SC App Controller: Configuration
This is the second part of a series about System Center App Controller. For part one, go here: System Center 2012 App Controller: Introduction, Part 1 – (windowsmanagementexperts.com)
This part will focus on ensuring that you have your VMM environment correctly configured for viewing and deploying virtual machines. Certain things must be set up for it work correctly.
Private Cloud
The first step in post-installation configuration of App Controller is ensuring that you have a private cloud set up. Access rights are defined per private cloud in App Controller. Fortunately, if you do not have private clouds set up, they are fairly straight forward.
In case you don’t know, a “private cloud” is a set of resources assigned to a group. The administrators of this group can allocate their own virtual machines from this set of resources. Essentially, instead of a VMM administrator creating virtual machines for everyone requesting them, the requestors get a set of resources that they can manage as they want.
For information about creating a private cloud, see this blog post: VMM: Private Cloud and Services – (windowsmanagementexperts.com)
The only thing that post does not mention is that you can associate already-provisioned machines to a new private cloud. To do this, right-click on VM and select “Properties”. On the “General” page, there is a box that says “Cloud”. You select the appropriate cloud, and the VM will be assigned there. Note the host must be part of the correct host group for this to work. Hosts can be members of multiple private clouds.
Self-Service User
Even though VMM removed the Self-Service Portal with SCVMM 2012 R2 and rolled everything into App Controller, self-service uses must still be set up for App Controller to work correctly. These users need to have the rights assigned to them that you feel they need to do their job. To create a self-service user group, go to Settings>Security>User Roles. In the ribbon, select “Create User Role” and give it a name. If you have multiple private clouds, you will need to separate self-service user roles, so I suggest naming them something meaningful, such as “Self-Sevice-HR” for the HR administrators.
On the “Profile” screen, select “Application Administrator (Self-Service User)”.
On the “Members” screen, add the appropriate users or groups. This can be individual users or Active Directory groups. Next, for “Scope”, check the private clouds that these self-service users need access to.
Next, you can define quotas for these users. Define those as needed to fit your organizational needs.
Next, add the appropriate VM networks for this group. These are the only VM networks this group will be able to attach to. Next, for “Resources”, add the resources that these users will need. Resources are templates, existing virtual machines, profiles, etc. Also on this screen, define which libraries the user can use.
Finally, assign the correct permissions for this group. These should be assigned according to your company’s policy. You can set them globally, and on the individual cloud.
Disclaimer
All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistant.
