zoukankan      html  css  js  c++  java
  • windows脚本初始化-ansible

    目标:windows初始化:添加IP、修改主机名、加域、加组、关闭防火墙、开启远程访问

    前提:powershell必须是4.0以上,开启winrm、并且监听5985端口(初始化完成后可再删除)

    Powershell

    1、查看powershell版本

    > $PSVersionTable

     2、如果不是版本4.0,可以下载并更新

    https://www.microsoft.com/zh-CN/download/details.aspx?id=40855

    https://www.pstips.net/windows-management-framework-4-0-is-now-available.html

    Winrm

    参考文献

    https://baiyongjie.com/?p=274                  //可解决问题:winrm or requests is not installed: No module named winrm

    https://blog.51cto.com/57388/1641915

    https://blog.51cto.com/57388/1641801

    https://blog.51cto.com/7424593/2174156

    https://blog.csdn.net/leejeff/article/details/82907773

    https://blog.csdn.net/c1052981766/article/details/79893845

    https://docs.ansible.com/ansible/latest/user_guide/windows_setup.html

    https://www.cnblogs.com/dreamer-fish/archive/2013/03/15/2961497.html

    1、快速配置winrm(ansible管理windows服务器,需要winrm)

    > winrm quickconfig

    2、查看winrm service启动监听状态

    > winrm enumerate winrm/config/listener

    3、修改winrm配置,启用基本远程连接认证

    winrm set winrm/config/service/auth '@{Basic="true"}'

    winrm set winrm/config/service '@{AllowUnencrypted="true"}'        //为winrm service 配置加密方式为允许非加密

    winrm set winrm/config/service/auth '@{Basic="false"}'                  //关闭

    winrm set winrm/config/service '@{AllowUnencrypted="false"}'

    4、获取winrm配置信息

    > winrm get winrm/config

    5、移除默认情况下 WinRM 在 5985 端口设置的监听器

    > Get-ChildItem WSMan:localhostListener –Recurse | Foreach-Object { $_.PSPath } | Where-Object { (Get-Item "$_Port").Value -eq 5985 } | Remove-Item -Recurse

    > winrm enumerate winrm/config/listener   //再次查看

    6、关闭winrm

    > net stop winrm

    Set-Service winrm -StartupType Disabled

    7、开启winrm

    net start winrm

    Set-Service winrm -StartupType auto

    Ansible

    经过以上设置就可以使用ansible管理windows了

    https://docs.ansible.com/ansible/latest/user_guide/windows_usage.html

    https://ansible-tran.readthedocs.io/en/latest/docs/intro_windows.html

    控制端需要是Linux系统的服务器,安装ansible

    # yum install ansible -y

    # vim /etc/ansible/hosts    //此文件需要配置 IP 、用户、密码

    ......

    [Windows]
    10.........(IP)
    [Windows:vars]
    ansible_ssh_user="admin"
    ansible_ssh_pass="password"
    ansible_ssh_port=5985
    ansible_connection="winrm"
    ansible_winrm_server_cert_validation=ignore

    配置完成后即可进行测试

    执行脚本

    ansible w -m win_shell -a 'ntp.vbs chdir=c:\opstools executable=cmd'

    ansible w -m raw -a 'c:opstools tp.vbs'

     查看服务器内的服务状态

    ansible w -m win_shell -a 'get-service -displayname "salt-minion"'

    添加 IP 和 主机名 

    此处需要登陆到服务器中手动执行此脚本

    脚本名称:AddIP.ps1 

    <#
        Intro: This function will display a form to communicate with the user.
        Input: -FormText -ButtonText
        Example: MakeForm -FormText "ForInput" -ButtonText "Submit"
        Use: To make the PowerShell program's interactivity better.
    #>
    function MakeForm{
        param($FormText,$ButtonText)
        $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
        $form = New-Object Windows.Forms.Form
        $form.size = New-Object Drawing.Size -Arg 400,80
        $form.StartPosition = "CenterScreen"
        $form.Text = $FormText.toString()
        $textBox = New-Object Windows.Forms.TextBox
        $textBox.Dock = "fill"
        $form.Controls.Add($textBox)
        $button = New-Object Windows.Forms.Button
        $button.Text = $ButtonText
        $button.Dock = "Bottom"
        $button.add_Click(
        {$global:resultText = $textBox.Text;$form.Close()})
        $form.Controls.Add($button)
        [Void]$form.ShowDialog()
    }
    
    MakeForm -FormText "请输入主机IP:" -ButtonText "Submit"
    echo $resultText
    
    $wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"
    
    #注意: 此处是子网掩码,根据实际情况进行更改
    $wmi.EnableStatic("$resultText", "255.255.255.0")  | Out-Null
    
    $a = $resultText.split(".",4)[0]
    $b = $resultText.split(".",4)[1]
    $c = $resultText.split(".",4)[2]
    $d = $resultText.split(".",4)[3]
    $gateway = "$a.$b.$c.1"
    
    $wmi.SetGateways("$gateway") | Out-Null
    
    #注意: 此处是DNS,根据实际情况进行更改
    $dns = "DNS1", "DNS2"
    
    $wmi.SetDNSSERVERSearchOrder($dns)  | Out-Null
    
    ipconfig /flushdns
    
    #$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition
    
    #C:opstoolsInit_fileChangeName.vbs
    
    netsh interface ip show config
    
    sleep 3
    
    ping www.baidu.com
    
    #注意:此处需要根据情况修改主机名
    echo "++++++更改主机名++++++"
    rename-computer -newname "BJVW-TEST-$c-$d"  
    
    netsh interface ip show config
    
    sleep 8
    
    ping www.baidu.com
    shutdown.exe -r -t 3

    域账户密码加密

    windows需要加域,但是在加域过程中是需要使用域账户进行验证;

    想要实现自动加域,则需要将域账户和密码写入文本中,这样会有密码泄露的危险,所以需要对密码进行加密;

     参考文献:

    https://blog.51cto.com/daniel1205/1876326

    https://www.pdq.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

    想要使用加密后的密钥进行自动加域,其实很简单。首先将密码加密,放在一台固定的服务器上,然后在需要加域的脚本中指定密码的路径,就可以进行自动加域了;

    1、首先在指定服务器上生成域账户密码密钥,(比如在PC1节点上)

    此脚本是: Pass.ps1

    $File = "\IP或者hostnameC$opstoolsInit_filePass.txt"     //加密后的密钥文件要存放的指定服务器路径
    [Byte[]] $key = (1..16)
    $Password = "域账号密码" | ConvertTo-SecureString -AsPlainText -Force
    $Password | ConvertFrom-SecureString -key $key | Out-File $File

     2、从 PC1 访问密钥文件进行测试 

    $File = "\IP或者hostnameC$opstoolsInit_filePass.txt"
    [Byte[]] $key = (1..16)
    Get-Content $File | ConvertTo-SecureString -Key $key 

     

    3、同样的方法,从 PC2 访问密钥文件进行测试 (需要加域的服务器上进行测试,网络是必须通的)

    注意:密钥文件可以放在固定服务器上的固定目录中,也可以放在需要加域的指定目录中

    4、生成密钥文件并检测

    Generatekey.ps1

    echo " "
    echo "+++++生成密钥文件++++++"
    $File = "C:opstoolszabbix_fileWinAgentzabbix_deploy_allPass.txt"     //根据需要进行更改
    [Byte[]] $key = (1..16)
    $Password = "账户密码" | ConvertTo-SecureString -AsPlainText -Force    //根据需要进行更改
    $Password | ConvertFrom-SecureString -key $key | Out-File $File
    sleep 2
    
    #域账户密码
    
    #检查密钥文件是否存在
    $TestFile=Test-Path $File
    if ("$TestFile" -eq "False")
    {
        echo " "
        echo " "
        echo "结果为: $result"
        echo " "
        echo "Pass.txt 密钥文件不存在!!!"
        echo " "
        sleep 1
        echo "Pass.txt 密钥文件不存在!!!"
        echo " "
        sleep 1
        echo "Pass.txt 密钥文件不存在!!!"
        echo " "
        echo " "
        sleep 3
    }
    else
    {
        echo "Pass.txt 密钥文件已存在!!!"
    }
    
    echo " "
    echo " "
    sleep 2
    
    echo "+++++检测密钥文件是否正常++++++"
    [Byte[]] $key = (1..16)
    Get-Content $File | ConvertTo-SecureString -Key $key
    sleep 3

    ManualAddDomain

    手动加域

    echo "++++++添加域++++++"
    #$domain = "域服务器.com"   
    #$credential = New-Object System.Management.Automation.PSCredential($username,$password) 
    #Add-Computer -DomainName $domain -Credential $credential

    AutoAddDomain

    自动加域

    echo "++++++添加域++++++"
    #手动加域 #$domain = "域服务器.com" #$credential = New-Object System.Management.Automation.PSCredential($username,$password) #Add-Computer -DomainName $domain -Credential $credential
    #自动加域 $File
    = "密钥文件路径" //域密码加密后的存放路径 [Byte[]] $key = (1..16) $encpasswd = Get-Content $File $domain = "域服务器.com" $ss = ConvertTo-SecureString -String $encpasswd -Key $key $cred = New-Object System.Management.Automation.PSCredential '域账户', $ss Add-Computer -DomainName $domain -Credential $cred $result = $? if ("$result" -eq "False") { echo " " echo " " echo "结果为: $result" echo " " echo "用户名或密码错误,加域失败,即将退出!!!" echo " " sleep 1 echo "用户名或密码错误,加域失败,即将退出!!!" echo " " sleep 1 echo "用户名或密码错误,加域失败,即将退出!!!" echo " " echo " " sleep 3 exit } else { echo " " echo "加域成功!!!" echo " " echo "加域结果为: $result" } echo " " echo " " sleep 2 echo "++++++添加ops组++++++" net localgroup Administrators 添加工作组 /add echo "结果为: $?" echo " " echo " " sleep 3 #只关闭域防火墙 #netsh firewall set opmode mode=disable echo "++++++关闭所有防火墙++++++" netsh advfirewall set allprofiles state off echo "结果为: $?" echo " " echo " " sleep 3 echo "++++++查看主机名++++++" hostname echo " " echo " " sleep 3 echo "++++++查看主机IP++++++" netsh interface ip show config | select-string "10." echo " " echo " " sleep 3 echo "++++++查看域名++++++" systeminfo | select-string "Domain" echo " " echo " " sleep 3 echo "++++++查看组++++++" net localgroup Administrators | select-string "查看工作组" echo " " echo " " sleep 3 echo "++++++查看防火墙++++++" netsh advfirewall show allprofiles | select-string "Profile|State" echo " " echo " " echo "++++++删除文件: Pass.txt++++++" Remove-Item 'C:opstoolsInit_filePass.txt' $TestFile=Test-Path 'C:opstoolsInit_filePass.txt' if ("$TestFile" -eq "True") { echo " " echo " " echo "结果为: $result" echo " " echo "Delete Pass.txt Failed!!!" echo " " sleep 1 echo "Delete Pass.txt Failed!!!" echo " " sleep 1 echo "Delete Pass.txt Failed!!!" echo " " echo " " sleep 3 } else { echo " " echo "删除文件: Pass.txt 成功!!!"
    echo "12秒钟后将重启!!!"
    echo " "
    echo " "
    }
    
    shutdown.exe -r -t 12
    sleep 10

    使用ansible为windows加域

    ansible w -m raw -a 'C:opstoolsInit_fileAutoAddDomain.ps1'
    ansible w -m raw -a 'C:opstoolszabbix_fileWinAgentzabbix_deploy_allzabbix_4.0_EnglishOS_BX_autoinstall.bat'

    你好

    set File =C:opstoolszabbix_fileWinAgentzabbix_deploy_allPass.txt
    [Byte[]] set key = (1..16)
    set encpasswd = Get-Content %File%
    set ss = ConvertTo-SecureString -String $encpasswd -Key %key%
    set cred = New-Object System.Management.Automation.PSCredential 'beisencorpsysops', %ss%
    
    net use \10.23.10.104D$ %cred%
    net use \10.23.10.103e$ %cred%

    你好

     powershell脚本

    $File = "C:opstoolszabbix_fileWinAgentzabbix_deploy_allPass.txt"
    [Byte[]] $key = (1..16)
    $encpasswd = Get-Content $File
    $ss = ConvertTo-SecureString -String $encpasswd -Key $key
    $cred = "New-Object System.Management.Automation.PSCredential 'beisencorpsysops', $ss"
    
    net use \10.23.10.104D$ $cred
    net use \10.23.10.103e$ $cred
    net use

    你好

     不升级powershell版本,配置IP和主机名的时候直接安装salt

    NameText = "C:opstoolsInit_file ame.txt"
    Set fs = CreateObject("Scripting.FileSystemObject")
    Set f = fs.CreateTextFile(NameText, True)
    f.WriteLine reval
    f.Close

    你好

    Dim reval
    Set objnet = CreateObject ("WScript.Network")
    Set R = CreateObject("WScript.Shell")
    reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName")

    NameText = "C:opstoolsInit_fileComputerName.txt"
    Set fs = CreateObject("Scripting.FileSystemObject")
    Set f = fs.CreateTextFile(NameText, True) 
    f.WriteLine reval
    f.Close
    On Error Resume Next strComputer
    = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\" _ & strComputer & " ootcimv2") Set colComputers = objWMIService.ExecQuery _ ("Select * from Win32_ComputerSystem") For Each objComputer in colComputers errReturn = ObjComputer.Rename (reval) If reval <> "" Then return=MsgBox ("Reboot Computer?",vbokcancel+vbexclamation,"tips!") If return=vbok Then R.run("Shutdown.exe -r -t 20") End if End If Next

    你好

    <#     ///最终添加主机IP和主机名文件
        Intro: This function will display a form to communicate with the user.
        Input: -FormText -ButtonText
        Example: MakeForm -FormText "ForInput" -ButtonText "Submit"
        Use: To make the PowerShell program's interactivity better.
    #>
    function MakeForm{
        param($FormText,$ButtonText)
        $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
        $form = New-Object Windows.Forms.Form
        $form.size = New-Object Drawing.Size -Arg 400,80
        $form.StartPosition = "CenterScreen"
        $form.Text = $FormText.toString()
        $textBox = New-Object Windows.Forms.TextBox
        $textBox.Dock = "fill"
        $form.Controls.Add($textBox)
        $button = New-Object Windows.Forms.Button
        $button.Text = $ButtonText
        $button.Dock = "Bottom"
        $button.add_Click(
        {$global:resultText = $textBox.Text;$form.Close()})
        $form.Controls.Add($button)
        [Void]$form.ShowDialog()
    }
    
    echo " "
    echo "++++++ 添加IP ++++++"
    echo " "
    MakeForm -FormText "请输入主机IP:" -ButtonText "Submit"
    echo "即将配置: $resultText 到此服务器"
    
    $wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"
    
    #注意: 此处是子网掩码,根据实际情况进行更改
    $wmi.EnableStatic("$resultText", "255.255.255.0")  | Out-Null
    
    $a = $resultText.split(".",4)[0]
    $b = $resultText.split(".",4)[1]
    $c = $resultText.split(".",4)[2]
    $d = $resultText.split(".",4)[3]
    $gateway = "$a.$b.$c.1"
    
    $wmi.SetGateways("$gateway") | Out-Null
    
    #注意: 此处是DNS,根据实际情况进行更改
    $dns = "10.23.110.201", "10.23.110.200"
    
    $wmi.SetDNSSERVERSearchOrder($dns) | Out-Null
    
    ipconfig /flushdns  | Out-Null
    sleep 1
    ipconfig /flushdns  | Out-Null
    #$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition
    #C:opstoolsInit_fileChangeName.vbs
    netsh interface ip show config  | Out-Null
    sleep 1
    #ping www.baidu.com
    
    echo " "
    echo " "
    
    #注意:此处需要根据情况修改主机名
    echo "++++++更改主机名++++++"
    echo " "
    #rename-computer -newname "BXVW-APP-$c-$d"
    C:opstoolsInit_fileChangeName.vbs
    sleep 5
    echo "+++++判断主机名文件是否生成+++++"
    echo " "
    echo " " $result = Test-Path C:opstoolsInit_fileComputerName.txt while ($result -cnotcontains "False") { $result = Test-Path C:opstoolsInit_fileComputerName.txt echo "等待输入ComputerName" sleep 3 }
    echo " "
    echo " " echo
    "+++++获取更改后的主机名" $CName = Get-Content C:opstoolsInit_fileComputerName.txt echo $CName
    echo " "
    echo " " sleep
    3
    net use \10.23.10.104D$ "密码" /user:beisencorpsysops net use
    echo " "
    echo " " sleep
    3 echo "+++++部署 Salt +++++" Copy-Item "\10.23.10.104d$opstoolssalt-package" -Destination "d:" -recurse cmd.exe /c "d:salt-packageSalt-Minion-2016.3.0-AMD64-Setup.exe /S /master=10.23.110.202 /minion-name=$CName" #return Get-Service -Name salt-minion sleep 5 netsh interface ip show config sleep 3 ping www.baidu.com Shutdown.exe -r -t 15

    添加 IP 新版本

     <#
    Intro: This function will display a form to communicate with the user. Input:
    -FormText -ButtonText Example: MakeForm -FormText "ForInput" -ButtonText "Submit" Use: To make the PowerShell program's interactivity better. #> function MakeForm{ param($FormText,$ButtonText) $null = [Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") $form = New-Object Windows.Forms.Form $form.size = New-Object Drawing.Size -Arg 400,80 $form.StartPosition = "CenterScreen" $form.Text = $FormText.toString() $textBox = New-Object Windows.Forms.TextBox $textBox.Dock = "fill" $form.Controls.Add($textBox) $button = New-Object Windows.Forms.Button $button.Text = $ButtonText $button.Dock = "Bottom" $button.add_Click( {$global:resultText = $textBox.Text;$form.Close()}) $form.Controls.Add($button) [Void]$form.ShowDialog() } echo " " echo "++++++ 添加IP ++++++" echo " " MakeForm -FormText "请输入主机IP:" -ButtonText "Submit" echo "即将配置: $resultText 到此服务器" $wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'" #注意: 此处是子网掩码,根据实际情况进行更改 $wmi.EnableStatic("$resultText", "255.255.255.0") | Out-Null $a = $resultText.split(".",4)[0] $b = $resultText.split(".",4)[1] $c = $resultText.split(".",4)[2] $d = $resultText.split(".",4)[3] $gateway = "$a.$b.$c.1" $wmi.SetGateways("$gateway") | Out-Null #注意: 此处是DNS,根据实际情况进行更改 $dns = "10.23.110.201", "10.23.110.200" $wmi.SetDNSSERVERSearchOrder($dns) | Out-Null ipconfig /flushdns | Out-Null sleep 1 ipconfig /flushdns | Out-Null #$CurrentyDir = Split-Path -Parent $MyInvocation.MyCommand.Definition #C:opstoolsInit_fileChangeName.vbs netsh interface ip show config | Out-Null sleep 1 #ping www.baidu.com echo " " echo " " #注意:此处需要根据情况修改主机名 echo "++++++ 更改主机名 ++++++" echo " " #rename-computer -newname "BXVW-APP-$c-$d" C:opstoolsInit_fileChangeName.vbs sleep 8 echo "+++++ 主机名文件未生成 +++++" $result = Test-Path C:opstoolsInit_fileComputerName.txt while ($result -cnotcontains "False") { $result = Test-Path C:opstoolsInit_fileComputerName.txt
    echo " " echo
    " 等待输入 ComputerName"
    sleep 3 }
    echo " " echo
    "+++++ 获取更改后的主机名 +++++" $CName = Get-Content C:opstoolsInit_fileComputerName.txt
    echo $CName
    echo " "
    echo " " sleep
    3
    net use \10.23.10.104D$ "密码" /user:beisencorpsysops net use sleep 3 echo "+++++ 部署 Salt +++++" Copy-Item "\10.23.10.104d$opstoolssalt-package" -Destination "d:" -recurse cmd.exe /c "d:salt-packageSalt-Minion-2016.3.0-AMD64-Setup.exe /S /master=10.23.110.202 /minion-name=$CName" #return Get-Service -Name salt-minion
    sleep 2 Remove
    -Item 'C:opstoolsInit_fileComputerName.txt' sleep 2 netsh interface ip show config sleep 3 ping www.baidu.com Shutdown.exe -r -t 8

    更改主机名-原版本

    Dim reval
    Set objnet = CreateObject ("WScript.Network")
    Set R = CreateObject("WScript.Shell")
    reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName")
    
    NameText = "C:opstoolsInit_fileComputerName.txt"
    Set fs = CreateObject("Scripting.FileSystemObject")
    Set f = fs.CreateTextFile(NameText, True) 
    f.WriteLine reval
    f.Close
    
    On Error Resume Next
    strComputer = "."
    Set objWMIService = GetObject("winmgmts:" _
        & "{impersonationLevel=impersonate}!\" _
        & strComputer & "
    ootcimv2")
    Set colComputers = objWMIService.ExecQuery _
        ("Select * from Win32_ComputerSystem")
    
    For Each objComputer in colComputers
        errReturn = ObjComputer.Rename (reval)
        If reval <> "" Then 
                    return=MsgBox ("Reboot Computer?",vbokcancel+vbexclamation,"tips!")
                    If return=vbok Then
                        R.run("Shutdown.exe -r -t 20")
                    End if
        End If 
    Next

    更改主机名-新版本

    Dim reval
    Set objnet = CreateObject ("WScript.Network")
    Set R = CreateObject("WScript.Shell")
    reval = InputBox ("Your ComputerName is:" & objnet.ComputerName,"Input Your new ComputerName")
    
    NameText = "C:opstoolsInit_fileComputerName.txt"
    Set fs = CreateObject("Scripting.FileSystemObject")
    Set f = fs.CreateTextFile(NameText, True) 
    f.WriteLine reval
    f.Close
    
    On Error Resume Next
    strComputer = "."
    Set objWMIService = GetObject("winmgmts:" _
        & "{impersonationLevel=impersonate}!\" _
        & strComputer & "
    ootcimv2")
    Set colComputers = objWMIService.ExecQuery _
        ("Select * from Win32_ComputerSystem")
    
    For Each objComputer in colComputers
        errReturn = ObjComputer.Rename (reval)
    Next

     salt执行

    列出所有key 

    # salt-key -L

    接受指定key

    salt-key -a BXVW-APP-21-253 -y

    检查salt-minion是否运行

    salt BXVW-APP-21-253 cmd.run 'get-service -name salt-minion' shell=powershell     

    执行加域脚本

    salt BXVW-APP-21-253 cmd.run 'C:opstoolsInit_fileAddDomain.ps1' shell=powershell

    执行安装 zabbix 脚本

    salt BXVW-APP-21-253 cmd.run 'C:opstoolsinstall_scriptWinAgentzabbix_deploy_allzabbix_4.0_EnglishOS_BX_autoinstall.bat' shell=powershell

    检查zabbix是否执行

    salt BXVW-APP-21-253 cmd.run 'get-service -name "Zabbix Agent"' shell=powershell

    salt BXVW-APP-21-253 cmd.run 'get-service -name "Beisen.OpsManagement.WindowsService"  shell=powershell

    暂不使用:salt BXVW-APP-21-253 cmd.run cmd='zabbix_4.0_EnglishOS_BX_autoinstall.bat' cwd='C:opstoolsinstall_scriptWinAgentzabbix_deploy_all'

    检查服务是否安装

    salt BXVW-APP-21-253 cmd.run get-service shell=powershell | grep -E "Status|salt-minion|Zabbix Agent|Beisen.Quark.Register|Beisen.OpsManagement.WindowsService"

     salt "BXVW-APP-21-253" state.sls checkWindows.copydir

    在10.23.110.202上

    执行:salt "BXVW-APP-21-253" cmd.run "C:opstoolsInit_filecheckWIN.ps1" shell=powershell

     

    [root@oneops-110-202 checkWindows]# pwd
    /srv/salt/checkWindows
    [root@oneops
    -110-202 checkWindows]# cat copydir.sls copy_dir: file.managed: - name: C:opstoolsInit_filecheckWIN.ps1 - source: salt://checkWindows/checkWIN.ps1 - makedirs: 'True' cmd.run: - name: powershell.exe C:opstoolsInit_filecheckWIN.ps1
    [root@oneops
    -110-202 checkWindows]# cat checkWIN.ps1 echo "Check the WIN" echo " " ipconfig | select-string "IPv4" echo " " echo " " hostname echo " " echo " " systeminfo | select-string "Domain" echo " " echo " " net localgroup Administrators | select-string "BEISENCORP|PROD" echo " " echo " " netsh advfirewall show allprofiles | select-string "Profile|State" echo " " echo " " get-service | findstr "salt-minion" echo " " echo " " get-service | findstr "Zabbix" echo " " echo " " get-service | findstr "Beisen.OpsManagement.WindowsService" echo " " echo " " get-service | findstr "Beisen.Quark.Register" echo " " echo " " sleep 3

     

     

    你好

    echo " "
    echo "++++++ Add Domain ++++++"
    
    #Check the key file
    $TestFile=Test-Path 'C:opstoolsInit_filePass.txt'
    if ("$TestFile" -eq "False")
    {
        echo " "
        echo " "
        echo "    Pass.txt is not esxit!!!"
        echo " "
        sleep 1
        echo "    Pass.txt is not esxit!!!"
        echo " "
        sleep 1
        echo "    Add domain filed, exit!!!"
        echo " "
        echo " "
        sleep 3
        exit
    }
    
    
    $File = "c:opstoolsInit_filePass.txt"
    [Byte[]] $key = (1..16)
    $encpasswd = Get-Content $File
    $domain = "prod.beisencorp.com" 
    $ss = ConvertTo-SecureString -String $encpasswd -Key $key
    $cred = New-Object System.Management.Automation.PSCredential 'beisencorpzhouzun', $ss
    Add-Computer -DomainName $domain -Credential $cred
    
    $result = $?
    
    if ("$result" -eq "False")
    {
        echo " "
        echo " "
        echo "The result: $result"
        echo " "
        echo "Failed to add domain, exit!!!"
        echo " "
        sleep 1
        echo "Failed to add domain, exit!!!"
        echo " "
        sleep 1
        echo "Failed to add domain, exit!!!"
        echo " "
        echo " "
        sleep 5
        exit
    }
    else
    {
        echo " "
        echo "Add damain success!!!"
        echo " "
        echo "The result of add domain:$result"
    }
    
    echo " "
    echo " "
    sleep 2
    
    
    echo "++++++Add ops group++++++"
    net localgroup Administrators BEISENCORPOPS /add
    echo "The result: $?"
    echo " "
    echo " "
    sleep 2
    
    
    #Turn off the firewall
    #netsh firewall set opmode mode=disable
    echo "++++++ Turn off the firewall ++++++"
    netsh advfirewall set allprofiles state off
    echo "The result: $?"  
    echo " "
    echo " "
    sleep 2
    
    
    echo "++++++ Check Hostname ++++++"
    hostname
    echo " "
    echo " "
    sleep 2
    
    
    echo "++++++ Check IP ++++++"
    netsh interface ip show config | select-string "10."
    echo " "
    echo " "
    sleep 2
    
    
    echo "++++++Check Domain ++++++"
    systeminfo | select-string "Domain"
    echo " "
    echo " "
    sleep 2
    
    
    echo "++++++ Check Group ++++++"
    net localgroup Administrators | select-string "BEISENCORP|PROD"
    echo " "
    echo " "
    sleep 2
    
    
    echo "++++++ Check Firewall++++++"
    netsh advfirewall show allprofiles | select-string "Profile|State"
    echo " "
    echo " "
    sleep 2
    
    
    echo "++++++Delete Key file: Pass.txt++++++"
    Remove-Item 'C:opstoolsInit_filePass.txt'
    $TestFile=Test-Path 'C:opstoolsInit_filePass.txt'
    if ("$TestFile" -eq "True")
    {
        echo " "
        echo " "
        echo "The Result: $result"
        echo " "
        echo "Delete Pass.txt Failed!!!"
        echo " "
        sleep 1
        echo "Delete Pass.txt Failed!!!"
        echo " "
        sleep 1
        echo "Delete Pass.txt Failed!!!"
        echo " "
        echo " "
        sleep 5
    }
    else
    {
        echo "Delete Pass.txt success!!!"
    }
    
    echo " "
    echo " "
    echo "Restart after 5 seconds!!!"
    shutdown.exe -r -t 5
    sleep 5

    你好

  • 相关阅读:
    找出水王
    第九周进度表
    [设计模式]组合模式
    [设计模式]外观模式
    [设计模式]策略模式
    [设计模式] 6个设计遵循基本原则
    [OSGI]Eclipse4.2 OSGI依赖Bundle
    [xfire]使用xfire开发webservice的简单示例
    [HTML5 Canvas学习]使用颜色和透明度
    [HTML5 Canvas学习]绘制矩形
  • 原文地址:https://www.cnblogs.com/hanshanxiaoheshang/p/12193113.html
Copyright © 2011-2022 走看看