Nov 17 2017 07:03 AM
Hi
I am testing out a new dev/test SharePoint farm in Azure which isn't joined to the local lan.
Anyway I have got as far as setting up the DS .
Install-WindowsFeature -ComputerName "myserver" AD-Domain-Services -IncludeManagementTools
Install-WindowsFeature : Cannot validate argument on parameter 'ComputerName'. The argument is null or empty. Provide
an argument that is not null or empty, and then try the command again.
At line:1 char:38
+ Install-WindowsFeature -ComputerName $adVm AD-Domain-Services -Includ ...
+ ~~~~~
+ CategoryInfo : InvalidData: (:) [Install-WindowsFeature], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.Windows.ServerManager.Commands.AddWindowsFeat
ureCommand
To resolve this, I have
I am assuming I won't be able to use the AD DS Deployment Commandlets directly from my win10 client , until this issue is resolved
Just name resolution I guess?
Nov 17 2017 05:53 PM
Hi Daniel,
Use Enter-PSSession to login for the DC then you can install ADDS.
What I can see in the error is it cant resolve the computer name are you storing the computer name as a variable?
Nov 17 2017 11:20 PM
Nov 17 2017 11:25 PM
One important thing did you allow WinRM from Network security group that attached to nic of the VM?
Yes your WinRM setting is correct and make sure you have run the winrm qc command on you client pc to allow firewall rules
Nov 21 2017 08:53 AM - edited Nov 21 2017 08:58 AM
@Kasun Rajapakse wrote:
One important thing did you allow WinRM from Network security group that attached to nic of the VM?
Yes your WinRM setting is correct and make sure you have run the winrm qc command on you client pc to allow firewall rules
Hi
I have another chance to look at this today. I restarted my VM and noted my IPAddress
I think the rule needed to allow my WInRM access is set below
$rule4 = New-AzureRMNetworkSecurityRuleConfig -Name "WinRM_HTTP" -Description "Allow WinRM traffic over http" -Access Allow -Protocol Tcp -Direction Inbound -Priority 103 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 5985
Next, I need to add my VM to be trusted Host since I am using HTTP, start simple eh!
winrm set winrm/config/client '@{TrustedHosts="adVM"}'
Now, I hit my issue. I still don't see the how I can resolve the DNS address of my VM if I am on a different subnet.
Here is another test
Test-WsMan $pip.IpAddress Test-WsMan : <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859046" Machine="WSLDEV2015"><f:Message>WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. </f:Message></f:WSManFault> At line:1 char:1 + Test-WsMan $pip.IpAddress
Nov 22 2017 02:56 AM
Hi
All is now working.........Thanks for your advice.
1) On the Azure Portal I noticed the NIC reported that there was no assigned Network Security Group. I thought this was odd as I gone through the test lab steps a few times and I know the NSG has been created correctly.
These were some of my steps
$nsg=Get-AzureRMNetworkSecurityGroup -Name SP2016Subnet -ResourceGroupName $rgName Set-AzureRMVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name SP2016Subnet -AddressPrefix "10.0.0.0/24" -NetworkSecurityGroup $nsg $nic = Get-AzureRMNetworkInterface -Name ($vmName + "-NIC") -ResourceGroupName $rgName # line below shows a null $nic.NetworkSecurityGroup # this appeared to work but didn't when viewed onthe ADmin portal $nic.NetworkSecurityGroup = $nsg
Q: why didn't the above work?
Next, in the Admin Portal, I navigated to the Network section and added my NSG
2) I RDPed to my VM and checked WinRM was allowed etc. All looked good
3) on my laptop
I set the just the iP Address
winrm set winrm/config/client '@{TrustedHosts="[PIP]"'
Q: I can't see how my laptop could ever resolve the VM ( ComputerName) address unless I messed around with the Hosts file .
4) Finally,
>Enter-PSSession -ComputerName [PiP} 'mylocalserverAdmin'
>Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Success Restart Needed Exit Code Feature Result
------- -------------- --------- --------------
True No Success {Active Directory Domain Services, Group P...
Nov 27 2017 01:28 AM
My "clever workaround" is really temporary as every time I restart a VM I get a new IP address allocated. Hence, I still need a robust way of resolving the public ip address of any of my VMs from my Windows 10 client pc. - a sort of MyDNS equivalent .
I can work around this by RDPing to my VMS and adding them to domains etc. but not ideal as I want to do this in PS.