Playing
with domain controllers is all well and good, but I also needed some client
machines in my lab. My goal for the
exercise was to be able to create a couple new VMs in the proper subnet and
have them automatically join to my domain.
I
debated making having each VM in its own cloud service or sharing one cloud
services for all my client VMs. I went
with the latter just to keep things neater.
I don't think there is a right or wrong pick on that one - my client VMs
will simply all share the same external *.cloudapp.net DNS name.
For
networking, the recommended guidance is to not mix machines with
static/reserved DHCP addresses (like my DCs) with machines that are going to
use the standard DHCP. Thus my client
machines will go into the alternate subnet I have in my ImperfectNet.
- ImperfectNet
- FirstSubnet (192.168.1.0/24)
- HalfSubnet (192.168.2.0/25) <- right in here!
- Gateway (192.168.3.200/29)
Since I would be creating a
new cloud service name, there are few requirements to keep in mind. Cloud service names need to meet DNS
standards, so they have to start with a letter, end with a letter or number,
can only include letters, numbers and hyphens and must be between 3-15
characters.
Because they must also be
unique to the "cloudapp.net" domain, you might want to check that
your name is available before incorporating it into your script.
Test-Azurename
-service "CloudServiceName"
The
results of this command will be either "True" or
"False". You might think this
means:
- True = name already used
- False = name not used, thus available
But
this thinking will lead you astray. A
"TRUE" response can mean that the name is already in use, but it can
also mean that it did not meet the DNS standards. The line below will return "TRUE"
because its longer than 15 characters and includes an underscore.
Test-Azurename
-service "imperfectlab_clientmachine1"
Anyway,
once you've got a good cloud service name sorted out, you'll want to deploy a
VM or two into it. For my lab, I went
with two VMs one running Windows 8 and one with the Windows 10 TP. (If you are playing along at home don't have
an MSDN subscription that gives you the option to use the Clients OS choices
from the gallery, feel free to use another copy of server.)
I
set up all my necessary variables, including two different ones for the OS
images. You may want to have different
usernames and passwords for the domain vs. the local admin on the clients, but
for my ease of not forgetting things in the lab, I've been making all mine the
same for now.
$image
=
"03f55de797f546a1b29d1b8d66be687a__Windows-8.1-Enterprise-x64-en.us-201410.01"
$image10
=
"03f55de797f546a1b29d1b8d66be687a__Windows-10-Technical-Preivew-Enterprise-x64-en.us-201411.01"
$pwd
= "password"
$un
= "username"
$subnet
= "halfsubnet"
$instancesize
= "Small"
$domainjoin
= "imperfectlab.com" #this is the domain FQDN
$domain
= "imperfectlab" #this is the domain name
$VnetName
= "imperfectnet"
Because the variable are preset, I can reuse the same line of code almost exactly, with only a couple of tweaks.
$newVM1
= New-AzureVMConfig -Name "Imperfect-Win8" -InstanceSize
$instanceSize -ImageName $image |
Add-AzureProvisioningConfig -WindowsDomain
-JoinDomain $domainjoin -Domain $domain -DomainPassword $pwd -Password $pwd
-AdminUsername $un -DomainUserName $un |
Set-AzureSubnet -SubnetNames $subnet
$newVM2
= New-AzureVMConfig -Name "Imperfect-Win10" -InstanceSize
$instanceSize -ImageName $image10 |
Add-AzureProvisioningConfig -WindowsDomain
-JoinDomain $domainjoin -Domain $domain -DomainPassword $pwd -Password $pwd
-AdminUsername $un -DomainUserName $un |
Set-AzureSubnet -SubnetNames $subnet
New-AzureVM
-ServiceName "ImperfectClients" -VMs $newVM1 -Location "West
US" -VNetName $vnetName
New-AzureVM
-ServiceName "ImperfectClients" -VMs $newVM2
For
the 2nd VM, I didn't need to include the "Location" and "VNetName" switches because
the cloud service would have already existed due to the creation of the first
VM.
The
beauty of this was once I had worked out what I wanted, I kicked off the script
and walked out to get coffee. When I came
back, everything was up, running and domain joined. Look Ma! No portal needed!
-small.jpg)
No comments:
Post a Comment