您可以自定义并使用以下示例脚本来将克隆的虚拟机 (VM) 加入 Active Directory (AD) 域。
如果使用 Winbind 解决方案进行 AD 集成,您需要运行此脚本,因为将克隆的虚拟机加入域的步骤会失败。此脚本会运行一个命令以在每个虚拟机上加入域。如果使用 OpenLDAP 解决方案,则您无需运行此脚本。
要复制和粘贴不包含分页符的脚本内容,请使用此主题的 HTML 版本,您可以从位于 https://www.vmware.com/support/pubs/view_pubs.html 的 Horizon 7 文档页面找到该版本。
脚本输入
此脚本将读取一个输入文件,用于部署 Linux 桌面的示例 PowerCLI 脚本的输入文件中对此做了介绍。此脚本还会以交互方式要求提供以下信息:
- vCenter Server 的 IP 地址
- vCenter Server 的管理员登录名称
- vCenter Server 的管理员密码
- ESXi 主机的管理员登录名称
- ESXi 主机的管理员密码
- Linux 虚拟机的用户登录名称
- Linux 虚拟机的用户密码
- 有权将计算机加入域中的 AD 用户的登录名称
- 获授权的 AD 用户的密码
脚本内容
<#
.SYNOPSIS
run command "sudo /usr/bin/net ads join"
.DESCRIPTION
The tool is to run the command "sudo /usr/bin/net ads join" to join Linux to AD
.NOTES
#>
#------------------------- Functions -------------------------
function GetInput
{
Param($prompt, $IsPassword = $false)
$prompt = $prompt + ": "
Write-Host $prompt -NoNewLine
[Console]::ForegroundColor = "Blue"
if ($IsPassword)
{
$input = Read-Host -AsSecureString
$input = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($input))
}
else
{
$input = Read-Host
}
[Console]::ResetColor()
return $input
}
#------------------------- Handle input -------------------------
"-----------------------------------------------------"
$vcAddress = GetInput -prompt "Your vCenter address" -IsPassword $false
$vcAdmin = GetInput -prompt "Your vCenter admin user name" -IsPassword $false
$vcPassword = GetInput -prompt "Your vCenter admin user password" -IsPassword $true
"-----------------------------------------------------"
$hostAdmin = GetInput -prompt 'Your ESXi host admin user name, such as root' -IsPassword $false
$hostPassword = GetInput -prompt "Your ESXi admin user password" -IsPassword $true
"-----------------------------------------------------"
$guestUser = GetInput -prompt 'Your VM guest OS user name' -IsPassword $false
$guestPassword = GetInput -prompt 'Your VM guest OS user password' -IsPassword $true
"-----------------------------------------------------"
$adUser = GetInput -prompt 'Type the AD user name to join the AD' -IsPassword $false
""
"`nPlease type the AD user password."
"Plase note that special character in password may not work with the script"
$adUserPassword = GetInput -prompt 'Your AD user password' -IsPassword $true
"-----------------------------------------------------"
#$csvFile = Read-Host 'Csv File '
$csvFile = '.\CloneVMs.csv'
#------------------------- Main Script -------------------------
#Connect to vCenter
#Connect to vCenter
$VC_Conn_State = Connect-VIServer $vcAddress -user $vcAdmin -password $vcPassword
if([string]::IsNullOrEmpty($VC_Conn_State))
{
Write-Host 'Exit since failed to login vCenter'
exit
}
else
{
Write-Host 'vCenter is connected'
}
#Read input CSV file
$csvData = Import-CSV $csvFile
$destFolder = "/home/$guestUser/"
#Handle VMs one by one
foreach ($line in $csvData)
{
"`n-----------------------------------------------------"
$VMName = $line.VMName
write-host -ForeGroundColor Yellow "VM: $VMName`n"
$cmd = "sudo /usr/bin/net ads join -U $adUser%$adUserPassword"
Write-Host "Run cmd 'sudo /usr/bin/net ads join' in VM '$VMName' with user '$guestUser'"
Invoke-VMScript -HostUser $hostAdmin -HostPassword $hostPassword -VM $VMName -GuestUser $guestUser -GuestPassword $guestPassword -Confirm:$false -ScriptType Bash -ScriptText $cmd
}
Disconnect-VIServer $vcAddress -Confirm:$false
exit
脚本执行
下面是执行脚本时显示的消息:
PowerCLI C:\scripts> .\ClonedVMs_JoinDomain.ps1 -------------------------------------------------- Your vCenter address: 10.117.44.17 Your vCenter admin user name: administrator Your vCenter admin user password: ******* -------------------------------------------------- Your ESXi host admin user name, such as root: root Your ESXi host admin user password: ******* -------------------------------------------------- Your VM guest OS user name: ViewUser Your VM guest OS user password: ******* -------------------------------------------------- Type the AD user name to join the AD: viewadmin Please type the AD user password. Please note that special character in password may not work with the script. Your AD user password: *******
