1
00:00:00,440 --> 00:00:03,970
[Autogenerated] Now the exam might ask you about updating the certificate if we

2
00:00:03,970 --> 00:00:06,600
come in here and look at the properties of the connection.

3
00:00:06,600 --> 00:00:09,720
It is a secure connection but we're using a self signed

4
00:00:09,720 --> 00:00:12,620
certificate that has no certification path.

5
00:00:12,620 --> 00:00:15,740
Besides after 60 days it's not going to work anyway.

6
00:00:15,740 --> 00:00:20,490
So what you'll want to do is install the appropriate TLS SsL certificate

7
00:00:20,490 --> 00:00:25,740
in the local computer certificate store on your server and what you'll

8
00:00:25,740 --> 00:00:28,620
need is the thumbprint of that certificate.

9
00:00:28,620 --> 00:00:32,880
So if we go to details, thumb print and copy that data out,

10
00:00:32,880 --> 00:00:36,080
we then can rerun the package.

11
00:00:36,080 --> 00:00:36,420
Okay,

12
00:00:36,420 --> 00:00:41,200
step through next and we'll do a change and we can use are locally

13
00:00:41,200 --> 00:00:45,790
installed Gateway ssL certificate here by pasting the thumbprint and

14
00:00:45,790 --> 00:00:48,110
clicking change to commit that change,

15
00:00:48,110 --> 00:00:52,530
click finish Now if I do a hard refresh it's giving me a not secure

16
00:00:52,530 --> 00:00:55,960
error because I actually kind of cheated a little bit.

17
00:00:55,960 --> 00:00:59,960
I am using my own certificate here but if we take a look at it,

18
00:00:59,960 --> 00:01:02,320
it's just another self signed certificate.

19
00:01:02,320 --> 00:01:03,640
But that's the idea,

20
00:01:03,640 --> 00:01:06,180
that's the exam alert and certainly that's important

21
00:01:06,180 --> 00:01:08,340
from a real world perspective as well.

22
00:01:08,340 --> 00:01:11,680
Last thing I want to demo here is show you how you can begin to integrate

23
00:01:11,680 --> 00:01:14,560
your Windows Admin center with your Azure subscription.

24
00:01:14,560 --> 00:01:16,310
So from the all connections view,

25
00:01:16,310 --> 00:01:20,940
if we go to add and scroll down to Azure VMS when you click add

26
00:01:20,940 --> 00:01:24,320
the first thing you'll be required to do is register your Windows

27
00:01:24,320 --> 00:01:26,340
admin center instance with Azure.

28
00:01:26,340 --> 00:01:30,930
So let's click and we'll copy our authentication code here and do a

29
00:01:30,930 --> 00:01:35,830
browser based device log on flow let me click next I'll provide my

30
00:01:35,830 --> 00:01:38,500
Azure Active Directory credentials, password,

31
00:01:38,500 --> 00:01:39,250
confirm that?

32
00:01:39,250 --> 00:01:43,570
Yes, I'm trying to sign into the admin center now I can close this window,

33
00:01:43,570 --> 00:01:47,100
verify my tenant id and determine what kind of

34
00:01:47,100 --> 00:01:49,250
service principle we're going to use,

35
00:01:49,250 --> 00:01:52,760
I'm going to choose create new in this case and this is going

36
00:01:52,760 --> 00:01:55,260
to create a service principal identity,

37
00:01:55,260 --> 00:01:58,480
basically a registered application for this instance,

38
00:01:58,480 --> 00:02:02,450
this gateway instance of Windows Admin center and it will then have

39
00:02:02,450 --> 00:02:05,750
privileges or be able to delegate on your behalf.

40
00:02:05,750 --> 00:02:10,180
You're signed in privileges into Azure so let's click connect, click sign in.

41
00:02:10,180 --> 00:02:11,370
If you get an error,

42
00:02:11,370 --> 00:02:15,290
you may need to go over to the settings page and make sure that you've

43
00:02:15,290 --> 00:02:18,560
consented preferably on behalf of your organization,

44
00:02:18,560 --> 00:02:21,480
the access that as your active directory needs from you.

45
00:02:21,480 --> 00:02:22,760
So now that I've done that,

46
00:02:22,760 --> 00:02:26,670
let me come back to all connections and let's try the Azure

47
00:02:26,670 --> 00:02:30,250
VM connection one more time I'll browse to my subscription

48
00:02:30,250 --> 00:02:33,040
my at 800 R G resource group.

49
00:02:33,040 --> 00:02:37,240
I now have access to my various virtual machines I'm going to grab VM

50
00:02:37,240 --> 00:02:41,260
to in this case and I can connect either via private or public

51
00:02:41,260 --> 00:02:43,670
endpoint depending upon how I've configured it.

52
00:02:43,670 --> 00:02:46,950
I'm going over the internet so I'm going to need the public endpoint

53
00:02:46,950 --> 00:02:51,450
although I started us here by attempting to add an Azure VM I really if I

54
00:02:51,450 --> 00:02:56,180
were to do this over again would have you go to settings first account and

55
00:02:56,180 --> 00:03:01,170
sign into Azure consent on behalf of your organization and then come back

56
00:03:01,170 --> 00:03:06,000
and go ahead and add in the Azure VM. It's a cleaner way to do it.