This commit is contained in:
@ -30,21 +30,47 @@ foreach ($ovfProperty in $ovfProperties) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
# Check for mandatory values
|
# Check for mandatory values
|
||||||
If (!($ovfPropertyValues['guestinfo.hostname'] -and
|
Switch ($ovfPropertyValues['deployment.type']) {
|
||||||
$ovfPropertyValues['guestinfo.ipaddress'] -and
|
'standalone-root' {
|
||||||
$ovfPropertyValues['guestinfo.dnsserver'] -and
|
$MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.dnsserver', 'guestinfo.gateway', 'guestinfo.administratorpw', 'adcsconfig.organizationname', 'adcsconfig.foo'), @()
|
||||||
$ovfPropertyValues['guestinfo.prefixlength'] -and
|
}
|
||||||
$ovfPropertyValues['guestinfo.gateway'])) {
|
'enterprise-intermediate' {
|
||||||
|
$MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.dnsserver', 'guestinfo.gateway', 'guestinfo.administratorpw', 'adcsconfig.foo'), @()
|
||||||
|
}
|
||||||
|
'standalone-intermediate' {
|
||||||
|
$MandatoryProperties, $MissingProperties = @('guestinfo.hostname', 'guestinfo.ipaddress', 'guestinfo.prefixlength', 'guestinfo.dnsserver', 'guestinfo.gateway', 'guestinfo.administratorpw', 'adcsconfig.foo'), @()
|
||||||
|
}
|
||||||
|
default {
|
||||||
# Mandatory values missing, cannot provision.
|
# Mandatory values missing, cannot provision.
|
||||||
$WriteEventLogSplat = @{
|
$WriteEventLogSplat = @{
|
||||||
LogName = 'Application'
|
LogName = 'Application'
|
||||||
Source = 'OVF-Properties'
|
Source = 'FirstBoot'
|
||||||
EntryType = 'Error'
|
EntryType = 'Error'
|
||||||
EventID = 66
|
EventID = 66
|
||||||
Message = 'Mandatory values missing, cannot provision.'
|
Message = "Unexpected or no value set for property 'deployment.type', cannot provision."
|
||||||
}
|
}
|
||||||
Write-EventLog @WriteEventLogSplat
|
Write-EventLog @WriteEventLogSplat
|
||||||
& schtasks.exe /Change /TN 'OVF-Properties' /DISABLE
|
& schtasks.exe /Change /TN 'FirstBoot' /DISABLE
|
||||||
|
Stop-Computer -Force
|
||||||
|
Exit
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ForEach ($Property in $MandatoryProperties) {
|
||||||
|
If (!$ovfPropertyValues[$Property]) {
|
||||||
|
$MissingProperties += $Property
|
||||||
|
}
|
||||||
|
}
|
||||||
|
If ($MissingProperties.Length -gt 0) {
|
||||||
|
# Mandatory values missing, cannot provision.
|
||||||
|
$WriteEventLogSplat = @{
|
||||||
|
LogName = 'Application'
|
||||||
|
Source = 'FirstBoot'
|
||||||
|
EntryType = 'Error'
|
||||||
|
EventID = 66
|
||||||
|
Message = "Missing values for mandatory properties $(($MissingProperties | ForEach-Object {"'{0}'" -f $_}) -join ', '), cannot provision."
|
||||||
|
}
|
||||||
|
Write-EventLog @WriteEventLogSplat
|
||||||
|
& schtasks.exe /Change /TN 'FirstBoot' /DISABLE
|
||||||
Stop-Computer -Force
|
Stop-Computer -Force
|
||||||
Exit
|
Exit
|
||||||
}
|
}
|
||||||
@ -125,24 +151,55 @@ If ((Get-WmiObject -Class 'Win32_NetworkAdapterConfiguration').IPAddress -NotCon
|
|||||||
$ErrorActionPreference, $OldErrorActionPreference = $OldErrorActionPreference, $NULL
|
$ErrorActionPreference, $OldErrorActionPreference = $OldErrorActionPreference, $NULL
|
||||||
}
|
}
|
||||||
|
|
||||||
# Foo
|
# Install and configure certificate authority
|
||||||
|
If ((& certutil.exe | Select-String "Server:") -notmatch "$Env:ComputerName") {
|
||||||
|
# Change password of built-in Administrator
|
||||||
|
$BuiltinAdministrator = (Get-LocalUser | Where-Object {$_.SID -match '-500'})
|
||||||
|
$ConvertToSecureStringSplat = @{
|
||||||
|
String = $ovfPropertyValues['guestinfo.administratorpw']
|
||||||
|
AsPlainText = $True
|
||||||
|
Force = $True
|
||||||
|
}
|
||||||
|
$SetLocalUserSplat = @{
|
||||||
|
InputObject = $BuiltinAdministrator
|
||||||
|
Password = ConvertTo-SecureString @ConvertToSecureStringSplat
|
||||||
|
PasswordNeverExpires = $True
|
||||||
|
AccountNeverExpires = $True
|
||||||
|
### This setting is not allowed on the last administrator
|
||||||
|
#UserMayChangePassword = $False
|
||||||
|
Confirm = $False
|
||||||
|
}
|
||||||
|
Set-LocalUser @SetLocalUserSplat
|
||||||
|
|
||||||
|
Switch ($ovfPropertyValues['deployment.type']) {
|
||||||
|
'standalone-root' {
|
||||||
|
$InstallADCSCertificationAuthoritySplat = @{
|
||||||
|
CACommonName = "$($ovfPropertyValues['deployment.organizationname']) Root CA"
|
||||||
|
CAType = 'StandaloneRootCA'
|
||||||
|
}
|
||||||
|
Install-ADCSCertificationAuthority @InstallADCSCertificationAuthoritySplat
|
||||||
|
}
|
||||||
|
# Foo
|
||||||
|
# Bar
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
# Iterate through and invoke all payload scripts
|
# Iterate through and invoke all payload scripts
|
||||||
#! TODO: add registry values to determine which scripts have already been invoked (in case of intermediate reboots)
|
#! TODO: add registry values to determine which scripts have already been invoked (in case of intermediate reboots)
|
||||||
$GetItemSplat = @{
|
$GetItemSplat = @{
|
||||||
Path = "$($PSScriptRoot)\Scripts\*.ps1"
|
Path = "$($PSScriptRoot)\Scripts\*.ps1"
|
||||||
}
|
}
|
||||||
Get-Item @GetItemSplat | ForEach-Object {
|
ForEach ($Script in (Get-Item @GetItemSplat)) {
|
||||||
Try {
|
Try {
|
||||||
$WriteEventLogSplat = @{
|
$WriteEventLogSplat = @{
|
||||||
LogName = 'Application'
|
LogName = 'Application'
|
||||||
Source = 'OVF-Properties'
|
Source = 'OVF-Properties'
|
||||||
EntryType = 'Information'
|
EntryType = 'Information'
|
||||||
EventID = 4
|
EventID = 4
|
||||||
Message = "Running script: '$($_.FullName)'"
|
Message = "Running script: '$($Script.FullName)'"
|
||||||
}
|
}
|
||||||
Write-EventLog @WriteEventLogSplat
|
Write-EventLog @WriteEventLogSplat
|
||||||
& $_.FullName -Parameter $ovfPropertyValues
|
& $Script.FullName -Parameter $ovfPropertyValues
|
||||||
}
|
}
|
||||||
Catch {
|
Catch {
|
||||||
$WriteEventLogSplat = @{
|
$WriteEventLogSplat = @{
|
||||||
@ -150,7 +207,10 @@ Get-Item @GetItemSplat | ForEach-Object {
|
|||||||
Source = 'OVF-Properties'
|
Source = 'OVF-Properties'
|
||||||
EntryType = 'Error'
|
EntryType = 'Error'
|
||||||
EventID = 66
|
EventID = 66
|
||||||
Message = $_.Exception.Message
|
Message = @"
|
||||||
|
Error occurred while executing script '$($Script.Name)':
|
||||||
|
$($_.Exception.Message)
|
||||||
|
"@
|
||||||
}
|
}
|
||||||
Write-EventLog @WriteEventLogSplat
|
Write-EventLog @WriteEventLogSplat
|
||||||
}
|
}
|
||||||
@ -27,7 +27,24 @@ PropertyCategories:
|
|||||||
DefaultValue: ''
|
DefaultValue: ''
|
||||||
Configurations: '*'
|
Configurations: '*'
|
||||||
UserConfigurable: true
|
UserConfigurable: true
|
||||||
- Name: 2) Networking
|
- Key: guestinfo.administratorpw
|
||||||
|
Type: password(7..)
|
||||||
|
Label: Local administrator password*
|
||||||
|
Description: Must meet password complexity rules
|
||||||
|
DefaultValue: password
|
||||||
|
Configurations:
|
||||||
|
- standalone-root
|
||||||
|
- standalone-intermediate
|
||||||
|
UserConfigurable: true
|
||||||
|
- Key: guestinfo.ntpserver
|
||||||
|
Type: string(1..)
|
||||||
|
Label: Time server*
|
||||||
|
Description: A comma-separated list of timeservers
|
||||||
|
DefaultValue: 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org
|
||||||
|
Configurations:
|
||||||
|
- standalone-root
|
||||||
|
- standalone-intermediate
|
||||||
|
UserConfigurable: true- Name: 2) Networking
|
||||||
ProductProperties:
|
ProductProperties:
|
||||||
- Key: guestinfo.ipaddress
|
- Key: guestinfo.ipaddress
|
||||||
Type: ip
|
Type: ip
|
||||||
|
|||||||
Reference in New Issue
Block a user