我有一个 Azure Arm 模板部署,创建以下资源 -
如果我跳过步骤 3 并在虚拟机上手动运行脚本,即使我使用任何用户(域或管理员)登录,它也会以 CSV 形式返回所有计算机。 不幸的是,当我将 CSE 添加到模板时,它不起作用。
{
"type": "Microsoft.Compute/virtualMachines",
...
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
...
"properties": {
"type": "JsonADDomainExtension"
...
}
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
...
"properties": {
"type": "CustomScriptExtension",
...
"protectedSettings": {
"commandToExecute": "powershell RunPythonScript.ps1"
}
}
}
尝试在 Azure 存储帐户 > 生成 SAS 令牌 url 中上传您的 powershell 脚本,并使用它作为自定义脚本扩展运行您的 PS 脚本。
我的存储帐户以及 Powershell 脚本和生成的 SAS URL:-
在 Windows Server 内运行的 Powershell 脚本:-
# Import the Active Directory module
Install-WindowsFeature -Name RSAT-AD-PowerShell
Import-Module ActiveDirectory
# Get computer information and export it to a CSV file
Get-ADComputer -Filter * -Property * | Export-Csv -Path "C:\output.csv" -NoTypeInformation
main.bicep
文件:-
// VM with availability set
param resourceLocation string ='North Europe'
@secure()
param adminPassword string = 'silicon@123'
resource appnetwork 'Microsoft.Network/virtualNetworks@2022-07-01' = {
name: 'silic6netk'
location: resourceLocation
properties: {
addressSpace: {
addressPrefixes: [
'10.0.0.0/16'
]
}
subnets: [
{
name: 'SubnetA'
properties: {
addressPrefix: '10.0.0.0/24'
}
}
{
name: 'SubnetB'
properties: {
addressPrefix: '10.0.1.0/24'
}
}
] }
}
resource app_ip 'Microsoft.Network/publicIPAddresses@2022-07-01' = {
name: 'sili-ip'
location: resourceLocation
sku: {
name: 'Basic'
}
properties: {
publicIPAllocationMethod: 'Dynamic'
}
}
resource app_interface 'Microsoft.Network/networkInterfaces@2022-07-01' = {
name: 'sili-interface'
location: resourceLocation
properties: {
ipConfigurations: [
{
name: 'ipConfig1'
properties: {
privateIPAllocationMethod: 'Dynamic'
subnet: {
id: resourceId('Microsoft.Network/virtualNetworks/subnets', 'silic6netk', 'SubnetA')
}
publicIPAddress: {
id: app_ip.id
}
}
}
]
networkSecurityGroup: {
id: app_nsg.id
}
}
}
resource vmstore55434434 'Microsoft.Storage/storageAccounts@2022-09-01' = {
name: 'silicon74'
location: resourceLocation
kind: 'StorageV2'
sku: {
name: 'Standard_LRS'
}
}
resource app_nsg 'Microsoft.Network/networkSecurityGroups@2022-07-01' = {
name: 'silic-nsg'
location: resourceLocation
properties: {
securityRules: [
{
name: 'Allow-RDP'
properties: {
description: 'Allow Remote Desktop'
protocol: 'Tcp'
sourcePortRange: '*'
destinationPortRange: '3389'
sourceAddressPrefix: '*'
destinationAddressPrefix: '*'
access: 'Allow'
priority: 110
direction: 'Inbound'
}
}
{
name: 'Allow-HTTP'
properties: {
description: 'Allow HTTP'
protocol: 'Tcp'
sourcePortRange: '*'
destinationPortRange: '80'
sourceAddressPrefix: '*'
destinationAddressPrefix: '*'
access: 'Allow'
priority: 120
direction: 'Inbound'
}
}
]
}
}
resource appvmconfigapp 'Microsoft.Compute/virtualMachines/extensions@2022-11-01' = {
parent: appvm
name: 'appvmconfigapp'
location: 'North Europe'
properties: {
publisher: 'Microsoft.Compute'
type: 'CustomScriptExtension'
typeHandlerVersion: '1.10'
autoUpgradeMinorVersion: true
settings: {
fileUris: [
'https://xxxxnstrg6.blob.core.windows.net/test/GetAd.ps1?sp=xxxxxxxx'
]
}
protectedSettings: {
commandToExecute: 'powershell -ExecutionPolicy Unrestricted -File GetAd.ps1'
}
}
}
resource appvm 'Microsoft.Compute/virtualMachines@2022-11-01' = {
name: 'silicon74vm'
location: resourceLocation
properties: {
hardwareProfile: {
vmSize: 'Standard_D2s_v3'
}
osProfile: {
computerName: 'appvm'
adminUsername: 'siliconuser'
adminPassword: adminPassword
}
storageProfile: {
imageReference: {
publisher: 'MicrosoftWindowsServer'
offer: 'WindowsServer'
sku: '2022-Datacenter'
version: 'latest'
}
osDisk: {
name: 'windowsVM1OSDisk'
caching: 'ReadWrite'
createOption: 'FromImage'
}
}
networkProfile: {
networkInterfaces: [
{
id: app_interface.id
}
]
}
diagnosticsProfile: {
bootDiagnostics: {
enabled: true
storageUri: reference(resourceId('Microsoft.Storage/storageAccounts/', toLower('silicon74'))).primaryEndpoints.blob
}
}
}
}
输出:-
要使
Get-ADComputer
命令起作用
您需要安装> ActiveDirectory模块,在Windows客户端和服务器中安装模块的步骤在此博客中给出