Skip Ribbon Commands
Skip to main content

Quick Launch

Todd Klindt's home page > Todd Klindt's Office 365 Admin Blog > Posts > Using PowerShell to set up a test environment
May 04
Using PowerShell to set up a test environment

Now that SharePoint 2010 is RTMed and available via MSDN and other means, there are a lot of people rebuilding their test environments for the shiny new code. I build a lot of test VMs, so I've automated some pieces of it. This blog post shows a PowerShell file I use to configure some aspects of a new test machine. The purpose isn't to provide you with settings you should use with your test environments, but more to show you the kind of things you can automate with PowerShell. Hopefully it'll jiggle something loose and you'll find ways to use PowerShell to automate your test environments. Here's the file I use:

# Add Active Directory Module

Import-Module ActiveDirectory

 

# Import accounts from users.csv into AD

Import-Csv .\users.csv | foreach-object {New-ADUser -SamAccountName $_.SamAccountName -Name $_.name -DisplayName $_.Name -Title $_.title -Enabled $true -ChangePasswordAtLogon $false -PasswordNeverExpires $true -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -force) -PassThru -WhatIf}

 

# Add sp_farm account to domain admins

Add-ADGroupMember -Identity "domain admins" -Members sp_farm

 

# Set AD password policy so passwords don't expire

Set-ADDefaultDomainPasswordPolicy contoso.com -ComplexityEnabled $false -MaxPasswordAge "3650" -PasswordHistoryCount 0 -MinPasswordAge 0

 

# Disable the loopback check

New-ItemProperty -path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa -name DisableLoopbackCheck -value 1 -PropertyType DWORD

 

# Set machine to log in automatically as sp_farm

New-ItemProperty -name DefaultUserName -value sp_farm -PropertyType string -path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'

New-ItemProperty -name DefaultDomain -value contoso -PropertyType string -path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'

New-ItemProperty -name DefaultPassword -value pass@word1 -PropertyType string -path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'

New-ItemProperty -name AutoAdminLogon -value 1 -PropertyType string -path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'

 

# Add ServerManager module for next few cmdlets

Import-Module Servermanager

 

# Add the PowerShell ISE because PowerShell rocks!

Add-WindowsFeature PowerShell-ISE

 

# Add the Desktop Experience

Add-WindowsFeature Desktop-Experience

 

restart-computer

 

You have to be using Windows 2008 R2 for this to work. Also, in my test environments SharePoint is installed on a domain controller in the Contoso domain. The first line adds the Active Directory module into our PowerShell console so that we can run the next three cmdlets. The next, very long line opens a file, users.csv and creates the users in Active Directory and sets their password to pass@word1. The users.csv I normally use looks like this:

Name,SamAccountName,Title

Todd Klindt,todd,SharePoint Consultant

SharePoint Farm,sp_farm,Service Account

SharePoint Service Apps,sp_serviceapps,SharePoint Service Application Account

It's fairly self-explanatory. If you want to add more fields, like Manager, you can add them to the CSV file, then call them in the foreach-object loop. The title you put in the first line is how you'll reference it in the loop.

The next line adds the sp_farm account to the domain admins group. Under normal circumstances this would not be necessary, but the install account has to be a local administrator and since we're installing a domain controller, that means it has to be the domain admins group. Finally I set the domain password policy so that passwords won't expire. I speak from experience when I say it stinks to fire up your VM for a presentation only to have everything fail because your passwords expired. No more!

Next I disable the loopback check. Again, in a production environment you wouldn't do this, but this is a test machine so it's okay. In production you should not use the disableloopbackcheck Registry key. Instead you should use the BackConnectionHostNames key and whitelist your server's aliases.

Speaking of things you would never do in production, the next few Registry keys set the VM to automatically log in as sp_farm. If you want to log as a different user you can log off or switch users to another user. You can also use a non Internet Explorer browser like Firefox to log into SharePoint easily as a different user.

Finally I add the Server Manager module for the last two cmdlets. They add the PowerShell ISE and the Desktop Experience. This makes PowerShell use a little easier, and the Desktop Experience is needed for the WebDAV components that make it possible to save files directory from Office clients to SharePoint. The Desktop Experience requires a reboot, so I threw that in at the end.

That's it. When writing this I learned how to set Registry keys and all the Active Directory stuff. This is another great example of just finding a task and knuckling down in PowerShell and figuring out how to do it.

tk

Comments

Followup with registering the accounts in your CSV into SP2010

Hey Todd,  I have been frantically listening to your netcasts for the past few weeks, hoping that I can catch up and start listening to you live.  As a result, you have given me some inspiration.  I have posted a follow-up from this post on how to add the service accounts that you put in the user.csv file into the Managed Accounts section of SharePoint 2010. http://woodssharepoint.wordpress.com/2010/11/30/register-managed-accounts-via-powershell/.  I hope you enjoy it, and let me know if there are any suggestions that you have to the post.

Thanks,
Jeremy Woods
twitter: @knighteagle
 on 11/30/2010 3:24 PM

Followup with registering the accounts in your CSV into SP2010

Hey Todd,  I have been frantically listening to your netcasts for the past few weeks, hoping that I can catch up and start listening to you live.  As a result, you have given me some inspiration.  I have posted a follow-up from this post on how to add the service accounts that you put in the user.csv file into the Managed Accounts section of SharePoint 2010. http://woodssharepoint.wordpress.com/2010/11/30/register-managed-accounts-via-powershell/.  I hope you enjoy it, and let me know if there are any suggestions that you have to the post.

Thanks,
Jeremy Woods
twitter: @knighteagle
 on 12/1/2010 10:42 AM

Re: Followup with registering the accounts in your CSV into SP2010

Great blog post. Good work. Thanks for listening to the netcasts.

tk
Todd O. KlindtNo presence information on 12/2/2010 10:51 AM

Thanks

Hi Todd,

Cheers for this post - I haven't really used PowerShell outside of SharePoint so it was interesting to see you using it in a wider context.

I mentioned this post on my recent "top 10 admin mistakes" blog over at http://www.benjaminathawes.com/blog/Lists/Posts/Post.aspx?ID=22.
 on 4/18/2011 2:19 PM

Re: Thanks

Thanks for the link, Benjamin. I appreciate it.

tk
Todd O. KlindtNo presence information on 4/18/2011 2:22 PM

Add Comment

Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. More information on content approval.

Title


Body *


Today's date *

Select a date from the calendar.
Please enter today's date so I know you are a real person

Twitter


Want a message when I reply to your comment? Put your Twitter handle here.

Attachments

 

 SysKit