gcgists/Create-MachineAccount.ps1

## Create-MachineAccount.ps1
<#
.SYNOPSIS
Generates a new machine account with the given password.
.DESCRIPTION
Generates a new machine account in active directory with the given password.
This cmdlet is useful for creating machine accounts for Gridcentric Live Images.
.PARAMETER Name
Name for the machine account to create. Must be exactly 15 characters.
.PARAMETER Password
The plain-text password to set for the machine account.
.PARAMETER OUPath
The ldap path component for the OU where the account will be created.
.EXAMPLE
Create-MachineAccount -Name windows-vm-01 -Password SomePassword1!
#>

param(
    [Parameter(Mandatory=$true)][string]$Name,
    [Parameter(Mandatory=$true)][string]$Password,
    [string]$OUPath = "CN=Computers"
)

$ErrorActionPreference = "Stop"

if ($Name.Length -ne 15) {
   Write-Error "Parameter 'Name' must be exactly 15 characters."
}

Import-Module ActiveDirectory

$UpcaseName = $Name.ToUpper()
$CurrentDomain = Get-ADDomain
$DNSRoot = $CurrentDomain.DNSRoot
$DistinguishedName = [string]::Join(",", @("CN=$Name", $OUPath) + $CurrentDomain.DistinguishedName)
$FQDNSName = "$Name.$DNSRoot"

New-ADComputer -Name $Name -DisplayName $Name `
    -AccountPassword (ConvertTo-SecureString -AsPlainText $Password -Force) -Enabled 1 `
    -SAMAccountName $Name -Description "Account generated by Create-MachineAccount" -DNSHostName "$Name.$DNSRoot"
Set-ADComputer -Identity $DistinguishedName -ServicePrincipalNames `
    @{Add="HOST/$UpcaseName", "HOST/$FQDNSName", "TERMSRV/$Name",
    "TERMSRV/$FQDNSName", "RestrictedKrbHost/$UpcaseName",
    "RestrictedKrbHost/$FQDNSName"}

$UTF16Encoder = [System.Text.Encoding]::GetEncoding("utf-16")
$EncodedPassword = [System.Convert]::ToBase64String($UTF16Encoder.GetBytes($Password))

Write-Output "Live image start arguments:"
Write-Output ("--params name=$Name --params machinepassword=$EncodedPassword")

## Create-MachineAccount_usage.txt
# Allow execution of unsigned scripts. Warning, this is a persistent, host-wide setting.
PS> Set-ExecutionPolicy Unrestricted
Performing operation "Set-ExecutionPolicy" on Target "Unrestricted".
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y

Execution Policy Change

# Confirm execution of untrusted script. Use the live image arguments outputted by the
# cmdlet to start a live image with the generated machine account.
PS> .\Create-MachineAccount.ps1 -Name vms-test-win-01 -Password SomePassword1!

Security Warning
Run only scripts that you trust. While scripts from the Internet can be useful, this script can potentially harm your
computer. Do you want to run C:\Users\Administrator\Downloads\Create-MachineAccount.ps1?
[D] Do not run  [R] Run once  [S] Suspend  [?] Help (default is "D"): R
Live image start arguments:
--params name=vms-test-win-34 --params machinepassword=UwBvAG0AZQBwAGEAcwBzAHcAbwByAGQAMwAhAA==

## gc_bless_vm.sh
# Create a VM snapshot
nova live-image-create vms-test-vm vms-test-snapshot

## gc_boot_vm.sh
# Boot a VM, passing in the cloud-init-vms.txt file as user-data.
# Note: --flavor, --image, and --security_groups should
#  be set according to your environment.
nova boot --flavor windows.medium --image win7-x64-vlk --security_groups windows --poll vms-test-vm

## gc_delete_vm.sh
# Delete a VM
nova delete vms-test-clone

## gc_discard_vm.sh
# Discard a live-image
nova live-image-delete vms-test-snapshot

## gc_example_bless_building.sh
$ nova list
+--------------------------------------+-------------------+--------+-----------------+
| ID                                   | Name              | Status | Networks        |
+--------------------------------------+-------------------+--------+-----------------+
| a4867099-e979-444c-bafb-6c661eac2278 | vms-test-snapshot | BUILD  |                 |
| fac5036a-e899-4251-8c63-979dc0303917 | vms-test-vm       | ACTIVE | private=X.X.X.X |
+--------------------------------------+-------------------+--------+-----------------+

[...]

$ nova list
+--------------------------------------+-------------------+---------+-----------------+
| ID                                   | Name              | Status  | Networks        |
+--------------------------------------+-------------------+---------+-----------------+
| a4867099-e979-444c-bafb-6c661eac2278 | vms-test-snapshot | BLESSED |                 |
| fac5036a-e899-4251-8c63-979dc0303917 | vms-test-vm       | ACTIVE  | private=X.X.X.X |
+--------------------------------------+-------------------+---------+-----------------+

## gc_example_launch_building.sh
$ nova list
+--------------------------------------+-------------------+---------+-----------------+
| ID                                   | Name              | Status  | Networks        |
+--------------------------------------+-------------------+---------+-----------------+
| f42bed03-3baa-4bed-92c9-6a15bbb4bc47 | vms-test-clone    | BUILD   | private=X.X.X.X |
| a4867099-e979-444c-bafb-6c661eac2278 | vms-test-snapshot | BLESSED |                 |
| fac5036a-e899-4251-8c63-979dc0303917 | vms-test-vm       | ACTIVE  | private=X.X.X.X |
+--------------------------------------+-------------------+---------+-----------------+

[...]

$ nova list
+--------------------------------------+-------------------+---------+-----------------+
| ID                                   | Name              | Status  | Networks        |
+--------------------------------------+-------------------+---------+-----------------+
| f42bed03-3baa-4bed-92c9-6a15bbb4bc47 | vms-test-clone    | ACTIVE  | private=X.X.X.X |
| a4867099-e979-444c-bafb-6c661eac2278 | vms-test-snapshot | BLESSED |                 |
| fac5036a-e899-4251-8c63-979dc0303917 | vms-test-vm       | ACTIVE  | private=X.X.X.X |
+--------------------------------------+-------------------+---------+-----------------+

## gc_launch_vm.sh
# Launch a VM from a live-image
# Note: all parameters are optional.
#  --target is the memory target for the clone
#    virtual machine, in megabytes, and defaults
#    to 0 (no memory target)
#  --user_data defaults to None (no user data)
#  --security-groups defaults to the security groups
#    specified in the original VM
#  --availability_zone defaults to the availability
#    zone specified in the original VM
#  --num-instances defaults to 1
#  --key-name defaults to the key name specified
#    in the original VM
#  --params defaults to None
nova live-image-start --live-image vms-test-snapshot vms-test-clone

## gc_launch_vm_ad.sh
# Launch a VM from a live-image, giving a machine name and Active Directory machine account password
nova live-image-start --live-image vms-test-snapshot --params name=vms-test-win-01 --params machinepassword=j3n432rjnkjafeeaf vms-test-clone
	<#
	.SYNOPSIS
	Generates a new machine account with the given password.
	.DESCRIPTION
	Generates a new machine account in active directory with the given password.
	This cmdlet is useful for creating machine accounts for Gridcentric Live Images.
	.PARAMETER Name
	Name for the machine account to create. Must be exactly 15 characters.
	.PARAMETER Password
	The plain-text password to set for the machine account.
	.PARAMETER OUPath
	The ldap path component for the OU where the account will be created.
	.EXAMPLE
	Create-MachineAccount -Name windows-vm-01 -Password SomePassword1!
	#>

	param(
	[Parameter(Mandatory=$true)][string]$Name,
	[Parameter(Mandatory=$true)][string]$Password,
	[string]$OUPath = "CN=Computers"
	)

	$ErrorActionPreference = "Stop"

	if ($Name.Length -ne 15) {
	Write-Error "Parameter 'Name' must be exactly 15 characters."
	}

	Import-Module ActiveDirectory

	$UpcaseName = $Name.ToUpper()
	$CurrentDomain = Get-ADDomain
	$DNSRoot = $CurrentDomain.DNSRoot
	$DistinguishedName = [string]::Join(",", @("CN=$Name", $OUPath) + $CurrentDomain.DistinguishedName)
	$FQDNSName = "$Name.$DNSRoot"

	New-ADComputer -Name $Name -DisplayName $Name `
	-AccountPassword (ConvertTo-SecureString -AsPlainText $Password -Force) -Enabled 1 `
	-SAMAccountName $Name -Description "Account generated by Create-MachineAccount" -DNSHostName "$Name.$DNSRoot"
	Set-ADComputer -Identity $DistinguishedName -ServicePrincipalNames `
	@{Add="HOST/$UpcaseName", "HOST/$FQDNSName", "TERMSRV/$Name",
	"TERMSRV/$FQDNSName", "RestrictedKrbHost/$UpcaseName",
	"RestrictedKrbHost/$FQDNSName"}

	$UTF16Encoder = [System.Text.Encoding]::GetEncoding("utf-16")
	$EncodedPassword = [System.Convert]::ToBase64String($UTF16Encoder.GetBytes($Password))

	Write-Output "Live image start arguments:"
	Write-Output ("--params name=$Name --params machinepassword=$EncodedPassword")
	# Allow execution of unsigned scripts. Warning, this is a persistent, host-wide setting.
	PS> Set-ExecutionPolicy Unrestricted
	Performing operation "Set-ExecutionPolicy" on Target "Unrestricted".
	[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y

	Execution Policy Change

	# Confirm execution of untrusted script. Use the live image arguments outputted by the
	# cmdlet to start a live image with the generated machine account.
	PS> .\Create-MachineAccount.ps1 -Name vms-test-win-01 -Password SomePassword1!

	Security Warning
	Run only scripts that you trust. While scripts from the Internet can be useful, this script can potentially harm your
	computer. Do you want to run C:\Users\Administrator\Downloads\Create-MachineAccount.ps1?
	[D] Do not run [R] Run once [S] Suspend [?] Help (default is "D"): R
	Live image start arguments:
	--params name=vms-test-win-34 --params machinepassword=UwBvAG0AZQBwAGEAcwBzAHcAbwByAGQAMwAhAA==
	# Create a VM snapshot
	nova live-image-create vms-test-vm vms-test-snapshot
	# Boot a VM, passing in the cloud-init-vms.txt file as user-data.
	# Note: --flavor, --image, and --security_groups should
	# be set according to your environment.
	nova boot --flavor windows.medium --image win7-x64-vlk --security_groups windows --poll vms-test-vm
	# Discard a live-image
	nova live-image-delete vms-test-snapshot
	$ nova list
	+--------------------------------------+-------------------+--------+-----------------+
	\| ID \| Name \| Status \| Networks \|
	+--------------------------------------+-------------------+--------+-----------------+
	\| a4867099-e979-444c-bafb-6c661eac2278 \| vms-test-snapshot \| BUILD \| \|
	\| fac5036a-e899-4251-8c63-979dc0303917 \| vms-test-vm \| ACTIVE \| private=X.X.X.X \|
	+--------------------------------------+-------------------+--------+-----------------+

	[...]

	$ nova list
	+--------------------------------------+-------------------+---------+-----------------+
	\| ID \| Name \| Status \| Networks \|
	+--------------------------------------+-------------------+---------+-----------------+
	\| a4867099-e979-444c-bafb-6c661eac2278 \| vms-test-snapshot \| BLESSED \| \|
	\| fac5036a-e899-4251-8c63-979dc0303917 \| vms-test-vm \| ACTIVE \| private=X.X.X.X \|
	+--------------------------------------+-------------------+---------+-----------------+
	# Launch a VM from a live-image
	# Note: all parameters are optional.
	# --target is the memory target for the clone
	# virtual machine, in megabytes, and defaults
	# to 0 (no memory target)
	# --user_data defaults to None (no user data)
	# --security-groups defaults to the security groups
	# specified in the original VM
	# --availability_zone defaults to the availability
	# zone specified in the original VM
	# --num-instances defaults to 1
	# --key-name defaults to the key name specified
	# in the original VM
	# --params defaults to None
	nova live-image-start --live-image vms-test-snapshot vms-test-clone
	# Launch a VM from a live-image, giving a machine name and Active Directory machine account password
	nova live-image-start --live-image vms-test-snapshot --params name=vms-test-win-01 --params machinepassword=j3n432rjnkjafeeaf vms-test-clone