因此,我们希望让开发人员能够原生访问 AWS,并且在构建 Windows 机器时让它自动加入域并可能添加一些工具等。由于我习惯于使用没有域基础设施的原生 Amazon AMI,那么最好的方法是什么呢?
感谢任何帮助!
答案1
答案2
这是我过去使用过的方法 - 只要确保您已具备域基础设施即可:
$UserData = [System.Convert]::ToBase64String(
[System.Text.Encoding]::ASCII.GetBytes(@‘
<powershell>
Get-NetFirewallRule | Where { $_.DisplayName -eq “Windows Management Instrumentation (ASync-In)” } | Enable-NetFirewallRule
Get-NetFirewallRule | Where { $_.DisplayName -eq “Windows Management Instrumentation (DCOM-In)” } | Enable-NetFirewallRule
Get-NetFirewallRule | Where { $_.DisplayName -eq “Windows Management Instrumentation (WMI-In)” } | Enable-NetFirewallRule
</powershell>
‘@))
$Reservation = New-EC2Instance - ImageId $AMI -KeyName $KeyName -SubnetId $SubnetId -InstanceType $InstanceType -MinCount 1 -MaxCount 1 -UserData $UserData
$Instance = $Reservation.RunningInstance[0].InstanceId
$IP = $Reservation.RunningInstance[0].PrivateIpAddress
$Tag = New-Object Amazon.EC2.Model.Tag
$Tag.Key = ‘Name’
$Tag.Value = $ServerName
New-EC2Tag -ResourceId $Instance -Tag $Tag
$LocalPassword = $null
While( $LocalPassword -eq $null) {
Try {
Write-Host “Waiting for Password.”
$LocalPassword = Get-EC2PasswordData -InstanceId $InstanceId
-PemFile $PemFile -ErrorAction SilentlyContinue
]Catch{}
Start-Sleep -s 60
$DomainPassword = $DomainPassword | ConvertTo-SecureString -asPlainText -Force
$DomainCredential = New-Object System.Management.Automation.PSCredential(“administrator”, $LocalPassword)
Add-Computer -ComputerName $LocalComputer -LocalCredential $LocalCredential
-NewName $ServerName -DomainName $DomainName
-Credential $DomainCredential -Restart -Force