#----------------------------------------------- #Lab 1: Building the Foundation #Section: Connect to Azure with Powershell #---------------------------------------------- Add-AzureAccount Get-AzureSubscription #------------------------------------------------- #Set Your Variables for the Lab - Setting the Variables here will ensure the script will work for your environment. Replace "ABC" with your initials or something unique for your deployment. #------------------------------------------------- $subscriptionName = "Free Trial" #Replace with the friendly name of your subscription, if not using the free trial $storageAccountName = "abcstore" #storage name must be all lowercase $locationName = "West US" $domainCloudService = "ABCdomainservice" $dcAvalSet = "ABC-DCSet" $image = "a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201411.01-en.us-127GB.vhd" $subnet = "Core-Subnet" $instancesize = "Small" $VnetName = "ABC-Vnet" $un = "sysadmin" $pwd = "Passw0rd!" $firstDC = "ABC-DC01" $secondDC = "ABC-DC02" #Select the subscription to use for the lab (important if you have more than one subscription in your account) Select-AzureSubscription -default -subscriptionName $subscriptionName #----------------------------------------------- #Lab 1: Building the Foundation #Section: Create a new storage account using PowerShell #---------------------------------------------- New-AzureStorageAccount -StorageAccountName $storageAccountName -Location $locationName #----------------------------------------------- #Lab 1: Building the Foundation #Section: Create a new service with PowerShell #---------------------------------------------- Set-AzureSubscription -subscriptionName $subscriptionName -CurrentStorageAccount $storageAccountName New-AzureService -ServiceName $domainCloudService -Location $locationName #----------------------------------------------- #Lab 2: Building Workloads #Section: Deploy domain controllers in Microsoft Azure #Task: Create First VM/DC in the domain #------------------------------------------------- $newVM = New-AzureVMConfig -Name $firstDC -InstanceSize $instancesize -Image $image ` | Add-AzureProvisioningConfig -Windows -Password $pwd -AdminUsername $un ` | Set-AzureSubnet -SubnetNames $subnet New-AzureVM -VMs $newVM -ServiceName $domainCloudService -VNetName $VnetName #Move to Avail set Get-AzureVm -ServiceName SdomainCloudService -Name $firstDC | Set-AzureAvailabilitySet -AvailabilitySetName $dcAvalSet | Update-AzureVM #----------------------------------------------- #Lab 2: Building Workloads #Section: Preparing to Remotely Connect to Azure Virtual Machines #------------------------------------------------- #Install Certificate for remote connection to first Domain Controller #Add these lines at line 70 within the InstallWinRMCertzureVM.ps1 that you downloaded. $subscriptionName = "Free Trial" #Replace with the friendly name of your subscription, if not using the free trial $CloudServiceName = $domainCloudService $Name = $firstDC #----------------------------------------------- #Lab 2: Building Workloads #Section: Create users in your Active Directory #------------------------------------------------- #Connect Remotely to first DC $uri = Get-AzureWinRMUri -ServiceName$domainCloudService -Name $firstDC $cred = Get-Credential Enter-PSSession -ConnectionUri $uri -Credential $cred #After remote connection to domain controller is made: Add-WindowsFeature -name ad-domain-services -IncludeManagementTools Install-ADDSForest -DomainName "contosoazure.com" -ForestMode 6 -DomainMode 6 New-ADOrganizationalUnit –Name “FINANCE” –Path “DC=contosoazure, DC=Com” New-ADOrganizationalUnit –Name “IT” –Path “DC=contosoazure, DC=Com” New-ADOrganizationalUnit –Name “SALES” –Path “DC=contosoazure, DC=Com” $newPassword = (Read-Host -Prompt "Provide New Password" -AsSecureString) New-ADUser -Name "Matt Deen" -Path "OU=FINANCE,dc=contosoazure,dc=com" -AccountPassword $newPassword -Department "Finance" -SamAccountName "MattDeen" -Surname "Deen" -GivenName "Matt" -DisplayName "Matt Deen" New-ADUser –Name “Bob Smith” -Path "OU=SALES,dc=contosoazure,dc=com" -SamAccountName "BobSmith" -GivenName "Bob" -Surname "Smith" -DisplayName "Bob Smith" –Department “Sales" -AccountPassword $newPassword New-ADUser –Name “Pat Holden” -SamAccountName "Pat Holden" -GivenName "Pat" -Surname "Holden" -DisplayName "Pat Holden" –Department “Finance" -AccountPassword $newPassword New-ADUser –Name “Dan Chun” -SamAccountName "Dan Chun" -GivenName "Dan" -Surname "Chun" -DisplayName "Dan Chun" –Department “Finance" -AccountPassword $newPassword New-ADUser –Name “Karen Vogue” -Path "OU=sales,dc=contosozaure,dc=com" -SamAccountName "KarenVogue" -GivenName "Karen" -Surname "Vogue" -DisplayName "Karen Vogue" –Department “Sales" -AccountPassword $newPassword #----------------------------------------------- #Lab 2: Building Workloads #Section: Deploy the 2nd Domain Controller for your Forest #------------------------------------------------- $newVM = New-AzureVMConfig -Name $secondDC -InstanceSize $instancesize -Image $image ' | Add-AzureProvisioningConfig -Windows -Password $pwd -AdminUsername $un ' | Set-AzureSubnet -SubnetNames $subnet New-AzureVM -VMs $newVM -ServiceName $domainCloudService #Move 2nd DC to Avail set Get-AzureVm -ServiceName $domainCloudService -Name $secondDC | Set-AzureAvailabilitySet -AvailabilitySetName $dcAvalSet | Update-AzureVM #Install Certificate for remote connection to second Domain Controller #Edit these lines at line 70 within the InstallWinRMCertzureVM.ps1 that you downloaded. $subscriptionName = "Free Trial" #Replace with the friendly name of your subscription, if not using the free trial $CloudServiceName = $domainCloudService $Name = $secondDC #Connect Remotely to second DC $uri = Get-AzureWinRMUri -ServiceName$domainCloudService -Name $secondDC $cred = Get-Credential Enter-PSSession -ConnectionUri $uri -Credential $cred Add-WindowsFeature -name ad-domain-services –IncludeManagementTools Install-ADDSDomainController -Credential (Get-Credential) -DatabasePath 'C:\Windows\NTDS' -DomainName 'contosoazure.com' -InstallDns:$true -LogPath 'C:\Windows\NTDS' -NoGlobalCatalog:$false -SiteName 'Default-First-Site-Name' -SysvolPath 'C:\Windows\SYSVOL' -NoRebootOnCompletion:$true -Force:$true -Verbose #Switch the 2nd Domain Controller to Server Core Remove-WindowsFeature -name User-Interfaces-Infra