#Connect to your Azure Account Add-AzureAccount Get-AzureSubscription #Set Your Variables for the Lab - Setting the Variables here will ensure the script will work for your environment. $subscriptionName = "Free Trial" #Replace with the friendly name of your subscription, if not using the free trial $storageAccountName = "abcstore" #storage name must be all lowercase $locationName = "West US" $domainCloudService = "domainservice" #ex: ABCdomainservice $dcAvalSet = "ABC-DCSet" $image = "a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201411.01-en.us-127GB.vhd" $subnet = "Core-Subnet" $instancesize = "Small" $VnetName = "-Vnet" #ex: ABC-Vnet $un = "sysadmin" $pwd = "Passw0rd!" $firstDC = "ABC-DC01" $secondDC = "ABC-DC02" #Select the subscription to use for the lab (important if you have more than one subscription in your account) Select-AzureSubscription -default -subscriptionName $subscriptionName #Create Storage Account New-AzureStorageAccount -StorageAccountName $storageAccountName -Location $locationName #Create Cloud Service Set-AzureSubscription -subscriptionName $subscriptionName -CurrentStorageAccount $storageAccountName New-AzureService -ServiceName $domainCloudService -Location $locationName #Create First VM/DC" $newVM = New-AzureVMConfig -Name $firstDC -InstanceSize $instancesize -Image $image ` | Add-AzureProvisioningConfig -Windows -Password $pwd -AdminUsername $un ` | Set-AzureSubnet -SubnetNames $subnet New-AzureVM -VMs $newVM -ServiceName $domainCloudService -VNetName $VnetName #Move to Avail set Get-AzureVm -ServiceName SdomainCloudService -Name $firstDC | Set-AzureAvailabilitySet -AvailabilitySetName $dcAvalSet | Update-AzureVM #Install Certificate for remote connection to first Domain Controller $subscriptionName = "Free Trial" #Replace with the friendly name of your subscription, if not using the free trial $domainCloudService = "domainservice" #ex: ABCdomainservice $firstDC = "ABC-DC01" #Open and Run Script "C:\Downloads\InstallWinRMCertAzureVM.ps1" -subscriptionName $SubscriptionName -CloudServiceName $domainCloudService -Name $firstDC #Connect Remotely to first DC $uri = Get-AzureWinRMUri -ServiceName$domainCloudService -Name $firstDC $cred = Get-Credential Enter-PSSession -ConnectionUri $uri -Credential $cred #After remote connection to domain controller is made: Add-WindowsFeature -name ad-domain-services -IncludeManagementTools Install-ADDSForest -DomainName "contosoazure.com" -ForestMode 5 -DomainMode 5 #Create some AD Users for later New-ADOrganizationalUnit –Name “FINANCE” –Path “DC=contosoazure, DC=Com” New-ADOrganizationalUnit –Name “IT” –Path “DC=contosoazure, DC=Com” New-ADOrganizationalUnit –Name “SALES” –Path “DC=contosoazure, DC=Com” $newPassword = (Read-Host -Prompt "Provide New Password" -AsSecureString) New-ADUser -Name "Matt Deen" -Path "OU=FINANCE,dc=contosoazure,dc=com" -AccountPassword $newPassword -Department "Finance" -SamAccountName "MattDeen" -Surname "Deen" -GivenName "Matt" -DisplayName "Matt Deen" New-ADUser –Name “Bob Smith” -Path "OU=SALES,dc=contosoazure,dc=com" -SamAccountName "BobSmith" -GivenName "Bob" -Surname "Smith" -DisplayName "Bob Smith" –Department “Sales" -AccountPassword $newPassword New-ADUser –Name “Pat Holden” -SamAccountName "Pat Holden" -GivenName "Pat" -Surname "Holden" -DisplayName "Pat Holden" –Department “Finance" -AccountPassword $newPassword New-ADUser –Name “Dan Chun” -SamAccountName "Dan Chun" -GivenName "Dan" -Surname "Chun" -DisplayName "Dan Chun" –Department “Finance" -AccountPassword $newPassword New-ADUser –Name “Karen Vogue” -Path "OU=sales,dc=contosozaure,dc=com" -SamAccountName "Karen Vogue" -GivenName "Karen" -Surname "Vogue" -DisplayName "Karen Vogue" –Department “Sales" -AccountPassword $newPassword #Building 2nd DC VN $newVM = New-AzureVMConfig -Name $secondDC -InstanceSize $instancesize -Image $image ` | Add-AzureProvisioningConfig -Windows -Password $pwd -AdminUsername $un ` | Set-AzureSubnet -SubnetNames $subnet New-AzureVM -VMs $newVM -ServiceName $domainCloudService #Move 2nd DC to Avail set Get-AzureVm -ServiceName $domainCloudService -Name $secondDC | Set-AzureAvailabilitySet -AvailabilitySetName $dcAvalSet | Update-AzureVM #Install Certificate for remote connection to second Domain Controller $subscriptionName = "Free Trial" #Replace with the friendly name of your subscription, if not using the free trial $domainCloudService = "domainservice" #ex: ABCdomainservice $secondDC = "ABC-DC02" #Open and Run Script "C:\Downloads\InstallWinRMCertAzureVM.ps1" -subscriptionName $SubscriptionName -CloudServiceName $domainCloudService -Name $secondDC #Connect Remotely to second DC $uri = Get-AzureWinRMUri -ServiceName$domainCloudService -Name $secondDC $cred = Get-Credential Enter-PSSession -ConnectionUri $uri -Credential $cred Add-WindowsFeature -name ad-domain-services –IncludeManagementTools Install-ADDSDomainController -Credential (Get-Credential) -DatabasePath 'C:\Windows\NTDS' -DomainName 'contosoazure.com' -InstallDns:$true -LogPath 'C:\Windows\NTDS' -NoGlobalCatalog:$false -SiteName 'Default-First-Site-Name' -SysvolPath 'C:\Windows\SYSVOL' -NoRebootOnCompletion:$true -Force:$true -Verbose #Switch the 2nd Domain Controller to Server Core Remove-WindowsFeature -name User-Interfaces-Infra