Install Windows Azure Pack updates and verify versions

 

Updated: November 29, 2016

Applies To: Windows Azure Pack

This topic describes how Windows Azure Pack for Windows Server is updated, and how to maintain updates for these required System Center components:

  • System Center 2012 R2 Virtual Machine Manager

  • Service Provider Foundation (part of the System Center 2012 R2 Orchestrator component)

For each product, these updates are known as Update 1, Update 2, and so on. All of the updates are delivered as optional Windows Updates except for Windows Azure Pack that is updated automatically. The latest update is Update 4. Each update is cumulative of prior updates so that a new installation requires only the most recent update.

Verifying that each product in your environment gets updated is important.

All of the authentication sites, portals, API services, and extensions that comprise a Windows Azure Pack deployment are updated automatically by Windows Update and require no user intervention. However, please note the following:

  • The SSL certificates (such as used for Service Provider Foundation) that have been replaced will with certificates from a Certificate Authority will be retained. However if the administrator has not replaced the default auto-generated self-signed SSL certificates with their own certificates, the original SSL certificates may be replaced with new auto-generated self-signed SSL certificates. Having different generated SSL certificates could be an issue with web sites in load balanced clusters because the SSL certificates used across nodes need to match.

  • The SQL databases used by the services may require manual updates as explained in the knowledge base articles for each update.

The following table contains links to the knowledge base articles for details and manual installation instructions. To determine if you have the most recent update, the version for Windows Azure Pack in Control Panel->Programs is shown as follows:

Windows Azure Pack (links to KB articles)Version numberBuild Date
Update Rollup 113.37.8196.011/3/2016
Update Rollup 103.33.8196.147/152016
Security Update Rollup 9.13.32.8196.123/2/2016
Update Rollup 8.13.29.8196.011/16/2015
Update Rollup 83.28.8196.4810/28/2015
Update Rollup 7.13.27.8196.38/25/2015
Update Rollup 73.25.8196.757/31/2015
Update Rollup 63.24.8196.354/28/2015
Update Rollup 53.22.8196.482/10/2015
Update Rollup 43.19.8196.2110/21/2014
Update Rollup 33.15.8196.487/22/2014
Update Rollup 23.14.8196.324/16/2014
Update Rollup 13.12.8198.01/20/2014
RTM release3.10.8198.99/16/2013
System_CAPS_ICON_important.jpg Important

Apply the fix for Vulnerability in ASP.NET MVC after Update Rollup 4 to ensure that it has been applied.

Only the following web.config elements are preserved during an update:

  • Connection strings (/configuration/connectionStrings)
  • App settings (/configuration/appSettings)
  • Machine key (/configuration/system.web/machineKey)

These updates are received automatically as optional updates for servers that have Virtual Machine Manager installed, both for the server and for the administrator console. To ensure that the updates were installed, in Control Panel->System and Security->Windows Update click Install automatic updates.

The latest update is shown as Update Rollup 4 for Microsoft System Center Virtual Machine Manager Console or Update Rollup 4 for Microsoft System Center Virtual Machine Manager Server.

You must also update the Virtual Machine Manager agents on the computers that are hosts in Virtual Machine Manager. For instructions, see How to Update the VMM Agent [VMM2012_Upgrade_R2].

Also verify that the Service Provider Foundation server has the most recent update for Virtual Machine Manager (only the console is required).

If you need to do a manual installation, see the following knowledge base articles:

These updates are received automatically as optional updates for servers that have Service Provider Foundation installed. To ensure that the updates were installed, in Control Panel->System and Security->Windows Update click Install automatic updates.

Installed updates for Service Provider Foundation are listed in the installed updates in Control Panel.

If you need to do a manual installation, see the following knowledge base articles:

There was no update rollup 3 for Service Provider Foundation.

System_CAPS_ICON_note.jpg Note

For some environments, the Update Rollup 2 for Service Provider Foundation creates a duplicate HTTPS binding. In Internet Information Services (IIS) Manager, select the SPF Web Site, and in the Actions panel click Bindings… to see if there is a duplicate HTTPS binding. If so, remove the second duplicate binding.

You can determine the versions of your Windows Azure Pack installations with the Get-WmiObject Windows PowerShell command. Run the following command on each computer that has a Windows Azure Pack installed, for example:

Get-WmiObject -Class Win32_Product | Where-Object { $_.Name -like "Windows Azure Pack *" } | Format-Table -AutoSize  
  

To determine the versions of your Windows Azure Pack databases, run the following query in SQL Server Management Studio on the SQL Server instance that hosts the Windows Azure Pack databases:

-- WAP database versions  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.Config' AS [Database],  
N'Config' AS [Schema], *  
FROM [Microsoft.MgmtSvc.Config].[Config].[Version]  
UNION  
  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.PortalConfigStore' AS [Database],  
N'Config' AS [Schema],  
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]  
FROM [Microsoft.MgmtSvc.PortalConfigStore].[Config].[Version]  
UNION  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.PortalConfigStore' AS [Database],  
N'PortalAspNet' AS [Schema],  
N'' AS [Version], [CompatibleSchemaVersion] AS [Major], 0 AS [Minor], 0 AS [Build], 0 AS [Revision], N'' AS [VersionInfo]  
FROM [Microsoft.MgmtSvc.PortalConfigStore].[dbo].[aspnet_SchemaVersions]  
WHERE [Feature] = N'membership'  
UNION  
  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.Store' AS [Database],  
N'Config' AS [Schema],  
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]  
FROM [Microsoft.MgmtSvc.Store].[Config].[Version]  
UNION  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.Store' AS [Database],  
N'Management' AS [Schema],  
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]  
FROM [Microsoft.MgmtSvc.Store].[mp].[Version]  
UNION  
  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.Usage' AS [Database],  
N'Usage' AS [Schema],  
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]  
FROM [Microsoft.MgmtSvc.Usage].[usage].[Version]  
UNION  
  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.WebAppGallery' AS [Database],  
N'WebAppGallery' AS [Schema],  
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]  
FROM [Microsoft.MgmtSvc.WebAppGallery].[WebAppGallery].[Version]  
UNION  
  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.SQLServer' AS [Database],  
N'SQLServer' AS [Schema],  
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]  
FROM [Microsoft.MgmtSvc.SQLServer].[SqlServer].[Version]  
UNION  
  
SELECT SERVERPROPERTY(N'ServerName') AS [Server],  
N'Microsoft.MgmtSvc.MySQL' AS [Database],  
N'MySQL' AS [Schema],  
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]  
FROM [Microsoft.MgmtSvc.MySQL].[MySql].[Version]  

If the versions of the Windows Azure Pack components do not match the versions of the databases, do one of the following:

  • Windows Azure Pack component version is less than the database version:

    In most cases, the schemas are backwards compatible and but there may be event log warnings about a version mismatch. If this is problematic, you can roll back to a previous deployment as described in the update rollup knowledge base articles.

  • Windows Azure Pack component version is greater than the database version:

    Run the following script as administrator on the servers that contain the MgmtSvc-PowerShellAPI module. These servers include the Usage, Web App Gallery, SQL Server, and MySQL extensions.

    Note that this script may need modification for some distributed installations. In particular, the schemas for Usage, WebAppGallery, SQLServer, and MySQL are installed with those components so those portions of the script would need to run on the computers with those components installed.

    # Update-WapDatabases  
    Import-Module -Name MgmtSvcConfig  
    
    function New-SqlConnectionString([string]$masterConnectionString, [string]$database)  
    {  
        $builder = New-Object System.Data.SqlClient.SqlConnectionStringBuilder($masterConnectionString)  
        $builder.Database = $database  
        return $builder.ConnectionString  
    }  
    function Get-WapSchemas([string]$database)  
    {  
        switch ($database)  
        {  
            "Microsoft.MgmtSvc.Config"            { @("Config") }  
            "Microsoft.MgmtSvc.MySQL"             { @("MySQL") }  
            "Microsoft.MgmtSvc.PortalConfigStore" { @("Config","PortalAspNet","PortalNotification") }  
            "Microsoft.MgmtSvc.SQLServer"         { @("SQLServer") }  
            "Microsoft.MgmtSvc.Store"             { @("Config","Management") }  
            "Microsoft.MgmtSvc.Usage"             { @("Usage") }  
            "Microsoft.MgmtSvc.WebAppGallery"     { @("WebAppGallery") }  
            default { throw New-Object System.ArgumentOutOfRangeException($database) }  
        }  
    }  
    
    # Prompt for the SQL Server name:   
    $sName = Read-Host "Specify the name of the SQL Server that hosts the Windows Azure Pack databases."  
    
    $wapMasterConnectionString = "Server=" + $sName + ";Database=master;Integrated Security=True"  
    
    $wapDatabaseNames = (Get-MgmtSvcDefaultDatabaseName).DefaultDatabaseName  
    foreach ($wapDatabaseName in $wapDatabaseNames)  
    {  
        $wapConnectionString = New-SqlConnectionString -masterConnectionString $wapMasterConnectionString -database $wapDatabaseName  
        Write-Verbose -Message "Connection string: $wapConnectionString" -Verbose  
    
        $wapSchemas = Get-WapSchemas -database $wapDatabaseName  
        foreach ($wapSchema in $wapSchemas)  
        {  
            $wapSchema = Get-MgmtSvcSchema -Schema $wapSchema  
            if ($wapSchema)  
            {  
                Write-Verbose -Message "BEGIN UPDATE database '$wapDatabaseName' schema '$wapSchema'." -Verbose  
                Install-MgmtSvcDatabase -ConnectionString $wapConnectionString -Schema $wapSchema  
                Write-Verbose -Message "END UPDATE database '$wapDatabaseName' schema '$wapSchema'." -Verbose  
                $version = Test-MgmtSvcDatabase -ConnectionString $wapConnectionString -Schema $wapSchema  
                Write-Output "Version: database '$wapDatabaseName' schema '$wapSchema' version $version"  
            }  
        }  
    }  
    
    
    

Deploy Windows Azure Pack for Windows Server

Show: