You are browsing the archive for 2013 December.

Orchestrator 2012 R2: Unattended installation / Command Line

10:04 am in Uncategorized by Christopher Keyaert

Hi Guys,

When you have to deploy products in your lab or at your customer, there is nothing more boring that going through the Next Next Setup again and again, one day after the other. It’s why I’ will share with you the command lines that I use to install the different System Center components.

Today we will start with unattended installation of System Center Orchestrator 2012 R2.

Orchestrator – All Components:

Import-Module ServerManager
Add-WindowsFeature NET-Framework-Core

& 'E:\Setup\Setup.exe' /InstallDir:'C:\Program Files (x86)\Microsoft System Center 2012 R2\Orchestrator' /DbServer:db.domhome.local /DbNameNew:OrchDB /WebServicePort:81 /WebConsolePort:82 /OrchestratorRemote /UseMicrosoftUpdate:0 /SendCEIPReports:0 /EnableErrorReporting:never /Components:all /ServiceUserName:'XXXX\XXXXXX' /ServicePassword:'XXXX' /Key:XXXXX-XXXXX-XXXX-XXXX-XXXXX /Silent

Orchestrator – Runbook Designer:

Import-Module ServerManager
Add-WindowsFeature NET-Framework-Core

& 'E:\Setup\Setup.exe' /InstallDir:'C:\Program Files (x86)\Microsoft System Center 2012 R2\Orchestrator' /OrchestratorRemote /UseMicrosoftUpdate:0 /SendCEIPReports:0 /EnableErrorReporting:never /Components:RunbookDesigner /Key:XXXXX-XXXXX-XXXX-XXXX-XXXXX /Silent

Orchestrator – Runbook Server:

Import-Module ServerManager
Add-WindowsFeature NET-Framework-Core

& 'E:\Setup\Setup.exe' /InstallDir:'C:\Program Files (x86)\Microsoft System Center 2012 R2\Orchestrator' /DbServer:DB.domhome.local /DbNameExisting:OrchDB /OrchestratorRemote /UseMicrosoftUpdate:0 /SendCEIPReports:0 /EnableErrorReporting:never /Components:RunbookServer /ServiceUserName:'XXXX\XXXXXX' /ServicePassword:'XXXXX' /Key:XXXXX-XXXXX-XXXX-XXXX-XXXXX /Silent

Orchestrator – Orchestrator Console (Web Console):

Import-Module ServerManager
Add-WindowsFeature NET-Framework-Core

& 'E:\Setup\Setup.exe' /InstallDir:'C:\Program Files (x86)\Microsoft System Center 2012 R2\Orchestrator' /DbServer:DB.domhome.local /DbNameExisting:OrchDB /OrchestratorRemote /UseMicrosoftUpdate:0 /SendCEIPReports:0 /EnableErrorReporting:never /Components:WebComponents /WebServicePort:81 /WebConsolePort:82 /ServiceUserName:'XXXX\XXXXXX' /ServicePassword:'XXXXX' /Key:XXXXX-XXXXX-XXXX-XXXX-XXXXX /Silent

And voila J

To ensure that everything has been installed correctly, the log file is available at the following path:
C:\Users\USERNAME\AppData\Local\Microsoft System Center 2012\Orchestrator\Logs

All parameters for the commands above are available on TechNet:
http://technet.microsoft.com/en-us/library/hh674378.aspx

Next post will be about the unattended installation of Operations Manager 2012 R2.

Cheers
Christopher

Windows Azure: S2S VPN with dynamic public IP

9:34 pm in Uncategorized by Christopher Keyaert

Hi Folks,

Some weeks ago, I decided to focus myself a bit more on Windows Azure and tests several scenarios. The first one was to establish a Site to Site VPN between Windows Azure and my lab at home.
Microsoft is now supporting Windows Server 2012 Routing and Remote Access Service (RRAS) as VPN device with Windows Azure, so all I need is to create a new VM for this task.

To configure and establish the connection with RRAS, I recommend you the two following guides:

http://blogs.technet.com/b/arnaud/archive/2013/06/06/cloud-hybride-vpn-site-224-site-avec-azure-et-windows-server-2012.aspx
http://fabriccontroller.net/blog/posts/setting-up-software-based-site-to-site-vpn-for-windows-azure-with-windows-server-2012-routing-and-remote-access/

These guides are quite complete and I didn’t have any problem to establish the connection.

When you configure your Azure network, it will create an IPSEC tunnel between Azure and your site. During this process, you will have to specify a VPN Gateway Address, which is simply your ISP Internet public IP.
If your Internet Service Provider (ISP) provides you a fix IP, no problem, you are all set. Now, if your ISP provides you a public IP that is changing every x days (like me), each time this IP will change, the VPN connection will go down and you will have to update your public IP in the Azure Web Interface.

Even if I’m using this S2S VPN connection for testing purpose only, updating my public IP manually into Azure Web Interface, this is not an option for me. Hopefully, PowerShell is there to help us.

Two prerequisites:
Install the Windows Azure PowerShell Module:
http://go.microsoft.com/?linkid=9811175&clcid=0x409

Subscribe to a service like http://www.no-ip.com or http://www.dyndns.com which will make your public IP point to a subdomain. (With an automatic update when your IP is changing).

The first thing to do is to retrieve the Azure Settings, for that, simply run the following command:

Import-Module "C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\Azure\Azure.psd1"
#Execute: Get-AzurePublishSettingsFile; Save .publishsettings file locally
Get-AzurePublishSettingsFile

It will retrieve a file similar to this one, which is containing all the necessary information to connect to your Azure Subscription.
Save this file in a secure location as it gives a full access to your Azure Subscription.

Configuration the following parameters:

Import-Module "C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\Azure\Azure.psd1"
#Variables
$Path = "E:\AzureConfig"
$DynDNS = "xxxx.no-ip.com"
$AzureSubscriptionName = "Windows Azure MSDN - Visual Studio Ultimate"
$AzurePublishSettingsFile = "$Path\Windows Azure MSDN - Visual Studio Ultimate-11-19-2013-credentials.publishsettings"

You could find your Azure Subscription name, simply by clicking on Subscriptions in the Azure Web Interface.

Connect to Windows Azure with the connection file that you save earlier thanks to the Get-AzurePublishSettingsFile command.

#Execute: Import-AzurePublishSettingsFile; reference local .publishsettings file
Import-AzurePublishSettingsFile -PublishSettingsFile $AzurePublishSettingsFile
Set-AzureSubscription -SubscriptionName $AzureSubscriptionName
Select-AzureSubscription -SubscriptionName $AzureSubscriptionName

This part of the script will get your ISP Public IP from your No-IP.com or DynDns subscription and also the current public IP configured in Windows Azure.

#Get IP based on the Domain Name
[string]$IP = ([System.Net.DNS]::GetHostAddresses($DynDNS)).IPAddressToString

#Get AzureVnetConfiguration
Get-AzureVnetConfig -ExportToFile "$Path\AzurevNetConfigCurrent.xml" | Out-Null

[XML]$xml = Get-Content "$Path\AzurevNetConfigCurrent.xml"
[string]$AzureIP =  $xml.NetworkConfiguration.VirtualNetworkConfiguration.LocalNetworkSites.LocalNetworkSite.VPNGatewayAddress

Now, we simply need to configuration if your current public IP is still the same that the one configure in Windows Azure. If the IP is still the same, no modification needed. If the IP has changed, the script will update in Azure.

#Check if the IPs are still the same
if($IP -ne $AzureIP)
{
  #IP Changed, we need to update
  Write-host "IP Update In Progress..."

  #Update the configuration file
  $xml.NetworkConfiguration.VirtualNetworkConfiguration.LocalNetworkSites.LocalNetworkSite.VPNGatewayAddress =  $IP
  $xml.Save("$Path\AzurevNetConfigNew.xml")

  #Upload the configuration file to Azure
  $Ret = Set-AzureVNetConfig -ConfigurationPath "$Path\AzurevNetConfigNew.xml"
  if($Ret.OperationStatus -eq "Succeeded")
  {
   Write-host "IP Updated Successfully"
  }
  else
  {
   Write-host "IP Update Failed"
  }

  # Dial-in to Azure gateway (optional and only if this script is running on the RRAS server)
  #Connect-VpnS2SInterface -Name xxx.xxx.xxx.xxx

}
else
{
#IP didn't change, nothing to do
Write-host "IP Already Up To Date"
}

Normally, your RRAS server will try to reconnect to Windows Azure every x seconds. As soon as the IP will be updated, the connection will be re-established.
Personally, I’m running this script every 5 minutes, directly on my RRAS server. You could also force your RRAS to initiate the connection via the Connect-VpnS2SInterface -Name xxx.xxx.xxx.xxx command.

Now the complete script :

#Perform Prerequisite Setup Steps First
#Download latest Windows Azure PowerShell Module:
Import-Module "C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\Azure\Azure.psd1"

#Execute: Get-AzurePublishSettingsFile; Save .publishsettings file locally
Get-AzurePublishSettingsFile

#Variables
$Path = "C:\Scripts"
$DynDNS = "syno.vnext.be"
$AzureSubscriptionName = "Windows Azure MSDN - Visual Studio Ultimate"
$AzurePublishSettingsFile = "$Path\Windows Azure MSDN - Visual Studio Ultimate-11-19-2013-credentials.publishsettings"

#Execute: Import-AzurePublishSettingsFile; reference local .publishsettings file
Import-AzurePublishSettingsFile -PublishSettingsFile $AzurePublishSettingsFile
Set-AzureSubscription -SubscriptionName $AzureSubscriptionName
Select-AzureSubscription -SubscriptionName $AzureSubscriptionName

#Get IP based on the Domain Name
[string]$IP = ([System.Net.DNS]::GetHostAddresses($DynDNS)).IPAddressToString

#Get AzureVnetConfiguration
Get-AzureVnetConfig -ExportToFile "$Path\AzurevNetConfigCurrent.xml" | Out-Null

[XML]$xml = Get-Content "$Path\AzurevNetConfigCurrent.xml"
[string]$AzureIP =  $xml.NetworkConfiguration.VirtualNetworkConfiguration.LocalNetworkSites.LocalNetworkSite.VPNGatewayAddress

#Check if the IPs are still the same
if($IP -ne $AzureIP)
{
  #IP Changed, we need to update
  Write-host "IP Update In Progress..."

  #Update the configuration file
  $xml.NetworkConfiguration.VirtualNetworkConfiguration.LocalNetworkSites.LocalNetworkSite.VPNGatewayAddress =  $IP
  $xml.Save("$Path\AzurevNetConfigNew.xml")

  #Upload the configuration file to Azure
  $Ret = Set-AzureVNetConfig -ConfigurationPath "$Path\AzurevNetConfigNew.xml"
  if($Ret.OperationStatus -eq "Succeeded")
  {
   Write-host "IP Updated Successfully"
  }
  else
  {
   Write-host "IP Update Failed"
  }

  # Dial-in to Azure gateway (optional and only if this script is running on the RRAS server)
  #Connect-VpnS2SInterface -Name xxx.xxx.xxx.xxx

}
else
{
#IP didn't change, nothing to do
Write-host "IP Already Up To Date"
}

Thanks to this script, I have now a permanent Site to Site VPN connection between Windows Azure and my lab at home, even with an ISP dynamic public IP.
Feel free to comment, update and share!!!

Christopher