DC IP | 10.x.x.40 |
Username | Administrator |
Password | HPOC Password |
In this guide we will setup a Windows Domain Controller, and configure Active Directory Domain Services. We will also create 20 users and a bootcamp users group for them.
Note: You can do either of these depending on if you want to build from scratch or use the one deployed by the HPOC system.
Do this step if you are deploying from a Widows 2012R2 ISO
Note: Remember to select all 3 drivers from VirtIO disk when you are at the “Select Install Disk” section.
OR Do This
Do this step if you are using the Pre-Deployed Windows 2012R2 VM (These Images are deployed if you select Windows VMs during HPOC Reservation Process)
In This step we will configure the Windows OS settings we need before we install the AD Role
IP | 10.x.x.40 |
Netmask | 255.255.255.128 |
Gateway | 10.x.x.1 |
DNS 1 | 10.21.253.10 |
DNS 2 | 10.21.253.11 |
Computer Name | DC |
In this step we will be installing Domain Services Role
Note: Monitor the install, and select Close when you see the installation succeeded
In this step we will be configuring Active Directory for use by our Workshop
Root domain name | bootcamp.local |
Note: Server will reboot automatically
In this step we will run a powershell script that will create the “Bootcamp Users” AD group, and user01-user20 (also adding them to the Bootcamp Users group)
Import-module activedirectory
$Users=Import-csv c:\scripts\add-users.csv
$a=1;
$b=1;
$failedUsers = @()
$usersAlreadyExist =@()
$successUsers = @()
$VerbosePreference = "Continue"
$LogFolder = "c:\scripts\logs"
$GroupName = "Bootcamp Users"
$OU = "CN=Users, DC=BOOTCAMP,DC=LOCAL"
NEW-ADGroup -name $GroupName -GroupScope Global
ForEach($User in $Users){
$User.FirstName = $User.FirstName.substring(0,1).toupper()+$User.FirstName.substring(1).tolower()
$FullName = $User.FirstName
$Sam = $User.FirstName
$dnsroot = '@' + (Get-ADDomain).dnsroot
$SAM = $sam.tolower()
$UPN = $SAM + "$dnsroot"
$email = $Sam + "$dnsroot"
$password = $user.password
try {
if (!(get-aduser -Filter {samaccountname -eq "$SAM"})){
New-ADUser -Name $FullName -AccountPassword (ConvertTo-SecureString $password -AsPlainText -force) -GivenName $User.FirstName -Path $OU -SamAccountName $SAM -UserPrincipalName $UPN -EmailAddress $Email -Enabled $TRUE
Add-ADGroupMember -Identity $GroupName -Member $Sam
Write-Verbose "[PASS] Created $FullName"
$successUsers += $FullName
}
}
catch {
Write-Warning "[ERROR]Can't create user [$($FullName)] : $_"
$failedUsers += $FullName
}
}
if ( !(test-path $LogFolder)) {
Write-Verbose "Folder [$($LogFolder)] does not exist, creating"
new-item $LogFolder -type directory -Force
}
Write-verbose "Writing logs"
$failedUsers |ForEach-Object {"$($b).) $($_)"; $b++} | out-file -FilePath $LogFolder\FailedUsers.log -Force -Verbose
$successUsers | ForEach-Object {"$($a).) $($_)"; $a++} |out-file -FilePath $LogFolder\successUsers.log -Force -Verbose
Firstname,Password
user01,nutanix/4u
user02,nutanix/4u
user03,nutanix/4u
user04,nutanix/4u
user05,nutanix/4u
user06,nutanix/4u
user07,nutanix/4u
user08,nutanix/4u
user09,nutanix/4u
user10,nutanix/4u
user11,nutanix/4u
user12,nutanix/4u
user13,nutanix/4u
user14,nutanix/4u
user15,nutanix/4u
user16,nutanix/4u
user17,nutanix/4u
user18,nutanix/4u
user19,nutanix/4u
user20,nutanix/4u
Note: Now you can head back to the Prism_Element_Setup, and configure Authentication and Roles.