Management

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 772 other subscribers

Social

  • LinkedIn
  • RSS Feed for Posts
  • Twitter
  • StumbleUpon

Delegate Hyper-V Access Control and Management through Authorization Manager (azman.msc)

A few weeks ago I had to delegate access control for Hyper-V.

Due to a dysfunctional System Center Virtual Machine Manger, we had to change to a different kind of security.

Therefore we used Authorization Manager :

Preparations

Add the necessary groups to the active directory prior to the installation,

Add the appropriate users to the groups

 

Configuring the Authorization Manager

Azman (1)

First startup Azman : azman.msc

Azman (2)

Standard error don’t worry.

Azman (3)

Click right button and select Open Authorization Store

Azman (4)

Select XML and add this location :
C:\ProgramData\Microsoft\Windows\Hyper-V\InitialStore.xml,

Azman (5)

Standard there are 2 Role definitions

 

Task Definitions

Azman (6)

Add a New Task Definition

Azman (7)

Give this task a Name and select Add

Azman (8)

Click OK

Azman (9)

On the Tab Operations select al the required options for this Task

Azman (10)

Click OK and Add all the tasks you need

 

Role Definitions

Azman (11)

Click right and select New Role Definition

Azman (12)

Add a preferred name and click on Add

Azman (13)

On the tab Tasks select the preferred task, en click OK

Azman (14)

Click OK

Execute these actions for all roles

 

Role Assignment

Azman (15)

As you can see, some of the Role Definitions aren’t listed under Role Assignments

Azman (16)

Select New Role Assignment

Azman (17)

Select all of the roles, you need to use

Azman (18)

Select Assign Users and Groups => From Windows and Active Directory

Azman (20)

Put the group name, and select Check names

Azman (19)

Select the preferred group

Azman (21)

Click OK

Azman (22)

Follow these steps for every Role assignment

Enjoy Hyper-V !