Last active
August 29, 2015 14:06
-
-
Save DexterPOSH/ae7ddcc6fa6aafacebc4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get the Settings file | |
Get-AzurePublishSettingsFile | |
#Import the file | |
Import-AzurePublishSettingsFile -PublishSettingsFile "C:\Temp\Visual Studio Ultimate with MSDN-7-19-2014-credentials.publishsettings" | |
#Remove the Settings once imported | |
Remove-item "C:\Temp\Visual Studio Ultimate with MSDN-7-19-2014-credentials.publishsettings" | |
#get the Subscription details | |
Get-AzureSubscription | |
#the function installs the WinRMCertificate for VM | |
Function Install-WinRMCertificateForVM() { | |
param([string] $CloudServiceName, [string] $Name) | |
Write-Host "Installing WinRM Certificate for remote access: $CloudServiceName $Name" | |
$WinRMCert = (Get-AzureVM -ServiceName $CloudServiceName -Name $Name | select -ExpandProperty vm).DefaultWinRMCertificateThumbprint | |
$AzureX509cert = Get-AzureCertificate -ServiceName $CloudServiceName -Thumbprint $WinRMCert -ThumbprintAlgorithm sha1 | |
$certTempFile = [IO.Path]::GetTempFileName() | |
$AzureX509cert.Data | Out-File $certTempFile | |
# Target The Cert That Needs To Be Imported | |
$CertToImport = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $certTempFile | |
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store "Root", "LocalMachine" | |
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite) | |
$store.Add($CertToImport) | |
$store.Close() | |
Remove-Item $certTempFile | |
} | |
$AffinityGroup = "DexAffinityGroup" | |
$cloudService = "DexCloudService" | |
$StorageAccount = "dexterposhstorage" | |
$DNSIP = '192.168.0.4' #the first usable IP address in our Subnet "AD" | |
$VMName = 'DexDC' #Name of the VM running our Domain Controller | |
# Enumerates all configured subscriptions on your local machine. | |
#Get-AzureSubscription | |
# Returns details only on the specified subscription | |
Get-AzureSubscription -SubscriptionName "Visual Studio Ultimate with MSDN" | |
# Select the subscription to use | |
Select-AzureSubscription -SubscriptionName (Get-AzureSubscription).SubscriptionName | |
#verify the above is our default Subscription | |
Get-AzureSubscription -Default | |
#create a new Affinity Group for my Lab resources | |
New-AzureAffinityGroup -Name $AffinityGroup -Location "Southeast Asia" -Label DexLAB -Description "Affinity Group for my LAB" -Verbose | |
#create the Storage Account | |
New-AzureStorageAccount -AffinityGroup $AffinityGroup -StorageAccountName $StorageAccount -Label "DexLAB" -Description "Storage Account for my LABs" -Verbose | |
#Turn off the Geo Replication...am just using it for my lab | |
Set-AzureStorageAccount -StorageAccountName $StorageAccount -GeoReplicationEnabled $false -Verbose | |
#set your storage account | |
Set-AzureSubscription -SubscriptionName (Get-AzureSubscription -Default).SubscriptionName -CurrentStorageAccountName "dexterposhstorage" | |
#Now we are going to create a new VNET | |
#Created Manually | |
#Now create a new Cloud Service | |
New-AzureService -ServiceName $cloudService -AffinityGroup $AffinityGroup -Label DexLAB -Description "Cloud Service for my LAB" -Verbose | |
#region create a VM | |
$image = Get-AzureVMImage | where { $_.ImageFamily -eq “Windows Server 2012 R2 Datacenter” } | Sort-Object -Descending -Property PublishedDate | Select-Object -First 1 | |
$newVM = New-AzureVMConfig -Name $VMName -InstanceSize Small -ImageName $image.ImageName -DiskLabel "OS" -HostCaching ReadOnly | |
$password = 'P@ssw0rd@123' | |
$username = "DexterPS" | |
# Add the COnfiguration to add AdminUserName and Password declared above | |
Add-AzureProvisioningConfig -Windows -Password $password -AdminUsername $username -DisableAutomaticUpdates -VM $newVM | |
# set the AD Subnet for this machine | |
Set-AzureSubnet -SubnetNames AD -VM $newVM | |
#set the Static VNET IPAddress of 192.168.0.4 for our VM | |
Set-AzureStaticVNetIP -IPAddress $DNSIP -VM $newVM | |
New-AzureVM -ServiceName $cloudService -VMs $newVM -VNetName "DexVNET" -AffinityGroup DexAffinityGroup | |
$DexDC = Get-AzureVM -ServiceName $cloudService -Name $VMName | |
#endregion create a VM | |
#region configure my machine to talk to the VM PSRemoting Endpoint | |
$WinRMCert = (Get-AzureVM -ServiceName $CloudServiceName -Name $VMName | select -ExpandProperty vm).DefaultWinRMCertificateThumbprint | |
$AzureX509cert = Get-AzureCertificate -ServiceName $CloudServiceName -Thumbprint $WinRMCert -ThumbprintAlgorithm sha1 | |
$certTempFile = [IO.Path]::GetTempFileName() | |
$AzureX509cert.Data | Out-File $certTempFile | |
# Target The Cert That Needs To Be Imported | |
$CertToImport = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $certTempFile | |
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store "Root", "LocalMachine" | |
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite) | |
$store.Add($CertToImport) | |
$store.Close() | |
Remove-Item $certTempFile | |
#Now I can use the Get-AzureWinrmUri | |
$WinRMURi = (Get-AzureWinRMUri -ServiceName $cloudService -Name $VMName).AbsoluteUri | |
#endregion | |
#region add the ADDS | |
#add new data disk to store the NTDS and SysVol folders | |
Add-AzureDataDisk -CreateNew -DiskSizeInGB 20 -DiskLabel "NTDS" -LUN 0 -VM $DexDC | Update-AzureVM | |
#Convert our plain text password to secure string | |
$passwordsec = ConvertTo-SecureString -String $password -AsPlainText -Force | |
#create the Creds Object | |
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username,$passwordsec | |
#Open up a new PSSession to the Azure VM | |
$Session = New-PSSession -ConnectionUri $WinRMURi -Credential $cred | |
Invoke-Command -Session $session -ScriptBlock { | |
Get-Disk | | |
where partitionstyle -eq 'raw' | | |
Initialize-Disk -PartitionStyle MBR -PassThru | | |
New-Partition -AssignDriveLetter -UseMaximumSize | | |
Format-Volume -FileSystem NTFS -NewFileSystemLabel "NTDS" -Confirm:$false | |
} | |
Invoke-Command -Session $Session -ArgumentList @($password) -ScriptBlock { | |
Param ($password) | |
# Set AD install paths | |
$drive = get-volume | where { $_.FileSystemLabel -eq “NTDS” } | |
$NTDSpath = $drive.driveletter + ":\Windows\NTDS" | |
$SYSVOLpath = $drive.driveletter + ":\Windows\SYSVOL" | |
write-host "Installing the first DC in the domain" | |
Install-WindowsFeature –Name AD-Domain-Services -includemanagementtools | |
Install-ADDSForest -DatabasePath $NTDSpath -LogPath $NTDSpath -SysvolPath $SYSVOLpath -DomainName "dex.com" -InstallDns -Force -Confirm:$false -SafeModeAdministratorPassword $password | |
} | |
#Convert to Server Core | |
Invoke-Command -Session $Session -script { Uninstall-WindowsFeature Server-Gui-Mgmt-Infra,Server-Gui-Shell -Restart} | |
#endregion |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment