windows脚本初始化-ansible

目标：windows初始化：添加IP、修改主机名、加域、加组、关闭防火墙、开启远程访问

前提：powershell必须是4.0以上，开启winrm、并且监听5985端口(初始化完成后可再删除)

Powershell

1、查看powershell版本

> $PSVersionTable

 2、如果不是版本4.0，可以下载并更新

https://www.microsoft.com/zh-CN/download/details.aspx?id=40855

https://www.pstips.net/windows-management-framework-4-0-is-now-available.html

Winrm

参考文献

https://baiyongjie.com/?p=274                  //可解决问题：winrm or requests is not installed: No module named winrm

https://blog.51cto.com/57388/1641915

https://blog.51cto.com/57388/1641801

https://blog.51cto.com/7424593/2174156

https://blog.csdn.net/leejeff/article/details/82907773

https://blog.csdn.net/c1052981766/article/details/79893845

https://docs.ansible.com/ansible/latest/user_guide/windows_setup.html

https://www.cnblogs.com/dreamer-fish/archive/2013/03/15/2961497.html

1、快速配置winrm(ansible管理windows服务器，需要winrm)

> winrm quickconfig

2、查看winrm service启动监听状态

> winrm enumerate winrm/config/listener

3、修改winrm配置，启用基本远程连接认证

winrm set winrm/config/service/auth '@{Basic="true"}'

winrm set winrm/config/service '@{AllowUnencrypted="true"}'        //为winrm service 配置加密方式为允许非加密

winrm set winrm/config/service/auth '@{Basic="false"}'                  //关闭

winrm set winrm/config/service '@{AllowUnencrypted="false"}'

4、获取winrm配置信息

> winrm get winrm/config

5、移除默认情况下 WinRM 在 5985 端口设置的监听器

> Get-ChildItem WSMan:localhostListener –Recurse | Foreach-Object { $_.PSPath } | Where-Object { (Get-Item "$_Port").Value -eq 5985 } | Remove-Item -Recurse

> winrm enumerate winrm/config/listener   //再次查看

6、关闭winrm

> net stop winrm

> Set-Service winrm -StartupType Disabled

7、开启winrm

> net start winrm

> Set-Service winrm -StartupType auto

Ansible

经过以上设置就可以使用ansible管理windows了

https://docs.ansible.com/ansible/latest/user_guide/windows_usage.html

https://ansible-tran.readthedocs.io/en/latest/docs/intro_windows.html

控制端需要是Linux系统的服务器，安装ansible

# yum install ansible -y

# vim /etc/ansible/hosts    //此文件需要配置 IP 、用户、密码

......

[Windows]
10.........（IP）
[Windows:vars]
ansible_ssh_user="admin"
ansible_ssh_pass="password"
ansible_ssh_port=5985
ansible_connection="winrm"
ansible_winrm_server_cert_validation=ignore

配置完成后即可进行测试

执行脚本

ansible w -m win_shell -a 'ntp.vbs chdir=c:\opstools executable=cmd'

ansible w -m raw -a 'c:opstools tp.vbs'

 查看服务器内的服务状态

ansible w -m win_shell -a 'get-service -displayname "salt-minion"'

添加 IP 和 主机名　

此处需要登陆到服务器中手动执行此脚本

脚本名称：AddIP.ps1　

<#
    Intro: This function will display a form to communicate with the user.
    Input: -FormText -ButtonText
    Example: MakeForm -FormText "ForInput" -ButtonText "Submit"
    Use: To make the PowerShell program's interactivity better.
#>
function MakeForm{
    param($FormText,$ButtonText)
    $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
    $form = New-Object Windows.Forms.Form
    $form.size = New-Object Drawing.Size -Arg 400,80
    $form.StartPosition = "CenterScreen"
    $form.Text = $FormText.toString()
    $textBox = New-Object Windows.Forms.TextBox
    $textBox.Dock = "fill"
    $form.Controls.Add($textBox)
    $button = New-Object Windows.Forms.Button
    $button.Text = $ButtonText
    $button.Dock = "Bottom"
    $button.add_Click(
    {$global:resultText = $textBox.Text;$form.Close()})
    $form.Controls.Add($button)
    [Void]$form.ShowDialog()
}

MakeForm -FormText "请输入主机IP：" -ButtonText "Submit"
echo $resultText

$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"

#注意: 此处是子网掩码，根据实际情况进行更改
$wmi.EnableStatic("$resultText", "255.255.255.0")  | Out-Null

$a = $resultText.split(".",4)[0]
$b = $resultText.split(".",4)[1]
$c = $resultText.split(".",4)[2]
$d = $resultText.split(".",4)[3]
$gateway = "$a.$b.$c.1"

$wmi.SetGateways("$gateway") | Out-Null

#注意: 此处是DNS，根据实际情况进行更改
$dns = "DNS1", "DNS2"

$wmi.SetDNSSERVERSearchOrder($dns)  | Out-Null

ipconfig /flushdns

#$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition

#C:opstoolsInit_fileChangeName.vbs

netsh interface ip show config

sleep 3

ping www.baidu.com

#注意：此处需要根据情况修改主机名
echo "++++++更改主机名++++++"
rename-computer -newname "BJVW-TEST-$c-$d"  

netsh interface ip show config

sleep 8

ping www.baidu.com
shutdown.exe -r -t 3

域账户密码加密

windows需要加域，但是在加域过程中是需要使用域账户进行验证；

想要实现自动加域，则需要将域账户和密码写入文本中，这样会有密码泄露的危险，所以需要对密码进行加密；

 参考文献：

https://blog.51cto.com/daniel1205/1876326

https://www.pdq.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

想要使用加密后的密钥进行自动加域，其实很简单。首先将密码加密，放在一台固定的服务器上，然后在需要加域的脚本中指定密码的路径，就可以进行自动加域了；

1、首先在指定服务器上生成域账户密码密钥，(比如在PC1节点上)

此脚本是： Pass.ps1

$File = "\IP或者hostnameC$opstoolsInit_filePass.txt"     //加密后的密钥文件要存放的指定服务器路径
[Byte[]] $key = (1..16)
$Password = "域账号密码" | ConvertTo-SecureString -AsPlainText -Force
$Password | ConvertFrom-SecureString -key $key | Out-File $File

 2、从 PC1 访问密钥文件进行测试 

$File = "\IP或者hostnameC$opstoolsInit_filePass.txt"
[Byte[]] $key = (1..16)
Get-Content $File | ConvertTo-SecureString -Key $key 

 

3、同样的方法，从 PC2 访问密钥文件进行测试 (需要加域的服务器上进行测试，网络是必须通的)

注意：密钥文件可以放在固定服务器上的固定目录中，也可以放在需要加域的指定目录中

4、生成密钥文件并检测

Generatekey.ps1

echo " "
echo "+++++生成密钥文件++++++"
$File = "C:opstoolszabbix_fileWinAgentzabbix_deploy_allPass.txt"     //根据需要进行更改
[Byte[]] $key = (1..16)
$Password = "账户密码" | ConvertTo-SecureString -AsPlainText -Force    //根据需要进行更改
$Password | ConvertFrom-SecureString -key $key | Out-File $File
sleep 2

#域账户密码

#检查密钥文件是否存在
$TestFile=Test-Path $File
if ("$TestFile" -eq "False")
{
    echo " "
    echo " "
    echo "结果为： $result"
    echo " "
    echo "Pass.txt 密钥文件不存在!!!"
    echo " "
    sleep 1
    echo "Pass.txt 密钥文件不存在!!!"
    echo " "
    sleep 1
    echo "Pass.txt 密钥文件不存在!!!"
    echo " "
    echo " "
    sleep 3
}
else
{
    echo "Pass.txt 密钥文件已存在!!!"
}

echo " "
echo " "
sleep 2

echo "+++++检测密钥文件是否正常++++++"
[Byte[]] $key = (1..16)
Get-Content $File | ConvertTo-SecureString -Key $key
sleep 3

ManualAddDomain

手动加域

echo "++++++添加域++++++"
#$domain = "域服务器.com"   
#$credential = New-Object System.Management.Automation.PSCredential($username,$password) 
#Add-Computer -DomainName $domain -Credential $credential

AutoAddDomain

自动加域

echo "++++++添加域++++++"
#手动加域
#$domain = "域服务器.com"   
#$credential = New-Object System.Management.Automation.PSCredential($username,$password) 
#Add-Computer -DomainName $domain -Credential $credential

#自动加域
$File = "密钥文件路径"    //域密码加密后的存放路径
[Byte[]] $key = (1..16)
$encpasswd = Get-Content $File
$domain = "域服务器.com" 
$ss = ConvertTo-SecureString -String $encpasswd -Key $key
$cred = New-Object System.Management.Automation.PSCredential '域账户', $ss
Add-Computer -DomainName $domain -Credential $cred

$result = $?

if ("$result" -eq "False")
{
    echo " "
    echo " "
    echo "结果为： $result"
    echo " "
    echo "用户名或密码错误，加域失败，即将退出!!!"
    echo " "
    sleep 1
    echo "用户名或密码错误，加域失败，即将退出!!!"
    echo " "
    sleep 1
    echo "用户名或密码错误，加域失败，即将退出!!!"
    echo " "
    echo " "
    sleep 3
    exit
}
else
{
    echo " "
    echo "加域成功!!!"
    echo " "
    echo "加域结果为： $result"
}

echo " "
echo " "
sleep 2


echo "++++++添加ops组++++++"
net localgroup Administrators 添加工作组 /add
echo "结果为： $?"
echo " "
echo " "
sleep 3


#只关闭域防火墙
#netsh firewall set opmode mode=disable
echo "++++++关闭所有防火墙++++++"
netsh advfirewall set allprofiles state off
echo "结果为： $?"  
echo " "
echo " "
sleep 3


echo "++++++查看主机名++++++"
hostname
echo " "
echo " "
sleep 3


echo "++++++查看主机IP++++++"
netsh interface ip show config | select-string "10."
echo " "
echo " "
sleep 3


echo "++++++查看域名++++++"
systeminfo | select-string "Domain"
echo " "
echo " "
sleep 3


echo "++++++查看组++++++"
net localgroup Administrators | select-string "查看工作组"
echo " "
echo " "
sleep 3


echo "++++++查看防火墙++++++"
netsh advfirewall show allprofiles | select-string "Profile|State"
echo " "
echo " "

echo "++++++删除文件： Pass.txt++++++"
Remove-Item 'C:opstoolsInit_filePass.txt'
$TestFile=Test-Path 'C:opstoolsInit_filePass.txt'
if ("$TestFile" -eq "True")
{
    echo " "
    echo " "
    echo "结果为： $result"
    echo " "
    echo "Delete Pass.txt Failed!!!"
    echo " "
    sleep 1
    echo "Delete Pass.txt Failed!!!"
    echo " "
    sleep 1
    echo "Delete Pass.txt Failed!!!"
    echo " "
    echo " "
    sleep 3
}
else
{
    echo " "
    echo "删除文件： Pass.txt 成功!!!"
    echo "12秒钟后将重启!!!"
    echo " "
    echo " "
}

shutdown.exe -r -t 12
sleep 10

使用ansible为windows加域

ansible w -m raw -a 'C:opstoolsInit_fileAutoAddDomain.ps1'
ansible w -m raw -a 'C:opstoolszabbix_fileWinAgentzabbix_deploy_allzabbix_4.0_EnglishOS_BX_autoinstall.bat'

你好

set File =C:opstoolszabbix_fileWinAgentzabbix_deploy_allPass.txt
[Byte[]] set key = (1..16)
set encpasswd = Get-Content %File%
set ss = ConvertTo-SecureString -String $encpasswd -Key %key%
set cred = New-Object System.Management.Automation.PSCredential 'beisencorpsysops', %ss%

net use \10.23.10.104D$ %cred%
net use \10.23.10.103e$ %cred%

你好

 powershell脚本

$File = "C:opstoolszabbix_fileWinAgentzabbix_deploy_allPass.txt"
[Byte[]] $key = (1..16)
$encpasswd = Get-Content $File
$ss = ConvertTo-SecureString -String $encpasswd -Key $key
$cred = "New-Object System.Management.Automation.PSCredential 'beisencorpsysops', $ss"

net use \10.23.10.104D$ $cred
net use \10.23.10.103e$ $cred
net use

你好

 不升级powershell版本，配置IP和主机名的时候直接安装salt

NameText = "C:opstoolsInit_file ame.txt"
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.CreateTextFile(NameText, True)
f.WriteLine reval
f.Close

你好

Dim reval
Set objnet = CreateObject ("WScript.Network")
Set R = CreateObject("WScript.Shell")
reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName")

NameText = "C:opstoolsInit_fileComputerName.txt"
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.CreateTextFile(NameText, True) 
f.WriteLine reval
f.Close

On Error Resume Next
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\" _
    & strComputer & "
ootcimv2")
Set colComputers = objWMIService.ExecQuery _
    ("Select * from Win32_ComputerSystem")

For Each objComputer in colComputers
    errReturn = ObjComputer.Rename (reval)
    If reval <> "" Then 
                return=MsgBox ("Reboot Computer?",vbokcancel+vbexclamation,"tips!")
                If return=vbok Then
                        R.run("Shutdown.exe -r -t 20")
                End if
    End If 
Next

你好

<#     ///最终添加主机IP和主机名文件
    Intro: This function will display a form to communicate with the user.
    Input: -FormText -ButtonText
    Example: MakeForm -FormText "ForInput" -ButtonText "Submit"
    Use: To make the PowerShell program's interactivity better.
#>
function MakeForm{
    param($FormText,$ButtonText)
    $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
    $form = New-Object Windows.Forms.Form
    $form.size = New-Object Drawing.Size -Arg 400,80
    $form.StartPosition = "CenterScreen"
    $form.Text = $FormText.toString()
    $textBox = New-Object Windows.Forms.TextBox
    $textBox.Dock = "fill"
    $form.Controls.Add($textBox)
    $button = New-Object Windows.Forms.Button
    $button.Text = $ButtonText
    $button.Dock = "Bottom"
    $button.add_Click(
    {$global:resultText = $textBox.Text;$form.Close()})
    $form.Controls.Add($button)
    [Void]$form.ShowDialog()
}

echo " "
echo "++++++ 添加IP ++++++"
echo " "
MakeForm -FormText "请输入主机IP：" -ButtonText "Submit"
echo "即将配置: $resultText 到此服务器"

$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"

#注意: 此处是子网掩码，根据实际情况进行更改
$wmi.EnableStatic("$resultText", "255.255.255.0")  | Out-Null

$a = $resultText.split(".",4)[0]
$b = $resultText.split(".",4)[1]
$c = $resultText.split(".",4)[2]
$d = $resultText.split(".",4)[3]
$gateway = "$a.$b.$c.1"

$wmi.SetGateways("$gateway") | Out-Null

#注意: 此处是DNS，根据实际情况进行更改
$dns = "10.23.110.201", "10.23.110.200"

$wmi.SetDNSSERVERSearchOrder($dns) | Out-Null

ipconfig /flushdns  | Out-Null
sleep 1
ipconfig /flushdns  | Out-Null
#$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition
#C:opstoolsInit_fileChangeName.vbs
netsh interface ip show config  | Out-Null
sleep 1
#ping www.baidu.com

echo " "
echo " "

#注意：此处需要根据情况修改主机名
echo "++++++更改主机名++++++"
echo " "
#rename-computer -newname "BXVW-APP-$c-$d"
C:opstoolsInit_fileChangeName.vbs
sleep 5
echo "+++++判断主机名文件是否生成+++++"
echo " "
echo " "
$result = Test-Path C:opstoolsInit_fileComputerName.txt
while ($result -cnotcontains "False")
    {
       $result = Test-Path C:opstoolsInit_fileComputerName.txt
       echo "等待输入ComputerName"
       sleep 3
    }

echo " "
echo " "
echo "+++++获取更改后的主机名"
$CName = Get-Content C:opstoolsInit_fileComputerName.txt
echo $CName
echo " "
echo " "
sleep 3

net use \10.23.10.104D$ "密码" /user:beisencorpsysops
net use
echo " "
echo " "
sleep 3

echo "+++++部署 Salt +++++"
Copy-Item "\10.23.10.104d$opstoolssalt-package" -Destination "d:" -recurse
cmd.exe /c "d:salt-packageSalt-Minion-2016.3.0-AMD64-Setup.exe /S /master=10.23.110.202 /minion-name=$CName"
#return
Get-Service -Name salt-minion
sleep 5

netsh interface ip show config
sleep 3
ping www.baidu.com
Shutdown.exe -r -t 15

添加 IP 新版本

 <#
    Intro: This function will display a form to communicate with the user.
    Input: -FormText -ButtonText
    Example: MakeForm -FormText "ForInput" -ButtonText "Submit"
    Use: To make the PowerShell program's interactivity better.
#>
function MakeForm{
    param($FormText,$ButtonText)
    $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
    $form = New-Object Windows.Forms.Form
    $form.size = New-Object Drawing.Size -Arg 400,80
    $form.StartPosition = "CenterScreen"
    $form.Text = $FormText.toString()
    $textBox = New-Object Windows.Forms.TextBox
    $textBox.Dock = "fill"
    $form.Controls.Add($textBox)
    $button = New-Object Windows.Forms.Button
    $button.Text = $ButtonText
    $button.Dock = "Bottom"
    $button.add_Click(
    {$global:resultText = $textBox.Text;$form.Close()})
    $form.Controls.Add($button)
    [Void]$form.ShowDialog()
}

echo " "
echo "++++++ 添加IP ++++++"
echo " "
MakeForm -FormText "请输入主机IP：" -ButtonText "Submit"
echo "即将配置: $resultText 到此服务器"

$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"

#注意: 此处是子网掩码，根据实际情况进行更改
$wmi.EnableStatic("$resultText", "255.255.255.0")  | Out-Null

$a = $resultText.split(".",4)[0]
$b = $resultText.split(".",4)[1]
$c = $resultText.split(".",4)[2]
$d = $resultText.split(".",4)[3]
$gateway = "$a.$b.$c.1"

$wmi.SetGateways("$gateway") | Out-Null

#注意: 此处是DNS，根据实际情况进行更改
$dns = "10.23.110.201", "10.23.110.200"

$wmi.SetDNSSERVERSearchOrder($dns) | Out-Null

ipconfig /flushdns  | Out-Null
sleep 1
ipconfig /flushdns  | Out-Null
#$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition
#C:opstoolsInit_fileChangeName.vbs
netsh interface ip show config  | Out-Null
sleep 1
#ping www.baidu.com

echo " "
echo " "

#注意：此处需要根据情况修改主机名
echo "++++++ 更改主机名 ++++++"
echo " "
#rename-computer -newname "BXVW-APP-$c-$d"
C:opstoolsInit_fileChangeName.vbs
sleep 8
echo "+++++ 主机名文件未生成 +++++"
$result = Test-Path C:opstoolsInit_fileComputerName.txt
while ($result -cnotcontains "False")
    {
       $result = Test-Path C:opstoolsInit_fileComputerName.txt
       echo " "
       echo "    等待输入 ComputerName"
       sleep 3
    }

echo " "
echo "+++++ 获取更改后的主机名 +++++"
$CName = Get-Content C:opstoolsInit_fileComputerName.txt
echo $CName
echo " "
echo " "
sleep 3

net use \10.23.10.104D$ "密码" /user:beisencorpsysops
net use
sleep 3

echo "+++++ 部署 Salt +++++"
Copy-Item "\10.23.10.104d$opstoolssalt-package" -Destination "d:" -recurse
cmd.exe /c "d:salt-packageSalt-Minion-2016.3.0-AMD64-Setup.exe /S /master=10.23.110.202 /minion-name=$CName"
#return

Get-Service -Name salt-minion
sleep 2
Remove-Item 'C:opstoolsInit_fileComputerName.txt'
sleep 2

netsh interface ip show config
sleep 3
ping www.baidu.com
Shutdown.exe -r -t 8

更改主机名-原版本

Dim reval
Set objnet = CreateObject ("WScript.Network")
Set R = CreateObject("WScript.Shell")
reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName")

NameText = "C:opstoolsInit_fileComputerName.txt"
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.CreateTextFile(NameText, True) 
f.WriteLine reval
f.Close

On Error Resume Next
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\" _
    & strComputer & "
ootcimv2")
Set colComputers = objWMIService.ExecQuery _
    ("Select * from Win32_ComputerSystem")

For Each objComputer in colComputers
    errReturn = ObjComputer.Rename (reval)
    If reval <> "" Then 
                return=MsgBox ("Reboot Computer?",vbokcancel+vbexclamation,"tips!")
                If return=vbok Then
                    R.run("Shutdown.exe -r -t 20")
                End if
    End If 
Next

更改主机名-新版本

Dim reval
Set objnet = CreateObject ("WScript.Network")
Set R = CreateObject("WScript.Shell")
reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName")

NameText = "C:opstoolsInit_fileComputerName.txt"
Set fs = CreateObject("Scripting.FileSystemObject")
Set f = fs.CreateTextFile(NameText, True) 
f.WriteLine reval
f.Close

On Error Resume Next
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\" _
    & strComputer & "
ootcimv2")
Set colComputers = objWMIService.ExecQuery _
    ("Select * from Win32_ComputerSystem")

For Each objComputer in colComputers
    errReturn = ObjComputer.Rename (reval)
Next

 salt执行

列出所有key 

# salt-key -L

接受指定key

salt-key -a BXVW-APP-21-253 -y

检查salt-minion是否运行

salt BXVW-APP-21-253 cmd.run 'get-service -name salt-minion' shell=powershell     

执行加域脚本

salt BXVW-APP-21-253 cmd.run 'C:opstoolsInit_fileAddDomain.ps1' shell=powershell

执行安装 zabbix 脚本

salt BXVW-APP-21-253 cmd.run 'C:opstoolsinstall_scriptWinAgentzabbix_deploy_allzabbix_4.0_EnglishOS_BX_autoinstall.bat' shell=powershell

检查zabbix是否执行

salt BXVW-APP-21-253 cmd.run 'get-service -name "Zabbix Agent"' shell=powershell

salt BXVW-APP-21-253 cmd.run 'get-service -name "Beisen.OpsManagement.WindowsService"  shell=powershell

暂不使用：salt BXVW-APP-21-253 cmd.run cmd='zabbix_4.0_EnglishOS_BX_autoinstall.bat' cwd='C:opstoolsinstall_scriptWinAgentzabbix_deploy_all'

检查服务是否安装

salt BXVW-APP-21-253 cmd.run get-service shell=powershell | grep -E "Status|salt-minion|Zabbix Agent|Beisen.Quark.Register|Beisen.OpsManagement.WindowsService"

 salt "BXVW-APP-21-253" state.sls checkWindows.copydir

在10.23.110.202上

执行：salt "BXVW-APP-21-253" cmd.run "C:opstoolsInit_filecheckWIN.ps1" shell=powershell

 

[root@oneops-110-202 checkWindows]# pwd
/srv/salt/checkWindows

[root@oneops-110-202 checkWindows]# cat copydir.sls 
copy_dir:
  file.managed:
    - name: C:opstoolsInit_filecheckWIN.ps1 
    - source: salt://checkWindows/checkWIN.ps1
    - makedirs: 'True'
  cmd.run:
    - name: powershell.exe C:opstoolsInit_filecheckWIN.ps1

[root@oneops-110-202 checkWindows]# cat checkWIN.ps1 
echo "Check the WIN"
echo " "

ipconfig | select-string "IPv4"
echo " "
echo " "

hostname
echo " "
echo " "

systeminfo | select-string "Domain"
echo " "
echo " "

net localgroup Administrators | select-string "BEISENCORP|PROD"
echo " "
echo " "

netsh advfirewall show allprofiles | select-string "Profile|State"
echo " "
echo " "

get-service | findstr "salt-minion"
echo " "
echo " "

get-service | findstr "Zabbix"
echo " "
echo " "

get-service | findstr "Beisen.OpsManagement.WindowsService"
echo " "
echo " "

get-service | findstr "Beisen.Quark.Register"
echo " "
echo " "
sleep 3

 

 

你好

echo " "
echo "++++++ Add Domain ++++++"

#Check the key file
$TestFile=Test-Path 'C:opstoolsInit_filePass.txt'
if ("$TestFile" -eq "False")
{
    echo " "
    echo " "
    echo "    Pass.txt is not esxit!!!"
    echo " "
    sleep 1
    echo "    Pass.txt is not esxit!!!"
    echo " "
    sleep 1
    echo "    Add domain filed, exit!!!"
    echo " "
    echo " "
    sleep 3
    exit
}


$File = "c:opstoolsInit_filePass.txt"
[Byte[]] $key = (1..16)
$encpasswd = Get-Content $File
$domain = "prod.beisencorp.com" 
$ss = ConvertTo-SecureString -String $encpasswd -Key $key
$cred = New-Object System.Management.Automation.PSCredential 'beisencorpzhouzun', $ss
Add-Computer -DomainName $domain -Credential $cred

$result = $?

if ("$result" -eq "False")
{
    echo " "
    echo " "
    echo "The result： $result"
    echo " "
    echo "Failed to add domain, exit!!!"
    echo " "
    sleep 1
    echo "Failed to add domain, exit!!!"
    echo " "
    sleep 1
    echo "Failed to add domain, exit!!!"
    echo " "
    echo " "
    sleep 5
    exit
}
else
{
    echo " "
    echo "Add damain success!!!"
    echo " "
    echo "The result of add domain：$result"
}

echo " "
echo " "
sleep 2


echo "++++++Add ops group++++++"
net localgroup Administrators BEISENCORPOPS /add
echo "The result： $?"
echo " "
echo " "
sleep 2


#Turn off the firewall
#netsh firewall set opmode mode=disable
echo "++++++ Turn off the firewall ++++++"
netsh advfirewall set allprofiles state off
echo "The result： $?"  
echo " "
echo " "
sleep 2


echo "++++++ Check Hostname ++++++"
hostname
echo " "
echo " "
sleep 2


echo "++++++ Check IP ++++++"
netsh interface ip show config | select-string "10."
echo " "
echo " "
sleep 2


echo "++++++Check Domain ++++++"
systeminfo | select-string "Domain"
echo " "
echo " "
sleep 2


echo "++++++ Check Group ++++++"
net localgroup Administrators | select-string "BEISENCORP|PROD"
echo " "
echo " "
sleep 2


echo "++++++ Check Firewall++++++"
netsh advfirewall show allprofiles | select-string "Profile|State"
echo " "
echo " "
sleep 2


echo "++++++Delete Key file: Pass.txt++++++"
Remove-Item 'C:opstoolsInit_filePass.txt'
$TestFile=Test-Path 'C:opstoolsInit_filePass.txt'
if ("$TestFile" -eq "True")
{
    echo " "
    echo " "
    echo "The Result： $result"
    echo " "
    echo "Delete Pass.txt Failed!!!"
    echo " "
    sleep 1
    echo "Delete Pass.txt Failed!!!"
    echo " "
    sleep 1
    echo "Delete Pass.txt Failed!!!"
    echo " "
    echo " "
    sleep 5
}
else
{
    echo "Delete Pass.txt success!!!"
}

echo " "
echo " "
echo "Restart after 5 seconds!!!"
shutdown.exe -r -t 5
sleep 5

你好