windows腳本初始化-ansible

本文轉載自查看原文 2020-01-14 17:17 933

目標：windows初始化：添加IP、修改主機名、加域、加組、關閉防火牆、開啟遠程訪問

前提：powershell必須是4.0以上，開啟winrm、並且監聽5985端口(初始化完成后可再刪除)

Powershell

1、查看powershell版本

> $PSVersionTable

2、如果不是版本4.0，可以下載並更新

https://www.microsoft.com/zh-CN/download/details.aspx?id=40855

https://www.pstips.net/windows-management-framework-4-0-is-now-available.html

Winrm

參考文獻

https://baiyongjie.com/?p=274 //可解決問題：winrm or requests is not installed: No module named winrm

https://blog.51cto.com/57388/1641915

https://blog.51cto.com/57388/1641801

https://blog.51cto.com/7424593/2174156

https://blog.csdn.net/leejeff/article/details/82907773

https://blog.csdn.net/c1052981766/article/details/79893845

https://docs.ansible.com/ansible/latest/user_guide/windows_setup.html

https://www.cnblogs.com/dreamer-fish/archive/2013/03/15/2961497.html

1、快速配置winrm(ansible管理windows服務器，需要winrm)

> winrm quickconfig

2、查看winrm service啟動監聽狀態

> winrm enumerate winrm/config/listener

3、修改winrm配置，啟用基本遠程連接認證

winrm set winrm/config/service/auth '@{Basic="true"}'

winrm set winrm/config/service '@{AllowUnencrypted="true"}' //為winrm service 配置加密方式為允許非加密

winrm set winrm/config/service/auth '@{Basic="false"}' //關閉

winrm set winrm/config/service '@{AllowUnencrypted="false"}'

4、獲取winrm配置信息

> winrm get winrm/config

5、移除默認情況下 WinRM 在 5985 端口設置的監聽器

> Get-ChildItem WSMan:\localhost\Listener –Recurse | Foreach-Object { $_.PSPath } | Where-Object { (Get-Item "$_\Port").Value -eq 5985 } | Remove-Item -Recurse

> winrm enumerate winrm/config/listener //再次查看

6、關閉winrm

> net stop winrm

> Set-Service winrm -StartupType Disabled

7、開啟winrm

> net start winrm

> Set-Service winrm -StartupType auto

Ansible

經過以上設置就可以使用ansible管理windows了

https://docs.ansible.com/ansible/latest/user_guide/windows_usage.html

https://ansible-tran.readthedocs.io/en/latest/docs/intro_windows.html

控制端需要是Linux系統的服務器，安裝ansible

# yum install ansible -y

# vim /etc/ansible/hosts //此文件需要配置 IP 、用戶、密碼

......

[Windows]
10.........（IP）
[Windows:vars]
ansible_ssh_user="admin"
ansible_ssh_pass="password"
ansible_ssh_port=5985
ansible_connection="winrm"
ansible_winrm_server_cert_validation=ignore

配置完成后即可進行測試

執行腳本

ansible w -m win_shell -a 'ntp.vbs chdir=c:\\opstools executable=cmd'

ansible w -m raw -a 'c:\opstools\ntp.vbs'

查看服務器內的服務狀態

ansible w -m win_shell -a 'get-service -displayname "salt-minion"'

添加 IP 和主機名　

此處需要登陸到服務器中手動執行此腳本

腳本名稱：AddIP.ps1　

<#
    Intro: This function will display a form to communicate with the user.
    Input: -FormText -ButtonText
    Example: MakeForm -FormText "ForInput" -ButtonText "Submit"
    Use: To make the PowerShell program's interactivity better.
#>
function MakeForm{
    param($FormText,$ButtonText)
    $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
    $form = New-Object Windows.Forms.Form
    $form.size = New-Object Drawing.Size -Arg 400,80
    $form.StartPosition = "CenterScreen"
    $form.Text = $FormText.toString()
    $textBox = New-Object Windows.Forms.TextBox
    $textBox.Dock = "fill"
    $form.Controls.Add($textBox)
    $button = New-Object Windows.Forms.Button
    $button.Text = $ButtonText
    $button.Dock = "Bottom"
    $button.add_Click(
    {$global:resultText = $textBox.Text;$form.Close()})
    $form.Controls.Add($button)
    [Void]$form.ShowDialog()
}

MakeForm -FormText "請輸入主機IP：" -ButtonText "Submit"
echo $resultText

$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"

#注意: 此處是子網掩碼，根據實際情況進行更改
$wmi.EnableStatic("$resultText", "255.255.255.0")  | Out-Null

$a = $resultText.split(".",4)[0]
$b = $resultText.split(".",4)[1]
$c = $resultText.split(".",4)[2]
$d = $resultText.split(".",4)[3]
$gateway = "$a.$b.$c.1"

$wmi.SetGateways("$gateway") | Out-Null

#注意: 此處是DNS，根據實際情況進行更改
$dns = "DNS1", "DNS2"

$wmi.SetDNSSERVERSearchOrder($dns)  | Out-Null

ipconfig /flushdns

#$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition

#C:\opstools\Init_file\ChangeName.vbs

netsh interface ip show config

sleep 3

ping www.baidu.com

#注意：此處需要根據情況修改主機名
echo "++++++更改主機名++++++" rename-computer -newname "BJVW-TEST-$c-$d" 

netsh interface ip show config

sleep 8

ping www.baidu.com
shutdown.exe -r -t 3

域賬戶密碼加密

windows需要加域，但是在加域過程中是需要使用域賬戶進行驗證；

想要實現自動加域，則需要將域賬戶和密碼寫入文本中，這樣會有密碼泄露的危險，所以需要對密碼進行加密；

參考文獻：

https://blog.51cto.com/daniel1205/1876326

https://www.pdq.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

想要使用加密后的密鑰進行自動加域，其實很簡單。首先將密碼加密，放在一台固定的服務器上，然后在需要加域的腳本中指定密碼的路徑，就可以進行自動加域了；

1、首先在指定服務器上生成域賬戶密碼密鑰，(比如在PC1節點上)

此腳本是： Pass.ps1
$File = "\\IP或者hostname\C$\opstools\Init_file\Pass.txt" //加密后的密鑰文件要存放的指定服務器路徑 [Byte[]] $key = (1..16) $Password = "域賬號密碼" | ConvertTo-SecureString -AsPlainText -Force $Password | ConvertFrom-SecureString -key $key | Out-File $File
2、從 PC1 訪問密鑰文件進行測試
$File = "\\IP或者hostname\C$\opstools\Init_file\Pass.txt" [Byte[]] $key = (1..16) Get-Content $File | ConvertTo-SecureString -Key $key 
3、同樣的方法，從 PC2 訪問密鑰文件進行測試 (需要加域的服務器上進行測試，網絡是必須通的)

注意：密鑰文件可以放在固定服務器上的固定目錄中，也可以放在需要加域的指定目錄中

4、生成密鑰文件並檢測

Generatekey.ps1
echo " "
echo "+++++生成密鑰文件++++++"
$File = "C:\opstools\zabbix_file\Win\Agent\zabbix_deploy_all\Pass.txt"     //根據需要進行更改
[Byte[]] $key = (1..16)
$Password = "賬戶密碼" | ConvertTo-SecureString -AsPlainText -Force    //根據需要進行更改
$Password | ConvertFrom-SecureString -key $key | Out-File $File
sleep 2

#域賬戶密碼

#檢查密鑰文件是否存在
$TestFile=Test-Path $File
if ("$TestFile" -eq "False")
{
    echo " "
    echo " "
    echo "結果為： $result"
    echo " "
    echo "Pass.txt 密鑰文件不存在!!!"
    echo " "
    sleep 1
    echo "Pass.txt 密鑰文件不存在!!!"
    echo " "
    sleep 1
    echo "Pass.txt 密鑰文件不存在!!!"
    echo " "
    echo " "
    sleep 3
}
else
{
    echo "Pass.txt 密鑰文件已存在!!!"
}

echo " "
echo " "
sleep 2

echo "+++++檢測密鑰文件是否正常++++++"
[Byte[]] $key = (1..16)
Get-Content $File | ConvertTo-SecureString -Key $key
sleep 3

ManualAddDomain

手動加域

echo "++++++添加域++++++" #$domain = "域服務器.com" #$credential = New-Object System.Management.Automation.PSCredential($username,$password) #Add-Computer -DomainName $domain -Credential $credential

AutoAddDomain

自動加域

echo "++++++添加域++++++"
#手動加域
#$domain = "域服務器.com"   
#$credential = New-Object System.Management.Automation.PSCredential($username,$password) 
#Add-Computer -DomainName $domain -Credential $credential

#自動加域
$File = "密鑰文件路徑"    //域密碼加密后的存放路徑
[Byte[]] $key = (1..16)
$encpasswd = Get-Content $File
$domain = "域服務器.com" 
$ss = ConvertTo-SecureString -String $encpasswd -Key $key
$cred = New-Object System.Management.Automation.PSCredential '域賬戶', $ss
Add-Computer -DomainName $domain -Credential $cred

$result = $?

if ("$result" -eq "False")
{
    echo " "
    echo " "
    echo "結果為： $result"
    echo " "
    echo "用戶名或密碼錯誤，加域失敗，即將退出!!!"
    echo " "
    sleep 1
    echo "用戶名或密碼錯誤，加域失敗，即將退出!!!"
    echo " "
    sleep 1
    echo "用戶名或密碼錯誤，加域失敗，即將退出!!!"
    echo " "
    echo " "
    sleep 3
    exit
}
else
{
    echo " "
    echo "加域成功!!!"
    echo " "
    echo "加域結果為： $result"
}

echo " "
echo " "
sleep 2


echo "++++++添加ops組++++++"
net localgroup Administrators 添加工作組 /add
echo "結果為： $?"
echo " "
echo " "
sleep 3


#只關閉域防火牆
#netsh firewall set opmode mode=disable
echo "++++++關閉所有防火牆++++++"
netsh advfirewall set allprofiles state off
echo "結果為： $?"  
echo " "
echo " "
sleep 3


echo "++++++查看主機名++++++"
hostname
echo " "
echo " "
sleep 3


echo "++++++查看主機IP++++++"
netsh interface ip show config | select-string "10."
echo " "
echo " "
sleep 3


echo "++++++查看域名++++++"
systeminfo | select-string "Domain"
echo " "
echo " "
sleep 3


echo "++++++查看組++++++"
net localgroup Administrators | select-string "查看工作組"
echo " "
echo " "
sleep 3


echo "++++++查看防火牆++++++"
netsh advfirewall show allprofiles | select-string "Profile|State"
echo " "
echo " "

echo "++++++刪除文件： Pass.txt++++++"
Remove-Item 'C:\opstools\Init_file\Pass.txt'
$TestFile=Test-Path 'C:\opstools\Init_file\Pass.txt'
if ("$TestFile" -eq "True")
{
    echo " "
    echo " "
    echo "結果為： $result"
    echo " "
    echo "Delete Pass.txt Failed!!!"
    echo " "
    sleep 1
    echo "Delete Pass.txt Failed!!!"
    echo " "
    sleep 1
    echo "Delete Pass.txt Failed!!!"
    echo " "
    echo " "
    sleep 3
}
else
{
    echo " "
    echo "刪除文件： Pass.txt 成功!!!"
    echo "12秒鍾后將重啟!!!"
    echo " "
    echo " "
}


shutdown.exe -r -t 12
sleep 10

使用ansible為windows加域

ansible w -m raw -a 'C:\opstools\Init_file\AutoAddDomain.ps1'
ansible w -m raw -a 'C:\opstools\zabbix_file\Win\Agent\zabbix_deploy_all\zabbix_4.0_EnglishOS_BX_autoinstall.bat'

你好

set File =C:\opstools\zabbix_file\Win\Agent\zabbix_deploy_all\Pass.txt [Byte[]] set key = (1..16) set encpasswd = Get-Content %File%
set ss = ConvertTo-SecureString -String $encpasswd -Key %key%
set cred = New-Object System.Management.Automation.PSCredential 'beisencorp\sysops', %ss% net use \\10.23.10.104\D$ %cred% net use \\10.23.10.103\e$ %cred%

你好

powershell腳本

$File = "C:\opstools\zabbix_file\Win\Agent\zabbix_deploy_all\Pass.txt" [Byte[]] $key = (1..16) $encpasswd = Get-Content $File $ss = ConvertTo-SecureString -String $encpasswd -Key $key $cred = "New-Object System.Management.Automation.PSCredential 'beisencorp\sysops', $ss"  net use \\10.23.10.104\D$ $cred net use \\10.23.10.103\e$ $cred net use

你好

不升級powershell版本，配置IP和主機名的時候直接安裝salt

NameText = "C:\opstools\Init_file\name.txt"
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.CreateTextFile(NameText, True)
f.WriteLine reval
f.Close

你好

Dim reval
Set objnet = CreateObject ("WScript.Network")
Set R = CreateObject("WScript.Shell")
reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName")

NameText = "C:\opstools\Init_file\ComputerName.txt"
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.CreateTextFile(NameText, True) 
f.WriteLine reval
f.Close

On Error Resume Next
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" _
    & strComputer & "\root\cimv2")
Set colComputers = objWMIService.ExecQuery _
    ("Select * from Win32_ComputerSystem")

For Each objComputer in colComputers
    errReturn = ObjComputer.Rename (reval)
    If reval <> "" Then 
                return=MsgBox ("Reboot Computer?",vbokcancel+vbexclamation,"tips!")
                If return=vbok Then
                        R.run("Shutdown.exe -r -t 20")
                End if
    End If 
Next

你好

<#     ///最終添加主機IP和主機名文件
    Intro: This function will display a form to communicate with the user.
    Input: -FormText -ButtonText
    Example: MakeForm -FormText "ForInput" -ButtonText "Submit"
    Use: To make the PowerShell program's interactivity better.
#>
function MakeForm{
    param($FormText,$ButtonText)
    $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
    $form = New-Object Windows.Forms.Form
    $form.size = New-Object Drawing.Size -Arg 400,80
    $form.StartPosition = "CenterScreen"
    $form.Text = $FormText.toString()
    $textBox = New-Object Windows.Forms.TextBox
    $textBox.Dock = "fill"
    $form.Controls.Add($textBox)
    $button = New-Object Windows.Forms.Button
    $button.Text = $ButtonText
    $button.Dock = "Bottom"
    $button.add_Click(
    {$global:resultText = $textBox.Text;$form.Close()})
    $form.Controls.Add($button)
    [Void]$form.ShowDialog()
}

echo " "
echo "++++++ 添加IP ++++++"
echo " "
MakeForm -FormText "請輸入主機IP：" -ButtonText "Submit"
echo "即將配置: $resultText 到此服務器"

$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"

#注意: 此處是子網掩碼，根據實際情況進行更改
$wmi.EnableStatic("$resultText", "255.255.255.0")  | Out-Null

$a = $resultText.split(".",4)[0]
$b = $resultText.split(".",4)[1]
$c = $resultText.split(".",4)[2]
$d = $resultText.split(".",4)[3]
$gateway = "$a.$b.$c.1"

$wmi.SetGateways("$gateway") | Out-Null

#注意: 此處是DNS，根據實際情況進行更改
$dns = "10.23.110.201", "10.23.110.200"

$wmi.SetDNSSERVERSearchOrder($dns) | Out-Null

ipconfig /flushdns  | Out-Null
sleep 1
ipconfig /flushdns  | Out-Null
#$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition
#C:\opstools\Init_file\ChangeName.vbs
netsh interface ip show config  | Out-Null
sleep 1
#ping www.baidu.com

echo " "
echo " "

#注意：此處需要根據情況修改主機名
echo "++++++更改主機名++++++"
echo " "
#rename-computer -newname "BXVW-APP-$c-$d"
C:\opstools\Init_file\ChangeName.vbs
sleep 5
echo "+++++判斷主機名文件是否生成+++++"
echo " "
echo " "
$result = Test-Path C:\opstools\Init_file\ComputerName.txt
while ($result -cnotcontains "False")
    {
       $result = Test-Path C:\opstools\Init_file\ComputerName.txt
       echo "等待輸入ComputerName"
       sleep 3
    }

echo " "
echo " "
echo "+++++獲取更改后的主機名"
$CName = Get-Content C:\opstools\Init_file\ComputerName.txt
echo $CName
echo " "
echo " "
sleep 3

net use \\10.23.10.104\D$ "密碼" /user:beisencorp\sysops
net use
echo " "
echo " "
sleep 3

echo "+++++部署 Salt +++++"
Copy-Item "\\10.23.10.104\d$\opstools\salt-package" -Destination "d:\" -recurse
cmd.exe /c "d:\salt-package\Salt-Minion-2016.3.0-AMD64-Setup.exe /S /master=10.23.110.202 /minion-name=$CName"
#return
Get-Service -Name salt-minion
sleep 5

netsh interface ip show config
sleep 3
ping www.baidu.com
Shutdown.exe -r -t 15

添加 IP 新版本

 <#
    Intro: This function will display a form to communicate with the user.
    Input: -FormText -ButtonText
    Example: MakeForm -FormText "ForInput" -ButtonText "Submit"
    Use: To make the PowerShell program's interactivity better.
#>
function MakeForm{
    param($FormText,$ButtonText)
    $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
    $form = New-Object Windows.Forms.Form
    $form.size = New-Object Drawing.Size -Arg 400,80
    $form.StartPosition = "CenterScreen"
    $form.Text = $FormText.toString()
    $textBox = New-Object Windows.Forms.TextBox
    $textBox.Dock = "fill"
    $form.Controls.Add($textBox)
    $button = New-Object Windows.Forms.Button
    $button.Text = $ButtonText
    $button.Dock = "Bottom"
    $button.add_Click(
    {$global:resultText = $textBox.Text;$form.Close()})
    $form.Controls.Add($button)
    [Void]$form.ShowDialog()
}

echo " "
echo "++++++ 添加IP ++++++"
echo " "
MakeForm -FormText "請輸入主機IP：" -ButtonText "Submit"
echo "即將配置: $resultText 到此服務器"

$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"

#注意: 此處是子網掩碼，根據實際情況進行更改
$wmi.EnableStatic("$resultText", "255.255.255.0")  | Out-Null

$a = $resultText.split(".",4)[0]
$b = $resultText.split(".",4)[1]
$c = $resultText.split(".",4)[2]
$d = $resultText.split(".",4)[3]
$gateway = "$a.$b.$c.1"

$wmi.SetGateways("$gateway") | Out-Null

#注意: 此處是DNS，根據實際情況進行更改
$dns = "10.23.110.201", "10.23.110.200"

$wmi.SetDNSSERVERSearchOrder($dns) | Out-Null

ipconfig /flushdns  | Out-Null
sleep 1
ipconfig /flushdns  | Out-Null
#$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition
#C:\opstools\Init_file\ChangeName.vbs
netsh interface ip show config  | Out-Null
sleep 1
#ping www.baidu.com

echo " "
echo " "

#注意：此處需要根據情況修改主機名
echo "++++++ 更改主機名 ++++++"
echo " "
#rename-computer -newname "BXVW-APP-$c-$d"
C:\opstools\Init_file\ChangeName.vbs
sleep 8
echo "+++++ 主機名文件未生成 +++++"
$result = Test-Path C:\opstools\Init_file\ComputerName.txt
while ($result -cnotcontains "False")
    {
       $result = Test-Path C:\opstools\Init_file\ComputerName.txt
       echo " "
       echo "    等待輸入 ComputerName"
       sleep 3
    }

echo " "
echo "+++++ 獲取更改后的主機名 +++++"
$CName = Get-Content C:\opstools\Init_file\ComputerName.txt
echo $CName
echo " "
echo " "
sleep 3

net use \\10.23.10.104\D$ "密碼" /user:beisencorp\sysops
net use
sleep 3

echo "+++++ 部署 Salt +++++"
Copy-Item "\\10.23.10.104\d$\opstools\salt-package" -Destination "d:\" -recurse
cmd.exe /c "d:\salt-package\Salt-Minion-2016.3.0-AMD64-Setup.exe /S /master=10.23.110.202 /minion-name=$CName"
#return

Get-Service -Name salt-minion
sleep 2
Remove-Item 'C:\opstools\Init_file\ComputerName.txt'
sleep 2

netsh interface ip show config
sleep 3
ping www.baidu.com
Shutdown.exe -r -t 8

更改主機名-原版本

Dim reval Set objnet = CreateObject ("WScript.Network") Set R = CreateObject("WScript.Shell") reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName") NameText = "C:\opstools\Init_file\ComputerName.txt" Set fs = CreateObject("Scripting.FileSystemObject") Set f = fs.CreateTextFile(NameText, True) f.WriteLine reval f.Close On Error Resume Next strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & strComputer & "\root\cimv2") Set colComputers = objWMIService.ExecQuery _ ("Select * from Win32_ComputerSystem") For Each objComputer in colComputers errReturn = ObjComputer.Rename (reval) If reval <> "" Then return=MsgBox ("Reboot Computer?",vbokcancel+vbexclamation,"tips!") If return=vbok Then R.run("Shutdown.exe -r -t 20") End if End If Next

更改主機名-新版本

Dim reval
Set objnet = CreateObject ("WScript.Network")
Set R = CreateObject("WScript.Shell")
reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName")

NameText = "C:\opstools\Init_file\ComputerName.txt"
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.CreateTextFile(NameText, True) 
f.WriteLine reval
f.Close

On Error Resume Next
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" _
    & strComputer & "\root\cimv2")
Set colComputers = objWMIService.ExecQuery _
    ("Select * from Win32_ComputerSystem")

For Each objComputer in colComputers
    errReturn = ObjComputer.Rename (reval)
Next

salt執行

列出所有key

# salt-key -L

接受指定key

salt-key -a BXVW-APP-21-253 -y

檢查salt-minion是否運行

salt BXVW-APP-21-253 cmd.run 'get-service -name salt-minion' shell=powershell

執行加域腳本

salt BXVW-APP-21-253 cmd.run 'C:\opstools\Init_file\AddDomain.ps1' shell=powershell

執行安裝 zabbix 腳本

salt BXVW-APP-21-253 cmd.run 'C:\opstools\install_script\Win\Agent\zabbix_deploy_all\zabbix_4.0_EnglishOS_BX_autoinstall.bat' shell=powershell

檢查zabbix是否執行

salt BXVW-APP-21-253 cmd.run 'get-service -name "Zabbix Agent"' shell=powershell

salt BXVW-APP-21-253 cmd.run 'get-service -name "Beisen.OpsManagement.WindowsService" shell=powershell

暫不使用：salt BXVW-APP-21-253 cmd.run cmd='zabbix_4.0_EnglishOS_BX_autoinstall.bat' cwd='C:\opstools\install_script\Win\Agent\zabbix_deploy_all'

檢查服務是否安裝

salt BXVW-APP-21-253 cmd.run get-service shell=powershell | grep -E "Status|salt-minion|Zabbix Agent|Beisen.Quark.Register|Beisen.OpsManagement.WindowsService"

salt "BXVW-APP-21-253" state.sls checkWindows.copydir

在10.23.110.202上

執行：salt "BXVW-APP-21-253" cmd.run "C:\opstools\Init_file\checkWIN.ps1" shell=powershell
[root@oneops-110-202 checkWindows]# pwd /srv/salt/checkWindows

[root@oneops-110-202 checkWindows]# cat copydir.sls 
copy_dir: file.managed: - name: C:\opstools\Init_file\checkWIN.ps1 - source: salt://checkWindows/checkWIN.ps1
    - makedirs: 'True' cmd.run: - name: powershell.exe C:\opstools\Init_file\checkWIN.ps1

[root@oneops-110-202 checkWindows]# cat checkWIN.ps1 
echo "Check the WIN"
echo " "

ipconfig | select-string "IPv4"
echo " "
echo " "

hostname
echo " "
echo " "

systeminfo | select-string "Domain"
echo " "
echo " "

net localgroup Administrators | select-string "BEISENCORP|PROD"
echo " "
echo " "

netsh advfirewall show allprofiles | select-string "Profile|State"
echo " "
echo " "

get-service | findstr "salt-minion"
echo " "
echo " "

get-service | findstr "Zabbix"
echo " "
echo " "

get-service | findstr "Beisen.OpsManagement.WindowsService"
echo " "
echo " "

get-service | findstr "Beisen.Quark.Register"
echo " "
echo " "
sleep 3

你好

echo " "
echo "++++++ Add Domain ++++++"

#Check the key file
$TestFile=Test-Path 'C:\opstools\Init_file\Pass.txt'
if ("$TestFile" -eq "False")
{
    echo " "
    echo " "
    echo "    Pass.txt is not esxit!!!"
    echo " "
    sleep 1
    echo "    Pass.txt is not esxit!!!"
    echo " "
    sleep 1
    echo "    Add domain filed, exit!!!"
    echo " "
    echo " "
    sleep 3
    exit
}


$File = "c:\opstools\Init_file\Pass.txt"
[Byte[]] $key = (1..16)
$encpasswd = Get-Content $File
$domain = "prod.beisencorp.com" 
$ss = ConvertTo-SecureString -String $encpasswd -Key $key
$cred = New-Object System.Management.Automation.PSCredential 'beisencorp\zhouzun', $ss
Add-Computer -DomainName $domain -Credential $cred

$result = $?

if ("$result" -eq "False")
{
    echo " "
    echo " "
    echo "The result： $result"
    echo " "
    echo "Failed to add domain, exit!!!"
    echo " "
    sleep 1
    echo "Failed to add domain, exit!!!"
    echo " "
    sleep 1
    echo "Failed to add domain, exit!!!"
    echo " "
    echo " "
    sleep 5
    exit
}
else
{
    echo " "
    echo "Add damain success!!!"
    echo " "
    echo "The result of add domain：$result"
}

echo " "
echo " "
sleep 2


echo "++++++Add ops group++++++"
net localgroup Administrators BEISENCORP\OPS /add
echo "The result： $?"
echo " "
echo " "
sleep 2


#Turn off the firewall
#netsh firewall set opmode mode=disable
echo "++++++ Turn off the firewall ++++++"
netsh advfirewall set allprofiles state off
echo "The result： $?"  
echo " "
echo " "
sleep 2


echo "++++++ Check Hostname ++++++"
hostname
echo " "
echo " "
sleep 2


echo "++++++ Check IP ++++++"
netsh interface ip show config | select-string "10."
echo " "
echo " "
sleep 2


echo "++++++Check Domain ++++++"
systeminfo | select-string "Domain"
echo " "
echo " "
sleep 2


echo "++++++ Check Group ++++++"
net localgroup Administrators | select-string "BEISENCORP|PROD"
echo " "
echo " "
sleep 2


echo "++++++ Check Firewall++++++"
netsh advfirewall show allprofiles | select-string "Profile|State"
echo " "
echo " "
sleep 2


echo "++++++Delete Key file: Pass.txt++++++"
Remove-Item 'C:\opstools\Init_file\Pass.txt'
$TestFile=Test-Path 'C:\opstools\Init_file\Pass.txt'
if ("$TestFile" -eq "True")
{
    echo " "
    echo " "
    echo "The Result： $result"
    echo " "
    echo "Delete Pass.txt Failed!!!"
    echo " "
    sleep 1
    echo "Delete Pass.txt Failed!!!"
    echo " "
    sleep 1
    echo "Delete Pass.txt Failed!!!"
    echo " "
    echo " "
    sleep 5
}
else
{
    echo "Delete Pass.txt success!!!"
}

echo " "
echo " "
echo "Restart after 5 seconds!!!"
shutdown.exe -r -t 5
sleep 5

你好

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 Linux磁盤腳本初始化 apache ignite系列（九）：使用ddl和dml腳本初始化ignite並使用mybatis查詢緩存初始化項目腳本 [ansible]-ansible初始化mysql數據庫 [Ansible實戰]-ansible初始化mysql數據庫 windows mysql初始化 ansible 初始化系統分區格式化 centos7初始化bashshell腳本 centos7 初始化腳本 centos7系統初始化腳本