使用 SSH 將複製的虛擬機器加入 AD 網域的範例指令碼

您可以自訂和使用下列範例指令碼，以將複製的虛擬機器 (VM) 加入 Active Directory (AD) 網域。此指令碼使用 SSH 在 Linux 虛擬機器上執行命令。

如果您對 AD 整合使用 Winbind 解決方案，則必須執行此指令碼，因為加入網域的步驟對複製的虛擬機器將會失敗。此指令碼會在每個虛擬機器上執行命令來加入網域。如果您使用 OpenLDAP 解決方案，則不需要執行此指令碼。

若要複製和貼上不含分頁符號的指令碼內容，請使用本主題的 HTML 版本，您可以從 Horizon7 文件頁面取得，網址是：https://www.vmware.com/support/pubs/view_pubs.html。

指令碼輸入

此指令碼會讀取一個輸入檔，在用於部署 Linux 桌面平台的範例 PowerCLI 指令碼輸入檔中有加以描述。此指令碼也會互動地要求下列資訊：

vCenter Server 的 IP 位址
vCenter Server 的管理員登入名稱
vCenter Server 的管理員密碼
Linux 虛擬機器的使用者登入名稱
Linux 虛擬機器的使用者密碼
獲得授權可將機器加入網域的 AD 使用者的登入名稱
獲得授權之 AD 使用者的密碼

指令碼內容

<#
.SYNOPSIS
run command "sudo /usr/bin/net ads join" via SSH

.DESCRIPTION
The tool is to run the command "sudo /usr/bin/net ads join" to join Linux machine to AD via SSH

.NOTES
#>
#------------------------- Functions -------------------------
function GetInput
{
    Param($prompt, $IsPassword = $false)
    $prompt = $prompt + ": "
    Write-Host $prompt -NoNewLine
    [Console]::ForegroundColor = "Blue"
    if ($IsPassword)
    {
        $input = Read-Host -AsSecureString
        $input = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($input))
    }
    else
    {
        $input = Read-Host
    }
    
    [Console]::ResetColor()
    return $input
}

function Check_SSH_Client
{
    Param($IsPlink, $IsPSCP)
    if ($IsPlink)
    {
        if (Test-Path ".\plink.exe")
        {
          write-host  -ForeGroundColor Yellow 'SSH client "plink.exe" found'
        }   
        else
        {
          write-host  -ForeGroundColor Red 'SSH client "plink.exe" not found, please download from its official web site'
          exit
        }
    }    
    if ($IsPSCP)
    {
        if (Test-Path ".\pscp.exe")
        {
          write-host  -ForeGroundColor Yellow 'SSH client "pscp.exe" found'
        }   
        else
        {
          write-host  -ForeGroundColor Red 'SSH client "pscp.exe" not found, please download from its official web site'
          exit
        }
    } 
}

function RunCmdViaSSH
{
    Param($VM_Name, $User, $Password, $Cmd, $returnOutput = $false)
    
    $VM= Get-VM $VM_Name
    $IP = $VM.guest.IPAddress[0]
    write-host "Run cmd on $VM_Name ($IP)"
    if($returnOutput)
    {
        $command = "echo yes | .\plink.exe -ssh -l $user -pw $password $IP " + '"' + $cmd +'"'
        $output = Invoke-Expression $command
        return $output    
    }
    else
    {
        echo yes | .\plink.exe -ssh -l $user -pw $password $IP "$cmd"
    }
    
}

function UploadFileViaSSH
{
    Param($VM_Name, $User, $Password, $LocalPath, $DestPath)
    
    $VM= Get-VM $VM_Name
    $IP = $VM.guest.IPAddress[0]
    $command = "echo yes | .\pscp.exe -l $User -pw $Password $LocalPath $IP" + ":" + "$DestPath"
    write-host "Upload file: $command"
    Invoke-Expression $command
}

#------------------------- Handle input -------------------------
"-----------------------------------------------------"
Check_SSH_Client -IsPlink $true -IsPSCP $false
"-----------------------------------------------------"
$vcAddress = GetInput -prompt "Your vCenter address" -IsPassword $false
$vcAdmin = GetInput -prompt "Your vCenter admin user name" -IsPassword $false
$vcPassword = GetInput -prompt "Your vCenter admin user password" -IsPassword $true
"-----------------------------------------------------"
$guestUser = GetInput -prompt 'Your VM guest OS user name' -IsPassword $false
$guestPassword = GetInput -prompt 'Your VM guest OS user password' -IsPassword $true
"-----------------------------------------------------"
$adUser = GetInput -prompt 'Type the AD user name to join the AD' -IsPassword $false
""
"`nPlease type the AD user password."
[Console]::ForegroundColor = "Yellow"
"Plase note that special character should be escaped. For example, $ should be \$"
[Console]::ResetColor()
$adUserPassword = GetInput -prompt 'Your AD user password' -IsPassword $true
"-----------------------------------------------------"

#$csvFile = Read-Host 'Csv File '
$csvFile = '.\CloneVMs.csv'

#------------------------- Main Script -------------------------

#Connect to vCenter
$VC_Conn_State = Connect-VIServer $vcAddress -user $vcAdmin -password $vcPassword
if([string]::IsNullOrEmpty($VC_Conn_State))
{
   Write-Host 'Exit since failed to login vCenter'
   exit
}
else
{
  Write-Host 'vCenter is connected'
}

#Read input CSV file
$csvData = Import-CSV $csvFile

$destFolder = "/home/$guestUser/"

#Handle VMs one by one
foreach ($line in $csvData)
{
    "-----------------------------------------------------"
    $VMName = $line.VMName
    write-host  -ForeGroundColor Yellow "VM: $VMName`n"
    
    $cmd = "sudo /usr/bin/net ads join -U $adUser%$adUserPassword"
    Write-Host "Run cmd 'sudo /usr/bin/net ads join' in VM '$VMName' with user '$guestUser'"
    RunCmdViaSSH -VM_Name $VMName -User $guestUser -Password $guestPassword -Cmd $cmd
}

Disconnect-VIServer $vcAddress -Confirm:$false
exit

指令碼執行

下列訊息是來自指令碼的執行：

PowerCLI C:\scripts> .\ClonedVMs_JoinDomain_SSH.ps1
--------------------------------------------------
Your vCenter address: 10.117.44.17
Your vCenter admin user name: administrator
Your vCenter admin user password: *******
--------------------------------------------------
Your VM guest OS user name: ViewUser
Your VM guest OS user password: *******
--------------------------------------------------
Type the AD user name to join the AD: viewadmin
Please type the AD user password.
Please note that special character should be escaped. For example, $ should be \$
Your AD user password: *******