-
-
Save alodha100/ed7eb4c10ffc9a29d0e9683f7633c6a4 to your computer and use it in GitHub Desktop.
Azure IT Camp Snippets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #----------------------------------------------- | |
| # Lab 1: Building the Foundation | |
| # Section: Connect to Azure with Powershell | |
| #---------------------------------------------- | |
| Add-AzureAccount # This prompts you for your Azure Subscription Account Credentials, and logs you in. | |
| Get-AzureSubscription | FT SubscriptionName # Get the list of Subscriptions your has access to. | |
| Get-AzureLocation | FT DisplayName # Show the datacenter region location names. (You will use the one you chose for your network location.) | |
| #------------------------------------------------- | |
| # Set Your Variables for the Lab - Setting the Variables here will ensure the script will work for your environment. Replace "ABC" with your initials or something unique for your deployment. | |
| #------------------------------------------------- | |
| # These variables must be edited: | |
| $subscrName = "Free Trial" # Replace with the friendly name of your subscription, if not using the free trial | |
| $storageAccountName = "xxxstore" # Storage name must be all lowercase. Replace xxx with your initials or some unique ID | |
| $domainCloudService = "XXXdomainservice" # Must be globally unique (used in a URL). Replace XXX with your initials or some unique ID | |
| $dcAvalSet = "XXX-DCSet" # Replace XXX with your initials or some unique ID | |
| $firstDC = "XXX-DC01" # Replace XXX with your initials or some unique ID | |
| $secondDC = "XXX-DC02" # Replace XXX with your initials or some unique ID | |
| # These variables must match what you configured for your network in Lab #1 | |
| $VnetName = "XXX-Vnet" # <-- Edit to match your virtual network name | |
| $locationName = "West US" # <-- Edit to match your network location choice | |
| $subnet = "Core-Subnet" # <-- Edit if your network configuration first subnet name is different than the lab manual suggested | |
| # These variables can be left as-is. If you edit them, be sure to make note of the values for later. | |
| $serverImages = Get-AzureVMImage | Where {$_.ImageFamily -eq "Windows Server 2012 R2 Datacenter" } | sort-object -descending -Property PublishedDate | |
| $image = $serverImages[0].ImageName | |
| $instancesize = "Small" | |
| $un = "SysAdmin" # Remember the Username and Password | |
| $pwd = "Passw0rd!" # You'll use these creditials to connect to and/or login to your Domain Controllers | |
| # Select the subscription to use for the lab (important if you have more than one subscription in your account) | |
| Select-AzureSubscription -subscriptionName $subscrName | |
| #----------------------------------------------- | |
| # Lab 1: Building the Foundation | |
| # Section: Create a new storage account using PowerShell | |
| #---------------------------------------------- | |
| New-AzureStorageAccount -StorageAccountName $storageAccountName -Location $locationName | |
| Set-AzureSubscription -subscriptionName $subscrName -CurrentStorageAccount $storageAccountName | |
| #----------------------------------------------- | |
| # Lab 1: Building the Foundation | |
| # Section: Create a new service with PowerShell | |
| #---------------------------------------------- | |
| New-AzureService -ServiceName $domainCloudService -Location $locationName | |
| #----------------------------------------------- | |
| # Lab 2: Building Workloads | |
| # Section: Deploy domain controllers in Microsoft Azure | |
| # Task: Create First VM/DC in the domain | |
| #------------------------------------------------- | |
| $newVM = New-AzureVMConfig -Name $firstDC -InstanceSize $instancesize -Image $image ` | |
| | Add-AzureProvisioningConfig -Windows -Password $pwd -AdminUsername $un ` | |
| | Set-AzureSubnet -SubnetNames $subnet | |
| New-AzureVM -VMs $newVM -ServiceName $domainCloudService -VNetName $VnetName | |
| # Move to Availability set (Wait until your DC is "Running" and not still "Provisioning" before executing this command. | |
| Get-AzureVm -ServiceName $domainCloudService -Name $firstDC | Set-AzureAvailabilitySet -AvailabilitySetName $dcAvalSet | Update-AzureVM | |
| #----------------------------------------------- | |
| # Lab 2: Building Workloads | |
| # Section: Preparing to Remotely Connect to Azure Virtual Machines | |
| #------------------------------------------------- | |
| # Install Certificate for remote connection to first Domain Controller | |
| # Add these lines at line 70 within the InstallWinRMCertzureVM.ps1 that you downloaded from http://aka.ms/psremotingscript | |
| $subscriptionName = $subscrName | |
| $ServiceName = $domainCloudService | |
| $Name = $firstDC | |
| #----------------------------------------------- | |
| # Lab 2: Building Workloads | |
| # Section: Create users in your Active Directory | |
| #------------------------------------------------- | |
| # Connect Remotely to first DC | |
| $uri = Get-AzureWinRMUri -ServiceName $domainCloudService -Name $firstDC | |
| $cred = Get-Credential | |
| Enter-PSSession -ConnectionUri $uri -Credential $cred | |
| # After remote connection to domain controller is made: | |
| Add-WindowsFeature -name ad-domain-services -IncludeManagementTools | |
| Install-ADDSForest -DomainName "contosoazure.com" -ForestMode 6 -DomainMode 6 | |
| # NOTE: The DC restarts after installing the Forest, so you'll need to re-enter the PowerShell remote session | |
| # when it's back up and running | |
| Enter-PSSession -ConnectionUri $uri -Credential $cred | |
| # Back into the remote PS session, now you can create OUs and Users: | |
| New-ADOrganizationalUnit -Name "FINANCE" -Path "DC=contosoazure, DC=Com" | |
| New-ADOrganizationalUnit -Name "IT" -Path "DC=contosoazure, DC=Com" | |
| New-ADOrganizationalUnit -Name "SALES" -Path "DC=contosoazure, DC=Com" | |
| $newPassword = (Read-Host -Prompt "Provide New Password" -AsSecureString) # Password for the new users | |
| New-ADUser -Name "Matt Deen" -Path "OU=FINANCE,dc=contosoazure,dc=com" -AccountPassword $newPassword -Department "Finance" -SamAccountName "MattDeen" -Surname "Deen" -GivenName "Matt" -DisplayName "Matt Deen" | |
| New-ADUser -Name "Bob Smith" -Path "OU=SALES,dc=contosoazure,dc=com" -SamAccountName "BobSmith" -GivenName "Bob" -Surname "Smith" -DisplayName "Bob Smith" -Department "Sales" -AccountPassword $newPassword | |
| New-ADUser -Name "Pat Holden" -SamAccountName "Pat Holden" -GivenName "Pat" -Surname "Holden" -DisplayName "Pat Holden" -Department "Finance" -AccountPassword $newPassword | |
| New-ADUser -Name "Dan Chun" -SamAccountName "Dan Chun" -GivenName "Dan" -Surname "Chun" -DisplayName "Dan Chun" -Department "Finance" -AccountPassword $newPassword | |
| New-ADUser -Name "Karen Vogue" -Path "OU=sales,dc=contosoazure,dc=com" -SamAccountName "KarenVogue" -GivenName "Karen" -Surname "Vogue" -DisplayName "Karen Vogue" -Department "Sales" -AccountPassword $newPassword | |
| # This enables a user account. You can repeat this command to enable more uses if desired. | |
| Enable-ADAccount -Identity KarenVogue | |
| #----------------------------------------------- | |
| # Lab 2: Building Workloads | |
| # Section: Deploy the 2nd Domain Controller for your Forest | |
| #------------------------------------------------- | |
| # Make sure to exit from the remote session on DC01 and return to controlling Azure directly by typing: | |
| exit | |
| # Then continue on to deploy the 2nd DC, this time you will automatically deploy the machine to the correct Availability Set | |
| $newVM = New-AzureVMConfig -Name $secondDC -InstanceSize $instancesize -Image $image -AvailabilitySetName $dcAvalSet ` | |
| | Add-AzureProvisioningConfig -Windows -Password $pwd -AdminUsername $un ` | |
| | Set-AzureSubnet -SubnetNames $subnet | |
| New-AzureVM -VMs $newVM -ServiceName $domainCloudService | |
| # Move 2nd DC to Avail set | |
| # ...already done! (Note the -AvailabilitySetName parameter in the New-AzureVMConfig cmdlet.) | |
| # Install Certificate for remote connection to second Domain Controller | |
| # Add these lines at line 70 within the InstallWinRMCertzureVM.ps1 that you downloaded from http://aka.ms/psremotingscript | |
| $subscriptionName = $subscrName | |
| $ServiceName = $domainCloudService | |
| $Name = $secondDC | |
| # Connect Remotely to second DC | |
| $uri = Get-AzureWinRMUri -ServiceName $domainCloudService -Name $secondDC | |
| $cred = Get-Credential | |
| Enter-PSSession -ConnectionUri $uri -Credential $cred | |
| # Add ADDS and promote to DC: | |
| Add-WindowsFeature -name ad-domain-services -IncludeManagementTools | |
| # Note: When prompted for credentials, make sure to include the domain name for the administrator. | |
| # Example: CONTOSOAZURE\SysAdmin or [email protected] | |
| Install-ADDSDomainController -Credential (Get-Credential) -DatabasePath 'C:\Windows\NTDS' -DomainName 'contosoazure.com' -InstallDns:$true -LogPath 'C:\Windows\NTDS' -NoGlobalCatalog:$false -SiteName 'Default-First-Site-Name' -SysvolPath 'C:\Windows\SYSVOL' -NoRebootOnCompletion:$true -Force:$true -Verbose | |
| # NOTE: The DC restarts after making it a domain controller, so you'll need to re-enter the PowerShell remote session | |
| # when it's back up and running | |
| Enter-PSSession -ConnectionUri $uri -Credential $cred | |
| # Optional: Switch the 2nd Domain Controller to Server Core by removing the User Interface. | |
| Remove-WindowsFeature -name User-Interfaces-Infra | |
| Restart-Computer | |
| # Be patient. It takes a while. Once the machine is back up and running, Connect to it (Remote Desktop) to verify that | |
| # it is just the core OS. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment