jemrobinson
commented
3 years ago Deployment of SRE 'sandbox' (tier 2)
Using commit 78c2657f
Closed jemrobinson closed 3 years ago
jemrobinson
commented
3 years ago Using commit 78c2657f
jemrobinson
commented
3 years ago Using commit 78c2657f
jemrobinson
commented
3 years ago Running on SHM/SREs deployed using commit 78c2657f
Some security checks were skipped since:
jemrobinson
commented
3 years ago @martintoreilly has access to a managed device and so will take a look at some of these skipped tests.
Deployment of SHM 'testa'
Using commit 78c2657f
Code version
```pwsh > git fetch;git pull;git status;git log -1 --pretty="At commit %h (%H)" Already up to date. Current branch master is up to date. On branch master Your branch is up to date with 'origin/master'. nothing to commit, working tree clean At commit 78c2657f (78c2657f6747d16d3fb07035b0a5d132185493ea) ```Setup_SHM_DNS_Zone
```pwsh > ./Setup_SHM_DNS_Zone.ps1 -shmId testa 2021-03-23 13:25:04 [ INFO]: Ensuring that resource group 'RG_SHM_DNS_TEST' exists... 2021-03-23 13:25:05 [SUCCESS]: [✔] Resource group 'RG_SHM_DNS_TEST' already exists 2021-03-23 13:25:05 [ INFO]: Ensuring that DNS zone 'testa.dsgroupdev.co.uk' exists... 2021-03-23 13:25:08 [SUCCESS]: [✔] DNS Zone 'testa.dsgroupdev.co.uk' already exists 2021-03-23 13:25:08 [ INFO]: Get NS records from the new DNS Zone... 2021-03-23 13:25:08 [ INFO]: Reading NS records '@' for DNS Zone 'testa.dsgroupdev.co.uk'... 2021-03-23 13:25:12 [ INFO]: Add NS records to the parent DNS Zone... 2021-03-23 13:25:14 [SUCCESS]: [✔] DNS record set 'testa' already exists. Will not update! ```Setup_SHM_AAD_Domain
```pwsh > pwsh { ./Setup_SHM_AAD_Domain.ps1 -shmId testa -tenantId a87e65e6-8b21-4286-861a-2f2acea304d9 } WARNING: /Users/jrobinson/.local/share/powershell/Modules/AzureAD.Standard.Preview/0.1.599.7 WARNING: AzureAD.Standard.Preview WARNING: /Users/jrobinson/.local/share/powershell/Modules/AzureAD.Standard.Preview/0.1.599.7/net471 WARNING: Loading module in coreclr folder: 'netstandard2.0' ... Connecting to Azure AD 'a87e65e6-8b21-4286-861a-2f2acea304d9'... WARNING: To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code CGKLY7FTF to authenticate. 2021-03-23 13:30:19 [ INFO]: Adding SHM domain to AAD... 2021-03-23 13:30:19 [SUCCESS]: [✔] 'testa.dsgroupdev.co.uk' already present as custom domain on SHM AAD. 2021-03-23 13:30:19 [ INFO]: Verifying domain on SHM AAD... 2021-03-23 13:30:19 [SUCCESS]: [✔] 'testa.dsgroupdev.co.uk' already verified on SHM AAD. 2021-03-23 13:30:19 [ INFO]: Ensuring 'testa.dsgroupdev.co.uk' is primary domain on SHM AAD. 2021-03-23 13:30:19 [SUCCESS]: [✔] 'testa.dsgroupdev.co.uk' is already primary domain on SHM AAD. ```Setup_SHM_Key_Vault_And_Emergency_Admin
```pwsh > pwsh { ./Setup_SHM_Key_Vault_And_Emergency_Admin.ps1 -shmId testa -tenantId a87e65e6-8b21-4286-861a-2f2acea304d9 } WARNING: /Users/jrobinson/.local/share/powershell/Modules/AzureAD.Standard.Preview/0.1.599.7 WARNING: AzureAD.Standard.Preview WARNING: /Users/jrobinson/.local/share/powershell/Modules/AzureAD.Standard.Preview/0.1.599.7/net471 WARNING: Loading module in coreclr folder: 'netstandard2.0' ... Connecting to Azure AD 'a87e65e6-8b21-4286-861a-2f2acea304d9'... WARNING: To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code C86GXZPCF to authenticate. 2021-03-23 13:38:46 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_SECRETS' exists... 2021-03-23 13:38:47 [ INFO]: [ ] Creating resource group 'RG_SHM_TESTA_SECRETS' 2021-03-23 13:38:48 [SUCCESS]: [✔] Created resource group 'RG_SHM_TESTA_SECRETS' 2021-03-23 13:38:48 [ INFO]: Ensuring that key vault 'kv-shm-testa' exists... 2021-03-23 13:39:25 [ INFO]: Purging a soft-deleted key vault 'kv-shm-testa' in uksouth 2021-03-23 13:39:31 [SUCCESS]: [✔] Purged key vault 'kv-shm-testa' 2021-03-23 13:39:50 [ INFO]: [ ] Creating key vault 'kv-shm-testa' 2021-03-23 13:40:24 [SUCCESS]: [✔] Created key vault 'kv-shm-testa' 2021-03-23 13:40:24 [ INFO]: Giving group 'Safe Haven Test Admins' access to key vault 'kv-shm-testa'... 2021-03-23 13:40:29 [SUCCESS]: [✔] Set correct access policies for key vault 'kv-shm-testa' 2021-03-23 13:40:29 [ INFO]: Ensuring that secrets exist in Key Vault 'kv-shm-testa'... 2021-03-23 13:40:43 [SUCCESS]: [✔] AAD emergency administrator account username exists 2021-03-23 13:40:57 [SUCCESS]: [✔] AAD emergency administrator account password exists 2021-03-23 13:41:37 [SUCCESS]: [✔] Ensured that SHM admin usernames exist 2021-03-23 13:44:14 [SUCCESS]: [✔] Ensured that SHM VM admin passwords exist 2021-03-23 13:45:19 [SUCCESS]: [✔] Ensured that domain joining passwords exist 2021-03-23 13:45:31 [SUCCESS]: [✔] Ensured that service account passwords exist 2021-03-23 13:45:34 [ INFO]: Ensuring AAD emergency administrator account exists... 2021-03-23 13:45:35 [SUCCESS]: [✔] Existing AAD emergency administrator account updated. 2021-03-23 13:45:35 [ INFO]: Ensuring that self-signed CA certificate exists in the 'kv-shm-testa' Key Vault... 2021-03-23 13:45:35 [ INFO]: Creating new self-signed CA certificate... 2021-03-23 13:45:35 [ INFO]: [ ] Generating self-signed certificate locally Generating a 2048 bit RSA private key ....................+++ .......................+++ writing new private key to '/var/folders/q7/nl3w6z854711jwsdy0hj7sxhwypcgh/T/tmpa7SjVJ.tmp.certificates/SHM-TESTA-P2S-CA.key' ----- 2021-03-23 13:45:48 [SUCCESS]: [✔] Generating self-signed certificate succeeded 2021-03-23 13:45:48 [ INFO]: [ ] Uploading CA private key + certificate bundle as certificate shm-testa-vpn-ca-cert (includes private key) 2021-03-23 13:45:49 [SUCCESS]: [✔] Uploading the full CA certificate succeeded 2021-03-23 13:45:49 [ INFO]: [ ] Uploading the plain CA certificate as secret shm-testa-vpn-ca-cert-plain (without private key) 2021-03-23 13:45:50 [SUCCESS]: [✔] Uploading the plain CA certificate succeeded 2021-03-23 13:45:50 [ INFO]: Ensuring that client certificate exists in the 'kv-shm-testa' Key Vault... 2021-03-23 13:45:51 [ INFO]: Creating new client certificate... 2021-03-23 13:45:51 [ INFO]: [ ] Loading CA private key from Key Vault... MAC verified OK 2021-03-23 13:45:53 [SUCCESS]: [✔] Loading CA private key succeeded 2021-03-23 13:45:53 [ INFO]: [ ] Retrieving CA plain certificate... 2021-03-23 13:45:54 [SUCCESS]: [✔] Validated CA certificate retrieval using MD5 2021-03-23 13:45:54 [ INFO]: [ ] Creating new certificate signing request to be signed by the CA certificate... 2021-03-23 13:45:56 [SUCCESS]: [✔] CSR creation succeeded 2021-03-23 13:45:56 [ INFO]: [ ] Signing the CSR and merging into the 'shm-testa-vpn-client-cert' certificate... Signature ok subject=/CN=SHM-TESTA-P2S-CLIENT Getting CA Private Key 2021-03-23 13:46:10 [SUCCESS]: [✔] Importing the signed client certificate succeeded ```Setup_SHM_Networking
```pwsh > ./Setup_SHM_Networking.ps1 -shmId testa 2021-03-23 14:03:58 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_NETWORKING' exists... 2021-03-23 14:03:59 [ INFO]: [ ] Creating resource group 'RG_SHM_TESTA_NETWORKING' 2021-03-23 14:04:00 [SUCCESS]: [✔] Created resource group 'RG_SHM_TESTA_NETWORKING' 2021-03-23 14:04:00 [ INFO]: Deploying VNet gateway from template... VERBOSE: Performing the operation "Creating Deployment" on target "RG_SHM_TESTA_NETWORKING". WARNING: The DeploymentDebug setting has been enabled. This can potentially log secrets like passwords used in resource property or listKeys operations when you retrieve the deployment operations through Get-AzResourceGroupDeploymentOperation VERBOSE: 14:04:03 - Template is valid. VERBOSE: 14:04:03 - Create template deployment 'shm-vnet-template' VERBOSE: 14:04:03 - Checking deployment status in 5 seconds VERBOSE: 14:04:08 - Resource Microsoft.Network/virtualNetworks 'VNET_SHM_TESTA' provisioning status is running VERBOSE: 14:04:08 - Resource Microsoft.Network/networkSecurityGroups 'NSG_SHM_TESTA_IDENTITY' provisioning status is succeeded VERBOSE: 14:04:08 - Resource Microsoft.Network/publicIPAddresses 'VNET_SHM_TESTA_GW_PIP' provisioning status is succeeded VERBOSE: 14:04:08 - Checking deployment status in 14 seconds VERBOSE: 14:04:22 - Resource Microsoft.Network/virtualNetworkGateways 'VNET_SHM_TESTA_GW' provisioning status is running VERBOSE: 14:04:22 - Resource Microsoft.Network/virtualNetworks/subnets 'VNET_SHM_TESTA/IdentitySubnet' provisioning status is succeeded VERBOSE: 14:04:22 - Resource Microsoft.Network/virtualNetworks/subnets 'VNET_SHM_TESTA/GatewaySubnet' provisioning status is succeeded VERBOSE: 14:04:22 - Resource Microsoft.Network/virtualNetworks/subnets 'VNET_SHM_TESTA/AzureFirewallSubnet' provisioning status is succeeded VERBOSE: 14:04:22 - Resource Microsoft.Network/virtualNetworks 'VNET_SHM_TESTA' provisioning status is succeeded VERBOSE: 14:04:22 - Checking deployment status in 5 seconds VERBOSE: 14:04:27 - Checking deployment status in 5 seconds VERBOSE: 14:04:32 - Checking deployment status in 5 seconds VERBOSE: 14:04:38 - Checking deployment status in 5 seconds VERBOSE: 14:04:43 - Checking deployment status in 5 seconds VERBOSE: 14:04:48 - Checking deployment status in 5 seconds VERBOSE: 14:04:53 - Checking deployment status in 5 seconds VERBOSE: 14:04:58 - Checking deployment status in 5 seconds VERBOSE: 14:05:03 - Checking deployment status in 5 seconds VERBOSE: 14:05:08 - Checking deployment status in 5 seconds VERBOSE: 14:05:13 - Checking deployment status in 5 seconds VERBOSE: 14:05:18 - Checking deployment status in 5 seconds VERBOSE: 14:05:23 - Checking deployment status in 5 seconds VERBOSE: 14:05:29 - Checking deployment status in 5 seconds VERBOSE: 14:05:34 - Checking deployment status in 5 seconds VERBOSE: 14:05:39 - Checking deployment status in 5 seconds VERBOSE: 14:05:44 - Checking deployment status in 5 seconds VERBOSE: 14:05:49 - Checking deployment status in 5 seconds VERBOSE: 14:05:54 - Checking deployment status in 5 seconds VERBOSE: 14:05:59 - Checking deployment status in 5 seconds VERBOSE: 14:06:05 - Checking deployment status in 5 seconds VERBOSE: 14:06:10 - Checking deployment status in 5 seconds VERBOSE: 14:06:15 - Checking deployment status in 11 seconds VERBOSE: 14:06:26 - Checking deployment status in 5 seconds VERBOSE: 14:06:31 - Checking deployment status in 5 seconds VERBOSE: 14:06:36 - Checking deployment status in 5 seconds VERBOSE: 14:06:41 - Checking deployment status in 5 seconds VERBOSE: 14:06:46 - Checking deployment status in 5 seconds VERBOSE: 14:06:51 - Checking deployment status in 5 seconds VERBOSE: 14:06:56 - Checking deployment status in 5 seconds VERBOSE: 14:07:02 - Checking deployment status in 5 seconds VERBOSE: 14:07:07 - Checking deployment status in 5 seconds VERBOSE: 14:07:12 - Checking deployment status in 5 seconds VERBOSE: 14:07:17 - Checking deployment status in 5 seconds VERBOSE: 14:07:22 - Checking deployment status in 5 seconds VERBOSE: 14:07:27 - Checking deployment status in 5 seconds VERBOSE: 14:07:32 - Checking deployment status in 5 seconds VERBOSE: 14:07:37 - Checking deployment status in 5 seconds VERBOSE: 14:07:42 - Checking deployment status in 5 seconds VERBOSE: 14:07:47 - Checking deployment status in 5 seconds VERBOSE: 14:07:52 - Checking deployment status in 5 seconds VERBOSE: 14:07:58 - Checking deployment status in 5 seconds VERBOSE: 14:08:03 - Checking deployment status in 5 seconds VERBOSE: 14:08:08 - Checking deployment status in 5 seconds VERBOSE: 14:08:13 - Checking deployment status in 14 seconds VERBOSE: 14:08:27 - Checking deployment status in 5 seconds VERBOSE: 14:08:32 - Checking deployment status in 5 seconds VERBOSE: 14:08:37 - Checking deployment status in 5 seconds VERBOSE: 14:08:42 - Checking deployment status in 5 seconds VERBOSE: 14:08:47 - Checking deployment status in 5 seconds VERBOSE: 14:08:52 - Checking deployment status in 5 seconds VERBOSE: 14:08:57 - Checking deployment status in 5 seconds VERBOSE: 14:09:03 - Checking deployment status in 5 seconds VERBOSE: 14:09:08 - Checking deployment status in 5 seconds VERBOSE: 14:09:13 - Checking deployment status in 5 seconds VERBOSE: 14:09:18 - Checking deployment status in 5 seconds VERBOSE: 14:09:23 - Checking deployment status in 5 seconds VERBOSE: 14:09:28 - Checking deployment status in 5 seconds VERBOSE: 14:09:33 - Checking deployment status in 5 seconds VERBOSE: 14:09:38 - Checking deployment status in 5 seconds VERBOSE: 14:09:43 - Checking deployment status in 5 seconds VERBOSE: 14:09:48 - Checking deployment status in 5 seconds VERBOSE: 14:09:53 - Checking deployment status in 5 seconds VERBOSE: 14:09:59 - Checking deployment status in 5 seconds VERBOSE: 14:10:04 - Checking deployment status in 5 seconds VERBOSE: 14:10:09 - Checking deployment status in 5 seconds VERBOSE: 14:10:14 - Checking deployment status in 14 seconds VERBOSE: 14:10:28 - Checking deployment status in 5 seconds VERBOSE: 14:10:33 - Checking deployment status in 5 seconds VERBOSE: 14:10:38 - Checking deployment status in 5 seconds VERBOSE: 14:10:43 - Checking deployment status in 5 seconds VERBOSE: 14:10:48 - Checking deployment status in 5 seconds VERBOSE: 14:10:53 - Checking deployment status in 5 seconds VERBOSE: 14:10:58 - Checking deployment status in 5 seconds VERBOSE: 14:11:04 - Checking deployment status in 5 seconds VERBOSE: 14:11:09 - Checking deployment status in 5 seconds VERBOSE: 14:11:14 - Checking deployment status in 5 seconds VERBOSE: 14:11:19 - Checking deployment status in 5 seconds VERBOSE: 14:11:24 - Checking deployment status in 5 seconds VERBOSE: 14:11:29 - Checking deployment status in 5 seconds VERBOSE: 14:11:34 - Checking deployment status in 5 seconds VERBOSE: 14:11:39 - Checking deployment status in 5 seconds VERBOSE: 14:11:44 - Checking deployment status in 5 seconds VERBOSE: 14:11:49 - Checking deployment status in 5 seconds VERBOSE: 14:11:54 - Checking deployment status in 5 seconds VERBOSE: 14:11:59 - Checking deployment status in 5 seconds VERBOSE: 14:12:05 - Checking deployment status in 5 seconds VERBOSE: 14:12:10 - Checking deployment status in 5 seconds VERBOSE: 14:12:15 - Checking deployment status in 13 seconds VERBOSE: 14:12:28 - Checking deployment status in 5 seconds VERBOSE: 14:12:33 - Checking deployment status in 5 seconds VERBOSE: 14:12:38 - Checking deployment status in 5 seconds VERBOSE: 14:12:43 - Checking deployment status in 5 seconds VERBOSE: 14:12:48 - Checking deployment status in 5 seconds VERBOSE: 14:12:53 - Checking deployment status in 5 seconds VERBOSE: 14:12:59 - Checking deployment status in 5 seconds VERBOSE: 14:13:04 - Checking deployment status in 5 seconds VERBOSE: 14:13:09 - Checking deployment status in 5 seconds VERBOSE: 14:13:14 - Checking deployment status in 5 seconds VERBOSE: 14:13:19 - Checking deployment status in 5 seconds VERBOSE: 14:13:24 - Checking deployment status in 5 seconds VERBOSE: 14:13:29 - Checking deployment status in 5 seconds VERBOSE: 14:13:34 - Checking deployment status in 5 seconds VERBOSE: 14:13:39 - Checking deployment status in 5 seconds VERBOSE: 14:13:44 - Checking deployment status in 5 seconds VERBOSE: 14:13:49 - Checking deployment status in 5 seconds VERBOSE: 14:13:55 - Checking deployment status in 5 seconds VERBOSE: 14:14:00 - Checking deployment status in 5 seconds VERBOSE: 14:14:05 - Checking deployment status in 5 seconds VERBOSE: 14:14:10 - Checking deployment status in 5 seconds VERBOSE: 14:14:15 - Checking deployment status in 14 seconds VERBOSE: 14:14:29 - Checking deployment status in 5 seconds VERBOSE: 14:14:34 - Checking deployment status in 5 seconds VERBOSE: 14:14:39 - Checking deployment status in 5 seconds VERBOSE: 14:14:44 - Checking deployment status in 5 seconds VERBOSE: 14:14:49 - Checking deployment status in 5 seconds VERBOSE: 14:14:55 - Checking deployment status in 5 seconds VERBOSE: 14:15:00 - Checking deployment status in 5 seconds VERBOSE: 14:15:05 - Checking deployment status in 5 seconds VERBOSE: 14:15:10 - Checking deployment status in 5 seconds VERBOSE: 14:15:15 - Checking deployment status in 5 seconds VERBOSE: 14:15:20 - Checking deployment status in 5 seconds VERBOSE: 14:15:25 - Checking deployment status in 5 seconds VERBOSE: 14:15:30 - Checking deployment status in 5 seconds VERBOSE: 14:15:35 - Checking deployment status in 5 seconds VERBOSE: 14:15:40 - Checking deployment status in 5 seconds VERBOSE: 14:15:45 - Checking deployment status in 5 seconds VERBOSE: 14:15:51 - Checking deployment status in 5 seconds VERBOSE: 14:15:56 - Checking deployment status in 5 seconds VERBOSE: 14:16:01 - Checking deployment status in 5 seconds VERBOSE: 14:16:06 - Checking deployment status in 5 seconds VERBOSE: 14:16:11 - Checking deployment status in 5 seconds VERBOSE: 14:16:16 - Checking deployment status in 14 seconds VERBOSE: 14:16:30 - Checking deployment status in 5 seconds VERBOSE: 14:16:35 - Checking deployment status in 5 seconds VERBOSE: 14:16:40 - Checking deployment status in 5 seconds VERBOSE: 14:16:45 - Checking deployment status in 5 seconds VERBOSE: 14:16:50 - Checking deployment status in 5 seconds VERBOSE: 14:16:56 - Checking deployment status in 5 seconds VERBOSE: 14:17:01 - Checking deployment status in 5 seconds VERBOSE: 14:17:06 - Checking deployment status in 5 seconds VERBOSE: 14:17:11 - Checking deployment status in 5 seconds VERBOSE: 14:17:16 - Checking deployment status in 5 seconds VERBOSE: 14:17:21 - Checking deployment status in 5 seconds VERBOSE: 14:17:26 - Checking deployment status in 5 seconds VERBOSE: 14:17:31 - Checking deployment status in 5 seconds VERBOSE: 14:17:36 - Checking deployment status in 5 seconds VERBOSE: 14:17:41 - Checking deployment status in 5 seconds VERBOSE: 14:17:46 - Checking deployment status in 5 seconds VERBOSE: 14:17:52 - Checking deployment status in 5 seconds VERBOSE: 14:17:57 - Checking deployment status in 5 seconds VERBOSE: 14:18:02 - Checking deployment status in 5 seconds VERBOSE: 14:18:07 - Checking deployment status in 5 seconds VERBOSE: 14:18:12 - Checking deployment status in 5 seconds VERBOSE: 14:18:17 - Checking deployment status in 13 seconds VERBOSE: 14:18:30 - Checking deployment status in 5 seconds VERBOSE: 14:18:35 - Checking deployment status in 5 seconds VERBOSE: 14:18:41 - Checking deployment status in 5 seconds VERBOSE: 14:18:46 - Checking deployment status in 5 seconds VERBOSE: 14:18:51 - Checking deployment status in 5 seconds VERBOSE: 14:18:56 - Checking deployment status in 5 seconds VERBOSE: 14:19:01 - Checking deployment status in 5 seconds VERBOSE: 14:19:06 - Checking deployment status in 5 seconds VERBOSE: 14:19:11 - Checking deployment status in 5 seconds VERBOSE: 14:19:16 - Checking deployment status in 5 seconds VERBOSE: 14:19:21 - Checking deployment status in 5 seconds VERBOSE: 14:19:26 - Checking deployment status in 5 seconds VERBOSE: 14:19:32 - Checking deployment status in 5 seconds VERBOSE: 14:19:37 - Checking deployment status in 5 seconds VERBOSE: 14:19:42 - Checking deployment status in 5 seconds VERBOSE: 14:19:47 - Checking deployment status in 5 seconds VERBOSE: 14:19:52 - Checking deployment status in 5 seconds VERBOSE: 14:19:57 - Checking deployment status in 5 seconds VERBOSE: 14:20:02 - Checking deployment status in 5 seconds VERBOSE: 14:20:07 - Checking deployment status in 5 seconds VERBOSE: 14:20:12 - Checking deployment status in 5 seconds VERBOSE: 14:20:17 - Checking deployment status in 13 seconds VERBOSE: 14:20:30 - Checking deployment status in 5 seconds VERBOSE: 14:20:35 - Checking deployment status in 5 seconds VERBOSE: 14:20:41 - Checking deployment status in 5 seconds VERBOSE: 14:20:46 - Checking deployment status in 5 seconds VERBOSE: 14:20:51 - Checking deployment status in 5 seconds VERBOSE: 14:20:56 - Checking deployment status in 5 seconds VERBOSE: 14:21:01 - Checking deployment status in 5 seconds VERBOSE: 14:21:06 - Checking deployment status in 5 seconds VERBOSE: 14:21:11 - Checking deployment status in 5 seconds VERBOSE: 14:21:16 - Checking deployment status in 5 seconds VERBOSE: 14:21:21 - Checking deployment status in 5 seconds VERBOSE: 14:21:26 - Checking deployment status in 5 seconds VERBOSE: 14:21:31 - Checking deployment status in 5 seconds VERBOSE: 14:21:37 - Checking deployment status in 5 seconds VERBOSE: 14:21:42 - Checking deployment status in 5 seconds VERBOSE: 14:21:47 - Checking deployment status in 5 seconds VERBOSE: 14:21:52 - Checking deployment status in 5 seconds VERBOSE: 14:21:57 - Checking deployment status in 5 seconds VERBOSE: 14:22:02 - Checking deployment status in 5 seconds VERBOSE: 14:22:07 - Checking deployment status in 5 seconds VERBOSE: 14:22:12 - Checking deployment status in 5 seconds VERBOSE: 14:22:17 - Checking deployment status in 16 seconds VERBOSE: 14:22:34 - Checking deployment status in 5 seconds VERBOSE: 14:22:39 - Checking deployment status in 5 seconds VERBOSE: 14:22:44 - Checking deployment status in 5 seconds VERBOSE: 14:22:49 - Checking deployment status in 5 seconds VERBOSE: 14:22:54 - Checking deployment status in 5 seconds VERBOSE: 14:22:59 - Checking deployment status in 5 seconds VERBOSE: 14:23:04 - Checking deployment status in 5 seconds VERBOSE: 14:23:09 - Checking deployment status in 5 seconds VERBOSE: 14:23:14 - Checking deployment status in 5 seconds VERBOSE: 14:23:20 - Checking deployment status in 5 seconds VERBOSE: 14:23:25 - Checking deployment status in 5 seconds VERBOSE: 14:23:30 - Checking deployment status in 5 seconds VERBOSE: 14:23:35 - Checking deployment status in 5 seconds VERBOSE: 14:23:40 - Checking deployment status in 5 seconds VERBOSE: 14:23:45 - Checking deployment status in 5 seconds VERBOSE: 14:23:50 - Checking deployment status in 5 seconds VERBOSE: 14:23:55 - Checking deployment status in 5 seconds VERBOSE: 14:24:00 - Checking deployment status in 5 seconds VERBOSE: 14:24:05 - Checking deployment status in 5 seconds VERBOSE: 14:24:10 - Checking deployment status in 5 seconds VERBOSE: 14:24:15 - Checking deployment status in 5 seconds VERBOSE: 14:24:21 - Checking deployment status in 13 seconds VERBOSE: 14:24:34 - Checking deployment status in 5 seconds VERBOSE: 14:24:39 - Checking deployment status in 5 seconds VERBOSE: 14:24:44 - Checking deployment status in 5 seconds VERBOSE: 14:24:49 - Checking deployment status in 5 seconds VERBOSE: 14:24:54 - Checking deployment status in 5 seconds VERBOSE: 14:24:59 - Checking deployment status in 5 seconds VERBOSE: 14:25:04 - Checking deployment status in 5 seconds VERBOSE: 14:25:09 - Checking deployment status in 5 seconds VERBOSE: 14:25:14 - Checking deployment status in 5 seconds VERBOSE: 14:25:20 - Checking deployment status in 5 seconds VERBOSE: 14:25:25 - Checking deployment status in 5 seconds VERBOSE: 14:25:30 - Checking deployment status in 5 seconds VERBOSE: 14:25:35 - Checking deployment status in 5 seconds VERBOSE: 14:25:40 - Checking deployment status in 5 seconds VERBOSE: 14:25:45 - Checking deployment status in 5 seconds VERBOSE: 14:25:50 - Checking deployment status in 5 seconds VERBOSE: 14:25:55 - Checking deployment status in 5 seconds VERBOSE: 14:26:00 - Checking deployment status in 5 seconds VERBOSE: 14:26:05 - Checking deployment status in 5 seconds VERBOSE: 14:26:10 - Checking deployment status in 5 seconds VERBOSE: 14:26:16 - Checking deployment status in 5 seconds VERBOSE: 14:26:21 - Checking deployment status in 14 seconds VERBOSE: 14:26:35 - Resource Microsoft.Network/virtualNetworkGateways 'VNET_SHM_TESTA_GW' provisioning status is succeeded DeploymentName : shm-vnet-template ResourceGroupName : RG_SHM_TESTA_NETWORKING ProvisioningState : Succeeded Timestamp : 23/03/2021 14:26:26 Mode : Incremental TemplateLink : Parameters : Name Type Value ========================= ========================= ========== ipAddresses_ExternalNTP Array [ "216.239.35.0", "216.239.35.4", "216.239.35.8", "216.239.35.12" ] nsG_Identity_Name String NSG_SHM_TESTA_IDENTITY p2S_VPN_Certificate String MIICsjCCAZoCCQCOwGtHmd1q1jANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDDBBT SE0tVEVTVEEtUDJTLUNBMB4XDTIxMDMxNjEzNDU0OFoXDTIzMDYxNjEzNDU0OFow GzEZMBcGA1UEAwwQU0hNLVRFU1RBLVAyUy1DQTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAKqtI8kHqN5e840lxkI3hrt9RGkiVszIHQ8h9hk2muikY/Er UdbDLh1ETq9z80TBY5q6K86bz7mOWlTpk7nu5Rv8v7AIdK+AYMjRmWgyrsAcp7BZ 8JTf9HppQuA5ZtrmHiSe2yw0pJ8bFql93usPgO2ID7ZYgWk+hr1tAPCFjuzQKRrG qvJaQyoV6x+QxMIakcMZblFQX1KbVYmN4XllZ5vEfxfRo+qfdNSFcWfHOHoVYWbe 26avUIVyrU3AFTRpJwm5dyU2oipJ+B+Kylb3AXd8nLrzZJj2RB32WunLNzx3xZQZ t8s/Wa7E9vEIW4068ubx0iby9hqa74xGG8UqxqUCAwEAATANBgkqhkiG9w0BAQsF AAOCAQEADS/nYNURW3/3VhjDoD+avT8aRYLA+aITKQS8peHRIRHNaXIcGLvopJBI ayLenPS+2ri1UYXlrPQsiBMbQT0KyvYYdNLp+g+SEva9ZA/OxPCC8YyEUd6Mlhf9 mg2FgW6yY+QoXHE027kGSOnLyTtx0RCCVui73+rlFJysLlBq4+ZgYg/L7Lw72inn hMBmu507oC3rIPI6AILSYXBREJeif7Z2iM3vyiAVp3o1UDr0FWI26u4rRNPezra6 ziXCrvj1v3K20sP66MZRtkU5oMosPvRkjeDUZESJn7WFrec3gNiScm6fQ3t8YchJ FSCJHHZ8y6EJQ7fuHdxPmxLixCBzcA== shm_Id String testa subnet_Identity_Name String IdentitySubnet subnet_Identity_CIDR String 10.0.0.0/24 subnet_Firewall_Name String AzureFirewallSubnet subnet_Firewall_CIDR String 10.0.2.0/24 subnet_Gateway_Name String GatewaySubnet subnet_Gateway_CIDR String 10.0.7.0/24 virtual_Network_Name String VNET_SHM_TESTA vneT_CIDR String 10.0.0.0/21 vneT_DNS_DC1 String 10.0.0.4 vneT_DNS_DC2 String 10.0.0.5 vpN_CIDR String 172.16.201.0/24 Outputs : DeploymentDebugLogLevel : ResponseContent 2021-03-23 14:26:36 [SUCCESS]: [✔] Template deployment 'shm-vnet-template' succeeded ```Setup_SHM_DC
```pwsh > ./Setup_SHM_DC.ps1 -shmId testa 2021-03-23 14:27:13 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_ARTIFACTS' exists... 2021-03-23 14:27:14 [SUCCESS]: [✔] Resource group 'RG_SHM_TESTA_ARTIFACTS' already exists 2021-03-23 14:27:14 [ INFO]: Ensuring that storage account 'shmtestabootdiagslubiehy' exists in 'RG_SHM_TESTA_ARTIFACTS'... 2021-03-23 14:27:14 [ INFO]: [ ] Creating storage account 'shmtestabootdiagslubiehy' 2021-03-23 14:27:24 [SUCCESS]: [✔] Created storage account 'shmtestabootdiagslubiehy' 2021-03-23 14:27:24 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_ARTIFACTS' exists... 2021-03-23 14:27:25 [SUCCESS]: [✔] Resource group 'RG_SHM_TESTA_ARTIFACTS' already exists 2021-03-23 14:27:25 [ INFO]: Ensuring that storage account 'shmtestaartifactslubiehy' exists in 'RG_SHM_TESTA_ARTIFACTS'... 2021-03-23 14:27:25 [ INFO]: [ ] Creating storage account 'shmtestaartifactslubiehy' 2021-03-23 14:27:35 [SUCCESS]: [✔] Created storage account 'shmtestaartifactslubiehy' 2021-03-23 14:27:35 [ INFO]: Ensuring that blob storage containers exist... 2021-03-23 14:27:35 [ INFO]: Ensuring that storage container 'shm-dsc-dc' exists... 2021-03-23 14:27:36 [SUCCESS]: [✔] Storage container 'shm-dsc-dc' already exists in storage account 'shmtestaartifactslubiehy' 2021-03-23 14:27:36 [ INFO]: Ensuring that storage container 'shm-configuration-dc' exists... 2021-03-23 14:27:37 [SUCCESS]: [✔] Storage container 'shm-configuration-dc' already exists in storage account 'shmtestaartifactslubiehy' 2021-03-23 14:27:37 [ INFO]: Ensuring that storage container 'sre-rds-sh-packages' exists... 2021-03-23 14:27:37 [SUCCESS]: [✔] Storage container 'sre-rds-sh-packages' already exists in storage account 'shmtestaartifactslubiehy' 2021-03-23 14:27:37 [ INFO]: Uploading artifacts to storage account 'shmtestaartifactslubiehy'... 2021-03-23 14:27:37 [ INFO]: [ ] Uploading desired state configuration (DSC) files to blob storage 2021-03-23 14:27:37 [SUCCESS]: [✔] Uploaded desired state configuration (DSC) files 2021-03-23 14:27:37 [ INFO]: [ ] Uploading domain controller (DC) configuration files to blob storage 2021-03-23 14:27:38 [SUCCESS]: [✔] Uploaded domain controller (DC) configuration files 2021-03-23 14:27:38 [ INFO]: [ ] Uploading Windows package installers to blob storage AccountName: shmtestaartifactslubiehy, ContainerName: sre-rds-sh-packages Name BlobType Length ContentType LastModified AccessTier SnapshotTime IsDeleted VersionId ---- -------- ------ ----------- ------------ ---------- ------------ --------- --------- GoogleChrome_x64.msi BlockBlob 74534912 application/octet-stream 2021-03-23 14:27:38Z Hot False PuTTY_x64.msi BlockBlob 2843648 application/x-msi 2021-03-23 14:27:38Z Hot False 2021-03-23 14:27:38 [SUCCESS]: [✔] Uploaded Windows package installers 2021-03-23 14:27:38 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_DC' exists... 2021-03-23 14:27:39 [ INFO]: [ ] Creating resource group 'RG_SHM_TESTA_DC' 2021-03-23 14:27:40 [SUCCESS]: [✔] Created resource group 'RG_SHM_TESTA_DC' 2021-03-23 14:27:40 [ INFO]: Creating/retrieving secrets from Key Vault 'kv-shm-testa'... 2021-03-23 14:27:44 [ INFO]: Deploying domain controller (DC) from template... VERBOSE: Performing the operation "Creating Deployment" on target "RG_SHM_TESTA_DC". WARNING: The DeploymentDebug setting has been enabled. This can potentially log secrets like passwords used in resource property or listKeys operations when you retrieve the deployment operations through Get-AzResourceGroupDeploymentOperation VERBOSE: 14:27:52 - Template is valid. VERBOSE: 14:27:52 - Create template deployment 'shm-dc-template' VERBOSE: 14:27:52 - Checking deployment status in 5 seconds VERBOSE: 14:27:58 - Resource Microsoft.Compute/virtualMachines 'DC1-SHM-TESTA' provisioning status is running VERBOSE: 14:27:58 - Resource Microsoft.Compute/virtualMachines 'DC2-SHM-TESTA' provisioning status is running VERBOSE: 14:27:58 - Resource Microsoft.Network/networkInterfaces 'DC2-SHM-TESTA-NIC' provisioning status is succeeded VERBOSE: 14:27:58 - Resource Microsoft.Network/networkInterfaces 'DC1-SHM-TESTA-NIC' provisioning status is succeeded VERBOSE: 14:27:58 - Resource Microsoft.Compute/availabilitySets 'AVSET-SHM-TESTA-VM-DC' provisioning status is succeeded VERBOSE: 14:27:58 - Checking deployment status in 13 seconds VERBOSE: 14:28:11 - Checking deployment status in 5 seconds VERBOSE: 14:28:16 - Checking deployment status in 5 seconds VERBOSE: 14:28:21 - Checking deployment status in 5 seconds VERBOSE: 14:28:26 - Checking deployment status in 5 seconds VERBOSE: 14:28:31 - Checking deployment status in 5 seconds VERBOSE: 14:28:36 - Checking deployment status in 5 seconds VERBOSE: 14:28:41 - Checking deployment status in 5 seconds VERBOSE: 14:28:46 - Checking deployment status in 5 seconds VERBOSE: 14:28:51 - Checking deployment status in 5 seconds VERBOSE: 14:28:56 - Checking deployment status in 5 seconds VERBOSE: 14:29:01 - Checking deployment status in 5 seconds VERBOSE: 14:29:07 - Checking deployment status in 5 seconds VERBOSE: 14:29:12 - Checking deployment status in 5 seconds VERBOSE: 14:29:17 - Checking deployment status in 5 seconds VERBOSE: 14:29:22 - Checking deployment status in 5 seconds VERBOSE: 14:29:27 - Checking deployment status in 5 seconds VERBOSE: 14:29:32 - Checking deployment status in 5 seconds VERBOSE: 14:29:37 - Checking deployment status in 5 seconds VERBOSE: 14:29:42 - Checking deployment status in 5 seconds VERBOSE: 14:29:47 - Checking deployment status in 5 seconds VERBOSE: 14:29:52 - Checking deployment status in 5 seconds VERBOSE: 14:29:57 - Checking deployment status in 14 seconds VERBOSE: 14:30:11 - Resource Microsoft.Compute/virtualMachines/extensions 'DC1-SHM-TESTA/bginfo' provisioning status is running VERBOSE: 14:30:11 - Resource Microsoft.Compute/virtualMachines/extensions 'DC1-SHM-TESTA/CreateADForest' provisioning status is running VERBOSE: 14:30:11 - Resource Microsoft.Compute/virtualMachines 'DC1-SHM-TESTA' provisioning status is succeeded VERBOSE: 14:30:12 - Checking deployment status in 15 seconds VERBOSE: 14:30:27 - Resource Microsoft.Compute/virtualMachines/extensions 'DC2-SHM-TESTA/bginfo' provisioning status is running VERBOSE: 14:30:27 - Resource Microsoft.Compute/virtualMachines 'DC2-SHM-TESTA' provisioning status is succeeded VERBOSE: 14:30:27 - Checking deployment status in 5 seconds VERBOSE: 14:30:32 - Checking deployment status in 5 seconds VERBOSE: 14:30:37 - Checking deployment status in 5 seconds VERBOSE: 14:30:42 - Checking deployment status in 5 seconds VERBOSE: 14:30:47 - Checking deployment status in 5 seconds VERBOSE: 14:30:52 - Checking deployment status in 5 seconds VERBOSE: 14:30:57 - Checking deployment status in 5 seconds VERBOSE: 14:31:02 - Checking deployment status in 5 seconds VERBOSE: 14:31:07 - Checking deployment status in 5 seconds VERBOSE: 14:31:13 - Checking deployment status in 5 seconds VERBOSE: 14:31:18 - Checking deployment status in 5 seconds VERBOSE: 14:31:23 - Checking deployment status in 5 seconds VERBOSE: 14:31:28 - Checking deployment status in 5 seconds VERBOSE: 14:31:33 - Checking deployment status in 5 seconds VERBOSE: 14:31:38 - Checking deployment status in 5 seconds VERBOSE: 14:31:43 - Checking deployment status in 5 seconds VERBOSE: 14:31:48 - Checking deployment status in 5 seconds VERBOSE: 14:31:53 - Checking deployment status in 5 seconds VERBOSE: 14:31:58 - Checking deployment status in 5 seconds VERBOSE: 14:32:03 - Checking deployment status in 5 seconds VERBOSE: 14:32:08 - Checking deployment status in 5 seconds VERBOSE: 14:32:14 - Checking deployment status in 14 seconds VERBOSE: 14:32:28 - Checking deployment status in 5 seconds VERBOSE: 14:32:33 - Checking deployment status in 5 seconds VERBOSE: 14:32:38 - Checking deployment status in 5 seconds VERBOSE: 14:32:43 - Checking deployment status in 5 seconds VERBOSE: 14:32:48 - Checking deployment status in 5 seconds VERBOSE: 14:32:53 - Resource Microsoft.Compute/virtualMachines/extensions 'DC2-SHM-TESTA/bginfo' provisioning status is succeeded VERBOSE: 14:32:53 - Checking deployment status in 5 seconds VERBOSE: 14:32:58 - Checking deployment status in 5 seconds VERBOSE: 14:33:03 - Checking deployment status in 5 seconds VERBOSE: 14:33:09 - Checking deployment status in 5 seconds VERBOSE: 14:33:14 - Checking deployment status in 5 seconds VERBOSE: 14:33:19 - Checking deployment status in 5 seconds VERBOSE: 14:33:24 - Checking deployment status in 5 seconds VERBOSE: 14:33:29 - Checking deployment status in 5 seconds VERBOSE: 14:33:34 - Checking deployment status in 5 seconds VERBOSE: 14:33:39 - Checking deployment status in 5 seconds VERBOSE: 14:33:44 - Checking deployment status in 5 seconds VERBOSE: 14:33:49 - Checking deployment status in 5 seconds VERBOSE: 14:33:54 - Checking deployment status in 5 seconds VERBOSE: 14:33:59 - Checking deployment status in 5 seconds VERBOSE: 14:34:04 - Checking deployment status in 5 seconds VERBOSE: 14:34:09 - Checking deployment status in 5 seconds VERBOSE: 14:34:15 - Checking deployment status in 14 seconds VERBOSE: 14:34:29 - Checking deployment status in 5 seconds VERBOSE: 14:34:34 - Checking deployment status in 5 seconds VERBOSE: 14:34:39 - Checking deployment status in 5 seconds VERBOSE: 14:34:44 - Checking deployment status in 5 seconds VERBOSE: 14:34:49 - Checking deployment status in 5 seconds VERBOSE: 14:34:54 - Checking deployment status in 5 seconds VERBOSE: 14:34:59 - Checking deployment status in 5 seconds VERBOSE: 14:35:04 - Checking deployment status in 5 seconds VERBOSE: 14:35:10 - Checking deployment status in 5 seconds VERBOSE: 14:35:15 - Checking deployment status in 5 seconds VERBOSE: 14:35:20 - Checking deployment status in 5 seconds VERBOSE: 14:35:25 - Checking deployment status in 5 seconds VERBOSE: 14:35:30 - Checking deployment status in 5 seconds VERBOSE: 14:35:35 - Checking deployment status in 5 seconds VERBOSE: 14:35:40 - Checking deployment status in 5 seconds VERBOSE: 14:35:45 - Checking deployment status in 5 seconds VERBOSE: 14:35:50 - Checking deployment status in 5 seconds VERBOSE: 14:35:55 - Checking deployment status in 5 seconds VERBOSE: 14:36:00 - Checking deployment status in 5 seconds VERBOSE: 14:36:05 - Checking deployment status in 5 seconds VERBOSE: 14:36:11 - Checking deployment status in 5 seconds VERBOSE: 14:36:16 - Checking deployment status in 14 seconds VERBOSE: 14:36:30 - Checking deployment status in 5 seconds VERBOSE: 14:36:35 - Checking deployment status in 5 seconds VERBOSE: 14:36:40 - Checking deployment status in 5 seconds VERBOSE: 14:36:45 - Checking deployment status in 5 seconds VERBOSE: 14:36:50 - Checking deployment status in 5 seconds VERBOSE: 14:36:55 - Checking deployment status in 5 seconds VERBOSE: 14:37:00 - Checking deployment status in 5 seconds VERBOSE: 14:37:05 - Checking deployment status in 5 seconds VERBOSE: 14:37:11 - Checking deployment status in 5 seconds VERBOSE: 14:37:16 - Checking deployment status in 5 seconds VERBOSE: 14:37:21 - Checking deployment status in 5 seconds VERBOSE: 14:37:26 - Checking deployment status in 5 seconds VERBOSE: 14:37:31 - Checking deployment status in 5 seconds VERBOSE: 14:37:36 - Checking deployment status in 5 seconds VERBOSE: 14:37:41 - Checking deployment status in 5 seconds VERBOSE: 14:37:46 - Checking deployment status in 5 seconds VERBOSE: 14:37:51 - Checking deployment status in 5 seconds VERBOSE: 14:37:56 - Checking deployment status in 5 seconds VERBOSE: 14:38:01 - Checking deployment status in 5 seconds VERBOSE: 14:38:06 - Checking deployment status in 5 seconds VERBOSE: 14:38:12 - Checking deployment status in 5 seconds VERBOSE: 14:38:17 - Checking deployment status in 13 seconds VERBOSE: 14:38:30 - Checking deployment status in 5 seconds VERBOSE: 14:38:35 - Checking deployment status in 5 seconds VERBOSE: 14:38:40 - Checking deployment status in 5 seconds VERBOSE: 14:38:45 - Checking deployment status in 5 seconds VERBOSE: 14:38:50 - Checking deployment status in 5 seconds VERBOSE: 14:38:55 - Checking deployment status in 5 seconds VERBOSE: 14:39:00 - Checking deployment status in 5 seconds VERBOSE: 14:39:05 - Checking deployment status in 5 seconds VERBOSE: 14:39:10 - Checking deployment status in 5 seconds VERBOSE: 14:39:15 - Checking deployment status in 5 seconds VERBOSE: 14:39:21 - Checking deployment status in 5 seconds VERBOSE: 14:39:26 - Checking deployment status in 5 seconds VERBOSE: 14:39:31 - Checking deployment status in 5 seconds VERBOSE: 14:39:36 - Checking deployment status in 5 seconds VERBOSE: 14:39:41 - Checking deployment status in 5 seconds VERBOSE: 14:39:46 - Checking deployment status in 5 seconds VERBOSE: 14:39:51 - Checking deployment status in 5 seconds VERBOSE: 14:39:56 - Checking deployment status in 5 seconds VERBOSE: 14:40:01 - Checking deployment status in 5 seconds VERBOSE: 14:40:06 - Checking deployment status in 5 seconds VERBOSE: 14:40:11 - Checking deployment status in 5 seconds VERBOSE: 14:40:17 - Checking deployment status in 14 seconds VERBOSE: 14:40:31 - Checking deployment status in 5 seconds VERBOSE: 14:40:36 - Checking deployment status in 5 seconds VERBOSE: 14:40:41 - Checking deployment status in 5 seconds VERBOSE: 14:40:46 - Checking deployment status in 5 seconds VERBOSE: 14:40:51 - Checking deployment status in 5 seconds VERBOSE: 14:40:56 - Checking deployment status in 5 seconds VERBOSE: 14:41:01 - Checking deployment status in 5 seconds VERBOSE: 14:41:06 - Checking deployment status in 5 seconds VERBOSE: 14:41:11 - Checking deployment status in 5 seconds VERBOSE: 14:41:16 - Checking deployment status in 5 seconds VERBOSE: 14:41:22 - Checking deployment status in 5 seconds VERBOSE: 14:41:27 - Checking deployment status in 5 seconds VERBOSE: 14:41:32 - Checking deployment status in 5 seconds VERBOSE: 14:41:37 - Checking deployment status in 5 seconds VERBOSE: 14:41:42 - Checking deployment status in 5 seconds VERBOSE: 14:41:47 - Checking deployment status in 5 seconds VERBOSE: 14:41:52 - Checking deployment status in 5 seconds VERBOSE: 14:41:57 - Checking deployment status in 5 seconds VERBOSE: 14:42:02 - Checking deployment status in 5 seconds VERBOSE: 14:42:07 - Checking deployment status in 5 seconds VERBOSE: 14:42:12 - Checking deployment status in 5 seconds VERBOSE: 14:42:17 - Checking deployment status in 13 seconds VERBOSE: 14:42:30 - Checking deployment status in 5 seconds VERBOSE: 14:42:36 - Checking deployment status in 5 seconds VERBOSE: 14:42:41 - Checking deployment status in 5 seconds VERBOSE: 14:42:46 - Checking deployment status in 5 seconds VERBOSE: 14:42:51 - Checking deployment status in 5 seconds VERBOSE: 14:42:56 - Checking deployment status in 5 seconds VERBOSE: 14:43:01 - Checking deployment status in 5 seconds VERBOSE: 14:43:06 - Checking deployment status in 5 seconds VERBOSE: 14:43:11 - Checking deployment status in 5 seconds VERBOSE: 14:43:16 - Checking deployment status in 5 seconds VERBOSE: 14:43:21 - Checking deployment status in 5 seconds VERBOSE: 14:43:26 - Checking deployment status in 5 seconds VERBOSE: 14:43:32 - Checking deployment status in 5 seconds VERBOSE: 14:43:37 - Checking deployment status in 5 seconds VERBOSE: 14:43:42 - Checking deployment status in 5 seconds VERBOSE: 14:43:47 - Checking deployment status in 5 seconds VERBOSE: 14:43:52 - Checking deployment status in 5 seconds VERBOSE: 14:43:57 - Checking deployment status in 5 seconds VERBOSE: 14:44:02 - Checking deployment status in 5 seconds VERBOSE: 14:44:07 - Checking deployment status in 5 seconds VERBOSE: 14:44:12 - Checking deployment status in 5 seconds VERBOSE: 14:44:17 - Checking deployment status in 14 seconds VERBOSE: 14:44:31 - Checking deployment status in 5 seconds VERBOSE: 14:44:36 - Checking deployment status in 5 seconds VERBOSE: 14:44:42 - Checking deployment status in 5 seconds VERBOSE: 14:44:47 - Checking deployment status in 5 seconds VERBOSE: 14:44:52 - Checking deployment status in 5 seconds VERBOSE: 14:44:57 - Checking deployment status in 5 seconds VERBOSE: 14:45:02 - Checking deployment status in 5 seconds VERBOSE: 14:45:07 - Checking deployment status in 5 seconds VERBOSE: 14:45:12 - Checking deployment status in 5 seconds VERBOSE: 14:45:17 - Checking deployment status in 5 seconds VERBOSE: 14:45:22 - Checking deployment status in 5 seconds VERBOSE: 14:45:27 - Checking deployment status in 5 seconds VERBOSE: 14:45:32 - Checking deployment status in 5 seconds VERBOSE: 14:45:38 - Checking deployment status in 5 seconds VERBOSE: 14:45:43 - Checking deployment status in 5 seconds VERBOSE: 14:45:48 - Checking deployment status in 5 seconds VERBOSE: 14:45:53 - Checking deployment status in 5 seconds VERBOSE: 14:45:58 - Checking deployment status in 5 seconds VERBOSE: 14:46:03 - Checking deployment status in 5 seconds VERBOSE: 14:46:08 - Checking deployment status in 5 seconds VERBOSE: 14:46:13 - Checking deployment status in 5 seconds VERBOSE: 14:46:18 - Checking deployment status in 13 seconds VERBOSE: 14:46:31 - Checking deployment status in 5 seconds VERBOSE: 14:46:37 - Checking deployment status in 5 seconds VERBOSE: 14:46:42 - Checking deployment status in 5 seconds VERBOSE: 14:46:47 - Checking deployment status in 5 seconds VERBOSE: 14:46:52 - Checking deployment status in 5 seconds VERBOSE: 14:46:57 - Checking deployment status in 5 seconds VERBOSE: 14:47:02 - Checking deployment status in 5 seconds VERBOSE: 14:47:07 - Checking deployment status in 5 seconds VERBOSE: 14:47:12 - Checking deployment status in 5 seconds VERBOSE: 14:47:17 - Checking deployment status in 5 seconds VERBOSE: 14:47:22 - Checking deployment status in 5 seconds VERBOSE: 14:47:27 - Checking deployment status in 5 seconds VERBOSE: 14:47:33 - Checking deployment status in 5 seconds VERBOSE: 14:47:38 - Checking deployment status in 5 seconds VERBOSE: 14:47:43 - Checking deployment status in 5 seconds VERBOSE: 14:47:48 - Checking deployment status in 5 seconds VERBOSE: 14:47:53 - Checking deployment status in 5 seconds VERBOSE: 14:47:58 - Checking deployment status in 5 seconds VERBOSE: 14:48:03 - Checking deployment status in 5 seconds VERBOSE: 14:48:08 - Checking deployment status in 5 seconds VERBOSE: 14:48:13 - Checking deployment status in 5 seconds VERBOSE: 14:48:18 - Checking deployment status in 13 seconds VERBOSE: 14:48:31 - Checking deployment status in 5 seconds VERBOSE: 14:48:37 - Resource Microsoft.Compute/virtualMachines/extensions 'DC2-SHM-TESTA/CreateADBDC' provisioning status is running VERBOSE: 14:48:37 - Resource Microsoft.Compute/virtualMachines/extensions 'DC1-SHM-TESTA/bginfo' provisioning status is succeeded VERBOSE: 14:48:37 - Resource Microsoft.Compute/virtualMachines/extensions 'DC1-SHM-TESTA/CreateADForest' provisioning status is succeeded VERBOSE: 14:48:37 - Checking deployment status in 14 seconds VERBOSE: 14:48:51 - Checking deployment status in 5 seconds VERBOSE: 14:48:56 - Checking deployment status in 5 seconds VERBOSE: 14:49:01 - Checking deployment status in 5 seconds VERBOSE: 14:49:06 - Checking deployment status in 5 seconds VERBOSE: 14:49:11 - Checking deployment status in 5 seconds VERBOSE: 14:49:16 - Checking deployment status in 5 seconds VERBOSE: 14:49:21 - Checking deployment status in 5 seconds VERBOSE: 14:49:27 - Checking deployment status in 5 seconds VERBOSE: 14:49:32 - Checking deployment status in 5 seconds VERBOSE: 14:49:37 - Checking deployment status in 5 seconds VERBOSE: 14:49:42 - Checking deployment status in 5 seconds VERBOSE: 14:49:47 - Checking deployment status in 5 seconds VERBOSE: 14:49:52 - Checking deployment status in 5 seconds VERBOSE: 14:49:57 - Checking deployment status in 5 seconds VERBOSE: 14:50:02 - Checking deployment status in 5 seconds VERBOSE: 14:50:07 - Checking deployment status in 5 seconds VERBOSE: 14:50:12 - Checking deployment status in 5 seconds VERBOSE: 14:50:17 - Checking deployment status in 5 seconds VERBOSE: 14:50:22 - Checking deployment status in 5 seconds VERBOSE: 14:50:28 - Checking deployment status in 5 seconds VERBOSE: 14:50:33 - Checking deployment status in 5 seconds VERBOSE: 14:50:38 - Checking deployment status in 13 seconds VERBOSE: 14:50:51 - Checking deployment status in 5 seconds VERBOSE: 14:50:56 - Checking deployment status in 5 seconds VERBOSE: 14:51:01 - Checking deployment status in 5 seconds VERBOSE: 14:51:07 - Checking deployment status in 5 seconds VERBOSE: 14:51:12 - Checking deployment status in 5 seconds VERBOSE: 14:51:17 - Checking deployment status in 5 seconds VERBOSE: 14:51:22 - Checking deployment status in 5 seconds VERBOSE: 14:51:27 - Checking deployment status in 5 seconds VERBOSE: 14:51:32 - Checking deployment status in 5 seconds VERBOSE: 14:51:37 - Checking deployment status in 5 seconds VERBOSE: 14:51:42 - Checking deployment status in 5 seconds VERBOSE: 14:51:47 - Checking deployment status in 5 seconds VERBOSE: 14:51:52 - Checking deployment status in 5 seconds VERBOSE: 14:51:57 - Checking deployment status in 5 seconds VERBOSE: 14:52:03 - Checking deployment status in 5 seconds VERBOSE: 14:52:08 - Checking deployment status in 5 seconds VERBOSE: 14:52:13 - Checking deployment status in 5 seconds VERBOSE: 14:52:18 - Checking deployment status in 5 seconds VERBOSE: 14:52:23 - Checking deployment status in 5 seconds VERBOSE: 14:52:28 - Checking deployment status in 5 seconds VERBOSE: 14:52:33 - Checking deployment status in 5 seconds VERBOSE: 14:52:38 - Checking deployment status in 13 seconds VERBOSE: 14:52:51 - Checking deployment status in 5 seconds VERBOSE: 14:52:56 - Checking deployment status in 5 seconds VERBOSE: 14:53:02 - Checking deployment status in 5 seconds VERBOSE: 14:53:07 - Checking deployment status in 5 seconds VERBOSE: 14:53:12 - Checking deployment status in 5 seconds VERBOSE: 14:53:17 - Checking deployment status in 5 seconds VERBOSE: 14:53:22 - Checking deployment status in 5 seconds VERBOSE: 14:53:27 - Checking deployment status in 5 seconds VERBOSE: 14:53:32 - Checking deployment status in 5 seconds VERBOSE: 14:53:37 - Checking deployment status in 5 seconds VERBOSE: 14:53:42 - Checking deployment status in 5 seconds VERBOSE: 14:53:48 - Checking deployment status in 5 seconds VERBOSE: 14:53:53 - Checking deployment status in 5 seconds VERBOSE: 14:53:58 - Checking deployment status in 5 seconds VERBOSE: 14:54:03 - Checking deployment status in 5 seconds VERBOSE: 14:54:08 - Checking deployment status in 5 seconds VERBOSE: 14:54:13 - Checking deployment status in 5 seconds VERBOSE: 14:54:18 - Checking deployment status in 5 seconds VERBOSE: 14:54:23 - Checking deployment status in 5 seconds VERBOSE: 14:54:28 - Checking deployment status in 5 seconds VERBOSE: 14:54:33 - Checking deployment status in 5 seconds VERBOSE: 14:54:38 - Checking deployment status in 14 seconds VERBOSE: 14:54:53 - Checking deployment status in 5 seconds VERBOSE: 14:54:58 - Checking deployment status in 5 seconds VERBOSE: 14:55:03 - Checking deployment status in 5 seconds VERBOSE: 14:55:08 - Checking deployment status in 5 seconds VERBOSE: 14:55:13 - Checking deployment status in 5 seconds VERBOSE: 14:55:18 - Checking deployment status in 5 seconds VERBOSE: 14:55:23 - Checking deployment status in 5 seconds VERBOSE: 14:55:28 - Checking deployment status in 5 seconds VERBOSE: 14:55:33 - Checking deployment status in 5 seconds VERBOSE: 14:55:38 - Checking deployment status in 5 seconds VERBOSE: 14:55:44 - Checking deployment status in 5 seconds VERBOSE: 14:55:49 - Checking deployment status in 5 seconds VERBOSE: 14:55:54 - Checking deployment status in 5 seconds VERBOSE: 14:55:59 - Checking deployment status in 5 seconds VERBOSE: 14:56:04 - Checking deployment status in 5 seconds VERBOSE: 14:56:09 - Checking deployment status in 5 seconds VERBOSE: 14:56:14 - Checking deployment status in 5 seconds VERBOSE: 14:56:19 - Checking deployment status in 5 seconds VERBOSE: 14:56:24 - Checking deployment status in 5 seconds VERBOSE: 14:56:29 - Checking deployment status in 5 seconds VERBOSE: 14:56:35 - Checking deployment status in 5 seconds VERBOSE: 14:56:40 - Checking deployment status in 14 seconds VERBOSE: 14:56:54 - Checking deployment status in 5 seconds VERBOSE: 14:56:59 - Checking deployment status in 5 seconds VERBOSE: 14:57:04 - Checking deployment status in 5 seconds VERBOSE: 14:57:09 - Checking deployment status in 5 seconds VERBOSE: 14:57:14 - Checking deployment status in 5 seconds VERBOSE: 14:57:19 - Checking deployment status in 5 seconds VERBOSE: 14:57:24 - Checking deployment status in 5 seconds VERBOSE: 14:57:29 - Checking deployment status in 5 seconds VERBOSE: 14:57:35 - Checking deployment status in 5 seconds VERBOSE: 14:57:40 - Checking deployment status in 5 seconds VERBOSE: 14:57:45 - Checking deployment status in 5 seconds VERBOSE: 14:57:50 - Checking deployment status in 5 seconds VERBOSE: 14:57:55 - Checking deployment status in 5 seconds VERBOSE: 14:58:00 - Checking deployment status in 5 seconds VERBOSE: 14:58:05 - Checking deployment status in 5 seconds VERBOSE: 14:58:10 - Resource Microsoft.Compute/virtualMachines/extensions 'DC2-SHM-TESTA/CreateADBDC' provisioning status is succeeded ResourceGroupName : RG_SHM_TESTA_DC OnErrorDeployment : DeploymentName : shm-dc-template CorrelationId : a51a51de-2dab-4301-80d0-007f8a49dfd7 ProvisioningState : Succeeded Timestamp : 23/03/2021 14:58:08 Mode : Incremental TemplateLink : TemplateLinkString : DeploymentDebugLogLevel : ResponseContent Parameters : {[administrator_Password, Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkModels.DeploymentVariable], [administrator_User, Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkModels.DeploymentVariable], [artifacts_Location, Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkModels.DeploymentVariable], [artifacts_Location_SAS_Token, Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkModels.DeploymentVariable]…} Tags : ParametersString : Name Type Value ================================ ========================= ========== administrator_Password SecureString administrator_User String domaintestaadmin artifacts_Location String https://shmtestaartifactslubiehy.blob.core.windows.net artifacts_Location_SAS_Token SecureString bootDiagnostics_Account_Name String shmtestabootdiagslubiehy dC1_Data_Disk_Size_GB Int 20 dC1_Data_Disk_Type String Standard_LRS dC1_Host_Name String DC1-SHM-TESTA dC1_IP_Address String 10.0.0.4 dC1_Os_Disk_Size_GB Int 128 dC1_Os_Disk_Type String Standard_LRS dC1_VM_Name String DC1-SHM-TESTA dC1_VM_Size String Standard_D2s_v3 dC2_Data_Disk_Size_GB Int 20 dC2_Data_Disk_Type String Standard_LRS dC2_Host_Name String DC2-SHM-TESTA dC2_IP_Address String 10.0.0.5 dC2_Os_Disk_Size_GB Int 128 dC2_Os_Disk_Type String Standard_LRS dC2_VM_Name String DC2-SHM-TESTA dC2_VM_Size String Standard_D2s_v3 domain_Name String testa.dsgroupdev.co.uk domain_NetBIOS_Name String TESTA external_DNS_Resolver String 168.63.129.16 safeMode_Password SecureString shm_Id String testa virtual_Network_Name String VNET_SHM_TESTA virtual_Network_Resource_Group String RG_SHM_TESTA_NETWORKING virtual_Network_Subnet String IdentitySubnet Outputs : OutputsString : 2021-03-23 14:58:11 [SUCCESS]: [✔] Template deployment 'shm-dc-template' succeeded 2021-03-23 14:58:11 [ INFO]: Importing configuration artifacts for: DC1-SHM-TESTA... 2021-03-23 15:01:20 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Clearing all pre-existing files and folders from 'C:\Installation' Directory: C:\ Mode LastWriteTime Length Name ---- ------------- ------ ---- d----- 3/17/2021 11:39 AM Installation Downloading 7 files to 'C:\Installation'... [ ] Fetching https://shmtestaartifactslubiehy.blob.core.windows.net/shm-configuration-dc/CreateUsers.ps1?sv=2019-07-07&sig=LabNHXSV%2B%2FAIMHtJlFR1DUcSdO7%2BgTmjWOcH7bNWI1M%3D&se=2021-03-23T14%3A58%3A18Z&srt=sco&ss=bf&sp=rl... [o] Succeeded [ ] Fetching https://shmtestaartifactslubiehy.blob.core.windows.net/shm-configuration-dc/Disconnect_AD.ps1?sv=2019-07-07&sig=LabNHXSV%2B%2FAIMHtJlFR1DUcSdO7%2BgTmjWOcH7bNWI1M%3D&se=2021-03-23T14%3A58%3A18Z&srt=sco&ss=bf&sp=rl... [o] Succeeded [ ] Fetching https://shmtestaartifactslubiehy.blob.core.windows.net/shm-configuration-dc/GPOs.zip?sv=2019-07-07&sig=LabNHXSV%2B%2FAIMHtJlFR1DUcSdO7%2BgTmjWOcH7bNWI1M%3D&se=2021-03-23T14%3A58%3A18Z&srt=sco&ss=bf&sp=rl... [o] Succeeded [ ] Fetching https://shmtestaartifactslubiehy.blob.core.windows.net/shm-configuration-dc/Run_ADSync.ps1?sv=2019-07-07&sig=LabNHXSV%2B%2FAIMHtJlFR1DUcSdO7%2BgTmjWOcH7bNWI1M%3D&se=2021-03-23T14%3A58%3A18Z&srt=sco&ss=bf&sp=rl... [o] Succeeded [ ] Fetching https://shmtestaartifactslubiehy.blob.core.windows.net/shm-configuration-dc/StartMenuLayoutModification.xml?sv=2019-07-07&sig=LabNHXSV%2B%2FAIMHtJlFR1DUcSdO7%2BgTmjWOcH7bNWI1M%3D&se=2021-03-23T14%3A58%3A18Z&srt=sco&ss=bf&sp=rl... [o] Succeeded [ ] Fetching https://shmtestaartifactslubiehy.blob.core.windows.net/shm-configuration-dc/UpdateAADSyncRule.ps1?sv=2019-07-07&sig=LabNHXSV%2B%2FAIMHtJlFR1DUcSdO7%2BgTmjWOcH7bNWI1M%3D&se=2021-03-23T14%3A58%3A18Z&srt=sco&ss=bf&sp=rl... [o] Succeeded [ ] Fetching https://shmtestaartifactslubiehy.blob.core.windows.net/shm-configuration-dc/user_details_template.csv?sv=2019-07-07&sig=LabNHXSV%2B%2FAIMHtJlFR1DUcSdO7%2BgTmjWOcH7bNWI1M%3D&se=2021-03-23T14%3A58%3A18Z&srt=sco&ss=bf&sp=rl... [o] Succeeded Downloading AzureADConnect to 'C:\Installation'... [o] Completed Extracting zip files... [o] Completed Contents of 'C:\Installation' are: Directory: C:\Installation Mode LastWriteTime Length Name ---- ------------- ------ ---- d----- 3/23/2021 15:00 PM GPOs -a---- 3/23/2021 15:00 PM 101257216 AzureADConnect.msi -a---- 3/23/2021 14:59 PM 2227 CreateUsers.ps1 -a---- 3/23/2021 14:59 PM 1824 Disconnect_AD.ps1 -a---- 3/23/2021 14:59 PM 36260 GPOs.zip -a---- 3/23/2021 14:59 PM 307 Run_ADSync.ps1 -a---- 3/23/2021 14:59 PM 1730 StartMenuLayoutModification.xml -a---- 3/23/2021 14:59 PM 1946 UpdateAADSyncRule.ps1 -a---- 3/23/2021 14:59 PM 149 user_details_template.csv Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:01:20 [ INFO]: Configuring Active Directory for: DC1-SHM-TESTA... 2021-03-23 15:03:31 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : in joining account testadatabasesrvrs... [o] Account 'TESTA Database Servers Manager' (testadatabasesrvrs) created successfully Creating TESTA Identity Servers Manager domain joining account testaidentitysrvrs... [o] Account 'TESTA Identity Servers Manager' (testaidentitysrvrs) created successfully Creating TESTA Linux Servers Manager domain joining account testalinuxsrvrs... [o] Account 'TESTA Linux Servers Manager' (testalinuxsrvrs) created successfully Creating TESTA RDS Gateway Manager domain joining account testagatewaysrvrs... [o] Account 'TESTA RDS Gateway Manager' (testagatewaysrvrs) created successfully Creating TESTA RDS Session Servers Manager domain joining account testasessionsrvrs... [o] Account 'TESTA RDS Session Servers Manager' (testasessionsrvrs) created successfully Creating TESTA Local AD Sync Administrator domain joining account testalocaladsync... [o] Account 'TESTA Local AD Sync Administrator' (testalocaladsync) already exists Adding users to security groups... [ ] Adding 'domaintestaadmin' user to group 'SG Safe Haven Server Administrators' [o] User 'domaintestaadmin' was added to 'SG Safe Haven Server Administrators' Importing GPOs... [o] Importing '0AF343A0-248D-4CA5-B19E-5FA46DAE9F9C' to 'All servers - Local Administrators' succeeded [o] Importing 'EE9EF278-1F3F-461C-9F7A-97F2B82C04B4' to 'All Servers - Windows Update' succeeded [o] Importing '742211F9-1482-4D06-A8DE-BA66101933EB' to 'All Servers - Windows Services' succeeded [o] Importing 'B0A14FC3-292E-4A23-B280-9CC172D92FD5' to 'Session Servers - Remote Desktop Control' succeeded Linking GPOs to OUs... [o] Linking GPO 'All servers - Local Administrators' to 'Secure Research Environment Database Servers' succeeded [o] Linking GPO 'All servers - Local Administrators' to 'Safe Haven Identity Servers' succeeded [o] Linking GPO 'All servers - Local Administrators' to 'Secure Research Environment RDS Session Servers' succeeded [o] Linking GPO 'All servers - Local Administrators' to 'Secure Research Environment RDS Gateway Servers' succeeded [o] Linking GPO 'All Servers - Windows Services' to 'Domain Controllers' succeeded [o] Linking GPO 'All Servers - Windows Services' to 'Secure Research Environment Database Servers' succeeded [o] Linking GPO 'All Servers - Windows Services' to 'Safe Haven Identity Servers' succeeded [o] Linking GPO 'All Servers - Windows Services' to 'Secure Research Environment RDS Session Servers' succeeded [o] Linking GPO 'All Servers - Windows Services' to 'Secure Research Environment RDS Gateway Servers' succeeded [o] Linking GPO 'All Servers - Windows Update' to 'Domain Controllers' succeeded [o] Linking GPO 'All Servers - Windows Update' to 'Secure Research Environment Database Servers' succeeded [o] Linking GPO 'All Servers - Windows Update' to 'Safe Haven Identity Servers' succeeded [o] Linking GPO 'All Servers - Windows Update' to 'Secure Research Environment RDS Session Servers' succeeded [o] Linking GPO 'All Servers - Windows Update' to 'Secure Research Environment RDS Gateway Servers' succeeded [o] Linking GPO 'Session Servers - Remote Desktop Control' to 'Secure Research Environment RDS Session Servers' succeeded Setting AAD sync permissions for AD Sync Service account (testalocaladsync)... [o] Successfully updated ACL permissions for AD Sync Service account 'testalocaladsync' Delegating Active Directory registration permissions to service users... [o] Successfully delegated permissions on the 'Secure Research Environment Database Servers' container to 'TESTA\testadatabasesrvrs' [o] Successfully delegated permissions on the 'Safe Haven Identity Servers' container to 'TESTA\testaidentitysrvrs' [o] Successfully delegated permissions on the 'Secure Research Environment Linux Servers' container to 'TESTA\testalinuxsrvrs' [o] Successfully delegated permissions on the 'Secure Research Environment RDS Gateway Servers' container to 'TESTA\testagatewaysrvrs' [o] Successfully delegated permissions on the 'Secure Research Environment RDS Session Servers' container to 'TESTA\testasessionsrvrs' Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:03:31 [ INFO]: Configuring group policies for: DC1-SHM-TESTA... 2021-03-23 15:05:01 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Found the 'Local Administrators' group: S-1-5-32-544 Ensuring that members of 'SG Safe Haven Server Administrators' are local administrators [o] Successfully set group policies for 'Local Administrators' Setting the layout file for the Remote Desktop servers... [o] Succeeded Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:06:03 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Forward external DNS requests to Microsoft Azure DNS server... UseRootHint : True Timeout(s) : 3 EnableReordering : True IPAddress : 168.63.129.16 ReorderedIPAddress : 168.63.129.16 [o] Successfully created/updated DNS forwarding [ ] Creating reverse-lookup zone for '10.0.0.0/24'... [o] Successfully created reverse-lookup zone for '10.0.0.0/24' Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:07:16 [ INFO]: Updating DC VM 'DC1-SHM-TESTA'... 2021-03-23 15:07:16 [ INFO]: [ ] Installing core Powershell modules on 'DC1-SHM-TESTA' 2021-03-23 15:10:17 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Installing NuGet... [o] NuGet 2.8.5.208 is installed Installing PackageManagement... [o] PackageManagement 1.4.7 is installed Installing PowerShellGet... [o] PowerShellGet 2.2.5 is installed Installing PSWindowsUpdate... [o] PSWindowsUpdate 2.2.0.2 is installed Newly installed modules: ... PSWindowsUpdate Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:10:17 [ INFO]: [ ] Installing additional Powershell modules on 'DC1-SHM-TESTA' 2021-03-23 15:12:18 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Installing MSOnline... [o] MSOnline 1.1.183.57 is installed Newly installed modules: ... MSOnline Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:12:18 [ INFO]: [ ] Setting time/locale and installing updates on 'DC1-SHM-TESTA' 2021-03-23 15:16:49 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : [ ] Setting locale... [o] Setting locale to 'en-GB' succeeded [ ] Setting time zone... [o] Setting time zone to 'GMT Standard Time' succeeded [ ] Setting NTP server... [o] Setting NTP server to 'time.google.com' succeeded [ ] Found 4 Windows updates to install: ... Microsoft Silverlight (KB4481252) ... 2020-10 Security Update for Adobe Flash Player for Windows Server 2019 for x64-based Systems (KB4580325) ... Security Update for Windows Server 2019 for x64-based Systems (KB4535680) ... Windows Malicious Software Removal Tool x64 - v5.86 (KB890830) [o] Installing Windows updates succeeded. Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:16:51 [ INFO]: [ ] Restarting VM 'DC1-SHM-TESTA' 2021-03-23 15:17:22 [SUCCESS]: [✔] VM 'DC1-SHM-TESTA' successfully restarted. 2021-03-23 15:19:53 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Forward external DNS requests to Microsoft Azure DNS server... UseRootHint : True Timeout(s) : 3 EnableReordering : True IPAddress : {168.63.129.16, 10.0.0.4} ReorderedIPAddress : {168.63.129.16, 10.0.0.4} [o] Successfully created/updated DNS forwarding Reverse-lookup zone for '10.0.0.0/24' already exists Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:21:07 [ INFO]: Updating DC VM 'DC2-SHM-TESTA'... 2021-03-23 15:21:07 [ INFO]: [ ] Installing core Powershell modules on 'DC2-SHM-TESTA' 2021-03-23 15:24:38 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Installing NuGet... [o] NuGet 2.8.5.208 is installed Installing PackageManagement... [o] PackageManagement 1.4.7 is installed Installing PowerShellGet... [o] PowerShellGet 2.2.5 is installed Installing PSWindowsUpdate... [o] PSWindowsUpdate 2.2.0.2 is installed Newly installed modules: ... PSWindowsUpdate Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:24:38 [ INFO]: [ ] Installing additional Powershell modules on 'DC2-SHM-TESTA' 2021-03-23 15:27:09 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Installing MSOnline... [o] MSOnline 1.1.183.57 is installed Newly installed modules: ... MSOnline Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:27:09 [ INFO]: [ ] Setting time/locale and installing updates on 'DC2-SHM-TESTA' 2021-03-23 15:31:41 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : [ ] Setting locale... [o] Setting locale to 'en-GB' succeeded [ ] Setting time zone... [o] Setting time zone to 'GMT Standard Time' succeeded [ ] Setting NTP server... [o] Setting NTP server to 'time.google.com' succeeded [ ] Found 4 Windows updates to install: ... Microsoft Silverlight (KB4481252) ... 2020-10 Security Update for Adobe Flash Player for Windows Server 2019 for x64-based Systems (KB4580325) ... Security Update for Windows Server 2019 for x64-based Systems (KB4535680) ... Windows Malicious Software Removal Tool x64 - v5.86 (KB890830) [o] Installing Windows updates succeeded. Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:31:44 [ INFO]: [ ] Restarting VM 'DC2-SHM-TESTA' 2021-03-23 15:32:14 [SUCCESS]: [✔] VM 'DC2-SHM-TESTA' successfully restarted. ```Setup_SHM_NPS
```pwsh > ./Setup_SHM_NPS.ps1 -shmId testa 2021-03-23 15:36:54 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_NPS' exists... 2021-03-23 15:36:54 [ INFO]: [ ] Creating resource group 'RG_SHM_TESTA_NPS' 2021-03-23 15:36:55 [SUCCESS]: [✔] Created resource group 'RG_SHM_TESTA_NPS' 2021-03-23 15:36:55 [ INFO]: Creating/retrieving secrets from Key Vault 'kv-shm-testa'... 2021-03-23 15:37:00 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_ARTIFACTS' exists... 2021-03-23 15:37:01 [SUCCESS]: [✔] Resource group 'RG_SHM_TESTA_ARTIFACTS' already exists 2021-03-23 15:37:01 [ INFO]: Ensuring that storage account 'shmtestaartifactslubiehy' exists in 'RG_SHM_TESTA_ARTIFACTS'... 2021-03-23 15:37:01 [SUCCESS]: [✔] Storage account 'shmtestaartifactslubiehy' already exists 2021-03-23 15:37:01 [ INFO]: Ensuring that storage container 'shm-configuration-nps' exists... 2021-03-23 15:37:02 [ INFO]: [ ] Creating storage container 'shm-configuration-nps' in storage account 'shmtestaartifactslubiehy' 2021-03-23 15:37:03 [SUCCESS]: [✔] Created storage container 'shm-configuration-nps' in storage account 'shmtestaartifactslubiehy 2021-03-23 15:37:03 [ INFO]: Uploading artifacts to storage account 'shmtestaartifactslubiehy'... 2021-03-23 15:37:03 [ INFO]: [ ] Uploading network policy server (NPS) configuration files to blob storage 2021-03-23 15:37:03 [SUCCESS]: [✔] Uploaded NPS configuration files 2021-03-23 15:37:03 [ INFO]: Deploying network policy server (NPS) from template... VERBOSE: Performing the operation "Creating Deployment" on target "RG_SHM_TESTA_NPS". WARNING: The DeploymentDebug setting has been enabled. This can potentially log secrets like passwords used in resource property or listKeys operations when you retrieve the deployment operations through Get-AzResourceGroupDeploymentOperation VERBOSE: 15:37:04 - Template is valid. VERBOSE: 15:37:05 - Create template deployment 'shm-nps-template' VERBOSE: 15:37:05 - Checking deployment status in 5 seconds VERBOSE: 15:37:10 - Resource Microsoft.Compute/virtualMachines 'NPS-SHM-TESTA' provisioning status is running VERBOSE: 15:37:10 - Resource Microsoft.Network/networkInterfaces 'NPS-SHM-TESTA-NIC' provisioning status is succeeded VERBOSE: 15:37:10 - Checking deployment status in 15 seconds VERBOSE: 15:37:25 - Checking deployment status in 5 seconds VERBOSE: 15:37:30 - Checking deployment status in 5 seconds VERBOSE: 15:37:35 - Checking deployment status in 5 seconds VERBOSE: 15:37:40 - Checking deployment status in 5 seconds VERBOSE: 15:37:45 - Checking deployment status in 5 seconds VERBOSE: 15:37:50 - Checking deployment status in 5 seconds VERBOSE: 15:37:55 - Checking deployment status in 5 seconds VERBOSE: 15:38:00 - Checking deployment status in 5 seconds VERBOSE: 15:38:05 - Checking deployment status in 5 seconds VERBOSE: 15:38:11 - Checking deployment status in 5 seconds VERBOSE: 15:38:16 - Checking deployment status in 5 seconds VERBOSE: 15:38:21 - Checking deployment status in 5 seconds VERBOSE: 15:38:26 - Checking deployment status in 5 seconds VERBOSE: 15:38:31 - Checking deployment status in 5 seconds VERBOSE: 15:38:36 - Checking deployment status in 5 seconds VERBOSE: 15:38:41 - Checking deployment status in 5 seconds VERBOSE: 15:38:46 - Checking deployment status in 5 seconds VERBOSE: 15:38:51 - Checking deployment status in 5 seconds VERBOSE: 15:38:56 - Checking deployment status in 5 seconds VERBOSE: 15:39:01 - Checking deployment status in 5 seconds VERBOSE: 15:39:06 - Checking deployment status in 5 seconds VERBOSE: 15:39:12 - Resource Microsoft.Compute/virtualMachines/extensions 'NPS-SHM-TESTA/bginfo' provisioning status is running VERBOSE: 15:39:12 - Resource Microsoft.Compute/virtualMachines 'NPS-SHM-TESTA' provisioning status is succeeded VERBOSE: 15:39:12 - Checking deployment status in 16 seconds VERBOSE: 15:39:28 - Checking deployment status in 5 seconds VERBOSE: 15:39:33 - Checking deployment status in 5 seconds VERBOSE: 15:39:38 - Checking deployment status in 5 seconds VERBOSE: 15:39:43 - Checking deployment status in 5 seconds VERBOSE: 15:39:48 - Checking deployment status in 5 seconds VERBOSE: 15:39:53 - Checking deployment status in 5 seconds VERBOSE: 15:39:58 - Checking deployment status in 5 seconds VERBOSE: 15:40:03 - Checking deployment status in 5 seconds VERBOSE: 15:40:09 - Checking deployment status in 5 seconds VERBOSE: 15:40:14 - Checking deployment status in 5 seconds VERBOSE: 15:40:19 - Checking deployment status in 5 seconds VERBOSE: 15:40:24 - Checking deployment status in 5 seconds VERBOSE: 15:40:29 - Checking deployment status in 5 seconds VERBOSE: 15:40:34 - Checking deployment status in 5 seconds VERBOSE: 15:40:39 - Checking deployment status in 5 seconds VERBOSE: 15:40:44 - Checking deployment status in 5 seconds VERBOSE: 15:40:49 - Checking deployment status in 5 seconds VERBOSE: 15:40:54 - Checking deployment status in 5 seconds VERBOSE: 15:41:00 - Checking deployment status in 5 seconds VERBOSE: 15:41:05 - Checking deployment status in 5 seconds VERBOSE: 15:41:10 - Checking deployment status in 5 seconds VERBOSE: 15:41:15 - Checking deployment status in 13 seconds VERBOSE: 15:41:28 - Resource Microsoft.Compute/virtualMachines/extensions 'NPS-SHM-TESTA/joindomain' provisioning status is running VERBOSE: 15:41:28 - Resource Microsoft.Compute/virtualMachines/extensions 'NPS-SHM-TESTA/bginfo' provisioning status is succeeded VERBOSE: 15:41:28 - Checking deployment status in 6 seconds VERBOSE: 15:41:34 - Checking deployment status in 5 seconds VERBOSE: 15:41:39 - Checking deployment status in 5 seconds VERBOSE: 15:41:44 - Checking deployment status in 5 seconds VERBOSE: 15:41:49 - Checking deployment status in 5 seconds VERBOSE: 15:41:54 - Checking deployment status in 5 seconds VERBOSE: 15:41:59 - Checking deployment status in 5 seconds VERBOSE: 15:42:05 - Checking deployment status in 5 seconds VERBOSE: 15:42:10 - Checking deployment status in 5 seconds VERBOSE: 15:42:15 - Checking deployment status in 5 seconds VERBOSE: 15:42:20 - Checking deployment status in 5 seconds VERBOSE: 15:42:25 - Checking deployment status in 5 seconds VERBOSE: 15:42:30 - Resource Microsoft.Compute/virtualMachines/extensions 'NPS-SHM-TESTA/joindomain' provisioning status is succeeded DeploymentName : shm-nps-template ResourceGroupName : RG_SHM_TESTA_NPS ProvisioningState : Succeeded Timestamp : 23/03/2021 15:42:28 Mode : Incremental TemplateLink : Parameters : Name Type Value ================================ ========================= ========== administrator_User String shmtestaadmin administrator_Password SecureString bootDiagnostics_Account_Name String shmtestabootdiagslubiehy domain_Join_Password SecureString domain_Join_User String testaidentitysrvrs domain_Name String testa.dsgroupdev.co.uk npS_Data_Disk_Size_GB Int 20 npS_Data_Disk_Type String Standard_LRS npS_Host_Name String NPS-SHM-TESTA npS_IP_Address String 10.0.0.6 npS_Os_Disk_Size_GB Int 128 npS_Os_Disk_Type String Standard_LRS npS_VM_Name String NPS-SHM-TESTA npS_VM_Size String Standard_D2s_v3 oU_Path String OU=Safe Haven Identity Servers,DC=testa,DC=dsgroupdev,DC=co,DC=uk virtual_Network_Name String VNET_SHM_TESTA virtual_Network_Resource_Group String RG_SHM_TESTA_NETWORKING virtual_Network_Subnet String IdentitySubnet Outputs : DeploymentDebugLogLevel : ResponseContent 2021-03-23 15:42:31 [SUCCESS]: [✔] Template deployment 'shm-nps-template' succeeded 2021-03-23 15:42:31 [ INFO]: Configuring NPS server 'NPS-SHM-TESTA'... 2021-03-23 15:45:02 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Clearing all pre-existing files and folders from 'C:\Installation' Installing NPAS feature... Success Restart Needed Exit Code Feature Result ------- -------------- --------- -------------- True No Success {Network Policy and Access Services, Remot... [o] Successfully installed NPAS Setting SQL Firewall rules... [o] Set inbound rule [o] Set outbound rule Formatting data drive... [o] Completed Downloading NPS extension to 'C:\Installation'... [o] Successfully downloaded NPS extension Installing NPS extension... [o] Successfully installed NPS extension Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:45:02 [ INFO]: Importing NPS configuration 'NPS-SHM-TESTA'... 2021-03-23 15:46:15 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Downloading 2 files to 'C:\Installation'... Importing NPS configuration for RDG_CAP policy... Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:46:15 [ INFO]: Updating NPS VM 'NPS-SHM-TESTA'... 2021-03-23 15:46:15 [ INFO]: [ ] Installing core Powershell modules on 'NPS-SHM-TESTA' 2021-03-23 15:49:16 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Installing NuGet... [o] NuGet 2.8.5.208 is installed Installing PackageManagement... [o] PackageManagement 1.4.7 is installed Installing PowerShellGet... [o] PowerShellGet 2.2.5 is installed Installing PSWindowsUpdate... [o] PSWindowsUpdate 2.2.0.2 is installed Newly installed modules: ... PSWindowsUpdate Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:49:16 [ INFO]: [ ] Setting time/locale and installing updates on 'NPS-SHM-TESTA' 2021-03-23 15:53:17 [SUCCESS]: [✔] Remote script execution succeeded Code : ComponentStatus/StdOut/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : [ ] Setting locale... [o] Setting locale to 'en-GB' succeeded [ ] Setting time zone... [o] Setting time zone to 'GMT Standard Time' succeeded [ ] Setting NTP server... [o] Setting NTP server to 'time.google.com' succeeded [ ] Found 5 Windows updates to install: ... Microsoft Silverlight (KB4481252) ... 2020-10 Security Update for Adobe Flash Player for Windows Server 2019 for x64-based Systems (KB4580325) ... Security Update for Windows Server 2019 for x64-based Systems (KB4535680) ... Windows Malicious Software Removal Tool x64 - v5.86 (KB890830) ... Update for Microsoft Defender Antivirus antimalware platform - KB4052623 (Version 4.18.2102.4) [o] Installing Windows updates succeeded. Time : Code : ComponentStatus/StdErr/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Time : 2021-03-23 15:53:19 [ INFO]: [ ] Restarting VM 'NPS-SHM-TESTA' 2021-03-23 15:53:49 [SUCCESS]: [✔] VM 'NPS-SHM-TESTA' successfully restarted. ```Setup_SHM_Firewall
```pwsh > ./Setup_SHM_Firewall.ps1 -shmId testa 2021-03-23 15:58:33 [ INFO]: Ensuring that subnet 'AzureFirewallSubnet' exists... 2021-03-23 15:58:34 [SUCCESS]: [✔] Subnet 'AzureFirewallSubnet' already exists 2021-03-23 15:58:34 [ INFO]: Ensuring that public IP address 'FIREWALL-SHM-TESTA-PIP' exists... 2021-03-23 15:58:35 [ INFO]: [ ] Creating public IP address 'FIREWALL-SHM-TESTA-PIP' 2021-03-23 15:58:38 [SUCCESS]: [✔] Created public IP address 'FIREWALL-SHM-TESTA-PIP' 2021-03-23 15:58:38 [ INFO]: Ensuring that firewall 'FIREWALL-SHM-TESTA' exists... 2021-03-23 15:58:38 [ INFO]: [ ] Creating firewall 'FIREWALL-SHM-TESTA' 2021-03-23 16:02:20 [SUCCESS]: [✔] Created firewall 'FIREWALL-SHM-TESTA' 2021-03-23 16:02:20 [ INFO]: Ensuring that firewall 'FIREWALL-SHM-TESTA' is running... 2021-03-23 16:02:22 [SUCCESS]: [✔] Firewall 'FIREWALL-SHM-TESTA' is already running. 2021-03-23 16:02:22 [ INFO]: Enable logging for this firewall 2021-03-23 16:02:22 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_LOGGING' exists... 2021-03-23 16:02:23 [ INFO]: [ ] Creating resource group 'RG_SHM_TESTA_LOGGING' 2021-03-23 16:02:24 [SUCCESS]: [✔] Created resource group 'RG_SHM_TESTA_LOGGING' 2021-03-23 16:02:24 [ INFO]: Ensuring that log analytics workspace 'shmtestaloganalytics' exists... 2021-03-23 16:02:25 [ INFO]: [ ] Creating log analytics workspace 'shmtestaloganalytics' 2021-03-23 16:02:46 [SUCCESS]: [✔] Created log analytics workspace 'shmtestaloganalytics' 2021-03-23 16:02:55 [SUCCESS]: [✔] Enabled logging to workspace 'shmtestaloganalytics' 2021-03-23 16:02:55 [ INFO]: [ ] Ensuring that route table 'ROUTE-TABLE-SHM-TESTA' exists... 2021-03-23 16:02:55 [ INFO]: [ ] Creating route table 'ROUTE-TABLE-SHM-TESTA' 2021-03-23 16:03:07 [SUCCESS]: [✔] Created route table 'ROUTE-TABLE-SHM-TESTA' 2021-03-23 16:03:08 [ INFO]: Setting firewall rules from template... 2021-03-23 16:03:09 [ INFO]: [ ] Ensuring that route 'ViaFirewall' exists... 2021-03-23 16:03:09 [ INFO]: [ ] Creating route 'ViaFirewall' 2021-03-23 16:03:22 [SUCCESS]: [✔] Created route 'ViaFirewall' 2021-03-23 16:03:22 [ INFO]: [ ] Ensuring that route 'ViaVpn' exists... 2021-03-23 16:03:23 [ INFO]: [ ] Creating route 'ViaVpn' 2021-03-23 16:03:35 [SUCCESS]: [✔] Created route 'ViaVpn' 2021-03-23 16:03:56 [ INFO]: Setting rules for application rule collection 'shm-testa-allow'... 2021-03-23 16:03:56 [ INFO]: [ ] Ensuring that application rule 'AllowWindowsUpdate' exists... 2021-03-23 16:03:57 [SUCCESS]: [✔] Added application rule 'AllowWindowsUpdate' to set of rules to update on remote firewall. 2021-03-23 16:03:57 [ INFO]: [ ] Ensuring that application rule 'AllowUbuntuUpdate' exists... 2021-03-23 16:03:57 [SUCCESS]: [✔] Added application rule 'AllowUbuntuUpdate' to set of rules to update on remote firewall. 2021-03-23 16:03:57 [ INFO]: [ ] Ensuring that application rule 'AllowDocker' exists... 2021-03-23 16:03:58 [SUCCESS]: [✔] Added application rule 'AllowDocker' to set of rules to update on remote firewall. 2021-03-23 16:03:58 [ INFO]: [ ] Ensuring that application rule 'AllowCertificateStatusCheck' exists... 2021-03-23 16:03:58 [SUCCESS]: [✔] Added application rule 'AllowCertificateStatusCheck' to set of rules to update on remote firewall. 2021-03-23 16:03:58 [ INFO]: [ ] Ensuring that application rule 'AllowNTP' exists... 2021-03-23 16:03:59 [SUCCESS]: [✔] Added application rule 'AllowNTP' to set of rules to update on remote firewall. 2021-03-23 16:03:59 [ INFO]: [ ] Ensuring that application rule 'AllowLogAnalytics' exists... 2021-03-23 16:03:59 [SUCCESS]: [✔] Added application rule 'AllowLogAnalytics' to set of rules to update on remote firewall. 2021-03-23 16:03:59 [ INFO]: [ ] Ensuring that application rule 'AllowPyPIPackageInstallation' exists... 2021-03-23 16:03:59 [SUCCESS]: [✔] Added application rule 'AllowPyPIPackageInstallation' to set of rules to update on remote firewall. 2021-03-23 16:03:59 [ INFO]: [ ] Ensuring that application rule 'AllowCRANPackageInstallation' exists... 2021-03-23 16:04:00 [SUCCESS]: [✔] Added application rule 'AllowCRANPackageInstallation' to set of rules to update on remote firewall. 2021-03-23 16:04:00 [ INFO]: [ ] Ensuring that application rule 'AllowAzureADLogin' exists... 2021-03-23 16:04:01 [SUCCESS]: [✔] Added application rule 'AllowAzureADLogin' to set of rules to update on remote firewall. 2021-03-23 16:04:01 [ INFO]: [ ] Ensuring that application rule 'AllowAzureMFAConnectOperations' exists... 2021-03-23 16:04:01 [SUCCESS]: [✔] Added application rule 'AllowAzureMFAConnectOperations' to set of rules to update on remote firewall. 2021-03-23 16:04:01 [ INFO]: [ ] Ensuring that application rule 'AllowADConnectOperations' exists... 2021-03-23 16:04:02 [SUCCESS]: [✔] Added application rule 'AllowADConnectOperations' to set of rules to update on remote firewall. 2021-03-23 16:04:02 [ INFO]: [ ] Ensuring that application rule 'AllowMSOnlinePSModule' exists... 2021-03-23 16:04:02 [SUCCESS]: [✔] Added application rule 'AllowMSOnlinePSModule' to set of rules to update on remote firewall. 2021-03-23 16:04:02 [ INFO]: [ ] Ensuring that application rule 'AllowPowershellModuleInstallation' exists... 2021-03-23 16:04:03 [SUCCESS]: [✔] Added application rule 'AllowPowershellModuleInstallation' to set of rules to update on remote firewall. 2021-03-23 16:04:03 [ INFO]: [ ] Ensuring that application rule 'AllowADConnectSetup' exists... 2021-03-23 16:04:03 [SUCCESS]: [✔] Added application rule 'AllowADConnectSetup' to set of rules to update on remote firewall. 2021-03-23 16:04:03 [ INFO]: [ ] Ensuring that application rule 'AllowAzureADLoginForADConnectAndMFAConnectSetup' exists... 2021-03-23 16:04:04 [SUCCESS]: [✔] Added application rule 'AllowAzureADLoginForADConnectAndMFAConnectSetup' to set of rules to update on remote firewall. 2021-03-23 16:04:04 [ INFO]: Setting firewall network rules... 2021-03-23 16:04:04 [ INFO]: Setting rules for network rule collection 'shm-testa-allow'... 2021-03-23 16:04:04 [ INFO]: [ ] Ensuring that traffic from '*' to '216.239.35.0 216.239.35.4 216.239.35.8 216.239.35.12' on port '123' over UDP is set on FIREWALL-SHM-TESTA... 2021-03-23 16:04:05 [SUCCESS]: [✔] Added network rule 'AllowNTP' to set of rules to update on remote firewall. 2021-03-23 16:04:05 [ INFO]: [ ] Updating remote firewall with rule changes... 2021-03-23 16:05:48 [SUCCESS]: [✔] Updated remote firewall with rule changes. 2021-03-23 16:05:52 [ INFO]: [ ] Restarting VM 'DC1-SHM-TESTA' 2021-03-23 16:06:23 [SUCCESS]: [✔] VM 'DC1-SHM-TESTA' successfully restarted. ```Setup_SHM_Nexus
```pwsh > ./Setup_SHM_Nexus.ps1 -shmId testa -tier 2 2021-03-23 16:10:09 [ INFO]: Creating/retrieving secrets from Key Vault 'kv-shm-testa'... 2021-03-23 16:10:21 [ INFO]: Ensuring that storage account 'shmtestabootdiagslubiehy' exists in 'RG_SHM_TESTA_ARTIFACTS'... 2021-03-23 16:10:22 [SUCCESS]: [✔] Storage account 'shmtestabootdiagslubiehy' already exists 2021-03-23 16:10:23 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_NEXUS_REPOSITORIES' exists... 2021-03-23 16:10:24 [ INFO]: [ ] Creating resource group 'RG_SHM_TESTA_NEXUS_REPOSITORIES' 2021-03-23 16:10:25 [SUCCESS]: [✔] Created resource group 'RG_SHM_TESTA_NEXUS_REPOSITORIES' 2021-03-23 16:10:25 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_NETWORKING' exists... 2021-03-23 16:10:26 [SUCCESS]: [✔] Resource group 'RG_SHM_TESTA_NETWORKING' already exists 2021-03-23 16:10:26 [ INFO]: Ensuring that virtual network 'VNET_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' exists... 2021-03-23 16:10:26 [ INFO]: [ ] Creating virtual network 'VNET_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' 2021-03-23 16:10:31 [SUCCESS]: [✔] Created virtual network 'VNET_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' 2021-03-23 16:10:31 [ INFO]: Ensuring that subnet 'RepositorySubnet' exists... 2021-03-23 16:10:31 [ INFO]: [ ] Creating subnet 'RepositorySubnet' 2021-03-23 16:10:36 [SUCCESS]: [✔] Created subnet 'RepositorySubnet' 2021-03-23 16:10:37 [ INFO]: [ ] Attaching repository subnet to SHM route table 2021-03-23 16:10:43 [SUCCESS]: [✔] Attached subnet 'RepositorySubnet' to SHM route table. 2021-03-23 16:10:43 [ INFO]: Peering repository virtual network to SHM virtual network 2021-03-23 16:10:43 [ INFO]: Peering virtual networks VNET_SHM_TESTA_NEXUS_REPOSITORY_TIER_2 and VNET_SHM_TESTA. 2021-03-23 16:10:59 [ INFO]: [ ] Adding peering 'PEER_VNET_SHM_TESTA' to virtual network VNET_SHM_TESTA_NEXUS_REPOSITORY_TIER_2. 2021-03-23 16:11:10 [SUCCESS]: [✔] Adding peering 'PEER_VNET_SHM_TESTA' succeeded 2021-03-23 16:11:12 [ INFO]: [ ] Adding peering 'PEER_VNET_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' to virtual network VNET_SHM_TESTA. 2021-03-23 16:11:33 [SUCCESS]: [✔] Adding peering 'PEER_VNET_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' succeeded 2021-03-23 16:11:33 [ INFO]: Ensuring that network security group 'NSG_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' exists... 2021-03-23 16:11:34 [ INFO]: [ ] Creating network security group 'NSG_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' 2021-03-23 16:11:39 [SUCCESS]: [✔] Created network security group 'NSG_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' 2021-03-23 16:11:39 [ INFO]: [ ] Setting 4 rules for Network Security Group 'NSG_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' 2021-03-23 16:11:46 [SUCCESS]: [✔] Set AllowRepositoryAccessInbound rule to Allow connections from VirtualNetwork to ports 80 on 10.30.1.0/24. 2021-03-23 16:11:46 [SUCCESS]: [✔] Set IgnoreRulesBelowHereInbound rule to Deny connections from any source to any port on any destination. 2021-03-23 16:11:46 [SUCCESS]: [✔] Set AllowPackageFetchingFromInternetOutbound rule to Allow connections from 10.30.1.0/24 to ports 80 443 on Internet. 2021-03-23 16:11:46 [SUCCESS]: [✔] Set IgnoreRulesBelowHereOutbound rule to Deny connections from any source to any port on any destination. 2021-03-23 16:11:49 [ INFO]: Ensuring that NSG 'NSG_SHM_TESTA_NEXUS_REPOSITORY_TIER_2' is attached to subnet 'RepositorySubnet'... 2021-03-23 16:11:55 [SUCCESS]: [✔] Set network security group on 'RepositorySubnet' 2021-03-23 16:11:55 [ INFO]: Ensuring that VM network card 'NEXUS-REPOSITORY-TIER-2-NIC' exists... 2021-03-23 16:11:56 [ INFO]: [ ] Creating VM network card 'NEXUS-REPOSITORY-TIER-2-NIC' 2021-03-23 16:11:57 [SUCCESS]: [✔] Created VM network card 'NEXUS-REPOSITORY-TIER-2-NIC' 2021-03-23 16:11:58 [ INFO]: Ensuring that virtual machine 'NEXUS-REPOSITORY-TIER-2' exists... 2021-03-23 16:12:02 [ INFO]: [ ] Creating virtual machine 'NEXUS-REPOSITORY-TIER-2' 2021-03-23 16:12:25 [SUCCESS]: [✔] Created virtual machine 'NEXUS-REPOSITORY-TIER-2' 2021-03-23 16:12:55 [ INFO]: Waiting for cloud-init provisioning to finish for NEXUS-REPOSITORY-TIER-2... 2021-03-23 16:20:04 [SUCCESS]: [✔] Cloud-init provisioning is finished for NEXUS-REPOSITORY-TIER-2 2021-03-23 16:20:07 [ INFO]: [ ] Starting VM 'NEXUS-REPOSITORY-TIER-2' 2021-03-23 16:20:18 [SUCCESS]: [✔] VM 'NEXUS-REPOSITORY-TIER-2' successfully started. ```Setup_SHM_Package_Mirrors
```pwsh > ./Setup_SHM_Package_Mirrors.ps1 -shmId testa 2021-03-23 16:23:49 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_PKG_MIRRORS' exists... 2021-03-23 16:23:50 [ INFO]: [ ] Creating resource group 'RG_SHM_TESTA_PKG_MIRRORS' 2021-03-23 16:23:50 [SUCCESS]: [✔] Created resource group 'RG_SHM_TESTA_PKG_MIRRORS' 2021-03-23 16:23:50 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_NETWORKING' exists... 2021-03-23 16:23:51 [SUCCESS]: [✔] Resource group 'RG_SHM_TESTA_NETWORKING' already exists 2021-03-23 16:23:51 [ INFO]: Ensuring that virtual network 'VNET_SHM_TESTA_PACKAGE_MIRRORS_TIER3' exists... 2021-03-23 16:23:52 [ INFO]: [ ] Creating virtual network 'VNET_SHM_TESTA_PACKAGE_MIRRORS_TIER3' 2021-03-23 16:23:56 [SUCCESS]: [✔] Created virtual network 'VNET_SHM_TESTA_PACKAGE_MIRRORS_TIER3' 2021-03-23 16:23:56 [ INFO]: Ensuring that subnet 'ExternalPackageMirrorsTier3Subnet' exists... 2021-03-23 16:23:57 [ INFO]: [ ] Creating subnet 'ExternalPackageMirrorsTier3Subnet' 2021-03-23 16:24:01 [SUCCESS]: [✔] Created subnet 'ExternalPackageMirrorsTier3Subnet' 2021-03-23 16:24:02 [ INFO]: Ensuring that subnet 'InternalPackageMirrorsTier3Subnet' exists... 2021-03-23 16:24:02 [ INFO]: [ ] Creating subnet 'InternalPackageMirrorsTier3Subnet' 2021-03-23 16:24:08 [SUCCESS]: [✔] Created subnet 'InternalPackageMirrorsTier3Subnet' 2021-03-23 16:24:09 [ INFO]: Ensuring that network security group 'NSG_SHM_TESTA_EXTERNAL_PACKAGE_MIRRORS_TIER3' exists... 2021-03-23 16:24:09 [ INFO]: [ ] Creating network security group 'NSG_SHM_TESTA_EXTERNAL_PACKAGE_MIRRORS_TIER3' 2021-03-23 16:24:14 [SUCCESS]: [✔] Created network security group 'NSG_SHM_TESTA_EXTERNAL_PACKAGE_MIRRORS_TIER3' 2021-03-23 16:24:28 [ INFO]: Ensuring that NSG rule 'RsyncToInternal' exists on 'NSG_SHM_TESTA_EXTERNAL_PACKAGE_MIRRORS_TIER3'... 2021-03-23 16:24:29 [ INFO]: [ ] Creating NSG rule 'RsyncToInternal' 2021-03-23 16:24:33 [SUCCESS]: [✔] Created NSG rule 'RsyncToInternal' 2021-03-23 16:24:33 [ INFO]: Ensuring that NSG 'NSG_SHM_TESTA_EXTERNAL_PACKAGE_MIRRORS_TIER3' is attached to subnet 'ExternalPackageMirrorsTier3Subnet'... 2021-03-23 16:24:39 [SUCCESS]: [✔] Set network security group on 'ExternalPackageMirrorsTier3Subnet' 2021-03-23 16:24:39 [SUCCESS]: [✔] Configuring NSG 'NSG_SHM_TESTA_EXTERNAL_PACKAGE_MIRRORS_TIER3' succeeded 2021-03-23 16:24:39 [ INFO]: Ensuring that network security group 'NSG_SHM_TESTA_INTERNAL_PACKAGE_MIRRORS_TIER3' exists... 2021-03-23 16:24:39 [ INFO]: [ ] Creating network security group 'NSG_SHM_TESTA_INTERNAL_PACKAGE_MIRRORS_TIER3' 2021-03-23 16:24:44 [SUCCESS]: [✔] Created network security group 'NSG_SHM_TESTA_INTERNAL_PACKAGE_MIRRORS_TIER3' 2021-03-23 16:25:06 [ INFO]: Ensuring that NSG 'NSG_SHM_TESTA_INTERNAL_PACKAGE_MIRRORS_TIER3' is attached to subnet 'InternalPackageMirrorsTier3Subnet'... 2021-03-23 16:25:11 [SUCCESS]: [✔] Set network security group on 'InternalPackageMirrorsTier3Subnet' 2021-03-23 16:25:11 [SUCCESS]: [✔] Configuring NSG '' succeeded 2021-03-23 16:25:11 [ INFO]: Ensuring that storage account 'shmtestabootdiagslubiehy' exists in 'RG_SHM_TESTA_ARTIFACTS'... 2021-03-23 16:25:12 [SUCCESS]: [✔] Storage account 'shmtestabootdiagslubiehy' already exists 2021-03-23 16:25:16 [ INFO]: Ensuring that VM network card 'CRAN-EXTERNAL-MIRROR-TIER-3-NIC' exists... 2021-03-23 16:25:17 [ INFO]: [ ] Creating VM network card 'CRAN-EXTERNAL-MIRROR-TIER-3-NIC' 2021-03-23 16:25:20 [SUCCESS]: [✔] Created VM network card 'CRAN-EXTERNAL-MIRROR-TIER-3-NIC' 2021-03-23 16:25:20 [ INFO]: Ensuring that managed disk 'CRAN-EXTERNAL-MIRROR-TIER-3-DATA-DISK' exists... 2021-03-23 16:25:22 [ INFO]: [ ] Creating 32 GB managed disk 'CRAN-EXTERNAL-MIRROR-TIER-3-DATA-DISK' 2021-03-23 16:25:26 [SUCCESS]: [✔] Created managed disk 'CRAN-EXTERNAL-MIRROR-TIER-3-DATA-DISK' 2021-03-23 16:25:27 [ INFO]: Temporarily allowing outbound internet access from 10.20.3.5 on ports 80, 443 and 3128 2021-03-23 16:25:40 [ INFO]: Ensuring that virtual machine 'CRAN-EXTERNAL-MIRROR-TIER-3' exists... 2021-03-23 16:25:46 [ INFO]: [ ] Creating virtual machine 'CRAN-EXTERNAL-MIRROR-TIER-3' 2021-03-23 16:26:07 [SUCCESS]: [✔] Created virtual machine 'CRAN-EXTERNAL-MIRROR-TIER-3' 2021-03-23 16:26:37 [ INFO]: Waiting for cloud-init provisioning to finish for CRAN-EXTERNAL-MIRROR-TIER-3... 2021-03-23 16:27:21 [SUCCESS]: [✔] Cloud-init provisioning is finished for CRAN-EXTERNAL-MIRROR-TIER-3 2021-03-23 16:27:22 [ INFO]: Disabling outbound internet access from 10.20.3.5 and restarting VM: 'CRAN-EXTERNAL-MIRROR-TIER-3'... 2021-03-23 16:27:28 [SUCCESS]: [✔] Configuring VM 'CRAN-EXTERNAL-MIRROR-TIER-3' succeeded 2021-03-23 16:27:32 [ INFO]: [ ] Starting VM 'CRAN-EXTERNAL-MIRROR-TIER-3' 2021-03-23 16:27:43 [SUCCESS]: [✔] VM 'CRAN-EXTERNAL-MIRROR-TIER-3' successfully started. 2021-03-23 16:28:16 [SUCCESS]: [✔] Remote script execution succeeded 2021-03-23 16:28:16 [SUCCESS]: [✔] Fetching ssh key from external package mirror succeeded 2021-03-23 16:28:17 [ INFO]: Ensuring that VM network card 'CRAN-INTERNAL-MIRROR-TIER-3-NIC' exists... 2021-03-23 16:28:18 [ INFO]: [ ] Creating VM network card 'CRAN-INTERNAL-MIRROR-TIER-3-NIC' 2021-03-23 16:28:19 [SUCCESS]: [✔] Created VM network card 'CRAN-INTERNAL-MIRROR-TIER-3-NIC' 2021-03-23 16:28:19 [ INFO]: Ensuring that managed disk 'CRAN-INTERNAL-MIRROR-TIER-3-DATA-DISK' exists... 2021-03-23 16:28:20 [ INFO]: [ ] Creating 32 GB managed disk 'CRAN-INTERNAL-MIRROR-TIER-3-DATA-DISK' 2021-03-23 16:28:25 [SUCCESS]: [✔] Created managed disk 'CRAN-INTERNAL-MIRROR-TIER-3-DATA-DISK' 2021-03-23 16:28:26 [ INFO]: Temporarily allowing outbound internet access from 10.20.3.21 on ports 80, 443 and 3128 2021-03-23 16:28:39 [ INFO]: Ensuring that virtual machine 'CRAN-INTERNAL-MIRROR-TIER-3' exists... 2021-03-23 16:28:45 [ INFO]: [ ] Creating virtual machine 'CRAN-INTERNAL-MIRROR-TIER-3' 2021-03-23 16:29:02 [SUCCESS]: [✔] Created virtual machine 'CRAN-INTERNAL-MIRROR-TIER-3' 2021-03-23 16:29:32 [ INFO]: Waiting for cloud-init provisioning to finish for CRAN-INTERNAL-MIRROR-TIER-3... 2021-03-23 16:30:36 [SUCCESS]: [✔] Cloud-init provisioning is finished for CRAN-INTERNAL-MIRROR-TIER-3 2021-03-23 16:30:36 [ INFO]: Disabling outbound internet access from 10.20.3.21 and restarting VM: 'CRAN-INTERNAL-MIRROR-TIER-3'... 2021-03-23 16:30:41 [SUCCESS]: [✔] Configuring VM 'CRAN-INTERNAL-MIRROR-TIER-3' succeeded 2021-03-23 16:30:44 [ INFO]: [ ] Starting VM 'CRAN-INTERNAL-MIRROR-TIER-3' 2021-03-23 16:30:54 [SUCCESS]: [✔] VM 'CRAN-INTERNAL-MIRROR-TIER-3' successfully started. 2021-03-23 16:30:54 [ INFO]: Ensuring that 'CRAN-INTERNAL-MIRROR-TIER-3' can accept connections from the external mirror... 2021-03-23 16:30:54 [ INFO]: Retrieving public key for 'CRAN-INTERNAL-MIRROR-TIER-3'... 2021-03-23 16:31:26 [SUCCESS]: [✔] Remote script execution succeeded Code : ProvisioningState/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Enable succeeded: [stdout] 127.0.0.1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDMqX0GLdDNcSbKREm2pWnjQHODQMftc0ph9cT/MfW5/Hdauk3RTSyPU8VTe06XtxufGhXvADD6phlHwNqjlkW3/p1qg2JfHbs9WBjrw7MrmZD7uTt6TFXZMiCG3mZK+azkjDgiNnVvqvcm7YqNM4CcI3Picd27x0PPTMRNq0jbbQGs2EvzDWenKXMk/QSyOzhpThlEQpmv7z8NFdzKjgNO1HEl6i97qmdCreIESBIQY+jSbvgyJM1lYZ+9Qo9w+zl9O7dR+GpTyar20qLGOoDVr1bULSLTkm2zelopg6snOjCBGd0RHd40gcralzMFTTs8XJUiWHy0qRy7EIwjyqf 127.0.0.1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDqgFSICIWYQJGA3BM1TjwlE6x+5hfUHwGkjD5iJXN41AcmCksC9ZVxJTadeKg5+qYd77PKwQ3aWxO6V1gk+M/Y= 127.0.0.1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKKas9akjuioScxm4sgcgDQDtHqSZegu4twPUSszmsn [stderr] Time : 2021-03-23 16:31:26 [ INFO]: Uploading 'CRAN-INTERNAL-MIRROR-TIER-3' public key to 'CRAN-EXTERNAL-MIRROR-TIER-3'... 2021-03-23 16:32:06 [SUCCESS]: [✔] Remote script execution succeeded Code : ProvisioningState/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Enable succeeded: [stdout] Update known hosts on the external server to allow connections to the internal server... WARNING: /home/mirrordaemon/.ssh/known_hosts.old contains unhashed entries Delete this file to ensure privacy of hostnames /home/mirrordaemon/.ssh/known_hosts updated. Original contents retained as /home/mirrordaemon/.ssh/known_hosts.old |1|GwktnwdWdrZ4VPqEnhIL/TVP1po=|8ORDv2PZFO88bXHxiVD36hIHFZo= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDMqX0GLdDNcSbKREm2pWnjQHODQMftc0ph9cT/MfW5/Hdauk3RTSyPU8VTe06XtxufGhXvADD6phlHwNqjlkW3/p1qg2JfHbs9WBjrw7MrmZD7uTt6TFXZMiCG3mZK+azkjDgiNnVvqvcm7YqNM4CcI3Picd27x0PPTMRNq0jbbQGs2EvzDWenKXMk/QSyOzhpThlEQpmv7z8NFdzKjgNO1HEl6i97qmdCreIESBIQY+jSbvgyJM1lYZ+9Qo9w+zl9O7dR+GpTyar20qLGOoDVr1bULSLTkm2zelopg6snOjCBGd0RHd40gcralzMFTTs8XJUiWHy0qRy7EIwjyqf 10.20.3.21 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDqgFSICIWYQJGA3BM1TjwlE6x+5hfUHwGkjD5iJXN41AcmCksC9ZVxJTadeKg5+qYd77PKwQ3aWxO6V1gk+M/Y= 10.20.3.21 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKKas9akjuioScxm4sgcgDQDtHqSZegu4twPUSszmsn total 20K drwxr-xr-x 2 mirrordaemon mirrordaemon 4.0K Mar 23 14:11 . drwxr-xr-x 3 mirrordaemon mirrordaemon 4.0K Mar 23 14:06 .. -rw------- 1 mirrordaemon mirrordaemon 1.7K Mar 23 14:06 id_rsa -rw-r--r-- 1 mirrordaemon mirrordaemon 422 Mar 23 14:06 id_rsa.pub -rw------- 1 mirrordaemon mirrordaemon 706 Mar 23 14:11 known_hosts Update known IP addresses on the external server to schedule pushing to the internal server... 10.20.3.21 total 40K drwxr-xr-x 3 mirrordaemon mirrordaemon 4.0K Mar 23 14:11 . drwxr-xr-x 5 root root 4.0K Mar 23 14:10 .. -rw------- 1 mirrordaemon mirrordaemon 11 Mar 23 14:11 internal_mirror_ip_addresses.txt -rw------- 1 mirrordaemon mirrordaemon 8.8K Mar 23 14:06 package_whitelist.txt -rwx------ 1 mirrordaemon mirrordaemon 3.0K Mar 23 14:06 pull_from_internet.sh -rwx------ 1 mirrordaemon mirrordaemon 105 Mar 23 14:06 pull_then_push.sh -rwx------ 1 mirrordaemon mirrordaemon 1.2K Mar 23 14:06 push_to_internal_mirrors.sh drwxr-xr-x 2 mirrordaemon mirrordaemon 4.0K Mar 23 14:11 .ssh [stderr] Time : 2021-03-23 16:32:07 [ INFO]: Ensuring that VM network card 'PYPI-EXTERNAL-MIRROR-TIER-3-NIC' exists... 2021-03-23 16:32:08 [ INFO]: [ ] Creating VM network card 'PYPI-EXTERNAL-MIRROR-TIER-3-NIC' 2021-03-23 16:32:09 [SUCCESS]: [✔] Created VM network card 'PYPI-EXTERNAL-MIRROR-TIER-3-NIC' 2021-03-23 16:32:09 [ INFO]: Ensuring that managed disk 'PYPI-EXTERNAL-MIRROR-TIER-3-DATA-DISK' exists... 2021-03-23 16:32:10 [ INFO]: [ ] Creating 512 GB managed disk 'PYPI-EXTERNAL-MIRROR-TIER-3-DATA-DISK' 2021-03-23 16:32:14 [SUCCESS]: [✔] Created managed disk 'PYPI-EXTERNAL-MIRROR-TIER-3-DATA-DISK' 2021-03-23 16:32:15 [ INFO]: Temporarily allowing outbound internet access from 10.20.3.4 on ports 80, 443 and 3128 2021-03-23 16:32:27 [ INFO]: Ensuring that virtual machine 'PYPI-EXTERNAL-MIRROR-TIER-3' exists... 2021-03-23 16:32:32 [ INFO]: [ ] Creating virtual machine 'PYPI-EXTERNAL-MIRROR-TIER-3' 2021-03-23 16:32:52 [SUCCESS]: [✔] Created virtual machine 'PYPI-EXTERNAL-MIRROR-TIER-3' 2021-03-23 16:33:22 [ INFO]: Waiting for cloud-init provisioning to finish for PYPI-EXTERNAL-MIRROR-TIER-3... 2021-03-23 16:36:08 [SUCCESS]: [✔] Cloud-init provisioning is finished for PYPI-EXTERNAL-MIRROR-TIER-3 2021-03-23 16:36:09 [ INFO]: Disabling outbound internet access from 10.20.3.4 and restarting VM: 'PYPI-EXTERNAL-MIRROR-TIER-3'... 2021-03-23 16:36:14 [SUCCESS]: [✔] Configuring VM 'PYPI-EXTERNAL-MIRROR-TIER-3' succeeded 2021-03-23 16:36:17 [ INFO]: [ ] Starting VM 'PYPI-EXTERNAL-MIRROR-TIER-3' 2021-03-23 16:36:28 [SUCCESS]: [✔] VM 'PYPI-EXTERNAL-MIRROR-TIER-3' successfully started. 2021-03-23 16:36:59 [SUCCESS]: [✔] Remote script execution succeeded 2021-03-23 16:36:59 [SUCCESS]: [✔] Fetching ssh key from external package mirror succeeded 2021-03-23 16:37:00 [ INFO]: Ensuring that VM network card 'PYPI-INTERNAL-MIRROR-TIER-3-NIC' exists... 2021-03-23 16:37:01 [ INFO]: [ ] Creating VM network card 'PYPI-INTERNAL-MIRROR-TIER-3-NIC' 2021-03-23 16:37:02 [SUCCESS]: [✔] Created VM network card 'PYPI-INTERNAL-MIRROR-TIER-3-NIC' 2021-03-23 16:37:02 [ INFO]: Ensuring that managed disk 'PYPI-INTERNAL-MIRROR-TIER-3-DATA-DISK' exists... 2021-03-23 16:37:03 [ INFO]: [ ] Creating 512 GB managed disk 'PYPI-INTERNAL-MIRROR-TIER-3-DATA-DISK' 2021-03-23 16:37:07 [SUCCESS]: [✔] Created managed disk 'PYPI-INTERNAL-MIRROR-TIER-3-DATA-DISK' 2021-03-23 16:37:08 [ INFO]: Temporarily allowing outbound internet access from 10.20.3.20 on ports 80, 443 and 3128 2021-03-23 16:37:20 [ INFO]: Ensuring that virtual machine 'PYPI-INTERNAL-MIRROR-TIER-3' exists... 2021-03-23 16:37:25 [ INFO]: [ ] Creating virtual machine 'PYPI-INTERNAL-MIRROR-TIER-3' 2021-03-23 16:37:42 [SUCCESS]: [✔] Created virtual machine 'PYPI-INTERNAL-MIRROR-TIER-3' 2021-03-23 16:38:12 [ INFO]: Waiting for cloud-init provisioning to finish for PYPI-INTERNAL-MIRROR-TIER-3... 2021-03-23 16:40:31 [SUCCESS]: [✔] Cloud-init provisioning is finished for PYPI-INTERNAL-MIRROR-TIER-3 2021-03-23 16:40:32 [ INFO]: Disabling outbound internet access from 10.20.3.20 and restarting VM: 'PYPI-INTERNAL-MIRROR-TIER-3'... 2021-03-23 16:40:38 [SUCCESS]: [✔] Configuring VM 'PYPI-INTERNAL-MIRROR-TIER-3' succeeded 2021-03-23 16:40:40 [ INFO]: [ ] Starting VM 'PYPI-INTERNAL-MIRROR-TIER-3' 2021-03-23 16:40:51 [SUCCESS]: [✔] VM 'PYPI-INTERNAL-MIRROR-TIER-3' successfully started. 2021-03-23 16:40:51 [ INFO]: Ensuring that 'PYPI-INTERNAL-MIRROR-TIER-3' can accept connections from the external mirror... 2021-03-23 16:40:51 [ INFO]: Retrieving public key for 'PYPI-INTERNAL-MIRROR-TIER-3'... 2021-03-23 16:42:52 [SUCCESS]: [✔] Remote script execution succeeded Code : ProvisioningState/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Enable succeeded: [stdout] 127.0.0.1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLdHMM7OWaGfbpSC4o5Y/SjshLVm8RGCPXpnrvKdWL57RlqRN+SPxiR5fn/yal1Kzh0Cr1M8tomekXWV95J6bq5KEDaOzG3wTjtGaWtrq1MHOBDYc/j3yu55sm3dV1mV3fxSLktlsQ8wPian+C3EN6UxdD3qpeuqnCHkDFcmojH4Bs0/3wE4hqXI/SxBKRqNZaQ8MUueJxa/Q+TMJma5Wh+I92O831nXkiV8ByWs1QDw0nHNowPQr6Ab8vZym1eD6XF+OU85bF95f/EdfcLt+pzVLcKwZb8AmTr7WyfNmkdNfhXss1T68cemU7gJ2E/ztsQ2PrMs4N2WaZ5xbgmBVD 127.0.0.1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGW6RQa0XfK5ZlIZzyuaGbPyOmJUZF+04BJ9ceoqwA2QiuLpoIJixv+vcEfjcK9jCfPjAGsDIZM9Xa8MDmUr1R4= 127.0.0.1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGs4qSAzHMNdAHCUMKbNYltUobfbdEQ2NbraT9Gu/4FF [stderr] Time : 2021-03-23 16:42:52 [ INFO]: Uploading 'PYPI-INTERNAL-MIRROR-TIER-3' public key to 'PYPI-EXTERNAL-MIRROR-TIER-3'... 2021-03-23 16:45:50 [SUCCESS]: [✔] Remote script execution succeeded Code : ProvisioningState/succeeded Level : Info DisplayStatus : Provisioning succeeded Message : Enable succeeded: [stdout] Update known hosts on the external server to allow connections to the internal server... WARNING: /home/mirrordaemon/.ssh/known_hosts.old contains unhashed entries Delete this file to ensure privacy of hostnames /home/mirrordaemon/.ssh/known_hosts updated. Original contents retained as /home/mirrordaemon/.ssh/known_hosts.old |1|GO+3FH0+QEw767D+S/EEcXDLl2Q=|e+d+LEXU8Z8J0gI/hqY/WVTT2+Y= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLdHMM7OWaGfbpSC4o5Y/SjshLVm8RGCPXpnrvKdWL57RlqRN+SPxiR5fn/yal1Kzh0Cr1M8tomekXWV95J6bq5KEDaOzG3wTjtGaWtrq1MHOBDYc/j3yu55sm3dV1mV3fxSLktlsQ8wPian+C3EN6UxdD3qpeuqnCHkDFcmojH4Bs0/3wE4hqXI/SxBKRqNZaQ8MUueJxa/Q+TMJma5Wh+I92O831nXkiV8ByWs1QDw0nHNowPQr6Ab8vZym1eD6XF+OU85bF95f/EdfcLt+pzVLcKwZb8AmTr7WyfNmkdNfhXss1T68cemU7gJ2E/ztsQ2PrMs4N2WaZ5xbgmBVD 10.20.3.20 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGW6RQa0XfK5ZlIZzyuaGbPyOmJUZF+04BJ9ceoqwA2QiuLpoIJixv+vcEfjcK9jCfPjAGsDIZM9Xa8MDmUr1R4= 10.20.3.20 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGs4qSAzHMNdAHCUMKbNYltUobfbdEQ2NbraT9Gu/4FF total 20K drwxr-xr-x 2 mirrordaemon mirrordaemon 4.0K Mar 23 14:25 . drwxr-xr-x 3 mirrordaemon mirrordaemon 4.0K Mar 23 14:15 .. -rw------- 1 mirrordaemon mirrordaemon 1.7K Mar 23 14:15 id_rsa -rw-r--r-- 1 mirrordaemon mirrordaemon 422 Mar 23 14:15 id_rsa.pub -rw------- 1 mirrordaemon mirrordaemon 706 Mar 23 14:25 known_hosts Update known IP addresses on the external server to schedule pushing to the internal server... 10.20.3.20 total 40K drwxr-xr-x 3 mirrordaemon mirrordaemon 4.0K Mar 23 14:25 . drwxr-xr-x 5 root root 4.0K Mar 23 14:22 .. -rw------- 1 mirrordaemon mirrordaemon 11 Mar 23 14:25 internal_mirror_ip_addresses.txt -rw------- 1 mirrordaemon mirrordaemon 4.1K Mar 23 14:12 package_whitelist.txt -rwx------ 1 mirrordaemon mirrordaemon 1.1K Mar 23 14:12 pull_from_internet.sh -rwx------ 1 mirrordaemon mirrordaemon 105 Mar 23 14:12 pull_then_push.sh -rwx------ 1 mirrordaemon mirrordaemon 1.2K Mar 23 14:12 push_to_internal_mirrors.sh drwxr-xr-x 2 mirrordaemon mirrordaemon 4.0K Mar 23 14:25 .ssh -r-------- 1 mirrordaemon mirrordaemon 1.8K Mar 23 14:12 update_bandersnatch_config.py [stderr] Time : ```Setup_SHM_Logging
```pwsh > ./Setup_SHM_Logging.ps1 -shmId testa 2021-03-23 16:51:31 [ INFO]: Ensuring that resource group 'RG_SHM_TESTA_LOGGING' exists... 2021-03-23 16:51:31 [SUCCESS]: [✔] Resource group 'RG_SHM_TESTA_LOGGING' already exists 2021-03-23 16:51:36 [ INFO]: [ ] Ensuring extension 'MicrosoftMonitoringAgent' is installed on VM 'DC1-SHM-TESTA'. 2021-03-23 16:51:36 [SUCCESS]: [✔] Extension 'MicrosoftMonitoringAgent' is already installed on VM 'DC1-SHM-TESTA'. 2021-03-23 16:51:36 [ INFO]: [ ] Ensuring extension 'DependencyAgentWindows' is installed on VM 'DC1-SHM-TESTA'. 2021-03-23 16:53:39 [SUCCESS]: [✔] Installed extension 'DependencyAgentWindows' on VM 'DC1-SHM-TESTA'. 2021-03-23 16:53:39 [ INFO]: [ ] Ensuring extension 'MicrosoftMonitoringAgent' is installed on VM 'DC2-SHM-TESTA'. 2021-03-23 16:53:39 [SUCCESS]: [✔] Extension 'MicrosoftMonitoringAgent' is already installed on VM 'DC2-SHM-TESTA'. 2021-03-23 16:53:39 [ INFO]: [ ] Ensuring extension 'DependencyAgentWindows' is installed on VM 'DC2-SHM-TESTA'. 2021-03-23 16:55:41 [SUCCESS]: [✔] Installed extension 'DependencyAgentWindows' on VM 'DC2-SHM-TESTA'. 2021-03-23 16:55:42 [ INFO]: [ ] Ensuring extension 'MicrosoftMonitoringAgent' is installed on VM 'NPS-SHM-TESTA'. 2021-03-23 16:55:43 [SUCCESS]: [✔] Extension 'MicrosoftMonitoringAgent' is already installed on VM 'NPS-SHM-TESTA'. 2021-03-23 16:55:43 [ INFO]: [ ] Ensuring extension 'DependencyAgentWindows' is installed on VM 'NPS-SHM-TESTA'. 2021-03-23 16:57:45 [SUCCESS]: [✔] Installed extension 'DependencyAgentWindows' on VM 'NPS-SHM-TESTA'. 2021-03-23 16:57:47 [ INFO]: [ ] Ensuring extension 'OmsAgentForLinux' is installed on VM 'NEXUS-REPOSITORY-TIER-2'. 2021-03-23 16:57:47 [SUCCESS]: [✔] Extension 'OmsAgentForLinux' is already installed on VM 'NEXUS-REPOSITORY-TIER-2'. 2021-03-23 16:57:47 [ INFO]: [ ] Ensuring extension 'DependencyAgentLinux' is installed on VM 'NEXUS-REPOSITORY-TIER-2'. 2021-03-23 16:58:20 [SUCCESS]: [✔] Installed extension 'DependencyAgentLinux' on VM 'NEXUS-REPOSITORY-TIER-2'. 2021-03-23 16:58:21 [ INFO]: [ ] Ensuring extension 'OmsAgentForLinux' is installed on VM 'CRAN-EXTERNAL-MIRROR-TIER-3'. 2021-03-23 16:58:22 [SUCCESS]: [✔] Extension 'OmsAgentForLinux' is already installed on VM 'CRAN-EXTERNAL-MIRROR-TIER-3'. 2021-03-23 16:58:22 [ INFO]: [ ] Ensuring extension 'DependencyAgentLinux' is installed on VM 'CRAN-EXTERNAL-MIRROR-TIER-3'. 2021-03-23 16:59:24 [SUCCESS]: [✔] Installed extension 'DependencyAgentLinux' on VM 'CRAN-EXTERNAL-MIRROR-TIER-3'. 2021-03-23 16:59:24 [ INFO]: [ ] Ensuring extension 'OmsAgentForLinux' is installed on VM 'CRAN-INTERNAL-MIRROR-TIER-3'. 2021-03-23 16:59:25 [SUCCESS]: [✔] Extension 'OmsAgentForLinux' is already installed on VM 'CRAN-INTERNAL-MIRROR-TIER-3'. 2021-03-23 16:59:25 [ INFO]: [ ] Ensuring extension 'DependencyAgentLinux' is installed on VM 'CRAN-INTERNAL-MIRROR-TIER-3'. 2021-03-23 17:02:27 [SUCCESS]: [✔] Installed extension 'DependencyAgentLinux' on VM 'CRAN-INTERNAL-MIRROR-TIER-3'. 2021-03-23 17:02:27 [ INFO]: [ ] Ensuring extension 'OmsAgentForLinux' is installed on VM 'PYPI-EXTERNAL-MIRROR-TIER-3'. 2021-03-23 17:02:28 [SUCCESS]: [✔] Extension 'OmsAgentForLinux' is already installed on VM 'PYPI-EXTERNAL-MIRROR-TIER-3'. 2021-03-23 17:02:28 [ INFO]: [ ] Ensuring extension 'DependencyAgentLinux' is installed on VM 'PYPI-EXTERNAL-MIRROR-TIER-3'. 2021-03-23 17:04:01 [SUCCESS]: [✔] Installed extension 'DependencyAgentLinux' on VM 'PYPI-EXTERNAL-MIRROR-TIER-3'. 2021-03-23 17:04:01 [ INFO]: [ ] Ensuring extension 'OmsAgentForLinux' is installed on VM 'PYPI-INTERNAL-MIRROR-TIER-3'. 2021-03-23 17:04:02 [SUCCESS]: [✔] Extension 'OmsAgentForLinux' is already installed on VM 'PYPI-INTERNAL-MIRROR-TIER-3'. 2021-03-23 17:04:02 [ INFO]: [ ] Ensuring extension 'DependencyAgentLinux' is installed on VM 'PYPI-INTERNAL-MIRROR-TIER-3'. 2021-03-23 17:07:06 [SUCCESS]: [✔] Installed extension 'DependencyAgentLinux' on VM 'PYPI-INTERNAL-MIRROR-TIER-3'. 2021-03-23 17:07:06 [ INFO]: Ensuring required Windows event logs are being collected...' 2021-03-23 17:07:07 [SUCCESS]: [✔] Logging already active for 'Active Directory Web Services'. 2021-03-23 17:07:08 [SUCCESS]: [✔] Logging already active for 'Directory Service'. 2021-03-23 17:07:08 [SUCCESS]: [✔] Logging already active for 'DFS Replication'. 2021-03-23 17:07:09 [SUCCESS]: [✔] Logging already active for 'DNS Server'. 2021-03-23 17:07:10 [SUCCESS]: [✔] Logging already active for 'Microsoft-Windows-Security-Netlogon/Operational'. 2021-03-23 17:07:11 [SUCCESS]: [✔] Logging already active for 'Microsoft-Windows-Winlogon/Operational'. 2021-03-23 17:07:12 [SUCCESS]: [✔] Logging already active for 'System'. 2021-03-23 17:07:12 [ INFO]: Ensuring required Windows performance counters are being collected...' 2021-03-23 17:07:13 [SUCCESS]: [✔] Logging already active for 'LogicalDisk/Avg. Disk sec/Read' 2021-03-23 17:07:14 [SUCCESS]: [✔] Logging already active for 'LogicalDisk/Avg. Disk sec/Write' 2021-03-23 17:07:14 [SUCCESS]: [✔] Logging already active for 'LogicalDisk/Current Disk Queue Length' 2021-03-23 17:07:15 [SUCCESS]: [✔] Logging already active for 'LogicalDisk/Disk Reads/sec' 2021-03-23 17:07:16 [SUCCESS]: [✔] Logging already active for 'LogicalDisk/Disk Transfers/sec' 2021-03-23 17:07:16 [SUCCESS]: [✔] Logging already active for 'LogicalDisk/Disk Writes/sec' 2021-03-23 17:07:17 [SUCCESS]: [✔] Logging already active for 'LogicalDisk/Free Megabytes' 2021-03-23 17:07:17 [SUCCESS]: [✔] Logging already active for 'Memory/Available MBytes' 2021-03-23 17:07:18 [SUCCESS]: [✔] Logging already active for 'Memory/% Committed Bytes In Use' 2021-03-23 17:07:19 [SUCCESS]: [✔] Logging already active for 'LogicalDisk/% Free Space' 2021-03-23 17:07:20 [SUCCESS]: [✔] Logging already active for 'Processor/% Processor Time' 2021-03-23 17:07:21 [SUCCESS]: [✔] Logging already active for 'System/Processor Queue Length' 2021-03-23 17:07:21 [ INFO]: Ensuring required Log Analytics Intelligence Packs are enabled...' 2021-03-23 17:07:22 [SUCCESS]: [✔] 'AgentHealthAssessment' Intelligence Pack already enabled. 2021-03-23 17:07:22 [SUCCESS]: [✔] 'AzureActivity' Intelligence Pack already enabled. 2021-03-23 17:07:23 [SUCCESS]: [✔] 'AzureNetworking' Intelligence Pack already enabled. 2021-03-23 17:07:24 [SUCCESS]: [✔] 'AntiMalware' Intelligence Pack already enabled. 2021-03-23 17:07:25 [SUCCESS]: [✔] 'CapacityPerformance' Intelligence Pack already enabled. 2021-03-23 17:07:25 [SUCCESS]: [✔] 'ChangeTracking' Intelligence Pack already enabled. 2021-03-23 17:07:26 [SUCCESS]: [✔] 'DnsAnalytics' Intelligence Pack already enabled. 2021-03-23 17:07:27 [SUCCESS]: [✔] 'InternalWindowsEvent' Intelligence Pack already enabled. 2021-03-23 17:07:27 [SUCCESS]: [✔] 'NetFlow' Intelligence Pack already enabled. 2021-03-23 17:07:28 [SUCCESS]: [✔] 'NetworkMonitoring' Intelligence Pack already enabled. 2021-03-23 17:07:28 [SUCCESS]: [✔] 'ServiceMap' Intelligence Pack already enabled. 2021-03-23 17:07:29 [SUCCESS]: [✔] 'Updates' Intelligence Pack already enabled. 2021-03-23 17:07:29 [SUCCESS]: [✔] 'VMInsights' Intelligence Pack already enabled. 2021-03-23 17:07:30 [SUCCESS]: [✔] 'WindowsDefenderATP' Intelligence Pack already enabled. 2021-03-23 17:07:31 [SUCCESS]: [✔] 'WindowsFirewall' Intelligence Pack already enabled. 2021-03-23 17:07:31 [SUCCESS]: [✔] 'WinLog' Intelligence Pack already enabled. ```