0% found this document useful (0 votes)
23 views52 pages

Module 5 - Power Platform On-Premise Data Gateway

Module 5 - Power Platform On-premise Data Gateway

Uploaded by

ariel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
23 views52 pages

Module 5 - Power Platform On-Premise Data Gateway

Module 5 - Power Platform On-premise Data Gateway

Uploaded by

ariel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 52

WorkshopPLUS – Power

Platform for
Administrators:
Power Platform On-premise Data
Gateway

Microsoft
Services
Conditions and Terms of Use
Microsoft Confidential
This training package is proprietary and confidential and is intended only for uses described in the training materials. Content and software is
provided to you under a Non-Disclosure Agreement and cannot be distributed. Copying or disclosing all or any portion of the content and/or
software included in such packages is strictly prohibited.
The contents of this package are for informational and training purposes only and are provided "as is" without warranty of any kind, whether
express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-
infringement.
Training package content, including URLs and other Internet website references, is subject to change without notice. Because Microsoft must
respond to changing market conditions, the content should not be interpreted to be a commitment on the part of Microsoft, and Microsoft
cannot guarantee the accuracy of any information presented after the date of publication. Unless otherwise noted, the companies,
organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association
with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.

Copyright and Trademarks


© 2020 Microsoft Corporation. All rights reserved.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this
document. Except as expressly provided in written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this
document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic,
mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
For more information, see Use of Microsoft Copyrighted Content at
https://www.microsoft.com/en-us/legal/intellectualproperty/permissions/default.aspx
Microsoft®, Internet Explorer®, Outlook®, SkyDrive®, Windows Vista®, Zune®, Xbox 360®, DirectX®, Windows Server® and Windows® are
either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other Microsoft products
mentioned herein may be either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All
other trademarks are property of their respective owners.
Introduction
In this lesson, you will learn the following:
• Understand On-premises Data Gateway.
• Data Gateway Installation Facts.
• Gateway Permission Access.
• Data Gateway In/outbound.
• Data Gateway Updates and Recovery.
• Managing Tenant Data Gateways.
• On-premise Data Gateway Proxy.
• Configure Data Gateway Log Files.
• Data Gateway installation and configuration.
Understand
On-premises Data
Gateway
• The On-premises Data Gateway acts as a
bridge, providing quick and secure data
transfer between on-premises data (data
that is not in the cloud) and the Power BI,
Power Automate, Logic Apps, and Power
Apps services.
• The gateway leverages Azure Service Bus
relay technology to security allow access to
on-premise resources.

About On-premises Data


Gateway
Data Gateway Installation Facts

• The gateway service must run on a local server in your on-premise location.

• The server does not have to be the same one as the resources it will proxy access to, however it
should be on the same local network to reduce latency.

• Multiple application and flow connections can use the same gateway install.

• You can only install one gateway on a server.

• During the install the gateway is setup to use NT Service\PBIEgwService for the Windows service
sign-in.

• You can switch this to a domain user or managed service account if you’d like.
Gateway Permission Access
By default, you have this permission on any gateway that you install.

As the administrator you can grant another user permission to co-administrate the gateway or use only.

When you set up a data source on the gateway you need to provide credentials for that data source.

All actions to that data source run using these credentials.

Credentials are encrypted securely, using asymmetric encryption before they are stored in the cloud.

The credentials are sent to the machine, running the gateway on-premises, where they are decrypted when the
data source is accessed.
The gateway service creates an
outbound connection to the Azure
Data Service Bus so there are no inbound
ports required to be opened.
Gateway
In/outboun The outbound connection
d communicates on ports:
TCP 443(default), 5671, 5672, and
9350 through 9354.
Updates are not auto-installed for the On-
premises data gateway.

Data It is highly recommended to stay current with


Gateway the latest data gateway version as the updates to
the gateway are released on a monthly basis.
Updates
A recovery key is assigned (not auto-generated)
and by the administrator at the time the On-
Premises Data Gateway is installed.
Recovery
The recovery key is required if the gateway is to
be relocated to another machine, or if the
gateway is to be restored.
Managing Tenant Data
Gateways
• Power Platform Admin center allows visibility into all on-premises data
gateways in a specific tenant.
• Users who are part of the Azure AD Global administrator role (which
includes Office 365 Global admins), Power BI service administrators, and
Gateway administrators will have access to Data Gateway management on
the Power Platform Admin center.
• There may, however, be differences in the features available and the
Managing operations which can be performed by each of these roles.
Tenant Data • The Azure AD Global administrator role (which includes Office 365 Global
Gateways admins) and Power BI service administrators will be able to see all gateways
in their organizations in addition to the gateways they manage.
• You can switch between these two views using the toggle in the upper-right
corner of the page:
• The Gateways page lists all On-premises Data Gateway clusters
installed on the tenant. In addition, you can review the following
information about these clusters:
• Gateway Cluster Name: The name of the gateway cluster.
• Contact Info: Admin contact information for the gateway cluster.
Managing • Administrators (Users): The list of gateway administrators.
Tenant Data • Gateways: The number of gateway members in the gateway cluster.
Gateways • The gateway cluster list includes both On-premises Data Gateways
(cont.) and On-premises Data Gateways (personal mode).
Display Gateway Members
Select the Open in new window icon ( ) next to the gateway
cluster name to see the gateway members, device name, and
version in each gateway cluster.

Managing
Tenant Data
Gateways
(cont.)
Manage Gateway Users
• Select the People icon next to the gateway cluster name to see the list of gateway users.
• Add or remove gateway admins in the Manage Users page.
• For personal gateways, this would show the owner of the personal gateway and cannot be changed due to the
security scope of personal gateways.
• For an On-premises data gateway in standard mode, users can be added to any of the following three categories.
Admin:
• Power BI: Administrators have full control of the gateway, including adding other admins, creating data

Managing •
sources, managing data source users, and deleting the gateway.
Power Apps and Power Automate: Administrators have full control of the gateway, including adding other

Tenant Data admins, creating connections, additionally sharing gateways in Can use and Can use + share permission
levels and deleting the gateway.

Gateways • Others: Administrators have full control of the gateway, including adding other admins and deleting the
gateway.

(cont.) Can use:


• Users who can create connections on the gateway to use for apps and flows but cannot share the gateway.
• To use this permission for users who will run apps but not share them. Applies only to Power Apps and Power
Automate.
Can use + share:
• Users who can create a connection on the gateway to use for apps and flows, and automatically share the
gateway when sharing an app.
• Use this permission for users who need to share apps with other users or with the organization. Applies only to
Power Apps and Power Automate.
Manage a Gateway by Region
• Select the region drop-down to see the list of gateway regions.
• When you select one of the regions, you'll see a list of gateways installed in
that region.
• You can manage users or view gateway members for these gateways.
Managing • By default, you'll see gateways within your tenant’s default region.
Tenant Data
Gateways
Filter Gateway by Type
• Select the gateway type drop-down to filter by gateway type.
• By default, you'll see all data gateways running in standard mode.
• Use the filter to see data gateways in personal or all gateways mode.
• There are two different types of gateways, each for a different scenario:
On-premises data gateway:
• Allows multiple users to connect to multiple on-premises data sources.

Managing • You can use an on-premises data gateway with all supported services, with a single gateway
installation.
Tenant Data • This gateway is well-suited to complex scenarios with multiple people accessing multiple data sources.
On-premises data gateway (personal mode)
Gateways • Allows one user to connect to sources and can’t be shared with others.
• An on-premises data gateway (personal mode) can be used only with Power BI.
• This gateway is well-suited to scenarios where you’re the only person who creates reports, and you
don't need to share any data sources with others.
• Installation file for this type of data gateway is named PowerBIGatewayInstall.exe and available here
https://go.microsoft.com/fwlink/?LinkId=820925&clcid=0x409 .
Manage Gateway Installers
• As either an Azure AD Global administrator (which includes Office 365 Global
admins) or a Power BI service administrator, use Manage Gateway installers to
manage who can install the On-premises data gateway in your enterprise.
• Note:
• This operation isn’t available for gateway admins.
• This feature does not apply for On-premises data gateways (personal mode).

Managing • Navigate to Power Platform Admin center and select Data Gateways.
• Select Manage Gateway Installers.
Tenant • Enable Restrict Users in your organization from installing gateways.

Data • This option is Off by default allowing anyone in your organization to install
gateway.

Gateways
Manage Gateway Installers
• Enter the users allowed to install gateway, and then select Add.
• Currently, we do not support groups for Manage Installers; you can
add individual users.
• To remove users who have permission to install gateway, select
Remove installer then select confirm.
• If a person who doesn’t have access to install gateways tries to install
one, they will get the following error once they provide their
Managing credentials during the gateway registration.

Tenant
Data
Gateways
Configure Proxy Settings
for the On-premises Data
Gateway
Introduction
Your work environment might require that you go through a proxy to access the internet. This could
prevent the Microsoft on-premises data gateway from connecting to the service. Although most
gateway configuration settings can be changed by using the on-premises data gateway app, proxy
information is configured within a .NET configuration file.
The location and file names are different, depending on the gateway you're using. Two main
configuration files are involved with the gateway in which proxy settings can be edited:
• The first file is for the configuration screens that actually configure the gateway.
Note: If you're having issues configuring the gateway, look at the following file: C:\Program
Files\On-premises data gateway\enterprisegatewayconfigurator.exe.config
• The second file is for the actual Windows service that interacts with the cloud service using the
gateway.
This file handles the requests: C:\Program Files\On-premises data gateway\
Microsoft.PowerBI.EnterpriseGateway.exe.config
Note: If you're going to make changes to the proxy configuration, these files must be edited so that
proxy configurations are exactly the same in both files.
Configure Proxy Settings
• The following sample shows the • The default configuration works with Windows
authentication.
default proxy configuration found in
• If your proxy uses another form of authentication,
both of the two main configuration you must change the settings.
files. • If you aren't sure, contact your network
administrator.
• We don't recommend basic proxy authentication
because it causes proxy authentication errors that
result in the gateway not being properly configured.
• Use a stronger proxy authentication mechanism to
resolve.
Configure Proxy Settings (continued)
• In addition to using default credentials, you can add
a <proxy> element to define proxy server settings in
more detail.
• For example, you can specify that an on-premises
data gateway should always use the proxy, even for
local resources, by setting the bypassonlocal
parameter to false.
• This can help in troubleshooting situations, if you
want to track all HTTPS requests that originate from
a gateway in the proxy log files.
• The following sample configuration specifies that all
requests must go through a specific proxy with the
IP address 192.168.1.10.
Configure Proxy Settings (continued)
• Additionally, for the gateway to connect to cloud data sources through a proxy,
update the following file: C:\Program Files\On-premises data gateway\
Microsoft.Mashup.Container.NetFX45.exe.config
• In the file, expand the <configurations> section to include the following contents,
and update the proxyaddress attribute with your proxy information.
• The following example routes all cloud requests through a specific proxy with the
IP address 192.168.1.10.
Configure Log Files
for Data Gateway
• There are three categories of service logs for an on-premises data gateway:
information, error, and network.
• These categorizations provide a troubleshooting experience that lets you focus on
the specific area for an error or issue.
• You can see the three categories GatewayInfo.log, GatewayErrors.log, and
GatewayNetwork.log in the following excerpt from the gateway configuration file
Microsoft.PowerBI.EnterpriseGateway.exe.config
Configure Log • By default, the gateway configuration file is located in the directory
Files for the On-
Program Files\On-premises data gateway.
premises Data
• To set the number of log files to retain, change the first number in the file's
Gateway initializeData value.
• To configure the size of each log file, change the second number.
• The following example specifies that 20 log files, each 50 MB in size, will be
retained:
• GatewayInfo.log,GatewayErrors.log,GatewayNetwork.log,20,50
Additional Valuable Resource

• On-premises data gateway FAQ


• Adjust communication settings for the on-premises data gateway
• Troubleshoot the on-premises data gateway
• Change the on-premises data gateway service account
• Monitor and optimize on-premises data gateway performance
La
b:
Exercise 1

Install and Configure


On-premises Data
Gateway
In this exercise, we will show you how to install a
standard gateway and then add another gateway
to create a cluster.
Installation Requirements

Minimum requirements Recommended


.NET Framework 4.6 (Gateway release August An 8-core CPU
2019 and earlier) 8 GB of memory
.NET Framework 4.7.2 (Gateway release A 64-bit version of Windows Server 2012 R2 or
September 2019 and later) later
A 64-bit version of Windows 7 or a 64-bit version Solid state drive (SSD) storage for spooling.
of Windows Server 2008 R2
Installation Considerations
• Gateways aren't supported on Server Core installations.
• The user installing the gateway must be the admin of the gateway.
• The gateway can't be installed on a domain controller.
• If you're planning to use Windows authentication, make sure you install the gateway on a
computer that's a member of the same Active Directory environment as the data sources.
• You shouldn't install a gateway on a computer, like a laptop, that might be turned off,
asleep, or disconnected from the internet.
• If a gateway uses a wireless network, its performance might suffer.
• You can install up to two gateways on a single computer: one running in personal mode
and the other running in standard mode.
• You can't have more than one gateway running in the same mode on the same computer.
Step 1) Download and
Install Data Gateway
(continued)
1. Navigate to learn on demand
virtual lab environment.
2. At resources tab, select
ContosoGateway machine to
download and install first data
gateway cluster.
3. Login using local administrator
credentials.
4. Use type action to auto-type
username password as shown in
screen shot below.

You can use “Open in new window” to run virtual machine in a separate window.
Step 1) Download and Install
Data Gateway

1. Open Edge browser installed already in this machine and


navigate to download page
2. Select download and save the installation file to a local
folder.
Step 2) Run Installation File
Enter the email address for your Office 365
account, and then select Sign in (continued)
Add Data Gateway Name and Recovery Key
(continued)

Make sure to save recovery key in a secure locations


Data Gateway Configured and Ready to
Use
Install Data
Gateway Cluster
Step 1) Download and
Install Data Gateway
(cluster) (continued)
1. Navigate to learn on demand
virtual lab environment
2. At resources tab, select
“ContosoSQL” machine to
download and install first data
gateway cluster.
3. Login using local administrator
credentials.
4. Use type action to auto-type
username password as shown in
screen shot.

You can use “Open in new window” to run virtual machine in a separate window.
Step 1) Download and Install Data
Gateway (continued)
5. Copy the link below and paste it to the ContosoSQL
machine web browser:
• https://www.Microsoft.com/en-us/download/details.asp
x?id=53127

• Using the VM actions button, select Type Text then Type


Clipboard Text.
• Paste the copied text then click OK.
6. Select download and save the installation file to local
folder.
Step 1) Download and Install Data Gateway
(continued)
• Repeat the same data gateway installation steps
• Once installation completed, double click on data gateway shortcut
on desktop.
• Continue as instructed in next steps.
After Signing in, Register a New Gateway
(continued)
Add to an Existing Gateway Cluster
Data Gateway Cluster Configured and
Ready to Use
End of Lab Exercise
La
b:
Exercise 2

Update an On-
premises Data
Gateway
• Download the latest gateway and run the installation program.
• If the version you're trying to install isn't newer than the version already installed, you'll receive one
of the following error messages.
• If you install a newer version, you'll be prompted to update. Select Update to begin updating.
• After the installation finishes, select Sign in.
End of Lab Exercise
La
b:
Exercise 3

Create an App Using


On-premise Data
Gateway
Step 1) Create An App
1. Navigate to https://make.powerapps.com/
2. Switch to the Personal Productivity environment.
3. At Start from data section, select SQL Server
connection.
4. For authentication type, select Windows
Authentication.
5. Type the required connection information as shown
below:
• SQL server name: ContosoSQL
• SQL database name: AdventureWorks2017
• Username: Administrator
• Password: password provided in virtual lab.
• Choose a gateway: ContosoOnPremiseDataGateway
6. Then select Create.
Step 2) Select
Connection Data Source

1. Search for the Production.Product table.


2. Select Connect.
3. Power Apps will start creating an app managing all
CRUD operations for the selected table using SQL
server on-premises.
4. Test created app by adding, updating or viewing
different products.
End of Lab Exercise
© 2020 Microsoft Corporation. All rights reserved.

You might also like