{"id":290319,"date":"2018-10-04T14:15:15","date_gmt":"2018-10-04T10:15:15","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=290319"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=290319","title":{"rendered":"\u041a\u0430\u043a \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d? \u0420\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e"},"content":{"rendered":"\n
\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043d\u043e\u0432\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b \u2014 \u044d\u0442\u043e \u0440\u0443\u0442\u0438\u043d\u0430, \u043e\u0442\u043d\u0438\u043c\u0430\u044e\u0449\u0430\u044f \u043c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438. \u0418 \u0447\u0435\u043c \u0431\u043e\u043b\u044c\u0448\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f, \u0442\u0435\u043c \u0431\u043e\u043b\u044c\u0448\u0435 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u0442\u0438\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u043c. \u041c\u044b \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e PowerShell. <\/p>\n

\u0414\u043e\u0431\u0440\u043e \u043f\u043e\u0436\u0430\u043b\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434 \u043a\u0430\u0442, \u0435\u0441\u043b\u0438 \u0432\u0430\u043c \u044d\u0442\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e.<\/p>\n

<\/p>\n

<\/a>
\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0441\u0442\u044b \u043d\u0435 \u043b\u044e\u0431\u044f\u0442 \u0434\u0435\u043b\u0430\u0442\u044c \u0434\u0432\u043e\u0439\u043d\u0443\u044e \u0440\u0430\u0431\u043e\u0442\u0443, \u0441\u0438\u0441\u0430\u0434\u043c\u0438\u043d\u044b \u0442\u043e\u0436\u0435.<\/p>\n

\u041d\u0438\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u0440 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u043d\u0430\u0448\u0438\u0445 \u0437\u0430\u043a\u0430\u0437\u0447\u0438\u043a\u043e\u0432.<\/p>\n

\u041c\u044b \u0445\u043e\u0442\u0435\u043b\u0438 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0442\u0430\u043a, \u0447\u0442\u043e\u0431\u044b \u043b\u044e\u0431\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440 \u0438\u043b\u0438 project-\u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 \u0441\u043c\u043e\u0433 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0441\u0438\u043b\u0438\u044f\u043c\u0438 \u0438 \u0437\u0430 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u0440\u043e\u043a. \u0423 \u043d\u0430\u0448\u0435\u0433\u043e \u0437\u0430\u043a\u0430\u0437\u0447\u0438\u043a\u0430 \u0435\u0441\u0442\u044c ITSM-\u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0432 \u0434\u0430\u043d\u043d\u043e\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u0435 \u044d\u0442\u043e ServiceNow, \u043c\u044b \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0443\u044e web-\u0444\u043e\u0440\u043c\u0443 \u0432 \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435. \u0414\u043b\u044f \u00ab\u0437\u0430\u043a\u0430\u0437\u0430\u00bb \u043d\u043e\u0432\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0437\u0430\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u043e\u043b\u044f \u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u044c \u00ab\u0437\u0430\u043a\u0430\u0437\u00bb, \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432, \u0438 \u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c \u0433\u043e\u0442\u043e\u0432\u0443\u044e \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u043c\u0430\u0448\u0438\u043d\u0443.<\/p>\n

\u0418\u0442\u0430\u043a, \u0434\u0430\u0432\u0430\u0439\u0442\u0435 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c, \u0447\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0443, \u0447\u0442\u043e\u0431\u044b \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443:<\/p>\n

<\/p>\n

VM Description: \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b
<\/b>\u0422\u0443\u0442 \u043d\u0443\u0436\u043d\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u044f\u0441\u043d\u0435\u043d\u0438\u044f. \u0412 \u043d\u0430\u0448\u0435\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f PowerShell 5.1, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u043a\u0430 Windows-only, \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c \u043c\u044b \u043f\u043e\u0441\u0442\u0430\u0440\u0430\u0435\u043c\u0441\u044f \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 Unix-\u043c\u0430\u0448\u0438\u043d \u0438 \u043f\u0435\u0440\u0435\u0439\u0434\u0435\u043c \u043d\u0430 PowerShell Core.<\/p>\n

OS<\/b>, \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430. \u041d\u0438\u043a\u0430\u043a\u0438\u0445 \u043e\u0441\u043e\u0431\u044b\u0445 \u043f\u0440\u0435\u043f\u044f\u0442\u0441\u0442\u0432\u0438\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Windows 2008 (R2) \u043d\u0435\u0442, \u043d\u043e \u043c\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c 2012R2 \u0438\u043b\u0438 2016.<\/p>\n

VM Size<\/b>, \u0440\u0430\u0437\u043c\u0435\u0440 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b. \u0423 \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043e \u043f\u043e-\u0441\u0432\u043e\u0435\u043c\u0443, \u0432 \u0434\u0430\u043d\u043d\u043e\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u0435 Small 1CPU-4Gb Ram, Medium 2CPU-8Gb, Large 4-16.<\/p>\n

VM Storage<\/b>, Disk 0 (C:\\) \u0438\u043c\u0435\u0435\u0442 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0440\u0430\u0437\u043c\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b \u043d\u0435 \u043c\u043e\u0436\u0435\u0442\u0435 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043b\u0435\u043a\u0442\u043e\u0440 Fast\/Slow storage. \u00abFast\u00bb \u2014 \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c Storage Tier \u0441 SSD, \u0430 \u00abSlow\u00bb \u2014 \u044d\u0442\u043e storage \u043d\u0430 \u00ab\u043e\u0431\u044b\u0447\u043d\u044b\u0445\u00bb HDD (\u043a\u043e\u043d\u0435\u0447\u043d\u043e \u2014 SAN). Disk1 (Disk2 \u0438 \u0434\u0430\u043b\u0435\u0435) \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u044e\u0442 \u0441\u0435\u043b\u0435\u043a\u0442\u043e\u0440 \u0432\u044b\u0431\u043e\u0440\u0430 \u0442\u0438\u043f\u0430 Storage, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043b\u044f \u0434\u043b\u044f \u0432\u0432\u043e\u0434\u0430 \u0436\u0435\u043b\u0430\u0435\u043c\u043e\u0433\u043e \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432 \u0433\u0438\u0433\u0430\u0431\u0430\u0439\u0442\u0430\u0445, Letter \u0434\u043b\u044f \u0440\u0430\u0437\u0434\u0435\u043b\u0430 \u0438 \u0440\u0430\u0437\u043c\u0435\u0440 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 (\u0447\u0442\u043e \u0432\u0430\u0436\u043d\u043e \u0434\u043b\u044f SQL Server).<\/p>\n

Trust<\/b>, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u043c, \u0447\u0442\u043e \u043c\u0430\u0448\u0438\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c Domain-joined \u0438\u043b\u0438 \u043d\u0435\u0442, \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0438\u0437 Public Network \u0438\u043b\u0438 \u043d\u0435\u0442.<\/p>\n

Type<\/b>, \u0442\u0438\u043f \u043c\u0430\u0448\u0438\u043d\u044b. \u041f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u043c\u043e\u0436\u043d\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u043a\u0430\u043a front-end \u0438\u043b\u0438 back-end \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0436\u0435 other \u0432\u043e \u0432\u0441\u0435\u0445 \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0441\u043b\u0443\u0447\u0430\u044f\u0445. \u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0432\u044b\u0431\u0440\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u043c\u044b \u0441\u043c\u043e\u0436\u0435\u043c \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0443\u044e \u043f\u043e\u0434\u0441\u0435\u0442\u044c \u0434\u043b\u044f \u043c\u0430\u0448\u0438\u043d\u044b.<\/p>\n

Environment<\/b>, \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0437\u0430\u043a\u0430\u0437\u0447\u0438\u043a\u0430 \u0435\u0441\u0442\u044c \u0434\u0432\u0430 \u0434\u0430\u0442\u0430 \u0446\u0435\u043d\u0442\u0440\u0430: Primary (Production) \u0438 Secondary (Dev\/test), DC \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u043c\u0435\u0436\u0434\u0443 \u0441\u043e\u0431\u043e\u0439 \u0431\u044b\u0441\u0442\u0440\u043e\u043c \u043a\u0430\u043d\u0430\u043b\u043e\u043c \u0441\u0432\u044f\u0437\u0438 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0442 \u043e\u0442\u043a\u0430\u0437\u043e\u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c. \u041f\u043e \u0434\u043e\u0433\u043e\u0432\u043e\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0432\u0441\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u0432 Primary DC \u0438\u043c\u0435\u044e\u0442 IP-\u0430\u0434\u0440\u0435\u0441, \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0449\u0438\u0439\u0441\u044f \u043d\u0430 10.230, \u0430 \u0432 Secondary DC \u2014 \u043d\u0430 10.231.<\/p>\n

(SLA) Service Level Agreement<\/b>, \u044d\u0442\u043e\u0442 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u043e \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.<\/p>\n

\u041f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f<\/b>. \u041c\u044b \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 SQL Server. \u041d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0438\u0437\u0434\u0430\u043d\u0438\u0435, instance name \u0438 collation. \u0422\u0430\u043a\u0436\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438 Web Server \u0440\u043e\u043b\u044c \u0438 \u043c\u043d\u043e\u0433\u043e\u0435 \u0434\u0440\u0443\u0433\u043e\u0435.<\/p>\n

\u0422\u0435\u043f\u0435\u0440\u044c \u043d\u0430\u043c \u043d\u0443\u0436\u043d\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u043a\u0430\u043a \u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0432\u044b\u0431\u0440\u0430\u043d\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f. \u041c\u044b \u0440\u0435\u0448\u0438\u043b\u0438, \u0447\u0442\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0443\u0434\u043e\u0431\u043d\u044b\u0439 \u0444\u043e\u0440\u043c\u0430\u0442 \u2014 JSON-\u0444\u0430\u0439\u043b. \u041a\u0430\u043a \u044f \u0433\u043e\u0432\u043e\u0440\u0438\u043b \u0440\u0430\u043d\u0435\u0435, \u0432 \u0441\u0440\u0435\u0434\u0435 \u0437\u0430\u043a\u0430\u0437\u0447\u0438\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f ITSM ServiceNow; \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0432\u044b\u0431\u0440\u0430\u043b \u0432\u0441\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f, \u043d\u0430\u0436\u0438\u043c\u0430\u0435\u0442 \u043a\u043d\u043e\u043f\u043a\u0443 \u00aborder\u00bb \u0438 \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e ServiceNow \u043f\u0435\u0440\u0435\u0434\u0430\u0435\u0442 \u0432\u0441\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043d\u0430\u0448\u0435\u043c\u0443 PowerShell-\u0441\u043a\u0440\u0438\u043f\u0442\u0443 (\u043d\u0430 back-end ServiceNow), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438 \u0441\u043e\u0437\u0434\u0430\u0441\u0442 JSON-\u0444\u0430\u0439\u043b. \u0412\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u044d\u0442\u043e \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0442\u0430\u043a:<\/p>\n

.\\CreateConfiguration.ps1 -SecurityZone trusted -VMDescription \"VM for CRM System\" -Requestor \"evgeniy.vpro\" -OSVersion 2k16 -OSEdition Standard -BuildNewVM -VMEnvironment Prod -VMServiceLevel GOLD -VMSize Medium -Disk0Tier Fast -Disk1Size 50 -Disk1Tier Eco -Disk1Letter D -MSSQLServer -MSSQLInstanceName \"Instance1\" -SQLCollation Latin1_General_CI_AS -SQLEdition Standard -Disk2Size 35 -Disk3Size 65 <\/code><\/pre>\n
  \u0412 \u0442\u0435\u043b\u0435 CreateConfiguration .ps1 \u0441\u043a\u0440\u0438\u043f\u0442\u0430:<\/p>\n
#\u0441\u043e\u0437\u0434\u0430\u0435\u043c PowerShell-\u043e\u0431\u044a\u0435\u043a\u0442 $config = [ordered]@{}  #\u0418 \u0437\u0430\u043f\u043e\u043b\u043d\u044f\u0435\u043c \u0435\u0433\u043e \u0432\u0445\u043e\u0434\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438.  $config.SecurityZone=$SecurityZone <\/code><\/pre>\n
  \u0412 \u043a\u043e\u043d\u0446\u0435 \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u0443\u0435\u043c \u043d\u0430\u0448 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432 JSON-\u0444\u0430\u0439\u043b:<\/p>\n
$ServerConfig = New-Object \u2013TypeName PSObject  $config ConvertTo-Json -InputObject $ServerConfig -Depth 100 | Out-File \"C:\\Configs\\TargetNodes\\Build\\$($Hostname.ToLower()).json\" -Force  <\/code><\/pre>\n
  \u041f\u0440\u0438\u043c\u0435\u0440\u043d\u044b\u0439 \u043e\u0431\u0440\u0430\u0437\u0435\u0446 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438:<\/p>\n
{     \"Hostname\":  \"dsctest552\",     \"SecurityZone\":  \"trusted\",     \"Domain\":  \"testdomain\",     \"Requestor\":  \"evgeniy.vpro\",     \"VM\":  {                \"Size\":  \"Medium\",                \"Environment\":  \"Prod\",                \"SLR\":  \"GOLD\",                \"DbEngine\":  \"MSSQL\",                \"RAM\":  8,                \"Storage\":  [                                {                                    \"Id\":  0,                                    \"Tier\":  \"Fast\",                                    \"Size\":  \"100\",                                    \"Allocation\":  4,                                    \"Letter\":  \"C\"                                },                                {                                    \"Id\":  1,                                    \"Tier\":  \"Eco\",                                    \"Size\":  50,                                    \"Label\":  \"Data\",                                    \"Allocation\":  64,                                    \"Letter\":  \"D\"                                },                                {                                    \"Id\":  2,                                    \"Tier\":  \"Fast\",                                    \"Size\":  35,                                    \"Label\":  \"Data\",                                    \"Allocation\":  64,                                    \"Letter\":  \"E\"                                },                                {                                    \"Id\":  3,                                    \"Tier\":  \"Fast\",                                    \"Size\":  65,                                    \"Label\":  \"Data\",                                    \"Allocation\":  64,                                    \"Letter\":  \"F\"                                }                            ]            },     \"Network\":  {                     \"MAC\":  \"\",                     \"IP\":  \"10.230.168.50\",                     \"Gateway\":  \"10.230.168.1\",                     \"VLAN\":  \u201cVLAN168\u201d                 },     \"OS\":  {                \"Version\":  \"2k16\",                \"Edition\":  \"Standard\",                \"Administrators\":  [                                       \"LocaAdmin\",                                       \"testdomain\\\\ Security-LocalAdmins\"                                   ]            },     \"OU\":  \"OU=Servers,OU=Staging,DC=testdomain\",     \"Applications\":  [                          {                              \"Application\":  \"Microsoft SQL Server 2016\",                              \"InstanceName\":  \"vd\",                              \"Collation\":  \"Latin1_General_CI_AS\",                              \"Edition\":  \"Standard\",                              \"Features\":  \"SQLENGINE\",                              \"Folders\":  {                                              \"DataRoot\":  \"F:\\\\MSSQL\",                                              \"UserDB\":  \"F:\\\\MSSQL\\\\MSSQL11.vd\\\\MSSQL\\\\Data\",                                              \"UserLog\":  \"E:\\\\MSSQL\\\\MSSQL11.vd\\\\MSSQL\\\\Log\",                                              \"TempDB\":  \"D:\\\\MSSQL\\\\MSSQL11.vd\\\\MSSQL\\\\TempDB\",                                              \"TempDBLog\":  \"D:\\\\MSSQL\\\\MSSQL11.vd\\\\MSSQL\\\\TempDB\",                                              \"Backup\":  \"E:\\\\MSSQL\\\\MSSQL11.vd\\\\MSSQL\\\\Backup\"                                          },                              \"MaxMemory\":  2147483647                          }                      ],     \"Description\":  \"VM for CRM\",     \"Certificate\":  {                         \"File\":  null,                         \"Thumbprint\":  null                     },     \"Version\":  0 } <\/code><\/pre>\n
  \u0412\u044b \u043c\u043e\u0433\u043b\u0438 \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0432 \u0432\u0435\u0431-\u0444\u043e\u0440\u043c\u0435 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u043e \u0438\u043c\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b \u0438 IP-\u0430\u0434\u0440\u0435\u0441. \u041c\u044b \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c \u044d\u0442\u0438 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:<\/p>\n
  \u0418\u043c\u044f \u043c\u0430\u0448\u0438\u043d\u044b<\/b>, \u0432 ITSM ServiceNow \u0435\u0441\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0434\u0435\u043b: CMDB (Configuration Management Data Base), \u0432 \u044d\u0442\u043e\u0439 \u0431\u0430\u0437\u0435 \u0445\u0440\u0430\u043d\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445, \u0438\u0445 \u0441\u0442\u0430\u0442\u0443\u0441, \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0438 \u043f\u0440\u043e\u0447\u0435\u0435. \u041c\u044b \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u043f\u043e\u0440\u044f\u0434\u043a\u0430 200 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0441\u043e \u0441\u0442\u0430\u0442\u0443\u0441\u043e\u043c Allocated. \u0427\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0438\u043c\u044f \u0434\u043b\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b \u043c\u044b \u0434\u0435\u043b\u0430\u0435\u043c REST-\u0437\u0430\u043f\u0440\u043e\u0441 \u043a CMDB \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c \u043f\u0435\u0440\u0432\u0443\u044e \u00ab\u0441\u0432\u043e\u0431\u043e\u0434\u043d\u0443\u044e\u00bb \u0437\u0430\u043f\u0438\u0441\u044c \u0438 \u043c\u0435\u043d\u044f\u0435\u043c \u0435\u0451 \u0441\u0442\u0430\u0442\u0443\u0441 \u0441 Allocated \u043d\u0430 Pending install.<\/p>\n
  IP \u0430\u0434\u0440\u0435\u0441 \u0438 VLAN<\/b>, \u043c\u044b \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 IPAM \u0432 \u043d\u0430\u0448\u0435\u0439 \u0441\u0435\u0442\u0438 \u2014 \u044d\u0442\u043e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u0430\u044f feature \u0432 Windows Server 2016, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c IP-\u0430\u0434\u0440\u0435\u0441\u0430\u043c\u0438 \u0432 \u0432\u0430\u0448\u0435\u0439 \u0441\u0435\u0442\u0438. \u0412\u043e\u0432\u0441\u0435 \u043d\u0435 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 IPAM (DHCP, DNS, AD), \u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0451 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u0430\u043a \u0431\u0430\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0441 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0430. \u0421\u043a\u0440\u0438\u043f\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 JSON \u0444\u0430\u0439\u043b, \u0434\u0435\u043b\u0430\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u043a IPAM \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e IP \u0430\u0434\u0440\u0435\u0441\u0430 \u0432 \u043f\u043e\u0434\u0441\u0435\u0442\u0438. \u0410 \u043f\u043e\u0434\u0441\u0435\u0442\u044c VLAN (\u0445\/24 \u043f\u043e\u0434\u0441\u0435\u0442\u044c) \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0432\u044b\u0431\u0440\u0430\u043d\u043d\u044b\u0445 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 SLA, Environment, Trust \u0438 Type.
  \u0424\u0430\u0439\u043b-\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u0433\u043e\u0442\u043e\u0432, \u0432\u0441\u0435 \u043f\u043e\u043b\u044f \u043d\u0430 \u043c\u0435\u0441\u0442\u0435, \u043c\u043e\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443. \u0412\u0441\u0442\u0430\u0435\u0442 \u0432\u043e\u043f\u0440\u043e\u0441 \u00ab\u043a\u0430\u043a \u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043d\u0430\u0448\u0438\u0445 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432?\u00bb. \u041c\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c \u043f\u0430\u043a\u0435\u0442 CredentialManager<\/a>. \u042d\u0442\u043e\u0442 \u043f\u0430\u043a\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441\u043e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u043c Windows Credential Manager API \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u0435\u0439. \u041f\u0440\u0438\u043c\u0435\u0440 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u044f:<\/p>\n
New-StoredCredential -Target \"ESXi\" -UserName \"testdomain.eu\\vmwareadm\" -Password \"veryultraP@ssw00rd.\" -Type Generic -Persist LocalMachine<\/code><\/pre>\n
  \u041f\u0430\u0440\u043e\u043b\u044c \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u0434\u0430\u043d\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b \u0438 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438.<\/p>\n
$ESXiAdmin = Get-StoredCredential -Type Generic -Target ESXi<\/code><\/pre>\n
  \u0423 \u043d\u0430\u0441 \u0435\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0445\u0440\u0430\u043d\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 c GIT, \u0442\u0435\u043f\u0435\u0440\u044c \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u043d\u0430\u0434\u0435\u0436\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445: \u043a\u0442\u043e, \u0447\u0442\u043e, \u0433\u0434\u0435 \u0438 \u043a\u043e\u0433\u0434\u0430. <\/p>\n
  \u041d\u0430 \u044d\u0442\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d scheduled task: \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u043f\u0430\u043f\u043a\u0443 c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 \u0438 \u043f\u0438\u0441\u0430\u0442\u044c \u0432 Windows Event Log \u043e\u0431\u043e \u0432\u0441\u0435\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f\u0445.<\/p>\n
  \u0427\u0435\u0440\u0435\u0437 15 \u043c\u0438\u043d\u0443\u0442 scheduled task \u043d\u0430\u043f\u0438\u0448\u0435\u0442 \u0432 Windows EventLog, \u0447\u0442\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u043d\u043e\u0432\u044b\u0439 \u0444\u0430\u0439\u043b-\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f. <\/p>\n
  \u041f\u0440\u0438\u0448\u043b\u043e \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u044d\u0442\u0443 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e. \u0412 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u043d\u0430\u043c \u043d\u0443\u0436\u043d\u043e \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0444\u0430\u0439\u043b \u0438\u043c\u0435\u0435\u0442 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0435 \u0444\u043e\u0440\u043c\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435:<\/p>\n
$Configuration=(Get-Content -Raw $File | Out-String | ConvertFrom-Json) <\/code><\/pre>\n
  \u0415\u0441\u043b\u0438 \u0432\u0441\u0435 \u0445\u043e\u0440\u043e\u0448\u043e, \u043f\u043e\u0440\u0430 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0430\u0442\u044c \u043a \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044e \u043c\u0430\u0448\u0438\u043d\u044b \u0438 \u0437\u0430\u043f\u0443\u0441\u0438\u0442\u044c BuildVM.ps1 \u0441\u043a\u0440\u0438\u043f\u0442.<\/p>\n
  \u0412 BuildVM.ps1 \u043c\u044b \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c, \u0447\u0442\u043e \u0444\u0430\u0439\u043b-\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u0438\u043c\u0435\u0435\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0441\u0442\u0438\u043a \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b: size, env, sla, type, storage, ram, network. <\/p>\n
  \u041e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u043c, \u0435\u0441\u0442\u044c \u043b\u0438 \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u043c\u0430\u0448\u0438\u043d\u0430 \u0441 \u0442\u0430\u043a\u0438\u043c \u0436\u0435 \u0438\u043c\u0435\u043d\u0435\u043c (CheckVM.ps1). 
  \u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u0447\u0435\u0440\u0435\u0437 VMWare PowerShell CLI<\/a> \u043a \u043d\u0430\u0448\u0435\u0439 vSphere:<\/p>\n
$VmWareAdmin = Get-StoredCredential -Type Generic -Target ESXi Connect-VIServer -Server \"UKHQSV50001\" -Credential $VmWareAdmin | Out-Null  <\/code><\/pre>\n
  \u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c, \u0435\u0441\u0442\u044c \u043b\u0438 \u043c\u0430\u0448\u0438\u043d\u0430 \u0441 \u0442\u0430\u043a\u0438\u043c \u0436\u0435 \u0438\u043c\u0435\u043d\u0435\u043c \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435<\/p>\n
$VM=Get-VM $server -ErrorAction SilentlyContinue<\/code><\/pre>\n
  \u0418 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f:<\/p>\n
Disconnect-VIServer * -Force -Confirm:$false <\/code><\/pre>\n
  \u0423\u0431\u0435\u0434\u0438\u043c\u0441\u044f, \u0447\u0442\u043e \u043c\u0430\u0448\u0438\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043f\u043e WinRM<\/p>\n
$ping=Test-NetConnection -ComputerName $Configuration.Hostname -CommonTCPPort WINRM -InformationLevel Quiet -ErrorAction SilentlyContinue <\/code><\/pre>\n
  \u0415\u0441\u043b\u0438 \u0432 $VM \u0438 $ping \u043f\u0443\u0441\u0442\u043e, \u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443. (\u041c\u044b \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u043c \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438, \u043a\u043e\u0433\u0434\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u0443\u0436\u0435 \u0441\u043e\u0437\u0434\u0430\u043d\u0430 \u0432 ESXi \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0438\u043b\u0438 \u0436\u0435 \u044d\u0442\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u0432 \u0434\u0440\u0443\u0433\u043e\u043c \u0434\u0430\u0442\u0430-\u0446\u0435\u043d\u0442\u0440\u0435.)<\/p>\n
\u041f\u0430\u0440\u0443 \u0441\u043b\u043e\u0432 \u043e \u043c\u0430\u0448\u0438\u043d\u0435. \u042d\u0442\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043e\u0431\u0440\u0430\u0437 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u043c\u0430\u0448\u0438\u043d\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u0444\u0438\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d sysprep \u0438 \u0441\u043a\u043e\u043d\u0432\u0435\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d \u0432 template \u0432 \u043d\u0430\u0448\u0435\u043c vSphere. \u0412 \u043e\u0431\u0440\u0430\u0437\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u0441 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u043d\u0430\u043c \u043f\u0430\u0440\u043e\u043b\u0435\u043c, \u044d\u0442\u0430 \u0443\u0447\u0435\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c \u00ab\u043d\u0435 \u0441\u043b\u0435\u0442\u0430\u0435\u0442\u00bb \u043f\u043e\u0441\u043b\u0435 sysprep, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u043d\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0430\u0436\u0434\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 \u0438\u0437 \u044d\u0442\u043e\u0433\u043e \u0442\u0435\u043c\u043f\u043b\u0435\u0439\u0442\u0430, \u0430 \u043f\u043e\u0437\u0436\u0435 \u043c\u044b \u0441\u043c\u043e\u0436\u0435\u043c \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043f\u0430\u0440\u043e\u043b\u044c \u0432 \u0446\u0435\u043b\u044f\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.<\/p><\/blockquote>\n
\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b
  <\/h3>\n
  \u041d\u0430\u0439\u0434\u0435\u043c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 SLR-\u043a\u043b\u0430\u0441\u0442\u0435\u0440:<\/p>\n
$Cluster=Get-Cluster -Name $Configuration.VM.SLR <\/code><\/pre>\n
  \u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043c, \u0447\u0442\u043e \u0443 \u043d\u0430\u0441 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u0435\u0441\u0442\u0430 \u043d\u0430 Datastore:<\/p>\n
$DatastoreCluster = Get-DatastoreCluster |Where-Object {$_.Name -like $Datastore1Name} $Datastore1 = Get-Datastore -Location $DatastoreCluster |sort -Property \"FreeSpaceGB\" |select -Last 1  IF ($Datastore1.FreeSpaceGB -le \"200\"){ Write-Host -foreground red \"STOP: Not enough datastore capacity for DISK\" $vdisk.Id Break }  <\/code><\/pre>\n
  \u0418 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0430\u043c\u044f\u0442\u0438:<\/p>\n
$VMHost = Get-VMHost -Location $Cluster |sort -Property \"MemoryUsageGB\" |select -First 1  IF ($VMHost.MemoryUsageGB -le \"20\"){ Write-Host -foreground red \"STOP: No enough ESXi host capacity\"         Break }  <\/code><\/pre>\n
  \u0411\u0435\u0440\u0435\u043c \u043d\u0430\u0448 \u0442\u0435\u043c\u043f\u043b\u0435\u0439\u0442<\/p>\n
$VMTemplate = Get-Template -Name 'Win2016_Std_x64_Template' <\/code><\/pre>\n
  \u0418 \u0441\u043e\u0437\u0434\u0430\u0435\u043c \u043d\u043e\u0432\u0443\u044e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443<\/p>\n
New-VM -Name $Configuration.Hostname.ToUpper() -VMHost $VMHost -ResourcePool $ResourcePool -Datastore $Datastore -Template $VMTemplate -Location \"AutoDeployed VMs\" <\/code><\/pre>\n
  \u0412\u0430\u0436\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043a \u043f\u043e\u0434\u0441\u0435\u0442\u0438 \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c DHCP.<\/p>\n
  \u0417\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443<\/p>\n
Start-VM $VM<\/code><\/pre>\n
  \u0418 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043c\u0430\u0448\u0438\u043d\u044b, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0442\u043e\u043c \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 VMWare.<\/p>\n
Set-Annotation -Entity $VM -CustomAttribute \"Change request\" -Value $Configuration.Request -Confirm:$false Set-VM $VM -Notes $Configuration.Description -Confirm:$false <\/code><\/pre>\n
  \u041c\u0430\u0448\u0438\u043d\u0430 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u0441\u044c \u0438 \u0442\u0435\u043f\u0435\u0440\u044c \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u0443\u0437\u043d\u0430\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0439 MAC-\u0430\u0434\u0440\u0435\u0441:<\/p>\n
$vMAC = (($VM | Get-NetworkAdapter | Select-Object -Property \"MacAddress\").MacAddress).Replace(':','')<\/code><\/pre>\n
  \u0421\u043e\u0445\u0440\u0430\u043d\u0438\u043c \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u0432 \u043d\u0430\u0448 JSON-\u0444\u0430\u0439\u043b<\/p>\n
$Configuration.Network.MAC=$VMAC ConvertTo-Json -InputObject $Configuration -Depth 100 | Out-File \"C:\\Configs\\TargetNodes\\Build\\$Hostname.json\" -Force <\/code><\/pre>\n
  \u0417\u0434\u0435\u0441\u044c \u0441\u0430\u043c\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u0441\u0434\u0435\u043b\u0430\u0442\u044c commit \u0432 \u043d\u0430\u0448 Git, \u0447\u0442\u043e \u043c\u0430\u0448\u0438\u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0430 \u0438 \u0438\u043c\u0435\u0435\u0442 \u0441\u0432\u043e\u0439 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0439 MAC.<\/p>\n
  \u041c\u0430\u0448\u0438\u043d\u0430 \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442 \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f (\u043f\u043e\u0441\u043b\u0435 sysprep), \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0438 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e.<\/p>\n
  \u0414\u0430\u0432\u0430\u0439\u0442\u0435 \u0434\u043e\u0436\u0434\u0435\u043c\u0441\u044f, \u043a\u043e\u0433\u0434\u0430 \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0430\u0448\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u043f\u043e WinRM c \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u043c EstablishConnection.ps1.<\/p>\n
  \u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u0443\u0437\u043d\u0430\u0435\u043c \u043a\u0430\u043a\u043e\u0439 IP \u043c\u0430\u0448\u0438\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0442 DHCP:<\/p>\n
#\u0417\u0434\u0435\u0441\u044c $MAC = $vMAC while($isOnline -ne $true){      if((Get-DhcpServerv4Lease -ClientId $MAC -ScopeId $StagingDHCPScope -ComputerName $DHCPServer -ErrorAction Ignore).IPAddress.IPAddressToString){         $tempIP=(Get-DhcpServerv4Lease -ClientId $MAC -ScopeId $StagingDHCPScope -ComputerName $DHCPServer).IPAddress.IPAddressToString         break     }     else{             if($isOnline -ne $true){             Write-Host \"`r$i`t\" -NoNewline             $i++         }      } } <\/code><\/pre>\n
  \u0410 \u0442\u0435\u043f\u0435\u0440\u044c \u0434\u043e\u0436\u0434\u0435\u043c\u0441\u044f, \u043a\u043e\u0433\u0434\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043f\u043e WinRM:<\/p>\n
$LocalAdmin = Get-StoredCredential -Type Generic -Target LocalAdmin $i=0 $isOnline=$false while($isOnline -ne $true){     if(Invoke-Command -ComputerName $tempIP -ScriptBlock{ Get-ItemProperty -Path \"Registry::\\HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Component Based Servicing\" } -Credential $LocalAdmin -ErrorAction SilentlyContinue){         $isOnline=$true                 break             }     else{         if($isOnline -ne $true){             Write-Host \"`r$i\" -NoNewline              $i++             Start-Sleep -Seconds 1         }     }      }   <\/code><\/pre>\n
  \u041c\u0430\u0448\u0438\u043d\u0430 \u0433\u043e\u0442\u043e\u0432\u0430 \u043a \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e. <\/p>\n
Desired State Configuration
  <\/h3>\n
  \u0414\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0436\u0435\u043b\u0430\u0435\u043c\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043c\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c \u0447\u0430\u0441\u0442\u044c PowerShell \u2014 DSC (Desired State Configuration). \u0412 \u0441\u0435\u0442\u0438 \u0435\u0441\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 DSC Pull Server: dscpull.testdomain.eu.
  \u041d\u0438\u0436\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u043d\u0430\u0448\u0435\u0433\u043e DSC Pull Server. \u0425\u043e\u0440\u043e\u0448\u0430\u044f \u0441\u0442\u0430\u0442\u044c\u044f \u043f\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 DSC Pull.<\/a><\/p>\n
Node $NodeName     {         WindowsFeature DSCServiceFeature         {             Ensure = \"Present\"             Name   = \"DSC-Service\"                     }          xDscWebService PSDSCPullServer         {             Ensure                  = \"Present\"             EndpointName            = \"PSDSCPullServer\"             Port                    =  8080                         PhysicalPath            = \"$env:SystemDrive\\inetpub\\PSDSCPullServer\"             CertificateThumbPrint   =  $certificateThumbPrint                      ModulePath              = \"$env:PROGRAMFILES\\WindowsPowerShell\\DscService\\Modules\"             ConfigurationPath       = \"$env:PROGRAMFILES\\WindowsPowerShell\\DscService\\Configuration\"                         State                   = \"Started\"             DependsOn               = \"[WindowsFeature]DSCServiceFeature\"              RegistrationKeyPath     = \"$env:PROGRAMFILES\\WindowsPowerShell\\DscService\"                AcceptSelfSignedCertificates = $true             UseSecurityBestPractices = $true                                          }          File RegistrationKeyFile         {             Ensure          = 'Present'             Type            = 'File'             DestinationPath = \"$env:ProgramFiles\\WindowsPowerShell\\DscService\\RegistrationKeys.txt\"             Contents        = $RegistrationKey         }     }  <\/code><\/pre>\n
  \u041e\u043d \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443: https:\/\/dscpull.testdomain.eu:8080<\/a><\/p>\n
  \u0415\u0433\u043e Endpoint: https:\/\/dscpull.testdomain.eu:8080\/PSDSCPullserver.svc<\/a> <\/p>\n
  \u041d\u0430 \u0432\u0441\u0435\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u0445 pull \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d PowerShell 5.1
  \u0415\u0441\u043b\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u043d\u0435 PowerShell 5.1:<\/p>\n
$PSVersionTable.PSVersion.Major \u2013lt 5<\/code><\/pre>\n
  \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c PowerShell 5.1:<\/p>\n
Write-Host \"Download PowerShell 5.1\" Invoke-Command -ComputerName $Node -ScriptBlock { [System.Net.ServicePointManager]::SecurityProtocol=[System.Net.SecurityProtocolType]::Tls12;Invoke-WebRequest -Uri \"https:\/\/dscpull.testdomain.eu:8080\/Files\/Updates\/WMF.msu\" -OutFile C:\\TEMP\\WMF.MSU  } Write-Host \"Extract PowerShell 5.1\"     Invoke-Command -ComputerName $Node -ScriptBlock {Start-Process -FilePath 'wusa.exe' -ArgumentList \"C:\\temp\\WMF.msu \/extract:C:\\temp\\\" -Wait -PassThru   }     Write-Host \"Apply PowerShell 5.1\"     Invoke-Command -ComputerName $Node -ScriptBlock {Start-Process -FilePath 'dism.exe' -ArgumentList \"\/online \/add-package \/PackagePath:C:\\temp\\WindowsBlue-KB3191564-x64.cab \/Quiet\" -Wait -PassThru }      Write-Host \"PowerShell 5.1 has been installed\"  <\/code><\/pre>\n
  \u0412 \u043d\u0430\u0448\u0435\u0439 \u0441\u0435\u0442\u0438 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 PKI-\u0441\u0435\u0440\u0432\u0435\u0440. \u042d\u0442\u043e \u0443\u0441\u043b\u043e\u0432\u0438\u0435 \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0433\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u043e\u0445\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u0432 DSC mof \u0444\u0430\u0439\u043b\u0430\u0445 (Mof \u0444\u0430\u0439\u043b\u044b \u2014 \u044d\u0442\u043e \u00ab\u044f\u0437\u044b\u043a\u00bb \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043e\u0431\u0449\u0430\u044e\u0442\u0441\u044f Pull Server \u0438 \u0435\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u044b). \u041a\u043e\u0433\u0434\u0430 \u043a\u043b\u0438\u0435\u043d\u0442 \u043f\u044b\u0442\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 Pull Server, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u044c Thumprint \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0438 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c Pull Server \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0434\u043b\u044f \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u0435\u0439. \u041d\u0438\u0436\u0435 \u043c\u044b \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c, \u043a\u0430\u043a \u044d\u0442\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442.<\/p>\n
  \u0418\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u0443\u0435\u043c Root CA \u043d\u0430\u0448\u0435\u0439 \u043d\u043e\u0432\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435:<\/p>\n
  Invoke-Command -ComputerName $server -ScriptBlock{         $PKI=\"-----BEGIN CERTIFICATE----- MIIF2TCCA8GgAwIBAgIQSPIjcff9rotNdxbg3+ygqDANBgkqhkiG9w0BAQUFADAe **************************************************************** znafMvVx0B4tGEz2PFss\/FviGdC3RohBHG0rF5jO50J4nS\/3cGGm+HGdn1w\/tZd0 a0FWpn9VCOSmXM2It+tSW1f4nZVt6T2kr1ZlTxkDhT7HMSGsrX\/XJswzCkDGe3dE qrVVjNUkhVTaeeBWdujB5J6mcx7YkNsAUhODiS9Cf7FnYnxLFA72M0pijI48P5F0 ShM9HWAAUIrLkv13ug== -----END CERTIFICATE-----\"         $PKI  | Out-File RootCA.cer         Import-Certificate RootCA.cer -CertStoreLocation Cert:\\LocalMachine\\Root | select Thumbprint | Out-Null      }  -Credential $LocalAdmin | Out-Null   <\/code><\/pre>\n
  \u0414\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0430\u043c \u043d\u0443\u0436\u043d\u0430 \u043f\u0430\u0440\u0430 RSA-\u043a\u043b\u044e\u0447\u0435\u0439. \u0421\u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u043c \u0441\u0430\u043c\u043e\u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0431\u0443\u0434\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441 \u043d\u0438\u043c:<\/p>\n
param(     $server,     $LocalAdmin  ) Write-Verbose \"Try to generate certificate\" $generated=Invoke-Command -ComputerName $server -ScriptBlock{   function New-SelfSignedCertificateEx { [OutputType('[System.Security.Cryptography.X509Certificates.X509Certificate2]')] [CmdletBinding(DefaultParameterSetName = '__store')] \tparam ( \t\t[Parameter(Mandatory = $true, Position = 0)] \t\t[string]$Subject, \t\t[Parameter(Position = 1)] \t\t[datetime]$NotBefore = [DateTime]::Now.AddDays(-1), \t\t[Parameter(Position = 2)] \t\t[datetime]$NotAfter = $NotBefore.AddDays(365), \t\t[string]$SerialNumber, \t\t[Alias('CSP')] \t\t[string]$ProviderName = \"Microsoft Enhanced Cryptographic Provider v1.0\", \t\t[string]$AlgorithmName = \"RSA\", \t\t[int]$KeyLength = 2048, \t\t[validateSet(\"Exchange\",\"Signature\")] \t\t[string]$KeySpec = \"Exchange\", \t\t[Alias('EKU')] \t\t[Security.Cryptography.Oid[]]$EnhancedKeyUsage, \t\t[Alias('KU')] \t\t[Security.Cryptography.X509Certificates.X509KeyUsageFlags]$KeyUsage, \t\t[Alias('SAN')] \t\t[String[]]$SubjectAlternativeName, \t\t[bool]$IsCA, \t\t[int]$PathLength = -1, \t\t[Security.Cryptography.X509Certificates.X509ExtensionCollection]$CustomExtension, \t\t[ValidateSet('MD5','SHA1','SHA256','SHA384','SHA512')] \t\t[string]$SignatureAlgorithm = \"SHA1\", \t\t[string]$FriendlyName, \t\t[Parameter(ParameterSetName = '__store')] \t\t[Security.Cryptography.X509Certificates.StoreLocation]$StoreLocation = \"CurrentUser\", \t\t[Parameter(Mandatory = $true, ParameterSetName = '__file')] \t\t[Alias('OutFile','OutPath','Out')] \t\t[IO.FileInfo]$Path, \t\t[Parameter(Mandatory = $true, ParameterSetName = '__file')] \t\t[Security.SecureString]$Password, \t\t[switch]$AllowSMIME, \t\t[switch]$Exportable \t) \t$ErrorActionPreference = \"Stop\" \tif ([Environment]::OSVersion.Version.Major -lt 6) { \t\t$NotSupported = New-Object NotSupportedException -ArgumentList \"Windows XP and Windows Server 2003 are not supported!\" \t\tthrow $NotSupported \t} \t$ExtensionsToAdd = @()  #region constants \t# contexts \tNew-Variable -Name UserContext -Value 0x1 -Option Constant \tNew-Variable -Name MachineContext -Value 0x2 -Option Constant \t# encoding \tNew-Variable -Name Base64Header -Value 0x0 -Option Constant \tNew-Variable -Name Base64 -Value 0x1 -Option Constant \tNew-Variable -Name Binary -Value 0x3 -Option Constant \tNew-Variable -Name Base64RequestHeader -Value 0x4 -Option Constant \t# SANs \tNew-Variable -Name OtherName -Value 0x1 -Option Constant \tNew-Variable -Name RFC822Name -Value 0x2 -Option Constant \tNew-Variable -Name DNSName -Value 0x3 -Option Constant \tNew-Variable -Name DirectoryName -Value 0x5 -Option Constant \tNew-Variable -Name URL -Value 0x7 -Option Constant \tNew-Variable -Name IPAddress -Value 0x8 -Option Constant \tNew-Variable -Name RegisteredID -Value 0x9 -Option Constant \tNew-Variable -Name Guid -Value 0xa -Option Constant \tNew-Variable -Name UPN -Value 0xb -Option Constant \t# installation options \tNew-Variable -Name AllowNone -Value 0x0 -Option Constant \tNew-Variable -Name AllowNoOutstandingRequest -Value 0x1 -Option Constant \tNew-Variable -Name AllowUntrustedCertificate -Value 0x2 -Option Constant \tNew-Variable -Name AllowUntrustedRoot -Value 0x4 -Option Constant \t# PFX export options \tNew-Variable -Name PFXExportEEOnly -Value 0x0 -Option Constant \tNew-Variable -Name PFXExportChainNoRoot -Value 0x1 -Option Constant \tNew-Variable -Name PFXExportChainWithRoot -Value 0x2 -Option Constant #endregion \t #region Subject processing \t# http:\/\/msdn.microsoft.com\/en-us\/library\/aa377051(VS.85).aspx \t$SubjectDN = New-Object -ComObject X509Enrollment.CX500DistinguishedName \t$SubjectDN.Encode($Subject, 0x0) #endregion  #region Extensions  #region Enhanced Key Usages processing \tif ($EnhancedKeyUsage) { \t\t$OIDs = New-Object -ComObject X509Enrollment.CObjectIDs \t\t$EnhancedKeyUsage | ForEach-Object { \t\t\t$OID = New-Object -ComObject X509Enrollment.CObjectID \t\t\t$OID.InitializeFromValue($_.Value) \t\t\t# http:\/\/msdn.microsoft.com\/en-us\/library\/aa376785(VS.85).aspx \t\t\t$OIDs.Add($OID) \t\t} \t\t# http:\/\/msdn.microsoft.com\/en-us\/library\/aa378132(VS.85).aspx \t\t$EKU = New-Object -ComObject X509Enrollment.CX509ExtensionEnhancedKeyUsage \t\t$EKU.InitializeEncode($OIDs) \t\t$ExtensionsToAdd += \"EKU\" \t} #endregion  #region Key Usages processing \tif ($KeyUsage -ne $null) { \t\t$KU = New-Object -ComObject X509Enrollment.CX509ExtensionKeyUsage \t\t$KU.InitializeEncode([int]$KeyUsage) \t\t$KU.Critical = $true \t\t$ExtensionsToAdd += \"KU\" \t} #endregion  #region Basic Constraints processing \tif ($PSBoundParameters.Keys.Contains(\"IsCA\")) { \t\t# http:\/\/msdn.microsoft.com\/en-us\/library\/aa378108(v=vs.85).aspx \t\t$BasicConstraints = New-Object -ComObject X509Enrollment.CX509ExtensionBasicConstraints \t\tif (!$IsCA) {$PathLength = -1} \t\t$BasicConstraints.InitializeEncode($IsCA,$PathLength) \t\t$BasicConstraints.Critical = $IsCA \t\t$ExtensionsToAdd += \"BasicConstraints\" \t} #endregion  #region SAN processing \tif ($SubjectAlternativeName) { \t\t$SAN = New-Object -ComObject X509Enrollment.CX509ExtensionAlternativeNames \t\t$Names = New-Object -ComObject X509Enrollment.CAlternativeNames \t\tforeach ($altname in $SubjectAlternativeName) { \t\t\t$Name = New-Object -ComObject X509Enrollment.CAlternativeName \t\t\tif ($altname.Contains(\"@\")) { \t\t\t\t$Name.InitializeFromString($RFC822Name,$altname) \t\t\t} else { \t\t\t\ttry { \t\t\t\t\t$Bytes = [Net.IPAddress]::Parse($altname).GetAddressBytes() \t\t\t\t\t$Name.InitializeFromRawData($IPAddress,$Base64,[Convert]::ToBase64String($Bytes)) \t\t\t\t} catch { \t\t\t\t\ttry { \t\t\t\t\t\t$Bytes = [Guid]::Parse($altname).ToByteArray() \t\t\t\t\t\t$Name.InitializeFromRawData($Guid,$Base64,[Convert]::ToBase64String($Bytes)) \t\t\t\t\t} catch { \t\t\t\t\t\ttry { \t\t\t\t\t\t\t$Bytes = ([Security.Cryptography.X509Certificates.X500DistinguishedName]$altname).RawData \t\t\t\t\t\t\t$Name.InitializeFromRawData($DirectoryName,$Base64,[Convert]::ToBase64String($Bytes)) \t\t\t\t\t\t} catch {$Name.InitializeFromString($DNSName,$altname)} \t\t\t\t\t} \t\t\t\t} \t\t\t} \t\t\t$Names.Add($Name) \t\t} \t\t$SAN.InitializeEncode($Names) \t\t$ExtensionsToAdd += \"SAN\" \t} #endregion  #region Custom Extensions \tif ($CustomExtension) { \t\t$count = 0 \t\tforeach ($ext in $CustomExtension) { \t\t\t# http:\/\/msdn.microsoft.com\/en-us\/library\/aa378077(v=vs.85).aspx \t\t\t$Extension = New-Object -ComObject X509Enrollment.CX509Extension \t\t\t$EOID = New-Object -ComObject X509Enrollment.CObjectId \t\t\t$EOID.InitializeFromValue($ext.Oid.Value) \t\t\t$EValue = [Convert]::ToBase64String($ext.RawData) \t\t\t$Extension.Initialize($EOID,$Base64,$EValue) \t\t\t$Extension.Critical = $ext.Critical \t\t\tNew-Variable -Name (\"ext\" + $count) -Value $Extension \t\t\t$ExtensionsToAdd += (\"ext\" + $count) \t\t\t$count++ \t\t} \t} #endregion  #endregion  #region Private Key \t# http:\/\/msdn.microsoft.com\/en-us\/library\/aa378921(VS.85).aspx \t$PrivateKey = New-Object -ComObject X509Enrollment.CX509PrivateKey \t$PrivateKey.ProviderName = $ProviderName \t$AlgID = New-Object -ComObject X509Enrollment.CObjectId \t$AlgID.InitializeFromValue(([Security.Cryptography.Oid]$AlgorithmName).Value) \t$PrivateKey.Algorithm = $AlgID \t# http:\/\/msdn.microsoft.com\/en-us\/library\/aa379409(VS.85).aspx \t$PrivateKey.KeySpec = switch ($KeySpec) {\"Exchange\" {1}; \"Signature\" {2}} \t$PrivateKey.Length = $KeyLength \t# key will be stored in current user certificate store \tswitch ($PSCmdlet.ParameterSetName) { \t\t'__store' { \t\t\t$PrivateKey.MachineContext = if ($StoreLocation -eq \"LocalMachine\") {$true} else {$false} \t\t} \t\t'__file' { \t\t\t$PrivateKey.MachineContext = $false \t\t} \t} \t$PrivateKey.ExportPolicy = if ($Exportable) {1} else {0} \t$PrivateKey.Create() #endregion  \t# http:\/\/msdn.microsoft.com\/en-us\/library\/aa377124(VS.85).aspx \t$Cert = New-Object -ComObject X509Enrollment.CX509CertificateRequestCertificate \tif ($PrivateKey.MachineContext) { \t\t$Cert.InitializeFromPrivateKey($MachineContext,$PrivateKey,\"\") \t} else { \t\t$Cert.InitializeFromPrivateKey($UserContext,$PrivateKey,\"\") \t} \t$Cert.Subject = $SubjectDN \t$Cert.Issuer = $Cert.Subject \t$Cert.NotBefore = $NotBefore \t$Cert.NotAfter = $NotAfter \tforeach ($item in $ExtensionsToAdd) {$Cert.X509Extensions.Add((Get-Variable -Name $item -ValueOnly))} \tif (![string]::IsNullOrEmpty($SerialNumber)) { \t\tif ($SerialNumber -match \"[^0-9a-fA-F]\") {throw \"Invalid serial number specified.\"} \t\tif ($SerialNumber.Length % 2) {$SerialNumber = \"0\" + $SerialNumber} \t\t$Bytes = $SerialNumber -split \"(.{2})\" | Where-Object {$_} | ForEach-Object{[Convert]::ToByte($_,16)} \t\t$ByteString = [Convert]::ToBase64String($Bytes) \t\t$Cert.SerialNumber.InvokeSet($ByteString,1) \t} \tif ($AllowSMIME) {$Cert.SmimeCapabilities = $true} \t$SigOID = New-Object -ComObject X509Enrollment.CObjectId \t$SigOID.InitializeFromValue(([Security.Cryptography.Oid]$SignatureAlgorithm).Value) \t$Cert.SignatureInformation.HashAlgorithm = $SigOID \t# completing certificate request template building \t$Cert.Encode() \t \t# interface: http:\/\/msdn.microsoft.com\/en-us\/library\/aa377809(VS.85).aspx \t$Request = New-Object -ComObject X509Enrollment.CX509enrollment \t$Request.InitializeFromRequest($Cert) \t$Request.CertificateFriendlyName = $FriendlyName \t$endCert = $Request.CreateRequest($Base64) \t$Request.InstallResponse($AllowUntrustedCertificate,$endCert,$Base64,\"\") \tswitch ($PSCmdlet.ParameterSetName) { \t\t'__file' { \t\t\t$PFXString = $Request.CreatePFX( \t\t\t\t[Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($Password)), \t\t\t\t$PFXExportEEOnly, \t\t\t\t$Base64 \t\t\t) \t\t\tSet-Content -Path $Path -Value ([Convert]::FromBase64String($PFXString)) -Encoding Byte \t\t} \t} \t[Byte[]]$CertBytes = [Convert]::FromBase64String($endCert) \tNew-Object Security.Cryptography.X509Certificates.X509Certificate2 @(,$CertBytes) } New-SelfsignedCertificateEx `     -Subject \"CN=${ENV:ComputerName}\" `     -EKU 'Document Encryption' `     -KeyUsage 'KeyEncipherment, DataEncipherment' `     -SAN ${ENV:ComputerName} `     -FriendlyName 'DSC Credential Encryption certificate' `     -Exportable `     -StoreLocation 'LocalMachine' `     -KeyLength 2048 `     -ProviderName 'Microsoft Enhanced Cryptographic Provider v1.0' `     -AlgorithmName 'RSA' `     -SignatureAlgorithm 'SHA256'  } -ErrorAction Ignore -Credential $LocalAdmin Write-Host \"SelfSigned Certificate has been generated\" if($generated){     return $true } else{     return $false }  <\/code><\/pre>\n
  \u0422\u0435\u043f\u0435\u0440\u044c \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 Pull Server:<\/p>\n
$DscHostFQDN = [System.Net.Dns]::GetHostEntry([string]$env:computername).HostName $DscPullServerURL = \"https:\/\/$($DscHostFQDN):8080\/PSDSCPullserver.svc\" $DscWebConfigChildPath = '\\inetpub\\psdscpullserver\\web.config' $DscWebConfigPath = Join-Path -Path $env:SystemDrive -ChildPath $DscWebConfigChildPath $DscWebConfigXML = [xml](Get-Content $DscWebConfigPath) $DscRegKeyName = 'RegistrationKeys.txt' $DscRegKeyXMLNode = \"\/\/appSettings\/add[@key = 'RegistrationKeyPath']\" $DscRegKeyParentPath = ($DscWebConfigXML.SelectNodes($DscRegKeyXMLNode)).value $DscRegKeyPath = Join-Path -Path $DscRegKeyParentPath -ChildPath $DscRegKeyName $DscRegKey = Get-Content $DscRegKeyPath   [DSCLocalConfigurationManager()] configuration RegisterOnPull {     Node $Node     {         Settings         {                   ConfigurationModeFrequencyMins =   1440             CertificateID = $Thumbprint             RefreshMode          ='Pull'             RefreshFrequencyMins = 1440             RebootNodeIfNeeded   = $true                       ConfigurationMode ='ApplyAndAutoCorrect'             AllowModuleOverwrite = $true             DebugMode = 'None'             StatusRetentionTimeInDays = 1                      }          ConfigurationRepositoryWeb $([string]$env:computername)         {             ServerURL =  $DscPullServerURL             RegistrationKey = $DscRegKey             CertificateID = $Thumbprint                           ConfigurationNames = @(\"$hostx\")         }      } }  RegisterOnPull -OutputPath $MetaConfigsStorage  Set-DscLocalConfigurationManager -ComputerName $Node  -Path $MetaConfigsStorage  -Verbose -Force -Credential $LocalAdmin <\/code><\/pre>\n
  \u041e\u0442\u043f\u0440\u0430\u0432\u0438\u043c \u043f\u0435\u0440\u0432\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u043d\u0430\u0448\u0435\u0439 \u043c\u0430\u0448\u0438\u043d\u0435<\/p>\n
Configuration Rename {     param     (         [Parameter()]         [System.String[]]         $Node,         $hostname     )      Import-DscResource -ModuleName xComputerManagement         Import-DscResource \u2013ModuleName PSDesiredStateConfiguration      Node $Node     {                  xComputer JoinDomain         {             Name       = $hostname         }     } }  Rename -Node $Node -OutputPath $DscConfigPath -hostname $hostname  New-DscChecksum $DscConfigPath -Force Invoke-Command -ComputerName $Node -ScriptBlock{Update-DscConfiguration -Verbose -Wait } -Credential $LocalAdmin -Verbose  <\/code><\/pre>\n
  \u0421\u0435\u0440\u0432\u0435\u0440 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u0443\u0435\u0442\u0441\u044f \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u0441\u044f. \u0422\u0435\u043f\u0435\u0440\u044c \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c Join Domain.<\/p>\n
Configuration JoinAD {     param     (         [Parameter()]         [System.String[]]         $Node,         [Parameter(Mandatory = $true)]         [ValidateNotNullorEmpty()]         [System.Management.Automation.PSCredential]         $DomainAdmin,         $hostname,         $domain     )      Import-DscResource -ModuleName xComputerManagement         Import-DscResource \u2013ModuleName PSDesiredStateConfiguration      Node $Node     {                  xComputer JoinDomain         {             Name       = $hostname             DomainName = $domain             Credential = $DomainAdmin             JoinOU = \"OU=Servers,OU=Staging,OU=Provider,DC=testdomain,DC=eu\"         }                  GroupSet LocalAdmins         {             GroupName = @( 'Administrators')             Ensure = 'Present'             MembersToInclude = @( 'testdomain-eu\\srv_dscstaging_001' )         }     } } $cd = @{     AllNodes = @(         @{             NodeName = $Node             PSDscAllowPlainTextPassword = $false             PSDscAllowDomainUser=$true             Certificatefile = $CertFile             Thumbprint = $Certificate.ToString()         }     ) }  JoinAD -Node $Node -OutputPath $DscConfigPath -DomainAdmin $DomainAdmin -hostname $hostname -ConfigurationData $cd -domain $domain New-DscChecksum $DscConfigPath -Force Invoke-Command -ComputerName $Node -ScriptBlock{Update-DscConfiguration -Verbose -Wait } -Credential $LocalAdmin -Verbose   <\/code><\/pre>\n
  \u0412\u043e\u0442 \u043a\u0430\u043a \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043d\u0430\u0448 mof-\u0444\u0430\u0439\u043b:<\/p>\n
instance of MSFT_Credential as $MSFT_Credential1ref { Password = \"-----BEGIN CMS-----\\nMIIBsgYJKoZIhvcNAQcDoIIBozCCAZ8CAQAxggFKMIIBRgIBADAuMBoxGDAWBgNVBAMMD1dJTi1H\\nNFFKTFFQME4xNQIQOQN77pxew75HU6l7GPn99TANBgkqhkiG9w0BAQcwAASCAQAlhFf7Zs2gJsrw\\ngvQ0OGDRsVQMr5jZHIa9bAAcl3+V+5dLaN1GA\/Jl06YrLJpnulyuivIJWU34SNTkeRCfxpzPwACV\\n2RJHdYIqpFApIxTmSh5zhilC515aDukGchCrFsHayNQsr8vAjIALkRvvtECHgIOREaiwdF2WsKUU\\nkbeSDAE2FDx6HBZDxrMG8OCxeiNMgLKeB4rwbmx7ZUiABu5OIcTtHOvMaXp4vNWX5jXStsdQ\/Ylt\\njPNt2FE6CAnMabC256wnXJIBQpTdqqmc2qmzlz\/hpSEUMDbJEnc1DEK2yWbKcO+BEyD2cr6vKHdn\\nQ9TrjvbysEOvYjT15o6MccwkMEwGCSqGSIb3DQEHATAdBglghkgBZQMEASoEEEdKJT+GX4IkPezR\\nwYncyQiAIAFKxwJocH4ufRsq9L2Ipkp+VQCx2ljlwif6ac4X\/PqG\\n-----END CMS-----\";  UserName = \"testdomain.eu\\\\service_DomainJoin_001\";  };  instance of MSFT_xComputer as $MSFT_xComputer1ref { ResourceID = \"[xComputer]JoinDomain\";  Credential = $MSFT_Credential1ref;  DomainName = \"testdomain.eu\";  SourceInfo = \"C:\\\\Program Files\\\\WindowsPowerShell\\\\Scripts\\\\JoinAD.ps1::34::9::xComputer\";  Name = \"dsctest51\";  JoinOU = \"OU=Servers,OU=Staging,DC=testdomain,DC=eu\";  ModuleName = \"xComputerManagement\";  ModuleVersion = \"4.1.0.0\";   ConfigurationName = \"JoinAD\";  }; <\/code><\/pre>\n
  DSC \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0442 \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043a\u0438 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 Domain Admin: testdomain.eu\\\\service_DomainJoin_001 \u0441\u0430\u043c\u043e\u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c. DSC Client \u0441\u0432\u043e\u0438\u043c Private Key \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u0435\u0442 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442 \u0432\u0441\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 c \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u043c \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438. \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 Domain Join \u0432 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u0443\u044e organization unit. <\/p>\n
GroupSet LocalAdmins         {             GroupName = @( 'Administrators')             Ensure = 'Present'             MembersToInclude = @( testdomain-eu\\srv_dscstaging_001' )         } <\/code><\/pre>\n
  \u042d\u0442\u043e\u0442 \u043c\u043e\u0434\u0443\u043b\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442 srv_dscstaging_001 \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438.<\/p>\n
  \u041f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u043c\u044b \u0441\u043c\u043e\u0436\u0435\u043c \u0437\u0430\u0439\u0442\u0438 \u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u0443 \u0441 \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438.<\/p>\n
  \u0416\u0434\u0435\u043c, \u043a\u043e\u0433\u0434\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u043f\u043e\u043b\u0443\u0447\u0438\u0442 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u043e\u0442 \u043d\u0430\u0448\u0435\u0433\u043e PKI (\u0443 \u043d\u0430\u0441 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d auto enrollment) \u0438 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c \u0431\u0443\u0434\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u043c \u043d\u0430\u0448\u0438\u043c PKI. <\/p>\n
$vmcert=Invoke-Command -ComputerName $server -ScriptBlock{ return Get-ChildItem -Path cert:\\LocalMachine\\My  | where {$_.EnhancedKeyUsageList.FriendlyName -eq \"Document Encryption\"-and $_.Issuer -eq \"CN=TestDomain Issuing CA, DC=testdomain, DC=eu\"} } -ErrorAction Ignore  <\/code><\/pre>\n
  \u0422\u0435\u043f\u0435\u0440\u044c \u0441\u043d\u043e\u0432\u0430 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u043c\u0441\u044f \u043d\u0430 Pull Server \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c thumbprint.<\/p>\n
  \u0412\u0441\u0451, \u043c\u0430\u0448\u0438\u043d\u0430 domain-joined, \u0438 \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0451 \u0442\u0430\u043a, \u043a\u0430\u043a \u043d\u0430\u043c \u0443\u0434\u043e\u0431\u043d\u043e.<\/p>\n
\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 SQL Server
  <\/h3>\n
  \u0412 JSON- \u0444\u0430\u0439\u043b\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u044b \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e MS SQL Server, \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 SQL Server \u043c\u044b \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c DSC. \u0412\u043e\u0442 \u043a\u0430\u043a \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f:<\/p>\n
Configuration $Node{      WindowsFeature \"NetFramework35\"{                 Name = \"NET-Framework-Core\"                 Ensure = \"Present\"                 Source = \"\\\\$DscHostFQDN\\Files\\Updates\"             } \t\t\t             WindowsFeature \"NetFramework45\"{                 Name = \"NET-Framework-45-Core\"                 Ensure= \"Present\"             }       SqlSetup \"MSSQL2012NamedInstance\"{ \t\t\t\t\t    InstanceName          = $MSSQL.InstanceName \t\t\t\t\t    Features              = $MSSQL.Features \t\t\t\t\t    ProductKey            = $ProductKey \t\t\t\t\t    SQLCollation          = $MSSQL.Collation \t\t\t\t\t    SQLSysAdminAccounts   = @('testdomain-EU\\SQLAdmins',' testdomain-EU\\SRV_Backup_001') \t\t\t\t\t    InstallSharedDir      = \"C:\\Program Files\\Microsoft SQL Server\" \t\t\t\t\t    InstallSharedWOWDir   = \"C:\\Program Files (x86)\\Microsoft SQL Server\"\t\t\t\t\t \t\t\t\t\t    InstallSQLDataDir     = $MSSQL.DataRoot \t\t\t\t\t    SQLUserDBDir          = $MSSQL.UserDBDir \t\t\t\t\t    SQLUserDBLogDir       = $MSSQL.UserLogDir \t\t\t\t\t    SQLTempDBDir          = $MSSQL.TempDBDir \t\t\t\t\t    SQLTempDBLogDir       = $MSSQL.TempDBLogDir \t\t\t\t\t    SQLBackupDir          = $MSSQL.BackupDir \t\t\t\t\t    SourcePath            = $SQLSource \t\t\t\t\t    SAPwd                 = $SA \t\t\t\t\t    SecurityMode          = 'SQL' \t\t\t\t\t    UpdateSource          = \".\\Updates\" \t\t\t\t\t    Action                = \"Install\" \t\t\t\t\t    ForceReboot           = $True                         \t\t    SQLSvcAccount         = $SqlServiceCredential                                      AgtSvcAccount         = $SqlServiceCredential                                      ISSvcAccount          = $SqlServiceCredential \t\t\t\t\t    BrowserSvcStartupType = \"Automatic\" \t\t\t\t\t    DependsOn             = '[WindowsFeature]NetFramework35', '[WindowsFeature]NetFramework45' }  <\/code><\/pre>\n
  $MSSQL.InstanceName \u2013 \u0432\u0441\u0451 \u044d\u0442\u043e \u0443\u043a\u0430\u0437\u0430\u043d\u043e \u0432 \u043d\u0430\u0448\u0435\u043c Json \u0444\u0430\u0439\u043b\u0435. \u041f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0434\u0430\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 MS SQL Server c\u043e \u0432\u0441\u0435\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0432 \u043f\u0430\u043f\u043a\u0435 Updates.<\/p>\n
  \u041c\u0430\u0448\u0438\u043d\u0430 \u0433\u043e\u0442\u043e\u0432\u0430. <\/p>\n
  \u041c\u044b \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u0443\u0434\u043e\u0431\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0441 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0439 Azure Portal, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c on-premises \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0443\u0434\u043e\u0431\u043d\u043e \u043d\u0430\u043c \u0438 \u043d\u0430\u0448\u0435\u043c\u0443 \u0437\u0430\u043a\u0430\u0437\u0447\u0438\u043a\u0443.<\/i><\/div>\n