-
Notifications
You must be signed in to change notification settings - Fork 208
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
9338da3
commit e2df3b8
Showing
5 changed files
with
437 additions
and
0 deletions.
There are no files selected for viewing
Binary file not shown.
Binary file not shown.
220 changes: 220 additions & 0 deletions
220
workload/scripts/DSCStorageScripts/1.0.1/Configuration.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,220 @@ | ||
<# | ||
.SYNOPSIS | ||
A DSC configuration file for domain joining storage account | ||
.DESCRIPTION | ||
This script will be run on a domain joined session host under domain admin credentials. | ||
#> | ||
|
||
param | ||
( | ||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $StorageAccountName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $StorageAccountRG, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $ShareName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $DomainName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $CustomOuPath, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $IdentityServiceProvider, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $AzureCloudEnvironment, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $SubscriptionId, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $ClientId, | ||
|
||
[Parameter(Mandatory = $false)] | ||
[ValidateNotNullOrEmpty()] | ||
[string]$SecurityPrincipalName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $OUName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $StoragePurpose, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $AdminUserName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $StorageAccountFqdn, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $AdminUserPassword | ||
) | ||
|
||
|
||
Configuration DomainJoinFileShare | ||
{ | ||
param | ||
( | ||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $StorageAccountName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $StorageAccountRG, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $ShareName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $DomainName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $CustomOuPath, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $IdentityServiceProvider, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $AzureCloudEnvironment, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $SubscriptionId, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $ClientId, | ||
|
||
[Parameter(Mandatory = $false)] | ||
[ValidateNotNullOrEmpty()] | ||
[string]$SecurityPrincipalName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $OUName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $StoragePurpose, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $AdminUserName, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $StorageAccountFqdn, | ||
|
||
[Parameter(Mandatory = $true)] | ||
[ValidateNotNullOrEmpty()] | ||
[string] $AdminUserPassword | ||
) | ||
|
||
# Import the module that contains the File resource. | ||
Import-DscResource -ModuleName PsDesiredStateConfiguration | ||
|
||
$secStringPassword = ConvertTo-SecureString $AdminUserPassword -AsPlainText -Force | ||
$AdminCred = New-Object System.Management.Automation.PSCredential ($AdminUserName, $secStringPassword) | ||
|
||
$ErrorActionPreference = 'Stop' | ||
|
||
$ScriptPath = [system.io.path]::GetDirectoryName($PSCommandPath) | ||
. (Join-Path $ScriptPath "Logger.ps1") | ||
|
||
Node localhost | ||
{ | ||
LocalConfigurationManager { | ||
RebootNodeIfNeeded = $true | ||
ConfigurationMode = "ApplyOnly" | ||
DebugMode = "All" | ||
} | ||
|
||
Script DomainJoinStorage { | ||
# TestScript runs first and if it returns false, then SetScript runs | ||
GetScript = { | ||
return @{'Result' = '' } | ||
} | ||
SetScript = { | ||
. (Join-Path $using:ScriptPath "Logger.ps1") | ||
try { | ||
Write-Log "DSC DomainJoinStorage SetScript Domain joining storage account $Using:StorageAccountName" | ||
& "$using:ScriptPath\Script-DomainJoinStorage.ps1" -StorageAccountName $Using:StorageAccountName -StorageAccountRG $Using:StorageAccountRG -SubscriptionId $Using:SubscriptionId -ClientId $Using:ClientId -SecurityPrincipalName $Using:SecurityPrincipalName -ShareName $Using:ShareName -DomainName $Using:DomainName -IdentityServiceProvider $Using:IdentityServiceProvider -AzureCloudEnvironment $Using:AzureCloudEnvironment -CustomOuPath $Using:CustomOuPath -OUName $Using:OUName -StoragePurpose $Using:StoragePurpose -StorageAccountFqdn $Using:StorageAccountFqdn | ||
|
||
Write-Log "Successfully domain joined and/or NTFS permission set on Storage account" | ||
} | ||
catch { | ||
$ErrMsg = $PSItem | Format-List -Force | Out-String | ||
Write-Log -Err $ErrMsg | ||
throw [System.Exception]::new("Some error occurred in DSC DomainJoinStorage SetScript: $ErrMsg", $PSItem.Exception) | ||
} | ||
} | ||
TestScript = { | ||
. (Join-Path $using:ScriptPath "Logger.ps1") | ||
|
||
try { | ||
Write-Log "DSC DomainJoinStorage TestScript checking if storage account $Using:StorageAccountName is domain joined." | ||
$ADModule = Get-Module -Name ActiveDirectory | ||
if (-not $ADModule) { | ||
return $False | ||
} | ||
else { | ||
Import-Module activedirectory | ||
$IsStorageAccountDomainJoined = Get-ADObject -Filter 'ObjectClass -eq "Computer"' | Where-Object { $_.Name -eq $Using:StorageAccountName } | ||
if ($IsStorageAccountDomainJoined) { | ||
Write-Log "Storage account $Using:StorageAccountName is already domain joined." | ||
return $True | ||
} | ||
else { | ||
Write-Log "Storage account $Using:StorageAccount is not domain joined." | ||
return $False | ||
} | ||
} | ||
} | ||
catch { | ||
$ErrMsg = $PSItem | Format-List -Force | Out-String | ||
Write-Log -Err $ErrMsg | ||
throw [System.Exception]::new("Some error occurred in DSC DomainJoinStorage TestScript: $ErrMsg", $PSItem.Exception) | ||
} | ||
} | ||
|
||
PsDscRunAsCredential = $AdminCred | ||
} | ||
} | ||
} | ||
|
||
$config = @{ | ||
AllNodes = @( | ||
@{ | ||
NodeName = 'localhost'; | ||
PSDscAllowPlainTextPassword = $true | ||
PsDscAllowDomainUser = $true | ||
} | ||
) | ||
} | ||
|
||
DomainJoinFileShare -ConfigurationData $config -StorageAccountName $StorageAccountName -StorageAccountRG $StorageAccountRG -SubscriptionId $SubscriptionId -ShareName $ShareName -DomainName $DomainName -IdentityServiceProvider $IdentityServiceProvider -AzureCloudEnvironment $AzureCloudEnvironment -CustomOuPath $CustomOuPath -OUName $OUName -AdminUserName $AdminUserName -AdminUserPassword $AdminUserPassword -ClientId $ClientId -SecurityPrincipalName $SecurityPrincipalName -StoragePurpose $StoragePurpose -StorageAccountFqdn $StorageAccountFqdn -Verbose; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
function Write-Log { | ||
[CmdletBinding()] | ||
param | ||
( | ||
[Parameter(Mandatory = $true)] | ||
[string]$Message, | ||
|
||
# note: can't use variable named '$Error': https://github.com/PowerShell/PSScriptAnalyzer/blob/master/RuleDocumentation/AvoidAssignmentToAutomaticVariable.md | ||
[switch]$Err | ||
) | ||
|
||
try { | ||
$DateTime = Get-Date -Format "MM-dd-yy HH:mm:ss" | ||
$Invocation = "$($MyInvocation.MyCommand.Source):$($MyInvocation.ScriptLineNumber)" | ||
|
||
if ($Err) { | ||
$Message = "[ERROR] $Message" | ||
} | ||
|
||
Add-Content -Value "$DateTime - $Invocation - $Message" -Path "$([environment]::GetEnvironmentVariable('TEMP', 'Machine'))\ManualDscStorageScriptsLog.log" | ||
} | ||
catch { | ||
throw [System.Exception]::new("Some error occurred while writing to log file with message: $Message", $PSItem.Exception) | ||
} | ||
} |
Oops, something went wrong.