationData.JSON file,search for IP address objectwith name P2P_Rack01/BMC_To_Rack01/Tor1 andselect the IPv4SubnetStringvalue.

10.128.4.16/30


P2P Subnet for BMC to TOR2. In theConfigurationData.JSON file,search for IP address objectwith name P2P_Rack01/BMC_To_Rack01/Tor2 andselect the IPv4SubnetStringvalue.

10.128.4.20/30

<R01-SwitchMgmt> Switch Management NetworkSubnet. In theConfigurationData.JSON file,search for IP address objectwith name <R01-SwitchMgmt> and select theIPv4SubnetString value.

10.128.4.40/29

<Rack01-CL01-SU01-InternalVIPs>

Infrastructure VIP subnet. Inthe ConfigurationData.JSONfile, search for IP addressobject with name Rack01-CL01-SU01-InternalVIPs andselect the IPv4SubnetStringvalue.

10.128.6.128/26



Using the example values in Table 5, the ACL changes are as follows:

ip access-list extended Rack01-BMCMgmt_INremark 80 external (10.128.4.116/117) to ToR1-P2P (10.128.4.16/30)seq 90 permit ip host 10.128.4.116 10.128.4.16/30 countseq 100 permit ip host 10.128.4.117 10.128.4.16/30 countremark 110 external (10.128.4.116/117) to ToR2-P2P (10.128.4.20/30)seq 120 permit ip host 10.128.4.116 10.128.4.20/30 countseq 130 permit ip host 10.128.4.117 10.128.4.20/30 countremark 140 external (10.128.4.116/117) to R01-SwitchMgmt (10.128.4.40/29)seq 150 permit ip host 10.128.4.116 10.128.4.0/26 countseq 160 permit ip host 10.128.4.117 10.128.4.0/26 countremark 170 external (10.128.4.116/117) to INFVIP (10.128.6.128/25)seq 180 permit ip host 10.128.4.116 10.128.6.128/25 countseq 190 permit ip host 10.128.4.117 10.128.6.128/25 count

ip access-list extended Rack01-BMCMgmt_OUTremark 80 ToR1-P2P (10.128.4.16/30) to external (10.128.4.116/117)seq 90 permit ip 10.128.4.16/30 host 10.128.4.116 countseq 100 permit ip 10.128.4.16/30 host 10.128.4.117 countremark 110 ToR2-P2P (10.128.4.20/30) to external (10.128.4.116/117)seq 120 permit ip 10.128.4.20/30 host 10.128.4.116 countseq 130 permit ip 10.128.4.20/30 host 10.128.4.117 countremark 140 R01-SwitchMgmt (10.128.4.40/29) to external (10.128.4.116/117)seq 150 permit ip 10.128.4.0/26 host 10.128.4.116 countseq 160 permit ip 10.128.4.0/26 host 10.128.4.117 countremark 170 INFVIP (10.128.6.128/25) to external (10.128.4.116/117)seq 180 permit ip 10.128.6.128/25 host 10.128.4.116 countseq 190 permit ip 10.128.6.128/25 host 10.128.4.117 count

If the ACL updates are not present in the BMC switch, perform the following steps to enable theDell EMC Patch and Update Automation to enable the communication between OMNM softwareand the switches:

Procedure

1. Connect to the BMC switch via SSH using Putty or any other terminal software.

2. Enter the configuration mode by typing config in the console.

3. When you are in configuration mode, copy the previously mentioned ACL changes.

4. Run the following command to save the ACL changes permanently on the switches: dowrite .

The following table shows the networking switch and ACL procedures names:

Table 7 Names of switch parameters/connections for ACLs

Object Prior to PTK 1807 PTK 1807 and later

ACL procedure CL01-VIPS-ADMIN <Rack01-CL01-SU01-InternalVIPs>

TOR1 P2P to BMC P2P_Rack1/TOR1_To_Rack1/BMC TORPort 46


TOR2 P2P to BMC P2P_Rack1/TOR2_To_Rack1/BMC TORPort 46


Switch Management Subnet SwitchMgmt <R01-SwitchMgmt>



Note:PTK, also known as Partner Toolkit, aligns with the Microsoft releases.

The switch configuration file version, known as the BUILDNUMBER, is stored in themessage-of the-day (MOTD) statement in the switch.

Switch BUILDNUMBER 1.1807.816.1 is equivalent to PTK 1807.

You can find the switch BUILDNUMBER by running the following command on any ofthe Azure Stack switches: show running-config | grep BUILDNUMBERAlternatively, you can search a copy of the switch running-configuration file forBUILDNUMBER.

Back to "Accessing the current environment"



APPENDIX F

Configure the 'ssh-only' ACL


l Configure the ‘ssh-only’ ACL.................................................................................................88


Configure the ‘ssh-only’ ACLNote: We recommend that you perform this on BMC, ToR1, and ToR2 switches.

To enable SSH access from OMNM and other endpoints on the BMC management network, addan additional permit ACL entry and ensure that it has a sequence number lower than the seq500 deny… entry. Similarly, switch management access from another customer-specifiednetwork would require yet another permit ACL entry with a unique sequence number lower thanthe seq 500 deny… entry.

The following example includes both entries. In this example, <BMCMgmt-net> represents theCIDR representation of the Azure Stack BMC network, <SwitchMgmt-net> represents the CIDRrepresentation of the Azure Stack switch management network, and <Customer-net>represents the CIDR representation of the customer-specified network.

ip access-list extended ssh-onlyseq 10 permit tcp <BMCMgmt-net> <SwitchMgmt-net> eq 22seq 20 permit tcp <Customer-net> <SwitchMgmt-net> eq 22seq 500 deny ip any any

Here is an example

Note: To add permit ACLs for 'ssh-only', leverage a physical serial connection to the switch(connected to a PAW or laptop) as the default behavior is to deny all SSH connections.

Note: Extract-SSHNetworks.ps1 which is present in the DellEMC CustomerToolkit will outputyour BMCMgmt-net and SwitchMgmt-net subnets by parsing the ConfigurationData.json. Seethe following figure for more information:


Configure the 'ssh-only' ACL


APPENDIX G

Configure Just Enough Administration (JEA) onthe system


l Configure Just Enough Administration (JEA) on the system.................................................90


Configure Just Enough Administration (JEA) on the systemAbout this task

Note: While configuring JEA on the system, the server restarts and continues running moresteps. Then the server restarts again.

Before you configure the JEA on the system, perform the following steps to copy the required filesto HLH and OMNM-VM:

Procedure

1. Download and extract the latest Customer Toolkit on the OME VM.

Note: Note: If you have already downloaded the Customer Toolkit (as mentioned in Downloading the latest Dell EMC Customer Toolkit), you do not have to download itagain.

2. In the Customer Toolkit, navigate to the Prerequisites folder, and copyRegisterJEAConfiguration_<X.X.XXXX.XX> (where <X.X.XXXX.XX> is the version of theJEA configuration scripts) using a share to the HLH and OMNM VM.

Refer to Create a file share in HLH server and OMNM-VM and create a file share in HLH.Note: If you have already created a file share previously, you do not need to create itagain.

Note: You can perform these steps in OMNM-VM to create a file share in OMNM-VM.

The RegisterJEAConfiguration_<version> folder contains the JEA configuration scriptRegister-JEAConfiguration.ps1. The following table lists all the parameters that you have tospecify in the script.

Table 8 Parameters for Register-JEAConfiguration.ps1 script

Parameter name Mandatory Description

SystemType Yes Specifies the system forwhich you can configure theJEA. It can be HLH, OMNM-VM or OME-VM.

AdminCredential Yes A PSCredential objectcontaining the user name andpassword for theAdministrator account for thesystem.

RemoteUser Yes A PSCredential objectcontaining the user name andpassword for the new account

Configure Just Enough Administration (JEA) on the system


Table 8 Parameters for Register-JEAConfiguration.ps1 script (continued)

Parameter name Mandatory Description

that will be created on thesystem. This account will beadded to the RemoteManagement Users group andprovide access to HLH andOMNM VM JEA endpoints.

Note: To set JEA accountpassword, use upper case,lower case, andalphanumeric charactera.Do not use specialcharacters.

Configuring JEA on HLH, OME VM, and OMNM VMAbout this task

Perform the following steps to configure JEA on HLH, OME VM, and OMNM-VM:

Procedure

1. Open a PowerShell session as Administrator.

2. Navigate to the folder RegisterJEAConfiguration_<version>.

3. Enter the following script:

Note: After running the following commands, you will be prompted for the respectiveAdministrator credentials for HLH, OME-VM, and OMNM-VM. Then you will beprompted for the user name and password for the newly created JEA account. You canchoose any user name for the JEA account (for example, JEAUser). For the JEAaccount password, do not use special characters such as @, #., $, %, ^, and &. You canuse uppercase and lowercase alphanumeric characters. If you have any issues in runningthe JEAConfiguration script, contact Dell EMC Support.

On the HLH Server- .\Register-JEAConfiguration.ps1 -SystemType HLHOn the OME-VM Server- .\Register-JEAConfiguration.ps1 -SystemType OME-VMOn the OMNM-VM Server- .\Register-JEAConfiguration.ps1 -SystemTypeOMNM-VM

4. Enter the new JEA user credentials in the Credentials Pop-up window.

Back to "Configure Just Enough Administration (JEA) on the system"



APPENDIX H

Update OMNM software


l Updating OMNM software.................................................................................................... 94l Importing actions into OMNM...............................................................................................95


Updating OMNM softwareAbout this task

To update the OMNM software to the latest available version in the OMNM VM:Note: This task is applicable to 1906 Microsoft Windows Server HLH OS only. For 1909Microsoft Windows Server HLH OS, OMNM is already updated during the deployment. You donot have to perform this task.

Note: Perform the following steps if your OMNM software version is earlier than the version ofthe OMNM software present in the Customer Toolkit in the following path: <CustomerToolkit Extraction Path>\OMNMSoftwareUpdate-<version>\Dell_OMNM_SingleInstall_Windows_<OMNM version>.exe.

Note: We recommend that you create a checkpoint on the OMNM VM before the softwareupdate process. If any issue occurs during the update process and fails due to any reason, youcan restore to the previous checkpoint. You can delete the checkpoint after the update iscomplete.

Note: To run the switch firmware updates, the OMNM software version must be 6.5.3 or later.

Procedure

1. Copy the folder OMNMSoftwareUpdate-<version> from the Customer Toolkit to theOMNM VM.

The OMNMSoftwareUpdate-<version> folder contains the following files for upgradingthe OMNM software:

l BaselineAuditPolicy.xml—OMNM Baseline Policy file that contains the Audit flagfor the OMNM VM.

l Upgrade-OMNMSoftware.ps1—This script does a silent installation of the OMNMsoftware, merges the OMNM software audit entries to the CI Policy, and updates thenecessary services. After a successful upgrade of the OMNM software, the system isrestarted so that the changes are applied.

l <OMNMSetup.exe>—Latest version of OMNM software.

l Readme.txt—Help file for the OMNM software update.

The following table lists the Upgrade-OMNMSoftware parameters.

Table 9 Upgrade-OMNMSoftware parameters

Parameter name Description

PolicyPath Path where the scripts and Baseline XML arecopied, in this case:C:\OMNMSoftwareUpdate-1.0.1

OMNMExecutionFolder (optional) By default the value is C:\Program Files\OpenManage\Network Manager, this

would be the application folder path ofOMNM Software. For example, C:\ProgramFiles\OpenManage\Network Manager.

This parameter is optional and you canprovide this only if the application path of the



Table 9 Upgrade-OMNMSoftware parameters (continued)

Parameter name Description

OMNM software is different from the defaultvalue mentioned above.

RetryCount (optional) By default, the value is 10 and the script waitsfor 5 minutes to check if the installation iscomplete. Use this value only if required. Forexample if the value is 10, the script will sleepfor 5 minutes 10 times to check for installationprogress.

2. Before running the update process, verify the OMNM software version. Navigate to theOMNM Portal Dashboard and click Manage > Show Versions to get the current runningversion.

3. To place the system into audit mode, open an Administrative PowerShell session and run thefollowing script: C:\OMNMSoftwareUpdate-<Version> to C:\DellEMC-Update\OMNMSoftwareUpdate-<version>

4. After the system is restarted, open an Administrative PowerShell session and rerun thefollowing script: .\Upgrade-OMNMSoftware.ps1 -PolicyPathC:\OMNMSoftwareUpdate-<version>

Note: This step upgrades the OMNM software and restarts the system. This processtakes approximately 20 minutes.

5. After system restart, check that OMNM has updated by performing the following:

a. Open an Administrative PowerShell session and run the following commands:

l ShowStatus

b. After the three services (Application Server, Web Server, and Database Server) areonline and green, click Launch OMNM.

c. After you load the dashboard, click Manage, and then select Show Version.

d. Verify the version matches the version provided in the C:\OMNMSoftwareUpdate-<version> directory

e. After you verify that OMNM is updated, delete the upgrade directory, for example,C:\OMNMSoftwareUpdate-<version>

Importing actions into OMNMBefore you begin

l Install the Dell EMC Patch and Update Automation tool on the OME-VM by following theinstruction inInstalling updates using the Dell EMC Patch and Update Automation section



l Once the Patch and Update Automation tool is installed, ensure that BGPSummaryAction isavailable in the OMNM. If the action is not available, import the BGP Summary action intoOMNM by performing the following steps:

Procedure

1. In OME-VM, go to the path C:\Proram Files (x86)\DellEMC\Patch and UpdateAutomation Tool\PSScripts\Switch and copy the BGPSummaryAction.xml byleveraging the shared folder on the HLH server, see Create a file share in HLH.

2. Log in to the OMNM Portal (for example, http://<OMNM-VMIP>:8080 or https://<OMNM-VMIP>:8443) from OME VM and navigate to Automation/Actions.

3. Select the action you want to import and right-click it. Select Import/Export > Import. TheImport Action(s) window appears.

4.

5. To select the BGPSummaryAction.xml, click Choose File and navigate to the shared folderon the HLH server where the BGPSummaryAction.xml is present.



6. To import the action into OMNM, click Import from Disk.

7. Use Search to verify that the action is imported.

Back to "OMNM software update"



APPENDIX I

Create a File share in HLH server and OMNM-VM


l Create a File share in HLH server and OMNM-VM...............................................................100


Create a File share in HLH server and OMNM-VMAbout this task

Perform the following steps to create a File share in HLH server and OMNM-VM.

Procedure

1. Connect to HLH.

2. In HLH, select any drive and create a folder.

3. Select the folder you created, right click, and go to Properties.

A new window Sharing Properties appears.

4. Select Sharing and then Advanced Sharing.

A new window Advanced Sharing appears.

5. Click Permissions.

A new window Permissions for Share appears.



6. Check out all the check boxes under Permissions for Everyone.

7. Click Apply.

8. Click Apply on the Advanced Sharing window.

9. Click Ok.

You can perform these steps in OMNM-VM to create a file share in OMNM-VM.




APPENDIX J

Setting up Email subscription


l Setting up Email subscription...............................................................................................104


Setting up Email subscriptionAbout this task

Set up the email subscription to receive regular updates on Cloud for Microsoft Azure Stack 14G or13G. Perform the following steps to set up email subscription:

Procedure

1. Navigate to the EMC support site:

l https://support.emc.com/products/42238 for 13G customers

l https://support.emc.com/products/44615 for 14G customers

2. Under the ADVISORIES section, click Manage Advisory Subscription.

3. Select the appropriate parameter to receive alerts and advisory type.

4. Enter the recipient's email ID and click Save.

Setting up Email subscription


https://support.emc.com/products/42238

https://support.emc.com/products/44615

dell emc cloud for microsoft azure stack—patch and update ... · introduction 7 introduction ......

Documents