Introduction
Sometimes you want to create specific users when deploying/installing an Azure. This may be a bit tricky if you are not familiarized with IT topics. Here is a complete recipe to create a local group and local users.
Although I have tried this in an Azure solution, it may be helpful also for other kind of IIS-based platforms.
Required files
In order to run a script during installation, you need two files: a command file to launch the script, and the script file itself. In your Web Role Project
, insert both files; let's name them setup.cmd and setup.ps1
It is very important to configure both them with the "Copy always" property in order to be included in the deployment package. Both files will be placed in the bin
folder.
The first file is a batch file that will just launch the script with elevated permissions, so it will contain the following:
@echo off
powershell -command "Set-ExecutionPolicy Unrestricted" 2>> err.out
powershell .\setup.ps1 2>> err.out
Notice that if some error occurs, it will append the error message to a file called err.out
You can add more information there, like the date/time of deployment.
The second file will do the real job. It defines a reusable function to create the users and attach them to a group; then it creates the group if it doesn't exists and finally invoke the user creation function for all the users needed.
# Function to create users and assign them to a group
function createuser($username, $password)
{
$user = $server.Create("User", $username)
$user.SetPassword($password)
$user.SetInfo()
$user.psbase.invokeset("AccountDisabled", "False")
$user.SetInfo()
$group.add("WinNT://$servername/$username")
}
# Obtain a reference to the server object
$servername=[System.Net.Dns]::GetHostName()
$server=[ADSI]$server="WinNT://$servername"
# Create the group if it doesn't exist previously
$localGroups = $server.Children | where {$_.SchemaClassName -eq 'group'} | % {$_.name[0].ToString()}
if ($localGroups -NotContains "MyGroup")
{
$group = $server.Create("Group", "MyGroup")
$group.SetInfo()
$group.description = "Group of users created automatically"
$group.SetInfo()
}
# Create the users if they don't exist previously
$localUsers = $server.Children | where {$_.SchemaClassName -eq 'user'} | % {$_.name[0].ToString()}
if ($localUsers -NotContains "User1") { createuser "User1" "Password!One" }
if ($localUsers -NotContains "User2") { createuser "User2" "Password!Two" }
# etcetera
In order bring those files to life, you have to define a Task in your Azure's Cloud Project. Look for the file called ServiceDefinition.csdef
and insert a Task tag into the WebRole
section:
<ServiceDefinition xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition" schemaversion="2012-05.1.7" name="MyCloud">
<WebRole name="YourServiceName" vmsize="Small">
<Startup priority="1">
<Task taskType="simple" executionContext="elevated" commandLine="setup.cmd" />
</Startup>
</WebRole>