search

microsoft / MSLab

Azure Stack HCI, Windows 10 and Windows Server rapid lab deployment scripts
MIT License
1.18k stars 284 forks source link

Problem with LabConfig Domain Name #498

Closed Mrkuff closed 2 years ago

Mrkuff commented 2 years ago

If I'm adding DomainNetbiosName="Test"; DomainName="Test.Local"; to the LabConfig , then the "Waiting for Active Directory on $($DC.name) to be Started" never stop… Exemple from Certificate Authority:

$LabConfig=@{ DomainAdminName='LabAdmin'; AdminPassword='LS1setup!'; Prefix = 'WSLab2022-'; SwitchName = 'LabSwitch'; DCEdition='4' ; DomainNetbiosName="Test"; DomainName="Test.Local"; Internet=$true ;AdditionalNetworksConfig=@(); VMs=@()}

$LabConfig.VMs += @{ VMName = 'CA' ; Configuration = 'Simple' ; ParentVHD = 'Win2022Core_G2.vhdx' ; MemoryStartupBytes= 1GB ; MemoryMinimumBytes=1GB ; vTPM=$True }

$LabConfig.VMs += @{ VMName = 'Server1' ; Configuration = 'Simple'; ParentVHD = 'Win2022Core_G2.vhdx' ; MemoryStartupBytes= 512MB ; vTPM=$True } $LabConfig.VMs += @{ VMName = 'Server2' ; Configuration = 'Simple'; ParentVHD = 'Win2022Core_G2.vhdx' ; MemoryStartupBytes= 512MB ; vTPM=$True } $LabConfig.VMs += @{ VMName = 'Server3' ; Configuration = 'Simple'; ParentVHD = 'Win2022Core_G2.vhdx' ; MemoryStartupBytes= 512MB ; vTPM=$True }

Is there a check for the domain name? Is .Local permitted?

image

Thx

Mrkuff commented 2 years ago

If I'm removing these two tag (DomainNetbiosName="Test"; DomainName="Test.Local") it's working fine, but create a "Corp.contoso.com" domain

Mrkuff commented 2 years ago

I don't know whats wrong ..

$LabConfig=@{ DomainAdminName='LabAdmin'; AdminPassword='LS1setup!'; Prefix = 'WSLab2022-'; SwitchName = 'LabSwitch'; DCEdition='4' ; DomainNetbiosName="Test"; DomainName="Test.Local"; Internet=$true ;AdditionalNetworksConfig=@(); VMs=@()}

$DN=$null $LabConfig.DomainName.Split(".") | ForEach-Object { $DN+="DC=$_," } $LabConfig.DN=$DN.TrimEnd(",")

$DC=get-vm -Name ($labconfig.prefix+"DC")

#Credentials for Session
    $username = "$($Labconfig.DomainNetbiosName)\Administrator"
    $password = $LabConfig.AdminPassword
    $secstr = New-Object -TypeName System.Security.SecureString
    $password.ToCharArray() | ForEach-Object {$secstr.AppendChar($_)}
    $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $secstr

$test=Invoke-Command -VMGuid $DC.id -Credential $cred -ArgumentList $Labconfig -ErrorAction Ignore -ScriptBlock {
            param($labconfig);
            Get-ADComputer -Filter * -SearchBase "$($LabConfig.DN)" -ErrorAction Ignore
            }
Mrkuff commented 2 years ago

When i'm removing the -ErrorAction Ignore from Invoke-Command, I'm getting a "The credential is invalid"

image

So... we got a wrong password init ?

jaromirk commented 2 years ago

You can create your domain (specify your own domain) only during 2_createparentdisks.ps1 phase. During deploy.ps1 is domain already created and DC is only imported (to speed up process...

Mrkuff commented 2 years ago

oh.. What the tag "DomainNetbiosName="Test"; DomainName="Test.Local" do in deploy.ps1 then? Edit : because LabConfig is used for 2_creareparentdisk and deploy.ps1

jaromirk commented 2 years ago

If it's different from what was specified in 2_createparentdisks.ps1, it will break things because domain is used to specify credentials that tests if DC is up and running before additional VMs are created... So that's the reason its broken for you 😉.