-
Notifications
You must be signed in to change notification settings - Fork 31
/
setup.ps1
71 lines (50 loc) · 1.96 KB
/
setup.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<#
.SYNOPSIS
Enables Azure Files for a native AD environment, executing the domain join of the storage account using the AzFilesHybrid module.
Parameter names have been abbreviated to shorten the 'PSExec' command, which has a limited number of allowed characters.
.PARAMETER RG
Resource group of the profiles storage account
.PARAMETER S
Name of the profiles storage account
.PARAMETER U
Azure admin UPN
.PARAMETER P
Azure admin password
#>
param(
[Parameter(Mandatory = $true)]
[string] $RG,
[Parameter(Mandatory = $true)]
[string] $S,
[Parameter(Mandatory = $true)]
[string] $U,
[Parameter(Mandatory = $true)]
[string] $P
)
# Set execution policy
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser -Force
Set-Location $PSScriptroot
# Import required modules
.\CopyToPSPath.ps1
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-Module -Name PowershellGet -MinimumVersion 2.2.4.1 -Force
Install-Module -Name Az -Force -Verbose
Import-Module -Name AzFilesHybrid -Force -Verbose
Import-Module -Name activedirectory -Force -Verbose
# Find existing OU or create new one. Get path for OU from domain by splitting the domain name, to format DC=fabrikam,DC=com
$domain = $U.split('@')[1]
$DC = $domain.split('.')
foreach($name in $DC) {
$path = $path + ',DC=' + $name
}
$path = $path.substring(1)
$ou = Get-ADOrganizationalUnit -Filter 'Name -like "Profiles Storage"'
if ($ou -eq $null) {
New-ADOrganizationalUnit -name 'Profiles Storage' -path $path
}
# Connect to Azure
$Credential = New-Object System.Management.Automation.PsCredential($U, (ConvertTo-SecureString $P -AsPlainText -Force))
Connect-AzAccount -Credential $Credential
$context = Get-AzContext
Select-AzSubscription -SubscriptionId $context.Subscription.Id
Join-AzStorageAccountForAuth -ResourceGroupName $RG -StorageAccountName $S -DomainAccountType 'ComputerAccount' -OrganizationalUnitName 'Profiles Storage' -OverwriteExistingADObject