├── CODEOWNERS ├── LICENSE.txt ├── NOTICE.txt ├── README.md ├── modules ├── AWSQuickStart.zip └── AWSQuickStart │ └── AWSQuickStart.psm1 └── scripts ├── Create-ADServiceAccount.ps1 ├── Create-Share.ps1 ├── CreateWaitHandle.ps1 ├── Disable-AutoLogon.ps1 ├── Disable-CredSSP.ps1 ├── DisableCredSsp.ps1 ├── Dockerfile ├── Download-File.ps1 ├── Enable-AutoLogon.ps1 ├── Enable-CredSSP.ps1 ├── EnableCredSsp.ps1 ├── Install-Module.ps1 ├── Install-WMF5.ps1 ├── Install-WMF51.ps1 ├── Invoke-ADReplication.ps1 ├── Join-ADDSDomain.ps1 ├── Join-Domain.ps1 ├── Mount-DiskImage.ps1 ├── New-LocalAdministrator.ps1 ├── Rename-Computer.ps1 ├── Reset-LocalAdminPassword.ps1 ├── Restart-Computer.ps1 ├── Set-Dns.ps1 ├── Set-PrimaryDNSSuffix.ps1 └── Unzip-Archive.ps1 /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @davmayd @aws-quickstart/aws_quickstart_team 2 | * @tbulding @aws-quickstart/aws_quickstart_team 3 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright {yyyy} {name of copyright owner} 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /NOTICE.txt: -------------------------------------------------------------------------------- 1 | Copyright 2015-2016 Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at 4 | 5 | http://aws.amazon.com/apache2.0/ 6 | 7 | or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. 8 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | quickstart-microsoft-utilities 2 | ============== 3 | 4 | These utility scripts are common scripts shared by the Microsoft based AWS Quick Starts 5 | -------------------------------------------------------------------------------- /modules/AWSQuickStart.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-microsoft-utilities/370971c51178b0454107743d08ca4530323cce7b/modules/AWSQuickStart.zip -------------------------------------------------------------------------------- /modules/AWSQuickStart/AWSQuickStart.psm1: -------------------------------------------------------------------------------- 1 | function New-AWSQuickStartWaitHandle { 2 | [CmdletBinding()] 3 | Param( 4 | [Parameter(Mandatory=$true, ValueFromPipeline=$true)] 5 | [string] 6 | $Handle, 7 | 8 | [Parameter(Mandatory=$false)] 9 | [string] 10 | $Path = 'HKLM:\SOFTWARE\AWSQuickStart\', 11 | 12 | [Parameter(Mandatory=$false)] 13 | [switch] 14 | $Base64Handle 15 | ) 16 | 17 | try { 18 | $ErrorActionPreference = "Stop" 19 | 20 | Write-Verbose "Creating $Path" 21 | New-Item $Path -Force 22 | 23 | if ($Base64Handle) { 24 | Write-Verbose "Trying to decode handle Base64 string as UTF8 string" 25 | $decodedHandle = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($Handle)) 26 | if ($decodedHandle -notlike "http*") { 27 | Write-Verbose "Now trying to decode handle Base64 string as Unicode string" 28 | $decodedHandle = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String($Handle)) 29 | } 30 | Write-Verbose "Decoded handle string: $decodedHandle" 31 | $Handle = $decodedHandle 32 | } 33 | 34 | Write-Verbose "Creating Handle Registry Key" 35 | New-ItemProperty -Path $Path -Name Handle -Value $Handle -Force 36 | 37 | Write-Verbose "Creating ErrorCount Registry Key" 38 | New-ItemProperty -Path $Path -Name ErrorCount -Value 0 -PropertyType dword -Force 39 | } 40 | catch { 41 | Write-Verbose $_.Exception.Message 42 | } 43 | } 44 | 45 | function New-AWSQuickStartResourceSignal { 46 | [CmdletBinding()] 47 | Param( 48 | [Parameter(Mandatory=$true)] 49 | [string] 50 | $Stack, 51 | 52 | [Parameter(Mandatory=$true)] 53 | [string] 54 | $Resource, 55 | 56 | [Parameter(Mandatory=$true)] 57 | [string] 58 | $Region, 59 | 60 | [Parameter(Mandatory=$false)] 61 | [string] 62 | $Path = 'HKLM:\SOFTWARE\AWSQuickStart\' 63 | ) 64 | 65 | try { 66 | $ErrorActionPreference = "Stop" 67 | 68 | Write-Verbose "Creating $Path" 69 | New-Item $Path -Force 70 | 71 | Write-Verbose "Creating Stack Registry Key" 72 | New-ItemProperty -Path $Path -Name Stack -Value $Stack -Force 73 | 74 | Write-Verbose "Creating Resource Registry Key" 75 | New-ItemProperty -Path $Path -Name Resource -Value $Resource -Force 76 | 77 | Write-Verbose "Creating Region Registry Key" 78 | New-ItemProperty -Path $Path -Name Region -Value $Region -Force 79 | 80 | Write-Verbose "Creating ErrorCount Registry Key" 81 | New-ItemProperty -Path $Path -Name ErrorCount -Value 0 -PropertyType dword -Force 82 | } 83 | catch { 84 | Write-Verbose $_.Exception.Message 85 | } 86 | } 87 | 88 | 89 | function Get-AWSQuickStartErrorCount { 90 | [CmdletBinding()] 91 | Param( 92 | [Parameter(Mandatory=$false)] 93 | [string] 94 | $Path = 'HKLM:\SOFTWARE\AWSQuickStart\' 95 | ) 96 | 97 | process { 98 | try { 99 | Write-Verbose "Getting ErrorCount Registry Key" 100 | Get-ItemProperty -Path $Path -Name ErrorCount -ErrorAction Stop | Select-Object -ExpandProperty ErrorCount 101 | } 102 | catch { 103 | Write-Verbose $_.Exception.Message 104 | } 105 | } 106 | } 107 | 108 | function Set-AWSQuickStartErrorCount { 109 | [CmdletBinding()] 110 | Param( 111 | [Parameter(Mandatory, ValueFromPipeline=$true)] 112 | [int32] 113 | $Count, 114 | 115 | [Parameter(Mandatory=$false)] 116 | [string] 117 | $Path = 'HKLM:\SOFTWARE\AWSQuickStart\' 118 | ) 119 | 120 | process { 121 | try { 122 | $currentCount = Get-AWSQuickStartErrorCount 123 | $currentCount += $Count 124 | 125 | Write-Verbose "Creating ErrorCount Registry Key" 126 | Set-ItemProperty -Path $Path -Name ErrorCount -Value $currentCount -ErrorAction Stop 127 | } 128 | catch { 129 | Write-Verbose $_.Exception.Message 130 | } 131 | } 132 | } 133 | 134 | function Get-AWSQuickStartWaitHandle { 135 | [CmdletBinding()] 136 | Param( 137 | [Parameter(Mandatory=$false, ValueFromPipeline=$true)] 138 | [string] 139 | $Path = 'HKLM:\SOFTWARE\AWSQuickStart\' 140 | ) 141 | 142 | process { 143 | try { 144 | $ErrorActionPreference = "Stop" 145 | 146 | Write-Verbose "Getting Handle key value from $Path" 147 | $key = Get-ItemProperty $Path 148 | 149 | return $key.Handle 150 | } 151 | catch { 152 | Write-Verbose $_.Exception.Message 153 | } 154 | } 155 | } 156 | 157 | function Get-AWSQuickStartResourceSignal { 158 | [CmdletBinding()] 159 | Param( 160 | [Parameter(Mandatory=$false)] 161 | [string] 162 | $Path = 'HKLM:\SOFTWARE\AWSQuickStart\' 163 | ) 164 | 165 | try { 166 | $ErrorActionPreference = "Stop" 167 | 168 | Write-Verbose "Getting Stack, Resource, and Region key values from $Path" 169 | $key = Get-ItemProperty $Path 170 | $resourceSignal = @{ 171 | Stack = $key.Stack 172 | Resource = $key.Resource 173 | Region = $key.Region 174 | } 175 | $toReturn = New-Object -TypeName PSObject -Property $resourceSignal 176 | 177 | if ($toReturn.Stack -and $toReturn.Resource -and $toReturn.Region) { 178 | return $toReturn 179 | } else { 180 | return $null 181 | } 182 | } 183 | catch { 184 | Write-Verbose $_.Exception.Message 185 | } 186 | } 187 | 188 | function Remove-AWSQuickStartWaitHandle { 189 | [CmdletBinding()] 190 | Param( 191 | [Parameter(Mandatory=$false, ValueFromPipeline=$true)] 192 | [string] 193 | $Path = 'HKLM:\SOFTWARE\AWSQuickStart\' 194 | ) 195 | 196 | process { 197 | try { 198 | $ErrorActionPreference = "Stop" 199 | 200 | Write-Verbose "Getting Handle key value from $Path" 201 | $key = Get-ItemProperty -Path $Path -Name Handle -ErrorAction SilentlyContinue 202 | 203 | if ($key) { 204 | Write-Verbose "Removing Handle key value from $Path" 205 | Remove-ItemProperty -Path $Path -Name Handle 206 | } 207 | } 208 | catch { 209 | Write-Verbose $_.Exception.Message 210 | } 211 | } 212 | } 213 | 214 | function Remove-AWSQuickStartResourceSignal { 215 | [CmdletBinding()] 216 | Param( 217 | [Parameter(Mandatory=$false)] 218 | [string] 219 | $Path = 'HKLM:\SOFTWARE\AWSQuickStart\' 220 | ) 221 | 222 | try { 223 | $ErrorActionPreference = "Stop" 224 | 225 | foreach ($keyName in @('Stack','Resource','Region')) { 226 | Write-Verbose "Getting Stack, Resource, and Region key values from $Path" 227 | $key = Get-ItemProperty -Path $Path -Name $keyName -ErrorAction SilentlyContinue 228 | 229 | if ($key) { 230 | Write-Verbose "Removing $keyName key value from $Path" 231 | Remove-ItemProperty -Path $Path -Name $keyName 232 | } 233 | } 234 | } 235 | catch { 236 | Write-Verbose $_.Exception.Message 237 | } 238 | } 239 | 240 | function Write-AWSQuickStartEvent { 241 | [CmdletBinding()] 242 | Param( 243 | [Parameter(Mandatory, ValueFromPipelineByPropertyName=$true)] 244 | [string] 245 | $Message, 246 | 247 | [Parameter(Mandatory=$false)] 248 | [string] 249 | $EntryType = 'Error' 250 | ) 251 | 252 | process { 253 | Write-Verbose "Checking for AWSQuickStart Eventlog Source" 254 | if(![System.Diagnostics.EventLog]::SourceExists('AWSQuickStart')) { 255 | New-EventLog -LogName Application -Source AWSQuickStart -ErrorAction SilentlyContinue 256 | } 257 | else { 258 | Write-Verbose "AWSQuickStart Eventlog Source exists" 259 | } 260 | 261 | Write-Verbose "Writing message to application log" 262 | 263 | try { 264 | Write-EventLog -LogName Application -Source AWSQuickStart -EntryType $EntryType -EventId 1001 -Message $Message 265 | } 266 | catch { 267 | Write-Verbose $_.Exception.Message 268 | } 269 | } 270 | } 271 | 272 | function Write-AWSQuickStartException { 273 | [CmdletBinding()] 274 | Param( 275 | [Parameter(Mandatory, ValueFromPipeline=$true)] 276 | [System.Management.Automation.ErrorRecord] 277 | $ErrorRecord 278 | ) 279 | 280 | process { 281 | try { 282 | Write-Verbose "Incrementing error count" 283 | Set-AWSQuickStartErrorCount -Count 1 284 | 285 | Write-Verbose "Getting total error count" 286 | $errorTotal = Get-AWSQuickStartErrorCount 287 | 288 | $errorMessage = "Command failure in {0} {1} on line {2} `nException: {3}" -f $ErrorRecord.InvocationInfo.MyCommand.name, 289 | $ErrorRecord.InvocationInfo.ScriptName, $ErrorRecord.InvocationInfo.ScriptLineNumber, $ErrorRecord.Exception.ToString() 290 | 291 | $CmdSafeErrorMessage = $errorMessage -replace '[^a-zA-Z0-9\s\.\[\]\-,:_\\\/\(\)]', '' 292 | if ($CmdSafeErrorMessage.length -gt 255) { 293 | $CmdSafeErrorMessage = $CmdSafeErrorMessage.substring(0,252) + '...' 294 | } 295 | 296 | $handle = Get-AWSQuickStartWaitHandle -ErrorAction SilentlyContinue 297 | if ($handle) { 298 | Invoke-Expression "cfn-signal.exe -e 1 --reason='$CmdSafeErrorMessage' '$handle'" 299 | } else { 300 | $resourceSignal = Get-AWSQuickStartResourceSignal -ErrorAction SilentlyContinue 301 | if ($resourceSignal) { 302 | Invoke-Expression "cfn-signal.exe -e 1 --stack '$($resourceSignal.Stack)' --resource '$($resourceSignal.Resource)' --region '$($resourceSignal.Region)'" 303 | } else { 304 | throw "No handle or stack/resource/region found in registry" 305 | } 306 | } 307 | } 308 | catch { 309 | Write-Verbose $_.Exception.Message 310 | } 311 | finally { 312 | Write-AWSQuickStartEvent -Message $errorMessage 313 | # throwing an exception to force cfn-init execution to stop 314 | throw $CmdSafeErrorMessage 315 | } 316 | } 317 | } 318 | 319 | function Write-AWSQuickStartStatus { 320 | [CmdletBinding()] 321 | Param() 322 | 323 | process { 324 | try { 325 | Write-Verbose "Checking error count" 326 | if((Get-AWSQuickStartErrorCount) -eq 0) { 327 | Write-Verbose "Getting Handle" 328 | $handle = Get-AWSQuickStartWaitHandle -ErrorAction SilentlyContinue 329 | if ($handle) { 330 | Invoke-Expression "cfn-signal.exe -e 0 '$handle'" 331 | } else { 332 | $resourceSignal = Get-AWSQuickStartResourceSignal -ErrorAction SilentlyContinue 333 | if ($resourceSignal) { 334 | Invoke-Expression "cfn-signal.exe -e 0 --stack '$($resourceSignal.Stack)' --resource '$($resourceSignal.Resource)' --region '$($resourceSignal.Region)'" 335 | } else { 336 | throw "No handle or stack/resource/region found in registry" 337 | } 338 | } 339 | } 340 | } 341 | catch { 342 | Write-Verbose $_.Exception.Message 343 | } 344 | } 345 | } 346 | 347 | function Write-AWSQuickStartCWLogsEntry { 348 | [CmdletBinding()] 349 | Param( 350 | [Parameter(Mandatory = $true)] 351 | [string] $logGroupName, 352 | [Parameter(Mandatory = $true)] 353 | [string] $LogStreamName, 354 | [Parameter(Mandatory = $true)] 355 | [string] $LogString 356 | ) 357 | Process { 358 | try { 359 | Write-Verbose "Checking for existing Log Group : $logGroupName" 360 | #Determine if the LogGroup Exists 361 | If (-Not (Get-CWLLogGroup -LogGroupNamePrefix $logGroupName)) { 362 | Write-Verbose "No existing Log Group found. Creating new Log Group : $logGroupName" 363 | New-CWLLogGroup -LogGroupName $logGroupName 364 | Write-Verbose "Creating new Log Stream : $logStreamName" 365 | New-CWLLogStream -LogGroupName $logGroupName -LogStreamName $logStreamName 366 | } 367 | #Determine if the LogStream Exists 368 | Write-Verbose "Existing Log Group found. Checking for existing Log Stream" 369 | If (-Not (Get-CWLLogStream -LogGroupName $logGroupName -LogStreamName $LogStreamName)) { 370 | Write-Verbose "Creating new Log Stream in existing Log Group : $logStreamName" 371 | New-CWLLogStream -LogGroupName $logGroupName -LogStreamName $logStreamName 372 | } 373 | 374 | $logEntry = New-Object -TypeName 'Amazon.CloudWatchLogs.Model.InputLogEvent' 375 | $logEntry.Message = $LogString 376 | $logEntry.Timestamp = (Get-Date).ToUniversalTime() 377 | #Get the next sequence token 378 | Write-Verbose "Checking for sequence token" 379 | $SequenceToken = (Get-CWLLogStream -LogGroupName $logGroupName -LogStreamNamePrefix $logStreamName).UploadSequenceToken 380 | if ($SequenceToken) { 381 | $splat = @{ 382 | LogEvent = $logEntry 383 | LogGroupName = $logGroupName 384 | LogStreamName = $logStreamName 385 | SequenceToken = $SequenceToken 386 | } 387 | Write-Verbose "Writing new log entry to existing Log Stream" 388 | Write-CWLLogEvent @splat 389 | } 390 | else { 391 | $splat = @{ 392 | LogEvent = $logEntry 393 | LogGroupName = $logGroupName 394 | LogStreamName = $logStreamName 395 | } 396 | Write-Verbose "Writing new log entry to newly created Log Stream" 397 | Write-CWLLogEvent @splat 398 | } 399 | } 400 | catch { 401 | Write-Verbose $_.Exception.Message 402 | } 403 | } 404 | } -------------------------------------------------------------------------------- /scripts/Create-ADServiceAccount.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | 4 | [Parameter(Mandatory=$true)] 5 | [string]$DomainNetBIOSName, 6 | 7 | [Parameter(Mandatory=$true)] 8 | [string]$DomainAdminUser, 9 | 10 | [Parameter(Mandatory=$true)] 11 | [string]$DomainAdminPassword, 12 | 13 | [Parameter(Mandatory=$true)] 14 | [string]$DomainDNSName, 15 | 16 | [Parameter(Mandatory=$true)] 17 | [string]$ServiceAccountUser, 18 | 19 | [Parameter(Mandatory=$true)] 20 | [string]$ServiceAccountPassword, 21 | 22 | [Parameter(Mandatory=$false)] 23 | [string]$ADServerNetBIOSName=$env:COMPUTERNAME 24 | 25 | ) 26 | 27 | try { 28 | Start-Transcript -Path C:\cfn\log\Create-ADServiceAccount.ps1.txt -Append 29 | $ErrorActionPreference = "Stop" 30 | 31 | $DomainAdminFullUser = $DomainNetBIOSName + '\' + $DomainAdminUser 32 | $ServiceAccountFullUser = $DomainNetBIOSName + '\' + $ServiceAccountUser 33 | $DomainAdminSecurePassword = ConvertTo-SecureString $DomainAdminPassword -AsPlainText -Force 34 | $DomainAdminCreds = New-Object System.Management.Automation.PSCredential($DomainAdminFullUser, $DomainAdminSecurePassword) 35 | $ServiceAccountSecurePassword = ConvertTo-SecureString $ServiceAccountPassword -AsPlainText -Force 36 | $UserPrincipalName = $ServiceAccountUser + "@" + $DomainDNSName 37 | $createUserSB = { 38 | $ErrorActionPreference = "Stop" 39 | if (-not (Get-Module -ListAvailable -Name ActiveDirectory)) { 40 | Install-WindowsFeature RSAT-AD-PowerShell 41 | } 42 | Write-Host "Searching for user $Using:ServiceAccountUser" 43 | if (Get-ADUser -Filter {sAMAccountName -eq $Using:ServiceAccountUser}) { 44 | Write-Host "User already exists." 45 | # Ensure that password is correct for the user 46 | if ((New-Object System.DirectoryServices.DirectoryEntry "", $Using:ServiceAccountFullUser, $Using:ServiceAccountPassword).PSBase.Name -eq $null) { 47 | throw "The password for $Using:ServiceAccountUser is incorrect" 48 | } 49 | } else { 50 | Write-Host "Creating user $Using:ServiceAccountUser" 51 | New-ADUser -Name $Using:ServiceAccountUser -UserPrincipalName $Using:UserPrincipalName -AccountPassword $Using:ServiceAccountSecurePassword -Enabled $true -PasswordNeverExpires $true 52 | } 53 | } 54 | 55 | try { 56 | Write-Host "Invoking command on $ADServerNetBIOSName" 57 | Invoke-Command -ScriptBlock $createUserSB -ComputerName $ADServerNetBIOSName -Credential $DomainAdminCreds 58 | } 59 | catch { 60 | Write-Host $_ 61 | Write-Host "Retrying user creation with CredSSP." 62 | Invoke-Command -ScriptBlock $createUserSB -ComputerName $ADServerNetBIOSName -Credential $DomainAdminCreds -Authentication Credssp 63 | } 64 | } 65 | catch { 66 | $_ | Write-AWSQuickStartException 67 | } 68 | -------------------------------------------------------------------------------- /scripts/Create-Share.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | 4 | [Parameter(Mandatory=$true)] 5 | [string]$DomainNetBIOSName, 6 | 7 | [Parameter(Mandatory=$true)] 8 | [string]$DomainAdminUser, 9 | 10 | [Parameter(Mandatory=$true)] 11 | [string]$DomainAdminPassword, 12 | 13 | [Parameter(Mandatory=$true)] 14 | [string]$ShareName, 15 | 16 | [Parameter(Mandatory=$true)] 17 | [string]$Path, 18 | 19 | [Parameter(Mandatory=$false)] 20 | [string]$ServerName='localhost', 21 | 22 | [Parameter(Mandatory=$true)] 23 | [string]$FolderPath, 24 | 25 | [Parameter(Mandatory=$true)] 26 | [string]$FolderName, 27 | 28 | [Parameter(Mandatory=$false)] 29 | [string[]]$FullAccessUser='everyone' 30 | 31 | ) 32 | 33 | try { 34 | Start-Transcript -Path C:\cfn\log\Create-Share.ps1.txt -Append 35 | $ErrorActionPreference = "Stop" 36 | 37 | $DomainAdminFullUser = $DomainNetBIOSName + '\' + $DomainAdminUser 38 | $DomainAdminSecurePassword = ConvertTo-SecureString $DomainAdminPassword -AsPlainText -Force 39 | $DomainAdminCreds = New-Object System.Management.Automation.PSCredential($DomainAdminFullUser, $DomainAdminSecurePassword) 40 | 41 | $CreateFolderPs={ 42 | $ErrorActionPreference = "Stop" 43 | New-Item -ItemType directory -Path $Using:FolderPath -Name $Using:FolderName 44 | } 45 | Invoke-Command -Scriptblock $CreateFolderPs -ComputerName $ServerName -Credential $DomainAdminCreds -ArgumentList $FolderPath,$FolderName 46 | 47 | $CreateSharePs={ 48 | $ErrorActionPreference = "Stop" 49 | New-SmbShare -Name $Using:ShareName -Path $Using:Path -FullAccess $Using:FullAccessUser 50 | } 51 | Invoke-Command -Scriptblock $CreateSharePs -ComputerName $ServerName -Credential $DomainAdminCreds 52 | } 53 | catch { 54 | $_ | Write-AWSQuickStartException 55 | } 56 | -------------------------------------------------------------------------------- /scripts/CreateWaitHandle.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [string] 4 | $Handle 5 | ) 6 | 7 | Write-Verbose "Creating Handle Key with $Handle" 8 | New-AWSQuickStartWaitHandle -Handle $Handle -------------------------------------------------------------------------------- /scripts/Disable-AutoLogon.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param() 3 | 4 | try { 5 | Remove-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -ErrorAction Stop | Out-Null 6 | Remove-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -ErrorAction Stop | Out-Null 7 | Remove-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -ErrorAction Stop | Out-Null 8 | } 9 | catch { 10 | $_ | Write-AWSQuickStartException 11 | } -------------------------------------------------------------------------------- /scripts/Disable-CredSSP.ps1: -------------------------------------------------------------------------------- 1 | try { 2 | Start-Transcript -Path C:\cfn\log\DisableCredSSP.ps1.txt -Append 3 | $ErrorActionPreference = "Stop" 4 | 5 | Disable-WSManCredSSP Client 6 | Disable-WSManCredSSP Server 7 | 8 | Remove-Item -Path 'hklm:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation\AllowFreshCredentials' -ErrorAction Ignore 9 | Remove-ItemProperty -Path 'hklm:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation' -Name 'AllowFreshCredentials' -ErrorAction Ignore 10 | Remove-Item -Path 'hklm:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation\AllowFreshCredentialsWhenNTLMOnly' -ErrorAction Ignore 11 | Remove-ItemProperty -Path 'hklm:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation' -Name 'AllowFreshCredentialsWhenNTLMOnly' -ErrorAction Ignore 12 | } 13 | catch { 14 | $_ | Write-AWSQuickStartException 15 | } 16 | -------------------------------------------------------------------------------- /scripts/DisableCredSsp.ps1: -------------------------------------------------------------------------------- 1 | try { 2 | Start-Transcript -Path C:\cfn\log\DisableCredSSP.ps1.txt -Append 3 | $ErrorActionPreference = "Stop" 4 | 5 | Disable-WSManCredSSP Client 6 | Disable-WSManCredSSP Server 7 | 8 | Remove-Item -Path 'hklm:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation\AllowFreshCredentials' -ErrorAction Ignore 9 | Remove-ItemProperty -Path 'hklm:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation' -Name 'AllowFreshCredentials' -ErrorAction Ignore 10 | Remove-Item -Path 'hklm:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation\AllowFreshCredentialsWhenNTLMOnly' -ErrorAction Ignore 11 | Remove-ItemProperty -Path 'hklm:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation' -Name 'AllowFreshCredentialsWhenNTLMOnly' -ErrorAction Ignore 12 | } 13 | catch { 14 | $_ | Write-AWSQuickStartException 15 | } 16 | -------------------------------------------------------------------------------- /scripts/Dockerfile: -------------------------------------------------------------------------------- 1 | # escape=` 2 | 3 | FROM microsoft/dotnet-framework:4.7.2-runtime 4 | 5 | SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] 6 | 7 | #Install NuGet CLI 8 | ENV NUGET_VERSION 4.4.1 9 | RUN New-Item -Type Directory $Env:ProgramFiles\NuGet; ` 10 | Invoke-WebRequest -UseBasicParsing https://dist.nuget.org/win-x86-commandline/v$Env:NUGET_VERSION/nuget.exe -OutFile $Env:ProgramFiles\NuGet\nuget.exe 11 | 12 | # Install VS Test Agent 13 | RUN Invoke-WebRequest -UseBasicParsing https://download.visualstudio.microsoft.com/download/pr/12210068/8a386d27295953ee79281fd1f1832e2d/vs_TestAgent.exe -OutFile vs_TestAgent.exe; ` 14 | Start-Process vs_TestAgent.exe -ArgumentList '--quiet', '--norestart', '--nocache' -NoNewWindow -Wait; ` 15 | Remove-Item -Force vs_TestAgent.exe; ` 16 | # Install VS Build Tools 17 | Invoke-WebRequest -UseBasicParsing https://download.visualstudio.microsoft.com/download/pr/12210059/e64d79b40219aea618ce2fe10ebd5f0d/vs_BuildTools.exe -OutFile vs_BuildTools.exe; ` 18 | # Installer won't detect DOTNET_SKIP_FIRST_TIME_EXPERIENCE if ENV is used, must use setx /M 19 | setx /M DOTNET_SKIP_FIRST_TIME_EXPERIENCE 1; ` 20 | Start-Process vs_BuildTools.exe -ArgumentList '--add', 'Microsoft.VisualStudio.Workload.MSBuildTools', '--add', 'Microsoft.VisualStudio.Workload.NetCoreBuildTools', '--add', 'Microsoft.VisualStudio.Workload.WebBuildTools;includeRecommended', '--quiet', '--norestart', '--nocache' -NoNewWindow -Wait; ` 21 | Remove-Item -Force vs_buildtools.exe; ` 22 | Remove-Item -Force -Recurse \"${Env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\"; ` 23 | Remove-Item -Force -Recurse ${Env:TEMP}\*; ` 24 | Remove-Item -Force -Recurse \"${Env:ProgramData}\Package Cache\" 25 | 26 | # Set PATH in one layer to keep image size down. 27 | RUN setx /M PATH $(${Env:PATH} ` 28 | + \";${Env:ProgramFiles}\NuGet\" ` 29 | + \";${Env:ProgramFiles(x86)}\Microsoft Visual Studio\2017\TestAgent\Common7\IDE\CommonExtensions\Microsoft\TestWindow\" ` 30 | + \";${Env:ProgramFiles(x86)}\Microsoft Visual Studio\2017\BuildTools\MSBuild\15.0\Bin\") 31 | 32 | # Install Targeting Packs 33 | RUN @('4.0', '4.5.2', '4.6.2', '4.7.2') ` 34 | | %{ ` 35 | Invoke-WebRequest -UseBasicParsing https://dotnetbinaries.blob.core.windows.net/referenceassemblies/v${_}.zip -OutFile referenceassemblies.zip; ` 36 | Expand-Archive -Force referenceassemblies.zip -DestinationPath \"${Env:ProgramFiles(x86)}\Reference Assemblies\Microsoft\Framework\.NETFramework\"; ` 37 | Remove-Item -Force referenceassemblies.zip; ` 38 | } -------------------------------------------------------------------------------- /scripts/Download-File.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [Parameter(Mandatory=$true)] 4 | [string]$Source, 5 | 6 | [Parameter(Mandatory=$true)] 7 | [string]$Destination 8 | ) 9 | 10 | function Get-S3BucketName { 11 | param( 12 | [Parameter(Mandatory=$true)] 13 | [string]$S3Uri 14 | ) 15 | 16 | return ($S3Uri -split '/')[2] 17 | } 18 | 19 | function Get-S3Key { 20 | param( 21 | [Parameter(Mandatory=$true)] 22 | [string]$S3Uri 23 | ) 24 | 25 | $bucketName = Get-S3BucketName -S3Uri $S3Uri 26 | 27 | return $S3Uri.Substring(("s3://$bucketName/").Length) 28 | } 29 | 30 | try { 31 | $ErrorActionPreference = "Stop" 32 | 33 | $parentDir = Split-Path $Destination -Parent 34 | if (-not (Test-Path $parentDir)) { 35 | New-Item -Path $parentDir -ItemType directory -Force | Out-Null 36 | } 37 | 38 | $qualifier = Split-Path $Source -Qualifier 39 | if ($qualifier -eq "s3:") { 40 | $tries = 5 41 | while ($tries -ge 1) { 42 | try { 43 | Read-S3Object -BucketName (Get-S3BucketName -S3Uri $Source) -Key (Get-S3Key -S3Uri $Source) -File $Destination -ErrorAction Stop 44 | break 45 | } 46 | catch { 47 | $tries-- 48 | Write-Verbose "Exception:" 49 | Write-Verbose "$_" 50 | if ($tries -lt 1) { 51 | throw $_ 52 | } 53 | else { 54 | Write-Verbose "Failed download. Retrying again in 5 seconds" 55 | Start-Sleep 5 56 | } 57 | } 58 | } 59 | } elseif ($qualifier -in ("http:","https:")) { 60 | Write-Verbose "Trying to download from $Source" 61 | $tries = 5 62 | while ($tries -ge 1) { 63 | try { 64 | (New-Object System.Net.WebClient).DownloadFile($Source,$Destination) 65 | break 66 | } 67 | catch { 68 | $tries-- 69 | Write-Verbose "Exception:" 70 | Write-Verbose "$_" 71 | if ($tries -lt 1) { 72 | throw $_ 73 | } 74 | else { 75 | Write-Verbose "Failed download. Retrying again in 5 seconds" 76 | Start-Sleep 5 77 | } 78 | } 79 | } 80 | } else { 81 | throw "$Source is not a valid S3, HTTP, or HTTPS URI" 82 | } 83 | } 84 | catch { 85 | $_ | Write-AWSQuickStartException 86 | } 87 | -------------------------------------------------------------------------------- /scripts/Enable-AutoLogon.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param ( 3 | [Parameter(Mandatory=$true)] 4 | [string] 5 | $UserName, 6 | 7 | [Parameter(Mandatory=$true)] 8 | [string] 9 | $Password, 10 | 11 | [Parameter(Mandatory=$false)] 12 | [string] 13 | $StartupScript 14 | ) 15 | 16 | try { 17 | New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -Value 1 -ErrorAction Stop | Out-Null 18 | New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -Value $UserName -ErrorAction Stop | Out-Null 19 | New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -Value $Password -ErrorAction Stop | Out-Null 20 | if (-not [string]::IsNullOrEmpty($StartupScript)) { 21 | New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce' -Name Install -Value $StartupScript -ErrorAction Stop | Out-Null 22 | } 23 | } 24 | catch { 25 | $_ | Write-AWSQuickStartException 26 | } -------------------------------------------------------------------------------- /scripts/Enable-CredSSP.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | 4 | [Parameter(Mandatory=$false)] 5 | [string]$DomainNetBIOSName, 6 | 7 | [Parameter(Mandatory=$false)] 8 | [string]$DomainDNSName, 9 | 10 | [Parameter(Mandatory=$false)] 11 | [string]$ServerName='*' 12 | ) 13 | 14 | try { 15 | Start-Transcript -Path C:\cfn\log\EnableCredSsp.ps1.txt -Append 16 | $ErrorActionPreference = "Stop" 17 | 18 | Enable-WSManCredSSP Client -DelegateComputer $ServerName -Force 19 | if ($DomainNetBIOSName) { 20 | Enable-WSManCredSSP Client -DelegateComputer *.$DomainNetBIOSName -Force 21 | } 22 | if ($DomainDNSName) { 23 | Enable-WSManCredSSP Client -DelegateComputer *.$DomainDNSName -Force 24 | } 25 | Enable-WSManCredSSP Server -Force 26 | 27 | # Sometimes Enable-WSManCredSSP doesn't get it right, so we set some registry entries by hand 28 | $parentkey = "hklm:\SOFTWARE\Policies\Microsoft\Windows" 29 | $key = "$parentkey\CredentialsDelegation" 30 | $freshkey = "$key\AllowFreshCredentials" 31 | $ntlmkey = "$key\AllowFreshCredentialsWhenNTLMOnly" 32 | New-Item -Path $parentkey -Name 'CredentialsDelegation' -Force 33 | New-Item -Path $key -Name 'AllowFreshCredentials' -Force 34 | New-Item -Path $key -Name 'AllowFreshCredentialsWhenNTLMOnly' -Force 35 | New-ItemProperty -Path $key -Name AllowFreshCredentials -Value 1 -PropertyType Dword -Force 36 | New-ItemProperty -Path $key -Name ConcatenateDefaults_AllowFresh -Value 1 -PropertyType Dword -Force 37 | New-ItemProperty -Path $key -Name AllowFreshCredentialsWhenNTLMOnly -Value 1 -PropertyType Dword -Force 38 | New-ItemProperty -Path $key -Name ConcatenateDefaults_AllowFreshNTLMOnly -Value 1 -PropertyType Dword -Force 39 | New-ItemProperty -Path $freshkey -Name 1 -Value "WSMAN/$ServerName" -PropertyType String -Force 40 | New-ItemProperty -Path $ntlmkey -Name 1 -Value "WSMAN/$ServerName" -PropertyType String -Force 41 | if ($DomainNetBIOSName) { 42 | New-ItemProperty -Path $freshkey -Name 2 -Value "WSMAN/$ServerName.$DomainNetBIOSName" -PropertyType String -Force 43 | New-ItemProperty -Path $ntlmkey -Name 2 -Value "WSMAN/$ServerName.$DomainNetBIOSName" -PropertyType String -Force 44 | } 45 | if ($DomainDNSName) { 46 | New-ItemProperty -Path $freshkey -Name 2 -Value "WSMAN/$ServerName.$DomainDNSName" -PropertyType String -Force 47 | New-ItemProperty -Path $ntlmkey -Name 2 -Value "WSMAN/$ServerName.$DomainDNSName" -PropertyType String -Force 48 | } 49 | 50 | } 51 | catch { 52 | $_ | Write-AWSQuickStartException 53 | } 54 | -------------------------------------------------------------------------------- /scripts/EnableCredSsp.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | 4 | [Parameter(Mandatory=$false)] 5 | [string]$DomainNetBIOSName, 6 | 7 | [Parameter(Mandatory=$false)] 8 | [string]$DomainDNSName, 9 | 10 | [Parameter(Mandatory=$false)] 11 | [string]$ServerName='*' 12 | ) 13 | 14 | try { 15 | Start-Transcript -Path C:\cfn\log\EnableCredSsp.ps1.txt -Append 16 | $ErrorActionPreference = "Stop" 17 | 18 | Enable-WSManCredSSP Client -DelegateComputer $ServerName -Force 19 | if ($DomainNetBIOSName) { 20 | Enable-WSManCredSSP Client -DelegateComputer *.$DomainNetBIOSName -Force 21 | } 22 | if ($DomainDNSName) { 23 | Enable-WSManCredSSP Client -DelegateComputer *.$DomainDNSName -Force 24 | } 25 | Enable-WSManCredSSP Server -Force 26 | 27 | # Sometimes Enable-WSManCredSSP doesn't get it right, so we set some registry entries by hand 28 | $parentkey = "hklm:\SOFTWARE\Policies\Microsoft\Windows" 29 | $key = "$parentkey\CredentialsDelegation" 30 | $freshkey = "$key\AllowFreshCredentials" 31 | $ntlmkey = "$key\AllowFreshCredentialsWhenNTLMOnly" 32 | New-Item -Path $parentkey -Name 'CredentialsDelegation' -Force 33 | New-Item -Path $key -Name 'AllowFreshCredentials' -Force 34 | New-Item -Path $key -Name 'AllowFreshCredentialsWhenNTLMOnly' -Force 35 | New-ItemProperty -Path $key -Name AllowFreshCredentials -Value 1 -PropertyType Dword -Force 36 | New-ItemProperty -Path $key -Name ConcatenateDefaults_AllowFresh -Value 1 -PropertyType Dword -Force 37 | New-ItemProperty -Path $key -Name AllowFreshCredentialsWhenNTLMOnly -Value 1 -PropertyType Dword -Force 38 | New-ItemProperty -Path $key -Name ConcatenateDefaults_AllowFreshNTLMOnly -Value 1 -PropertyType Dword -Force 39 | New-ItemProperty -Path $freshkey -Name 1 -Value "WSMAN/$ServerName" -PropertyType String -Force 40 | New-ItemProperty -Path $ntlmkey -Name 1 -Value "WSMAN/$ServerName" -PropertyType String -Force 41 | if ($DomainNetBIOSName) { 42 | New-ItemProperty -Path $freshkey -Name 2 -Value "WSMAN/$ServerName.$DomainNetBIOSName" -PropertyType String -Force 43 | New-ItemProperty -Path $ntlmkey -Name 2 -Value "WSMAN/$ServerName.$DomainNetBIOSName" -PropertyType String -Force 44 | } 45 | if ($DomainDNSName) { 46 | New-ItemProperty -Path $freshkey -Name 2 -Value "WSMAN/$ServerName.$DomainDNSName" -PropertyType String -Force 47 | New-ItemProperty -Path $ntlmkey -Name 2 -Value "WSMAN/$ServerName.$DomainDNSName" -PropertyType String -Force 48 | } 49 | 50 | } 51 | catch { 52 | $_ | Write-AWSQuickStartException 53 | } 54 | -------------------------------------------------------------------------------- /scripts/Install-Module.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [Parameter(Mandatory=$true)] 4 | [string[]]$Name, 5 | 6 | [Parameter(Mandatory=$false)] 7 | [string[]]$Scope = 'AllUsers' 8 | ) 9 | 10 | try { 11 | $ErrorActionPreference = "Stop" 12 | 13 | Import-Module PowerShellGet 14 | 15 | PowerShellGet\Install-Module -Name $Name -Scope $Scope 16 | } 17 | catch { 18 | $_ | Write-AWSQuickStartException 19 | } 20 | -------------------------------------------------------------------------------- /scripts/Install-WMF5.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [Parameter(Mandatory=$false)] 4 | [string]$Source = 'https://download.microsoft.com/download/2/C/6/2C6E1B4A-EBE5-48A6-B225-2D2058A9CEFB/Win8.1AndW2K12R2-KB3134758-x64.msu', 5 | 6 | [Parameter(Mandatory=$false)] 7 | [string]$Destination = 'C:\cfn\downloads\Win8.1AndW2K12R2-KB3134758-x64.msu' 8 | ) 9 | 10 | try { 11 | $ErrorActionPreference = "Stop" 12 | 13 | $parentDir = Split-Path $Destination -Parent 14 | if (-not (Test-Path $parentDir)) { 15 | New-Item -Path $parentDir -ItemType directory -Force | Out-Null 16 | } 17 | 18 | Write-Verbose "Trying to download from $Source" 19 | $tries = 5 20 | while ($tries -ge 1) { 21 | try { 22 | (New-Object System.Net.WebClient).DownloadFile($Source,$Destination) 23 | break 24 | } 25 | catch { 26 | $tries-- 27 | Write-Verbose "Exception:" 28 | Write-Verbose "$_" 29 | if ($tries -lt 1) { 30 | throw $_ 31 | } 32 | else { 33 | Write-Verbose "Failed download. Retrying again in 5 seconds" 34 | Start-Sleep 5 35 | } 36 | } 37 | } 38 | 39 | if ([System.IO.Path]::GetExtension($Destination) -eq '.msu') { 40 | Start-Process -FilePath wusa.exe -ArgumentList $Destination,'/quiet','/norestart' -Wait 41 | } else { 42 | throw "Unsupported file extension" 43 | } 44 | } 45 | catch { 46 | $_ | Write-AWSQuickStartException 47 | } 48 | -------------------------------------------------------------------------------- /scripts/Install-WMF51.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [Parameter(Mandatory=$false)] 4 | [string]$Source = 'https://go.microsoft.com/fwlink/?linkid=839516', 5 | 6 | [Parameter(Mandatory=$false)] 7 | [string]$Destination = 'C:\cfn\downloads\Win8.1AndW2K12R2-KB3191564-x64.msu' 8 | ) 9 | 10 | try { 11 | $ErrorActionPreference = "Stop" 12 | 13 | $parentDir = Split-Path $Destination -Parent 14 | if (-not (Test-Path $parentDir)) { 15 | New-Item -Path $parentDir -ItemType directory -Force | Out-Null 16 | } 17 | 18 | Write-Verbose "Trying to download from $Source" 19 | $tries = 5 20 | while ($tries -ge 1) { 21 | try { 22 | (New-Object System.Net.WebClient).DownloadFile($Source,$Destination) 23 | break 24 | } 25 | catch { 26 | $tries-- 27 | Write-Verbose "Exception:" 28 | Write-Verbose "$_" 29 | if ($tries -lt 1) { 30 | throw $_ 31 | } 32 | else { 33 | Write-Verbose "Failed download. Retrying again in 5 seconds" 34 | Start-Sleep 5 35 | } 36 | } 37 | } 38 | 39 | if ([System.IO.Path]::GetExtension($Destination) -eq '.msu') { 40 | Start-Process -FilePath wusa.exe -ArgumentList $Destination,'/quiet','/norestart' -Wait 41 | } else { 42 | throw "Unsupported file extension" 43 | } 44 | } 45 | catch { 46 | $_ | Write-AWSQuickStartException 47 | } 48 | -------------------------------------------------------------------------------- /scripts/Invoke-ADReplication.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [string] 4 | $UserName, 5 | 6 | [string] 7 | $Password, 8 | 9 | [string] 10 | $DomainController 11 | ) 12 | 13 | try { 14 | $pass = ConvertTo-SecureString $Password -AsPlainText -Force 15 | $cred = New-Object System.Management.Automation.PSCredential -ArgumentList $UserName,$pass 16 | 17 | $sb = { 18 | repadmin /syncall /A /e /P 19 | } 20 | 21 | Write-Verbose "Invoking repadmin on $DomainController" 22 | Invoke-Command -ScriptBlock $sb -ComputerName $DomainController -Credential $cred -ErrorAction Stop 23 | } 24 | catch { 25 | $_ | Write-AWSQuickStartException 26 | } -------------------------------------------------------------------------------- /scripts/Join-ADDSDomain.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param ( 3 | [Parameter(Mandatory=$true)] 4 | [string]$DomainName, 5 | 6 | [Parameter(Mandatory=$true)] 7 | [string]$UserName, 8 | 9 | [Parameter(Mandatory=$true)] 10 | [string]$Password, 11 | 12 | [Parameter(Mandatory=$false)] 13 | [string]$NewName, 14 | 15 | [Parameter(Mandatory=$false)] 16 | [switch]$Restart 17 | ) 18 | 19 | try { 20 | $ErrorActionPreference = "Stop" 21 | 22 | $securePassword = ConvertTo-SecureString $Password -AsPlainText -Force 23 | $creds = New-Object System.Management.Automation.PSCredential -ArgumentList $UserName,$securePassword 24 | 25 | $addComputerParams = @{ 26 | DomainName = $DomainName 27 | Credential = $creds 28 | Force = $true 29 | ErrorAction = [System.Management.Automation.ActionPreference]::Stop 30 | } 31 | 32 | if (-not [string]::IsNullOrEmpty($NewName)) { 33 | $renameComputerParams = @{ 34 | NewName = $NewName 35 | Force = $true 36 | } 37 | 38 | Rename-Computer @renameComputerParams 39 | 40 | $addComputerParams.Add("NewName",$NewName) 41 | } 42 | 43 | Add-Computer @addComputerParams 44 | 45 | if ($Restart) { 46 | # Execute restart after script exit and allow time for external services 47 | $shutdown = Start-Process -FilePath "shutdown.exe" -ArgumentList @("/r", "/t 10") -Wait -NoNewWindow -PassThru 48 | if ($shutdown.ExitCode -ne 0) { 49 | throw "[ERROR] shutdown.exe exit code was not 0. It was actually $($shutdown.ExitCode)." 50 | } 51 | } 52 | } 53 | catch { 54 | $_ | Write-AWSQuickStartException 55 | } 56 | -------------------------------------------------------------------------------- /scripts/Join-Domain.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [string] 4 | $DomainName, 5 | 6 | [string] 7 | $UserName, 8 | 9 | [string] 10 | $Password 11 | ) 12 | 13 | try { 14 | $ErrorActionPreference = "Stop" 15 | 16 | $pass = ConvertTo-SecureString $Password -AsPlainText -Force 17 | $cred = New-Object System.Management.Automation.PSCredential -ArgumentList $UserName,$pass 18 | 19 | Add-Computer -DomainName $DomainName -Credential $cred -ErrorAction Stop 20 | 21 | # Execute restart after script exit and allow time for external services 22 | $shutdown = Start-Process -FilePath "shutdown.exe" -ArgumentList @("/r", "/t 10") -Wait -NoNewWindow -PassThru 23 | if ($shutdown.ExitCode -ne 0) { 24 | throw "[ERROR] shutdown.exe exit code was not 0. It was actually $($shutdown.ExitCode)." 25 | } 26 | } 27 | catch { 28 | $_ | Write-AWSQuickStartException 29 | } 30 | -------------------------------------------------------------------------------- /scripts/Mount-DiskImage.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [Parameter(Mandatory=$true)] 4 | [string]$ImagePath 5 | ) 6 | 7 | try { 8 | $ErrorActionPreference = "Stop" 9 | 10 | Mount-DiskImage -ImagePath $ImagePath 11 | } 12 | catch { 13 | $_ | Write-AWSQuickStartException 14 | } -------------------------------------------------------------------------------- /scripts/New-LocalAdministrator.ps1: -------------------------------------------------------------------------------- 1 | param( 2 | $Name, 3 | $Password 4 | ) 5 | 6 | $cn = [ADSI]"WinNT://$($env:COMPUTERNAME)" 7 | $user = $cn.Create("User", $Name) 8 | $user.SetPassword($Password) 9 | $user.setinfo() 10 | $user.description = "Local administrator" 11 | $user.SetInfo() 12 | 13 | $adminGroup = [ADSI]"WinNT://$($env:COMPUTERNAME)/administrators, group" 14 | $adminGroup.Add($user.Path) -------------------------------------------------------------------------------- /scripts/Rename-Computer.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [Parameter(Mandatory=$true)] 4 | [string]$NewName, 5 | 6 | [Parameter(Mandatory=$false)] 7 | [switch]$Restart 8 | ) 9 | 10 | try { 11 | $ErrorActionPreference = "Stop" 12 | 13 | $renameComputerParams = @{ 14 | NewName = $NewName 15 | } 16 | 17 | Rename-Computer @renameComputerParams 18 | 19 | if ($Restart) { 20 | # Execute restart after script exit and allow time for external services 21 | $shutdown = Start-Process -FilePath "shutdown.exe" -ArgumentList @("/r", "/t 10") -Wait -NoNewWindow -PassThru 22 | if ($shutdown.ExitCode -ne 0) { 23 | throw "[ERROR] shutdown.exe exit code was not 0. It was actually $($shutdown.ExitCode)." 24 | } 25 | } 26 | } 27 | catch { 28 | $_ | Write-AWSQuickStartException 29 | } 30 | -------------------------------------------------------------------------------- /scripts/Reset-LocalAdminPassword.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [string] 4 | $password 5 | ) 6 | 7 | try { 8 | Write-Verbose "Resetting local admin password" 9 | ([adsi]("WinNT://$env:COMPUTERNAME/administrator, user")).psbase.invoke('SetPassword', $password) 10 | } 11 | catch { 12 | $_ | Write-AWSQuickStartException 13 | } -------------------------------------------------------------------------------- /scripts/Restart-Computer.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param() 3 | 4 | try { 5 | $ErrorActionPreference = "Stop" 6 | 7 | # Execute restart after script exit and allow time for external services 8 | $shutdown = Start-Process -FilePath "shutdown.exe" -ArgumentList @("/r", "/t 10") -Wait -NoNewWindow -PassThru 9 | if ($shutdown.ExitCode -ne 0) { 10 | throw "[ERROR] shutdown.exe exit code was not 0. It was actually $($shutdown.ExitCode)." 11 | } 12 | } 13 | catch { 14 | $_ | Write-AWSQuickStartException 15 | } 16 | -------------------------------------------------------------------------------- /scripts/Set-Dns.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [Parameter(Mandatory=$true)] 4 | [string]$ns1, 5 | 6 | [Parameter(Mandatory=$true)] 7 | [string]$ns2 8 | ) 9 | 10 | try { 11 | Start-Transcript -Path C:\cfn\log\Set-Dns.ps1.txt -Append 12 | $ErrorActionPreference = "Stop" 13 | 14 | Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses $ns1,$ns2 15 | 16 | } 17 | catch { 18 | $_ | Write-AWSQuickStartException 19 | } -------------------------------------------------------------------------------- /scripts/Set-PrimaryDNSSuffix.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param ( 3 | [string] 4 | [Parameter(Mandatory=$true, Position=0)] 5 | $Suffix 6 | ) 7 | 8 | # http://msdn.microsoft.com/en-us/library/ms724224(v=vs.85).aspx 9 | $ComputerNamePhysicalDnsDomain = 6 10 | 11 | try { 12 | Write-Verbose "Setting DNS Suffix" 13 | Add-Type -TypeDefinition @" 14 | using System; 15 | using System.Runtime.InteropServices; 16 | 17 | namespace ComputerSystem { 18 | public class Identification { 19 | [DllImport("kernel32.dll", CharSet = CharSet.Auto)] 20 | static extern bool SetComputerNameEx(int NameType, string lpBuffer); 21 | 22 | public static bool SetPrimaryDnsSuffix(string suffix) { 23 | try { 24 | return SetComputerNameEx($ComputerNamePhysicalDnsDomain, suffix); 25 | } 26 | catch (Exception) { 27 | return false; 28 | } 29 | } 30 | } 31 | } 32 | "@ 33 | 34 | [ComputerSystem.Identification]::SetPrimaryDnsSuffix($Suffix) 35 | 36 | Write-Verbose "Rebooting computer..." 37 | 38 | $ErrorActionPreference = "Stop" 39 | 40 | $shutdown = Start-Process -FilePath "shutdown.exe" -ArgumentList @("/r", "/t 10") -Wait -NoNewWindow -PassThru 41 | if ($shutdown.ExitCode -ne 0) { 42 | throw "[ERROR] shutdown.exe exit code was not 0. It was actually $($shutdown.ExitCode)." 43 | } 44 | } 45 | catch { 46 | $_ | Write-AWSQuickStartException 47 | } -------------------------------------------------------------------------------- /scripts/Unzip-Archive.ps1: -------------------------------------------------------------------------------- 1 | [CmdletBinding()] 2 | param( 3 | [string] 4 | $Source, 5 | 6 | [string] 7 | $Destination 8 | ) 9 | 10 | Write-Verbose "Loading System.IO.Compression.FileSystem Assembly" 11 | [System.Reflection.Assembly]::LoadWithPartialName('System.IO.Compression.FileSystem') 12 | 13 | Write-Verbose "Unpacking $Source to $Destination" 14 | [System.IO.Compression.ZipFile]::ExtractToDirectory($Source, $Destination) --------------------------------------------------------------------------------