Created
May 3, 2015 12:31
-
-
Save pkirch/4def06c7b592c53957e9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Microsoft Virtual Academy | |
# Automatisierte Konfiguration in Azure im Überblick | |
# 201 - http://aka.ms/mva-1505-201 | |
#region Create VM | |
# Settings | |
$subscriptionName = "MSFT MVA Stage" # Get-AzureSubscription | |
$location = "West Europe" # Get-AzureLocation | |
$serviceName = "mvaconfig202" | |
$storageAccountName = $serviceName | |
$adminUsername = "adm_demo" | |
$adminPassword = "Azureisttoll!" | |
$imageFamily = "Windows Server 2012 R2 Datacenter" | |
$vmName = $serviceName | |
$instanceSize = "Medium" # Get-AzureRoleSize | |
# In case you have more than one Azure subscription, select one. | |
Select-AzureSubscription -SubscriptionName $subscriptionName | |
# Get latest image for defined image family. | |
# MVA03-Images.ps1 / https://gist.github.com/pkirch/058d757a799fa0087241 | |
$imageName = Get-AzureVMImage | | |
Where-Object -Property ImageFamily -eq $imageFamily | | |
Sort-Object -Property PublishedDate -Descending | | |
Select-Object -ExpandProperty ImageName -First 1 | |
# Create storage account and set is as current. | |
New-AzureStorageAccount -Location $location -StorageAccountName $storageAccountName -Type Standard_LRS | |
Set-AzureSubscription -SubscriptionName $subscriptionName -CurrentStorageAccountName $storageAccountName | |
# Create new VM configuration, add provisioning data to it, and start it. | |
New-AzureVMConfig -ImageName $imageName -InstanceSize $instanceSize -Name $vmName | | |
Add-AzureProvisioningConfig -Windows -AdminUsername $adminUsername -Password $adminPassword | | |
Add-AzureEndpoint -LocalPort 80 -Name HTTP -Protocol tcp -PublicPort 80 | | |
New-AzureVM -ServiceName $serviceName -Location $location -WaitForBoot | |
#endregion | |
#region Prepare connection | |
# Create credentials for remote session. | |
$secPasswd = ConvertTo-SecureString $adminPassword -AsPlainText -Force | |
$credentialHost = New-Object System.Management.Automation.PSCredential ($adminUsername, $secPasswd) | |
# Get host and port to connect to VM via PowerShell Remoting | |
$uriHost = Get-AzureWinRMUri -ServiceName $serviceName -Name $vmName | |
# Prepare and create new PSSession object. | |
$psso = New-PSSessionOption -SkipCACheck # Alternative way would be to download and import WinRM certificate. | |
$sessionHost = New-PSSession -ComputerName $uriHost.Host -Port $uriHost.Port -Credential $credentialHost -UseSSL -SessionOption $psso | |
#endregion | |
#region Invoke command via PowerShell Remoting and install ADDS and forrest | |
Invoke-Command -Session $sessionHost -ScriptBlock { | |
param($adminPassword, $domainName, $domainNetbiosName) | |
#Import-Module ServerManager | |
Add-WindowsFeature -Name AD-Domain-Services | |
# Save secure string with password. | |
$securePassword = ConvertTo-SecureString -String $adminPassword -AsPlainText -Force | |
# | |
# Windows PowerShell script for AD DS Deployment | |
# | |
Import-Module ADDSDeployment | |
Install-ADDSForest ` | |
-CreateDnsDelegation:$false ` | |
-DatabasePath "C:\Windows\NTDS" ` | |
-DomainMode "Win2012R2" ` | |
-DomainName $domainName ` | |
-DomainNetbiosName $domainNetbiosName ` | |
-ForestMode "Win2012R2" ` | |
-InstallDns:$true ` | |
-LogPath "C:\Windows\NTDS" ` | |
-NoRebootOnCompletion:$false ` | |
-SysvolPath "C:\Windows\SYSVOL" ` | |
-Force:$true ` | |
-SafeModeAdministratorPassword:$securePassword | |
} -ArgumentList $adminPassword, <# $domainName #> $uriHost.Host, <# $domainNetbiosName #> "net$serviceName" | |
#endregion | |
#region Install and configure IIS | |
Invoke-Command -Session $sessionHost -ScriptBlock { | |
param($adminPassword, $domainName, $domainNetbiosName) | |
#Import-Module ServerManager | |
Add-WindowsFeature -Name Web-Server, Web-Windows-Auth, Web-Mgmt-Tools | |
Set-WebConfigurationProperty -Filter system.webServer/security/authentication/anonymousAuthentication -PSPath "IIS:\Sites" -Location "Default Web Site" -Name Enabled -Value False | |
Set-WebConfigurationProperty -Filter system.webServer/security/authentication/windowsAuthentication -PSPath "IIS:\Sites" -Location "Default Web Site" -Name Enabled -Value True | |
} | |
#endregion | |
# Clean up: close connection | |
Remove-PSSession -Session $sessionHost |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment