Update Rollup 13 for Windows Azure Pack

View products that this article applies to.

Introduction

This article describes the issues that are fixed in Update Rollup 13 for Windows Azure Pack (WAP). This article also contains the installation instructions for the update rollup.

↑ Back to the top

Issues that are fixed in this update rollup

Issue 1

In an Administrator site, when you try to scale a website to Reserved mode, the scaling is unsuccessful, and you receive the following error message:

The JSON request was too large to be deserialized.
Issue 2

During database creation in a tenant portal, the collation is hard-coded. After you apply this update and the database is created, the collation that's used is that of the instance of Microsoft SQL Server.
Issue 3

When the Internet Information Services (IIS) application pool is set to Enable 32-bit Applications =True, the system repeatedly generates errors and shuts down. Additionally, the following message is logged in the Application log:

The Module DLL c:/windows/system32/inetsrv/UxCertAuthModule.dll failed to load.
Issue 4

Three HTTP headers, x-AspNetMVC-Version, x-AspNet-Version, and x-powered-by, are removed to address security issues. These issues include those that are associated with x-build-version and x-config-version.
Issue 5

After you upgrade to Windows Azure Pack Update Rollup 11, you receive the following error message when you try to add SQL Server 2008 R2 as a hosting server to your Windows Azure Pack environment:

Invalid object name error
Issue 6

With this update, the customer registration wizard is removed.
Issue 7

Several XML serialization issues are fixed.

↑ Back to the top

Known issues

A security vulnerability exists in Update Rollup 13 for Windows Azure Pack (WAP) that causes script injection of certain symbols to bypass portal UI restrictions. The portal UI restricts certain symbols such as greater than ( < ) and less than ( > ) symbols that are needed for “<script>” injection. To resolve this issue, see the following article in the Microsoft Knowledge Base:

4480788 Script injection of certain symbols bypass portal UI restrictions in Update Rollup 13 for Windows Azure Pack

↑ Back to the top

How to obtain and install Update Rollup 13 for Windows Azure Pack

Download information

Update packages for Windows Azure Pack are available from Microsoft Update or by manual download.

Microsoft Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Manual download of the update package

Go to the following website to manually download the update package from the Microsoft Update Catalog:

Download the Windows Azure Pack update package now.

↑ Back to the top

Installation information

Installation instructions

These installation instructions are for the following Windows Azure Pack components:

Tenant site
Tenant API
Tenant Public API
Administration site
Administration API
Authentication
Windows Authentication
Usage
Monitoring
Microsoft SQL
MySQL
Web Application Gallery
Configuration site
Best Practices Analyzer
PowerShell API

To install the update .msi files for each Windows Azure Pack component, follow these steps:

If the system is currently operational (handling customer traffic), schedule downtime for the Azure servers. The Windows Azure Pack doesn't currently support rolling upgrades.
Stop or redirect customer traffic to alternative sites that you consider satisfactory.
Create backups of the computers.

Notes
- If you're using virtual machines, take snapshots of their current state.
- If you're not using virtual machines, back up each MgmtSvc-* folder in the Inetpub directory on each computer that has a WAP component installed.
- Collect information and files that are related to your certificates, host headers, and any port changes.
If you're using your own theme for the Windows Azure Pack Tenant site, see How to Persist a Windows Azure Pack Theme after Microsoft Upgrade before you run the update.
Install the update by running each .msi file on the computer on which the corresponding component is running. For example, run MgmtSvc-AdminAPI.msi on the computer that is running the "MgmtSvc-AdminAPI" site in IIS.
For each node that is under load balancing, run the updates for components in the following order:
1. If you're using the original self-signed certificates that were installed by WAP, the update operation will replace them. You have to export the new certificate and import it to the other nodes that are under load balancing. These certificates have a CN=MgmtSvc-* (self-signed) naming pattern.
2. Update Resource Provider (RP) services (SQL Server, My SQL, SPF/VMM, websites) as necessary. And make sure that the RP sites are running.
3. Update the Tenant API site, Public Tenant API, Administrator API nodes, and Administrator and Tenant Authentication sites.
4. Update the Administrator and Tenant sites.
The scripts to obtain database versions and update databases that are installed by the MgmtSvc-PowerShellAPI.msi are stored in the following location:
C:\Program Files\Management Service\MgmtSvc-PowerShellAPI\Samples\Database

If all components are updated and functioning as expected, you can open the traffic to your updated nodes. Otherwise, see the "Rollback instructions" section.

Note If you're updating from an update rollup that is the same as or earlier than Update Rollup 5 for Windows Azure Pack, follow these instructions to update the WAP database.