diff --git a/powershell/Scripts/UserDataScripts/OnrBods.ps1 b/powershell/Scripts/UserDataScripts/OnrBods.ps1 index 3cf61e821..3d50adefe 100644 --- a/powershell/Scripts/UserDataScripts/OnrBods.ps1 +++ b/powershell/Scripts/UserDataScripts/OnrBods.ps1 @@ -1,53 +1,53 @@ $GlobalConfig = @{ "all" = @{ - "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" - "WindowsClientS3Folder" = "hmpps/onr" + "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" + "WindowsClientS3Folder" = "hmpps/onr" "Oracle19c64bitClientS3File" = "WINDOWS.X64_193000_client.zip" - "ORACLE_19C_HOME" = "E:\app\oracle\product\19.0.0\client_1" - "ORACLE_BASE" = "E:\app\oracle" - "IPSS3File" = "51054935.ZIP" # Information Platform Services 4.2 SP9 Patch 0 - "DataServicesS3File" = "DS4214P_11-20011165.exe" # Data Services 4.2 SP14 Patch 11 - "LINK_DIR" = "E:\SAP BusinessObjects\Data Services" - "BIP_INSTALL_DIR" = "E:\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0" - "RegistryPath" = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon" - "LegalNoticeCaption" = "IMPORTANT" - "LegalNoticeText" = "This system is restricted to authorized users only. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized terminate access now. Click OK to indicate your acceptance of this information" + "ORACLE_19C_HOME" = "E:\app\oracle\product\19.0.0\client_1" + "ORACLE_BASE" = "E:\app\oracle" + "IPSS3File" = "51054935.ZIP" # Information Platform Services 4.2 SP9 Patch 0 + "DataServicesS3File" = "DS4214P_11-20011165.exe" # Data Services 4.2 SP14 Patch 11 + "LINK_DIR" = "E:\SAP BusinessObjects\Data Services" + "BIP_INSTALL_DIR" = "E:\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0" + "RegistryPath" = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon" + "LegalNoticeCaption" = "IMPORTANT" + "LegalNoticeText" = "This system is restricted to authorized users only. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized terminate access now. Click OK to indicate your acceptance of this information" } "oasys-national-reporting-development" = @{ "OnrShortcuts" = @{ } } "oasys-national-reporting-test" = @{ - "sysDbName" = "T2BOSYS" - "audDbName" = "T2BOAUD" - "tnsorafile" = "tnsnames_T2_BODS.ora" - "cmsPrimaryNode" = "t2-onr-bods-1" + "sysDbName" = "T2BOSYS" + "audDbName" = "T2BOAUD" + "tnsorafile" = "tnsnames_T2_BODS.ora" + "cmsPrimaryNode" = "t2-onr-bods-1" # "cmsPrimaryNode" = "t2-tst-bods-asg" # Use this value when testing - # "cmsSecondaryNode" = "t2-onr-bods-2" - "cmsSecondaryNode" = "t2-tst-bods-asg" # Use this value when testing - "mainNodeHostName" = "EC2AMAZ-JM52FS3" # ADD MANUALLY AFTER cmsPrimaryNode DEPLOYED - "serviceUser" = "svc_nart" - "serviceUserPath" = "OU=Service,OU=Users,OU=NOMS RBAC,DC=AZURE,DC=NOMS,DC=ROOT" - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" + "cmsSecondaryNode" = "t2-onr-bods-2" + # "cmsSecondaryNode" = "t2-tst-bods-asg" # Use this value when testing + "cmsPrimaryNodeHostname" = "EC2AMAZ-JM52FS3" # ADD MANUALLY AFTER cmsPrimaryNode DEPLOYED + "serviceUser" = "svc_nart" + "serviceUserPath" = "OU=Service,OU=Users,OU=NOMS RBAC,DC=AZURE,DC=NOMS,DC=ROOT" + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" "serviceUserDescription" = "Onr BODS service user for AWS in AZURE domain" - "domain" = "AZURE" + "domain" = "AZURE" } "oasys-national-reporting-preproduction" = @{ - "sysDbName" = "PPBOSYS" - "audDbName" = "PPBOAUD" - "tnsorafile" = "tnsnames_PP_BODS.ora" - "cmsPrimaryNode" = "pp-onr-bods-1" - "cmsSecondaryNode" = "pp-onr-bods-2" - "mainNodeHostName" = "EC2AMAZ-669VK3E" # ADD MANUALLY AFTER cmsPrimaryNode DEPLOYED - "serviceUser" = "svc_nart" - "serviceUserPath" = "OU=SERVICE_ACCOUNTS,OU=RBAC,DC=AZURE,DC=HMPP,DC=ROOT" - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" + "sysDbName" = "PPBOSYS" + "audDbName" = "PPBOAUD" + "tnsorafile" = "tnsnames_PP_BODS.ora" + "cmsPrimaryNode" = "pp-onr-bods-1" + "cmsSecondaryNode" = "pp-onr-bods-2" + "cmsPrimaryNodeHostname" = "EC2AMAZ-669VK3E" # ADD MANUALLY AFTER cmsPrimaryNode DEPLOYED + "serviceUser" = "svc_nart" + "serviceUserPath" = "OU=SERVICE_ACCOUNTS,OU=RBAC,DC=AZURE,DC=HMPP,DC=ROOT" + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" "serviceUserDescription" = "Onr BODS service user for AWS in HMPP domain" - "domain" = "HMPP" + "domain" = "HMPP" } "oasys-national-reporting-production" = @{ "domain" = "HMPP" - } + } } # {{{ functions @@ -73,12 +73,12 @@ function Test-DbCredentials { # Define an array of database configurations $dbConfigs = @( @{ - Name = "$($Config.sysDbName)" + Name = "$($Config.sysDbName)" Username = "bods_ips_system_owner" Password = $bods_ips_system_owner }, @{ - Name = "$($Config.audDbName)" + Name = "$($Config.audDbName)" Username = "bods_ips_audit_owner" Password = $bods_ips_audit_owner } @@ -102,7 +102,7 @@ function Test-DbCredentials { function Get-Config { $tokenParams = @{ TimeoutSec = 10 - Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600} + Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } Method = 'PUT' Uri = 'http://169.254.169.254/latest/api/token' } @@ -110,7 +110,7 @@ function Get-Config { $instanceIdParams = @{ TimeoutSec = 10 - Headers = @{"X-aws-ec2-metadata-token" = $Token} + Headers = @{"X-aws-ec2-metadata-token" = $Token } Method = 'GET' Uri = 'http://169.254.169.254/latest/meta-data/instance-id' } @@ -187,11 +187,11 @@ function Get-SecretValue { function Get-InstanceTags { - $Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds"=3600} -Method PUT -Uri http://169.254.169.254/latest/api/token - $InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token} -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id - $TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId" - $Tags = $TagsRaw | ConvertFrom-Json - $Tags.Tags + $Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } -Method PUT -Uri http://169.254.169.254/latest/api/token + $InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token } -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id + $TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId" + $Tags = $TagsRaw | ConvertFrom-Json + $Tags.Tags } function Clear-PendingFileRenameOperations { @@ -214,13 +214,13 @@ function Clear-PendingFileRenameOperations { function Test-DatabaseConnection { param ( - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [String]$typePath, - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [String]$tnsName, - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [String]$username, - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [System.Security.SecureString]$securePassword ) @@ -239,10 +239,12 @@ function Test-DatabaseConnection { $connection.Open() Write-Host "Connection successful!" return 0 - } catch { + } + catch { Write-Host "Connection failed: $($_.Exception.Message)" return 1 - } finally { + } + finally { if ($connection -and $connection.State -eq 'Open') { $connection.Close() } @@ -265,7 +267,8 @@ function New-TnsOraFile { if (Test-Path $tnsOraFilePath) { Write-Host "Tnsnames.ora file found at $tnsOraFilePath" - } else { + } + else { Write-Error "Tnsnames.ora file not found at $tnsOraFilePath" exit 1 } @@ -358,8 +361,8 @@ function Install-IPS { # set Secret Names based on environment $dbenv = ($Tags | Where-Object { $_.Key -eq "oasys-national-reporting-environment" }).Value $siaNodeName = (($Tags | Where-Object { $_.Key -eq "Name" }).Value).Replace("-", "").ToUpper() # cannot contain hyphens - $bodsSecretName = "/sap/bods/$dbenv/passwords" - $bodsConfigName = "/sap/bods/$dbenv/config" + $bodsSecretName = "/sap/bods/$dbenv/passwords" + $bodsConfigName = "/sap/bods/$dbenv/config" $sysDbSecretName = "/oracle/database/$($Config.sysDbName)/passwords" $audDbSecretName = "/oracle/database/$($Config.audDbName)/passwords" @@ -375,8 +378,8 @@ function Install-IPS { $bods_cluster_key = Get-SecretValue -SecretId $bodsConfigName -SecretKey "bods_cluster_key" -ErrorAction SilentlyContinue $ips_product_key = Get-SecretValue -SecretId $bodsConfigName -SecretKey "ips_product_key" -ErrorAction SilentlyContinue -# Create response file for IPS silent install -$ipsResponseFilePrimary = @" + # Create response file for IPS silent install + $ipsResponseFilePrimary = @" ### Choose to integrate Introscope Enterprise Manager: integrate or nointegrate chooseintroscopeintegration=nointegrate ### Choose to integrate Solution Manager Diagnostics (SMD) Agent: integrate or nointegrate @@ -439,11 +442,11 @@ usingcmsdbtype=oracle features=JavaWebApps1,CMC.Monitoring,LCM,IntegratedTomcat,CMC.AccessLevels,CMC.Applications,CMC.Audit,CMC.Authentication,CMC.Calendars,CMC.Categories,CMC.CryptographicKey,CMC.Events,CMC.Folders,CMC.Inboxes,CMC.Licenses,CMC.PersonalCategories,CMC.PersonalFolders,CMC.Servers,CMC.Sessions,CMC.Settings,CMC.TemporaryStorage,CMC.UsersAndGroups,CMC.QueryResults,CMC.InstanceManager,CMS,FRS,PlatformServers.AdaptiveProcessingServer,PlatformServers.AdaptiveJobServer,ClientAuditingProxyProcessingService,LCMProcessingServices,MonitoringProcessingService,SecurityTokenService,DestinationSchedulingService,ProgramSchedulingService,Subversion,UpgradeManager,AdminTools "@ -$domainName = ($Tags | Where-Object { $_.Key -eq "domain-name" }).Value -$remoteSiaName = $($Config.MainNodeHostName).Replace("-", "").ToUpper() + $domainName = ($Tags | Where-Object { $_.Key -eq "domain-name" }).Value + $remoteSiaName = $($Config.cmsPrimaryNodeHostname).Replace("-", "").ToUpper() -# Create response file for IPS expanded install -$ipsResponseFileSecondary = @" + # Create response file for IPS expanded install + $ipsResponseFileSecondary = @" ### Choose to integrate Introscope Enterprise Manager: integrate or nointegrate chooseintroscopeintegration=nointegrate ### Choose to integrate Solution Manager Diagnostics (SMD) Agent: integrate or nointegrate @@ -483,7 +486,7 @@ remotecmsadminname=Administrator ### Remote CMS administrator password # remotecmsadminpassword=**** bods_admin_password value in silent install params ### Remote CMS name -remotecmsname=$($Config.MainNodeHostName).$domainName +remotecmsname=$($Config.cmsPrimaryNodeHostname).$domainName ### Remote CMS port remotecmsport=6400 ### Language Packs Selected to Install @@ -507,58 +510,63 @@ features=JavaWebApps1,CMC.Monitoring,LCM,IntegratedTomcat,CMC.AccessLevels,CMC.A "@ -$instanceName = ($Tags | Where-Object { $_.Key -eq "Name" }).Value -$ipsInstallIni = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\ips_install.ini" + $instanceName = ($Tags | Where-Object { $_.Key -eq "Name" }).Value + $ipsInstallIni = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\ips_install.ini" -if ($instanceName -eq $($Config.cmsPrimaryNode)) { - $ipsResponseFilePrimary | Out-File -FilePath "$ipsInstallIni" -Force -Encoding ascii -} elseif ($instanceName -eq $($Config.cmsSecondaryNode)) { - $ipsResponseFileSecondary | Out-File -FilePath "$ipsInstallIni" -Force -Encoding ascii -} else { - Write-Output "Unknown node type, cannot create response file" - exit 1 -} + if ($instanceName -eq $($Config.cmsPrimaryNode)) { + $ipsResponseFilePrimary | Out-File -FilePath "$ipsInstallIni" -Force -Encoding ascii + } + elseif ($instanceName -eq $($Config.cmsSecondaryNode)) { + $ipsResponseFileSecondary | Out-File -FilePath "$ipsInstallIni" -Force -Encoding ascii + } + else { + Write-Output "Unknown node type, cannot create response file" + exit 1 + } -Clear-PendingFileRenameOperations + Clear-PendingFileRenameOperations -$setupExe = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\setup.exe" + $setupExe = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\setup.exe" -if (-NOT(Test-Path $setupExe)) { - Write-Host "IPS setup.exe not found at $($setupExe)" - exit 1 -} + if (-NOT(Test-Path $setupExe)) { + Write-Host "IPS setup.exe not found at $($setupExe)" + exit 1 + } -if (-NOT(Test-Path $ipsInstallIni)) { - Write-Host "IPS response file not found at $ipsInstallIni" - exit 1 -} + if (-NOT(Test-Path $ipsInstallIni)) { + Write-Host "IPS response file not found at $ipsInstallIni" + exit 1 + } -$logFile = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\install_ips_sp.log" -New-Item -Type File -Path $logFile -Force | Out-Null + $logFile = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\install_ips_sp.log" + New-Item -Type File -Path $logFile -Force | Out-Null -# add Oracle client path to the powershell session -$env:Path += ";E:\app\oracle\product\19.0.0\client_1\bin" + # add Oracle client path to the powershell session + $env:Path += ";E:\app\oracle\product\19.0.0\client_1\bin" -$env:Path -split ";" | ForEach-Object { - Write-Host $_ -} + $env:Path -split ";" | ForEach-Object { + Write-Host $_ + } -Write-Host "Starting IPS installer at $(Get-Date)" + Write-Host "Starting IPS installer at $(Get-Date)" try { "Starting IPS installer at $(Get-Date)" | Out-File -FilePath $logFile -Append if ($instanceName -eq $($Config.cmsPrimaryNode)) { - $process = Start-Process -FilePath "E:\Software\IPS\DATA_UNITS\IPS_win\setup.exe" -ArgumentList '/wait','-r E:\Software\IPS\DATA_UNITS\IPS_win\ips_install.ini',"cmspassword=$bods_admin_password","existingauditingdbpassword=$bods_ips_audit_owner","existingcmsdbpassword=$bods_ips_system_owner","lcmpassword=$bods_subversion_password" -Wait -NoNewWindow -Verbose -PassThru - } elseif ($instanceName -eq $($Config.cmsSecondaryNode)) { - $process = Start-Process -FilePath "E:\Software\IPS\DATA_UNITS\IPS_win\setup.exe" -ArgumentList '/wait','-r E:\Software\IPS\DATA_UNITS\IPS_win\ips_install.ini',"remotecmsadminpassword=$bods_admin_password","existingcmsdbpassword=$bods_ips_system_owner","lcmpassword=$bods_subversion_password" -Wait -NoNewWindow -Verbose -PassThru - } else { + $process = Start-Process -FilePath "E:\Software\IPS\DATA_UNITS\IPS_win\setup.exe" -ArgumentList '/wait', '-r E:\Software\IPS\DATA_UNITS\IPS_win\ips_install.ini', "cmspassword=$bods_admin_password", "existingauditingdbpassword=$bods_ips_audit_owner", "existingcmsdbpassword=$bods_ips_system_owner", "lcmpassword=$bods_subversion_password" -Wait -NoNewWindow -Verbose -PassThru + } + elseif ($instanceName -eq $($Config.cmsSecondaryNode)) { + $process = Start-Process -FilePath "E:\Software\IPS\DATA_UNITS\IPS_win\setup.exe" -ArgumentList '/wait', '-r E:\Software\IPS\DATA_UNITS\IPS_win\ips_install.ini', "remotecmsadminpassword=$bods_admin_password", "existingcmsdbpassword=$bods_ips_system_owner", "lcmpassword=$bods_subversion_password" -Wait -NoNewWindow -Verbose -PassThru + } + else { Write-Output "Unknown node type, cannot start installer" exit 1 } $installProcessId = $process.Id "Initial process is $installProcessId at $(Get-Date)" | Out-File -FilePath $logFile -Append "Stopped IPS installer at $(Get-Date)" | Out-File -FilePath $logFile -Append - } catch { + } + catch { $exception = $_.Exception "Failed to start installer at $(Get-Date)" | Out-File -FilePath $logFile -Append "Exception Message: $($exception.Message)" | OUt-File -FilePath $logFile -Append @@ -574,7 +582,7 @@ function Install-DataServices { [hashtable]$Config ) - if (Get-Package | Where-Object { $_.Name -Like "SAP Data Services*"}) { + if (Get-Package | Where-Object { $_.Name -Like "SAP Data Services*" }) { Write-Output "Data Services is already installed" return } @@ -592,8 +600,8 @@ function Install-DataServices { # set Secret Names based on environment $Tags = Get-InstanceTags $dbenv = ($Tags | Where-Object { $_.Key -eq "oasys-national-reporting-environment" }).Value - $bodsSecretName = "/sap/bods/$dbenv/passwords" - $bodsConfigName = "/sap/bods/$dbenv/config" + $bodsSecretName = "/sap/bods/$dbenv/passwords" + $bodsConfigName = "/sap/bods/$dbenv/config" # passwords from /sap/bods/$dbenv/passwords $service_user_password = Get-SecretValue -SecretId $bodsSecretName -SecretKey "svc_nart" -ErrorAction SilentlyContinue @@ -602,7 +610,7 @@ function Install-DataServices { # config values from /sap/bods/$dbenv/config $data_services_product_key = Get-SecretValue -SecretId $bodsConfigName -SecretKey "data_services_product_key" -ErrorAction SilentlyContinue -$dataServicesResponsePrimary = @" + $dataServicesResponsePrimary = @" ### #property.CMSAUTHENTICATION.description# cmsauthentication=secEnterprise ### CMS administrator password @@ -653,9 +661,9 @@ selectedlanguagepacks=en features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataServicesDesigner,DataServicesClient,DataServicesManagementConsole,DataServicesEIMServices,DataServicesMessageClient,DataServicesDataDirect,DataServicesDocumentation "@ -$domainName = ($Tags | Where-Object { $_.Key -eq "domain-name" }).Value + $domainName = ($Tags | Where-Object { $_.Key -eq "domain-name" }).Value -$dataServicesResponseSecondary = @" + $dataServicesResponseSecondary = @" ### #property.CMSAUTHENTICATION.description# cmsauthentication=secEnterprise ### CMS administrator password @@ -671,7 +679,7 @@ dscmsenablessl=0 ### #property.CMSServerPort.description# dscmsport=6400 ### #property.CMSServerName.description# -dscmssystem=$($Config.MainNodeHostName).$domainName +dscmssystem=$($Config.cmsPrimaryNodeHostname).$domainName ### #property.CMSUser.description# dscmsuser=Administrator ### #property.DSCommonDir.description# @@ -697,7 +705,7 @@ installdir=E:\SAP BusinessObjects\ ### #property.IsCommonDirChanged.description# iscommondirchanged=1 ### #property.MasterCmsName.description# -mastercmsname=$($Config.MainNodeHostName).$domainName +mastercmsname=$($Config.cmsPrimaryNodeHostname).$domainName ### #property.MasterCmsPort.description# mastercmsport=6400 ### Keycode for the product. @@ -713,16 +721,18 @@ features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataS if ($instanceName -eq $Config.cmsPrimaryNode) { $dataServicesResponsePrimary | Out-File -FilePath $dsInstallIni -Force -Encoding ascii - } elseif ($instanceName -eq $Config.cmsSecondaryNode) { + } + elseif ($instanceName -eq $Config.cmsSecondaryNode) { $dataServicesResponseSecondary | Out-File -FilePath $dsInstallIni -Force -Encoding ascii - } else { + } + else { Write-Output "Unknown node type, cannot create response file" exit 1 } $dataServicesInstallParams = @{ FilePath = "$WorkingDirectory\$($Config.DataServicesS3File)" - ArgumentList = "-q","-r","$dsInstallIni","cmspassword=$bods_admin_password","dscmspassword=$bods_admin_password","dslogininfothispassword=$service_user_password" + ArgumentList = "-q", "-r", "$dsInstallIni", "cmspassword=$bods_admin_password", "dscmspassword=$bods_admin_password", "dslogininfothispassword=$service_user_password" Wait = $true NoNewWindow = $true } @@ -745,11 +755,13 @@ features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataS if (Test-Path $destination) { Write-Output "Copying JDBC driver to $destination" Copy-Item -Path $jdbcDriverPath -Destination $destination - } else { + } + else { Write-Output "Destination $destination does not exist, skipping" } } - } else { + } + else { Write-Output "JDBC driver not found at $jdbcDriverPath" exit 1 } @@ -759,8 +771,8 @@ features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataS function Move-ModPlatformADComputer { [CmdletBinding()] param ( - [Parameter(Mandatory=$true)][System.Management.Automation.PSCredential]$ModPlatformADCredential, - [Parameter(Mandatory=$true)][string]$NewOU + [Parameter(Mandatory = $true)][System.Management.Automation.PSCredential]$ModPlatformADCredential, + [Parameter(Mandatory = $true)][string]$NewOU ) $ErrorActionPreference = "Stop" @@ -776,7 +788,8 @@ function Move-ModPlatformADComputer { try { $computer = Get-ADComputer -Credential $ModPlatformADCredential -Filter "Name -eq '$env:COMPUTERNAME'" -ErrorAction Stop if ($computer -and $computer.objectGUID) { break } - } catch { + } + catch { Write-Verbose "Get-ADComputer failed: $_" } Start-Sleep -Seconds 5 @@ -829,7 +842,7 @@ Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameter Write-Host "Registry updated to prefer IPv4 over IPv6. A system restart is required for changes to take effect." # Turn off the firewall as this will possibly interfere with Sia Node creation -Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False +Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled False # Set local time zone to UK although this should now be set by Group Policy objects Set-TimeZone -Name "GMT Standard Time" @@ -855,17 +868,18 @@ $ErrorActionPreference = "Continue" Import-Module ModPlatformAD -Force $ADConfig = Get-ModPlatformADConfig if ($null -ne $ADConfig) { - $ADCredential = Get-ModPlatformADJoinCredential -ModPlatformADConfig $ADConfig - if (Add-ModPlatformADComputer -ModPlatformADConfig $ADConfig -ModPlatformADCredential $ADCredential) { - # Get the AD Admin credentials - $ADAdminCredential = Get-ModPlatformADAdminCredential -ModPlatformADConfig $ADConfig - # Move the computer to the correct OU - Move-ModPlatformADComputer -ModPlatformADCredential $ADAdminCredential -NewOU $($Config.nartComputersOU) - Exit 3010 # triggers reboot if running from SSM Doc - } -} else { - Write-Output "No domain-name tag found so apply Local Group Policy" - . .\LocalGroupPolicy.ps1 + $ADCredential = Get-ModPlatformADJoinCredential -ModPlatformADConfig $ADConfig + if (Add-ModPlatformADComputer -ModPlatformADConfig $ADConfig -ModPlatformADCredential $ADCredential) { + # Get the AD Admin credentials + $ADAdminCredential = Get-ModPlatformADAdminCredential -ModPlatformADConfig $ADConfig + # Move the computer to the correct OU + Move-ModPlatformADComputer -ModPlatformADCredential $ADAdminCredential -NewOU $($Config.nartComputersOU) + Exit 3010 # triggers reboot if running from SSM Doc + } +} +else { + Write-Output "No domain-name tag found so apply Local Group Policy" + . .\LocalGroupPolicy.ps1 } # }}}