Category Archives

98 Articles

Automatically building a Microsoft BI machine using PowerShell – Configuring PowerPivot (post #13)

This post is #13 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script
Post #6 – Disabling Internet Explorer Enhanced Security Configuration
Post #7 – Active Directory setup
Post #8 – Configuring Password policy
Post #9 – Installing System Center Endpoint Protection
Post #10 – Installing SQL Server
Post #11 – Installing SharePoint Server
Post #12 – Installing PowerPivot for SharePoint

Now that PowerPivot for SharePoint has been installed, we need to configure it. I split the configuration into two parts since we need a reboot in between and used MSDN for reference: http://msdn.microsoft.com/en-us/library/hh230903.aspx.

Step A: configuring SharePoint and deploying PowerPivot features

In Post #11 we talked about installing SharePoint, but the actual SharePoint provisioning was not done then. We will do it here in one go with installing PowerPivot features.

Function ConfigurePowerPivot
{
    Param(
        [Parameter(Mandatory=$true,HelpMessage="Passphrase required")]
        [ValidateNotNullOrEmpty()]
        $passphrase,
        [Parameter(Mandatory=$true)]
        [ValidateNotNullOrEmpty()]
        $Password
    )
    Write-Host "Step 8: Configure PowerPivot"
    try {
    #Load Configure PowerPivot ps1
    $scriptPath = Split-Path -parent $global:script
    . ('C:\Program Files\Microsoft SQL Server\120\Tools\PowerPivotTools\SPAddinConfiguration\Resources\ConfigurePowerPivot.ps1')
    
    #Create a user for SharePoint DB connection
    #if required, remove the ad user
    Get-ADUser -Filter {Identity -eq '$global:spAccount'} | Remove-ADUser
    CreateServiceAccount -AccountName $global:spAccount -DisplayName "SharePoint Farm account" -Description "Account for SharePoint Farm" -Path $global:path -Password $Password
    $spAccountFQ = $global:domainpart+"\"+$global:spAccount
    $pwd = convertto-securestring $Password -asplaintext -force
    & "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\BIN\psconfig.exe" -cmd configdb -create -server $global:HostName -database 'SharePoint_Config' -user $spAccountFQ -password $Password -passphrase $passphrase -admincontentdatabase 'SharePoint_Admin' -cmd helpcollections -installall -cmd secureresources -cmd services -install -cmd installfeatures -cmd adminvs -provision -port 2000 -windowsauthprovider onlyusentlm -cmd applicationcontent -install -cmd quiet 
    Add-PSSnapin Microsoft.SharePoint.PowerShell
    Add-SPSolution -LiteralPath 'C:\Program Files\Microsoft SQL Server\120\Tools\PowerPivotTools\SPAddinConfiguration\Resources\powerpivotfarmsolution.wsp'
    Add-SPSolution -LiteralPath 'C:\Program Files\Microsoft SQL Server\120\Tools\PowerPivotTools\SPAddinConfiguration\Resources\PowerPivotFarm14Solution.wsp'
    Add-SPSolution -LiteralPath 'C:\Program Files\Microsoft SQL Server\120\Tools\PowerPivotTools\SPAddinConfiguration\Resources\powerpivotwebapplicationsolution.wsp'
    DeployFarmSolution $false
    DeployWebAppSolutionToCentralAdmin $false
    Install-SPFeature -path PowerPivotFarm -Force
    Install-SPFeature -path PowerPivotFarm -Force -CompatibilityLevel 14
    Install-SPFeature -path PowerPivotCA -Force
    InstallSiteCollectionFeatures
    
    Write-Host "PowerPivot Part 1 Configured. Computer needs to be restarted before PowerPivot configuration can continue." -ForegroundColor Green
    if ($global:DoAllTasks) {
        Set-Restart-AndResume $global:script "9"
        }

    }
    catch {
        Write-Host "Failed to configure PowerPivot. Error: $_.Exception.Message" -ForegroundColor Red
    }
}

 

Step B: updating farm credentials and starting service applications

After the PowerPivot features have been deployed we need to configure Service Applications to get PowerPivot to work.

Function ConfigurePowerPivotPart2 {
    Param(
        [Parameter(Mandatory=$true,HelpMessage="Passphrase required")]
        [ValidateNotNullOrEmpty()]
        $passphrase,
        [Parameter(Mandatory=$true)]
        [ValidateNotNullOrEmpty()]
        $Password
    )

    try {
     #Load Configure PowerPivot ps1
    $scriptPath = Split-Path -parent $global:script
    . ('C:\Program Files\Microsoft SQL Server\120\Tools\PowerPivotTools\SPAddinConfiguration\Resources\ConfigurePowerPivot.ps1')
    Add-PSSnapin Microsoft.SharePoint.PowerShell
    Write-Host "DEBUG: updating Farm Credentials"
    $spAccountFQ = $global:domainpart+"\"+$global:spAccount
    stsadm.exe -o updatefarmcredentials -userlogin $spAccountFQ -password $Password
    Write-Host "DEBUG: New-PowerpivotSystemServiceInstance"
    New-PowerPivotSystemServiceInstance -Provision:$true
    Write-Host "DEBUG: New-PowerPivotServiceApplication"
    New-PowerPivotServiceApplication -ServiceApplicationName 'PowerPivot Service Application' -DatabaseServerName $global:HostName -DatabaseName 'PowerPivotServiceApplication' -AddToDefaultProxyGroup:$true
    Write-Host "DEBUG: Set-PowerPivotSystemService"
    Set-PowerPivotSystemService -Confirm:$false
    
    Write-Host "DEBUG: Creating user DefAppPool"
    $appAccountName = "DefAppPool"
    $appAccountNameFQ = $global:domainpart+"\"+$appAccountName
    CreateServiceAccount -AccountName $appAccountName -DisplayName "Default Application Pool" -Description "Service Account for Default Application Pool" -Path $global:path -Password $Password
    Write-Host "DEBUG: CreateWebApplication"
    CreateWebApplication 'SharePoint - 80' $global:HostName 'Default Application Pool' $appAccountNameFQ $pwd $global:HostName 'DefaultWebApplication'
    Write-Host "DEBUG: DeployWebAppSolution"
    DeployWebAppSolution $global:httpHostName 2047 $false
    Write-Host "DEBUG: New-SPSite"
    New-SPSite -Url $global:httpHostName -OwnerEmail 'me@example.com' -OwnerAlias $global:currentUserName -Template 'PowerPivot#0' -Name  'PowerPivot Site'
    Write-Host "DEBUG: EnableSiteFeatures"
    EnableSiteFeatures $global:httpHostName $true
    Write-Host "DEBUG: StartService SPWindowsTokenServiceInstance"
    StartService "Microsoft.SharePoint.Administration.Claims.SPWindowsTokenServiceInstance"
    Write-Host "DEBUG: StartSecureStoreService"
    StartSecureStoreService
    Write-Host "DEBUG: CreateSecureStoreApplicationService"
    CreateSecureStoreApplicationService $global:HostName 'Secure Store Service'
    Write-Host "DEBUG: CreateSecureStoreApplicationServiceProxy"
    CreateSecureStoreApplicationServiceProxy 'Secure Store Service' 'Secure Store Proxy'
    Write-Host "DEBUG: UpdateSecureStoreMasterKey"
    UpdateSecureStoreMasterKey 'Secure Store Proxy' $passphrase 
    Write-Host "DEBUG: CreateUnattendedAccountForDataRefresh"
    CreateUnattendedAccountForDataRefresh $global:httpHostName 'PowerPivotUnattendedAccount' 'PowerPivot Unattended Account for Data Refresh' $spAccountFQ $pwd
    Write-Host "DEBUG: StartService ExcelServerWebServiceInstance"
    StartService "Microsoft.Office.Excel.Server.MossHost.ExcelServerWebServiceInstance"
    Write-Host "DEBUG: New-SPExcelServiceApplication"
    New-SPExcelServiceApplication -name 'ExcelServiceApp1' -Default -ApplicationPool 'SharePoint Web Services System' | Get-SPExcelServiceApplication | Set-SPExcelServiceApplication | iisreset Set-SPExcelFileLocation -ExternalDataAllowed 2 -WorkbookSizeMax 200 -WarnOnDataRefresh:$false -ExcelServiceApplication 'ExcelServiceApp1' -identity 'http://'
    Write-Host "DEBUG: AddExcelBIServer"
    AddExcelBIServer
    Write-Host "DEBUG: SetECSUsageTracker"
    SetECSUsageTracker 'ExcelServiceApp1'
        
    Write-Host "PowerPivot Configured" -ForegroundColor Green
    if ($global:DoAllTasks) {
        Set-Restart-AndResume $global:script "10"
        }

    }
    catch {
        Write-Host "Failed to configure PowerPivot. Error: $_.Exception.Message" -ForegroundColor Red
    }

}

 

Now we have seen all the steps required to build a Microsoft BI demo machine! The next post will serve as a wrap up and present a download for the full script.

Automatically building a Microsoft BI machine using PowerShell – Installing PowerPivot for SharePoint (post #12)

This post is #12 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script
Post #6 – Disabling Internet Explorer Enhanced Security Configuration
Post #7 – Active Directory setup
Post #8 – Configuring Password policy
Post #9 – Installing System Center Endpoint Protection
Post #10 – Installing SQL Server
Post #11 – Installing SharePoint Server

Ok, now that both SQL Server and SharePoint Server are installed, we just need to set up PowerPivot for SharePoint and configure it. Easy huh? Well, it turns out it is pretty difficult to get it right. Installation is not difficult (this post) but the configuration is harder (the next post). Here is how to install PowerPivot. I used MSDN for the info: http://msdn.microsoft.com/en-us/library/ee210645.aspx.

Installing PowerPivot involves mounting the SQL Server Installation Media and calling the setup with the right parameters.

Function InstallPowerPivot
{
Param(
        [Parameter(Mandatory=$true)]
        [ValidateNotNullOrEmpty()]
        $Password
)
    Write-Log -Verbose  "Step 7: Install PowerPivot"
    #MOUNT SQL ISO
    $mountresult = Mount-DiskImage -ImagePath $global:pathToSQLISO -PassThru
    $driveLetter = ($mountresult | Get-Volume).DriveLetter
    $setupFile = $driveLetter+":\setup.exe"
    #Remove Service Account if it already existed
    Get-ADServiceAccount -Filter {Name -eq 'PP'} | Remove-ADServiceAccount
    $ppAccountName = "PP"
    $ppAccountNameFQ = $global:domainpart+"\"+$ppAccountName
    CreateServiceAccount -AccountName $ppAccountName -DisplayName "PowerPivot" -Description "Service Account for PowerPivot for SharePoint" -Path $global:path -Password $Password
    #do PP installation
    #trying with plain text pwd in call
    $process = Start-Process -NoNewWindow -Wait $setupFile -ArgumentList "/ACTION=INSTALL /IACCEPTSQLSERVERLICENSETERMS /Q /INSTANCENAME=POWERPIVOT /ERRORREPORTING=1 /SQMREPORTING=1 /ASSVCACCOUNT=$ppAccountNameFQ /ASSVCPASSWORD=$Password /ASSYSADMINACCOUNTS=$global:currentUserName /ROLE=SPI_AS_ExistingFarm"
    #SPI_AS_ExistingFarm
    
    #dismount
    Dismount-DiskImage -ImagePath $global:pathToSQLISO
    Write-Log -Verbose  "If above an error is shown please check out C:\Program Files\Microsoft SQL Server\120\Setup Bootstrap\Log\Summary.txt"
    Write-Log -Verbose  "PowerPivot Installed"
    if ($global:DoAllTasks) {
        Set-Restart-AndResume $global:script "9"
        }
}

Next time: configuring PowerPivot.

Automatically building a Microsoft BI machine using PowerShell – Installing SharePoint (post #11)

This post is #11 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script
Post #6 – Disabling Internet Explorer Enhanced Security Configuration
Post #7 – Active Directory setup
Post #8 – Configuring Password policy
Post #9 – Installing System Center Endpoint Protection
Post #10 – Installing SQL Server

Wow, so the last post was pretty intense, wasn’t it? I think we are ready for the next one: installing SharePoint. To build this script I used the following sources: http://social.technet.microsoft.com/wiki/contents/articles/14582.sharepoint-2013-install-prerequisites-offline-or-manually-on-windows-server-2012-a-comprehensive-guide.aspx#Installing_the_Roles_and_Features_for_SharePoint_2013_on_Windows_Server_2012_Offline_with_PowerShell and http://blogs.msdn.com/b/uksharepoint/archive/2013/03/18/scripted-installation-of-sharepoint-2013-and-office-web-apps-server-from-the-field-part-2.aspx.

Since this is again a quite lengthly script we will split it up in steps.

Step A: enabling IIS and other features

This step enables a whole load of features on Windows that are required by SharePoint, including IIS. If a restart is required, the script will reboot after the setup of the features. Some times your machine might reboot more than once to complete the setup of all these features.

Write-Log -Verbose  "Step 6: Install SharePoint"
Import-Module ServerManager
#Add .Net 4.5 features
Add-WindowsFeature NET-WCF-HTTP-Activation45,NET-WCF-TCP-Activation45,NET-WCF-Pipe-Activation45
#Add the rest of the needed features for IIS role
$result = Add-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support, AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer
if($result.RestartNeeded -eq "Yes")
{
    Set-Restart-AndResume $global:script "7"
}

 

Step B: Installing SharePoint Prerequisites

SharePoint itself has a number of prerequisites; in this still we will install them all.

#Mount SharePoint iso
$mountresult = Mount-DiskImage -ImagePath $global:pathToSharePointISO -PassThru
$driveLetter = ($mountresult | Get-Volume).DriveLetter
Write-Log -Verbose  "Installing SharePoint PreReqs...."
$setupFile = $driveLetter+":\prerequisiteinstaller.exe"
$process = Start-Process $setupFile -PassThru -Wait -ArgumentList "/unattended /SQLNCli:$global:SharePoint2013Path\PrerequisiteInstallerFiles\sqlncli.msi /IDFX:$global:SharePoint2013Path\PrerequisiteInstallerFiles\Windows6.1-KB974405-x64.msu /IDFX11:$global:SharePoint2013Path\PrerequisiteInstallerFiles\MicrosoftIdentityExtensions-64.msi /Sync:$global:SharePoint2013Path\PrerequisiteInstallerFiles\Synchronization.msi /AppFabric:$global:SharePoint2013Path\PrerequisiteInstallerFiles\WindowsServerAppFabricSetup_x64.exe /KB2671763:$global:SharePoint2013Path\PrerequisiteInstallerFiles\AppFabric1.1-RTM-KB2671763-x64-ENU.exe /MSIPCClient:$global:SharePoint2013Path\PrerequisiteInstallerFiles\setup_msipc_x64.msi /WCFDataServices:$global:SharePoint2013Path\PrerequisiteInstallerFiles\WcfDataServices.exe"

 

Step C: Installing SharePoint

SharePoint is installed in this step from the ISO that the script mounts.

if($process.ExitCode -eq 0) {
        #install sharepoint
        Write-Log -Verbose  "Installing SharePoint...."
        $path = $driveLetter+":\Setup.exe"
        $sharePointInstallProcess = Start-Process -Wait -PassThru $path -ArgumentList "/config $global:SharePoint2013Path\FarmSilentConfig.xml"
        switch($sharePointInstallProcess.ExitCode)
        {
            0 {
                Write-Log -Verbose  "SharePoint successfully installed"
                Write-Log -Verbose  "SharePoint Installed"
                if ($global:DoAllTasks) {
                    Set-Restart-AndResume $global:script "8"
                    }
            }
            default{
                Write-Log -Verbose  "An error has occured in installing SharePoint. Code: " $sharePointInstallProcess.ExitCode
            }
        }
    }
    else {
        if($process.ExitCode -eq 3010) {
            Write-Log -Verbose  "SharePoint prereqs install requires a reboot"
        }
        else {
            Write-Log -Verbose  "SharePoint prereqs not succesfully installed, please investigate.  Code: " $process.ExitCode
        }
    }

 

Step D: Cleaning up

This step simply unmounts the SharePoint installation media.

Dismount-DiskImage -ImagePath $global:pathToSharePointISO

 

Pff, are we done yet? No! Next up: Installing PowerPivot for SharePoint.

Automatically building a Microsoft BI machine using PowerShell – Installing SQL Server (post #10)

This post is #10 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script
Post #6 – Disabling Internet Explorer Enhanced Security Configuration
Post #7 – Active Directory setup
Post #8 – Configuring Password policy
Post #9 – Installing System Center Endpoint Protection

In this tenth post we will get to the heart of it: installing SQL Server. After this script completes we will have SQL Agent, SQL Database, Analysis Services (multidimensional and tabular), Integration Services, Data Quality Services, Master Data Services, FullText search, Filestreaming, Development and Management tools and Reporting Services (both native and SharePoint integrated mode) installed. This script will be lengthier than earlier scripts simply because there is a lot more to do. Info I used to create this script: http://msdn.microsoft.com/en-us/library/ms144259.aspx. Here we go.

Step A: creating new service accounts

In this step we first remove any service account that starts with ‘SQL Server’ and then create new serviceaccounts using the configured password.

#Remove Service Accounts for SQL in case they already exist
Get-ADServiceAccount -Filter {DisplayName -like 'SQL Server*'} | Remove-ADServiceAccount
#Create accounts
$sqlagentAccountName = "SQLAgent"
$ssasAccountName = "SSAS"
$sqldbAccountName = "SQLDB"
$ssisAccountName = "SSIS"
$ssrsAccountName = "SSRS"
$sqlagentAccountNameFQ = $global:domainpart+"\"+$sqlagentAccountName
$ssasAccountNameFQ = $global:domainpart+"\"+$ssasAccountName
$sqldbAccountNameFQ = $global:domainpart+"\"+$sqldbAccountName
$ssisAccountNameFQ = $global:domainpart+"\"+$ssisAccountName
$ssrsAccountNameFQ = $global:domainpart+"\"+$ssrsAccountName
     
CreateServiceAccount -AccountName $sqlagentAccountName -DisplayName "SQL Server Agent" -Description "Service Account for SQL Server Agent" -Path $global:path -Password $password
CreateServiceAccount -AccountName $ssasAccountName -DisplayName "SQL Server Analysis Services" -Description "Service Account for SQL Server Analysis Services" -Path $global:path -Password $password
CreateServiceAccount -AccountName $sqldbAccountName -DisplayName "SQL Server Database Engine" -Description "Service Account for SQL Server Database Engine" -Path $global:path -Password $password
CreateServiceAccount -AccountName $ssisAccountName -DisplayName "SQL Server Integration Services" -Description "Service Account for SQL Server Integration Services" -Path $global:path -Password $password
CreateServiceAccount -AccountName $ssrsAccountName -DisplayName "SQL Server Reporting Services" -Description "Service Account for SQL Server Reporting Services" -Path $global:path -Password $password

 

Step B: making sure required features are installed

In this step we make sure .NET 3.5 feature is enabled in Windows.

#Make sure the .Net 3.5 feature is enabled
Install-WindowsFeature –name NET-Framework-Core

 

Step C: Mounting the ISO and set up the parameters

We can now mount the SQL Server installation ISO and set up parameters for the setup to run with. We will do two phases (passes) since we cannot install both SSRS Native and SharePoint integrated mode and SSAS Multidimensional and Tabular mode in one go.

#Mount and Install SQL
    
$mountresult = Mount-DiskImage -ImagePath $global:pathToSQLISO -PassThru
$driveLetter = ($mountresult | Get-Volume).DriveLetter
$setupFile = $driveLetter+":\setup.exe"
#Run first pass of SQL Install: SQLDB,DQ,FullText,FileStreaming,AS,RSNative,DataQualityCLient,IS,MDS,Tools
$featuresPass1 = "SQL,AS,RS,DQC,IS,MDS,TOOLS"
$featuresPass2 = "AS,RS_SHP,RS_SHPWFE"

 

Step D: do the actual installations

Now we execute SQL Server setup with the right argument list. This configures instance names, service accounts and passwords and the features to install. The install will be silent.

Start-Process $setupFile -NoNewWindow -Wait -ArgumentList "/ACTION=INSTALL /IACCEPTSQLSERVERLICENSETERMS /Q /INSTANCENAME=MSSQLSERVER /ERRORREPORTING=1 /SQMREPORTING=1 /AGTSVCACCOUNT=$sqlagentAccountNameFQ /AGTSVCPASSWORD=$Password /ASSVCACCOUNT=$ssasAccountNameFQ /ASSVCPASSWORD=$Password /ASSERVERMODE=MULTIDIMENSIONAL /ASSYSADMINACCOUNTS=$global:currentUserName /SQLSVCACCOUNT=$sqldbAccountNameFQ /SQLSVCPASSWORD=$Password /SQLSYSADMINACCOUNTS=$global:currentUserName /FILESTREAMLEVEL=1 /ISSVCACCOUNT=$ssisAccountNameFQ /ISSVCPASSWORD=$Password /RSINSTALLMODE=DefaultNativeMode /RSSVCACCOUNT=$ssrsAccountNameFQ /RSSVCPASSWORD=$Password /FEATURES=$featuresPass1"
Write-Log -Verbose  "SQL Server Installation Pass 1 completed: SQL, AS Multidimensional, RS Native, Data QUality Client, DQS IS, MDS, TOOLS, FullText, FileStreaming"
Start-Process $setupFile -NoNewWindow -Wait -ArgumentList "/ACTION=INSTALL /IACCEPTSQLSERVERLICENSETERMS /Q /INSTANCENAME=TABULAR /ERRORREPORTING=1 /SQMREPORTING=1 /ASSVCACCOUNT=$ssasAccountNameFQ /ASSVCPASSWORD=$Password /ASSERVERMODE=TABULAR /ASSYSADMINACCOUNTS=$global:currentUserName /FEATURES=$featuresPass2"
Write-Log -Verbose  "SQL Server Installation Pass 2 completed: RS SharePoint, AS Tabular"

 

Step E: wrapping up

In this step we unmount the SQL Server installation media and write to the log.

Dismount-DiskImage -ImagePath $global:pathToSQLISO
Write-Log -Verbose  "SQL Server Installed"
if ($global:DoAllTasks) {
   Set-Restart-AndResume $global:script "7"
}

 

 

Next step: installing SharePoint

Automatically building a Microsoft BI machine using PowerShell – Installing System Center Endpoint Protection (post #9)

This post is #9 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script
Post #6 – Disabling Internet Explorer Enhanced Security Configuration
Post #7 – Active Directory setup
Post #8 – Configuring Password policy

Although in the last step we configured a very permissive password policy we need a bit of security, so that is why I opted to install System Center Endpoint Protection. Now, in Azure you can also have extensions for security (both with Microsoft and 3rd party security products) so probably you will never install System Center Endpoint protection yourself, but for the sake of reference, here is how to install it using PowerShell.

Function InstallSystemCenterEndpointProtection
{
    Write-Log -Verbose  "Step 4: Install System Center Endpoint Protection"
    Start-Process .\Resources\SystemCenterEndpointProtection\scepinstall.exe -Wait -ArgumentList "/s /q" #-NoNewWindow
    Write-Log -Verbose  "System Center Endpoint Protection Installed"
    if ($global:DoAllTasks) {
        Set-Restart-AndResume $global:script "6"
        }
}

Next step: installing SQL Server

Automatically building a Microsoft BI machine using PowerShell – Password policy (post #8)

This post is #8 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script
Post #6 – Disabling Internet Explorer Enhanced Security Configuration
Post #7 – Active Directory setup

In this step we will configure a very permissive password policy. This of course requires that the previous step (setting up Active Directory) has successfully completed. The password policy set using this script is only suitable for demo environments since it is very, very (did I say very?) permissive; it sets a minimal password length of 0, does not record any history of passwords (you can re-use your password again and again), passwords never expire and do not have to follow complexity rules. So, even an empty password is allowed (although not recommended since your Windows services will then not start). However, having ‘1234’ as password would work perfectly under this policy (and no, this is not the password I use for my demo machines).

Function ConfigurePasswordPolicy {
    Param(
        [Parameter(Mandatory=$true,HelpMessage="Domain name required, please specify in format yyy.zzz")]
        [ValidateNotNullOrEmpty()]
        $DomainName
    )
    Write-Log -Verbose  "Step 3: Configure Password Policy"
   try {
    Set-ADDefaultDomainPasswordPolicy -Identity $DomainName -MinPasswordLength:0 -PasswordHistoryCount:0 -MaxPasswordAge:0 -MinPasswordAge:0 -ComplexityEnabled:$false
    Write-Log -Verbose  "Password Policy Configured"
    if ($global:DoAllTasks) {
        Set-Restart-AndResume $global:script "5"
    }
    }
    catch {
    Write-Log -Verbose  "Failed to configure Password Policy. Error: $_.Exception.Message"
    }
}

 

Next step: installing System Center Endpoint protection

Power BI and Cortana integration explored

With the big news of the Power BI and Cortana integration I could not wait until next week to publish this short video of me demo-ing this cool technology! In the video I ask Cortana a couple of questions on stats from my a part of my blog that I record using Google Analytics. How cool is that? This shows the unique ability of Microsoft to integrate a BI technology such as Power BI with Windows to make it very easy for users to get the information they need when they need it where they need it. Do you speak BI? Great stuff don’t you think?

Automatically building a Microsoft BI machine using PowerShell – Active Directory Setup (post #7)

This post is #7 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script
Post #6 – Disabling Internet Explorer Enhanced Security Configuration

In this step we will set up Active Directory. This script has been inspired on http://blogs.technet.com/b/ashleymcglone/archive/2013/04/18/touch-free-powershell-dcpromo-in-windows-server-2012.aspx.

#Set up Active Directory
#source: http://blogs.technet.com/b/ashleymcglone/archive/2013/04/18/touch-free-powershell-dcpromo-in-windows-server-2012.aspx
Function SetupActiveDirectory {
    Param(
        [Parameter(Mandatory=$true,HelpMessage="Domain name required, please specify in format yyy.zzz")]
        [ValidateNotNullOrEmpty()]
        $DomainName
    )
    Write-Log -Verbose  "Step 2: Set up Active Directory"
    
    try {
        Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
        if ($global:DoAllTasks) {
            Set-Restart-AndResume $global:script "3"
        }
    }
    catch {
        Write-Log -Verbose  "Failed to set up Active Directory. Error: $_.Exception.Message"
    }
}
Function SetupActiveDirectoryPart2 {
    Param(
        [Parameter(Mandatory=$true,HelpMessage="Domain name required, please specify in format yyy.zzz")]
        [ValidateNotNullOrEmpty()]
        $DomainName
    )
    Write-Log -Verbose  "Step 2: Set up Active Directory"
    
    try {
        Import-Module ADDSDeployment
        $dotposition = $DomainName.LastIndexOf('.')
        $netbiosname = $DomainName.Substring(0,$dotposition)
        $result = Install-ADDSForest -DomainName $DomainName -InstallDNS:$true -Confirm:$false -NoRebootOnCompletion:$true -Force:$true -DatabasePath "C:\Windows\NTDS" -DomainMode Win2012R2 -ForestMode Win2012R2 -LogPath "C:\Windows\NTDS" -SysvolPath "C:\Windows\SYSVOL" -DomainNetbiosName $netbiosname
        Write-Log -Verbose  "Active Directory set up done"
        if ($global:DoAllTasks) {
            Set-Restart-AndResume $global:script "4"
        }
    }
    catch {
        Write-Log -Verbose  "Failed to set up Active Directory. Error: $_.Exception.Message"
    }
}

 

Next step: configuring a very permissive password policy.

Automatically building a Microsoft BI machine using PowerShell – Disabling Internet Explorer Enhanced Security Configuration (post #6)

This post is #6 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure
Post #5 – Master script

In this step we will disable the Internet Explorer Enhanced Security Configuration. In general IEESC is a great idea, but on demo machines it is not very useful and makes the demo less usable. This script comes from http://itproctology.blogspot.nl/2013/09/powershell-to-disable-ie-enhanced.html:

#Disables Internet Explorer Enhanced Security Configuration
#source: http://itproctology.blogspot.nl/2013/09/powershell-to-disable-ie-enhanced.html
Function DisableIEESC {
    Write-Log -Verbose "Step 1: Disable Internet Explorer Enhanced Security"
    try {
        $AdminKey = “HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}”
        $UserKey = “HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}”
        Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 0
        Set-ItemProperty -Path $UserKey -Name “IsInstalled” -Value 0
        Stop-Process -Name Explorer
        Write-Log -Verbose  "IE ESC succesfully disabled"
        if ($global:DoAllTasks) {
            Set-Restart-AndResume $global:script "2"
        }
    }
    catch {
        Write-Log -Verbose  "Failed to disable IE ESC. Error: $_.Exception.Message"
    }
}

Next step: set up Active Directory.

Automatically building a Microsoft BI machine using PowerShell – master script (post #5)

This post is #5 in the series to automatically build a Microsoft BI machine using PowerShell – see the start of series.

In this series so far:

Start of series – introduction and layout of subjects
Post #2 – Preparation: install files using Azure disk
Post #3 – Preparation: install files using Azure File Service
Post #4 –Preparation: logging infrastructure

Now that we have our preparation completed, it is time to present the master script. This script will be called by the user with parameters specifying what to install; also this script will call other scripts to install components and potentially reboot the machine and resume working. My master script is called ‘SetupMSBIDemoMachine.ps1’. It has one master switch called -DoAllTasks, what does as it says. Also, it provides switches to just executed a part of the total install, such as just installing SQL Server by specifying –InstallSQLServer. Optionally, this script can do automatic reboots of the server and auto-resume working after the reboot; very useful when –DoAllTasks is specified.

A sample call that would complete the full install with a certain domainname and passphrase (for SharePoint) and also auto reboots the machine would look like this:

.\SetupMSBIDemoMachine -DoAllTasks -DomainName mydomain.local -passphrase pass@word1 -AutoReboot

Just running .\SetupMSBIDemoMachine -? returns the following info, which shows all the parameters available. The parameters map to the steps outline in the start of this series. Again, -DoAllTasks would mean just executing these steps in turn.

NAME
    C:\Users\jterh\OneDrive - Microsoft\Demo Machine\SetupMSBIDemoMachine.ps1
    
SYNOPSIS
    Installs and sets up a MSBI Demo Machine in a number of steps
    
    
SYNTAX
    C:\Users\jterh\OneDrive - Microsoft\Demo Machine\SetupMSBIDemoMachine.ps1 [-DisableIEESC] 
    [-SetupActiveDirectory] [[-DomainName] ] [-ConfigurePasswordPolicy] 
    [-InstallSystemCenterEndpointProtection] [-InstallSQLServer] [-InstallSharePoint] 
    [-InstallPowerPivot] [-ConfigurePowerPivot] [-ConfigurePowerPivotPart2] [[-passphrase] ] 
    [-DoAllTasks] [[-Password] <String>] [[-Step] <String>] [-AutoReboot] [<CommonParameters>]
    
    
DESCRIPTION
    

RELATED LINKS

REMARKS
    To see the examples, type: "get-help C:\Users\jterh\OneDrive - Microsoft\Demo 
    Machine\SetupMSBIDemoMachine.ps1 -examples".
    For more information, type: "get-help C:\Users\jterh\OneDrive - Microsoft\Demo 
    Machine\SetupMSBIDemoMachine.ps1 -detailed".
    For technical information, type: "get-help C:\Users\jterh\OneDrive - Microsoft\Demo 
    Machine\SetupMSBIDemoMachine.ps1 -full".

 

Part 1: Parameter binding

[CmdletBinding()]
Param(
[switch]$DisableIEESC,
[switch]$SetupActiveDirectory,
[string]$DomainName,
[switch]$ConfigurePasswordPolicy,
[switch]$InstallSystemCenterEndpointProtection,
[switch]$InstallSQLServer,
[switch]$InstallSharePoint,
[switch]$InstallPowerPivot,
[switch]$ConfigurePowerPivot,
[switch]$ConfigurePowerPivotPart2,
[string]$passphrase,
[switch]$DoAllTasks,
[string]$Password="pass@word1",
[string]$Step="1",
[switch]$AutoReboot=$false
)

This part of the script binds to the parameters and specifies defaults for the password to be used for service accounts and the internal $Step variable. Also, note that by default AutoReboot is disabled.

 

Part 2: Imports

# -------------------------------------
# Imports
# -------------------------------------
$global:script = $myInvocation.MyCommand.Definition
$scriptPath = Split-Path -parent $global:script
. (Join-Path $scriptpath RestartAndResumeFunctions.ps1)
. (Join-Path $scriptpath DisableIEESC.ps1)
. (Join-Path $scriptPath Set-Restart-AndResume.ps1)
. (Join-Path $scriptPath SetupActiveDirectory.ps1)
. (Join-Path $scriptPath ConfigurePasswordPolicy.ps1)
. (Join-Path $scriptPath InstallSystemCenterEndpointProtection.ps1)
. (Join-Path $scriptPath CreateServiceAccount.ps1)
. (Join-Path $scriptPath InstallSQLServer.ps1)
. (Join-Path $scriptPath InstallSharePoint.ps1)
. (Join-Path $scriptPath InstallPowerPivot.ps1)
. (Join-Path $scriptPath ConfigurePowerPivot.ps1)

This part join-paths to make sure we have all the items we need; the script uses restart and resume functions as an include, these functions enable auto restart and resume of the tasks (available in RestartAndResumeFunctions.ps1). The other scripts included here are the scripts that actually do the work of installing and configuring services.

 

Part 3: Parameter passing

$global:DoAllTasks = $DoAllTasks
$global:AutoReboot = $AutoReboot
Set-Location $scriptPath

#get the passed parameters
$Myparameters = $myinvocation.BoundParameters
#remove step from the list
$Myparameters.Remove("Step")
#build parameter string
$global:line = ""
foreach ($key in $Myparameters.keys)
{
    $value = (get-variable $key).Value 
    #is this a switch
    if($value -eq $true) {
        $global:line+= " -"+$key
    }
    else
    {
        $global:line+=" -"+$key+" "+$value
    }
}

This part is used to pass parameters between the master script and downstream scripts, even after auto reboot.

 

Part 4: Setting global variables

#Set the hostname
$global:HostName = hostname
$global:HostNameFull = $HostName
$global:HostNameFull += ".cloudapp.net"
$global:httpHostName = "http://"
$global:httpHostName += $HostName
#Set current user name
$global:currentUserName = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name;
#Path to SQL ISO
$global:pathToSQLISO = ".\Resources\SQLServer2014DeveloperEdition\en_sql_server_2014_developer_edition_x64_dvd_3940406.iso"
$global:pathToSQLISO = Resolve-Path $global:pathToSQLISO
#Path to SHarePoint ISO
$global:pathToSharePointISO = ".\Resources\SharePoint2013\en_sharepoint_server_2013_with_sp1_x64_dvd_3823428.iso"
$global:pathToSharePointISO = Resolve-Path $global:pathToSharePointISO
#Path to SharePoint Prerequisites
$global:SharePoint2013Path = ".\Resources\SharePoint2013"
$global:SharePoint2013Path = Resolve-Path $global:SharePoint2013Path
#Domain Vars
#$global:path = "CN=Managed Service Accounts,"
$global:path = "CN=Users,"
$global:root = [ADSI]''
$global:dn = $global:root.distinguishedName
$global:path += $global:dn
$global:domainpart = (gwmi Win32_NTDomain).DomainName
#SPFarm Account Name
$global:spAccount = "SPFarm"

Here some items are set up, such as the hostname of the machine, the current user name, the paths to ISO files for SharePoint and SQL. Also, the account name for the SharePoint farm account is specified here.

 

Part 5: the actual program

#ACTUAL PROGRAM

#STEP 1 - Disable IE ESC
if ($DisableIEESC -or ($DoAllTasks -and (Should-Run-Step "1"))) {
    DisableIEESC
}
#Step 2 - Setup AD
if ($SetupActiveDirectory -or ($DoAllTasks -and (Should-Run-Step "2"))) {
    SetupActiveDirectory -DomainName $DomainName
}
#Step 3 - Configure Password Policy
if ($ConfigurePasswordPolicy -or ($DoAllTasks -and (Should-Run-Step "3"))) {
    ConfigurePasswordPolicy -DomainName $DomainName
}
#Step 4 - Install System Center Endpoint Protection
if($InstallSystemCenterEndpointProtection -or ($DoAllTasks -and (Should-Run-Step "4"))) {
    InstallSystemCenterEndpointProtection
}
#Step 5 - Install SQL Server
if($InstallSQLServer -or ($DoAllTasks -and (Should-Run-Step "5"))) {
    InstallSQLServer -Password $Password
}
#Step 6- Install SharePoint
if($InstallSharePoint -or ($DoAllTasks -and (Should-Run-Step "6"))) {
    InstallSharePoint
}
#Step 7- Install PowerPivot
if($InstallPowerPivot -or ($DoAllTasks -and (Should-Run-Step "7"))) {
    InstallPowerPivot -Password $Password
}
#Step 8 - Configure PowerPivot
if($ConfigurePowerPivot -or ($DoAllTasks -and (Should-Run-Step "8"))) {
    ConfigurePowerPivot -passphrase $passphrase -Password $Password
}
#Step 9 - Configure PowerPivot Part 2
if($ConfigurePowerPivotPart2 -or ($DoAllTasks -and (Should-Run-Step "9"))) {
    ConfigurePowerPivotPart2 -passphrase $passphrase -Password $Password
}

This part of the script calls the right downstream execution script with the right parameters.

Up next: the script that disables Internet Explorer Enhanced Security Configuration.

%d bloggers like this: