Managing Workgroup Hosts Using Virtual Machine Manager 2008

I could see from my blog statistics that there was a lot of interest in managing workgroup hosts using VMM 2008.  The hosts that I manage are in our management network forest so that makes things pretty simple.  However, I just hit a scenario where I might prefer to run workgroup hosts or hosts in an un-trusted domain/forest.

It’s a solution that is possible.  A little judicious searching dug up pages on TechNet that gives the host requirements and the step-by-steps.  Here’s a summary:

  • Identify the ports used by your installation of VMM 2008.  You’ll need to open these on the firewall (host outbound and/or network) and enter them on the manual agent installation.
  • Get the IP address of the host.  You’ll either need to add this to the un-trusted network’s DNS or enter it in the manual installation.  You might consider using the local hosts file too (more work).
  • Manually install the agent by running setup.exe.
  • Choose a local agent installation.
  • You can accept the default ports if that’s what you used when installing VMM 2008 or enter non-default ones if that’s what you used.
  • On the security folder page, choose "This host is on a perimeter network", even if it isn’t.  This is for workgroup solutions too.
  • Enter and confirm the encryption key.  You’ll want to record this for when you add the host to VMM.
  • Enter the name/IP address of the VMM server.  If you use the name of the VMM server then ensure it can resolve correctly.  This requires either DNS or an updated local hosts file.
  • Copy %SystemRoot%Program FilesMicrosoft System Center Virtual Machine Manager 2008SecurityFile.txt to a location accesible on the VMM server for when you add the host machine.  You’ll need it to add the host.

Now, add the "perimeter" host on the VMM server.  Use the recorded encryption key and the security file.  Fire up the add host wizard.  Enter the encryption key and the location of the security file as required.

I’d recommend having a separate group for these hosts but that all depends on your security and administration models.  You need to create these folders before starting the wizard.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.