Artikel: Verzeichnis in Betrieb nehmen

Listing: DSC-Skript in Azure

Configuration Additional_DC_NTTEST
{
$domainCred = Get-AutomationPSCredential -Name "DomainAdmin"
$DomainName = Get-AutomationVariable -Name "DomainName"
$DomainDN = Get-AutomationVariable -Name "DomainDN"
# Import the modules needed to run the DSC script
Import-DscResource -ModuleName "PSDesiredStateConfiguration"
Import-DScResource -ModuleName "ComputerManagementDsc"
Import-DscResource -ModuleName "ActiveDirectoryDsc"
Node "Localhost"
{
Computer JoinDomain
{
Name = "CONTOSO-US-DC-2"
DomainName = $DomainName
Credential = $domainCred
}
WindowsFeature DNS
{
Ensure = "Present"
Name = "DNS"
DependsOn = "[Computer]JoinDomain"
}
WindowsFeature ADDSInstall
{
Ensure = "Present"
Name = "AD-Domain-Services"
DependsOn = "[WindowsFeature]DNS"
}
WindowsFeature ADDSTools
{
Ensure = "Present"
Name = "RSAT-ADDS"
DependsOn = "[WindowsFeature]DNS"
}
WindowsFeature InstallRSAT-AD-PowerShell
{
Ensure = "Present"
Name = "RSAT-AD-PowerShell"
DependsOn = "[WindowsFeature]DNS"
}
WaitForADDomain WaitForExistingAD
{
DomainName = $DomainName
WaitTimeout = 30
RestartCount = 20
PsDscRunAsCredential = $domainCred
}
ADDomainController $DomainName
{
DomainName = $DomainName
Credential = $domainCred
SafemodeAdministratorPassword = $domainCred
isGlobalCatalog = $true
DatabasePath = "C:\NTDS"
LogPath = "C:\NTDS"
SysvolPath = "C:\SYSVOL"
SiteName = "Azure-US-East2"
DependsOn = "[WaitForADDomain]WaitForExistingAD"
}
ADOrganizationalUnit 'Servers'
{
Name = "Servers"
Path = "$domainDN"
ProtectedFromAccidentalDeletion = $true
Description = "Servers OU"
Ensure = 'Present'
}
ADOrganizationalUnit 'Azure'
{
Name = "Azure"
Path = "OU=Servers,$domainDN"
ProtectedFromAccidentalDeletion = $true
Description = "Azure Servers OU"
Ensure = 'Present'
DependsOn = "[ADOrganizationalUnit]Servers"
}
}
}