Now that SharePoint 2010 is RTMed and available via MSDN and other means, there are a lot of people rebuilding their test environments for the shiny new code. I build a lot of test VMs, so I've automated some pieces of it. This blog post shows a PowerShell file I use to configure some aspects of a new test machine. The purpose isn't to provide you with settings you should use with your test environments, but more to show you the kind of things you can automate with PowerShell. Hopefully it'll jiggle something loose and you'll find ways to use PowerShell to automate your test environments. Here's the file I use:
# Add Active Directory Module
Import-Module ActiveDirectory
# Import accounts from users.csv into AD
Import-Csv .\users.csv | foreach-object {New-ADUser -SamAccountName $_.SamAccountName -Name $_.name -DisplayName $_.Name -Title $_.title -Enabled $true -ChangePasswordAtLogon $false -PasswordNeverExpires $true -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -force) -PassThru -WhatIf}
# Add sp_farm account to domain admins
Add-ADGroupMember -Identity "domain admins" -Members sp_farm
# Set AD password policy so passwords don't expire
Set-ADDefaultDomainPasswordPolicy contoso.com -ComplexityEnabled $false -MaxPasswordAge "3650" -PasswordHistoryCount 0 -MinPasswordAge 0
# Disable the loopback check
New-ItemProperty -path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa -name DisableLoopbackCheck -value 1 -PropertyType DWORD
# Set machine to log in automatically as sp_farm
New-ItemProperty -name DefaultUserName -value sp_farm -PropertyType string -path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
New-ItemProperty -name DefaultDomain -value contoso -PropertyType string -path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
New-ItemProperty -name DefaultPassword -value pass@word1 -PropertyType string -path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
New-ItemProperty -name AutoAdminLogon -value 1 -PropertyType string -path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
# Add ServerManager module for next few cmdlets
Import-Module Servermanager
# Add the PowerShell ISE because PowerShell rocks!
Add-WindowsFeature PowerShell-ISE
# Add the Desktop Experience
Add-WindowsFeature Desktop-Experience
restart-computer
You have to be using Windows 2008 R2 for this to work. Also, in my test environments SharePoint is installed on a domain controller in the Contoso domain. The first line adds the Active Directory module into our PowerShell console so that we can run the next three cmdlets. The next, very long line opens a file, users.csv and creates the users in Active Directory and sets their password to pass@word1. The users.csv I normally use looks like this:
Name,SamAccountName,Title
Todd Klindt,todd,SharePoint Consultant
SharePoint Farm,sp_farm,Service Account
SharePoint Service Apps,sp_serviceapps,SharePoint Service Application Account
It's fairly self-explanatory. If you want to add more fields, like Manager, you can add them to the CSV file, then call them in the foreach-object loop. The title you put in the first line is how you'll reference it in the loop.
The next line adds the sp_farm account to the domain admins group. Under normal circumstances this would not be necessary, but the install account has to be a local administrator and since we're installing a domain controller, that means it has to be the domain admins group. Finally I set the domain password policy so that passwords won't expire. I speak from experience when I say it stinks to fire up your VM for a presentation only to have everything fail because your passwords expired. No more!
Next I disable the loopback check. Again, in a production environment you wouldn't do this, but this is a test machine so it's okay. In production you should not use the disableloopbackcheck Registry key. Instead you should use the BackConnectionHostNames key and whitelist your server's aliases.
Speaking of things you would never do in production, the next few Registry keys set the VM to automatically log in as sp_farm. If you want to log as a different user you can log off or switch users to another user. You can also use a non Internet Explorer browser like Firefox to log into SharePoint easily as a different user.
Finally I add the Server Manager module for the last two cmdlets. They add the PowerShell ISE and the Desktop Experience. This makes PowerShell use a little easier, and the Desktop Experience is needed for the WebDAV components that make it possible to save files directory from Office clients to SharePoint. The Desktop Experience requires a reboot, so I threw that in at the end.
That's it. When writing this I learned how to set Registry keys and all the Active Directory stuff. This is another great example of just finding a task and knuckling down in PowerShell and figuring out how to do it.
tk