✨ Documentation

• 1: Overview
• 2: Getting Started
• 2.1: Prerequisites
• 2.2: SSM agent
• 2.3: Cloudformation deployment
• 2.4: Terraform deployment
• 3: Architecture
• 3.1: Supported AWS regions
• 4: Concepts
• 5: Setup Wizard
• 5.1: Active Directory prerequisites
• 5.2: Active Directory authentication setup
• 5.3: Local authentication setup
• 6: Main interface
• 6.1: Login page
• 6.2: Main dashboard
• 6.3: Settings page
• 6.4: Logs page
• 6.5: Help page
• 6.6: Instance details
• 6.6.1: Instance informations
• 6.6.2: Diagnostic tools
• 6.6.3: Software setup page
• 6.6.4: Performance page
• 6.6.5: Disks usage page
• 6.6.6: Local groups page
• 6.6.7: Local users page
• 6.6.8: Applications page
• 6.6.9: Updates page
• 6.6.10: Processes page
• 6.6.11: Roles and Features page
• 6.6.12: Services page
• 6.6.13: Windows Event Logs page
• 7: Beta feedback form
• 8: Knowledge base
• 8.1: Reset secrets
• 8.2: Delayed start

1 - Overview

Ohlala Operations simplifies the management of Windows servers on Amazon EC2 by automating routine tasks, improving reliability, and reducing operational overhead.

Key Features

• Automated Task Execution: Schedule and run maintenance tasks, patches, and updates across Windows EC2 instances.
• System Monitoring: Collect and analyze event logs, process metrics, and service status.
• Simplified Management: A web-based interface for easy control of automation workflows.
• Seamless AWS Integration: Designed to run natively within AWS.

Benefits

• Reduce Manual Work: Automate repetitive tasks and free up IT resources.
• Faster Issue Resolution: Quickly diagnose and remediate problems.
• Enhanced Security & Compliance: Keep Windows EC2 instances up-to-date and aligned with policies.
• Optimized Performance: Maintain system health through proactive automation.

Get Started

Ohlala Operations is available on the AWS Marketplace and can be deployed in just a few clicks.

For installation guides and configuration details, check out the full documentation.

Where should I go next?

Give your users next steps from the Overview. For example:

• Getting Started: Get started with Ohlala Operations for Amazon EC2

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

2 - Getting Started

Note: The beta is currently available only in the us-east-1 and eu-west-1 AWS regions.

Before deploying Ohlala Operations for Amazon EC2, ensure you have the following:

• An AWS account that has been granted access to the beta AMI.
• One or more Windows EC2 instances to manage.
• AWS Systems Manager Agent (SSM Agent) installed and running on your instances (recommended for remote execution).

Request Access

To participate in the beta program, request access by emailing contact@ohlala.cloud with your AWS account ID. Once approved, you will receive details on how to launch the AMI.

Deployment Options

You can deploy Ohlala Operations for Amazon EC2 using one of the following methods:

1. Terraform Deployment

This is documented in the following section: Terraform Deployment

2. CloudFormation Deployment

This is documented in the following section: Cloudformation Deployment

First Steps

• Access the Web Interface: Open the ALB public URL in your browser provided as output of Terraform or CLoudformation.
• View Your Windows EC2 Instances: The system automatically detects and lists your instances.
• Run Your First Task: Test automation by executing a simple task like retrieving system logs.

Troubleshooting

If you encounter issues:

• Ensure your AWS account has been granted access to the AMI.
• Verify that your EC2 instances have the correct IAM roles.
• Check that AWS Systems Manager Agent is installed and running.
• Review logs for any error messages.

Next Steps

Deploy the solution either using CloudFormation Deployment or Terraform deployment.

Explore the full capabilities of Ohlala Operations for Amazon EC2 by setting up automation workflows and optimizing your Windows EC2 management.

For assistance, contact contact@ohlala.cloud.

Feel free to send any feedback you may have on this feedback form.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

2.1 - Prerequisites

You will need an AWS Account and sufficient IAM permissions to deploy the CloudFormation template or the terraform stack.

A VPC is required with at least two public subnets. See the Architecture page for more details.

Ohlala Automation for Amazon EC2 requires access to AWS Systems Manager service either through internet using an Internet Gateway or a VPC endpoint AWS Documentation.

An EC2 key pair is required.

You’ll also probably need a couple of Windows Server EC2 to test the features from the beta version. You need the AWS SSM agent installed on those EC2.

2.2 - SSM agent

Ohlala Operations for Amazon EC2 relies on the AWS Systems Manager (SSM) Agent to manage Windows EC2 instances effectively. The SSM Agent enables Systems Manager to update, manage, and configure these resources.

Inclusion in AWS AMIs

The SSM Agent is preinstalled on several Amazon Machine Images (AMIs) provided by AWS. Notably, it is included in:

• Windows Server 2012 R2: AMIs published in November 2016 or later.
• Windows Server 2016, 2019, 2022, and 2025: All standard versions (excluding Nano versions).

For a comprehensive list of AMIs with the SSM Agent preinstalled, refer to the AWS documentation.

Network Prerequisites

To ensure proper communication between the SSM Agent and AWS Systems Manager, consider the following network requirements:

• Outbound Internet Access: The SSM Agent requires outbound access to the internet to communicate with the Systems Manager service. If your instances do not have direct internet access, you can set up VPC endpoints to facilitate this communication.

• Instance Metadata Service (IMDS): The SSM Agent utilizes the Instance Metadata Service. Ensure that your instances can access the IPv4 address 169.254.169.254. Both IMDSv1 and IMDSv2 are supported.

• No Inbound Ports Required: The SSM Agent initiates all communication with the Systems Manager service; therefore, no inbound ports need to be opened in your instance’s security group for Systems Manager functionality.

For detailed technical information about the SSM Agent, including installation and configuration guidance, visit the AWS Systems Manager User Guide.

IAM Instance Profiles

Typically, managing EC2 instances with AWS Systems Manager requires attaching an IAM instance profile to each instance to grant necessary permissions. However, Ohlala Operations for Amazon EC2 simplifies this process by configuring the Default Host Management Configuration (DHMC) by default. This approach eliminates the need for manual instance profile assignment, ensuring that Systems Manager has the required permissions to manage all instances in your AWS account and region. For more information, refer to the AWS documentation on DHMC.

For detailed technical information about the SSM Agent, including installation and configuration guidance, visit the AWS Systems Manager User Guide.

Default Host Management Configuration (DHMC)

Please note that AWS Systems Manager DHMC requires SSM Agent version > 3.2.582.0. This is not mandatory but will ease configuration of your EC2 instances.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

2.3 - Cloudformation deployment

Prerequisites

Before deploying Ohlala Operations for Amazon EC2, you will need:

• An existing key pair
• A VPC with at least two subnets to deploy the Elastic Load balancer. You will need to have access to these network to access Ohlala Operations for Amazon EC2

Download the cloudformation template

Our cloudformation template is available at: cloudformation-stack.

Either use git to clone the repository or download it from the gitlab interface.

Deploy Ohlala Operations for Amazon EC2 to your AWS account

Open your AWS console and navigate to the Cloudformation console. Make sure you’re logged in to the correct AWS account and using the correct region.

Click Create stack.

Selecting the template

Select Choose an existing template and Upload a template file.

Choose the cloudformation template.yaml file provided on the gitlab repository.

Click Next.

Stack parameters

Give a name to your stack deployment.

Select an instance type. For small to medium size (i.e. most deployment), t3.medium is recommended.

Select an existing EC2 key pair (this is mandatory for AWS marketplace products).

Select your VPC from the drop down menu.

Enter the CIDR allowed to connect to the public ALB of Ohlala Operations for Amazon EC2. Please be vigilant and enter a limited range.
We suggest having a look at your public IP address on https://api.ipify.org. The default mask for one IP address is /32 as per the screenshot.

Finally, enter two different subnets from the drop down menus.

Additional parameters

Feel free to review the next page to comply with your company deployment policy.

Tick the box at the bottom of the page to acknowledge the deployment of IAM roles and policies.

Final review

Review all the settings and click Submit.

Follow-up

You can monitor the status of your stack in the cloudformation console.

It should finally show a status of CREATE_COMPLETE.

Output

The cloudformation stack provides the URL of your load balancer in the Outputs tab. Go ahead an open this link in a new tab (please allow a few minutes for the web interface to start up).

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

2.4 - Terraform deployment

Download the terraform stack

Our terraform stack is available at https://gitlab.com/ohlala-automation-solutions-public/beta/terraform-stack or you can directly download the zip file.

Clone the repository locally.

Instructions

Please have a look through the readme or the code of the repository. You will see what resources are deployed and what parameters are needed.

You can download terraform from their website.

Deployment

Open your favorite shell and navigate to the root folder of the repository.

Initialize the repository:

terraform init

The output should look something like this:

Initializing the backend...
Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Reusing previous version of hashicorp/random from the dependency lock file
- Using previously-installed hashicorp/aws v5.91.0
- Using previously-installed hashicorp/random v3.7.1

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

View planned changes:

terraform plan

The output should look something like this:

...
Plan: 56 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + ohlala_url = (known after apply)

Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.

Apply changes if the resources in the plan looks fine to you:

terraform apply

The output should look something like this:

...
Apply complete! Resources: 56 added, 0 changed, 0 destroyed.

Outputs:

ohlala_url = "http://ohlala20250328133845277200000011-xxxxxxx.eu-west-1.elb.amazonaws.com"

N.B.: there are more advanced usage of terraform that may better suit your needs.

Parameters

We suggest you create our own beta.auto.tfvars file and fill the required parameters.

Here is an example of what it may look like:

region        = "us-east-1"
vpc_id        = "vpc-05cbdfebd347a329d"
subnets       = ["subnet-05c070af686daf105", "subnet-059ec56900f58b340"]
inbound_cidr  = "88.170.94.38/32"
instance_type = "t3.medium"
key_name      = "etienne-test"

region

Please enter the AWS region you will be using for your deployment. For the beta program, we plan on only releasing our AMI in us-east-1 and eu-west-1.

vpc_id

The VPC identifier of your choice.

subnets

A list of two subnets.

inbound_cidr

Enter the CIDR allowed to connect to the public ALB of Ohlala Operations for Amazon EC2. Please be vigilant and enter a limited range.
We suggest having a look at your public IP address on https://api.ipify.org. The default mask for one IP address is /32.

instance_type

Select an instance type. For small to medium size (i.e. most deployment), t3.medium is recommended.

key_name

Please provide an existing EC2 key pair name.

Outputs

The terraform stack outputs the URL of the load balancer. Go ahead an open this link in a new tab (please allow a few minutes for the web interface to start up).

Apply complete! Resources: 56 added, 0 changed, 0 destroyed.

Outputs:

ohlala_url = "http://ohlala20250328133845277200000011-xxxxxxx.eu-west-1.elb.amazonaws.com"

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

3 - Architecture

AWS Architecture

Ohlala Operations for Amazon EC2 is a stateless EC2 at its core. The web interface runs on an EC2 instance managed through an Auto Scaling Group with an EC2 Launch Template. The web interface is exposed through a public Application Load Balancer, filtered on CIDR range provided by the administrator.

To remain stateless, Ohlala Operations for Amazon EC2 stores its data in a DynamoDB table and relies on the Systems Manager API and EC2 API for most of its features.

Settings are stored in SSM Parameter Store while secrets are stored in Secrets Manager. KMS is used at all time.

AWS Cost projection

Letting Ohlala Operations for Amazon EC2 run 24*7 for a full month would cost you around 54$ in the us-east-1 region (based on t3.medium instance type).

3.1 - Supported AWS regions

Ohlala Operations for Amazon EC2 beta is only supported in us-east-1 and eu-west-1 region.

Ohlala Operations for Amazon EC2 will be supported in the following regions:

4 - Concepts

Ohlala Operations is designed to simplify the management of Windows EC2 instances on AWS. It provides a structured approach to automation, system monitoring, and operational efficiency. Below are the key concepts that form the foundation of Ohlala Operations.

1. Instance Management

All Windows EC2 instances in your AWS account are automatically detected and displayed in the Ohlala Operations interface. No manual registration is required. From the interface, you can monitor and automate tasks across all managed instances.

2. Automated Tasks

Ohlala Operations enables the execution of automated tasks on Windows instances. These tasks can include:

• Running scripts and commands
• Performing system updates
• Restarting services
• Collecting logs for troubleshooting

Tasks can be executed on demand and patching can be scheduled.

3. Monitoring and Insights

Ohlala Operations provides visibility into system status, key performance indicators, and operational health. You can track:

• Running processes and resource usage
• Recent system events and logs

4. Access and Security

Ohlala Operations operates within your AWS environment, leveraging AWS IAM roles and permissions to ensure secure execution. There is no need to open additional inbound ports or expose instances to direct external access.

The Ohlala Operations web interface is secured by a username and password. Authentication can be managed in two ways:

• LDAP-based authentication (Active Directory) for centralized access control, with credentials securely stored in AWS Secrets Manager.
• Local account authentication, where credentials are securely stored in AWS Secrets Manager.

By combining these core concepts, Ohlala Operations streamlines Windows EC2 management, reducing manual effort and improving system reliability.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

5 - Setup Wizard

You can choose to configure the Ohlala Operations for Amazon EC2 to user either:

• Active Directory as the main authentication system
• Local Authentication i.e. username and password set at first run.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

5.1 - Active Directory prerequisites

To ensure proper integration with Active Directory, configure a dedicated service account with the required permissions.

1. Create the Service Account

1. Open Active Directory Users and Computers.
2. Navigate to the desired Organizational Unit (OU).
3. Right-click and select New > User.
4. Provide a username (e.g., OhlalaOpsService).
5. Set a secure password and check Password never expires (if applicable).
6. Complete the wizard to create the account.

2. Assign Required Permissions

1. Open Active Directory Users and Computers.
2. Right-click the OU where your EC2 instances reside and select Delegate Control.
3. In the wizard, click Next, then Add the newly created service account.
4. Select Create a custom task to delegate and click Next.
5. Choose Only the following objects in the folder and select:
   • Computer objects
   • Check Create selected objects in this folder
   • Check Delete selected objects in this folder
6. Click Next and assign the following permissions:
   • Reset password
   • Write
   • Validated write to DNS host name
   • Validated write to service principal name
7. Click Finish to apply the changes.

3. Verify the Configuration

• Ensure the service account can create and manage computer objects in the designated OU.
• Test authentication with the configured credentials.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

5.2 - Active Directory authentication setup

This guide walks you through configuring the setup wizard for Active Directory authentication in Ohlala Operations for Amazon EC2.

Prerequisites

• An Active Directory domain
• AD service account credentials to configure authentication settings
• Network connectivity to Ohlala Operations for Amazon EC2 web console.

Step 1: Access the Authentication Settings

1. Open Ohlala Operations for Amazon EC2 URL.
2. Navigate to the wizard on /wizard url. It should bring you there by default on first launch.
3. Read and accept the disclaimer.

Step 2: Enable Active Directory Authentication

1. Select Active Directory as the authentication method.
2. Click Next to proceed.

Step 3: Configure Domain Information

1. Provide the IP adresses of your Domain Controller address. They must be reachable from within your VPC.
2. Enter your Domain Name (e.g., example.local).
3. Enter the username of the AD service account
4. Enter the password of the AD service account
5. Click Next. We will test connection to Active Directory before moving to the next screen.

Step 4: Bind Credentials

1. Select the distinguished name of the AD group you want as admnistrators of Ohlala Operations for Amazon EC2
2. Select the distinguished name of the Organisational Unit where you will join EC2
3. Click Next.

Step 5: Default setting

1. Enable Default Host Management Configuration. This is recommended to simplify your EC2 administration. Feel free to disable it if you wish to manage the SSM permissions of your instances. Please note that DHMC requires SSM Agent version > 3.2.582.0.
2. Set the default refresh interval of your EC2 data. We recommend setting it between 30 and 120 seconds.
3. Proceed by clicking Next.

Step 6: Finalize Configuration

1. Review the configuration summary.
2. Click Save to apply the settings.
3. Authentication is now configured!

Troubleshooting

If you encounter any issues:

• Ensure the domain controller is reachable.
• Verify the credentials are correct.
• Confirm the service account has the necessary permissions.
• Restart the Ohlala Operations for Amazon EC2 EC2 if changes don’t take effect.

For further assistance, refer to the official documentation or contact support.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

5.3 - Local authentication setup

This guide walks you through configuring Local Authentication in Ohlala Operations for Amazon EC2.

Prerequisites

• Ohlala Operations for Amazon EC2 installed and running
• Network connectivity to Ohlala Operations for Amazon EC2 web console.

Step 1: Access the Authentication Settings

1. Open Ohlala Operations for Amazon EC2 URL.
2. Navigate to the wizard on /wizard url. It should bring you there by default on first launch.
3. Read and accept the disclaimer.

Step 2: Select Local Authentication

1. Choose Local Authentication as the authentication method.
2. Click Next to proceed.

Step 3: Create a Local Administrator Account

1. Enter the Username for the local admin account.
2. Set a password.
3. Confirm the password.
4. Click Next.

Step 4: Active Directory integration (optional)

1. Enable or disable Active Directory integration. This will allow you to join your Microsoft Windows EC2 to your Active Directory domain from the Ohlala Operations for Amazon EC2 console.
2. If you choose to enable it, go to step 5. Otherwise, go to step 7

Step 5: Active Directory parameters

1. Provide the IP adresses of your Domain Controller address. They must be reachable from within your VPC.
2. Enter your Domain Name (e.g., example.local).
3. Enter the username of the AD service account
4. Enter the password of the AD service account
5. Click Next. We will test connection to Active Directory before moving to the next screen.

Step 6: Default Organizational Unit

1. Select the distinguished name of the Organisational Unit where you will join EC2
2. Click Next.

Step 7: Default setting

1. Enable Default Host Management Configuration. This is recommended to simplify your EC2 administration. Feel free to disable it if you wish to managethe SSM permissions of your instances.
2. Set the default refresh interval of your EC2 data. We recommend setting it between 30 and 120 seconds.
3. Proceed by clicking Next.

Step 8: Review and Confirm

1. Verify the entered details.
2. Click Save to apply the configuration.
3. Local authentication is now enabled!

Without Active Directory integration:

With Active Directory integration:

Troubleshooting

If you encounter issues:

• Ensure the entered credentials meet security requirements.
• Restart the Ohlala Operations for Amazon EC2 EC2 if changes don’t take effect.
• Check system logs for authentication errors.

For additional support, refer to the official documentation or contact support.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6 - Main interface

The Ohlala Operations for Amazon EC2 user interface is designed to provide a seamless and intuitive experience for managing Windows EC2 instances on AWS. This section of the documentation will guide you through the key components of the UI and their functionalities.

Setup Wizard

The first time you access Ohlala Operations for Amazon EC2, a setup wizard helps you configure the product. The wizard guides you through:

• Setting up authentication (LDAP or local accounts)
• Configuring initial settings for instance management

Once completed, you are redirected to the main dashboard.

Login page

Only authorized users can administrate your EC2.

Main Dashboard

The dashboard provides an overview of your EC2 fleet and system status at a glance. Key features include:

• A list of all discovered Windows EC2 instances
• System health indicators and key metrics
• Quick actions for managing instances

Settings Page

The settings page allows you to configure global options for Ohlala Operations for Amazon EC2, including:

• User authentication and access control
• AWS integration settings
• Default system management preferences

Instance Details Page

Clicking on an instance from the dashboard opens its details page, where you can:

• View system information and current status
• Execute tasks such as script execution, service restarts, or log collection
• Monitor recent activity and logs

Instance Sub-Menus

Each instance has several sub-menus to provide deeper insights and control:

• Processes: View and manage running processes
• Services: Start, stop, and restart Windows services
• Updates: Check and apply Windows updates
• Logs: Review recent system events and troubleshooting logs
• Performance: Monitor CPU, memory, and disk usage

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.1 - Login page

This guide explains how to log into Ohlala Operations for Amazon EC2, supporting both Active Directory (AD) authentication and local authentication based on your configuration.

Disclaimer

When accessing Ohlala Operations, you will be presented with the disclaimer page:

Required Credentials

You need to enter:

• Username: Your AD username or local account username
• Password: The corresponding password

Then click Sign in to authenticate.

Authentication Methods

Ohlala Operations supports two authentication modes:

1. Active Directory Authentication

If the system is configured for Active Directory authentication, use your corporate AD credentials:

• Username: Your AD username (e.g., jdoe)
• Password: Your AD account password

Ensure that your account has been granted access by the administrator.

2. Local Authentication

If local authentication is enabled, you will log in with a locally managed account:

• Username: The local username configured by the administrator
• Password: The corresponding password

If you forget your local credentials, please run the setup wizard to reconfigure it.

Troubleshooting Login Issues

• Incorrect Credentials: Double-check your username and password.
• Forgot Password: Contact your administrator to reset it.
• Access Denied: Ensure your account has been granted permission.
• AD Login Issues: Ensure the domain controller is reachable and your account is active.

For further assistance, refer to the official documentation or contact support.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.2 - Main dashboard

Welcome to the Ohlala Operations for Amazon EC2 dashboard! This guide provides an overview of the different sections, actions, and functionalities available on the main interface.

Dashboard Overview

The dashboard serves as the central hub for managing your EC2 instances efficiently. It provides key information about instance status, patching, and power actions.

1. Navigation Menu

Located on the left side of the interface, the navigation menu allows quick access to different sections:

• Dashboard: Displays an overview of managed EC2 instances.
• Settings: Configure system preferences, authentication settings, and auto-refresh intervals.
• Logs: View historical logs for audits and troubleshooting.
• Help: Access documentation and support.

2. Instance Table

The main section of the dashboard lists all monitored EC2 instances with relevant details:

• Name: The instance name (click to open instance details view).
• State: Indicates whether the instance is running or stopped.
• Power Actions: Quick controls to manage instance power:
  • Power On/Off: Start or stop the instance.
  • Restart: Reboot the instance.
• SSM Status: Shows the connection status of AWS Systems Manager (SSM).
• Windows Updates: Displays pending updates and allows immediate patching. Click Patch now! to apply updates immediately.
• Patching Schedule: Configure automatic update schedules for instances. Go in the Settings page to configure the schedules.
• AD Status: Indicate if your instance is joined to a domain. You can click Join Domain to make your instance join your domain automatically.

3. Search & Filters

Above the instance table, a search bar allows users to quickly find specific instances by name.

4. Refresh Button

Click Refresh to update the instance table with the latest status and available actions.

Please note that some actions may require several minutes before being refreshed (join domain requires a reboot for a example, if your EC2 has a lot of Windows Updates not installed…).

5. User Authentication

In the top-right corner, the currently signed-in user is displayed. Click Sign out to log out.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.3 - Settings page

The Settings page in Ohlala Operations allows administrators to configure various system settings, including authentication, logging, dashboard refresh rates, and patching schedules.

Sections Overview

1. Configure LDAP Settings

• This section is used to configure LDAP authentication.
• LDAP settings are initially set up using the first run setup wizard.
• To modify LDAP settings, rerun the setup wizard by clicking Run first run setup wizard.

2. Certificate Hostname

There is no support to import your own certificate at this time. We recommend setting up your own load balancer (ALB) in front of Ohlala Operations for Amazon EC2.

• Defines the hostname used for the self-signed certificate.
• Changing this value updates the DNS name used to access the web server.
• Enter the desired hostname and click Save hostname to apply changes.
• Adjust the A or CNAME record in your DNS accordingly.

3. Patching Groups Schedules

• Allows configuration of cron expressions to schedule patching groups.
• The cron expression format is: Minutes Hours DayOfMonth Month DayOfWeek Year.
• Click Save schedule after modifying a group schedule.
• Additional information is available on AWS Systems Manager cron expressions.

Example: cron(0 3 ? * 1 *) runs the patching every Monday at 3 AM.

4. Logging Level

• Controls the verbosity of logs generated by Ohlala Operations for Amazon EC2.
• Available levels:
  • INFO (default)
  • WARNING
  • ERROR
  • DEBUG
• Select a level from the dropdown and click Save log level.

We recommend setting the log level to INFO for regular operations.

5. Set Dashboard Auto-Refresh

• Configures how often the Dashboard refreshes automatically.
• Enter a value in seconds (e.g., 60 for 1 minute refresh intervals). We recommend to set it to a value greater than 30 seconds.
• Click Save Dashboard auto-refresh interval to apply changes.

6. DHMC (Default Host Management Configuration)

• DHMC is used to automatically assign the Ohlala automation IAM role to new EC2 instances.
• Toggle Enable/Disable to activate or deactivate this feature.
• Click Save DHMC to confirm changes.

We recommend enabling DHMC by default.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.4 - Logs page

Overview

The Logs Page in Ohlala Operations provides a detailed view of system logs, allowing administrators to track command execution and system status in real time.

Features

• Search Bar: Filter logs using keywords to find relevant entries quickly.
• Download Logs: Export logs for further analysis.
• Pagination Controls: Navigate through log pages with Next and Previous buttons.
• Log Table: Displays log details, including:
  • Date: Timestamp of the log entry.
  • Log Level: Indicates the severity or category of the log.
  • Message: Describes the action performed, including instance ID and status.

Log Table Structure

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.5 - Help page

Overview

The Help Page in Ohlala Operations provides users with video tutorials to assist with navigating and configuring the product. This page is designed to complement the main documentation by offering visual guidance on key features.

Accessing the Help Page

1. Log in to Ohlala Operations.
2. Click on Help in the left sidebar.
3. Browse the available videos or use the search bar to filter content.

Viewing Videos

• Each help topic includes an embedded video.
• Click Play to watch the tutorial.
• Use the search bar to find relevant topics quickly.

Additional Support

For further assistance:

• Visit our main documentation at ohlala.cloud
• Contact our support team at contact@ohlala.cloud

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6 - Instance details

This menu is only available as a link in the main dashboard for Microsoft Windows EC2. It opens in a new tab.

Features

Users can navigate to other sections via the left sidebar to access:

• General instance information
• Diagnostics tools
• Software Setup
• Performance metrics
• Disks Usage
• Local Users & Groups
• Installed Applications
• Windows Services
• Running Processes
• Windows Event Logs
• Available Updates
• Roles and Features

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.1 - Instance informations

The Instance Information Page in Ohlala Operations provides detailed information about a selected Amazon EC2 instance. It allows users to monitor key system details and perform essential actions such as starting, rebooting, stopping, and patching the instance.

Accessing the Instance Information Page

1. Navigate to the Dashboard.
2. Click on an instance to open its Instance Info Page.

Displayed Information

Server ID Card

This section provides a quick summary of the instance, including:

• Instance ID: Unique identifier of the EC2 instance.
• Instance Name: Tag Name of the instance
• Computer Name: Internal hostname of the server (in the OS).
• Instance Type: The AWS instance type (e.g., t3.medium).
• Private IP Address: Internal IP address within the VPC.

Instance Info Details

This section presents a more detailed view, including:

• Instance ID: AWS-assigned unique identifier.
• State: Current status (running, stopped, etc.).
• Instance Name: Tag Name of the instance
• Computer Name: The Windows hostname (in the OS).
• Domain Joined: Indicates if the instance is joined to an Active Directory domain (True or False).
• Domain: The domain or workgroup the instance belongs to.
• Instance Type: The AWS instance size and type.
• Private IP Address: The internal networking address.
• Last Boot Up Time: Timestamp of the last instance startup.
• SSM Inventory Collection: Indicates if AWS Systems Manager inventory collection is enabled.
• Reboot Pending: Displays Yes if a reboot is required.

Available Actions

Instance Control

Users can perform the following actions on the instance:

• Start: Power on a stopped instance.
• Reboot: Restart the instance.
• Stop: Shut down the instance.

Patch Management

• Patch Now: Apply pending updates immediately.

Active Directory membership

• Join Domain: Join the machine to your Active Directory domain. This only applies if you provided Active Directory credentials.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.2 - Diagnostic tools

Overview

The Diagnostics Tools Menu in Ohlala Operations provides essential troubleshooting tools to help users diagnose network and system-related issues on their Windows EC2 instances. These tools allow administrators to execute commands directly from the web interface, making it easy to gather system information and test connectivity.

Available Actions

1. Run a Custom PowerShell Script

• Users can provide their own PowerShell script to be executed on the instance.
• This allows for advanced diagnostics and custom troubleshooting.
• Example usage:

Get-ChildItem C:\

2. Run a Ping Command

• Tests network connectivity to a specified hostname or IP address.
• Helps identify packet loss and response times.

3. Run a Traceroute Command

• Determines the route packets take to reach a destination.
• Useful for identifying network bottlenecks and latency issues.

4. Run a DNS Lookup

• Resolves a domain name to an IP address using DNS servers.
• Helps troubleshoot domain resolution issues.

5. Run Netstat to Check Listening Ports

• Displays active network connections and listening ports on the instance.
• Helps identify running services and potential security risks.

6. Run IPConfig

• Displays the current network configuration of the instance.
• Useful for checking assigned IP addresses, gateways, and DNS servers.

7. Run Test-NetConnection to a Host and Port

• Tests connectivity to a specific host and port.
• Useful for verifying if a remote service is reachable from the EC2.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.3 - Software setup page

Overview

The Software Setup page in Ohlala Operations for Amazon EC2 simplifies the installation and configuration of essential tools and settings on your Windows EC2 instances. This functionality ensures that your instances are optimized and pre-configured for automation, monitoring, and management.

Available Actions

Install/Uninstall AWS Components

• VSS Components - Manages the installation of Volume Shadow Copy Service (VSS) components for backup and restore operations.
• CloudWatch Agent - Installs or uninstalls the Amazon CloudWatch Agent to enable system monitoring and logging.
• CloudWatch Agent - Apply default configuration or unconfigure Amazon CloudWatch Agent.

Install/Uninstall Software

• AWS CLI V2 - Installs or removes AWS CLI V2 to enable interaction with AWS services.
• Google Chrome - Provides an option to install or uninstall Google Chrome for web browsing.
• PowerShell 7 - Installs or removes the latest version of PowerShell 7 for advanced scripting and automation.

Install/Uninstall tools

• Process Explorer - Installs or uninstalls Process Explorer, a tool for detailed process management.
• Process Monitor - Installs or removes Process Monitor, useful for troubleshooting and system analysis.

Configuration and System Tweaks

• Default CloudWatch Agent Configuration - Applies a default configuration to the CloudWatch Agent for monitoring logs and metrics.
• Disable First Run Experience for Microsoft Edge - Prevents Microsoft Edge from displaying the first-run experience setup screen.
• Disable Internet Explorer Enhanced Security Configuration - Turns off IE Enhanced Security Configuration for a smoother browsing experience.
• Disable Server Manager Auto Launch - Prevents Server Manager from automatically launching on login by disabling the scheduled task.

The list will keep on growing!

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.4 - Performance page

Overview

The Performance Page in Ohlala Operations for Amazon EC2 provides performance monitoring of your Windows EC2 instances. It presents key system metrics in an easy-to-read chart format, allowing administrators to track resource usage and detect performance bottlenecks.

Monitored Metrics

CPU Utilization

• Displays the percentage of CPU usage over time.
• Helps identify high CPU consumption caused by processes or workloads.

Memory Utilization

• Shows the percentage of RAM usage.
• Useful for diagnosing memory pressure and optimizing resource allocation.

Disk Read/Write

• Monitors disk activity, displaying read and write speeds in KB/s.
• Helps track I/O performance and detect storage bottlenecks.

Network Traffic (Ethernet)

• Displays the amount of data sent and received over network interfaces in KB/s.
• Useful for analyzing network load and troubleshooting connectivity issues.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.5 - Disks usage page

Overview

The Disks Usage Page in Ohlala Operations for Amazon EC2 provides a clear breakdown of storage usage on each disk within your Windows EC2 instance. It helps administrators monitor disk capacity and ensure sufficient free space for optimal system performance.

Displayed Information

Disk Name

• Identifies the drive (e.g., C:\, D:\).
• Displays all mounted volumes on the instance.

Used Storage (GB)

• Shows the amount of disk space currently in use.
• Helps track storage consumption trends over time.

Free Storage (GB)

• Indicates the remaining available disk space.
• Useful for proactive disk space management.

Total Storage (GB)

• Displays the total disk capacity.
• Helps assess overall storage availability and plan for scaling if necessary.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.6 - Local groups page

Overview

The Local Groups Page in Ohlala Operations for Amazon EC2 provides an interface to manage Windows local groups and their members. It allows administrators to control user access efficiently and export group data for auditing purposes.

Displayed Information

Local Groups Table

• Lists all local groups on the Windows machine.
• Displays group name, description, and members (local users).
• Data can be exported as a CSV file for further analysis.

Available Actions

Add a User to a Group

• Assigns a local user to an existing group.
• Ensures users have the correct permissions.

Remove a User from a Group

• Removes a user’s membership from a specified group.
• Helps maintain security by limiting access.

Create a Group

• Allows the creation of a new local group.
• Useful for organizing users with similar privileges.

Delete a Group

• Deletes a local group that is no longer needed.
• Helps maintain a clean and organized user management structure.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.7 - Local users page

Overview

The Local Users Page in Ohlala Operations for Amazon EC2 provides a complete list of local users on a Windows machine, along with detailed account properties. It allows administrators to manage users efficiently and export data for auditing purposes.

Displayed Information

Local Users Table

• Lists all local user accounts on the Windows machine.
• Displays the following details for each user:
  • Username
  • Description
  • Domain (Windows machine name)
  • Full Name (if applicable)
  • Account Locked Out status
  • Password Change Allowed status
  • Password Expiration status
  • Password Requirement status
  • Security Identifier (SID)
  • Status (e.g., OK, Degraded)
• Data can be exported as a CSV file for reporting and analysis.

Available Actions

Add a User to a Local Group

• Grants the user membership in a specified local group.

Remove a User from a Local Group

• Removes a user from a specific local group.

Create a User

• Creates a new local user account.

Delete a User

• Removes a local user account from the system.

Reset a User’s Password

• Resets the password for a selected user.
• Useful for account recovery and security management.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.8 - Applications page

Overview

The Applications Page in Ohlala Operations for Amazon EC2 provides a comprehensive list of installed applications retrieved from the Windows Add/Remove Programs panel. This page helps administrators track software installations and manage system compliance.

Displayed Information

Installed Applications Table

• Lists all installed applications detected on the Windows machine.
• Displays the following details for each application:
  • Name – The application’s display name.
  • Publisher – The company or developer that published the software.
  • Version – The installed version of the application.
  • Architecture – Specifies whether the application is 32-bit (x86) or 64-bit (x64).
• Data can be exported as a CSV file for inventory management and compliance tracking.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.9 - Updates page

Overview

The Windows Updates Page in Ohlala Operations for Amazon EC2 provides a detailed list of applicable Windows updates for the server. This page helps administrators track and manage system updates to maintain security and performance.

Displayed Information

Windows Updates Table

• Lists all Windows updates available for the system.
• Displays the following details for each update:
  • KB Article # – The unique identifier for the update.
  • Title – The name of the update.
  • Description – A brief summary of what the update addresses.
  • Downloaded – Indicates if the update has been downloaded.
  • Installed – Indicates if the update is already installed.
  • Uninstallable – Specifies whether the update can be removed.
  • Last Deployment – The date when the update was last deployed.
  • More Information URLs – Links to additional details about the update.
  • MSRC Severity – The Microsoft Security Response Center severity rating.
  • Reboot Required – Specifies whether a system reboot is needed after applying the update.
  • Security Bulletin ID – The security bulletin associated with the update (if applicable).
  • Support URL – A link to Microsoft’s support page for the update.
• Data can be exported as a CSV file for patch management and compliance tracking.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.10 - Processes page

Overview

The Processes Page in Ohlala Operations for Amazon EC2 provides a real-time view of running processes on a Windows instance. This page helps administrators monitor resource usage, detect high-consumption processes, and manage system performance effectively.

Displayed Information

Running Processes Table

• Lists all active processes currently running on the system.
• Displays the following details for each process:
  • Process ID (PID) – A unique identifier for the process.
  • Name – The executable name of the process.
  • CPU Consumption – The percentage of CPU used by the process.
  • Memory Consumption – The amount of memory consumed by the process.
  • Handles Opened – The number of handles the process has opened.
  • Start Time – The timestamp when the process was initiated.
  • Thread Count – The number of active threads within the process.
• Data can be exported as a CSV file for further analysis and reporting.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.11 - Roles and Features page

Overview

The Roles and Features Page in Ohlala Operations for Amazon EC2 provides a detailed list of Windows Server roles and features installed on an instance. This page allows administrators to manage system capabilities efficiently by adding or removing roles as needed.

Displayed Information

Roles and Features Table

• Lists all available roles and features on the Windows Server instance.
• Displays the following details for each role/feature:
  • Name – The system identifier of the role or feature.
  • Display Name – The human-readable name of the role or feature.
  • Installed State – Indicates whether the role or feature is currently installed.
  • Description – Provides a brief overview of the role or feature’s functionality.
• Data can be exported as a CSV file for auditing and compliance tracking.

Available Actions

Add a Role or Feature

• Installs a selected Windows Server role or feature.

Remove a Role or Feature

• Uninstalls a selected Windows Server role or feature.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.12 - Services page

Overview

The Windows Services Page in Ohlala Operations for Amazon EC2 provides an overview of all system services running on a Windows instance. It allows administrators to monitor service dependencies, control service states, and manage system performance.

Displayed Information

Windows Services Table

• Lists all services available on the system.
• Displays the following details for each service:
  • Display Name – The user-friendly name of the service.
  • Name – The internal system name of the service.
  • Dependent Services – Lists services that rely on this service.
  • Services It Depends On – Displays dependencies required for this service to function.
  • Service Type – Indicates whether the service is a system, user, or network service.
  • Start Type – Specifies how the service starts (e.g., Manual, Automatic, Disabled).
  • Status – Shows the current state of the service (e.g., Running, Stopped, Paused).
• Data can be exported as a CSV file for auditing and documentation.

Available Actions

Start a Service

• Initiates a stopped service.

Stop a Service

• Halts a running service.

Restart a Service

• Stops and immediately restarts a selected service.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

6.6.13 - Windows Event Logs page

Overview

The Windows Event Logs Page in Ohlala Operations for Amazon EC2 provides administrators with access to system logs for monitoring and troubleshooting. It allows users to view and filter key event logs, helping to diagnose issues and ensure system stability.

Displayed Information

Event Logs Table

• Displays log entries from selected event logs.
• Users can choose from the following event logs:
  • Application Log – Records application-level events and errors.
  • System Log – Captures system-related events, including driver and OS issues.
  • Security Log – Logs authentication attempts and security-related events.
• Displays the following details for each event:
  • Index – The event’s unique identifier.
  • Entry Type – Categorizes the event (e.g., Information, Warning, Error).
  • Source – Indicates which system component or application generated the log.
  • Message – Provides details about the event.
  • Time Generated – The timestamp when the event was recorded.
  • Username – The associated user (if applicable).
• Data can be exported as a CSV file for auditing and analysis.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

7 - Beta feedback form

A Microsoft form is at your disposal to provide your feedback: good or bad, be true!

Feedback form

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

8 - Knowledge base

8.1 - Reset secrets

In case Ohlala Operations form Amazon EC2 does not load anymore, one of the reason could be that secrets configured during the initial wizard are not valid anymore.

You can reset secrets by deleting the Secrets Manager named /ohlala/secrets with the following command:

aws secretsmanager delete-secret --secret-id /ohlala/secrets --force-delete-without-recovery

Restart Ohlala Operations form Amazon EC2, you should be prompted to run the wizard again.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨

8.2 - Delayed start

When Ohlala Operations for Amazon EC2 starts up, it takes a few minutes for the web server to start up. Please remain patient!

On a t3a.medium, Ohlala Operations for Amazon EC2 takes about 3 to 4 minutes to start. If you look at the AutoScaling Group, it has been set to allow 10 minutes for an instance to start and come online. This should be a comfortable margin.

✨ Ohlala Operations - Automate Windows Server Management on AWS! ✨