Server Fault Asked by Arjen on December 22, 2020
For a project we are working we require a Windows Server 2016 virtual machine instance, for now referred to as winvm
, with Active Directory Domain Services (ADDS) and Active Domain Certificate Services (ADCS) enabled.
I have written a Powershell script on my local machine that I send through ssh
/scp
to my CentOS 8 VM used for maintenance, for now referred to as centosvm
. So far I achieved to connect centosvm
with winvm
through rdp, more specifically FreeRDP. I am able to share folders and therefore files, which I can subsequently manually run using the pop-up GUI that shows my Windows Server desktop. I wish to be able to automate this more, but I am currently stuck due to security policies of Windows.
ssh
is disabled by default, so I am unable to use Ansible on this fresh image without manually enabling it./app:{path/to/application}
option and allows for arguments to be passed with /app-cmd:{command line arguments here}
. The issue with this is that Windows Server 2016 has a default registry value that disables RDP from executing applications. See the bottom of this page for more information. Changing the value does allow RDP to execute applications and send the relevant arguments, but it still requires manual input. Since Windows blocks this for RDP in general, other software providing RDP connections such as Rdesktop should result in the same behaviour.winvm
with HTTPS(? they use port 443) and execute it non-interactively. For this project we want our code base to be largely platform-agnostic, so relying on an Azure-exclusive feature is out of the question.With the last point in mind, I still have a glimmer of hope that this can be fully automated, i.e. executing a script on centosvm
without user interaction that fully configures ADDS and ADCS. If Azure can do it, then why can’t we?
Anyone has any experience on this subject?
My infrastructure looks like this:
Non-Azure:
centosvm
.Relevant Azure resources (built through Terraform):
centosvm
: [CentOS 8] Only resource with a public ip that I can reach from my local machine. Private IP is 10.0.2.11winvm
: [Windows Server 2016] Resource with only a private IP @ 10.0.2.10 in the same subnet as centosvm
, reachable through rdp
.Thanks in advance!
P.S. Doing the setup manually is not the end of the world, but we would just like to streamline the process as much as possible. I would appreciate it if the answers were not simply along the lines of "well if the scripts are small enough then just keep doing it manually".
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP