Install Windows Azure Pack updates and verify versions
Applies To: Windows Azure Pack
This topic describes how Windows Azure Pack for Windows Server is updated, and how to maintain updates for these required System Center components:
System Center 2012 R2 Virtual Machine Manager
Service Provider Foundation (part of the System Center 2012 R2 Orchestrator component)
For each product, these updates are known as Update 1, Update 2, and so on. All of the updates are delivered as optional Windows Updates except for Windows Azure Pack that is updated automatically. The latest update is Update 4. Each update is cumulative of prior updates so that a new installation requires only the most recent update.
Verifying that each product in your environment gets updated is important.
Windows Azure Pack updates
All of the authentication sites, portals, API services, and extensions that comprise a Windows Azure Pack deployment are updated automatically by Windows Update and require no user intervention. However, please note the following:
The SSL certificates (such as used for Service Provider Foundation) that have been replaced will with certificates from a Certificate Authority will be retained. However if the administrator has not replaced the default auto-generated self-signed SSL certificates with their own certificates, the original SSL certificates may be replaced with new auto-generated self-signed SSL certificates. Having different generated SSL certificates could be an issue with web sites in load balanced clusters because the SSL certificates used across nodes need to match.
The SQL databases used by the services may require manual updates as explained in the knowledge base articles for each update.
The following table contains links to the knowledge base articles for details and manual installation instructions. To determine if you have the most recent update, the version for Windows Azure Pack in Control Panel->Programs is shown as follows:
Windows Azure Pack (links to KB articles) | Version number | Build Date |
---|---|---|
Update Rollup 13.1 | 3.50.48.0 | 11/09/2018 |
Update Rollup 13 | 3.50.45.0 | 05/22/2018 |
Update Rollup 12 | 3.39.8196.0 | 09/18/2017 |
Update Rollup 11 | 3.37.8196.0 | 11/3/2016 |
Update Rollup 10 | 3.33.8196.14 | 7/15/2016 |
Security Update Rollup 9.1 | 3.32.8196.12 | 3/2/2016 |
Update Rollup 8.1 | 3.29.8196.0 | 11/16/2015 |
Update Rollup 8 | 3.28.8196.48 | 10/28/2015 |
Update Rollup 7.1 | 3.27.8196.3 | 8/25/2015 |
Update Rollup 7 | 3.25.8196.75 | 7/31/2015 |
Update Rollup 6 | 3.24.8196.35 | 4/28/2015 |
Update Rollup 5 | 3.22.8196.48 | 2/10/2015 |
Update Rollup 4 | 3.19.8196.21 | 10/21/2014 |
Update Rollup 3 | 3.15.8196.48 | 7/22/2014 |
Update Rollup 2 | 3.14.8196.32 | 4/16/2014 |
Update Rollup 1 | 3.12.8198.0 | 1/20/2014 |
RTM release | 3.10.8198.9 | 9/16/2013 |
Important
Apply the fix for Vulnerability in ASP.NET MVC after Update Rollup 4 to ensure that it has been applied.
Only the following web.config elements are preserved during an update:
- Connection strings (/configuration/connectionStrings)
- App settings (/configuration/appSettings)
- Machine key (/configuration/system.web/machineKey)
Virtual Machine Manager and System Center updates
These updates are received automatically as optional updates for servers that have Virtual Machine Manager installed, both for the server and for the administrator console. To ensure that the updates were installed, in Control Panel->System and Security->Windows Update click Install automatic updates.
The latest update is shown as Update Rollup 4 for Microsoft System Center Virtual Machine Manager Console or Update Rollup 4 for Microsoft System Center Virtual Machine Manager Server.
You must also update the Virtual Machine Manager agents on the computers that are hosts in Virtual Machine Manager. For instructions, see How to Update the VMM Agent [VMM2012_Upgrade_R2].
Also verify that the Service Provider Foundation server has the most recent update for Virtual Machine Manager (only the console is required).
If you need to do a manual installation, see the following knowledge base articles:
Update Rollup 1 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 2 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 4 for System Center 2012 R2 Virtual Machine Manager
Service Provider Foundation Updates
These updates are received automatically as optional updates for servers that have Service Provider Foundation installed. To ensure that the updates were installed, in Control Panel->System and Security->Windows Update click Install automatic updates.
Installed updates for Service Provider Foundation are listed in the installed updates in Control Panel.
If you need to do a manual installation, see the following knowledge base articles:
Update Rollup 1 for System Center 2012 R2 Service Provider Foundation
Update Rollup 2 for System Center 2012 R2 Service Provider Foundation
Update Rollup 4 for System Center 2012 R2 Service Provider Foundation
There was no update rollup 3 for Service Provider Foundation.
Note
For some environments, the Update Rollup 2 for Service Provider Foundation creates a duplicate HTTPS binding. In Internet Information Services (IIS) Manager, select the SPF Web Site, and in the Actions panel click Bindings… to see if there is a duplicate HTTPS binding. If so, remove the second duplicate binding.
Verify versions
You can determine the versions of your Windows Azure Pack installations with the Get-WmiObject Windows PowerShell command. Run the following command on each computer that has a Windows Azure Pack installed, for example:
Get-WmiObject -Class Win32_Product | Where-Object { $_.Name -like "Windows Azure Pack *" } | Format-Table -AutoSize
To determine the versions of your Windows Azure Pack databases, run the following query in SQL Server Management Studio on the SQL Server instance that hosts the Windows Azure Pack databases:
-- WAP database versions
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.Config' AS [Database],
N'Config' AS [Schema], *
FROM [Microsoft.MgmtSvc.Config].[Config].[Version]
UNION
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.PortalConfigStore' AS [Database],
N'Config' AS [Schema],
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]
FROM [Microsoft.MgmtSvc.PortalConfigStore].[Config].[Version]
UNION
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.PortalConfigStore' AS [Database],
N'PortalAspNet' AS [Schema],
N'' AS [Version], [CompatibleSchemaVersion] AS [Major], 0 AS [Minor], 0 AS [Build], 0 AS [Revision], N'' AS [VersionInfo]
FROM [Microsoft.MgmtSvc.PortalConfigStore].[dbo].[aspnet_SchemaVersions]
WHERE [Feature] = N'membership'
UNION
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.Store' AS [Database],
N'Config' AS [Schema],
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]
FROM [Microsoft.MgmtSvc.Store].[Config].[Version]
UNION
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.Store' AS [Database],
N'Management' AS [Schema],
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]
FROM [Microsoft.MgmtSvc.Store].[mp].[Version]
UNION
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.Usage' AS [Database],
N'Usage' AS [Schema],
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]
FROM [Microsoft.MgmtSvc.Usage].[usage].[Version]
UNION
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.WebAppGallery' AS [Database],
N'WebAppGallery' AS [Schema],
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]
FROM [Microsoft.MgmtSvc.WebAppGallery].[WebAppGallery].[Version]
UNION
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.SQLServer' AS [Database],
N'SQLServer' AS [Schema],
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]
FROM [Microsoft.MgmtSvc.SQLServer].[SqlServer].[Version]
UNION
SELECT SERVERPROPERTY(N'ServerName') AS [Server],
N'Microsoft.MgmtSvc.MySQL' AS [Database],
N'MySQL' AS [Schema],
[Version], [Major], [Minor], [Build], [Revision], [VersionInfo]
FROM [Microsoft.MgmtSvc.MySQL].[MySql].[Version]
If the versions of the Windows Azure Pack components do not match the versions of the databases, do one of the following:
Windows Azure Pack component version is less than the database version:
In most cases, the schemas are backwards compatible and but there may be event log warnings about a version mismatch. If this is problematic, you can roll back to a previous deployment as described in the update rollup knowledge base articles.
Windows Azure Pack component version is greater than the database version:
Run the following script as administrator on the servers that contain the MgmtSvc-PowerShellAPI module. These servers include the Usage, Web App Gallery, SQL Server, and MySQL extensions.
Note that this script may need modification for some distributed installations. In particular, the schemas for Usage, WebAppGallery, SQLServer, and MySQL are installed with those components so those portions of the script would need to run on the computers with those components installed.
# Update-WapDatabases Import-Module -Name MgmtSvcConfig function New-SqlConnectionString([string]$masterConnectionString, [string]$database) { $builder = New-Object System.Data.SqlClient.SqlConnectionStringBuilder($masterConnectionString) $builder.Database = $database return $builder.ConnectionString } function Get-WapSchemas([string]$database) { switch ($database) { "Microsoft.MgmtSvc.Config" { @("Config") } "Microsoft.MgmtSvc.MySQL" { @("MySQL") } "Microsoft.MgmtSvc.PortalConfigStore" { @("Config","PortalAspNet","PortalNotification") } "Microsoft.MgmtSvc.SQLServer" { @("SQLServer") } "Microsoft.MgmtSvc.Store" { @("Config","Management") } "Microsoft.MgmtSvc.Usage" { @("Usage") } "Microsoft.MgmtSvc.WebAppGallery" { @("WebAppGallery") } default { throw New-Object System.ArgumentOutOfRangeException($database) } } } # Prompt for the SQL Server name: $sName = Read-Host "Specify the name of the SQL Server that hosts the Windows Azure Pack databases." $wapMasterConnectionString = "Server=" + $sName + ";Database=master;Integrated Security=True" $wapDatabaseNames = (Get-MgmtSvcDefaultDatabaseName).DefaultDatabaseName foreach ($wapDatabaseName in $wapDatabaseNames) { $wapConnectionString = New-SqlConnectionString -masterConnectionString $wapMasterConnectionString -database $wapDatabaseName Write-Verbose -Message "Connection string: $wapConnectionString" -Verbose $wapSchemas = Get-WapSchemas -database $wapDatabaseName foreach ($wapSchema in $wapSchemas) { $wapSchema = Get-MgmtSvcSchema -Schema $wapSchema if ($wapSchema) { Write-Verbose -Message "BEGIN UPDATE database '$wapDatabaseName' schema '$wapSchema'." -Verbose Install-MgmtSvcDatabase -ConnectionString $wapConnectionString -Schema $wapSchema Write-Verbose -Message "END UPDATE database '$wapDatabaseName' schema '$wapSchema'." -Verbose $version = Test-MgmtSvcDatabase -ConnectionString $wapConnectionString -Schema $wapSchema Write-Output "Version: database '$wapDatabaseName' schema '$wapSchema' version $version" } } }