-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathNew-AzureVM.ps1
110 lines (100 loc) · 4.89 KB
/
New-AzureVM.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
param (
$OperatingSystem = 'Windows Server 2019',
$Environment = '',
$VMSize = '',
$Region = '',
$NetworkZone = '',
$Description = '',
$SR = ''
)
if ($OperatingSystem -like "Windows*") {
#Get the latest windows image and SKU
$OSVersionToInstall = $OperatingSystem.Split(" ")[-1]
$ImageSku = Get-AzVMImagesku -Location $Region -PublisherName MicrosoftWindowsServer -Offer windowsserver | Where-Object {$_.Skus -like "$OSVersionToInstall*"} | Select-Object -First 1
} else {
#Find your linux image :)
}
#Get Virtual network
$VNet = Get-AzVirtualNetwork
$Subnet = $VNet.Subnets | Where-Object {$_.Name -like "Application"}
#Set virtual machine properties
$VMLocalAdminUser = "01localvmadmin"
$Password = '{0}!#{1}' -f (New-Guid).Guid,(New-Guid).Guid
$VMLocalAdminSecurePassword = ConvertTo-SecureString -String $Password -AsPlainText -Force
$ResourceGroupName = "365labvm-{0}" -f (New-Guid).Guid.Split("-")[2]
$VMName = $ResourceGroupName
$NicName = "{0}-nic01" -f $VMName
$VMSize = "Standard_DS1_v2"
#Create Resource Group
New-AzResourceGroup -Name $ResourceGroupName -Location $Region -Verbose
$NIC = New-AzNetworkInterface -Name $NICName -ResourceGroupName $ResourceGroupName -Location $Region -SubnetId $Subnet.Id
$Credential = New-Object System.Management.Automation.PSCredential ($VMLocalAdminUser, $VMLocalAdminSecurePassword)
$VirtualMachine = New-AzVMConfig -VMName $VMName -VMSize $VMSize
$VirtualMachine = Set-AzVMOperatingSystem -VM $VirtualMachine -Windows -ComputerName $VMName -Credential $Credential -ProvisionVMAgent -EnableAutoUpdate
$VirtualMachine = Add-AzVMNetworkInterface -VM $VirtualMachine -Id $NIC.Id
$VirtualMachine = Set-AzVMSourceImage -VM $VirtualMachine -PublisherName 'MicrosoftWindowsServer' -Offer 'WindowsServer' -Skus $imagesku.Skus -Version latest
New-AzVM -ResourceGroupName $ResourceGroupName -Location $Region -VM $VirtualMachine -Verbose
$DJoinUser = Get-AzKeyVaultSecret -VaultName vmdeploy-kv -Name djoin-user
$DJoinSecret = Get-AzKeyVaultSecret -VaultName vmdeploy-kv -Name djoin-secret
$DjoinCredentials = New-Object System.Management.Automation.PSCredential ($DJoinUser.SecretValueText, $Djoinsecret.SecretValue)
function Add-JDAzureRMVMToDomain {
<#
.SYNOPSIS
The function joins Azure RM virtual machines to a domain.
.EXAMPLE
Get-AzureRmVM -ResourceGroupName 'ADFS-WestEurope' | Select-Object Name,ResourceGroupName | Out-GridView -PassThru | Add-JDAzureRMVMToDomain -DomainName corp.acme.com -Verbose
.EXAMPLE
Add-JDAzureRMVMToDomain -DomainName corp.acme.com -VMName AMS-ADFS1 -ResourceGroupName 'ADFS-WestEurope'
.NOTES
Author : Johan Dahlbom, johan[at]dahlbom.eu
Blog : 365lab.net
The script are provided “AS IS” with no guarantees, no warranties, and it confer no rights.
#>
param(
[Parameter(Mandatory=$true)]
[string]$DomainName,
[Parameter(Mandatory=$false)]
[System.Management.Automation.PSCredential]$Credentials = (Get-Credential -Message 'Enter the domain join credentials'),
[Parameter(Mandatory=$true,ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
[Alias('VMName')]
[string]$Name,
[Parameter(Mandatory=$true,ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
[ValidateScript({Get-AzResourceGroup -Name $_})]
[string]$ResourceGroupName
)
begin {
#Define domain join settings (username/domain/password)
$Settings = @{
Name = $DomainName
User = $Credentials.UserName
Restart = "true"
Options = 3
}
$ProtectedSettings = @{
Password = $Credentials.GetNetworkCredential().Password
}
Write-Verbose -Message "Domainname is: $DomainName"
}
process {
try {
$RG = Get-AzResourceGroup -Name $ResourceGroupName
$JoinDomainHt = @{
ResourceGroupName = $RG.ResourceGroupName
ExtensionType = 'JsonADDomainExtension'
Name = 'joindomain'
Publisher = 'Microsoft.Compute'
TypeHandlerVersion = '1.3'
Settings = $Settings
VMName = $Name
ProtectedSettings = $ProtectedSettings
Location = $RG.Location
}
Write-Verbose -Message "Joining $Name to $DomainName"
Set-AzVMExtension @JoinDomainHt
} catch {
Write-Warning $_
}
}
end { }
}
Add-JDAzureRMVMToDomain -DomainName corp.365lab.net -Name $VMName -ResourceGroupName $ResourceGroupName -verbose -Credentials $DjoinCredentials