I have previously looked at Window Admin centre (WAC) tech preview and wanted to configure the latest full release, to see what changes have been made and do a proof of concept to see if this will be useful if it is deployed to our production environment.
PowerShell version 5.1 is required on servers that will be added to WAC and will need Window Management Framework (WMF) 5.1 installed, some will require additional steps also. See list below for required pre-req before they can be managed in WAC.
- Windows Server 2012 and 2012 R2
- Windows Server 2008 R2
- Microsoft Hyper-V Server 2016
- Microsoft Hyper-V Server 2012 R2
https://www.microsoft.com/en-us/download/details.aspx?id=54616
Windows Admin Centre uses SMB for some file copying tasks, such as when importing a certificate on a remote servers.
Once all pre-req are confirmed, we can go ahead and download Windows Admin centre.
Once the MSI is downloaded run and following the installation 
Accept the terms.
I used the default settings but you can enable WinRM over https if you have certificates that have server authentication set. If you want to look at configuring WinRM over https see following link: https://support.microsoft.com/en-us/help/2019527/how-to-configure-winrm-for-https
I will use default port 443 and generate a self signed cert, if you have a certificate authority you can generate a cert that can be used for gateway. 
Once the install is completed you can access the Windows Admin Centre URL using https://servername.
To add a server click Add. 
Click search active directory and put in the server name. 
Once the server is added it will show in the admin console. To connect click on the server and connect. 
When connecting to servers, to allow single sign on there is an additional command that need’s to be run. If this is not done you will see the below warning when connecting.
I updated the command to run on all servers in AD, as I didn’t want to have to run on each individually.
$Servers = Get-ADComputer -Filter “OperatingSystem -like ‘Windows Server*'”
$WAC = “LAB-WAC”
Foreach ($Server in $Servers){
Set-ADComputer -Identity $Server -PrincipalsAllowedToDelegateToAccount (Get-ADComputer $WAC)
}
The above command adds the admin server to the below attribute. 
Once this has been done when you click connect it should now use SSO. 
We can now manage the servers from a central console without having to logon individually to each server. In the next post we will go through the different options and settings in Windows Admin Centre.
TheSleepyAdmins 