System Center 2012 App Controller: Configuration, Part 2

SC App Controller: Configuration

This is the second part of a series about System Center App Controller. For part one, go here: System Center 2012 App Controller: Introduction, Part 1 – (

This part will focus on ensuring that you have your VMM environment correctly configured for viewing and deploying virtual machines. Certain things must be set up for it work correctly.

Private Cloud

The first step in post-installation configuration of App Controller is ensuring that you have a private cloud set up. Access rights are defined per private cloud in App Controller. Fortunately, if you do not have private clouds set up, they are fairly straight forward.

In case you don’t know, a “private cloud” is a set of resources assigned to a group. The administrators of this group can allocate their own virtual machines from this set of resources. Essentially, instead of a VMM administrator creating virtual machines for everyone requesting them, the requestors get a set of resources that they can manage as they want.

For information about creating a private cloud, see this blog post: VMM: Private Cloud and Services – (

The only thing that post does not mention is that you can associate already-provisioned machines to a new private cloud. To do this, right-click on VM and select “Properties”. On the “General” page, there is a box that says “Cloud”. You select the appropriate cloud, and the VM will be assigned there. Note the host must be part of the correct host group for this to work. Hosts can be members of multiple private clouds.

Self-Service User

Even though VMM removed the Self-Service Portal with SCVMM 2012 R2 and rolled everything into App Controller, self-service uses must still be set up for App Controller to work correctly. These users need to have the rights assigned to them that you feel they need to do their job. To create a self-service user group, go to Settings>Security>User Roles. In the ribbon, select “Create User Role” and give it a name. If you have multiple private clouds, you will need to separate self-service user roles, so I suggest naming them something meaningful, such as “Self-Sevice-HR” for the HR administrators.

On the “Profile” screen, select “Application Administrator (Self-Service User)”.


On the “Members” screen, add the appropriate users or groups. This can be individual users or Active Directory groups. Next, for “Scope”, check the private clouds that these self-service users need access to.


Next, you can define quotas for these users. Define those as needed to fit your organizational needs.


Next, add the appropriate VM networks for this group. These are the only VM networks this group will be able to attach to. Next, for “Resources”, add the resources that these users will need. Resources are templates, existing virtual machines, profiles, etc. Also on this screen, define which libraries the user can use.


Finally, assign the correct permissions for this group. These should be assigned according to your company’s policy. You can set them globally, and on the individual cloud.



All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistant.



Contact Us

On Key

More Posts

WME Cybersecurity Briefings No. 005
Cyber Security

WME Security Briefing 15 April 2024

E-Commerce Security Alert: Unveiling Magecart’s Persistent Backdoor Overview Malicious activities by Magecart attackers have been reported. They are targeting Shopify’s content delivery network (CDN) by creating fake Shopify stores. The backdoor method has enabled them to

Read More »
WME Cybersecurity Briefings No. 004
Cyber Security

WME Security Briefing 11 April 2024

Mispadu Trojan Exploits Windows Vulnerability to Target Financial Data Overview The Mispadu banking trojan has intensified its operations as it’s exploiting an already patched Windows SmartScreen flaw. Since its initial identification in 2019, Mispadu has primarily preyed on

Read More »
WME Cybersecurity Briefings No. 003
Cyber Security

WME Security Briefing 29 March 2024

Russian hackers escalating their cyber warfare, deploying TinyTurla-NG to breach European NGOs. Cisco Talos reveals a targeted attack against organizations advocating democracy and supporting Ukraine. With their sophisticated methods, these cyber attackers are bypassing antivirus defenses

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.