This is a very site specific script. A few changes will be required to work in your enviroment.
It would not take much work to use LDMS variables and make the script a Distribution Script
Each step does a pre-check to make sure the step has not already been preformed.
1. Access VM Host and add 75GB HDD to Guest
2. Format New Drive, Label LANDesk, Set Drive letter L:\
3. Create LDLogon UNC share
4. Create Software UNC share
5. Add Specifed Static IP for IIS Web
6. Create IIS Website
$Servers=New-ObjectSystem.Collections.ArrayList
$Offline=New-ObjectSystem.Collections.ArrayList
$subnet="255.255.255.0"
functionCreate-WMITrustee([string]$NTAccount){
$user=New-ObjectSystem.Security.Principal.NTAccount($NTAccount)
$strSID=$user.Translate([System.Security.Principal.SecurityIdentifier])
$sid=New-Objectsecurity.principal.securityidentifier($strSID)
[byte[]]$ba= ,0 *$sid.BinaryLength
[void]$sid.GetBinaryForm($ba,0)
$Trustee= ([WMIClass] "Win32_Trustee").CreateInstance()
$Trustee.SID =$ba
$Trustee
}
functionCreate-WMIAce{
param(
[string]$account,
[System.Security.AccessControl.FileSystemRights]$rights
)
$trustee=Create-WMITrustee$account
$ace= ([WMIClass] "Win32_ace").CreateInstance()
$ace.AccessMask=$rights
$ace.AceFlags= 0 # set inheritances and propagation flags
$ace.AceType= 0 # set SystemAudit
$ace.Trustee =$trustee
$ace
}
FunctionCheckWeb($uRi){
$ErrorActionPreference='SilentlyContinue'
try{
$HTTPcheck=Invoke-WebRequest-Uri$uRi-TimeoutSec 3
$Reply= $HTTPcheck.StatusCode
}
catch{
$Reply= 0
}
If ($Reply-eq 200){return$true}else{Return$false}
}
FunctionGet_Disk_Info ($Server){
$fPSsession=New-PSSession$Server-Name"DiskCheck"-ErrorActionSilentlyContinue
$DiskList=$null
#Site has Connection issues Retry 10x
$i= 10
Do{
Remove-PSSession-Session$fPSsession
$fPSsession=New-PSSession$Server-Name"DiskCheck"-ErrorActionSilentlyContinue
$DiskList=$null
$DiskList=Invoke-Command-ErrorActionSilentlyContinue-Session$fPSsession-ScriptBlock {diskpart /s c:\list.txt }
$i--
}Until((($?)-and ($DiskList-match"Disk 3")) -or ($i-le 0))
Remove-PSSession-Session$fPSsession
IF (($?) -and ($DiskList-match"Disk 3")){
Return$DiskList
}ELSE{
Return"ERROR"
}
}#End Function
#Get Server List
#Target list
#Get-Content \\SERVER\SHARE\SERVERLIST.lst | Foreach-Object {[Void]$Servers.add($_)}
#Single
Read-Host"Preferred Server"| Foreach-Object {[Void]$Servers.add($_)}
# Get-Content C:\Targets\servers.txt | Foreach-Object {[Void]$Servers.add($_)}
#Create WWW ACL
$acl=Get-Acl\\SAMPLESERVER\c$\inetpub\wwwroot
$acl.SetAccessRuleProtection($True, $False)
$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("IUSR","ReadAndExecute", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("LDadmin","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("Domain Computers","ReadAndExecute", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("Administrators","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("SYSTEM","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
#Create Share SD
[System.Security.AccessControl.FileSystemRights]$rights='FullControl'
[System.Security.Principal.NTAccount]$account="EVERYONE"
$sd= ([WMIClass] "Win32_SecurityDescriptor").CreateInstance()
$ace=Create-WMIAce$account$rights
$sd.DACL += @($ace.psobject.baseobject) # append
$sd.ControlFlags="0x4"# set SE_DACL_PRESENT flag
$total=$Servers.count
$Count= 1
Foreach($Servin$Servers){
IF($Serv-eq"clwtlotl"){Continue} #Skip one off
$Server=$Serv+"2"#Set to Secondary server
Write-Host"---- Configuring $Server ---($Count of $total)"
$Count++
IF(!(Test-Connection$Server-Quiet-Count 2)){Write-Host"$server is offline";"$server is offline"|Out-File-FilePathC:\Temp\ServerSetupErrors.txt-Append;Continue} #Skip Offline Servers
# get targ IP
$IPis= [System.Net.Dns]::GetHostAddresses($Server)
$IP=$IPis[0]
$IPstring="{0}"-f , $ip
$ip2=$IPstring.Split('.')
if ($ip2[0] -eq"255"){"$Server on Corp Network... Skipping"; Continue } #Skip if server on Corp Subnet
$ip2[-1] = 255 #Static VM IP
$VMhost=$ip2-join'.'
$ip2[-1] = 255 #Static Reserver IP for Preferred Server
$LDMSip=$ip2-join'.'
#Check if Landesk Drive Exist
"List Disk"|Out-File\\$Server\C$\list.txt-Encoding"ASCII"
#Get Disk info
$DiskList=Get_Disk_Info$Server
IF ($DiskList-eq"ERROR"){
Write-Host"$Server -- ERROR Checking Disk!"-BackgroundColorBlack-ForegroundColorRed
}
$LDMSdisk=""
[string]$LDMSdisk=$DiskList-match"75 GB"
IF($LDMSdisk.Length-le 6){
#Drive does not Exist - Connect to VM and Create
Connect-VIServer$VMhost-User'USERNAME'-Password'PASSWORD'
$VM=Get-VM | Where-Object {$_.Name -match$Server}
$VM | New-HardDisk-CapacityGB 75 -StorageFormat"Thick"
#Rescan windows drives
$DiskList=Get_Disk_Info$Server
IF ($DiskList-eq"ERROR"){
Write-Host"$Server -- ERROR Checking Disk!"-BackgroundColorBlack-ForegroundColorRed
}
$LDMSdisk=""
[string]$LDMSdisk=$DiskList-match"75 GB"
IF($LDMSdisk.Length-le 6){
Write-Host"$Server`: Error creating Drive";
Continue}
}ELSE{ Write-Host$Server 75GB HDDExists}
IF (!(Test-Path\\$Server\L$ )){
#Format Created Drive
[string][int]$LDMSdiskNumber=$LDMSdisk.Substring(6,4)
#Set Script
"Select Disk "+$LDMSdiskNumber |Out-File\\$Server\C$\DiskConfig.txt-Encoding"ASCII"
"Clean"|Out-File\\$Server\C$\DiskConfig.txt-Encoding"ASCII"-Append
"Create partition primary"|Out-File\\$Server\C$\DiskConfig.txt-Encoding"ASCII"-Append
"Select partition 1"|Out-File\\$Server\C$\DiskConfig.txt-Encoding"ASCII"-Append
"Format FS=NTFS label=LANDesk noerr quick" |Out-File\\$Server\C$\DiskConfig.txt-Encoding"ASCII"-Append
"assign letter=l"|Out-File\\$Server\C$\DiskConfig.txt-Encoding"ASCII"-Append
#Execute DiskPart
$PSsession=New-PSSession$Server-Name$Server
$RetVal=Invoke-Command$PSsession {diskpart /s c:\DiskConfig.txt }
Do{
sleep 1
Write-Host"Checking for diskpart process"
}Until(!(Get-Process-ComputerName$Serverdiskpart-ErrorActionSilentlyContinue))
IF(Test-Path\\$Server\C$\DiskConfig.txt ){
$RetVal=Remove-Item\\$Server\C$\DiskConfig.txt
}
Remove-PSSession-Session$PSsession
}ELSE{ Write-Host$Server 75GB HDDAlreadyFormatted}
#Create Folders
IF (!(Test-Path\\$Server\L$\LDMS )){md-NameLDMS-Path\\$Server\l$ ;Set-Acl\\$Server\l$\LDMS$acl } #Set NTFS Permissions
IF (!(Test-Path\\$Server\L$\LDMS\Software )){md-NameSoftware-Path\\$Server\l$\LDMS }
IF (!(Test-Path\\$Server\L$\LDMS\LDLogon )){md-NameLDLogon-Path\\$Server\l$\LDMS }
IF (!(Test-Path\\$Server\L$\LDMS\Software\Images )){md-NameImages-Path\\$Server\l$\LDMS\Software }
IF (!(Test-Path\\$Server\L$\LDMS\Software\Packages )){md-NamePackages-Path\\$Server\l$\LDMS\Software }
IF (!(Test-Path\\$Server\L$\LDMS\Software\Patches )){md-NamePatches-Path\\$Server\l$\LDMS\Software }
IF (!(Test-Path\\$Server\L$\LDMS\Software\Profiles )){md-NameProfiles-Path\\$Server\l$\LDMS\Software }
IF (!(Test-Path\\$Server\L$\LDMS\Software\Drivers )){md-NameDrivers-Path\\$Server\l$\LDMS\Software }
IF (!(Test-Path\\$Server\L$\LDMS\Software\Scripts )){md-NameScripts-Path\\$Server\l$\LDMS\Software }
#Create Share's
$cshare= [WMIClass]"\\$server\root\cimv2:Win32_Share"
IF(!(Test-Path\\$Server\LDlogon-ErrorActionSilentlyContinue )){NET SHARE Software \\$Server /DELETE 2>null;$cshare.Create("L:\LDMS\LDLOGON","LDLogon",0,$null,"",$null,$sd )}ELSE{Write-Host$ServerLDLogonUNCshareexists}
IF(!(Test-Path\\$Server\Software-ErrorActionSilentlyContinue )){NET SHARE Software \\$Server /DELETE 2>null;$cshare.Create("L:\LDMS\SOFTWARE","Software",0,$null,"",$null,$sd )}ELSE{Write-Host$ServerSoftwareUNCshareexists}
# Add .24 IP to Server
#Get NIC Name
IF(!(Test-Connection$LDMSip-count 2 -Quiet)){
$index=get-wmiObject-ComputerName$Server-Class Win32_NetworkAdapterConfiguration | Where-Object { ($_.ipenabled -eq"true") } | Select-objectInterfaceIndex
$strNIC= @(get-wmiObject-ComputerName$Server-ClassWin32_NetworkAdapter | Where-Object { ($_.InterfaceIndex -eq$index.InterfaceIndex) }).NetConnectionId
#Add IP
$NetshArgs="`"$strNIC`" $LDMSip $subnet"
$PSsession=New-PSSession$Server-Name$Server-ErrorActionStop
$RetVal=Invoke-Command$PSsession {netsh in ip add address $args } -ArgumentList$NetshArgs
Remove-PSSession-Session$PSsession
}ELSE{ Write-Host"$Server -- IP $LDMSip already Exists"}
# Update IIS
IF(!(CheckWeb"http://$LDMSip/software" )){
$script= {
$strName="LANDesk"
$strPath="L:\LDMS"
#Load WebAdmin Snap-in if needed.
$iisVersion=Get-ItemProperty"HKLM:\software\microsoft\InetStp";
if ($iisVersion.MajorVersion -eq 7){
if ($iisVersion.MinorVersion -ge 5){
Import-ModuleWebAdministration;
}else{
if (-not (Get-PSSnapIn | Where {$_.Name -eq"WebAdministration";})){
Add-PSSnapInWebAdministration;
}
}
}
#Create Web Site
#New-Website –Name $strName –Port 80 –PhysicalPath $strPath -IPAddress $LDMSip -force
New-Website –Name $strName–Port 80 –PhysicalPath $strPath -IPAddress $args[0] -force
<#Convert Folders to App
ConvertTo-WebApplication "IIS:\sites\LANDesk\LDLogon" -Force
ConvertTo-WebApplication "IIS:\sites\LANDesk\Software" -Force
#>
#Directory Browsing
Set-WebConfigurationProperty -filter /system.webServer/directoryBrowse -name enabled -Value $true -PSPath IIS:\sites\LANDesk\Software
Set-WebConfigurationProperty -filter /system.webServer/directoryBrowse -name enabled -Value $true -PSPath IIS:\sites\LANDesk\LDLogon
}
$PSsession=New-PSSession$Server-Name$Server-ErrorActionStop
Invoke-Command-ComputerName$Server-ScriptBlock$script-ArgumentList$LDMSip
Remove-PSSession-Session$PSsession
}ELSE{ Write-Host"$Server -- Website Exists"}
#Cleanup
Get-PSSession | Remove-PSSession
del\\$Server\C$\list.txt
}#Next Server